Pat Riehecky
2fa64f9fd6
Add flag to prevent running helm update ( #10169 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-06-23 06:03:23 -07:00
Victor Morales
bf31a3a872
Split defaults main file ( #10121 )
2023-06-22 02:19:40 -07:00
peterw
4a8fd94a5f
add growpart azure enabled ( #10241 )
2023-06-21 06:23:40 -07:00
Louis Tu
e214bd0e1b
clean up outdate os files ( #10236 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-06-21 02:45:39 -07:00
Arthur Outhenin-Chalandre
4ad89ef8f1
local_path_provisioner: fix invalid podhelper yaml ( #10237 )
...
New line was not inserted between image and imagePullPolicy for some
reasons with the jinja. Simplifying this altogether should fix this.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-20 20:10:21 -07:00
Emin AKTAS
7a66be8254
bump flannel version to v0.22.0 and flannel-cni-plugin version to v1.1.2 ( #10205 )
...
This also changes flannel repository from flannelcni to flannel
Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
2023-06-19 16:52:24 -07:00
Samuel Liu
db696785d5
update local path provisioner version and remove psp ( #10054 )
...
* update local_path_provisioner_version
* remove psp and update cm
2023-06-19 11:44:21 -07:00
Mohamed Omar Zaian
dfec133273
[calico] add hashes for v3.26.1 ( #10235 )
2023-06-19 10:40:23 -07:00
Arthur Outhenin-Chalandre
475abcc3a8
project: drop Kubernetes 1.24 support ( #10234 )
...
* project: drop Kubernetes 1.24 support
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* readme: bump crio version to 1.27 in the readme
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
---------
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-19 08:42:21 -07:00
Mohamed Omar Zaian
3a7d84e014
[feature] Correct CoreDNS versions for kubernetes releases ( #10233 )
2023-06-19 07:34:22 -07:00
Mohamed Omar Zaian
ad3f84df98
[argocd] update argocd to v2.7.4 ( #10226 )
2023-06-19 07:20:22 -07:00
Emin AKTAS
79e742c03b
bump coredns version to 1.10.1 ( #10199 )
...
Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
2023-06-19 04:06:21 -07:00
Takuya Murakami
b2f6abe4ab
fix parsing of RHSM proxy configuration ( #10060 ) ( #10228 )
...
Remove URL scheme part from http_proxy for server.proxy_hostname
2023-06-19 02:24:21 -07:00
Louis Tu
c5dac1cdf6
Add Debian 12(bookworm) support and CI ( #10221 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-06-19 02:20:21 -07:00
Samuel Liu
d296adcd65
allow change argocd url ( #10176 )
2023-06-18 19:18:20 -07:00
Mohamed Omar Zaian
141064c443
[helm] upgrade to 3.12.1 ( #10225 )
2023-06-18 17:04:20 -07:00
ERIK
54859cb814
Fix etcdctl copy operation ( #10230 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-06-16 04:18:19 -07:00
Mohamed Omar Zaian
0f0991b145
[ingress-nginx] upgrade to 1.8.0 ( #10223 )
2023-06-15 19:48:25 -07:00
Mohamed Omar Zaian
658d62be16
[kubernetes] upgrade versions to address CVE-2023-2728 ( #10220 )
...
* [kubernetes] Add hashes for 1.27.3, 1.26.6, 1.25.11
* [kubernetes] make 1.26.6 default
2023-06-15 19:48:18 -07:00
Mohamed Omar Zaian
0139bfdb71
[calico] add hashes for v3.26.0 ( #10224 )
2023-06-15 19:44:18 -07:00
Furkan Türkal
b4db077e6a
containerd: bump to 1.7.2 ( #10219 )
...
Signed-off-by: Furkan <furkan.turkal@trendyol.com>
2023-06-15 03:22:18 -07:00
Ugur Can Ozturk
a962fa2357
[podSecurityConfiguration]: fix apiVersion and change default policy versions ( #10210 )
...
Signed-off-by: Ugur <ugurozturk918@gmail.com>
2023-06-12 17:55:57 -07:00
palme
775851b00c
[flatcar] add python dependency check for helm-apps ( #10192 )
...
