Commit Graph

4776 Commits (951face343deea8c8d8b88268def711440c6f1c2)

Author SHA1 Message Date
James 07d45e6b62
Kubelet csr approver (#9877)
* chore(helm-apps): fix README example

README shows a non-working example according to the specs for this role.

* Add support for kubelet-csr-approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* Add tests for kubelet-csr-approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* Add Documentation for Kubelet CSR Approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Co-authored-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-05-10 17:49:09 -07:00
John Adams 9a72de54de
Cleanup of external openstack cloud config (#9899)
* redorder options and remove use-octavia

* lowercase true/false
2023-05-10 03:41:02 -07:00
Navid Nabavi 4313c13656
[feature] Add coredns_additional_configs to handle any extra configurations for coredns deployment (#10023) (#10025) 2023-05-09 06:45:58 -07:00
Eugene Marchanka c880b24a80
[MetalLB] Remove unused resources (#10004)
* Fix MetalLB deploy

This will fix MetalLB deploy

* Remove `metallb_ip_range` check

* Remove missing `metallb-config.yml`

* fix template name

* make deployment of layer3 conditional

* revert

* revert
2023-05-08 17:20:52 -07:00
Denis 29827711f1
fix: missed double quotes in cri-o config (#10040) 2023-05-07 17:27:16 -07:00
ERIK 426b8913c0
Update flannel image repo (#10041)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-05-07 16:57:17 -07:00
Patrick 970ecbb008
Add runc v1.1.7 checksums (#10039)
* Add runc v1.1.7 checksums

* Add runc v1.1.6 and v1.1.5 checksums
2023-05-05 18:55:15 -07:00
Louis Tu eb951f1c2a
update rhsm repo trigger (#10001)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-05-02 12:00:16 -07:00
Mohamed Omar Zaian a505a4c71f
[feat] Update metrics server to v0.6.3 (#10026) 2023-04-26 04:10:16 -07:00
pli 8727f88e41
metrics_server: add extras nodeselector, affinity, tolerations (#9972)
* metrics_server: add extras nodeselector, affinity, tolerations

* fix tolerations invalid YAML if undefined
2023-04-26 00:30:16 -07:00
Mohamed Omar Zaian c2a8d543fb
[flannel] update to v0.21.4 (#10027) 2023-04-25 13:08:16 -07:00
蒋航 4ddbd2bd2d
Add Retry for restart kube-controller-manager (#10013)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-04-25 13:04:16 -07:00
Denis Kasanic f9f5143c93
[cri-o] Bump versions to 1.26.3, 1.25.3, 1.24.5 (#9999)
Signed-off-by: Kasanic, Denis <denisx.kasanic@intel.com>
2023-04-24 17:13:02 -07:00
Mohamed Omar Zaian fccd99c96c
[nerdctl] upgrade to version 1.3.1 (#10024) 2023-04-24 11:13:01 -07:00
Mohamed Omar Zaian dc7cf7ecd8
[helm] upgrade to 3.11.3 (#10022) 2023-04-24 08:41:02 -07:00
Mohamed Omar Zaian 4deeaba335
[feature] Update dns-autoscaler (#9996) 2023-04-24 02:47:01 -07:00
蒋航 a59e27cb6b
Update kube-vip to v0.5.12 (#10005)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-04-22 19:01:12 -07:00
Samuel Liu b3ed25ee35
use string for ipv6 forward conf (#9992) 2023-04-19 03:21:12 -07:00
Louis Tu c7072b48dc
add calico kubeconfig wait timeout (#9994)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-18 06:58:58 -07:00
Kay Yan c98e1d1b5b
add-kube-profile-to-scheduler (#9993) 2023-04-17 18:54:58 -07:00
pli e907d55621
fix calico checksums mismatch (#9990) 2023-04-16 19:44:43 -07:00
Jeroen Rijken 709ae1d244
Update MetalLB and switch to CRD notation. (#9120)
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-04-14 01:14:41 -07:00
ERIK 6682a843b4
Support multi-arch using the same image name (#9978)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-04-13 00:36:36 -07:00
Kei Kori dc33a1971d
[etcd] fix make-ssl-etcd.sh.j2; move pem files only if any new certs exist (#9974) 2023-04-12 21:52:35 -07:00
Mohamed Omar Zaian ed6f8df784
[feature] Update CoreDNS manifests (#9977) 2023-04-12 21:38:35 -07:00
Louis Tu 43216436ab
disable rhsm repo when rhel_enable_repos is false (#9973)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-12 20:04:35 -07:00
pingrulkin cdc25523bf
Change nerdctl snapshotter to overlayfs by default (#9979) 2023-04-12 14:58:32 -07:00
Louis Tu 2985b129fc
remove invalid character (#9970)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-04-11 04:27:19 -07:00
Samuel Liu 0104396c50
use var: kube_apiserver_address (#9967) 2023-04-10 15:01:17 -07:00
Eugene Marchanka eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook (#9946)
* Fix: vSphere Error: `Apply a CSI secret manifest`

