External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-01 01:28:11 -03:30
Code Issues Packages Projects Releases Wiki Activity
7,705 Commits 45 Branches 88 Tags
2d612cde4d73cb036c8e7d33f4df93e1ae13741f
Commit Graph

147 Commits

Author SHA1 Message Date
Lihai Tu
921b0c0bed Add options to control images pulling of kubelet (#11094) 
Signed-off-by: tu1h <lihai.tu@daocloud.io>
 2024-06-21 07:54:54 -07:00
Jorge Isnardo Altamirano
a09c73a356 Update kube-vip manifests to v0.8.0 2024-05-07 11:38:13 +02:00
Jorge Isnardo Altamirano
537891a380 Update kube-vip manifests to v0.8.0 2024-05-02 16:37:49 +02:00
Jorge Isnardo Altamirano
e57e958a39 Update kube-vip to v0.8.0 2024-05-02 09:45:30 +02:00
Barry M
1b870a1862 Update kubelet systemd service default allowed IP addresses for cluster hardening (#11061) 
Signed-off-by: bmelbourne <barry.melbourne0@gmail.com>
 2024-04-11 00:58:27 -07:00
kyrie
baf4842774 make kube-vip LeaderElection variables configurable (#11021) 
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
 2024-03-25 02:24:57 -07:00
Ugur Can Ozturk
7863fde552 [apiserver-kubelet/tracing]: add distributed tracing config variables (#10795) 
* [apiserver-kubelet/tracing]: add distributed tracing config flags

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>

* [apiserver-kubelet/tracing]: add distributed tracing config flags - fix

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>

* [apiserver-kubelet/tracing]: add distributed tracing config flags - fix

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>

---------

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>
 2024-01-25 10:24:35 +01:00
yun
13e1f33898 Correct the POLY1305 cipher suites by adding the suffix _SHA256 (#10641) 2024-01-22 18:00:52 +01:00
Louis Tu
a656b7ed9a Add kube_vip_lb_fwdmethod option for kube-vip (#10762) 
Signed-off-by: tu1h <lihai.tu@daocloud.io>
 2024-01-09 08:22:13 +01:00
Max Gautier
471326f458 Remove PodSecurityPolicy support and references (#10723) 
This is removed from kubernetes since 1.25, time to cut some dead code.
 2023-12-18 14:13:43 +01:00
Max Gautier
612cfdceb1 Check conntrack module presence instead of kernel version (#10662) 
* Try both conntrack modules instead of checking kernel version

Depending on kernel distributor, the kernel version might not be a
correct indicator of the conntrack module use.
Instead, we check both (and use the first found).

* Use modproble.persistent rather than manual persistence
 2023-11-28 18:31:02 +01:00
AbhishekKr
6b1188e3dc [fix] modprobe_nf_conntrack for new Linux Kernel, when using ipvs (#10625) 
Signed-off-by: AbhishekKr <abhikumar163@gmail.com>
 2023-11-20 09:48:06 +01:00
borgiacis
802da0bcb0 Create variables for ipvs kernel modules (#10580) 
* Create variables for ipvs kernel modules

* Corrected kubernetes role node task missing name

* Added changes as suggested during review by VannTen
 2023-11-08 12:44:02 +01:00
Arthur Outhenin-Chalandre
5d00b851ce project: fix var-spacing ansible rule (#10266) 
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-07-04 20:36:54 -07:00
Pat Riehecky
f5ee8b71ff Permit custom names for API server lb/proxy containers. (#10166) 
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
 2023-06-08 02:54:13 -07:00
Manuelraa
2b75552d1c Replace swap vars with single kubelet_fail_swap_on (#10036) 2023-05-11 10:53:04 -07:00
蒋航
a59e27cb6b Update kube-vip to v0.5.12 (#10005) 
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
 2023-04-22 19:01:12 -07:00
Arthur Outhenin-Chalandre
9e2104c7d3 node: fix default kubelet/runtime cgroups when kube_reserved is false (#9834) 
* node: fix default kubelet/runtime cgroups when kube_reserved is false (default)

Commit 1c4db6132d introduced a notion of
kube_reserved. This introduced a breaking change defaulting to use
kube.slice for the container_manager and the kubelet as if kube_reserved
was always enabled whereas it is disabled by default.

This commit fixes this by bringing back system.slice whenever
kube_reserved is disabled.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* inventory/sample: change false for kube_reserved as its the default

Changing the commented value in sample inventory to the actual default
value.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-03-05 18:48:58 -08:00
panguicai
c710c93c02 upgrade kubevip to v0.5.11 (#9852) 
Signed-off-by: panguicai008 <1121906548@qq.com>
 2023-03-05 17:54:57 -08:00
ERIK
6ff845a199 Enable control plane load balancing for kube-vip (#9785) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-02-12 19:25:28 -08:00
蒋航
c5debf013c Update kubevip to v0.5.8 (#9734) 
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
 2023-01-31 00:24:55 -08:00
mKlaris
050fde6327 Add enableServicesElection env variable. (#9595) 2023-01-02 18:35:33 -08:00
Shelming.Song
1c4db6132d optimize cgroups settings for node reserved (#9209) 
* optimize cgroups settings for node reserved

* fix

* set cgroup slice for multi container engine

* set cgroup slice for crio

* add reserved cgroups variables to sample files

* Compatible with cgroup path for different container managers

* add cgroups doc

* fix markdown
 2022-12-30 08:05:30 -08:00
蒋航
990f87acc8 Update kube-vip to v0.5.5 (#9437) 
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>

Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
 2022-10-26 19:28:32 -07:00
Wouter Goedhart
1901b512d2 Make the port of kube-vip dynamic based on the kube_apiserver_port (#9414) 
variable

