Commit Graph

421 Commits (951face343deea8c8d8b88268def711440c6f1c2)

Author SHA1 Message Date
John Adams 9a72de54de
Cleanup of external openstack cloud config (#9899)
* redorder options and remove use-octavia

* lowercase true/false
2023-05-10 03:41:02 -07:00
Mohamed Omar Zaian 7859aee735
[kubernetes] Add hashes for 1.26.3, 1.25.8, 1.24.12 (#9900) 2023-03-21 01:31:08 -07:00
Arthur Outhenin-Chalandre 82f68ca395
calico: cilium: use localhost lb by default on kube-proxy replacement (#9718)
This commit removes the variable `use_localhost_as_kubeapi_loadbalancer`
and rather detects that we are in a situation where we can use the
localhost apiserver loadbalancer (meaning that we use the localhost load
balancer and that the same ports are used for both the load balancer and
the kube-apiserver).

This also cleanups the calico code to use `kube_apiserver_global_endpoint`
rather than implementing the same logic all over again.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-07 04:28:36 -08:00
Mohamed Zaian 8b3f3c04cc
[kubernetes] Add hashes for 1.26.2, 1.25.7, 1.24.11 (#9829) 2023-03-01 15:31:17 -08:00
rongfu.leng 0707c8ea6f
fix: with_item to with_dict (#9729)
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
2023-01-31 03:18:50 -08:00
Kay Yan f9cc8ae10c
[kubernetes] Make kubernetes v1.26 default (#9732)
* make-kube-1.26-default

* fix-bugs
2023-01-31 00:24:48 -08:00
Florian Ruynat 34d0451585
Update KUBESPRAY_VERSION and kube_version_min_required (with hashes cleanup) (#9691) 2023-01-20 14:11:54 -08:00
yanggang 826282fe89
Add k8s hashes for k8s version. (#9685)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-19 05:30:35 -08:00
Arthur Outhenin-Chalandre 4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default (#9662)
In 6db6c8678c, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
R. P. Taylor 0ff883afeb
streamline ansible_default_ipv4 gathering loop (#9281) 2023-01-05 11:59:58 -08:00
tu1h 791064a3d9
Allow custom timeout for kubeadm init (#9617)
Signed-off-by: tu1h <lihai.tu@daocloud.io>

Signed-off-by: tu1h <lihai.tu@daocloud.io>
2022-12-27 00:53:28 -08:00
yanggang f8d6b54dbb
Add hashes for 1.25.5, 1.24.9, 1.23.15 and make v1.25.5 default (#9557)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-12-11 16:45:33 -08:00
yanggang 9439487219
Add hashes for 1.25.4, 1.24.8, 1.23.14 and make v1.25.4 default (#9479)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-11-10 20:00:09 -08:00
Kay Yan ccbe38f78c
make-kube-1.25-default (#9364) 2022-10-20 00:56:57 -07:00
Maxime Leroy d9c39c274e
fix(defaults): wrong cri_socket path for containerd (#9401) 2022-10-18 00:15:18 -07:00
Mohamed Zaian 5ad1d9db5e
[kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default (#9397) 2022-10-17 05:59:07 -07:00
Unai Arríen 52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled (#9248)
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
Kay Yan 999586a110
sysctl_additional (#9351) 2022-10-02 23:06:14 -07:00
Florian Ruynat 841e2f44c0
Remove references to 1.22 (#9342) 2022-09-28 14:10:29 -07:00
Federico Cucinella e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 (#9332) 2022-09-26 17:35:46 -07:00
Mohamed Zaian 76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default (#9308) 2022-09-22 04:13:03 -07:00
Mohamed Zaian 680293e79c
[kubernetes] Add hashes for 1.24.5, 1.22.14, 1.23.11 and make v1.24.5 default (#9286) 2022-09-19 02:10:31 -07:00
Cristian Calin 6db6c8678c
disable kubelet_authorization_mode_webhook by default (#9238) 2022-08-31 04:53:00 -07:00
Mohamed Zaian ab938602a9
[kubernetes] Add hashes for 1.24.4, 1.22.13, 1.23.10 and make v1.24.4 default (#9191) 2022-08-21 23:11:44 -07:00
Mohamed Zaian 91073d7379
[kubernetes] make v1.24.3 default (#9101) 2022-07-19 02:58:06 -07:00
Mohamed Zaian e4fe679916 [kubernetes] make v1.24.2 default 2022-06-17 11:08:33 -07:00
Alessio Greggi 97b4d79ed5
feat: make kubernetes owner parametrized (#8952)
* feat: make kubernetes owner parametrized

