Max Gautier
80b2765f20
Fix dynamic groups definition when using --limit ( #11577 )
...
Using the hosts directive at the play level prevent those tasks from
being run when using --limit and the group in question is not part of
the limit (ex: running scale.yml on new worker nodes only)
Instead, run on all hosts, and for each group, partition between that
group and '_' (generic group name which is not used; using an empty
string as the group is not supported by ansible.builtin.group_by)
Reported-by: asteppat <asteppat@cisco.com>
2024-10-03 10:14:27 +01:00
Baargav
bb4f1b1168
update cilium to 1.15.9 ( #11593 )
2024-10-03 10:10:27 +01:00
Olivier Boudry
583583942c
Fix Flatcar bug #11268 missing default value for ansible_interpreter_python_fallback variable ( #11270 )
2024-10-03 09:54:27 +01:00
ChengHao Yang
b0563c20b0
Feat: support Fedora 39/40 ( #11573 )
...
* Add Fedora 39/40 to Vagrantfile
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Add CI tests for Fedora 39/40
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Update CI tests documentation
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Update support OS version in README.md
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
2024-10-01 07:57:49 +01:00
peterw
6b499186b0
add cilium hubble-ui enable flag ( #10939 )
2024-10-01 06:53:49 +01:00
dependabot[bot]
1ccf0df540
Bump tzdata from 2024.1 to 2024.2 ( #11590 )
...
Bumps [tzdata](https://github.com/python/tzdata ) from 2024.1 to 2024.2.
- [Release notes](https://github.com/python/tzdata/releases )
- [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md )
- [Commits](https://github.com/python/tzdata/compare/2024.1...2024.2 )
---
updated-dependencies:
- dependency-name: tzdata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-30 10:40:03 +01:00
kyrie
d59a5bf431
update containerd_max_container_log_line_size default value ( #11585 )
...
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
2024-09-30 09:12:03 +01:00
Kay Yan
fcbcf3c03b
cri-o Switch to libexecdir ( #11584 )
...
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
2024-09-30 08:34:03 +01:00
Serge Hartmann
0eeac591ad
variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config ( #11230 )
...
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
2024-09-30 08:22:02 +01:00
ChengHao Yang
fabf17a10c
Add Fedora 39/40 images in test-infra ( #11578 )
...
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
2024-09-29 08:48:02 +01:00
Baargav
860c15cec1
Update cluster-role for cilium to prevent errors in agent startup ( #11466 )
...
* Update cluster-role for cilium to prevent errors in agent startup
ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71
The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.
* Remove list/watch permissions for secrets
* Remove secrets from list/watch permissions
2024-09-29 02:30:02 +01:00
Erwan Miran
8c3b2851f6
feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition ( #11570 )
2024-09-28 10:06:01 +01:00
M. Hamzah Khan
24e1765ae2
Added containernetworking-plugins to fcos bootstrap packages ( #11273 )
2024-09-27 20:24:01 +01:00
Andrea Zonca
d3113ad869
[doc] Add previously undocumented options in Terraform/Openstack ( #11477 )
...
These options are available in 6ba3656410/contrib/terraform/openstack/modules/compute/variables.tf (L204-L218)
but are currently undocumented in the README.md
2024-09-27 19:02:02 +01:00
Kubernetes Prow Robot
bbd90f7657
Merge pull request #11568 from VannTen/cleanup/dont_rely_on_kube_node_existing
...
Only require minimum structure in inventory, part II
2024-09-27 11:30:02 +01:00
DirkTheDaring
3281c47f98
[kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5 ( #11581 )
...
* [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5
* Update checksums.yml
reintroduce --- for yaml
2024-09-27 08:28:02 +01:00
janosbabik
6352fee0fd
Update nerdctl version to 1.7.7 ( #11575 )
2024-09-27 05:04:01 +01:00
janosbabik
9f6db4012c
Update runc version to v1.1.14 and add checksums ( #11574 )
2024-09-27 03:58:01 +01:00
Kubernetes Prow Robot
6c112a9b41
Merge pull request #11567 from VannTen/cleanup/remove_node_static_token_generation
...
Remove generation of static tokens for cluster members
2024-09-26 13:58:01 +01:00
janosbabik
656ed796b9
[etcd] make etcd 3.5.16 default ( #11572 )
...
* [etcd] make etcd 3.5.16 default
* Update etcd binary checksums for version 3.5.16 and lower
2024-09-26 09:12:01 +01:00
Bakke
e355bef79b
fix: vsphere image repositories, tags and docs ( #11564 )
...
The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053
As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.
I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.
2024-09-26 08:22:02 +01:00
Philip Sabri
15bb5b0789
[kubernetes] Support kubernetes 1.31.1 ( #11533 )
2024-09-25 05:10:01 +01:00
Max Gautier
fbcc8cc336
control-plane: refactor group membership test
...
Testing with group_names does not require the groups to exist.
2024-09-24 11:16:32 +02:00
Max Gautier
0679d9c8e9
metrics-server: proper defaults, cleaner deploy template
2024-09-24 11:16:32 +02:00
Max Gautier
dba00f2d85
metrics-server: Unconditional control-plane tolerations
...
There is no harm on having unneeded toleration when control-plane node
are not tainted, so simplify the template to always use the toleration.
2024-09-24 11:16:31 +02:00
Max Gautier
9f45552201
Cleanup redundancy
...
k8s_cluster = kube_control_plane + kube_node
2024-09-24 11:16:30 +02:00
dependabot[bot]
ebdc599b05
Bump tox from 4.18.1 to 4.20.0 ( #11562 )
...