* add pyyaml install via task instead of package
* Change condition for better consistency in the codebase
2023-06-12 17:51:58 -07:00
Arthur Outhenin-Chalandre
f8fadf53cd
helm: fix pyyaml package on RH distros ( #10204 )
...
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-12 17:39:57 -07:00
ERIK
ce13699dfa
Use a uniform way to get the local path of the binaries ( #10211 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-06-12 00:39:48 -07:00
Ashish Singh Dev
fc5937e948
fix gce-pd-csi driver ( #10208 )
...
* fix gce-pd-csi driver
* fixed, 1. reading replicas value from defaults.yml, and 2. corrected gcp-pd-csi driver version in README.md
2023-06-11 20:45:47 -07:00
Emin AKTAS
2b80d053f3
bump nodelocaldns version to 1.22.20 ( #10200 )
...
Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
2023-06-08 03:08:14 -07:00
Pat Riehecky
f5ee8b71ff
Permit custom names for API server lb/proxy containers. ( #10166 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-06-08 02:54:13 -07:00
James
4c76feb574
Kubelet csr approver fixes ( #10165 )
...
* Fix upgrade-path for kubelet-csr-approver
Fixes an error when you enable kubelet-csr-approver when upgrading.
It hangs waiting for the certificate to be approved since the
kubelet-csr-approver is not installed yet.
* Add missing package when using helm role
2023-06-06 02:27:00 -07:00
yun
5ebd305d17
remove cri-o using crio_bin_files ( #10182 )
2023-06-04 20:02:42 -07:00
Arthur Outhenin-Chalandre
edc73bc3c8
project: upgrade test dependencies and drop ansible-core 2.11 ( #10034 )
...
Molecule 5.0 require ansible-core 2.12.10.
So this commit we update ansible-core from 2.12.5 to 2.12.10.
We also drop supporting two ansible-core version. Also we now use the "oldest"
still supported ansible-core version as both 2.11 is EOL and not
supported by molecule.
tests/molecule: remove linting in molecule to support molecule 5
tests/molecule: remove role name check for molecule 5 support
Kubespray doesn't use ansible galaxy style naming so we have to disable
that check.
contrib/inventory_builder: fix tox.ini for tox4
tests/molecule: fix get_playbook in testinfra tests
tests: upgrade most tests requirements
Exclude ansible-lint for now, I will do that in a separate PR.
tests/molecule: force kvm driver option
If we don't do this it fallbacks to qemu emulated on our CI for some
reasons.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-02 20:40:40 -07:00
Mohamed Omar Zaian
b7fa2d7b87
Fix metrics-server for k8s 1.26 ( #10183 )
2023-06-02 18:16:40 -07:00
Samuel Liu
7771ac6074
add krew_no_upgrade_check ( #10175 )
2023-06-02 18:12:40 -07:00
Samuel Liu
d7b79395c7
Add labels to kube-vip static pods ( #10139 )
2023-06-01 16:45:46 -07:00
Richard Fairthorne
ce18b0f22d
fix missing newline in template ( #10174 )
2023-05-31 23:27:45 -07:00
Aleksandr Karabanov
2d8f60000c
Solves #2933 : Allow http_proxy, https_proxy and no_proxy environment variables in cert-manager playbook ( #10162 )
2023-05-31 20:23:45 -07:00
yjqg6666
0b102287d1
[ #10148 ] The download.timeout can be changed by variable download.timeout ( #10149 )
...
Reference:
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/get_url_module.html#parameter-timeout
2023-05-31 18:15:45 -07:00
Pat Riehecky
d325fd6af7
Don't create calico CNI dir when not using calico ( #10156 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-31 08:35:48 -07:00
Pat Riehecky
e949b8a1e8
Update cilium to latest (1.13.3) ( #10158 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-31 03:23:46 -07:00
Pat Riehecky
ab6e284180
Locate mount names isn't a change to the system ( #10161 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-31 01:33:46 -07:00
Pat Riehecky
7421b6e180
Running ping doesn't change state ( #10160 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-31 01:29:46 -07:00
Jeroen Rijken
ea7dcd46d7
Update MetalLB deployment, wait for resource. ( #9995 )
...
