Commit Graph

6917 Commits (6f1352eb533692a3ac4fe3561fb6b99572fd519d)
 

Author SHA1 Message Date
bozzo 974902af31
Update Kube-router version to v0.4.0 (#5756) 2020-03-17 02:40:21 -07:00
MengZeLee 45626a05dc
fix pip requirements version (#5174)
Because using python Program create inventory it will happen error, thus I change python pip version to install kubespray requirements.
2020-03-16 05:10:35 -07:00
Pasquale Toscano 4b5299bb7a
Add variables to configure Containerd default runtime, untrusted runt… (#5497)
* Add variables to configure Containerd default runtime, untrusted runtime and additional runtimes

* Add containerd settings to sample inventory

* Empty commit
2020-03-16 03:48:36 -07:00
Yujun Zhang ceab27c97a
Add OWNERS file for recover_control_plane (#5505)
Related to #5432
2020-03-16 03:46:35 -07:00
Sergey 03d1b56a8f
fix check exists download cache (#5776) 2020-03-16 03:34:35 -07:00
keyboardfann 64190dfc73
Fix deploy heketi show selector missing error. (#5738) 2020-03-16 03:32:36 -07:00
Michael Shnit 29128eb316
Add AWS ALB Ingress Controller (#5489)
* Add AWS ALB Ingress Controller Ansible role

* remove trailing spaces

* update owners

* ALB ingress: update rbac clusterrole and remove role

* Move alb-ingress role to roles/kubernetes-apps/ingress_controller folder
2020-03-16 02:58:35 -07:00
Yujun Zhang ea9f8b4258
Add document about adding/replacing a node (#5570)
* Add document about adding/replacing a node

* Update nodes.md

Amend for comments
2020-03-15 03:32:34 -07:00
Sergey 1cb03a184b
kubernetes 1.15.11 (#5775) 2020-03-14 07:16:34 -07:00
hfinucane 158d998ec4
Support configuring the Calico iptables insert mode (#5473)
* Support configuring the insert mode

Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration

so nothing should change for existing deployments.

This allows coexistence with other firewall management technologies.

* Add a note to the sample config
2020-03-14 06:36:35 -07:00
Cédric de Saint Martin 168241df4f
Python bootstrap: upgrade pypy to 3.6-7.2.0. (#5511)
Solves problem with mitogen about 'Compress object has no attribute copy' in zlib module.
2020-03-14 06:32:35 -07:00
Sander Cornelissen f5417032bf
Merge OracleLinux in RedHat bootstrap-os (#5575)
* Merge OracleLinux in RedHat bootstrap-os

* Set default for use_oracle_public_repo in main.yaml
2020-03-14 06:28:34 -07:00
bozzo d69db3469e
Add external zones in nodelocaldns configuration (#5591)
Allows to configure additionnal zone for domains not resolved by `upstream_dns_servers`.
2020-03-14 06:26:34 -07:00
Xiaodu 980a4fa401
Add docker-ce 19.03 packages for Debian & Ubuntu (#5729)
* Add docker-ce 19.03 packages for Debian & Ubuntu

K8s has updated the recommended Docker version to 19.03. More
specifically it should be 19.03.4, but since we used 18.06.7 instead of
.2, I'm assuming the latest patch version should be used here as well.

* Add docker 19.03 for redhat
2020-03-14 06:24:35 -07:00
Florent Monbillard 027e2e8a11
Update CoreDNS to 1.6.7 (#5761) 2020-03-14 04:20:34 -07:00
Maxime Guyot dcfda9d9d2
Change python crypto module from pycrypto to cryptography (#5769) 2020-03-14 03:30:34 -07:00
Florent Monbillard ca73e29ec5
Use k8s.gcr.io for kubernetes related images (#5764)
* Use k8s.gcr.io for kubernetes related images

* Use k8s.gcr.io in inventory sample
2020-03-13 14:41:48 -07:00
Florent Monbillard 0330442c63
Kubernetes 1.16.8 (#5770)
* Kubernetes 1.16.8

* Use 1.16.8 in sample inventory and kubespray-defaults
2020-03-13 13:41:47 -07:00
Maxime Guyot 221c6a8eef
Use a separate runner for light CI jobs (#5771) 2020-03-13 20:29:22 +03:00
Florent Monbillard 25a1e5f952
Include etcd image repository when using kubeadm etcd deployment mode (#5725) 2020-03-13 10:28:39 -07:00
Maxime Guyot 38df80046e
CI inventory should start at 1 instead of 0 (#5763) 2020-03-13 10:22:39 -07:00
Nakahara, Kohei 57bb7aa5f6
Fix delete nodes task (#5747) 2020-03-13 08:36:40 -07:00
Florian Ruynat 86996704ce
remove unused crictl hashes (#5754) 2020-03-13 06:56:40 -07:00
Joel Seguillon f53ac2a5a0
Update metrics addon for 1.16 (#5706)
* upgrade metrics server and resizer images version

* scope "apps" api group for addon resizer
2020-03-13 06:46:40 -07:00
Hugo Blom d0af5979c8
install csi-driver not just cinder (#5766) 2020-03-13 05:34:39 -07:00
Qingkun Li 43020bd064
Fix the command for kube-proxy cleanup (#5671) 2020-03-13 05:32:39 -07:00
Danilo Riecken P. de Morais dc00b96f47
Add missing Coreos OS family string (#5759) 2020-03-13 04:24:39 -07:00
Christopher Randles 71c856878c
update multus to 3.4 and add crio support (#5701)
Signed-off-by: Chris Randles <randles.chris@gmail.com>
2020-03-13 04:22:39 -07:00
Maxime Guyot 19865e81db
Add OWNERS file for OpenStack CSI driver and cloud controller (#5753) 2020-03-13 02:52:39 -07:00
Maxime Guyot a4258b1244
Add automatic cleanup of OpenStack CI VMs (#5760) 2020-03-12 15:12:39 -07:00
dymq e0b76b185a
Failover for adding proxy when line exists in file (#5751)
The 'regexp' parameter matches last occurrence of a line starting with 'proxy=' and replaces it with the one defined in 'line' parameter. If no match - it works same way as before. This fixes resuming cluster deployments failed after that task (if there was no more than one line starting with 'proxy' in the yum.conf file - this condition should also be reassured with the change introduced here) eg. if they were initiated with Terraform.
2020-03-12 15:08:39 -07:00
Xiaodu c47f441b13
fix kube-proxy server address when local apiserver lb is disabled (#5730)
refs #5277

