Toni Tauro
5a49ac52f9
feat(calico): add configurable ipam strictaffinity ( #8581 )
...
Signed-off-by: Toni Tauro <toni.tauro@adfinis.com>
2022-03-07 22:58:33 -08:00
Cristian Calin
db1e30e4fc
[calico] add 3.22.1 ( #8612 )
2022-03-07 22:54:34 -08:00
Cristian Calin
b4a61370c8
[cri-o] add cri-0 1.23.x ( #8599 )
2022-03-07 05:39:07 -08:00
kakkotetsu
58b2f39ce5
add IPv6 listen directive to nginx if enable_dual_stack_networks ( #8596 )
2022-03-07 05:39:00 -08:00
Tom Janson
56d882abed
Clarify confirmation prompt ( #8589 )
...
Entering any value causes the play to proceed, e.g., entering "no<Enter>". (This is simply how Ansible's pause module behaves.)
2022-03-07 05:38:54 -08:00
Takuya Murakami
39acb2b84d
Update ansible-lint to 5.4.0 ( #8607 ) ( #8608 )
...
* Update ansible-lint to 5.4.0 (#8607 )
It seems that the Rich version 11.0.0 has a breaking change.
So need to update ansible-lint to 5.3.2 or later.
* Fix for ansible-lint no-changed-when rule (#8607 )
2022-03-07 05:35:55 -08:00
Branko Mijuskovic
3ccba08983
Fix crio_packages for Rocky8 ( #8594 )
2022-03-07 05:29:05 -08:00
Mohamed Zaian
632aa764e6
etcd: add etcd v3.5.1 for kubernetes 1.22+ ( #8588 )
...
* There is an issue with etcd v3.5.0 where it resurrects ancient members see: https://github.com/etcd-io/etcd/issues/13196
This issue is clearly fixed in etcd v3.5.2
* Just keep the checksums
2022-03-07 05:28:54 -08:00
Cristian Calin
f6342b6cf4
[crun] upgrade to 1.4.3 ( #8598 )
2022-03-04 08:22:52 -08:00
Cristian Calin
471585dcd5
[containerd]: upgrade versions to fix CVE-2022-23648 ( #8597 )
...
* [containerd] add hashes for 1.6.1
* [contained] make 1.6.1 the default
* [containerd] add hashes for 1.5.10
* [containerd] add hashes for 1.4.13
* [nerdct] bump to 0.17.1
2022-03-03 14:51:16 -08:00
Maciej Wereski
51821a811f
MetalLB: update to v0.12.1 ( #8593 )
...
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
2022-03-03 08:49:48 -08:00
Cristian Calin
bf7a506f79
[containerd] Upgrade containerd to 1.6.0 and re-enable arm64 architecture with default options ( #8555 )
...
* [containerd] add checksums for 1.6.0
* [containerd] promote 1.6.0 as the new default
* [runc] promote 1.1.0 as the new default to allow arm deployments out of the box
* [nerdctl] bump to 0.17.0 to align with containerd 1.6.0
* [reset] allow crictl stopp and rmp commands to fail
2022-03-02 15:27:13 -08:00
Tom Janson
2e925f82ef
Revert "Fix: typos in docs and comments ( #7805 )" ( #8592 )
...
This reverts commit 417180246c
.
2022-03-02 11:57:13 -08:00
Tom Janson
ddef7e1139
missing "check_mode: no"s for several read-only tasks ( #8584 )
...
this is not complete -- there are almost certainly more instances of
this issue
2022-03-02 09:29:14 -08:00
cyril-corbon
672e47a7eb
feat: check & uninstall container engine ( #8439 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-28 10:59:46 -08:00
Mac Chaffee
b554246502
Fix host DNS config 1) being edited too soon and 2) not working with NM ( #8575 )
...
Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-02-26 10:29:23 -08:00
Nicolas Goudry
ee079f4740
fix(coredns): make sure to keep coredns repository namespace ( #8572 )
...
fix: regex
fix: wrong regex_replace usage
2022-02-24 01:01:33 -08:00
Florian Ruynat
4f1499bd23
Fixup remaining etcd_kubeadm_enabled variables ( #8576 )
2022-02-23 06:46:18 -08:00
Alex
36393d77d3
Encrypting Secret Data at Rest ( #8574 )
...
* change default value for Encrypting Secret Data at Rest to secretbox, remove experimental flag and add documentation
* fix MD012/no-multiple-blanks
2022-02-23 03:04:18 -08:00
Ilya Margolin
e053ee4272
Check all places with `check_mode: no` for side effects ( #8573 )
...
and fix the one with side effect.
Also removes `notify` from this task as the task has `changed_when: false`
and notify is not going to fire.