* Update MetalLB deployment, wait for resource.
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
* yml to yaml, add basic test for metallb
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
---------
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-05-30 11:37:49 -07:00
Maxime Leroy
29f833e9a4
fix(ssl-ca): mount ssl ca directories ( #9794 )
...
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
2023-05-28 19:43:42 -07:00
qlijin
8c32be5feb
Add insecure_registry config to crio.conf ( #10142 )
2023-05-28 19:03:41 -07:00
Victor Login
0ba2e655f4
Fix problem migration to k8s 1.27 ( #10136 )
...
* Fix `The task includes an option with an undefined variable` for 1.27
* delete old flag --container-runtime
Signed-off-by: Victor Login <batazor@evrone.com>
---------
Signed-off-by: Victor Login <batazor@evrone.com>
2023-05-28 17:09:42 -07:00
Andrei Costescu
96e875cd50
Add systemd_resolved_disable_stub_listener ( #9875 )
2023-05-25 10:04:51 -07:00
ERIK
75e00420ec
Add arch and version to the downloaded binary name ( #10122 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-05-24 22:30:50 -07:00
Mohamed Omar Zaian
8be5604da4
[kubernetes] support 1.27.2 ( #9976 )
2023-05-24 20:00:50 -07:00
Arthur Outhenin-Chalandre
02624554ae
Remove end of life ubuntu versions in CI ( #10107 )
...
* tests: replace ubuntu16 with ubuntu20
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* tests: replace ubuntu18 with ubuntu20
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* docs: update docs to remove support for ubuntu 16 and 18
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* molecule: upgrade ubuntu versions
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* vagrant: upgrade ubuntu versions
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* tests: cleanup ubuntu{16,18}
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* tests: increase ubuntu22 ram to allow molecule creation
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
---------
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-05-24 19:56:50 -07:00
Kay Yan
9d1e9a6a78
kube_ovn_cni_config_priority ( #10125 )
2023-05-24 18:34:51 -07:00
Kay Yan
4013c48acb
cleanup-for-2.22.0 ( #10126 )
2023-05-24 08:56:50 -07:00
Rob Tongue
f264426646
cert-manager controller args: ( #10049 )
...
- Adding in the ability to feed extra-args to cert-manager-controller.
2023-05-24 08:12:53 -07:00
Mathias Petermann
862fd2c5c4
feature(ingress_nginx) Add ingressclass for ingress_nginx ( #10091 )
...
Add option to configure class as the default class
Add option to disable wathcing for ingresses without class
Remove redundant if that always evaluates to true
Fix default value missing for ingress_nginx_default
2023-05-24 04:12:50 -07:00
darkobas2
4014a1cccb
fix multus include ( #10105 )
...
``
"msg": "Failed to template loop_control.label: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'item'. 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'item'", "skip_reason": "Conditional result was False"}
``
fixes case when multus should NOT be included.
2023-05-23 01:12:27 -07:00
Mohamed Omar Zaian
659001c9d7
[nerdctl] upgrade to version 1.4.0 ( #10119 )
2023-05-22 17:44:20 -07:00
James
161bd55ab2
Remove deprecated crio_pids_limits ( #10056 )
...
As per https://github.com/cri-o/cri-o/pull/5831 , option is now
deprecated.
2023-05-22 08:49:03 -07:00
Mohamed Omar Zaian
4b67c7d6a6
[calico] add hashes for v3.24.6 ( #10113 )
2023-05-22 07:50:35 -07:00
Mohamed Omar Zaian
f80a5755c3
[feat] Update pause image version to v3.9 ( #10112 )
2023-05-22 03:42:31 -07:00
Mohamed Omar Zaian
b7a8d7a4d5
[helm] upgrade to 3.12.0 ( #10085 )
2023-05-19 06:16:30 -07:00
Mohamed Omar Zaian
9405eb821b
[feature] Supprt enabling cpu limit in corends deployment ( #10103 )
2023-05-19 03:38:29 -07:00
Mohamed Omar Zaian
708677caf1
[argocd] update argocd to v2.7.2 ( #10086 )
2023-05-19 02:18:29 -07:00
Mohamed Omar Zaian
d5cdae1f16
[kubernetes] Add hashes for 1.26.4-5, 1.25.9-10, 1.24.13-14 ( #9983 )
2023-05-18 20:06:28 -07:00
qlijin
b7a9217d77
Some update for the deploy on fedora coreos: ( #10030 )
...