As the issue describes, when no external or local load-balanced is used,
kube-proxy won't be able to contact apiserver at 127.0.0.1. So the
config map should be left as is.
2020-03-12 10:40:39 -07:00
Maxime Guyot 7c854a18bb
Enable retries on SSH error during CI (#5755) 2020-03-12 10:10:39 -07:00
Florent Monbillard 8df2c0a7c6
Upgrade CNI plugins to 0.8.5 (#5717) 2020-03-12 07:22:38 -07:00
Sergey e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory (#5731)
* calico VXLAN mode

* check vars if calico backend defined
2020-03-12 01:20:37 -07:00
Florent Monbillard 2c8bcc6722
Upgrade etcd to 3.3.12 (#5718)
* Upgrade etcd to 3.3.18

* Try with etcd 3.3.15 (kubeadm 1.16.7 default)

* Back to square one

* Try with 3.3.11

* Upgrade etcd to 3.3.18 (take 2)

* Try with 3.3.12
2020-03-11 08:25:38 -07:00
Fredrik Lönnegren e257d92f41
Cilium updates (#5438)
* Add resources needed to deploy 1.6.4

* Use cilium v1.6.4

* Change deprecated option name

* Add update crd to clusterrole cilium

* Cilium 1.6.4 -> 1.6.5

* Make monitor-aggregation config configurable as a variable

* Change monitor-aggregation default none->medium

* Cilium 1.6.5 -> 1.6.6

* Update to 1.7.0

* v1.7.0->v1.7.1
2020-03-11 08:15:36 -07:00
Hugo Blom f697338eec
[Openstack] Install Cinder-CSI before first node is schedulable again (#5735)
* install cinder-csi before upgrading nodes

* Only run the Cinder CSI when enabled
2020-03-11 06:31:36 -07:00
Etienne Champetier e2ec7c76a4
containerd: bump to 1.2.13 (#5727)
https://github.com/containerd/containerd/releases/tag/v1.2.11
CVE-2019-16884 / CVE-2019-17596

https://github.com/containerd/containerd/releases/tag/v1.2.12
CVE-2019-19921 / CVE-2019-16884 / CVE-2019-11253

https://github.com/containerd/containerd/releases/tag/v1.2.13

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-03-11 05:39:36 -07:00
Lovro Seder 058d101bf9
Escape dots in jsonpath keys. (#5600)
+ use more secure `command` instead of `shell`
+ read-only command doesn't change state - make idempotent
+ multi-line long string
2020-03-11 05:17:36 -07:00
Hugo Blom 833794feef
[Openstack] Cleanup the old in-tree openstack cloud provider (#5742)
* Added playbook to migrate openstack cloud provider

* remove old cloud provider config

* Rewrite provisioned-by annotation on Cinder PVs

* update indents

Co-authored-by: Jonathan Süssemilch Poulain <jonathan@sofiero.net>
2020-03-11 05:13:36 -07:00
Hugo Blom a3dedb68d1
[Openstack] Make it possible to apply the new cloud provider during upgrade (#5707)
* run external cloud provider setup during upgrade

* change name of taskt to better reflect what it does

* fix typo
2020-03-11 05:11:36 -07:00
Hugo Blom 4a463567ac
[Openstack] A guide on how to replace the in-tree cloudprovider with the external one (#5741)
* add documentation for how to upgrade to the new external cloud provider

* add migrate_openstack_provider playbook

* fix codeblock syntax highligth

* make docs for migrating cloud provider better

* update grammar

* fix typo

* Make sure the code is correct markdown

* remove Fenced code blocks

* fix markdown syntax

* remove extra lines and fix trailing spaces
2020-03-11 05:09:35 -07:00
Sergey 9f3ed7d855
change ignore_errors: to when: in assert tasks (#5716) 2020-03-10 08:09:36 -07:00
Sergey 221b429c24
move var preinstall_selinux_state: to roles/kubespray-defaults/defaults/main.yaml (#5715) 2020-03-10 07:45:35 -07:00
dependabot[bot] b937d1cd9a
Bump ansible from 2.7.12 to 2.7.16 (#5739)
Bumps [ansible](https://github.com/ansible/ansible) from 2.7.12 to 2.7.16.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](https://github.com/ansible/ansible/compare/v2.7.12...v2.7.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-03-09 06:31:34 -07:00
Vicenç Juan Tomàs Montserrat 986c46c2b6
Check ansible version >=2.7.8 in recover-control-plane.yml playbook (#5724) 2020-03-07 10:17:34 -08:00
Maxime Guyot e029216566
Update security contacts (#5719) 2020-03-06 10:47:24 -08:00
roc 2d4595887d
Fix youtube url (#5582) 2020-03-06 02:13:22 -08:00
Jakub Husák 2beffe688a
Make etcdctl connect to localhost out of the box (#5643)
* Make etcdctl connect to localhost out of the box

* etcdctl envs: use admin-.pem instead of member-.pem
2020-03-06 02:05:23 -08:00