Florian Ruynat
222a77dfe7
Change node-role.kubernetes.io from master to control-plane ( #7183 )
2021-01-21 08:13:03 -08:00
Andrea Zonca
24ceee134e
Document the terraform option `master_allowed_ports` ( #7196 )
...
Implemented in #6547
2021-01-21 07:55:06 -08:00
Rick Haan
04c8a73889
Check kube-apiserver up on all masters before upgrade ( #7193 )
...
Only checking the kubernetes api on the first master when upgrading is not enough.
Each master needs to be checked before it's upgrade.
Signed-off-by: Rick Haan <rickhaan94@gmail.com>
2021-01-20 01:42:03 -08:00
Florian Ruynat
9a75501152
Promote node.k8s.io API groups from v1beta1 to v1
2021-01-19 08:57:45 -08:00
Florian Ruynat
f6fbbc17a4
Cleanup old checks for k8s 1.18 ( #7192 )
2021-01-19 08:43:45 -08:00
Florian Ruynat
15dc3868c3
Update Weave to 2.8.0 ( #7181 )
2021-01-19 08:35:48 -08:00
takmori_tech
2525d7aff8
Update main.yml ( #7175 )
...
Fix issue #7129 . Calico image tags support multiarch on quay.io.
2021-01-19 05:59:46 -08:00
Etienne Champetier
a5d2137ed9
containerd: ensure containerd is really started and enabled
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
a8e51e686e
containerd,docker: use apt_repository instead of action
...
yum_repository expect really different params, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
a2429ef64d
containerd,docker: use apt_key instead of action
...
we don't need rpm_key, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
1b88678cf3
containerd: use package instead of action
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
0e96852159
docker: use package instead of action, cleanup
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
19a61d838f
containerd: use copy to set apt pin
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
4eec302e86
preinstall: use package instead of action, use state: present
...
Before this commit we were upgrading base os packages on each run
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
f3885aa589
docker: stop using apt force
...
Here the desciption from Ansible docs
Corresponds to the --force-yes to apt-get and implies allow_unauthenticated: yes
This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.
This option *is not* the equivalent of passing the -f flag to apt-get on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see man apt-get for more information.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Florian Ruynat
b493c81ce8
Update metrics-server to 0.4.1 ( #7188 )
2021-01-19 05:45:44 -08:00
Florian Ruynat
9ef62194c3
Update bunch of dependencies ( #7187 )
2021-01-19 05:41:45 -08:00
Florian Ruynat
91ee4aa542
Decrease docker dependency ( #7172 )
2021-01-18 01:41:44 -08:00
Sergey
e3caff833c
Add prompt to upgrade node or delay before upgrade ( #7168 )
...
* Add prompt to upgrade node or delay before upgrade
* add docs
2021-01-17 23:53:43 -08:00
Sergey
b2995e4ec4
Adding other masters sequentially, not in parallel ( #7166 )
2021-01-15 17:19:43 -08:00
David Louks
ccd3aeebbc
Remove ignore_errors from drain tasks and enable retires ( #7151 )
...
* Remove ignore_errors from drain tasks and enable retires
* Fix lint error by checking if stdout length is not 0, ie string is not empty.
2021-01-15 13:17:43 -08:00
Florian Ruynat
7a033a1d55
Add hashes and update default K8S version to 1.20.2 ( #7171 )
2021-01-15 12:43:09 -08:00
Maxime Guyot
1652d8bf4b
Use Kubespray v2.15.0 as base image for CI ( #7165 )
2021-01-15 08:25:52 -08:00
Guangwen Feng
c85f275bdb
Fix typo ( #7164 )
...
Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
2021-01-15 02:19:52 -08:00
Florian Ruynat
a923f4e7c0
Update kube_version_min_required and cleanup hashes for release ( #7160 )
2021-01-15 00:33:51 -08:00
Etienne Champetier
82af8e455e
docker: remove old versions
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
1baee488ab
containerd: remove duplicate package pining task
...
Leave it with the install instead of the repo config
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
7433b70d95
docker: remove kernel check
...
Only CentOS 7 uses Linux 3.10, all other OSs have more recent kernels
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
de6c71a426
docker: remove dockerproject repo reference
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
16a34548ea
docker: remove checks for docker 1.12
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
b2f3ab77cd
docker: remove some old debug code
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
b2f6ed7dee
docker: remove obsoletes=0 in yum.conf
...