* docs: update hardening guide with configuration for CIS 1.1.19

* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
Florian Ruynat 9e7f89d2a2 Remove forgotten 1.21 references 2022-06-16 08:55:38 +02:00
Calin Cristian Andrei 24c8ba832a [kubernetes] drop support for configuring insecure apiserver 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei 2cd8c51a07 [kubeadm] use v1beta3 configuration version
* extra admission controls now don't have a version in their file names
  eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
  upstream
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei fad296616c [docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei 2de5c4821c [calico] clean up workarounds for older versions 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei ae1dcb031f [kubernetes] drop pre 1.22.0 workarounds 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei 9535a41187 [kubernetes] make 1.22.0 the minimum version 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei d69d4a8303 [kubernetes] make 1.24.1 the new default 2022-06-15 00:57:20 -07:00
Mohamed Zaian 78aacee21b
[kubernetes] add hashes for 1.24.1 and other versions. (#8876)
* [kubernetes] add hashes for 1.24.1 and other versions.
versions: v1.21.13, v1.22.10, v1.23.7 & v1.24.1

* [kubernetes] make v1.23.7 default1
2022-05-27 12:00:42 -07:00
Samuel Liu f26f544ff6
[kube-ovn]: update kube-ovn version and sync some feature (#8790)
* [kube-ovn]: some feature

kube-ovn vlan mode
ipv6/ipv4 dual stack
...

* remove unused env

* fix readinessprobe
2022-05-11 21:35:15 -07:00
Cristian Calin 56cf163a23
[kubernetes] actually make 1.23.6 the default (#8767) 2022-05-02 00:43:14 -07:00
Julien Le Fur 30306d6ec7
Enable external CA mode for control-plane deployment (#8620) 2022-04-12 05:47:23 -07:00
Robin Wallace d7254eead6
UpCloud integration (#8653)
* [upcloud] add upcloud csi-driver

* Option to use ansible_host as api ip for kubueconfig
2022-04-11 15:13:23 -07:00
Samuel Liu 424ef3b3f9
[calico] add calico apiserver (#8690)
* [calico] add calico apiserver

* fix yamllint

* remove addext argument

* Configure API server with the CA bundle

* add check kdd
2022-04-08 00:02:42 -07:00
Mathieu Parent 996ef98b87
Add support for kube-vip (#8669)
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2022-04-07 10:37:57 -07:00
Alessio Greggi bba91a7524
split kube_feature_gates variable for different kubernetes components (#8677)
* feat: split kube_feature_gates variable for different kubernetes components

* docs: add kube_feaute_gates componet variables
2022-04-05 05:39:37 -07:00
Calin Cristian Andrei 538f9df5cc [kubernetes] make 1.23.5 the default 2022-03-17 05:03:20 -07:00
Cristian Calin 394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim (#8623) 2022-03-16 16:28:11 -07:00
Tom Janson 2e925f82ef
Revert "Fix: typos in docs and comments (#7805)" (#8592)
This reverts commit 417180246c.
2022-03-02 11:57:13 -08:00
Necatican Yıldırım e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable (#8317)
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Add etcd kubeadm deployment documentation

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable

Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat d4f654275b Set default kubernetes version to 1.23.4 2022-02-21 03:54:11 -08:00
Michael Schmitz eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations (#8395)
* Use sysctl_file_path variable for all sysctl_file locations

* Add sysctl_file_path variable to kubespay-defaults

* Remove previously used sysctl file locations if present

* Use explicit filename in roles/kubernetes/node/defaults/main.yml

* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Samuel Liu e6e7fbc25f
fix reset containerd_storage_dir undefined (#8478)
* fix reset containerd_storage_dir

* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00