Commit Graph

5695 Commits (efa180392b8e7cca75cac8e11534b55f99cb9ee4)
 

Author SHA1 Message Date
David Louks d378d789cf
Add retries to drain during upgrade. Allow leaving nodes cordoned after drain failure. Allow continuing upgrade if drain fails. (#7206) 2021-01-26 11:10:31 -08:00
Florian Ruynat 9007d6621a
Update nginx, minor weave and misc CI tools (vagrant/terraform) (#7215) 2021-01-26 08:22:34 -08:00
Ryler Hockenbury 774ec49396
Update azure cloud config (#7208)
* Allow configureable vni and port for flannel overlay

* additional options for azure cloud config
2021-01-26 07:24:35 -08:00
Jorik Jonker bba55faae8
calico: fix NetworkManager check (#7169)
Previous check for presence of NM assumed "systemctl show
NetworkManager" would exit with a nonzero status code, which seems not
the case anymore with recent Flatcar Container Linux.

This new check also checks the activeness of network manager, as
`is-active` implies presence.

Signed-off-by Jorik Jonker <jorik@kippendief.biz>
2021-01-25 23:52:34 -08:00
Etienne Champetier 8f2b0772f9
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203)
This was introduced in 143e2272ff
Extra repo is enabled by default in CentOS, and is not the right repo for EL8
Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository

For RHEL 7, we need the "extras" repo for container-selinux
For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-25 03:12:54 -08:00
Samuel Liu 1a409dc7ae
Add download bin tasks (#7131)
* Add downlaod bin tasks

* Add tags never and etcd

* yamllint
2021-01-22 20:41:39 -08:00
Fredrik Liv 404ea0270e
Added terraform support for Exoscale (#7141)
* Added terraform support for Exoscale

* Fixed markdown lint error on exoscale terraform
2021-01-22 20:37:39 -08:00
Florian Ruynat ef939dee74
Add missing 'ingress-controller' tag to alb (#7204) 2021-01-22 19:11:39 -08:00
Etienne Champetier f1576eabb1
Calico: fixup check when ipipMode / vxlanMode is not present (#7195)
calicoctl.sh get ipPool default-pool -o json
{
  "kind": "IPPool",
  "apiVersion": "projectcalico.org/v3",
  "metadata": {
    "name": "default-pool",
...
  },
  "spec": {
    "cidr": "10.233.64.0/18",
    "ipipMode": "Always",
    "natOutgoing": true,
    "blockSize": 24,
    "nodeSelector": "all()"
  }
}

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-21 20:39:26 -08:00
Etienne Champetier 49c4345c9a
preinstall: etcd group might not exists (#7202)
fixes 8c1821228d

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-21 14:31:02 -08:00
Maxime Guyot f94182f77d
Add cleanup of openstack network ports in CI (#7201) 2021-01-21 12:51:02 -08:00
Florian Ruynat 222a77dfe7
Change node-role.kubernetes.io from master to control-plane (#7183) 2021-01-21 08:13:03 -08:00
Andrea Zonca 24ceee134e
Document the terraform option `master_allowed_ports` (#7196)
Implemented in #6547
2021-01-21 07:55:06 -08:00
Rick Haan 04c8a73889
Check kube-apiserver up on all masters before upgrade (#7193)
Only checking the kubernetes api on the first master when upgrading is not enough.
Each master needs to be checked before it's upgrade.

Signed-off-by: Rick Haan <rickhaan94@gmail.com>
2021-01-20 01:42:03 -08:00
Florian Ruynat 9a75501152 Promote node.k8s.io API groups from v1beta1 to v1 2021-01-19 08:57:45 -08:00
Florian Ruynat f6fbbc17a4
Cleanup old checks for k8s 1.18 (#7192) 2021-01-19 08:43:45 -08:00
Florian Ruynat 15dc3868c3
Update Weave to 2.8.0 (#7181) 2021-01-19 08:35:48 -08:00
takmori_tech 2525d7aff8
Update main.yml (#7175)
Fix issue #7129. Calico image tags support multiarch on quay.io.
2021-01-19 05:59:46 -08:00
Etienne Champetier a5d2137ed9 containerd: ensure containerd is really started and enabled
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier a8e51e686e containerd,docker: use apt_repository instead of action
yum_repository expect really different params, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier a2429ef64d containerd,docker: use apt_key instead of action
we don't need rpm_key, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier 1b88678cf3 containerd: use package instead of action
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier 0e96852159 docker: use package instead of action, cleanup
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier 19a61d838f containerd: use copy to set apt pin
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier 4eec302e86 preinstall: use package instead of action, use state: present
Before this commit we were upgrading base os packages on each run

