Alessio Greggi
e7df4d3dd9
add support for `service-account-lookup` parameter ( #8781 )
...
* feat: add variable to manage service-account-lookup on kube-apiserver
* docs: add documentation about service-account-lookup variable
2022-05-06 00:39:07 -07:00
David Louks
3e52a0db95
Add optional setting for ca data in auth webhook ( #8777 )
...
* Add optional setting for ca data in auth webhook
* add webhook token auth variables to sample inventory
2022-05-05 14:52:43 -07:00
Alessio Greggi
fa1d222eee
add support for `EventRateLimit` plugin configuration ( #8711 )
...
* feat: add support for EventRateLimit admission plugin
* docs: add documentation about admission_control_config_file and EventRateLimit configuration
2022-05-02 11:03:15 -07:00
Alex
36393d77d3
Encrypting Secret Data at Rest ( #8574 )
...
* change default value for Encrypting Secret Data at Rest to secretbox, remove experimental flag and add documentation
* fix MD012/no-multiple-blanks
2022-02-23 03:04:18 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Hanna Bledai
615216f397
Fix if bind-address is not set to 0.0.0.0 ( #8262 )
...
* if bind-address is not set to 0.0.0.0
* Update docs and left comments
* fix yamllist check: remove space
2021-12-05 23:58:32 -08:00
Hari Hud
30cd91dc6b
Add option to kubeadm upgrade command to control certificates renewal during control plane upgrade ( #7976 )
...
* Add option to kubeadm upgrade command to control certificates renewal during control plane upgrade
* Remove training whitespace
2021-09-17 04:31:00 -07:00
Samuel Liu
62ab477838
remove kube_proxy_conntrack_max var ( #7971 )
2021-09-15 08:22:31 -07:00
Mathieu Parent
e39e3d5c26
Fix OpenId Connect example prefixes ( #7527 )
...
Fixes "mapping values are not allowed in this context
2021-04-20 17:32:10 -07:00
Etienne Champetier
bf6a39eb84
Add auto_renew_certificates_systemd_calendar ( #7490 )
...
This allow to configure when K8S certificates renewal runs
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-04-12 09:47:45 -07:00
Maciej Wereski
771a5e26bb
Add KubeSchedulerConfiguration for k8s 1.19 and up ( #7351 )
...
* Add KubeSchedulerConfiguration for k8s 1.19 and up
With release of version 1.19.0 of kubernetes KubeSchedulerConfiguration
was graduated to beta. It allows to extend different stages of
scheduling with profiles. Such effect is achieved by using plugins and
extensions.
This patch adds KubeSchedulerConfiguration for versions 1.19 and later.
Configuration is set to k8s defaults or to kubespray vars. Moving those
defaults to new vars will be done in following patch.
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
* KubeSchedulerConfiguration: add defaults
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
2021-04-06 00:35:35 -07:00
Etienne Champetier
efa180392b
Auto renew control plane certificates ( #7358 )
...
While at it remove force_certificate_regeneration
This boolean only forced the renewal of the apiserver certs
Either manually use k8s-certs-renew.sh or set auto_renew_certificates
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-03-22 11:22:48 -07:00
Kenichi Omichi
c5db012c9a
Move kubernetes/master to kubernetes/control-plane ( #7218 )
...
This is a small step to replace "master" with "control-plane" in
Kubespray project.
2021-02-01 07:15:49 -08:00