This was introduced in ef7f5edbb3
obsoletes=0 is not present in the official repo config
https://download.docker.com/linux/centos/docker-ce.repo
so it might not be needed for some time
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
09e34d29cd
containerd: remove docker_yum_conf / yum_conf
...
leftover from 1945499e2f
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
667a6981ea
preinstall: remove credentials folder move
...
This was introduced in 3004791c64
,
so since 2018 everyone should be upgraded ;)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
cf1d9f5612
preinstall: remove old Fedora task
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
55b03a41b2
containerd-common,containerd,docker: remove ubuntu arch specific vars
...
By removing ancient version we don't need arch specific vars
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Florian Ruynat
81b4ffa6b4
Add Fedora 33 CI, remove Fedora 31 ( #7072 )
2021-01-14 08:27:05 -08:00
Etienne Champetier
8c1821228d
preinstall: fixup etcd_deployment_type check ( #7152 )
...
fixes 8331939aed
Thanks to Tomas Vanderka / karlism / LuckySB
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 06:53:05 -08:00
Etienne Champetier
9c5c1a09a1
test-infra: update CentOS images ( #7134 )
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 05:25:04 -08:00
Florian Ruynat
09fa99fdc6
Update hashes and set default version to 1.19.7 ( #7150 )
2021-01-13 14:57:02 -08:00
Etienne Champetier
8331939aed
preinstall: check etcd_deployment_type ( #7149 )
...
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-13 14:19:03 -08:00
Sergey
02213d6e07
change nodeSelector label from deprecated beta.kubernetes.io/os and arch to kubernetes.io prefix ( #7138 )
2021-01-13 13:55:02 -08:00
Wang Zhen
387df0ee1f
Remove unnecessary condition check when updating server field in kube-proxy kubeconfig ( #7145 )
2021-01-13 09:50:37 -08:00
Florian Ruynat
b59035df06
change nginx default HTTPS protocol from "SSLv2" to "TLSv1.2 TLSv1.3" ( #7144 )
2021-01-13 08:34:36 -08:00
Mateusz Piotrowski
5517e62c86
Fix and document environment variable KUBE_MASTERS ( #7127 )
...
This variable was added as KUBE_MASTERS_MASTERS. That's probably a typo.
Remove the redundant `_MASTERS` suffix. Also, document the variable in the
help message.
2021-01-11 11:34:24 -08:00
Gregor Krmelj
5dca5225dc
update docs main menu with CRI section ( #7132 )
2021-01-11 09:07:05 -08:00
Kenichi Omichi
c005c90746
Remove unnecessary failed_when ( #7120 )
...
TASK [Generate a list of information about the images on a node]
registers list of container images to docker_images.
Then the next TASK [Set pull_required if the desired image is not
yet loaded] does based on expecting images are registered.
However sometimes the first TASK was failed as [1] but the failure
is ignored due to failed_when:false and it makes another issue.
This removes this unnecessary failed_when to detect the failure
at the point.
In addition, this removes no_log:true also because the output doesn't
contain any sensitive data and now it just makes debugging difficult.
[1]: https://gitlab.com/kargo-ci/kubernetes-sigs-kubespray/-/jobs/934714534#L2953
2021-01-11 08:49:10 -08:00
Etienne Champetier
8bdd0bb82f
Require 2.9.0 <= Ansible version < 2.10.0 ( #7130 )
...
We have multiple breakage report with Ansible 2.10+ in https://github.com/kubernetes-sigs/kubespray/issues/6762
README.md already recommended 2.9+
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-11 07:49:11 -08:00
Etienne Champetier
a790935d02
Only setup *_PROXY env variables where needed ( #7095 )
...
no_proxy is a pain to get right, and having proxy variables present causes issues
(k8s components get proxy configuration after upgrade, see #7100 )
It's better to only configure what require proxy:
- the runtime (containerd/docker/crio)
- the package manager + apt_key
- the download tasks
Tested with the following clusters
- 4 CentOS 8 nodes
- 1 Ubuntu 20.04 node
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-11 07:21:08 -08:00
Gregor Krmelj
1fcbbd3b9d
Update containerd documentation with etcd change ( #7126 )
...
* update containerd documentation with etcd change
* update conterind docs
2021-01-11 06:39:08 -08:00