Navid Nabavi
4313c13656
[feature] Add coredns_additional_configs to handle any extra configurations for coredns deployment ( #10023 ) ( #10025 )
2023-05-09 06:45:58 -07:00
Eugene Marchanka
c880b24a80
[MetalLB] Remove unused resources ( #10004 )
...
* Fix MetalLB deploy
This will fix MetalLB deploy
* Remove `metallb_ip_range` check
* Remove missing `metallb-config.yml`
* fix template name
* make deployment of layer3 conditional
* revert
* revert
2023-05-08 17:20:52 -07:00
Mohamed Omar Zaian
a505a4c71f
[feat] Update metrics server to v0.6.3 ( #10026 )
2023-04-26 04:10:16 -07:00
pli
8727f88e41
metrics_server: add extras nodeselector, affinity, tolerations ( #9972 )
...
* metrics_server: add extras nodeselector, affinity, tolerations
* fix tolerations invalid YAML if undefined
2023-04-26 00:30:16 -07:00
Mohamed Omar Zaian
4deeaba335
[feature] Update dns-autoscaler ( #9996 )
2023-04-24 02:47:01 -07:00
Jeroen Rijken
709ae1d244
Update MetalLB and switch to CRD notation. ( #9120 )
...
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-04-14 01:14:41 -07:00
Mohamed Omar Zaian
ed6f8df784
[feature] Update CoreDNS manifests ( #9977 )
2023-04-12 21:38:35 -07:00
Eugene Marchanka
eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook ( #9946 )
...
* Fix: vSphere Error: `Apply a CSI secret manifest`
This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true
censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```
* create namespace if does not exist
* lint fix
* try to fix lint errors
* fix `too few spaces before comment`
* change the order of applied manifests
* typo
2023-04-09 22:13:15 -07:00
Dominykas Norkus
5e2cb4d244
Add bind address variable to OCCM ( #9958 )
2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian
dff58023d9
[argocd] update argocd to v2.6.7 ( #9953 )
2023-04-04 12:01:43 -07:00
Mathias Petermann
dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided ( #9922 )
2023-03-27 08:12:28 -07:00
panguicai
1555d78155
upgrade argocd to v2.6.3 ( #9848 )
...
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-03 06:44:58 -08:00
Eugene Artemenko
5cbcec8968
Add resources section to all containers releated to Vsphere CSI driver ( #9687 )
2023-02-27 02:36:20 -08:00
Mohamed Zaian
260dad8f10
[ingress-nginx] upgrade to 1.6.4 ( #9818 )
2023-02-23 01:35:34 -08:00
pli
4ba1df5237
Fix kubernetes-app/argocd: download related things with the download role ( #9786 )
...
* Fix yq install in argocd role: use download_file instead of get_url
* Fix use download_file instead of get_url to download argocd-install manifest in argocd role
* Fix order and add arm64 checksum
* Fix: Failed to template loop_control.label: 'None'
2023-02-19 16:11:37 -08:00
Bas
2c93c997cf
pre-commit autocorrected files ( #9750 )
2023-02-06 01:35:16 -08:00
manzsolutions-lpr
6c41191646
Add support for PodSecurityStandards ( #9713 )
2023-02-06 01:27:01 -08:00
Kevin Huang
1853085ffe
feat(cinder-csi): Allow deletionPolicy to be configurable ( #9736 )
2023-02-02 15:46:28 -08:00
stelucz
9247137e60
Replace label `k8s-app: nodelocaldns` in DaemonSet template by `k8s-app: node-local-dns` ( #9745 )
2023-02-02 15:42:28 -08:00
杨刚 (成都)
e8f048c71d
[argocd] update argocd to v2.5.10 ( #9753 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-02-02 15:38:29 -08:00
杨刚 (成都)
b9a34b83d4
[argocd] update argocd to v2.5.9 ( #9723 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-28 19:14:33 -08:00
杨刚
8d6cfd6e53
[argocd] update argocd to v2.5.8 ( #9708 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-27 00:14:25 -08:00
ERIK
ee2193d4cf
Add dns configuration for cert manager ( #9673 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-01-23 17:42:15 -08:00
yanggang
fd80ef1ff1
[argocd] update argocd to v2.5.7 ( #9682 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-18 15:38:34 -08:00
Arthur Outhenin-Chalandre
4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default ( #9662 )
...
In 6db6c8678c
, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
Vitaly Yakovenko
d919c58e21
[multus] added support for mixed type of container engine ( #9224 )
...
