External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-01-18 21:21:23 -03:30
Code Issues Packages Projects Releases Wiki Activity
7,910 Commits 43 Branches 87 Tags
Commit Graph

5285 Commits

Author SHA1 Message Date
Robert Volkmann
5aea2abc40
Bump containerd to 1.7.23 (#11642) 2024-10-17 14:55:03 +01:00
Kubernetes Prow Robot
daa2144de3
Merge pull request #11601 from tico88612/feat/crio-default-crun 
Feat: CRI-O v1.31 change default runtime to crun
 2024-10-16 02:49:03 +01:00
Alexander
616e4b40db
replace deprecated unarchive.copy with unarchive.remote_src (#11207) 2024-10-14 08:20:21 +01:00
Nicolas Marcq
4e62e36f3a
Multus configuration add namespace isolation (#11605) 
#11594
 2024-10-12 03:40:20 +01:00
ChengHao Yang
faa0816b95
Feat: make CRI-O's default runtime configurable 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-11 01:49:16 +08:00
Max Gautier
b4768cfa91
Always copy cert generation scripts to first etcd (#11612) 
If we don't, existing installation would not pick up fix to that script,
such as dc33a1971d.
 2024-10-09 02:44:22 +01:00
Seena Fallah
7f90fc7b12
containerd: simplify registry mirror template (#11326) 
Simplify registry mirror rendering in config.toml.
The map filter can extract the host list from mirrors so we can
just unique them and render them without needing to construct vars
for it.
For the registry mirror tls section, we can first extract mirrors
from the dict then filter on only the ones having skip_veridy defined
first and then filter on the ones having true (as the dict might not
have skip_verify defined and that would cause errors of undefined var).

This will speed up and simply the templating.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2024-10-08 08:46:22 +01:00
Kay Yan
fb312e5179
cleanup kube 1.28 and cri-o 1.28 (#11609) 2024-10-08 08:28:22 +01:00
ChengHao Yang
e008e8ee01
Test: fix Molecule CRI-O default runtime to crun 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 07:40:39 +08:00
ChengHao Yang
f3d4377a16
Feat: add skopeo new version hash & upgrade skopeo version to v1.16.1 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 00:47:23 +08:00
ChengHao Yang
2717a2e585
Feat: add crun new version hash & upgrade crun version to 1.17 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 00:46:46 +08:00
ChengHao Yang
461a480887
Feat: complete the missing hash crun ppc64le 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 00:45:08 +08:00
ChengHao Yang
24e115c8b9
Feat: change cri-o default runtime to crun 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 00:43:30 +08:00
Max Gautier
6b3eaf8312
Use correct secret name for csi-upcloud pull secret (#11597) 2024-10-04 13:44:28 +01:00
Kubernetes Prow Robot
ddd92c998c
Merge pull request #11507 from VannTen/cleanup/shell_etcd_reset 
Refactor remove-etcd-node
 2024-10-03 11:58:27 +01:00
Baargav
bb4f1b1168
update cilium to 1.15.9 (#11593) 2024-10-03 10:10:27 +01:00
Olivier Boudry
583583942c
Fix Flatcar bug #11268 missing default value for ansible_interpreter_python_fallback variable (#11270) 2024-10-03 09:54:27 +01:00
peterw
6b499186b0
add cilium hubble-ui enable flag (#10939) 2024-10-01 06:53:49 +01:00
kyrie
d59a5bf431
update containerd_max_container_log_line_size default value (#11585) 
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
 2024-09-30 09:12:03 +01:00
Kay Yan
fcbcf3c03b
cri-o Switch to libexecdir (#11584) 
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2024-09-30 08:34:03 +01:00
Serge Hartmann
0eeac591ad
variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config (#11230) 
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
 2024-09-30 08:22:02 +01:00
Baargav
860c15cec1
Update cluster-role for cilium to prevent errors in agent startup (#11466) 
* Update cluster-role for cilium to prevent errors in agent startup

ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71

The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.

* Remove list/watch permissions for secrets

* Remove secrets from list/watch permissions
 2024-09-29 02:30:02 +01:00
Erwan Miran
8c3b2851f6
feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition (#11570) 2024-09-28 10:06:01 +01:00
M. Hamzah Khan
24e1765ae2
Added containernetworking-plugins to fcos bootstrap packages (#11273) 2024-09-27 20:24:01 +01:00
Kubernetes Prow Robot
bbd90f7657
Merge pull request #11568 from VannTen/cleanup/dont_rely_on_kube_node_existing 
Only require minimum structure in inventory, part II
 2024-09-27 11:30:02 +01:00
DirkTheDaring
3281c47f98
[kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5 (#11581) 
* [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5