Fix wrong referenced variable on bgp_peers

Fix bgp_peeras field to be a string

Set default value for bgp_peeras
 2022-10-23 18:00:24 -07:00
William Turner
ad3f503c0c Fix default value for kubelet_secure_addresses (#9355) 2022-10-06 00:35:51 -07:00
Alessio Greggi
acb6f243fd feat: add kubelet systemd service hardening option (#9194) 
* feat: add kubelet systemd service hardening option

* refactor: move variable name to kubelet_secure_addresses

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>

* docs: add diagram about kubelet_secure_addresses variable

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
 2022-08-30 11:18:55 -07:00
Samuel Liu
e73803c72c pid reserved must be str (#9124) 2022-07-30 20:14:27 -07:00
h9-HSFRQDH
3bb9542606 Adding support for node & pod pid limit (#9038) 2022-07-05 00:20:48 -07:00
Calin Cristian Andrei
24c8ba832a [kubernetes] drop support for configuring insecure apiserver 2022-06-15 00:57:20 -07:00
Ho Kim
77f436fa39 Fix: set fallback value of kubelet ip6 (#8858) (#8926) 
* Fix: set fallback value of kubelet ip6 (#8858)

* Prune the spurious comma in the end of kubelet_address

- Update `roles/kubernetes/node/defaults/main.yml`

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>

* Fix: set fallback value of kubelet ip6 (#8858)

- Apply the lint: 132606368e

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
 2022-06-06 10:08:21 -07:00
Thearas
01ca7293f5 support reserve ephemeral-storage (#8895) 2022-06-06 07:34:26 -07:00
Mathieu Parent
996ef98b87 Add support for kube-vip (#8669) 
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
 2022-04-07 10:37:57 -07:00
kakkotetsu
98d5d0cdd5 add support for Dual Stack node InternalIP (#8542) 2022-02-15 00:28:02 -08:00
Ilya Margolin
aed187e56c Fix kubelet_kubelet_cgroups_cgroupfs (#8500) 
If kubelet is run with systemd (as it always is when using kubespray),
it starts in systemd's /system.slice/kubelet.service cgroup.

This commit prevents a creation and usage of a second unrelated cgroup.
 2022-02-02 00:50:22 -08:00
cyril-corbon
575e0ca457 feat: add eviction hard to kubelet config (#8421) 
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
 2022-01-24 00:13:57 -08:00
Pasquale Toscano
6e5b9e0ebf Fix Kubelet and Containerd when using cgroupfs as cgroup driver (#8123) 2021-11-05 07:59:54 -07:00
Bas van den Brink
7938748d77 Allow configuring container log limits for Kubelet (#6933) 2020-11-26 00:32:19 -08:00
Wang Zhen
edea63511d Fix reserved memory unit in kubelet configuration (#6725) 
* Fix reserved memory unit in kubelet configuration

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>

* Move systemReserved default values from template

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
 2020-09-22 15:20:09 -07:00
Hans Feldt
803d52ffce kubernetes: remove unused variables (#6601) 2020-09-04 04:53:56 -07:00
Erwan Miran
ef3e98807e tlsminversion and tlsciphersuites kubelet (#6490) 2020-08-13 02:48:13 -07:00
Arthur Outhenin-Chalandre
abfa1636e4 Fix kube-proxy post deployment removal (#5554) 
* Fix kube-proxy removal

* Fix unwanted skipped task for kube-proxy
* Fix kube_proxy_remove default

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add test for kube-router svc proxy

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-07-13 07:12:33 -07:00
Mike Dziedziela
8ca2a9a7d5 added azure_cloud parameter to Azure's cloud_config (#6321) 2020-06-25 14:35:30 -07:00
spaced
0c51352a74 remove unused kubelet options (#5903) 2020-04-07 11:51:44 -07:00
Vinayaka V Ladwa
f8ad44a99f Azure vmss - kubelet: failed to get instance ID from cloud provider: instance not found #5824 (#5855) 
* kubernetes-sigs-kubespray #5824

Added support nodes which are part of Virtual Machine Scale Sets(VMSS)

* kubernetes-sigs-kubespray #5824

* kubernetes-sigs-kubespray #5824

Added comments and updatetd azure docs.

* kubernetes-sigs-kubespray #5824

Added supported values comments for "azure_vmtype" in azure.yml
 2020-03-31 10:12:40 -07:00
Erwan Miran
26700e7882 kubelet_config_extra_args and kubelet_node_config_extra_args (#5623) 
* Introduce kubelet_config_extra_args and kubelet_node_config_extra_args to pass params to kubelet via YAML config

* kubelet_config_extra_args is not the alternative
 2020-02-14 16:05:28 -08:00
Matthew Mosesohn
57fef8f75e Allow customizing kubelet healthz port and bind addr (#5403) 
Change-Id: I1634ba2d2d3337243ffcdea86750003a559f2576
 2019-12-03 11:56:58 -08:00
Matthew Mosesohn
186ec13579 Fix incorrect suggestion to enable old k8s apis (#5292) 
Change-Id: If965cc6aa0daaca232dcf2ca0efd649aa097497f
 2019-10-30 01:58:53 -07:00
Matthew Mosesohn
27ec548b88 Add support for k8s v1.16.0-beta.2 (#5148) 
Cleaned up deprecated APIs:
apps/v1beta1
apps/v1beta2
extensions/v1beta1 for ds,deploy,rs

Add workaround for deploying helm using incompatible
deployment manifest.
Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830
 2019-09-10 12:06:54 -07:00
Matthew Mosesohn
7f74906d33 Make haproxy/nginx client timeout configurable (#5140) 
Change-Id: I61319a06eb33d9fc868e19941924f387088b856b
 2019-09-05 00:32:51 -07:00