- Test with new version: 37.20230322.3.0. Both containerd and
cri-o is tested
- bugfix: when we use crio and the var bin_dir is changed,
there will be some error about the new bin dir.
2023-05-18 15:46:33 -07:00
Kay Yan
82633c6f61
Remove the Support of Debian 9 because Debian 9 is EOF ( #10097 )
...
* remove-debian9-support
* Add six module into openstack-cleanup/requirements.txt (#10099 )
To fix tf-elastx_cleanup job which was failed with the following error:
File "/usr/local/lib/python3.11/site-packages/keystoneauth1/identity/generic/password.py", line 16, in <module>
from keystoneauth1.identity import v3
File "/usr/local/lib/python3.11/site-packages/keystoneauth1/identity/v3/__init__.py", line 27, in <module>
from keystoneauth1.identity.v3.oauth2_mtls_client_credential import * # noqa
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/keystoneauth1/identity/v3/oauth2_mtls_client_credential.py", line 17, in <module>
import six
ModuleNotFoundError: No module named 'six'
---------
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2023-05-18 15:42:33 -07:00
Kenichi Omichi
7afbdb3e1e
Drop canal network_plugin ( #10100 )
...
According to the canal github[1] the repo is not maintained over 5 years.
In addition, the README says
```
Originally, we thought we might more deeply integrate the two projects
(possibly even going as far as a rebranding!). However, over time it
became clear that that wasn't really necessary to fulfil our goal of
making them work well together. Ultimately, we decided to focus on
adding features to both projects rather than doing work just to
combine them.
```
So it is difficult to support canal by Kubespray at this situation.
[1]: https://github.com/projectcalico/canal
2023-05-18 03:40:33 -07:00
Cyclinder
a257e61f60
bump cni version to v1.3.0 ( #10058 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-05-17 01:42:33 -07:00
Kulwant Singh
9948863d3a
use dl.k8s.io not gs://kubernetes-release ( #10066 )
2023-05-16 21:02:33 -07:00
Mikhail Gorozhin
3a3addb91e
Ignore errors in check mode performing "Disable swapOnZram for Fedora" ( #10077 )
2023-05-16 16:38:33 -07:00
Samuel Liu
72b8830f62
fix custom cni task name ( #10087 )
2023-05-16 05:03:36 -07:00
Louis Tu
55e581be3b
Clear http scheme on containerd insecure-registry tls config ( #10084 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-05-16 00:47:36 -07:00
蒋 航
9cd7d66332
Fix Calico Installation ( #10068 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-05-15 21:21:36 -07:00
Mohamed Omar Zaian
6ea7abf443
[ingress-nginx] upgrade to 1.7.1 ( #10052 )
2023-05-15 14:23:35 -07:00
Arthur Outhenin-Chalandre
3254080a1c
cri-o: fix crio restart on config change ( #10057 )
...
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-05-14 19:27:28 -07:00
Maxime Leroy
4ffe138dfa
feat(coredns): coredns_rewrite_block to perform internal message rewriting ( #10045 )
...
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
2023-05-12 14:32:46 -07:00
Pat Riehecky
86b81a855a
fix: typo in comment ( #10064 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-12 05:59:01 -07:00
Mohamed Omar Zaian
bde261bd06
[containerd] add hashes for version 1.7.1, 1.6.21 ( #10061 )
2023-05-12 02:42:47 -07:00
Manuelraa
2b75552d1c
Replace swap vars with single `kubelet_fail_swap_on` ( #10036 )
2023-05-11 10:53:04 -07:00
James
07d45e6b62
Kubelet csr approver ( #9877 )
...
* chore(helm-apps): fix README example
README shows a non-working example according to the specs for this role.
