kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,888 Commits
29 Branches
81 Tags
163 MiB
Commit Graph

975 Commits (4f27bc2bf92f40168b995f86d6873087a755477b)

Author SHA1 Message Date
Navid Nabavi 4313c13656
[feature] Add coredns_additional_configs to handle any extra configurations for coredns deployment (#10023) (#10025) 2023-05-09 06:45:58 -07:00
Eugene Marchanka c880b24a80
[MetalLB] Remove unused resources (#10004) 
* Fix MetalLB deploy

This will fix MetalLB deploy

* Remove `metallb_ip_range` check

* Remove missing `metallb-config.yml`

* fix template name

* make deployment of layer3 conditional

* revert

* revert
 2023-05-08 17:20:52 -07:00
Mohamed Omar Zaian a505a4c71f
[feat] Update metrics server to v0.6.3 (#10026) 2023-04-26 04:10:16 -07:00
pli 8727f88e41
metrics_server: add extras nodeselector, affinity, tolerations (#9972) 
* metrics_server: add extras nodeselector, affinity, tolerations

* fix tolerations invalid YAML if undefined
 2023-04-26 00:30:16 -07:00
Mohamed Omar Zaian 4deeaba335
[feature] Update dns-autoscaler (#9996) 2023-04-24 02:47:01 -07:00
Jeroen Rijken 709ae1d244
Update MetalLB and switch to CRD notation. (#9120) 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2023-04-14 01:14:41 -07:00
Mohamed Omar Zaian ed6f8df784
[feature] Update CoreDNS manifests (#9977) 2023-04-12 21:38:35 -07:00
Eugene Marchanka eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook (#9946) 
* Fix: vSphere Error: `Apply a CSI secret manifest`

This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true                                                                                                                                                 
  censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```

* create namespace if does not exist

* lint fix

* try to fix lint errors

* fix `too few spaces before comment`

* change the order of applied manifests

* typo
 2023-04-09 22:13:15 -07:00
Dominykas Norkus 5e2cb4d244
Add bind address variable to OCCM (#9958) 2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian dff58023d9
[argocd] update argocd to v2.6.7 (#9953) 2023-04-04 12:01:43 -07:00
Mathias Petermann dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided (#9922) 2023-03-27 08:12:28 -07:00
panguicai 1555d78155
upgrade argocd to v2.6.3 (#9848) 
Signed-off-by: panguicai008 <1121906548@qq.com>
 2023-03-03 06:44:58 -08:00
Eugene Artemenko 5cbcec8968
Add resources section to all containers releated to Vsphere CSI driver (#9687) 2023-02-27 02:36:20 -08:00
Mohamed Zaian 260dad8f10
[ingress-nginx] upgrade to 1.6.4 (#9818) 2023-02-23 01:35:34 -08:00
pli 4ba1df5237
Fix kubernetes-app/argocd: download related things with the download role (#9786) 
* Fix yq install in argocd role: use download_file instead of get_url

* Fix use download_file instead of get_url to download argocd-install manifest in argocd role

* Fix order and add arm64 checksum

* Fix: Failed to template loop_control.label: 'None'
 2023-02-19 16:11:37 -08:00
Bas 2c93c997cf
pre-commit autocorrected files (#9750) 2023-02-06 01:35:16 -08:00
manzsolutions-lpr 6c41191646
Add support for PodSecurityStandards (#9713) 2023-02-06 01:27:01 -08:00
Kevin Huang 1853085ffe
feat(cinder-csi): Allow deletionPolicy to be configurable (#9736) 2023-02-02 15:46:28 -08:00
stelucz 9247137e60
Replace label `k8s-app: nodelocaldns` in DaemonSet template by `k8s-app: node-local-dns` (#9745) 2023-02-02 15:42:28 -08:00
杨刚 (成都) e8f048c71d
[argocd] update argocd to v2.5.10 (#9753) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-02-02 15:38:29 -08:00
杨刚 (成都) b9a34b83d4
[argocd] update argocd to v2.5.9 (#9723) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-28 19:14:33 -08:00
杨刚 8d6cfd6e53
[argocd] update argocd to v2.5.8 (#9708) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-27 00:14:25 -08:00
ERIK ee2193d4cf
Add dns configuration for cert manager (#9673) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-01-23 17:42:15 -08:00
yanggang fd80ef1ff1
[argocd] update argocd to v2.5.7 (#9682) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-18 15:38:34 -08:00
Arthur Outhenin-Chalandre 4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default (#9662) 
In 6db6c8678c, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-01-16 23:56:32 -08:00
Vitaly Yakovenko d919c58e21
[multus] added support for mixed type of container engine (#9224) 
* [multus] added support for mixed type of container engine