* [multus] added support for mixed type of container engine
* [multus] fixed for using with cluster/upgrade-cluster/scale playbooks
2023-01-16 23:30:33 -08:00
Mohamed Zaian
c7cffb14a7
[cert-manager] update cert-manager to v1.11.0 ( #9661 )
2023-01-16 02:36:51 -08:00
yanggang
6b4bb2a121
[argocd] update argocd to v2.5.6 ( #9654 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-15 21:16:50 -08:00
László Rafael
ea35021c96
Add defaults for external_vsphere_user and external_vsphere_password in the vsphere csi_driver ( #9664 )
2023-01-14 14:24:14 -08:00
Marijn van der Giesen
0d5bcd3e20
feat(coredns): Forward extra domains to coredns kubernetes plugin ( #9635 )
2023-01-05 06:57:58 -08:00
Marijn van der Giesen
ab80342750
[feat] Add custom options to coredns kubernets plugin ( #9608 )
2022-12-27 18:21:27 -08:00
Maxime Leroy
9fe89a0641
fix(apps): cinder: wrong rbac for csi-snapshotter-role ( #9610 )
2022-12-27 00:45:28 -08:00
Mohamed Zaian
438da0c8e6
[argocd] update argocd to v2.5.5 ( #9604 )
2022-12-22 00:53:25 -08:00
Robin Wallace
ccf60fc9ca
upcloud: Delete default reclaim policy ( #9574 )
2022-12-14 16:15:34 -08:00
JSpon
94eae6a8dc
adjust calico-kube-controller to use hostNetwork when using etcd as datastore ( #9573 )
2022-12-13 20:41:34 -08:00
Ugur Can Ozturk
a0f41bf82a
[metrics_server]: Enabled HA mode by adding 'metrics_server_replicas'… ( #9539 )
...
* [metrics_server]: Enabled HA mode by adding 'metrics_server_replicas' variable and adding podAntiAffinity rule
Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>
* [metrics_server]: added namespaces selector
Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>
Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>
2022-12-06 18:22:38 -08:00
rtsp
529faeea9e
[cert-manager] Upgrade to v1.10.1 ( #9512 )
2022-11-29 07:17:26 -08:00
Robin Wallace
ed0acd8027
[openstack cloud controller] bump to v1.25.3 ( #9500 )
2022-11-18 04:26:31 -08:00
emiran-orange
df6da52195
Enable check mode in DNS Cleanup tasks ( #9472 )
2022-11-10 19:58:09 -08:00
emiran-orange
5c25b57989
Ability to define options for DNS upstream servers ( #9311 )
...
* Ability to define options for DNS upstream servers
* Doc and sample inventory vars
2022-11-08 06:44:25 -08:00
Olivier Lemasle
5d1fe64bc8
Update local-volume-provisioner ( #9463 )
...
- Update and re-work the documentation:
- Update links
- Fix formatting (especially for lists)
- Remove documentation about `useAlphaApi`,
a flag only for k8s versions < v1.10
- Attempt to clarify the doc
- Update to version 1.5.0
- Remove PodSecurityPolicy (deprecated in k8s v1.21+)
- Update ClusterRole following upstream
(cf https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/pull/292 )
- Add nodeSelector to DaemonSet (following upstream)
2022-11-07 15:28:17 -08:00
yanggang
0d6dc08578
upgrade argocd version 2.4.16 ( #9467 )
2022-11-06 18:04:16 -08:00
Cyclinder
590b4aa240
adjust calico-kube-controller to non-hostnetwork pod ( #9465 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2022-11-06 17:34:17 -08:00
ausias-armesto
2a696ddb34
Adding metrics server to use host network ( #9444 )
...
* Adding metrics server to use host network
* EXternalize value to a variable
2022-11-06 02:38:15 -08:00
yanggang
ce751cb89d
add variable condition snapshot in vSphere CSI ( #9429 )
2022-11-02 00:22:46 -07:00
cleverhu
5cf2883444
add retry for start calico kube controller ( #9450 )
...
Signed-off-by: cleverhu <shouping.hu@daocloud.io>
Signed-off-by: cleverhu <shouping.hu@daocloud.io>
2022-11-02 00:18:45 -07:00
yanggang
d00508105b
Removed PodSecurityPolicy from ingress-nginx ( #9448 )
2022-10-30 20:08:44 -07:00
杨刚
4d3f637684
Remove PodSecurityPolicies in Metallb for kubernetes 1.25 ( #9442 )
2022-10-27 21:46:30 -07:00
Mohamed Zaian
2af918132e
Update kubernetes dashboard to 2.7.0 (k8s 1.25 support) ( #9425 )
2022-10-24 18:32:36 -07:00
杨刚
b192053e28
as argocd 2.4.15 is releasesd , update the version ( #9420 )
2022-10-23 20:34:24 -07:00
Kenichi Omichi
0374a55eb3
Specify securityContext for cert-manager ( #9404 )
...
