Commit Graph

4747 Commits (eecaec2919392a8b5595927100a56d446b997d2a)

Author SHA1 Message Date
Eugene Marchanka eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook (#9946)
* Fix: vSphere Error: `Apply a CSI secret manifest`

This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true                                                                                                                                                 
  censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```

* create namespace if does not exist

* lint fix

* try to fix lint errors

* fix `too few spaces before comment`

* change the order of applied manifests

* typo
2023-04-09 22:13:15 -07:00
jeremy-thuon 4a03d13d08
[cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959)
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
2023-04-09 22:07:15 -07:00
rtsp fcb5e77338
[cert-manager] Upgrade to v1.11.1 (#9964) 2023-04-09 21:37:15 -07:00
Samuel Liu ece174da7c
fix resatrt k8s components (#9962) 2023-04-09 19:51:15 -07:00
Mohamed Omar Zaian a94b893e2c
[containerd] add hashes for 1.6.20 (#9954) 2023-04-04 16:01:39 -07:00
Dominykas Norkus 5e2cb4d244
Add bind address variable to OCCM (#9958) 2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian dff58023d9
[argocd] update argocd to v2.6.7 (#9953) 2023-04-04 12:01:43 -07:00
Mohamed Omar Zaian 766d3696c9
[calico] add v3.25.1 and make it default (#9950) 2023-04-03 18:21:51 -07:00
Mohamed Omar Zaian b88229a662
[ingress-nginx] upgrade to 1.7.0 (#9952) 2023-04-03 17:51:51 -07:00
Mohamed Omar Zaian c00cea7b17
[helm] upgrade to 3.11.2 (#9951) 2023-04-03 17:47:51 -07:00
ERIK 0c4f57a093
Support extended settings for the Debian os family (#9943)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-30 18:53:49 -07:00
Kay Yan e8f0fb82fe
fix-kube-bench-1.2.20 (#9939) 2023-03-29 09:35:49 -07:00
Kay Yan 19856cf692
fix-kube-bench-1.1.19 (#9937) 2023-03-28 21:01:24 -07:00
Kay Yan deb532ce27
fix-kube-bench-4.1.1 (#9934) 2023-03-27 21:48:22 -07:00
Anton 1bb4f88af1
cilium: Additional fix the configuration of tls for hubble #9880 (#9932) 2023-03-27 08:48:27 -07:00
Mathias Petermann dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided (#9922) 2023-03-27 08:12:28 -07:00
xiuguang.huang 4020a93d7e
delete the probe option of cilium_kube_proxy_replacement (#9929) 2023-03-27 08:08:28 -07:00
R. P. Taylor a676c106d3
change bash for loop for SAN check (#9060)
fix merge conflict
2023-03-27 06:36:30 -07:00
HirazawaUi baed5f0b32
Remove deprecated udpIdleTimeout field in KubeProxyConfiguration (#9925) 2023-03-27 02:05:55 -07:00
Toru Komatsu 8afd74ce1f
cilium: Fix the configuration of tls for hubble (#9880)
Signed-off-by: utam0k <k0ma@utam0k.jp>
2023-03-24 01:10:31 -07:00
Maxime Picaud f6e4a231cb
fix(download): validate mirrors on localhost (#9669) 2023-03-23 08:04:32 -07:00
Toru Komatsu 3a5f5692ca
Cilium v1.13.0 (#9879)
Signed-off-by: utam0k <k0ma@utam0k.jp>
2023-03-23 01:20:23 -07:00
Jiri Fiala 9b37699d0d
Cilium Operator replicas configuration (#9894)
Signed-off-by: Fiala, JiriX <jirix.fiala@intel.com>
2023-03-22 08:28:38 -07:00
Kay Yan cc382f2412
haproxy-proxy-ipv6 (#9674) 2023-03-22 05:58:36 -07:00
Will Hegedus 97dfdcd8fe
feat: support cilium 1.13.1 (#9914)
Cilium 1.13.1 changed how the cilium-cni binary gets placed in /opt/cni/bin,
so that it takes place in an init container rather than in the main agent.
2023-03-21 12:56:12 -07:00
prashantchitta a9f52060c9
Fix ciliums hubble relay configuration (#9876)
* Fix ciliums hubble relay configuration