* Add support for kubelet-csr-approver
Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* Add tests for kubelet-csr-approver
Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
* Add Documentation for Kubelet CSR Approver
Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
---------
Co-authored-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-05-10 17:49:09 -07:00
John Adams
9a72de54de
Cleanup of external openstack cloud config ( #9899 )
...
* redorder options and remove use-octavia
* lowercase true/false
2023-05-10 03:41:02 -07:00
Navid Nabavi
4313c13656
[feature] Add coredns_additional_configs to handle any extra configurations for coredns deployment ( #10023 ) ( #10025 )
2023-05-09 06:45:58 -07:00
Eugene Marchanka
c880b24a80
[MetalLB] Remove unused resources ( #10004 )
...
* Fix MetalLB deploy
This will fix MetalLB deploy
* Remove `metallb_ip_range` check
* Remove missing `metallb-config.yml`
* fix template name
* make deployment of layer3 conditional
* revert
* revert
2023-05-08 17:20:52 -07:00
Denis
29827711f1
fix: missed double quotes in cri-o config ( #10040 )
2023-05-07 17:27:16 -07:00
ERIK
426b8913c0
Update flannel image repo ( #10041 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-05-07 16:57:17 -07:00
Patrick
970ecbb008
Add runc v1.1.7 checksums ( #10039 )
...
* Add runc v1.1.7 checksums
* Add runc v1.1.6 and v1.1.5 checksums
2023-05-05 18:55:15 -07:00
Louis Tu
eb951f1c2a
update rhsm repo trigger ( #10001 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-05-02 12:00:16 -07:00
Mohamed Omar Zaian
a505a4c71f
[feat] Update metrics server to v0.6.3 ( #10026 )
2023-04-26 04:10:16 -07:00
pli
8727f88e41
metrics_server: add extras nodeselector, affinity, tolerations ( #9972 )
...
* metrics_server: add extras nodeselector, affinity, tolerations
* fix tolerations invalid YAML if undefined
2023-04-26 00:30:16 -07:00
Mohamed Omar Zaian
c2a8d543fb
[flannel] update to v0.21.4 ( #10027 )
2023-04-25 13:08:16 -07:00
蒋航
4ddbd2bd2d
Add Retry for restart kube-controller-manager ( #10013 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-04-25 13:04:16 -07:00
Denis Kasanic
f9f5143c93
[cri-o] Bump versions to 1.26.3, 1.25.3, 1.24.5 ( #9999 )
...
Signed-off-by: Kasanic, Denis <denisx.kasanic@intel.com>
2023-04-24 17:13:02 -07:00
Mohamed Omar Zaian
fccd99c96c
[nerdctl] upgrade to version 1.3.1 ( #10024 )
2023-04-24 11:13:01 -07:00
Mohamed Omar Zaian
dc7cf7ecd8
[helm] upgrade to 3.11.3 ( #10022 )
2023-04-24 08:41:02 -07:00
Mohamed Omar Zaian
4deeaba335
[feature] Update dns-autoscaler ( #9996 )
2023-04-24 02:47:01 -07:00
蒋航
a59e27cb6b
Update kube-vip to v0.5.12 ( #10005 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-04-22 19:01:12 -07:00
Samuel Liu
b3ed25ee35
use string for ipv6 forward conf ( #9992 )
2023-04-19 03:21:12 -07:00
Louis Tu
c7072b48dc
add calico kubeconfig wait timeout ( #9994 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-18 06:58:58 -07:00
Kay Yan
c98e1d1b5b
add-kube-profile-to-scheduler ( #9993 )
2023-04-17 18:54:58 -07:00
pli
e907d55621
fix calico checksums mismatch ( #9990 )
2023-04-16 19:44:43 -07:00
Jeroen Rijken
709ae1d244
Update MetalLB and switch to CRD notation. ( #9120 )
...