* [multus] fixed for using with cluster/upgrade-cluster/scale playbooks
 2023-01-16 23:30:33 -08:00
Mohamed Zaian c7cffb14a7
[cert-manager] update cert-manager to v1.11.0 (#9661) 2023-01-16 02:36:51 -08:00
yanggang 6b4bb2a121
[argocd] update argocd to v2.5.6 (#9654) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-15 21:16:50 -08:00
László Rafael ea35021c96
Add defaults for external_vsphere_user and external_vsphere_password in the vsphere csi_driver (#9664) 2023-01-14 14:24:14 -08:00
Marijn van der Giesen 0d5bcd3e20
feat(coredns): Forward extra domains to coredns kubernetes plugin (#9635) 2023-01-05 06:57:58 -08:00
Marijn van der Giesen ab80342750
[feat] Add custom options to coredns kubernets plugin (#9608) 2022-12-27 18:21:27 -08:00
Maxime Leroy 9fe89a0641
fix(apps): cinder: wrong rbac for csi-snapshotter-role (#9610) 2022-12-27 00:45:28 -08:00
Mohamed Zaian 438da0c8e6
[argocd] update argocd to v2.5.5 (#9604) 2022-12-22 00:53:25 -08:00
Robin Wallace ccf60fc9ca
upcloud: Delete default reclaim policy (#9574) 2022-12-14 16:15:34 -08:00
JSpon 94eae6a8dc
adjust calico-kube-controller to use hostNetwork when using etcd as datastore (#9573) 2022-12-13 20:41:34 -08:00
Ugur Can Ozturk a0f41bf82a
[metrics_server]: Enabled HA mode by adding 'metrics_server_replicas'… (#9539) 
* [metrics_server]: Enabled HA mode by adding 'metrics_server_replicas' variable and adding podAntiAffinity rule

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>

* [metrics_server]: added namespaces selector

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>
 2022-12-06 18:22:38 -08:00
rtsp 529faeea9e
[cert-manager] Upgrade to v1.10.1 (#9512) 2022-11-29 07:17:26 -08:00
Robin Wallace ed0acd8027
[openstack cloud controller] bump to v1.25.3 (#9500) 2022-11-18 04:26:31 -08:00
emiran-orange df6da52195
Enable check mode in DNS Cleanup tasks (#9472) 2022-11-10 19:58:09 -08:00
emiran-orange 5c25b57989
Ability to define options for DNS upstream servers (#9311) 
* Ability to define options for DNS upstream servers

* Doc and sample inventory vars
 2022-11-08 06:44:25 -08:00
Olivier Lemasle 5d1fe64bc8
Update local-volume-provisioner (#9463) 
- Update and re-work the documentation:
  - Update links
  - Fix formatting (especially for lists)
  - Remove documentation about `useAlphaApi`,
    a flag only for k8s versions < v1.10
  - Attempt to clarify the doc
- Update to version 1.5.0
- Remove PodSecurityPolicy (deprecated in k8s v1.21+)
- Update ClusterRole following upstream
  (cf https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/pull/292)
- Add nodeSelector to DaemonSet (following upstream)
 2022-11-07 15:28:17 -08:00
yanggang 0d6dc08578
upgrade argocd version 2.4.16 (#9467) 2022-11-06 18:04:16 -08:00
Cyclinder 590b4aa240
adjust calico-kube-controller to non-hostnetwork pod (#9465) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2022-11-06 17:34:17 -08:00
ausias-armesto 2a696ddb34
Adding metrics server to use host network (#9444) 
* Adding metrics server to use host network

