John Adams
9a72de54de
Cleanup of external openstack cloud config ( #9899 )
...
* redorder options and remove use-octavia
* lowercase true/false
2023-05-10 03:41:02 -07:00
Mohamed Omar Zaian
7859aee735
[kubernetes] Add hashes for 1.26.3, 1.25.8, 1.24.12 ( #9900 )
2023-03-21 01:31:08 -07:00
Arthur Outhenin-Chalandre
82f68ca395
calico: cilium: use localhost lb by default on kube-proxy replacement ( #9718 )
...
This commit removes the variable `use_localhost_as_kubeapi_loadbalancer`
and rather detects that we are in a situation where we can use the
localhost apiserver loadbalancer (meaning that we use the localhost load
balancer and that the same ports are used for both the load balancer and
the kube-apiserver).
This also cleanups the calico code to use `kube_apiserver_global_endpoint`
rather than implementing the same logic all over again.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-07 04:28:36 -08:00
Mohamed Zaian
8b3f3c04cc
[kubernetes] Add hashes for 1.26.2, 1.25.7, 1.24.11 ( #9829 )
2023-03-01 15:31:17 -08:00
rongfu.leng
0707c8ea6f
fix: with_item to with_dict ( #9729 )
...
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
2023-01-31 03:18:50 -08:00
Kay Yan
f9cc8ae10c
[kubernetes] Make kubernetes v1.26 default ( #9732 )
...
* make-kube-1.26-default
* fix-bugs
2023-01-31 00:24:48 -08:00
Florian Ruynat
34d0451585
Update KUBESPRAY_VERSION and kube_version_min_required (with hashes cleanup) ( #9691 )
2023-01-20 14:11:54 -08:00
yanggang
826282fe89
Add k8s hashes for k8s version. ( #9685 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-19 05:30:35 -08:00
Arthur Outhenin-Chalandre
4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default ( #9662 )
...
In 6db6c8678c
, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
R. P. Taylor
0ff883afeb
streamline ansible_default_ipv4 gathering loop ( #9281 )
2023-01-05 11:59:58 -08:00
tu1h
791064a3d9
Allow custom timeout for kubeadm init ( #9617 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2022-12-27 00:53:28 -08:00
yanggang
f8d6b54dbb
Add hashes for 1.25.5, 1.24.9, 1.23.15 and make v1.25.5 default ( #9557 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-12-11 16:45:33 -08:00
yanggang
9439487219
Add hashes for 1.25.4, 1.24.8, 1.23.14 and make v1.25.4 default ( #9479 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-11-10 20:00:09 -08:00
Kay Yan
ccbe38f78c
make-kube-1.25-default ( #9364 )
2022-10-20 00:56:57 -07:00
Maxime Leroy
d9c39c274e
fix(defaults): wrong cri_socket path for containerd ( #9401 )
2022-10-18 00:15:18 -07:00
Mohamed Zaian
5ad1d9db5e
[kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default ( #9397 )
2022-10-17 05:59:07 -07:00
Unai Arríen
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
Kay Yan
999586a110
sysctl_additional ( #9351 )
2022-10-02 23:06:14 -07:00
Florian Ruynat
841e2f44c0
Remove references to 1.22 ( #9342 )
2022-09-28 14:10:29 -07:00
Federico Cucinella
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
Mohamed Zaian
76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default ( #9308 )
2022-09-22 04:13:03 -07:00
Mohamed Zaian
680293e79c
[kubernetes] Add hashes for 1.24.5, 1.22.14, 1.23.11 and make v1.24.5 default ( #9286 )
2022-09-19 02:10:31 -07:00
Cristian Calin
6db6c8678c
disable kubelet_authorization_mode_webhook by default ( #9238 )
2022-08-31 04:53:00 -07:00
Mohamed Zaian
ab938602a9
[kubernetes] Add hashes for 1.24.4, 1.22.13, 1.23.10 and make v1.24.4 default ( #9191 )
2022-08-21 23:11:44 -07:00
Mohamed Zaian
91073d7379
[kubernetes] make v1.24.3 default ( #9101 )
2022-07-19 02:58:06 -07:00
Mohamed Zaian
e4fe679916
[kubernetes] make v1.24.2 default
2022-06-17 11:08:33 -07:00
Alessio Greggi
97b4d79ed5
feat: make kubernetes owner parametrized ( #8952 )
...