Bumps [tox](https://github.com/tox-dev/tox ) from 4.18.1 to 4.20.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.18.1...4.20.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-24 02:52:00 +01:00
Max Gautier
a2a2dfa419
k8s/control-plane: cleanup excessive defaulting
2024-09-23 20:37:56 +02:00
Max Gautier
baf0a331c9
Don't generate static tokens for nodes and control planes
...
Nodes to api-server relies by default certificates, and bootstrap
tokens, and there should be no need to generate tokens for every nodes,
even when enabling static token auth.
2024-09-23 16:58:42 +02:00
Baargav
1c0718bb7d
update containerd 1.7.22 ( #11554 )
2024-09-23 15:31:59 +01:00
Kubernetes Prow Robot
03a055c383
Merge pull request #10643 from VannTen/cleanup/k8s_node_templates
...
Refactor kubernetes/node templates
2024-09-23 14:16:00 +01:00
Kubernetes Prow Robot
e9d406ed08
Merge pull request #11559 from VannTen/cleanup/less_inventory_boilerplate
...
Only require minimum structure in inventory, compute the rest
2024-09-23 10:08:00 +01:00
dependabot[bot]
99c6a884a9
Bump ansible-lint from 24.9.0 to 24.9.2 ( #11563 )
...
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.9.0 to 24.9.2.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.9.0...v24.9.2 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-23 09:32:00 +01:00
Max Gautier
1818993a8a
CI: for upgrade testing, checkout old version before provisioning
...
Otherwise, modifying the test inventory + it's expected structure will
always fail.
2024-09-21 15:10:59 +02:00
Max Gautier
88b6f08e26
Documentation of k8s_cluster auto-defined
...
Also remove the group from the example inventory, since it should not be
needed anymore.
2024-09-21 14:35:36 +02:00
Max Gautier
7580e59bbf
Define k8s_cluster dynamically
...
This allows inventories to not define the k8s_cluster group manually.
2024-09-21 14:35:35 +02:00
Max Gautier
2ec1c93897
Test group membership with group_names
...
Testing for group membership with group names makes Kubespray more
tolerant towards the structure of the inventory.
Where 'inventory_hostname in groups["some_group"] would fail if
"some_group" is not defined, '"some_group" in group_names' would not.
2024-09-21 14:09:09 +02:00
dependabot[bot]
89ff0710e9
Bump ansible-lint from 24.7.0 to 24.9.0 ( #11541 )
...
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.7.0 to 24.9.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.7.0...v24.9.0 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-20 10:45:58 +01:00
dependabot[bot]
1fa4bb733d
Bump ansible from 9.8.0 to 9.10.0 ( #11540 )
...
Bumps [ansible](https://github.com/ansible-community/ansible-build-data ) from 9.8.0 to 9.10.0.
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md )
- [Commits](https://github.com/ansible-community/ansible-build-data/compare/9.8.0...9.10.0 )
---
updated-dependencies:
- dependency-name: ansible
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-20 09:33:39 +01:00
Kubernetes Prow Robot
93ee1226eb
Merge pull request #11521 from VannTen/cleanup/deduplicate_kubeadm_control_plane
...
Use in inventory variables rather than patch files for kubeadm_patches
2024-09-20 01:05:14 +01:00
Leeon Fu
4323e5d039
Reset operation, disable service enabled and clean container's logs. ( #11501 )
2024-09-19 19:14:37 +01:00
Kubernetes Prow Robot
163697951c
Merge pull request #11527 from VannTen/feat/vagrant_multi_inv
...
Cleanup Vagrantfile and allow to use multiples inventories
2024-09-19 13:46:45 +01:00
Kubernetes Prow Robot
893e9cb177
Merge pull request #11471 from VannTen/feat/config_plugin_list
...
Update the list of admission plugins which needs config
2024-09-18 13:18:44 +01:00
Max Gautier
76c42b4d3f
CI: cleanup '-scale' tests infra ( #11535 )
...
There is actually no test using this since ad6fecefa8
,
so there is no reason to keep that infra in our tests scripts.
2024-09-18 13:04:50 +01:00
Max Gautier
b3b00775ea
Remove unused test infrastructure ( #11529 )
...
These two files haven't been touched since 2016 and don't appear to be
referenced anywhere else
2024-09-18 13:04:44 +01:00
Qasim Mehmood
e550118314
Allow setting annotations on ingress-nginx service ( #11544 )
2024-09-18 11:54:44 +01:00
Max Gautier
c3de25c782
Move the CRI endpoint setting to kubelet config ( #11550 )
...
The `--container-runtime-endpoint` kubelet argument is deprecated in
favor of the config file alternative.
2024-09-18 01:34:45 +01:00
dependabot[bot]
59dd713585
Bump molecule from 24.8.0 to 24.9.0 ( #11542 )
...
Bumps [molecule](https://github.com/ansible-community/molecule ) from 24.8.0 to 24.9.0.
- [Release notes](https://github.com/ansible-community/molecule/releases )
- [Commits](https://github.com/ansible-community/molecule/compare/v24.8.0...v24.9.0 )
---
updated-dependencies:
- dependency-name: molecule
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-16 08:31:14 +01:00
Kay Yan
e5d2452828
fix elastx cleanup security groups ( #11411 )
2024-09-15 13:59:13 +01:00
ChengHao Yang
8cb081a3d0
Fix: download hash crictl link ( #11534 )
...
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
2024-09-14 17:35:13 +01:00