* EXternalize value to a variable
 2022-11-06 02:38:15 -08:00
yanggang ce751cb89d
add variable condition snapshot in vSphere CSI (#9429) 2022-11-02 00:22:46 -07:00
cleverhu 5cf2883444
add retry for start calico kube controller (#9450) 
Signed-off-by: cleverhu <shouping.hu@daocloud.io>

Signed-off-by: cleverhu <shouping.hu@daocloud.io>
 2022-11-02 00:18:45 -07:00
yanggang d00508105b
Removed PodSecurityPolicy from ingress-nginx (#9448) 2022-10-30 20:08:44 -07:00
杨刚 4d3f637684
Remove PodSecurityPolicies in Metallb for kubernetes 1.25 (#9442) 2022-10-27 21:46:30 -07:00
Mohamed Zaian 2af918132e
Update kubernetes dashboard to 2.7.0 (k8s 1.25 support) (#9425) 2022-10-24 18:32:36 -07:00
杨刚 b192053e28
as argocd 2.4.15 is releasesd , update the version (#9420) 2022-10-23 20:34:24 -07:00
Kenichi Omichi 0374a55eb3
Specify securityContext for cert-manager (#9404) 
On hardening environments, cert-manager pods could not be created
from the corresponding deployments. This adds the securityContext
to solve the issue.
 2022-10-20 00:57:08 -07:00
Vladimir 958840da89
Add var for control initialDelaySeconds in nginx ingress probe (#9405) 
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>

Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
 2022-10-19 21:20:56 -07:00
Mohamed Zaian 0f44e8c812
[ingress-nginx] upgrade to 1.4.0 (#9403) 2022-10-18 16:53:00 -07:00
Kenichi Omichi c38fb866b7
Update securityContext of netchecker (#9398) 
To run netchecker with necessary privilege,
this updates the securityContext.
 2022-10-17 19:11:18 -07:00
Unai Arríen 52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled (#9248) 
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Improve metallb_speaker_enabled default values
 2022-10-13 16:50:47 -07:00
ghostloda 547ef747da
fix helm install with password authentication (#9343) 2022-10-12 23:55:01 -07:00
Unai Arríen ef76a578a4
Change dns upstream condition for nodelocaldns (#9378) 2022-10-11 00:47:02 -07:00
Piotr Kowalczyk 3b99d24ceb
Fix: install calico-kube-controller on kdd (#9358) 
* Fix: install policy controller on kdd too

* Remove the calico_policy_version condition altogether

* Install policy controller both on canal and calico under same condition
 2022-10-10 19:45:01 -07:00
Kay Yan 4701abff4c
upgrade-api-version-for-PodDisruptionBudget (#9369) 2022-10-10 17:51:02 -07:00
Kevin Huang c346e46022
fix(cinder-csi-nodeplugin): Remove the pods-cloud-data volume (#9362) 2022-10-08 01:23:19 -07:00
Hugo Blom a8e4984cf7
Add missing permissions to openstack cc (#9335) 
Add missing permissions to Openstack cloud controller to make sure controller runs as intended
 2022-09-27 22:19:35 -07:00
Federico Cucinella e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 (#9332) 2022-09-26 17:35:46 -07:00
Robin Wallace c4de3df492
upcloud csi driver: bump version to v0.3.3 (#9317) 2022-09-24 13:18:04 -07:00
Florian Ruynat 4ad67acedd
Move back vsphere csi to kube-system ns (#9312) 2022-09-23 10:46:26 -07:00
Kay Yan 1b3c2dab2e
add_max_concurrent_in_coredns (#9307) 2022-09-22 04:27:03 -07:00
pingrulkin a2e23c1a71
vsphere-csi: add nodeAffinity to daemonset (#9293) 2022-09-19 17:47:22 -07:00
Mohamed Zaian a71da25b57
[argocd] update argocd to v2.4.12 (#9297) 2022-09-19 17:37:22 -07:00
Vadim 5ac614f97d
fix duplicate field in ingress-nginx template (#9285) 2022-09-19 03:03:22 -07:00
ErmalKristo b8b8b82ff4
Adds support for multiple architectures to yq (#9288) 2022-09-19 02:14:38 -07:00
Mahdi Abbasi 023b16349e
Add variable for the vsphere-csi namespace (#9278) 2022-09-15 02:01:23 -07:00
ghostloda f3fb758f0c
Remove useless file (#9258) 2022-09-07 17:10:49 -07:00
Michael Schmitz be2bfd867c
Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS (#9245) 2022-09-03 16:16:35 -07:00
Ho Kim e31890806c
Add 'avoid-buggy-ips' support of MetalLB (#9166) 2022-08-18 21:49:51 -07:00
Piotr Kowalczyk 49d869f662
Fix CSI drivers issues on Azure (#9153) 
* Include missing azuredisk rbac manifest