This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true                                                                                                                                                 
  censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```

* create namespace if does not exist

* lint fix

* try to fix lint errors

* fix `too few spaces before comment`

* change the order of applied manifests

* typo
2023-04-09 22:13:15 -07:00
jeremy-thuon 4a03d13d08
[cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959)
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
2023-04-09 22:07:15 -07:00
rtsp fcb5e77338
[cert-manager] Upgrade to v1.11.1 (#9964) 2023-04-09 21:37:15 -07:00
Samuel Liu ece174da7c
fix resatrt k8s components (#9962) 2023-04-09 19:51:15 -07:00
Mohamed Omar Zaian a94b893e2c
[containerd] add hashes for 1.6.20 (#9954) 2023-04-04 16:01:39 -07:00
Dominykas Norkus 5e2cb4d244
Add bind address variable to OCCM (#9958) 2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian dff58023d9
[argocd] update argocd to v2.6.7 (#9953) 2023-04-04 12:01:43 -07:00
Mohamed Omar Zaian 766d3696c9
[calico] add v3.25.1 and make it default (#9950) 2023-04-03 18:21:51 -07:00
Mohamed Omar Zaian b88229a662
[ingress-nginx] upgrade to 1.7.0 (#9952) 2023-04-03 17:51:51 -07:00
Mohamed Omar Zaian c00cea7b17
[helm] upgrade to 3.11.2 (#9951) 2023-04-03 17:47:51 -07:00
ERIK 0c4f57a093
Support extended settings for the Debian os family (#9943)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-30 18:53:49 -07:00
Kay Yan e8f0fb82fe
fix-kube-bench-1.2.20 (#9939) 2023-03-29 09:35:49 -07:00
Kay Yan 19856cf692
fix-kube-bench-1.1.19 (#9937) 2023-03-28 21:01:24 -07:00
Kay Yan deb532ce27
fix-kube-bench-4.1.1 (#9934) 2023-03-27 21:48:22 -07:00
Anton 1bb4f88af1
cilium: Additional fix the configuration of tls for hubble #9880 (#9932) 2023-03-27 08:48:27 -07:00
Mathias Petermann dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided (#9922) 2023-03-27 08:12:28 -07:00
xiuguang.huang 4020a93d7e
delete the probe option of cilium_kube_proxy_replacement (#9929) 2023-03-27 08:08:28 -07:00
R. P. Taylor a676c106d3
change bash for loop for SAN check (#9060)
fix merge conflict
2023-03-27 06:36:30 -07:00
HirazawaUi baed5f0b32
Remove deprecated udpIdleTimeout field in KubeProxyConfiguration (#9925) 2023-03-27 02:05:55 -07:00
Toru Komatsu 8afd74ce1f
cilium: Fix the configuration of tls for hubble (#9880)
Signed-off-by: utam0k <k0ma@utam0k.jp>
2023-03-24 01:10:31 -07:00
Maxime Picaud f6e4a231cb
fix(download): validate mirrors on localhost (#9669) 2023-03-23 08:04:32 -07:00