* feat: make kubernetes owner parametrized
* docs: update hardening guide with configuration for CIS 1.1.19
* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
Florian Ruynat
9e7f89d2a2
Remove forgotten 1.21 references
2022-06-16 08:55:38 +02:00
Calin Cristian Andrei
24c8ba832a
[kubernetes] drop support for configuring insecure apiserver
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
2cd8c51a07
[kubeadm] use v1beta3 configuration version
...
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
fad296616c
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
2de5c4821c
[calico] clean up workarounds for older versions
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
ae1dcb031f
[kubernetes] drop pre 1.22.0 workarounds
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
9535a41187
[kubernetes] make 1.22.0 the minimum version
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
d69d4a8303
[kubernetes] make 1.24.1 the new default
2022-06-15 00:57:20 -07:00
Mohamed Zaian
78aacee21b
[kubernetes] add hashes for 1.24.1 and other versions. ( #8876 )
...
* [kubernetes] add hashes for 1.24.1 and other versions.
versions: v1.21.13, v1.22.10, v1.23.7 & v1.24.1
* [kubernetes] make v1.23.7 default1
2022-05-27 12:00:42 -07:00
Samuel Liu
f26f544ff6
[kube-ovn]: update kube-ovn version and sync some feature ( #8790 )
...
* [kube-ovn]: some feature
kube-ovn vlan mode
ipv6/ipv4 dual stack
...
* remove unused env
* fix readinessprobe
2022-05-11 21:35:15 -07:00
Cristian Calin
56cf163a23
[kubernetes] actually make 1.23.6 the default ( #8767 )
2022-05-02 00:43:14 -07:00
Julien Le Fur
30306d6ec7
Enable external CA mode for control-plane deployment ( #8620 )
2022-04-12 05:47:23 -07:00
Robin Wallace
d7254eead6
UpCloud integration ( #8653 )
...
* [upcloud] add upcloud csi-driver
* Option to use ansible_host as api ip for kubueconfig
2022-04-11 15:13:23 -07:00
Samuel Liu
424ef3b3f9
[calico] add calico apiserver ( #8690 )
...
* [calico] add calico apiserver
* fix yamllint
* remove addext argument
* Configure API server with the CA bundle
* add check kdd
2022-04-08 00:02:42 -07:00
Mathieu Parent
996ef98b87
Add support for kube-vip ( #8669 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2022-04-07 10:37:57 -07:00
Alessio Greggi
bba91a7524
split kube_feature_gates variable for different kubernetes components ( #8677 )
...
* feat: split kube_feature_gates variable for different kubernetes components
* docs: add kube_feaute_gates componet variables
2022-04-05 05:39:37 -07:00
Calin Cristian Andrei
538f9df5cc
[kubernetes] make 1.23.5 the default
2022-03-17 05:03:20 -07:00
Cristian Calin
394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim ( #8623 )
2022-03-16 16:28:11 -07:00
Tom Janson
2e925f82ef
Revert "Fix: typos in docs and comments ( #7805 )" ( #8592 )
...
This reverts commit 417180246c
.
2022-03-02 11:57:13 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat
d4f654275b
Set default kubernetes version to 1.23.4
2022-02-21 03:54:11 -08:00
Michael Schmitz
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations ( #8395 )
...
* Use sysctl_file_path variable for all sysctl_file locations
* Add sysctl_file_path variable to kubespay-defaults
* Remove previously used sysctl file locations if present
* Use explicit filename in roles/kubernetes/node/defaults/main.yml
* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Samuel Liu
e6e7fbc25f
fix reset containerd_storage_dir undefined ( #8478 )
...
* fix reset containerd_storage_dir
* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00