* Remove missing azure csi manifest

* Remove invalid reference mount to waagent settings

* Use cloud-config secret instead of /etc/kubernetes/cloud_config file
 2022-08-18 00:56:36 -07:00
ERIK 9ad2d24ad8
Add unsafe_show_logs switch (#9164) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2022-08-16 18:52:48 -07:00
Cristian Calin 8585134db4
when ingress-nginx is deployes without a class, we need to use 'ingress-controller-leader' resource instead of the default 'ingress-controller-leader-nginx' (#9156) 2022-08-09 04:52:50 -07:00
Aveline 06f8368ce6
Fix Hetzner CCM cluster-cidr (#9127) 2022-07-30 20:18:27 -07:00
rtsp b3876142d2
[cert-manager] Upgrade to v1.9.0 (#9117) 2022-07-29 00:11:11 -07:00
Mohamed Zaian 9f11946f8a
[argocd] update argocd to v2.4.7 (#9105) 2022-07-27 09:32:29 -07:00
Mohamed Zaian ce04fdde72
[ingress-nginx] upgrade to 1.3.0 (#9088) 
* This release removes support for Kubernetes v1.19.0
* This release adds support for Kubernetes v1.24.0
* Starting with this release, we will need permissions on the coordination.k8s.io/leases resource for leaderelection lock
 2022-07-14 18:46:25 -07:00
Peter Pan 14063b023c
Extend DNS memory limit. 170Mi tents to OOM (#9084) 2022-07-13 00:03:37 -07:00
Samuel Liu d821bed2ea
Fix some typo (#9056) 
* fix ingress controller task name

* fix calico word

* add check typo
 2022-07-11 09:49:48 -07:00
yasintahaerol 6d543b830a
Fix vcloud-csi bug related to #9046 (#9066) 
* Fix vcloud-csi bug related to #9046

Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>

* add supervisor-fss-namespace=kube-system flag to vsphere-csi-controller-deployment

Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>
 2022-07-07 10:31:35 -07:00
Emin AKTAS 4607ac2e93
fix(vsphere-csi): remove namespace env variable and set namespace as kube-system (#9046) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>

Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
 2022-07-06 01:00:50 -07:00
Mohamed Zaian 51195212b4
[argocd] update argocd to v2.4.3 (#9050) 2022-07-05 08:22:47 -07:00
忘尘 1562a9c2ec
add missing verbs (#9032) 2022-06-29 00:18:05 -07:00
Samuel Liu e8ccbebd6f
add ingress nginx webhook (#9033) 
* add ingress nginx webhook

* fix ingress nginx template
 2022-06-28 11:55:35 -07:00
Robin Wallace 79f6cd774a create snapshot-controller only if needed 2022-06-22 00:37:44 -07:00
Sébastien Masset 9d5d945bdb
[MASTER] Add missing configuration for extra tolerations (#8908) 
* Added new configuration item for extra tolerations in policy controllers

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>

* Added new configuration item for extra tolerations in DNS autoscaler

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>

* Aligned existing handling of extra DNS tolerations

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
 2022-06-20 01:36:06 -07:00
Calin Cristian Andrei 2de5c4821c [calico] clean up workarounds for older versions 2022-06-15 00:57:20 -07:00
orange-llajeanne 2fba94c5e5
fix a typo in the "matallb_auto_assign" variable name (#8949) 
* fix a typo in the "matallb_auto_assign" variable name

