Cristian Calin
64dbf2e429
update equinox terraform code to fix kubespray CI ( #9702 )
...
* add terraform lock files to ignore list
* move contrib/terraform/metal to contrib/terraform/equinix to reflect upstream change
2023-01-26 21:24:25 -08:00
Florian Ruynat
6881398941
Add ruamel.yaml to docker image ( #9707 )
2023-01-26 18:26:25 -08:00
Cristian Calin
57638124c5
document the CI environment ( #9714 )
2023-01-26 05:02:26 -08:00
ERIK
ee2193d4cf
Add dns configuration for cert manager ( #9673 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-01-23 17:42:15 -08:00
Florian Ruynat
eb56130433
Add jmespath back to Dockerfile image ( #9697 )
2023-01-23 16:24:17 -08:00
Tristan
5fbbcedebc
9693: Fix comma-separated-list splitting of kubelet_enforce_node_allocatable ( #9694 )
...
See https://github.com/kubernetes-sigs/kubespray/issues/9693
2023-01-23 16:20:17 -08:00
Florian Ruynat
18f2abad2f
Cleanup v1.23.x missing references/conditions/hashes ( #9698 )
2023-01-23 16:16:16 -08:00
Mohamed Zaian
391dd97f95
[kubernetes] support 1.26.x ( #9570 )
2023-01-23 00:10:11 -08:00
Tom Janson
44243eada9
reword confusing etcd download url comment ( #9686 )
...
It is quite confusing that there's an all-caps, bolded comment that seems to imply that `etcd_download_url` is relevant only when not using host-based deployment. The opposite is true: of course the artifact download URL is relevant and required for host-based etcd.
Perhaps the entire comment can be read in a different way, and should perhaps be reworded entirely, cf. 374438a3d6/docs/offline-environment.md
?plain=1#L38
Removing the "**DON'T**" matches the way the other comments in this file are written and matches my personal interpretation.
2023-01-22 01:14:03 -08:00
Florian Ruynat
34d0451585
Update KUBESPRAY_VERSION and kube_version_min_required (with hashes cleanup) ( #9691 )
2023-01-20 14:11:54 -08:00
Arthur Outhenin-Chalandre
c4346e590f
kubeadm/etcd: use config to download certificate ( #9609 )
...
This commit uses a kubeadm join config to pull down cert for etcd in
workers nodes (which is needed in some circumstances, for instance with
calico or cilium).
The previous way didn't allow us to pass certain parameters which was
typically given in the config in other kubeadm invokations in Kubespray.
This made kubeadm produced some errors for some edge cases.
For example, in our deployment we don't have a default route and even
though it's only to download the certificates, kubeadm produce an error
`unable to select an IP from default routes` (these command are kubeadm
controlplane command, so kubeadm does some additional checks). This is
fixed by specifying `advertiseAddress` within the kubeadm config.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-20 00:26:16 -08:00
Florian Ruynat
bd81c615c3
Add k8s 1.24.10 hashes ( #9688 )
2023-01-19 14:46:15 -08:00
Mohamed Zaian
3d9fd082ff
[containerd] add hashes for 1.5.x ( #9678 )
2023-01-19 07:36:38 -08:00
yanggang
826282fe89
Add k8s hashes for k8s version. ( #9685 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-19 05:30:35 -08:00
yanggang
73774326b3
supplement the omit cni-version in readme.md ( #9684 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-19 05:00:35 -08:00
MatthieuFin
374438a3d6
feat(calico): add possibility to enable calico floatingIPs feature ( #9680 )
...
Add a variable `calico_felix_floatingIPs` which permit to enable calico feature `floatingIPs`
(disabled per default).
Signed-off-by: MatthieuFin <matthieu2717@gmail.com>
#9679
2023-01-18 15:42:34 -08:00
yanggang
fd80ef1ff1
[argocd] update argocd to v2.5.7 ( #9682 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-18 15:38:34 -08:00
Mohamed Zaian
235173bb5f
[flannel] update to v0.20.2 & make it default ( #9675 )
2023-01-18 15:26:34 -08:00
Mohamed Zaian
1750dec254
[feature] add mzaian to reviewers ( #9676 )
2023-01-18 00:46:35 -08:00
ERIK
52f52db8f3
Add crio-related URLs to offline.yml ( #9681 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-01-17 19:04:33 -08:00
Cyclinder
db94812163
bump cni-plugins to v1.2.0 ( #9671 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-01-17 00:12:32 -08:00
Arthur Outhenin-Chalandre
4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default ( #9662 )
...
In 6db6c8678c
, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
Mathieu Parent
58fe1a0ed6
Terraform vsphere cleanup ( #9672 )
...