2022-02-23 01:20:18 -08:00
jayonlau
1d46c07307
Cleanup crictl configuration file ( #8569 )
2022-02-23 00:58:19 -08:00
Ilya Margolin
f9b5e448c1
Prevent removing etcd member when running in check mode ( #8570 )
2022-02-22 23:34:18 -08:00
kakkotetsu
3effb008c9
improve validation conditions for MetalLB BGP Peers ( #8568 )
2022-02-22 23:12:18 -08:00
cyril-corbon
a088f492f4
chore: remove addon-resizer ( #8566 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-22 09:51:16 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat
b9a27c91da
Update kubernetes dashboard to 2.5.0
2022-02-21 03:54:11 -08:00
Florian Ruynat
d4f654275b
Set default kubernetes version to 1.23.4
2022-02-21 03:54:11 -08:00
Florian Ruynat
f6eb4c749d
Add kubernetes hashes for 1.23.4/1.22.7/1.21.10
2022-02-21 03:54:11 -08:00
cyril-corbon
418fc00718
fix: kube-dns service deletion ( #8565 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-21 02:48:11 -08:00
Florian Ruynat
2537177929
Fix amazon docker version ( #8564 )
2022-02-18 23:50:11 -08:00
Sander Klein
9af719bf99
This fixes the etcd node removal. ( #8526 )
...
Since we are already on an etcd node while executing the commands, there
is no need to find out an etcd IP because it is on localhost.
2022-02-18 07:20:23 -08:00
Cristian Calin
063fc525b1
nerdctl: upgrade to 0.16.1 ( #8539 )
2022-02-16 02:04:37 -08:00
Mac Chaffee
0f73d87509
Allow pausing after upgrade but before uncordon ( #8530 )
...
* Allow pausing after upgrade but before uncordon
* Expand docs for upgrade pausing vars
Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-02-15 16:39:02 -08:00
Cristian Calin
402e85ad6e
[calico] upgrade release checksums ( #8544 )
...
* [calico] upgrade 3.19.x to 3.19.4
* [calico] upgrade 3.20.x to 3.20.4
* [calico] upgrade 3.21.x to 3.21.4 and make it the default
* [calico] add 3.22.0 checksums
* [calico] account for path changes in calico 3.21.4 crd archive and above
2022-02-15 16:35:02 -08:00
Tony Fouchard
1d635e04e4
Allow to specify a source address for metallb peerings, and target only some nodes using node selectors ( #8534 )
2022-02-15 13:57:19 -08:00
kakkotetsu
98d5d0cdd5
add support for Dual Stack node InternalIP ( #8542 )
2022-02-15 00:28:02 -08:00
kakkotetsu
1ebe456f2d
add support for Calico IP6_AUTODETECTION_METHOD ( #8541 )
2022-02-14 17:26:14 -08:00
Cristian Calin
c6e5314fab
implement download mirrors support ( #8474 )
...
* [download] add mechanism to support mirrors
* [calico] support alternate download url
2022-02-14 13:19:32 -08:00
Tom Stian Berget
84b93090a8
Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode ( #8519 )
...
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode
* Change inventory sample
2022-02-08 14:04:35 -08:00
Byeonggon Lee
5695c892d0
Fix wrong port name in metallb.yml.j2 ( #8510 )
2022-02-07 09:43:45 -08:00
Krystian Młynek
87928baa31
CRI-O: fix unqualified-search registries ( #8496 )
2022-02-04 23:46:50 -08:00
mgiessing
6a4fd33a03
Added ppc64le support ( #8505 )
...
* Added ppc64le support
* Fixed linting errors
2022-02-04 00:14:00 -08:00
cyril-corbon
790448f48b
feat: update cert-manager to 1.7.0 ( #8491 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-03 17:24:00 -08:00
Ilya Margolin
aed187e56c
Fix kubelet_kubelet_cgroups_cgroupfs ( #8500 )
...
If kubelet is run with systemd (as it always is when using kubespray),
it starts in systemd's /system.slice/kubelet.service cgroup.
This commit prevents a creation and usage of a second unrelated cgroup.
2022-02-02 00:50:22 -08:00
Cristian Calin
5ecb07b59a
[nerdctl] upgrade to 0.16.0 ( #8484 )
...
* [nerdctl] upgrade nerdctl to 0.16.0
* [nerdctl] add configuration file
2022-02-01 15:11:48 -08:00
Cristian Calin
ff621fb7f1
[ingress-nginx] upgrade to 1.1.1 ( #8490 )
2022-02-01 09:50:11 -08:00
Michael Schmitz
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations ( #8395 )
...
* Use sysctl_file_path variable for all sysctl_file locations
* Add sysctl_file_path variable to kubespay-defaults
* Remove previously used sysctl file locations if present
* Use explicit filename in roles/kubernetes/node/defaults/main.yml
* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Cristian Calin
c47634290e
[helm] upgrade to 3.8.0 ( #8489 )
2022-02-01 06:34:12 -08:00
Tristan
92d612c3e0
8487: Allow override of default CoreDNS zone cache ( #8488 )
...
Using the coredns_cluster_zone_cache_block variable
2022-02-01 00:48:18 -08:00
Ilya Margolin
2bbe5732b7
Add node label to etcd metrics ( #8475 )
...
targetRef on endpoints surfaces as
__meta_kubernetes_endpoint_address_target_kind/__meta_kubernetes_endpoint_address_target_name
in prometheus and gets converted to the label `node` by
prometheus-operator
2022-01-31 06:08:23 -08:00