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-04-14 01:14:41 -07:00
ERIK
6682a843b4
Support multi-arch using the same image name ( #9978 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-04-13 00:36:36 -07:00
Kei Kori
dc33a1971d
[etcd] fix make-ssl-etcd.sh.j2; move pem files only if any new certs exist ( #9974 )
2023-04-12 21:52:35 -07:00
Mohamed Omar Zaian
ed6f8df784
[feature] Update CoreDNS manifests ( #9977 )
2023-04-12 21:38:35 -07:00
Louis Tu
43216436ab
disable rhsm repo when rhel_enable_repos is false ( #9973 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-12 20:04:35 -07:00
pingrulkin
cdc25523bf
Change nerdctl snapshotter to overlayfs by default ( #9979 )
2023-04-12 14:58:32 -07:00
Louis Tu
2985b129fc
remove invalid character ( #9970 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-11 04:27:19 -07:00
Samuel Liu
0104396c50
use var: kube_apiserver_address ( #9967 )
2023-04-10 15:01:17 -07:00
Eugene Marchanka
eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook ( #9946 )
...
* Fix: vSphere Error: `Apply a CSI secret manifest`
This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true
censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```
* create namespace if does not exist
* lint fix
* try to fix lint errors
* fix `too few spaces before comment`
* change the order of applied manifests
* typo
2023-04-09 22:13:15 -07:00
jeremy-thuon
4a03d13d08
[cilium] fix rbac and upgrade hubble v0.11.0 ( #3 ) ( #9959 )
...
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3 )
* [cilium] fix rbac for LB bgp ipam
* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay
* fix dns domain hubble for tls
---------
Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
* Fix blank line
---------
Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
2023-04-09 22:07:15 -07:00
rtsp
fcb5e77338
[cert-manager] Upgrade to v1.11.1 ( #9964 )
2023-04-09 21:37:15 -07:00
Samuel Liu
ece174da7c
fix resatrt k8s components ( #9962 )
2023-04-09 19:51:15 -07:00
Mohamed Omar Zaian
a94b893e2c
[containerd] add hashes for 1.6.20 ( #9954 )
2023-04-04 16:01:39 -07:00
Dominykas Norkus
5e2cb4d244
Add bind address variable to OCCM ( #9958 )
2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian
dff58023d9
[argocd] update argocd to v2.6.7 ( #9953 )
2023-04-04 12:01:43 -07:00
Mohamed Omar Zaian
766d3696c9
[calico] add v3.25.1 and make it default ( #9950 )
2023-04-03 18:21:51 -07:00
Mohamed Omar Zaian
b88229a662
[ingress-nginx] upgrade to 1.7.0 ( #9952 )
2023-04-03 17:51:51 -07:00
Mohamed Omar Zaian
c00cea7b17
[helm] upgrade to 3.11.2 ( #9951 )
2023-04-03 17:47:51 -07:00
ERIK
0c4f57a093
Support extended settings for the Debian os family ( #9943 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-30 18:53:49 -07:00
Kay Yan
e8f0fb82fe
fix-kube-bench-1.2.20 ( #9939 )
2023-03-29 09:35:49 -07:00
Kay Yan
19856cf692
fix-kube-bench-1.1.19 ( #9937 )
2023-03-28 21:01:24 -07:00
Kay Yan
deb532ce27
fix-kube-bench-4.1.1 ( #9934 )
2023-03-27 21:48:22 -07:00
Anton
1bb4f88af1
cilium: Additional fix the configuration of tls for hubble #9880 ( #9932 )
2023-03-27 08:48:27 -07:00
Mathias Petermann
dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided ( #9922 )
2023-03-27 08:12:28 -07:00
xiuguang.huang
4020a93d7e
delete the probe option of cilium_kube_proxy_replacement ( #9929 )
2023-03-27 08:08:28 -07:00
R. P. Taylor
a676c106d3
change bash for loop for SAN check ( #9060 )
...
fix merge conflict
2023-03-27 06:36:30 -07:00
HirazawaUi
baed5f0b32
Remove deprecated udpIdleTimeout field in KubeProxyConfiguration ( #9925 )
2023-03-27 02:05:55 -07:00
Toru Komatsu
8afd74ce1f
cilium: Fix the configuration of tls for hubble ( #9880 )
...
Signed-off-by: utam0k <k0ma@utam0k.jp>
2023-03-24 01:10:31 -07:00
Maxime Picaud
f6e4a231cb
fix(download): validate mirrors on localhost ( #9669 )
2023-03-23 08:04:32 -07:00
Toru Komatsu
3a5f5692ca
Cilium v1.13.0 ( #9879 )
...