* contrib/terraform/vsphere: mark vsphere_password as sensitive
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* contrib/terraform/vsphere: remove unused modules
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2023-01-16 23:50:32 -08:00
Mathieu Parent
c80bb0007a
contrib/terraform/gcp: allow extra ingress firewalls ( #9658 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2023-01-16 23:46:32 -08:00
rongfu.leng
8a03bb1bb4
add containerd config_path ( #9566 )
...
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
2023-01-16 23:42:32 -08:00
Vitaly Yakovenko
d919c58e21
[multus] added support for mixed type of container engine ( #9224 )
...
* [multus] added support for mixed type of container engine
* [multus] fixed for using with cluster/upgrade-cluster/scale playbooks
2023-01-16 23:30:33 -08:00
Mohamed Zaian
19bc610f44
Update pause image version to v3.8 ( #9668 )
...
Signed-off-by: Mohamed Zaian <mohamedzaian@gmail.com>
Signed-off-by: Mohamed Zaian <mohamedzaian@gmail.com>
2023-01-16 15:30:10 -08:00
Cyclinder
85a5a79ef5
doc: don't set calico_vxlan_mode_ipv6=vxlanAlways when kernel < 3.12 ( #9645 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-01-16 12:32:09 -08:00
Mohamed Zaian
c7cffb14a7
[cert-manager] update cert-manager to v1.11.0 ( #9661 )
2023-01-16 02:36:51 -08:00
Jochen Friedrich
6f61f3d9cb
Support OVN Interconnect ( #9599 )
...
Mostly taken from: https://raw.githubusercontent.com/kubeovn/kube-ovn/master/yamls/ovn-ic.yaml.j2
2023-01-16 00:08:52 -08:00
yanggang
6b4bb2a121
[argocd] update argocd to v2.5.6 ( #9654 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-15 21:16:50 -08:00
ERIK
e288449c5d
Update cri-dockerd version ( #9659 )
...
* Skip retry operation with containerd when etcd installed on host VM (#9560 )
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
* Update cri-dockerd version
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Co-authored-by: Eugene Artemenko <artemenko.evgeniy@gmail.com>
2023-01-15 21:12:51 -08:00
László Rafael
ea35021c96
Add defaults for external_vsphere_user and external_vsphere_password in the vsphere csi_driver ( #9664 )
2023-01-14 14:24:14 -08:00
luksi1
754424eca7
Push pipeline image even on master and schedules
2023-01-14 20:49:51 +01:00
Luke Simmons
4ad56e2772
Fix for creating VirtualMachine ( #9657 )
2023-01-14 11:48:13 -08:00
Eugene Artemenko
6f1352eb53
Skip retry operation with containerd when etcd installed on host VM ( #9560 )
2023-01-10 15:53:20 -08:00
Cyclinder
bf8c64af08
feature request: add cyclinder to reviewers ( #9646 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-01-10 03:05:27 -08:00
Luke Simmons
a98ab40434
Adds pipeline image ( #9606 )
2023-01-08 18:29:27 -08:00
yanggang
6549bb12fc
follow containerd1 1.16.15 ( #9644 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-08 17:59:28 -08:00
Kay Yan
1329d3f03b
add-test-for-rockylinux9-cilium ( #9562 )
2023-01-07 02:35:26 -08:00
Kay Yan
843e908fa4
update-calico-VXLAN-docs ( #9639 )
2023-01-06 00:00:00 -08:00
R. P. Taylor
0ff883afeb
streamline ansible_default_ipv4 gathering loop ( #9281 )
2023-01-05 11:59:58 -08:00
Marijn van der Giesen
0d5bcd3e20
feat(coredns): Forward extra domains to coredns kubernetes plugin ( #9635 )
2023-01-05 06:57:58 -08:00
tu1h
a8cef962e2
Add retry to avoid 'unknown' state for calicoctl ( #9633 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-01-05 05:09:58 -08:00
Cyclinder
b50890172b
calico: add vxlan-v6.calico to the list of NM unmanaged interfaces ( #9631 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-01-05 04:29:58 -08:00
Fredrik Liv
ffad2152b3
Added override variable, additional server groups and cloudinit config ( #9452 )
2023-01-05 04:16:00 -08:00
Kay Yan
6674438849
fix-ci-issue ( #9640 )
2023-01-05 00:11:58 -08:00
Ho Kim
4bc5e8d912
Skip removing nodes if cluster is not set ( #9430 )
2023-01-03 05:03:32 -08:00
Anthony D'Atri
8ca0bfffe0
Minor cleanup of README.md and two other docs ( #9621 )
...
Signed-off-by: Anthony D'Atri <anthony.datri@gmail.com>
Signed-off-by: Anthony D'Atri <anthony.datri@gmail.com>
2023-01-03 02:51:31 -08:00
Florian Ruynat
48282a344f
Fix wording in amazonlinux.md
2023-01-03 10:27:59 +01:00