Commit Graph

1421 Commits (9a8e4381be48e7516b0d27abc3b5c32123b627cc)

Author SHA1 Message Date
Wang Zhen edea63511d
Fix reserved memory unit in kubelet configuration (#6725)
* Fix reserved memory unit in kubelet configuration

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>

* Move systemReserved default values from template

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
2020-09-22 15:20:09 -07:00
orange-llajeanne e489e70031
add new variable allowing additionnal audit webhook server options (#6726) 2020-09-21 06:44:32 -07:00
Florian Ruynat 05c9169c70
Fix example value for etcd_quota_backend_bytes (#6724) 2020-09-21 05:42:31 -07:00
Florian Ruynat b7c4136702
Ignore error in check mode when disabling swap (#6703) 2020-09-18 07:26:46 -07:00
Hans Feldt 6da385de9d
Use "kubeadm join" to join masters to control plane (#6661)
Remove configuration variable kubeadm_control_plane
2020-09-17 04:34:45 -07:00
Hans Feldt 0cc5e3ef03
Remove workaround with kube_proxy_remove (#6512)
* kube-proxy never gets deployed so need to remove it
2020-09-17 04:30:45 -07:00
Florian Ruynat a556f8f2bf
Remove deprecated (and removed in 1.19) flag and function --basic-auth-file (#6655) 2020-09-11 00:30:14 -07:00
spaced 34ff39e654
NetworkManager lists must be separated by , (#6643) 2020-09-10 03:41:44 -07:00
spaced 2de6a5676d
Fedora coreos networkmanager global dns and bootstrapping fix (#6577)
* remove podman cni plugin

* configure networkamanger global dns

* allow installation of python3-libselinux by disabling update repo temporary

* remove ipv4 section because it is not a valid configuration
2020-09-07 02:27:41 -07:00
Hans Feldt 6613895de0
remove kubelet startup warnings for non docker container runtime (#6605)
Removes these startup warnings:

Warning: For remote container runtime, --pod-infra-container-image is ignored in kubelet, which should be set in that remote runtime instead
Using "/var/run/crio/crio.sock" as endpoint is deprecated, please consider using full url format "unix:///var/run/crio/crio.sock".
2020-09-04 04:54:04 -07:00
Hans Feldt 803d52ffce
kubernetes: remove unused variables (#6601) 2020-09-04 04:53:56 -07:00
Florian Ruynat f1566cb8c2
Add protectKernelDefaults option (default true) to kubelet config file (#6611) 2020-09-03 07:41:41 -07:00
Lovro Seder c1ba8e1b3a
Rotate kubelet server certificate. (#6453)
* Rotate kubelet server certificate.

* CI test kubelet server cert rotation

* Approve kubelet serving certificates in tests.
2020-09-03 07:25:41 -07:00
Maxime Guyot 34d88ea6d9
Fix Ansible-lint E303 (#6409) 2020-08-31 03:30:20 -07:00
Barry Melbourne 058438a25d
Remove support for CoreOS Container Linux (#6576) 2020-08-28 02:28:53 -07:00
Sulochan Acharya 36924b63dc
Allow webhook authorization (#6502) 2020-08-24 06:29:41 -07:00
jeanfabrice 411510cbe6
Use proper openssl command to differentiate between host and ip in API certificate check (#6392)
* Use proper openssl command to differentiate between host and ip in current certificate check

