kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,173 Commits
29 Branches
80 Tags
163 MiB
Commit Graph

7173 Commits (a2f03c559aa04280373112e663d4fd9ce71dc39c)
 

Author SHA1 Message Date
Bas 2c93c997cf
pre-commit autocorrected files (#9750) 2023-02-06 01:35:16 -08:00
Haitian Chen 10337f2fcb
skip ensuring ntp packages in coreos (#9742) 
Check OS when ensuring NTP package and tzdata package.
 2023-02-06 01:35:04 -08:00
manzsolutions-lpr 6c41191646
Add support for PodSecurityStandards (#9713) 2023-02-06 01:27:01 -08:00
Chauncey 7730cfd619
fix: add ipamconfigs resource for calico (#9755) 
Signed-off-by: chaunceyjiang <chaunceyjiang@gmail.com>
 2023-02-05 15:50:30 -08:00
Kevin Huang 1853085ffe
feat(cinder-csi): Allow deletionPolicy to be configurable (#9736) 2023-02-02 15:46:28 -08:00
stelucz 9247137e60
Replace label `k8s-app: nodelocaldns` in DaemonSet template by `k8s-app: node-local-dns` (#9745) 2023-02-02 15:42:28 -08:00
杨刚 (成都) e8f048c71d
[argocd] update argocd to v2.5.10 (#9753) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-02-02 15:38:29 -08:00
Fish-pro 6cb027dfab
Optimize the document for readability (#9730) 
Signed-off-by: Fish-pro <zechun.chen@daocloud.io>
 2023-02-01 00:01:06 -08:00
David Moreau Simard edde594bbe
tests: Update ara 1.5.7 to 1.6.1 (#9737) 
1.5.7 was released Aug 2, 2021 and 1.6.1 came out on Dec 13, 2022.

There's been a good amount of new features, improvements and fixes since
1.5.7 and the changelogs for each version are available in the docs:
https://ara.readthedocs.io/en/latest/changelog-release-notes.html
 2023-01-31 19:29:06 -08:00
rongfu.leng 0707c8ea6f
fix: with_item to with_dict (#9729) 
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
 2023-01-31 03:18:50 -08:00
Fish-pro c0c2cd6e03
Adjust the table style to make it easier to read (#9731) 
Signed-off-by: Fish-pro <zechun.chen@daocloud.io>
 2023-01-31 00:56:48 -08:00
James 36c6de9abd
Fix cilium's hubble ui configuration (#9735) 
This fixes the CrashLoopBackoff error that appears because envoy
configuration has changed a lot and upstream removed the envoy proxy to
use nginx only instead. Those changes are based on upstream cilium helm.
 2023-01-31 00:28:48 -08:00
蒋航 c5debf013c
Update kubevip to v0.5.8 (#9734) 
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
 2023-01-31 00:24:55 -08:00
Kay Yan f9cc8ae10c
[kubernetes] Make kubernetes v1.26 default (#9732) 
* make-kube-1.26-default

* fix-bugs
 2023-01-31 00:24:48 -08:00
杨刚 (成都) 94dd02121b
Update containerd version : containerd1.6.16. (#9727) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-31 00:16:48 -08:00
杨刚 (成都) c360501854
fix typo in doc. (#9728) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-30 16:58:49 -08:00
杨刚 (成都) 8523f525aa
fix docs for cert_manager.md (#9724) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-28 19:14:40 -08:00
杨刚 (成都) b9a34b83d4
[argocd] update argocd to v2.5.9 (#9723) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-28 19:14:33 -08:00
杨刚 (成都) 2a24c2e359
fix moved url in multus.md (#9722) 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-28 19:10:33 -08:00
杨刚 8d6cfd6e53
[argocd] update argocd to v2.5.8 (#9708) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-27 00:14:25 -08:00
Florian Ruynat 1f36df666d
Update fedora35 vagrant box url (#9699) 
* Update fedora35 vagrant box url

* Update Terraform to 1.3.7

* Update Vagrant to 2.3.4
 2023-01-26 21:28:25 -08:00
Cristian Calin 64dbf2e429
update equinox terraform code to fix kubespray CI (#9702) 
* add terraform lock files to ignore list

* move contrib/terraform/metal to contrib/terraform/equinix to reflect upstream change
 2023-01-26 21:24:25 -08:00
Florian Ruynat 6881398941
Add ruamel.yaml to docker image (#9707) 2023-01-26 18:26:25 -08:00
Cristian Calin 57638124c5
document the CI environment (#9714) 2023-01-26 05:02:26 -08:00
ERIK ee2193d4cf
Add dns configuration for cert manager (#9673) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-01-23 17:42:15 -08:00
Florian Ruynat eb56130433
Add jmespath back to Dockerfile image (#9697) 2023-01-23 16:24:17 -08:00
Tristan 5fbbcedebc
9693: Fix comma-separated-list splitting of kubelet_enforce_node_allocatable (#9694) 
See https://github.com/kubernetes-sigs/kubespray/issues/9693
 2023-01-23 16:20:17 -08:00
Florian Ruynat 18f2abad2f
Cleanup v1.23.x missing references/conditions/hashes (#9698) 2023-01-23 16:16:16 -08:00
Mohamed Zaian 391dd97f95
[kubernetes] support 1.26.x (#9570) 2023-01-23 00:10:11 -08:00
Tom Janson 44243eada9
reword confusing etcd download url comment (#9686) 
It is quite confusing that there's an all-caps, bolded comment that seems to imply that `etcd_download_url` is relevant only when not using host-based deployment. The opposite is true: of course the artifact download URL is relevant and required for host-based etcd.