* add metallb check to fail when deprecated "matallb_auto_assign" variable is defined
 2022-06-13 09:40:12 -07:00
Steffen Becker 6b43d6aff2
Proposed fix to Issue 8667 (#8944) 
Proposed fix to Issue 8667

Proposed fix to Issue 8667
 2022-06-09 23:37:46 -07:00
Mohamed Zaian bb530da5c2 [registry] Switch registry to use registry.k8s.io 
Please see the conversation here: https://groups.google.com/a/kubernetes.io/g/dev/c/DYZYNQ_A6_c
 2022-06-08 14:12:22 +02:00
Mohamed Zaian b2346cdaec
[feat] Upgrade metrics server to v0.6.1 (#8909) 
* Metrics Server now requires access to nodes/metrics RBAC resource instead of nodes/stats. See: https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.0
* Minimize rbac permissions.
 2022-06-06 07:34:37 -07:00
Samuel Liu 1600fd9082
clean up tags (#8880) 2022-05-31 07:52:53 -07:00
irizzant 85bd1eea27
fix(calico): add missing "get" verb (#8847) 
Signed-off-by: irizzant <i.rizzante@gmail.com>
 2022-05-21 01:20:00 -07:00
David Louks 93fe3e06ef
Add support for including annotations on aws-ebs-csi-controller (#8779) 
* Add support for including annotations on aws-ebs-csi-controller

* update comment to specify role arn
 2022-05-20 15:00:00 -07:00
Samuel Liu a28b58dbd0
[calico]use ipamconfig instead of calico ipam command (#8839) 
* use ipamconfig instead of calico ipam command

* fix ansible lint
 2022-05-19 11:13:20 -07:00
orange-llajeanne a26a9ee14f
set apparmor_enabled in netchecker task (#8844) 2022-05-19 10:49:21 -07:00
weizhoublue b289f533b3
get wrong server name of coredns (#8811) 
Signed-off-by: weizhou.lan@daocloud.io <weizhou.lan@daocloud.io>
 2022-05-12 08:33:14 -07:00
Oogy 5684610a55
Support metallb peer password (#8792) 
* support metallb peer password

* add MetalLB BGP password example
 2022-05-11 21:39:15 -07:00
spaced bb67b654c5
local volume provisioner should not run on control plane nodes by default (#8805) 2022-05-10 19:04:24 +03:00
Robin Wallace b715500b48
csi: bump upcloud csi driver (#8784) 2022-05-09 10:43:19 -07:00
Robin Wallace 42fc71fafa
[PodSecurityPolicy] Move the install of psp (#8744) 2022-05-09 09:21:19 -07:00
Victor Morales 02b6e4833a
Update Kata Containers runtime (#8797) 
* Update Kata containers binary to 2.4.1 version

* Update overhead kata runtime values

* Fix kata-qemu default values in CRI-O
 2022-05-08 17:01:18 -07:00
Lubos Mercl c20ab7d987
add fix for GCP CSI driver (#8616) 
Signed-off-by: Lubos Mercl <lubos.mercl@gmail.com>
 2022-05-03 08:55:56 -07:00
Mulugeta Ayalew Tamiru 3f065918d9
Update verbs for volumeattachments resource (#8731) 
* Update verbs for volumeattachments resource

Update verbs for volumeattachments resource so that the kubelet can create volumeattachments and mount volumes when deploying Kubernetes on VMware vSphere.