On hardening environments, cert-manager pods could not be created
from the corresponding deployments. This adds the securityContext
to solve the issue.
2022-10-20 00:57:08 -07:00
Vladimir
958840da89
Add var for control initialDelaySeconds in nginx ingress probe ( #9405 )
...
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
2022-10-19 21:20:56 -07:00
Mohamed Zaian
0f44e8c812
[ingress-nginx] upgrade to 1.4.0 ( #9403 )
2022-10-18 16:53:00 -07:00
Kenichi Omichi
c38fb866b7
Update securityContext of netchecker ( #9398 )
...
To run netchecker with necessary privilege,
this updates the securityContext.
2022-10-17 19:11:18 -07:00
Unai Arríen
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
ghostloda
547ef747da
fix helm install with password authentication ( #9343 )
2022-10-12 23:55:01 -07:00
Unai Arríen
ef76a578a4
Change dns upstream condition for nodelocaldns ( #9378 )
2022-10-11 00:47:02 -07:00
Piotr Kowalczyk
3b99d24ceb
Fix: install calico-kube-controller on kdd ( #9358 )
...
* Fix: install policy controller on kdd too
* Remove the calico_policy_version condition altogether
* Install policy controller both on canal and calico under same condition
2022-10-10 19:45:01 -07:00
Kay Yan
4701abff4c
upgrade-api-version-for-PodDisruptionBudget ( #9369 )
2022-10-10 17:51:02 -07:00
Kevin Huang
c346e46022
fix(cinder-csi-nodeplugin): Remove the pods-cloud-data volume ( #9362 )
2022-10-08 01:23:19 -07:00
Hugo Blom
a8e4984cf7
Add missing permissions to openstack cc ( #9335 )
...
Add missing permissions to Openstack cloud controller to make sure controller runs as intended
2022-09-27 22:19:35 -07:00
Federico Cucinella
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
Robin Wallace
c4de3df492
upcloud csi driver: bump version to v0.3.3 ( #9317 )
2022-09-24 13:18:04 -07:00
Florian Ruynat
4ad67acedd
Move back vsphere csi to kube-system ns ( #9312 )
2022-09-23 10:46:26 -07:00
Kay Yan
1b3c2dab2e
add_max_concurrent_in_coredns ( #9307 )
2022-09-22 04:27:03 -07:00
pingrulkin
a2e23c1a71
vsphere-csi: add nodeAffinity to daemonset ( #9293 )
2022-09-19 17:47:22 -07:00
Mohamed Zaian
a71da25b57
[argocd] update argocd to v2.4.12 ( #9297 )
2022-09-19 17:37:22 -07:00
Vadim
5ac614f97d
fix duplicate field in ingress-nginx template ( #9285 )
2022-09-19 03:03:22 -07:00
ErmalKristo
b8b8b82ff4
Adds support for multiple architectures to yq ( #9288 )
2022-09-19 02:14:38 -07:00
Mahdi Abbasi
023b16349e
Add variable for the vsphere-csi namespace ( #9278 )
2022-09-15 02:01:23 -07:00
ghostloda
f3fb758f0c
Remove useless file ( #9258 )
2022-09-07 17:10:49 -07:00
Michael Schmitz
be2bfd867c
Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS ( #9245 )
2022-09-03 16:16:35 -07:00
Ho Kim
e31890806c
Add 'avoid-buggy-ips' support of MetalLB ( #9166 )
2022-08-18 21:49:51 -07:00
Piotr Kowalczyk
49d869f662
Fix CSI drivers issues on Azure ( #9153 )
...
* Include missing azuredisk rbac manifest
* Remove missing azure csi manifest
* Remove invalid reference mount to waagent settings
* Use cloud-config secret instead of /etc/kubernetes/cloud_config file
2022-08-18 00:56:36 -07:00
ERIK
9ad2d24ad8
Add unsafe_show_logs switch ( #9164 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-08-16 18:52:48 -07:00
Cristian Calin
8585134db4
when ingress-nginx is deployes without a class, we need to use 'ingress-controller-leader' resource instead of the default 'ingress-controller-leader-nginx' ( #9156 )
2022-08-09 04:52:50 -07:00
Aveline
06f8368ce6
Fix Hetzner CCM cluster-cidr ( #9127 )
2022-07-30 20:18:27 -07:00
rtsp
b3876142d2
[cert-manager] Upgrade to v1.9.0 ( #9117 )
2022-07-29 00:11:11 -07:00
Mohamed Zaian
9f11946f8a
[argocd] update argocd to v2.4.7 ( #9105 )
2022-07-27 09:32:29 -07:00
Mohamed Zaian
ce04fdde72
[ingress-nginx] upgrade to 1.3.0 ( #9088 )
...
