Arthur Outhenin-Chalandre
4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default ( #9662 )
...
In 6db6c8678c
, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
R. P. Taylor
0ff883afeb
streamline ansible_default_ipv4 gathering loop ( #9281 )
2023-01-05 11:59:58 -08:00
tu1h
791064a3d9
Allow custom timeout for kubeadm init ( #9617 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2022-12-27 00:53:28 -08:00
yanggang
f8d6b54dbb
Add hashes for 1.25.5, 1.24.9, 1.23.15 and make v1.25.5 default ( #9557 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-12-11 16:45:33 -08:00
yanggang
9439487219
Add hashes for 1.25.4, 1.24.8, 1.23.14 and make v1.25.4 default ( #9479 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-11-10 20:00:09 -08:00
Kay Yan
ccbe38f78c
make-kube-1.25-default ( #9364 )
2022-10-20 00:56:57 -07:00
Maxime Leroy
d9c39c274e
fix(defaults): wrong cri_socket path for containerd ( #9401 )
2022-10-18 00:15:18 -07:00
Mohamed Zaian
5ad1d9db5e
[kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default ( #9397 )
2022-10-17 05:59:07 -07:00
Unai Arríen
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
Kay Yan
999586a110
sysctl_additional ( #9351 )
2022-10-02 23:06:14 -07:00
Florian Ruynat
841e2f44c0
Remove references to 1.22 ( #9342 )
2022-09-28 14:10:29 -07:00
Federico Cucinella
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
Mohamed Zaian
76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default ( #9308 )
2022-09-22 04:13:03 -07:00
Mohamed Zaian
680293e79c
[kubernetes] Add hashes for 1.24.5, 1.22.14, 1.23.11 and make v1.24.5 default ( #9286 )
2022-09-19 02:10:31 -07:00
Cristian Calin
6db6c8678c
disable kubelet_authorization_mode_webhook by default ( #9238 )
2022-08-31 04:53:00 -07:00
Mohamed Zaian
ab938602a9
[kubernetes] Add hashes for 1.24.4, 1.22.13, 1.23.10 and make v1.24.4 default ( #9191 )
2022-08-21 23:11:44 -07:00
Mohamed Zaian
91073d7379
[kubernetes] make v1.24.3 default ( #9101 )
2022-07-19 02:58:06 -07:00
Mohamed Zaian
e4fe679916
[kubernetes] make v1.24.2 default
2022-06-17 11:08:33 -07:00
Alessio Greggi
97b4d79ed5
feat: make kubernetes owner parametrized ( #8952 )
...
* feat: make kubernetes owner parametrized
* docs: update hardening guide with configuration for CIS 1.1.19
* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
Florian Ruynat
9e7f89d2a2
Remove forgotten 1.21 references
2022-06-16 08:55:38 +02:00
Calin Cristian Andrei
24c8ba832a
[kubernetes] drop support for configuring insecure apiserver
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
2cd8c51a07
[kubeadm] use v1beta3 configuration version
...
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
fad296616c
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
2de5c4821c
[calico] clean up workarounds for older versions
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
ae1dcb031f
[kubernetes] drop pre 1.22.0 workarounds
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
9535a41187
[kubernetes] make 1.22.0 the minimum version
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
d69d4a8303
[kubernetes] make 1.24.1 the new default
2022-06-15 00:57:20 -07:00
Mohamed Zaian
78aacee21b
[kubernetes] add hashes for 1.24.1 and other versions. ( #8876 )
...
* [kubernetes] add hashes for 1.24.1 and other versions.
versions: v1.21.13, v1.22.10, v1.23.7 & v1.24.1
* [kubernetes] make v1.23.7 default1
2022-05-27 12:00:42 -07:00
Samuel Liu
f26f544ff6
[kube-ovn]: update kube-ovn version and sync some feature ( #8790 )
...
* [kube-ovn]: some feature
kube-ovn vlan mode
ipv6/ipv4 dual stack
...
* remove unused env
* fix readinessprobe
2022-05-11 21:35:15 -07:00
Cristian Calin
56cf163a23
[kubernetes] actually make 1.23.6 the default ( #8767 )
2022-05-02 00:43:14 -07:00
Julien Le Fur
30306d6ec7
Enable external CA mode for control-plane deployment ( #8620 )
2022-04-12 05:47:23 -07:00
Robin Wallace
d7254eead6
UpCloud integration ( #8653 )
...
* [upcloud] add upcloud csi-driver
* Option to use ansible_host as api ip for kubueconfig
2022-04-11 15:13:23 -07:00
Samuel Liu
424ef3b3f9
[calico] add calico apiserver ( #8690 )
...
* [calico] add calico apiserver
* fix yamllint
* remove addext argument
* Configure API server with the CA bundle
* add check kdd
2022-04-08 00:02:42 -07:00
Mathieu Parent
996ef98b87
Add support for kube-vip ( #8669 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2022-04-07 10:37:57 -07:00
Alessio Greggi
bba91a7524
split kube_feature_gates variable for different kubernetes components ( #8677 )
...
* feat: split kube_feature_gates variable for different kubernetes components
* docs: add kube_feaute_gates componet variables
2022-04-05 05:39:37 -07:00
Calin Cristian Andrei
538f9df5cc
[kubernetes] make 1.23.5 the default
2022-03-17 05:03:20 -07:00
Cristian Calin
394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim ( #8623 )
2022-03-16 16:28:11 -07:00
Tom Janson
2e925f82ef
Revert "Fix: typos in docs and comments ( #7805 )" ( #8592 )
...
This reverts commit 417180246c
.
2022-03-02 11:57:13 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat
d4f654275b
Set default kubernetes version to 1.23.4
2022-02-21 03:54:11 -08:00
Michael Schmitz
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations ( #8395 )
...
* Use sysctl_file_path variable for all sysctl_file locations
* Add sysctl_file_path variable to kubespay-defaults
* Remove previously used sysctl file locations if present
* Use explicit filename in roles/kubernetes/node/defaults/main.yml
* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Samuel Liu
e6e7fbc25f
fix reset containerd_storage_dir undefined ( #8478 )
...
* fix reset containerd_storage_dir
* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00
Ilya Margolin
7d4d554436
Document host_resolvconf as default value for resolvconf_mode ( #8493 )
...
refs #8247
2022-01-31 03:12:24 -08:00
Calin Cristian Andrei
ababcd5481
[kube] make 1.23.3 the new default
2022-01-31 00:22:24 -08:00
Calin Cristian Andrei
be9a1f80c1
[kube] make 1.23.2 the default version
2022-01-24 11:59:33 -08:00
Victor Morales
e88aa7c96b
Add youki runtime support ( #8411 )
2022-01-21 14:01:07 -08:00
Johann Schley
38d129a0b6
add external hcloud cloud controller manager ( #8440 )
2022-01-20 12:31:09 -08:00
Unai Arríen
57a1d18db3
Improve first_kube_control_plane variable management to avoid installation failures due to variable overlapping ( #8388 )
2022-01-10 01:35:19 -08:00
rtsp
aa4a3d7afd
Fix container engine still installed on dedicated etcd node even if `etcd_deployment_type: host` ( #8386 )
2022-01-10 01:35:12 -08:00
Kenichi Omichi
51bd9bee0d
Move containerd_version to defaults/main.yml ( #8379 )
...
All container image versions were defined in download/defaults/main.yml
except containerd.
The inconsistency caused the offline script(generate_list.sh) could not
output the URL of containerd image.
This moves the definition into a valid file.
In addition, this adds host_os to generate_list.sh for downloading
krew from a valid URL.
2022-01-09 01:47:12 -08:00