* Update checksums.yml

reintroduce --- for yaml
 2024-09-27 08:28:02 +01:00
janosbabik
6352fee0fd
Update nerdctl version to 1.7.7 (#11575) 2024-09-27 05:04:01 +01:00
janosbabik
9f6db4012c
Update runc version to v1.1.14 and add checksums (#11574) 2024-09-27 03:58:01 +01:00
Kubernetes Prow Robot
6c112a9b41
Merge pull request #11567 from VannTen/cleanup/remove_node_static_token_generation 
Remove generation of static tokens for cluster members
 2024-09-26 13:58:01 +01:00
janosbabik
656ed796b9
[etcd] make etcd 3.5.16 default (#11572) 
* [etcd] make etcd 3.5.16 default

* Update etcd binary checksums for version 3.5.16 and lower
 2024-09-26 09:12:01 +01:00
Bakke
e355bef79b
fix: vsphere image repositories, tags and docs (#11564) 
The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053

As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.

I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.
 2024-09-26 08:22:02 +01:00
Philip Sabri
15bb5b0789
[kubernetes] Support kubernetes 1.31.1 (#11533) 2024-09-25 05:10:01 +01:00
Max Gautier
fbcc8cc336
control-plane: refactor group membership test 
Testing with group_names does not require the groups to exist.
 2024-09-24 11:16:32 +02:00
Max Gautier
0679d9c8e9
metrics-server: proper defaults, cleaner deploy template 2024-09-24 11:16:32 +02:00
Max Gautier
dba00f2d85
metrics-server: Unconditional control-plane tolerations 
There is no harm on having unneeded toleration when control-plane node
are not tainted, so simplify the template to always use the toleration.
 2024-09-24 11:16:31 +02:00
Max Gautier
9f45552201
Cleanup redundancy 
k8s_cluster = kube_control_plane + kube_node
 2024-09-24 11:16:30 +02:00
Max Gautier
ee0d9c5428
remove-etcd-node: cleanups, correct change semantics 2024-09-24 09:11:32 +02:00
Max Gautier
2a52e5f08c
remove-etcd-node: refactor shell to ansible filters 
Remove unnecessary error handling. If the node ip is not defined, is
does not change anything whether we fail early of late.
 2024-09-24 09:08:54 +02:00
Max Gautier
a2a2dfa419
k8s/control-plane: cleanup excessive defaulting 2024-09-23 20:37:56 +02:00
Max Gautier
baf0a331c9
Don't generate static tokens for nodes and control planes 
Nodes to api-server relies by default certificates, and bootstrap
tokens, and there should be no need to generate tokens for every nodes,
even when enabling static token auth.
 2024-09-23 16:58:42 +02:00
Baargav
1c0718bb7d
update containerd 1.7.22 (#11554) 2024-09-23 15:31:59 +01:00
Kubernetes Prow Robot
03a055c383
Merge pull request #10643 from VannTen/cleanup/k8s_node_templates 
Refactor kubernetes/node templates
 2024-09-23 14:16:00 +01:00
Max Gautier
2ec1c93897
Test group membership with group_names 
Testing for group membership with group names makes Kubespray more
tolerant towards the structure of the inventory.
Where 'inventory_hostname in groups["some_group"] would fail if
"some_group" is not defined, '"some_group" in group_names' would not.
 2024-09-21 14:09:09 +02:00
Kubernetes Prow Robot
93ee1226eb
Merge pull request #11521 from VannTen/cleanup/deduplicate_kubeadm_control_plane 
Use in inventory variables rather than patch files for kubeadm_patches
 2024-09-20 01:05:14 +01:00
Leeon Fu
4323e5d039
Reset operation, disable service enabled and clean container's logs. (#11501) 2024-09-19 19:14:37 +01:00
Kubernetes Prow Robot
893e9cb177
Merge pull request #11471 from VannTen/feat/config_plugin_list 
Update the list of admission plugins which needs config
 2024-09-18 13:18:44 +01:00
Qasim Mehmood
e550118314
Allow setting annotations on ingress-nginx service (#11544) 2024-09-18 11:54:44 +01:00
Max Gautier
c3de25c782
Move the CRI endpoint setting to kubelet config (#11550) 
The `--container-runtime-endpoint` kubelet argument is deprecated in
favor of the config file alternative.
 2024-09-18 01:34:45 +01:00
Kevin Huang
c601c8faf2
fix: Swap kubespray-defaults & boostrap-os (#11441) 
- Execute boostrap-os before so that Python is installed for kubespray-defaults
- Remove outdated kubespray-defaults dependency on boostrap-os
 2024-09-12 22:21:12 +01:00
Max Gautier
c87097fc35
Document how to use kubeadm patches 2024-09-12 10:31:09 +02:00