* This release removes support for Kubernetes v1.19.0
* This release adds support for Kubernetes v1.24.0
* Starting with this release, we will need permissions on the coordination.k8s.io/leases resource for leaderelection lock
2022-07-14 18:46:25 -07:00
Peter Pan
14063b023c
Extend DNS memory limit. 170Mi tents to OOM ( #9084 )
2022-07-13 00:03:37 -07:00
Samuel Liu
d821bed2ea
Fix some typo ( #9056 )
...
* fix ingress controller task name
* fix calico word
* add check typo
2022-07-11 09:49:48 -07:00
yasintahaerol
6d543b830a
Fix vcloud-csi bug related to #9046 ( #9066 )
...
* Fix vcloud-csi bug related to #9046
Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>
* add supervisor-fss-namespace=kube-system flag to vsphere-csi-controller-deployment
Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>
2022-07-07 10:31:35 -07:00
Emin AKTAS
4607ac2e93
fix(vsphere-csi): remove namespace env variable and set namespace as kube-system ( #9046 )
...
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-07-06 01:00:50 -07:00
Mohamed Zaian
51195212b4
[argocd] update argocd to v2.4.3 ( #9050 )
2022-07-05 08:22:47 -07:00
忘尘
1562a9c2ec
add missing verbs ( #9032 )
2022-06-29 00:18:05 -07:00
Samuel Liu
e8ccbebd6f
add ingress nginx webhook ( #9033 )
...
* add ingress nginx webhook
* fix ingress nginx template
2022-06-28 11:55:35 -07:00
Robin Wallace
79f6cd774a
create snapshot-controller only if needed
2022-06-22 00:37:44 -07:00
Sébastien Masset
9d5d945bdb
[MASTER] Add missing configuration for extra tolerations ( #8908 )
...
* Added new configuration item for extra tolerations in policy controllers
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Added new configuration item for extra tolerations in DNS autoscaler
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Aligned existing handling of extra DNS tolerations
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
2022-06-20 01:36:06 -07:00
Calin Cristian Andrei
2de5c4821c
[calico] clean up workarounds for older versions
2022-06-15 00:57:20 -07:00
orange-llajeanne
2fba94c5e5
fix a typo in the "matallb_auto_assign" variable name ( #8949 )
...
* fix a typo in the "matallb_auto_assign" variable name
* add metallb check to fail when deprecated "matallb_auto_assign" variable is defined
2022-06-13 09:40:12 -07:00
Steffen Becker
6b43d6aff2
Proposed fix to Issue 8667 ( #8944 )
...
Proposed fix to Issue 8667
Proposed fix to Issue 8667
2022-06-09 23:37:46 -07:00
Mohamed Zaian
bb530da5c2
[registry] Switch registry to use registry.k8s.io
...
Please see the conversation here: https://groups.google.com/a/kubernetes.io/g/dev/c/DYZYNQ_A6_c
2022-06-08 14:12:22 +02:00
Mohamed Zaian
b2346cdaec
[feat] Upgrade metrics server to v0.6.1 ( #8909 )
...
* Metrics Server now requires access to nodes/metrics RBAC resource instead of nodes/stats. See: https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.0
* Minimize rbac permissions.
2022-06-06 07:34:37 -07:00
Samuel Liu
1600fd9082
clean up tags ( #8880 )
2022-05-31 07:52:53 -07:00
irizzant
85bd1eea27
fix(calico): add missing "get" verb ( #8847 )
...
Signed-off-by: irizzant <i.rizzante@gmail.com>
2022-05-21 01:20:00 -07:00
David Louks
93fe3e06ef
Add support for including annotations on aws-ebs-csi-controller ( #8779 )
...
* Add support for including annotations on aws-ebs-csi-controller
* update comment to specify role arn
2022-05-20 15:00:00 -07:00
Samuel Liu
a28b58dbd0
[calico]use ipamconfig instead of calico ipam command ( #8839 )
...
* use ipamconfig instead of calico ipam command
* fix ansible lint
2022-05-19 11:13:20 -07:00
orange-llajeanne
a26a9ee14f
set apparmor_enabled in netchecker task ( #8844 )
2022-05-19 10:49:21 -07:00
weizhoublue
b289f533b3
get wrong server name of coredns ( #8811 )
...
Signed-off-by: weizhou.lan@daocloud.io <weizhou.lan@daocloud.io>
2022-05-12 08:33:14 -07:00