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier f3885aa589 docker: stop using apt force
Here the desciption from Ansible docs
Corresponds to the --force-yes to apt-get and implies allow_unauthenticated: yes
This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.
This option *is not* the equivalent of passing the -f flag to apt-get on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see man apt-get for more information.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Florian Ruynat b493c81ce8
Update metrics-server to 0.4.1 (#7188) 2021-01-19 05:45:44 -08:00
Florian Ruynat 9ef62194c3
Update bunch of dependencies (#7187) 2021-01-19 05:41:45 -08:00
Florian Ruynat 91ee4aa542
Decrease docker dependency (#7172) 2021-01-18 01:41:44 -08:00
Sergey e3caff833c
Add prompt to upgrade node or delay before upgrade (#7168)
* Add prompt to upgrade node or delay before upgrade

* add docs
2021-01-17 23:53:43 -08:00
Sergey b2995e4ec4
Adding other masters sequentially, not in parallel (#7166) 2021-01-15 17:19:43 -08:00
David Louks ccd3aeebbc
Remove ignore_errors from drain tasks and enable retires (#7151)
* Remove ignore_errors from drain tasks and enable retires

* Fix lint error by checking if stdout length is not 0, ie string is not empty.
2021-01-15 13:17:43 -08:00
Florian Ruynat 7a033a1d55
Add hashes and update default K8S version to 1.20.2 (#7171) 2021-01-15 12:43:09 -08:00
Maxime Guyot 1652d8bf4b
Use Kubespray v2.15.0 as base image for CI (#7165) 2021-01-15 08:25:52 -08:00
Guangwen Feng c85f275bdb
Fix typo (#7164)
Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
2021-01-15 02:19:52 -08:00
Florian Ruynat a923f4e7c0
Update kube_version_min_required and cleanup hashes for release (#7160) 2021-01-15 00:33:51 -08:00
Etienne Champetier 82af8e455e docker: remove old versions
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 1baee488ab containerd: remove duplicate package pining task
Leave it with the install instead of the repo config

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 7433b70d95 docker: remove kernel check
Only CentOS 7 uses Linux 3.10, all other OSs have more recent kernels

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier de6c71a426 docker: remove dockerproject repo reference
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 16a34548ea docker: remove checks for docker 1.12
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier b2f3ab77cd docker: remove some old debug code
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier b2f6ed7dee docker: remove obsoletes=0 in yum.conf
This was introduced in ef7f5edbb3
obsoletes=0 is not present in the official repo config
https://download.docker.com/linux/centos/docker-ce.repo
so it might not be needed for some time

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 09e34d29cd containerd: remove docker_yum_conf / yum_conf
leftover from 1945499e2f

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 667a6981ea preinstall: remove credentials folder move
This was introduced in 3004791c64,
so since 2018 everyone should be upgraded ;)

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier cf1d9f5612 preinstall: remove old Fedora task
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier 55b03a41b2 containerd-common,containerd,docker: remove ubuntu arch specific vars
By removing ancient version we don't need arch specific vars

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Florian Ruynat 81b4ffa6b4
Add Fedora 33 CI, remove Fedora 31 (#7072) 2021-01-14 08:27:05 -08:00
Etienne Champetier 8c1821228d
preinstall: fixup etcd_deployment_type check (#7152)
fixes 8331939aed
Thanks to Tomas Vanderka / karlism / LuckySB

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 06:53:05 -08:00
Etienne Champetier 9c5c1a09a1
test-infra: update CentOS images (#7134)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 05:25:04 -08:00