* fixup! Use proper openssl command to differentiate between host and ip in current certificate check
2020-08-21 02:03:39 -07:00
Florian Ruynat 6e2b8a5750
Add timeout to Get current version of calico cluster version, again (#6493) 2020-08-21 00:13:51 -07:00
Florian Ruynat 142b9e1eff
Update k8s hashes and set default version to 1.18.8 (#6532) 2020-08-21 00:09:39 -07:00
Michal Petko 91ae87fa60
Fix setting node label if kube_override_hostname is defined (#6557) 2020-08-20 06:23:30 -07:00
Samuel Liu a42d811420
fix scale playbook (#6482) 2020-08-20 04:33:23 -07:00
holmesb d8a749fd27
Update apiserver-audit-policy.yaml.j2 (#6526) 2020-08-18 00:49:37 -07:00
Florian Ruynat 78ceef6b15
Remove unused variable (#6522) 2020-08-18 00:45:29 -07:00
Arthur Outhenin-Chalandre 33ec13293b
Fix cilium_deploy_additionally with kubeadm etcd (#6514)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-08-18 00:35:36 -07:00
Erwan Miran ef3e98807e
tlsminversion and tlsciphersuites kubelet (#6490) 2020-08-13 02:48:13 -07:00
Maxime Guyot fc23f37af7
Fix E306 in roles/kubernetes (#6500) 2020-08-05 07:56:28 -07:00
Sulochan Acharya bfe143808f
Allows tls verify skip on webhook auth url (#6472) 2020-08-05 05:02:29 -07:00
Florent Monbillard 39b907cdfb
Remove workaround for kubeadm upgrade (#6478)
https://github.com/kubernetes/kubeadm/issues/1498 was closed
2020-08-03 01:17:40 -07:00
Konstantin Lebedev 2364a84579
fix src for audit webhook config yaml (#6470) 2020-08-01 00:33:56 -07:00
fulii ce22c0e6a4
Add option to configure IPVS timeouts in kube-proxy configration manifest. (#6396) 2020-08-01 00:33:40 -07:00
Kuralamudhan Ramakrishnan 90e5f8ffe1
adding ovn4nfv in kubespray (#6381)
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
2020-07-31 07:33:08 -07:00
Florian Ruynat a78e861a89
Fix test if openstack_cacert is a base64 string (#6421) 2020-07-30 13:15:17 -07:00
Maxime Guyot 214e08f8c9
Fix ansible-lint E305 (#6459) 2020-07-28 01:39:08 -07:00
Maxime Guyot e70f27dd79
Add noqa and disable .ansible-lint global exclusions (#6410) 2020-07-27 06:24:17 -07:00
Florian Ruynat b680cdd0e4
Move healthz check to secure ports (#6446) 2020-07-27 00:26:17 -07:00
Igor Vuk ea67bb6e41
Fix typo: Modprode -> Modprobe (#6429) 2020-07-21 23:58:25 -07:00
Konstantin Lebedev a7ec0ed587
add audit webhook support (#6317)
* add audit webhook support

* use generic name auditsink
2020-07-20 01:32:54 -07:00
Arthur Outhenin-Chalandre 1a1fe99669
Add a way to deploy cilium alongside another CNI (#6373)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-17 05:57:01 -07:00
Florian Ruynat 5e22574402
Remove allow-release-candidate-upgrades already include in experimental-upgrades flag (#6349) 2020-07-15 00:26:37 -07:00
Arthur Outhenin-Chalandre abfa1636e4
Fix kube-proxy post deployment removal (#5554)
* Fix kube-proxy removal

* Fix unwanted skipped task for kube-proxy
* Fix kube_proxy_remove default

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add test for kube-router svc proxy

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-13 07:12:33 -07:00
Arthur Outhenin-Chalandre 05b9f14b76
Update cilium minimum kernel preinstall check (#6376)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-13 04:44:32 -07:00
Hans Feldt 22996babcf
allow kubeadm to upgrade etcd (#6345)
Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-07-07 12:36:00 -07:00
Maxime Guyot 57eefdd458
Fix azure-cloud-config.j2 JSON syntax (#6364) 2020-07-02 23:38:47 -07:00
Florian Ruynat 2a82dff3ae
Remove runtime-config from kubeadm if empty (#6311) 2020-06-30 11:22:05 -07:00
Hans Feldt ae003af262
Fix kubelet cgroup driver detection for crio (#6331)
* Fix kubelet cgroup driver detection for crio

Remove fact standalone_kubelet since it is not used

* Fix yamllint complaints of roles/kubernetes/node/tasks/facts.yml

Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-06-30 02:32:05 -07:00
Joel Seguillon 4c1e0b188d
Add .editorconfig file (#6307) 2020-06-29 12:39:59 -07:00
bozzo 09b23f96d7
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 00:26:17 -07:00
Erwan Miran d3ca9d1db9
kube_encryption_resources must be output as yaml (#6309) 2020-06-25 23:59:31 -07:00
Mike Dziedziela 8ca2a9a7d5
added azure_cloud parameter to Azure's cloud_config (#6321) 2020-06-25 14:35:30 -07:00
bozzo 276c450759
Use `connection: local` when `delegate_to: localhost` (#6322)
This will avoid SSH connection on the local host
2020-06-25 08:14:38 -07:00