Perhaps the entire comment can be read in a different way, and should perhaps be reworded entirely, cf. 374438a3d6/docs/offline-environment.md?plain=1#L38

Removing the "**DON'T**" matches the way the other comments in this file are written and matches my personal interpretation.
 2023-01-22 01:14:03 -08:00
Florian Ruynat 34d0451585
Update KUBESPRAY_VERSION and kube_version_min_required (with hashes cleanup) (#9691) 2023-01-20 14:11:54 -08:00
Arthur Outhenin-Chalandre c4346e590f
kubeadm/etcd: use config to download certificate (#9609) 
This commit uses a kubeadm join config to pull down cert for etcd in
workers nodes (which is needed in some circumstances, for instance with
calico or cilium).

The previous way didn't allow us to pass certain parameters which was
typically given in the config in other kubeadm invokations in Kubespray.
This made kubeadm produced some errors for some edge cases.

For example, in our deployment we don't have a default route and even
though it's only to download the certificates, kubeadm produce an error
`unable to select an IP from default routes` (these command are kubeadm
controlplane command, so kubeadm does some additional checks). This is
fixed by specifying `advertiseAddress` within the kubeadm config.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-01-20 00:26:16 -08:00
Florian Ruynat bd81c615c3
Add k8s 1.24.10 hashes (#9688) 2023-01-19 14:46:15 -08:00
Mohamed Zaian 3d9fd082ff
[containerd] add hashes for 1.5.x (#9678) 2023-01-19 07:36:38 -08:00
yanggang 826282fe89
Add k8s hashes for k8s version. (#9685) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-19 05:30:35 -08:00
yanggang 73774326b3
supplement the omit cni-version in readme.md (#9684) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-19 05:00:35 -08:00
MatthieuFin 374438a3d6
feat(calico): add possibility to enable calico floatingIPs feature (#9680) 
Add a variable `calico_felix_floatingIPs` which permit to enable calico feature `floatingIPs`
(disabled per default).

Signed-off-by: MatthieuFin <matthieu2717@gmail.com>

 #9679
 2023-01-18 15:42:34 -08:00
yanggang fd80ef1ff1
[argocd] update argocd to v2.5.7 (#9682) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-18 15:38:34 -08:00
Mohamed Zaian 235173bb5f
[flannel] update to v0.20.2 & make it default (#9675) 2023-01-18 15:26:34 -08:00
Mohamed Zaian 1750dec254
[feature] add mzaian to reviewers (#9676) 2023-01-18 00:46:35 -08:00
ERIK 52f52db8f3
Add crio-related URLs to offline.yml (#9681) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-01-17 19:04:33 -08:00
Cyclinder db94812163
bump cni-plugins to v1.2.0 (#9671) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2023-01-17 00:12:32 -08:00
Arthur Outhenin-Chalandre 4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default (#9662) 
In 6db6c8678c, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-01-16 23:56:32 -08:00
Mathieu Parent 58fe1a0ed6
Terraform vsphere cleanup (#9672) 
* contrib/terraform/vsphere: mark vsphere_password as sensitive

Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* contrib/terraform/vsphere: remove unused modules

Signed-off-by: Mathieu Parent <math.parent@gmail.com>
 2023-01-16 23:50:32 -08:00
Mathieu Parent c80bb0007a
contrib/terraform/gcp: allow extra ingress firewalls (#9658) 
Signed-off-by: Mathieu Parent <math.parent@gmail.com>

Signed-off-by: Mathieu Parent <math.parent@gmail.com>
 2023-01-16 23:46:32 -08:00
rongfu.leng 8a03bb1bb4
add containerd config_path (#9566) 
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>

Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
 2023-01-16 23:42:32 -08:00
Vitaly Yakovenko d919c58e21
[multus] added support for mixed type of container engine (#9224) 
* [multus] added support for mixed type of container engine

* [multus] fixed for using with cluster/upgrade-cluster/scale playbooks
 2023-01-16 23:30:33 -08:00
Mohamed Zaian 19bc610f44
Update pause image version to v3.8 (#9668) 
Signed-off-by: Mohamed Zaian <mohamedzaian@gmail.com>

Signed-off-by: Mohamed Zaian <mohamedzaian@gmail.com>
 2023-01-16 15:30:10 -08:00
Cyclinder 85a5a79ef5
doc: don't set calico_vxlan_mode_ipv6=vxlanAlways when kernel < 3.12 (#9645) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2023-01-16 12:32:09 -08:00
Mohamed Zaian c7cffb14a7
[cert-manager] update cert-manager to v1.11.0 (#9661) 2023-01-16 02:36:51 -08:00