* Update verbs for volumeattachments resource

Update verbs for volumeattachments resource to match upstream

* Update vsphere-csi-controller-rbac.yml.j2
 2022-04-22 00:04:13 -07:00
Mathieu Parent c98a0a448f
metallb: Add images to downloads (#8715) 
For offline mode
 2022-04-14 10:06:46 -07:00
Robin Wallace d7254eead6
UpCloud integration (#8653) 
* [upcloud] add upcloud csi-driver

* Option to use ansible_host as api ip for kubueconfig
 2022-04-11 15:13:23 -07:00
Anthony Bible 9dced7133c
Fixes for Hetzner terraform and Hetzner Cloud (#8702) 
* - add ability to specify the network_zone in hetzner terraform
- Export the network id from hetzner terraform the the generated inventory.ini

* - Add with_networks variable to allow different deployments of hcloud controller manager

- Add network id to hcloud controller secret (added via the inventory)

- Don't include extra_args if it's not set
 2022-04-11 10:26:06 -07:00
rtsp 0481dd946f
[cert-manager] Upgrade to v1.8.0 (#8688) 2022-04-06 00:52:57 -07:00
Cristian Calin cefd1339fc
[vsphere_csi] update to 2.5.1 and make external_vsphere_version 7.0u1 by default (#8676) 2022-04-04 01:08:11 -07:00
rtsp a67e36703f
Update cert-manager to v1.7.2 (#8648) 2022-03-26 04:53:22 -07:00
Fredrik Liv ffa285c2e7
Fixed cluster roles for openstack cloud controller (#8638) 2022-03-21 06:19:21 -07:00
Fredrik Liv af7066d33c
Updated openstack cloud controller version to v1.22.0 (#8629) 
* Updated openstack cloud controller version to match kubernetes version

* Rolled back file structure change
 2022-03-18 01:47:16 -07:00
spaced 2b79be68e7
fix typo and duplicated declaration of ingressclasses (#8591) 2022-03-12 23:36:23 -08:00
Maciej Wereski 51821a811f
MetalLB: update to v0.12.1 (#8593) 
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
 2022-03-03 08:49:48 -08:00
kakkotetsu 3effb008c9
improve validation conditions for MetalLB BGP Peers (#8568) 2022-02-22 23:12:18 -08:00
cyril-corbon 418fc00718
fix: kube-dns service deletion (#8565) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-02-21 02:48:11 -08:00
Tony Fouchard 1d635e04e4
Allow to specify a source address for metallb peerings, and target only some nodes using node selectors (#8534) 2022-02-15 13:57:19 -08:00
Byeonggon Lee 5695c892d0
Fix wrong port name in metallb.yml.j2 (#8510) 2022-02-07 09:43:45 -08:00
cyril-corbon 790448f48b
feat: update cert-manager to 1.7.0 (#8491) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-02-03 17:24:00 -08:00
Tristan 92d612c3e0
8487: Allow override of default CoreDNS zone cache (#8488) 
Using the coredns_cluster_zone_cache_block variable
 2022-02-01 00:48:18 -08:00
Ilya Margolin 2bbe5732b7
Add node label to etcd metrics (#8475) 
targetRef on endpoints surfaces as
__meta_kubernetes_endpoint_address_target_kind/__meta_kubernetes_endpoint_address_target_name
in prometheus and gets converted to the label `node` by
prometheus-operator
 2022-01-31 06:08:23 -08:00
cyril-corbon d31db847b7
feat: update local path to v0.0.21 (#8492) 2022-01-31 01:08:24 -08:00
cyril-corbon 9fce9ca42a
feat: upgrade azuredisk csi to v1.10.0 (#8432) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-01-24 00:41:56 -08:00
Victor Morales e88aa7c96b
Add youki runtime support (#8411) 2022-01-21 14:01:07 -08:00
Johann Schley 38d129a0b6
add external hcloud cloud controller manager (#8440) 2022-01-20 12:31:09 -08:00
onock 392815d97c
[cert-manager] Fix missing RBAC rules for ClusterRole cert-manager-cainjector kubernetes-sigs#8104. (#8444) 2022-01-20 12:17:09 -08:00
rtsp e791089466
cert-manager: Fix incorrect leader election namespace lead to insufficient permission (#8433) 2022-01-17 02:37:29 -08:00
Samuel Liu 1a69f8c3ad
parameterized snaphot controller namespaces (#8305) 
* Parameterized snaphot controller namespaces

* add ns yml

* add docs

* namespace
 2022-01-14 12:58:26 -08:00
rtsp ccd3180a69
cert-manager: Allow to change leader election namespace for GKE Autopilot support (#8424) 
More information:

- kubernetes-sigs/kubespray#8393
- jetstack/cert-manager#4102
- jetstack/cert-manager#3717
 2022-01-14 12:54:26 -08:00
cyril-corbon 01dcbc18ac
feat: upgrade metallb to v0.11.0 (#8420) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-01-14 05:22:28 -08:00
cyril-corbon 86953b2ac4
fix: add tolerations / affinity to cert-manager (#8389) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-01-11 09:14:26 -08:00
Kenichi Omichi 73c889eb10
Fix failures of ansible-lint (#8401) 
This fixes the following types of failures:
- empty-string-compare
- literal-compare
- risky-file-permissions
- risky-shell-pipe
- var-spacing

In addition, this changes .gitlab-ci/lint.yml to block the same issue
by using the same method at Kubespray CI.
 2022-01-11 00:45:16 -08:00
Kenichi Omichi f80fd24a55
Fix risky-file-permissions (#8370) 
When running ansible-lint directly, we can see a lot of warning
message like

  risky-file-permissions File permissions unset or incorrect

This fixes the warning messages.
 2022-01-09 01:51:12 -08:00
Victor Morales 52266406f8
Bump cert-manager version to v1.6.1 (#8377) 2022-01-07 16:45:34 -08:00
cyril-corbon cd601c77c7
feat: upgrade metrics server to v0.5.2 (#8338) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-01-07 08:18:33 -08:00
Florian Ruynat 6abae713f7
Update helm / kube-router and coredns (#8382) 
* Update kube-router to 1.4.0

* Update Helm to 3.7.2

* Up coredns to 1.8.6 when k8s is 1.23.x
 2022-01-06 12:14:27 -08:00
Max Gautier cb54eb40ce
Use a variable for standardizing kubectl invocation (#8329) 
* Add kubectl variable

* Replace kubectl usage by kubectl variable in roles

* Remove redundant --kubeconfig on kubectl usage

* Replace unecessary shell usage with command
 2022-01-05 02:26:32 -08:00
Unai Arríen 0e98814732
Configure PriorityClassName for MetalLB deployment (#8362) 2022-01-04 08:20:52 -08:00
zhengtianbao c3c128352f
Remove registry-proxy (#8327) 2021-12-21 23:55:35 -08:00
zhengtianbao 02a89543d6
registry: add ingress support (#8311) 2021-12-21 10:20:46 -08:00
Antoine Gatineau 6aafb9b2d4
fix bad indentation (#8314) 2021-12-17 07:36:29 -08:00
zhengtianbao aa9b8453a0
registry: service add clusterIP, nodePort, loadBalancer support (#8291) 
* registry: service add clusterIP, nodePort, loadBalancer support

* modify camelcase name to underscore

* Add registry service type compatibility check
 2021-12-15 00:18:19 -08:00
Cristian Calin 0e969c0b72
vSphere-CSI: update to 2.4.0 (#8295) 2021-12-10 11:07:23 -08:00
Steven Reitsma b396801e28
Update Cinder CSI to v1.22 (#8296) 2021-12-10 10:49:11 -08:00
zhengtianbao 4ef2cf4c28
Registry add TLS and authentication support (#8229) 
* Add registry TLS support

* Add registry configmap and htpasswd auth
 2021-12-07 08:32:00 -08:00
toplordsaito 9afca43807
change dns upstream condition for coredns (#8263) 
upstream_dns_servers should change corefile config even resolvconf_mode=docker_dns
 2021-12-06 02:46:32 -08:00
Kenichi Omichi 46b1b7ab34
Fix k8scsi/csi-resizer repo (#8270) 
If trying to pull k8scsi/csi-resizer image from gcr.io, we face the error
like:

 $ docker pull gcr.io/k8scsi/csi-resizer:v1.0.0
 Error response from daemon: Head https://gcr.io/v2/k8scsi/csi-resizer/
 manifests/v1.0.0: unknown: Project 'project:k8scsi' not found or deleted.
 $

We can pull the image from quay.io instead.
This fixes the issue.
 2021-12-05 23:42:32 -08:00