Signed-off-by: utam0k <k0ma@utam0k.jp>
2023-03-23 01:20:23 -07:00
Jiri Fiala
9b37699d0d
Cilium Operator replicas configuration ( #9894 )
...
Signed-off-by: Fiala, JiriX <jirix.fiala@intel.com>
2023-03-22 08:28:38 -07:00
Kay Yan
cc382f2412
haproxy-proxy-ipv6 ( #9674 )
2023-03-22 05:58:36 -07:00
Will Hegedus
97dfdcd8fe
feat: support cilium 1.13.1 ( #9914 )
...
Cilium 1.13.1 changed how the cilium-cni binary gets placed in /opt/cni/bin,
so that it takes place in an init container rather than in the main agent.
2023-03-21 12:56:12 -07:00
prashantchitta
a9f52060c9
Fix ciliums hubble relay configuration ( #9876 )
...
* Fix ciliums hubble relay configuration
* Fixed the tls from code review
* Updated to dna_domain instead of hardcoding
2023-03-21 12:50:12 -07:00
tu1h
8cf5fefe84
Add download retries option ( #9911 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-03-21 09:38:12 -07:00
ERIK
fb8631cdf6
fix allow unsupported distribution ( #9904 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-21 01:35:09 -07:00
Mohamed Omar Zaian
7859aee735
[kubernetes] Add hashes for 1.26.3, 1.25.8, 1.24.12 ( #9900 )
2023-03-21 01:31:08 -07:00
蒋航
83c3ce7f8f
Add Retry for Checking calico exists ( #9883 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-03-20 21:51:06 -07:00
Kay Yan
309aaee427
fix-cilium-error ( #9902 )
2023-03-20 02:41:17 -07:00
Mohamed Omar Zaian
349c8901f8
[containerd] add hashes for 1.7.0 ( #9892 )
2023-03-14 21:48:14 -07:00
Samuel Liu
df9aba6298
fix typo word
2023-03-14 15:49:22 +01:00
biqiang Wu
2ae3ea9ee3
Modified the default value of cilium IPAM and added the support for related parameters ( #9443 )
...
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2023-03-13 17:45:10 -07:00
蒋航
99115ad04b
Fix Get current calico version ( #9873 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-03-10 05:48:40 -08:00
ERIK
7747ff2572
Fix uniontech os installation failure ( #9862 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-09 22:00:39 -08:00
Marijn van der Giesen
eb4bd36f73
fix(kubernetes): Also apply kubeadm patches during upgrade ( #9781 )
2023-03-09 13:50:30 -08:00
panguicai
2d20f0c024
fix cri-o arm64 v1.26.0 wrong archive checksum ( #9872 )
...
Signed-off-by: panguicai008 <guicai.pan@daocloud.io>
2023-03-09 13:32:31 -08:00
Cyclinder
b0793df293
bump calico to v3.25.0 ( #9860 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-03-09 00:02:02 -08:00
Jack
1ca50f3eea
Update check calico version command ( #9861 )
2023-03-08 00:31:12 -08:00
Arthur Outhenin-Chalandre
82f68ca395
calico: cilium: use localhost lb by default on kube-proxy replacement ( #9718 )
...
This commit removes the variable `use_localhost_as_kubeapi_loadbalancer`
and rather detects that we are in a situation where we can use the
localhost apiserver loadbalancer (meaning that we use the localhost load
balancer and that the same ports are used for both the load balancer and
the kube-apiserver).
This also cleanups the calico code to use `kube_apiserver_global_endpoint`
rather than implementing the same logic all over again.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-07 04:28:36 -08:00
panguicai
3a675393dc
upgrade rancher local-path-provisioner to v0.0.23 ( #9855 )
...
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-06 16:54:17 -08:00
Jack
9c41769dab
Update nodes in etc hosts after cluster scale ( #9837 )
2023-03-06 16:18:18 -08:00
Mohamed Zaian
dba29db58d
[helm] upgrade to 3.11.1 ( #9849 )
2023-03-06 15:56:17 -08:00