Add kube_vip_metrics_enabled and kube_vip_metrics_port; wire
prometheus_server and container port in the static pod manifest.
Default metrics port to 2112 to match kube-vip upstream. Document
and sample inventory updated.
Fedora 39 (EOL 2024-11-26), Fedora 40 (EOL 2025-05-13), and Fedora 41
(EOL 2025-12-15) are all out of support and no longer receive security
updates. This bumps the kubevirt CI test matrix to currently supported
releases, distributing tests across Fedora 42 (supported until
2026-05-13) and Fedora 43 (supported until 2026-12-09) to keep
multi-version coverage.
- Add fedora-43 image entry to the kubevirt image-builder
- Rename fedora39-* tests to fedora43-* (4 tests)
- Rename fedora40-* tests to fedora43-* (2 tests)
- Rename fedora41-* tests to fedora42-* (4 tests)
- Update .gitlab-ci/kubevirt.yml testcase names
- Regenerate docs/developers/ci.md
All 10 existing Fedora test configurations (kube-router, calico-selinux,
calico-swap-selinux, crio with/without SELinux enforcing, docker-calico,
flannel-crio-collection-scale) are preserved.
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
* image-builder: run validation locally with BuildKit
* upadte checksum
* set BuildKit no-process-sandbox flag for CI
* run BuildKit with rootless-safe daemon flags in CI
* update
* updating root logic
* fix ci failure for can't enable NoProcessSandbox
* switch to stable url
* add --oci-worker-no-process-sandbox ci flag in root path
* add more support
* add validate-docker and validate-single docker
Cilium < 1.20 unconditionally registers a field indexer for TLSRoute
v1alpha2 when the Gateway API controller is enabled, but Gateway API
>= 1.5.0 ships TLSRoute v1alpha2 with served=false in the standard
channel. The result is cilium-operator CrashLoopBackOff with:
no matches for kind "TLSRoute" in version "gateway.networking.k8s.io/v1alpha2"
The fix landed in Cilium 1.20 only and will not be backported.
Add a preflight assert that triggers only when all of the following
hold: cilium_gateway_api_enabled, gateway_api_enabled, cilium_version
< 1.20.0, gateway_api_version >= 1.5.0, and gateway_api_channel ==
"standard". Users hit by this combo get a clear error and two
workarounds (pin gateway_api_version to 1.4.1, or switch
gateway_api_channel to "experimental") instead of debugging a crash
loop after the fact.
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
The documented example still uses the removed --required-author flag and
misses --repo-path, which breaks with current release-notes binaries.
Update it to use the generate subcommand and point at the local checkout.
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
kata containers added create_container_timeout parameter.
If this parameter is missing, the new version of Kata cannot create containers properly and will encounter an error: failed to create shim task: context deadline exceeded
- Added setting the $CLUSTER bash variable as part of initial setup
- Add group_vars_path to inventory variables
- Update cloud_provider instructions
- Added relevant links to relevant 3rd party tutorials
Also add checksums for newly released patch versions:
- containerd 2.2.2, 2.2.3
- containerd 2.1.7
- containerd 2.0.8
- containerd 1.7.31
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
The cilium_enable_prometheus variable was defined in defaults and
documented in sample inventory but never mapped to the Helm values
template, making it a no-op. Add the prometheus.enabled field to
values.yaml.j2 so that setting cilium_enable_prometheus: true
correctly enables Prometheus metrics on the Cilium agent.
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
Remove the Flatcar/Fedora CoreOS exclusion from the wait handler
and unify the Flatcar-specific notify channel into the shared
"propagate resolvconf to k8s components" channel.