* Fixed the tls from code review

* Updated to dna_domain instead of hardcoding
2023-03-21 12:50:12 -07:00
tu1h 8cf5fefe84
Add download retries option (#9911)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2023-03-21 09:38:12 -07:00
ERIK fb8631cdf6
fix allow unsupported distribution (#9904)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-21 01:35:09 -07:00
Mohamed Omar Zaian 7859aee735
[kubernetes] Add hashes for 1.26.3, 1.25.8, 1.24.12 (#9900) 2023-03-21 01:31:08 -07:00
蒋航 83c3ce7f8f
Add Retry for Checking calico exists (#9883)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-03-20 21:51:06 -07:00
Kay Yan 309aaee427
fix-cilium-error (#9902) 2023-03-20 02:41:17 -07:00
Mohamed Omar Zaian 349c8901f8
[containerd] add hashes for 1.7.0 (#9892) 2023-03-14 21:48:14 -07:00
Samuel Liu df9aba6298 fix typo word 2023-03-14 15:49:22 +01:00
biqiang Wu 2ae3ea9ee3
Modified the default value of cilium IPAM and added the support for related parameters (#9443)
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2023-03-13 17:45:10 -07:00
蒋航 99115ad04b
Fix Get current calico version (#9873)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-03-10 05:48:40 -08:00
ERIK 7747ff2572
Fix uniontech os installation failure (#9862)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-03-09 22:00:39 -08:00
Marijn van der Giesen eb4bd36f73
fix(kubernetes): Also apply kubeadm patches during upgrade (#9781) 2023-03-09 13:50:30 -08:00
panguicai 2d20f0c024
fix cri-o arm64 v1.26.0 wrong archive checksum (#9872)
Signed-off-by: panguicai008 <guicai.pan@daocloud.io>
2023-03-09 13:32:31 -08:00
Cyclinder b0793df293
bump calico to v3.25.0 (#9860)
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
2023-03-09 00:02:02 -08:00
Jack 1ca50f3eea
Update check calico version command (#9861) 2023-03-08 00:31:12 -08:00
Arthur Outhenin-Chalandre 82f68ca395
calico: cilium: use localhost lb by default on kube-proxy replacement (#9718)
This commit removes the variable `use_localhost_as_kubeapi_loadbalancer`
and rather detects that we are in a situation where we can use the
localhost apiserver loadbalancer (meaning that we use the localhost load
balancer and that the same ports are used for both the load balancer and
the kube-apiserver).

This also cleanups the calico code to use `kube_apiserver_global_endpoint`
rather than implementing the same logic all over again.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-07 04:28:36 -08:00
panguicai 3a675393dc
upgrade rancher local-path-provisioner to v0.0.23 (#9855)
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-06 16:54:17 -08:00
Jack 9c41769dab
Update nodes in etc hosts after cluster scale (#9837) 2023-03-06 16:18:18 -08:00
Mohamed Zaian dba29db58d
[helm] upgrade to 3.11.1 (#9849) 2023-03-06 15:56:17 -08:00
Arthur Outhenin-Chalandre 9e2104c7d3
node: fix default kubelet/runtime cgroups when kube_reserved is false (#9834)
* node: fix default kubelet/runtime cgroups when kube_reserved is false (default)

Commit 1c4db6132d introduced a notion of
kube_reserved. This introduced a breaking change defaulting to use
kube.slice for the container_manager and the kubelet as if kube_reserved
was always enabled whereas it is disabled by default.

This commit fixes this by bringing back system.slice whenever
kube_reserved is disabled.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* inventory/sample: change false for kube_reserved as its the default

Changing the commented value in sample inventory to the actual default
value.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-05 18:48:58 -08:00
DRAGON2002 1d9502e01d
update args (#9856)
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
2023-03-05 18:38:57 -08:00
panguicai c710c93c02
upgrade kubevip to v0.5.11 (#9852)
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-05 17:54:57 -08:00
DRAGON2002 13c793fd0d
add flag (#9827)
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
2023-03-05 17:50:57 -08:00
panguicai 1555d78155
upgrade argocd to v2.6.3 (#9848)
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-03 06:44:58 -08:00
Maxime Leroy fd8260b930
fix(upgrade-cluster): retry other masters upgrade (#9768)
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
2023-03-03 05:44:58 -08:00