External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-01 09:38:12 -03:30
Code Issues Packages Projects Releases Wiki Activity
7,125 Commits 45 Branches 88 Tags
86b81a855a046db348c272bfefaafacc2ca0bf92
Commit Graph

7125 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maxime Leroy
d9c39c274e fix(defaults): wrong cri_socket path for containerd (#9401) 2022-10-18 00:15:18 -07:00
Kenichi Omichi
c38fb866b7 Update securityContext of netchecker (#9398) 
To run netchecker with necessary privilege,
this updates the securityContext.
 2022-10-17 19:11:18 -07:00
Mohamed Zaian
5ad1d9db5e [kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default (#9397) 2022-10-17 05:59:07 -07:00
Kay Yan
32f3d92d6b Remove PodSecurityPolicies in Calico (#9395) 2022-10-17 05:51:07 -07:00
Kenichi Omichi
72b45eec2e Use agnhost instead of busybox for network test (#9390) 
busybox container requires a root permission for ping.
For testing hardening method at CI, we need to switch to another image
which doesn't require the root permission for network testing.
On kubernetes/kubernetes repo, we are using agnhost which doesn't
require it. So this makes the test use aghhost image.

In addition, this updates the test manifest to specify securityContext
without any privilege.
 2022-10-14 06:10:46 -07:00
Cristian Calin
23716b0eff don't define kubeadm_patches by default (#9372) 2022-10-14 01:20:46 -07:00
Kay Yan
859df84b45 remove-psp-in-flannel (#9365) 2022-10-14 00:16:47 -07:00
Kay Yan
131bd933a6 Fix ensure ping package error in fedora CoreOS & Flatcar (#9370) 
* fix-ensure-package-in-coreos

* clean blank line
 2022-10-13 16:54:46 -07:00
Unai Arríen
52904ee6ad Avoid MetalLB speaker image download when MetalLB speaker is disabled (#9248) 
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Move metallb_speaker_enabled var to allow outside metalLB role references

* Improve metallb_speaker_enabled default values
 2022-10-13 16:50:47 -07:00
Kay Yan
e3339fe3d8 update_calico_doc_for_the_ChecksumOffloadBroken (#9388) 2022-10-13 01:13:00 -07:00
ghostloda
547ef747da fix helm install with password authentication (#9343) 2022-10-12 23:55:01 -07:00
Kenichi Omichi
63b27ea067 Fix YAML format in hardening.md (#9387) 
When trying to add a hardening CI job by copying configuration from
hardening.md, yamllint CI job deleted invalid format.
This fixes it for maintaining the CI job.
 2022-10-12 23:49:01 -07:00
ERIK
bc5881b70a Add the cilium hubble images to download role (#9376) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2022-10-12 23:45:00 -07:00
Kenichi Omichi
f4b95d42a6 Add note for containerd oom_score (#9384) 
When we saw 0 as the default value of containerd_oom_score, we had
a question why the value was not -999.
This adds the note to explain it.
 2022-10-11 21:49:00 -07:00
Unai Arríen
ef76a578a4 Change dns upstream condition for nodelocaldns (#9378) 2022-10-11 00:47:02 -07:00
Piotr Kowalczyk
3b99d24ceb Fix: install calico-kube-controller on kdd (#9358) 
* Fix: install policy controller on kdd too

* Remove the calico_policy_version condition altogether

* Install policy controller both on canal and calico under same condition
 2022-10-10 19:45:01 -07:00
Kay Yan
4701abff4c upgrade-api-version-for-PodDisruptionBudget (#9369) 2022-10-10 17:51:02 -07:00
Joe Siponen
717b8daafe Download coredns image to all hosts in k8s_cluster (#9316) 
Coredns image must be available everywhere as it
may be rescheduled to a non-control-plane-node.
 2022-10-08 05:03:19 -07:00
Kevin Huang
c346e46022 fix(cinder-csi-nodeplugin): Remove the pods-cloud-data volume (#9362) 2022-10-08 01:23:19 -07:00
Kenichi Omichi
24632ae81b Add check_typo job (#9361) 
To block merging pull requests which contain typo automatically.
 2022-10-07 02:21:53 -07:00
JSpon
befde271eb Use hostname override in post-remove role, just as pre-remove role does (#9360) 2022-10-06 15:03:52 -07:00
Huang Chen-Yi
d689f57c94 Features/support kubeadm patches v1beta3 (#9326) 
* Support kubeadm patches in v1beta3

* Update kubeadm patches sample files in inventory

* Fix pre-commit syntax

* Set kubeadm_patches  enabled to false in sample inventory
 2022-10-06 00:39:52 -07:00
William Turner
ad3f503c0c Fix default value for kubelet_secure_addresses (#9355) 2022-10-06 00:35:51 -07:00
Kay Yan
ae6c780af6 add-Kubean (#9352) 2022-10-04 06:26:23 -07:00
Eugene Artemenko
8b9cd3959a Add possibility to skip adding load balancer name in the hosts file (#9331) 2022-10-04 06:26:16 -07:00
Emin AKTAS
dffeab320e feat: add a paramater to disable host nameservers (#9357) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>

Signed-off-by: eminaktas <eminaktas34@gmail.com>
 2022-10-04 06:22:17 -07:00
Kay Yan
999586a110 sysctl_additional (#9351) 2022-10-02 23:06:14 -07:00
Kenichi Omichi
f8d5487f8e Remove versions from setting-up-your-first-cluster (#9353) 
We are maintaining version info on the README.md, and it is not
necessary to maintain that on setting-up-your-first-cluster.md
 2022-09-30 06:02:29 -07:00
Hugo Blom
4189008245 Try fix issue where ports doesn't get an ip assigned (#9345) 
Co-authored-by: Jonathan Süssemilch Poulain <jonathan@sofiero.net>
 2022-09-30 00:48:29 -07:00
Kay Yan
44115d7d7a support-kube-1.25 (#9260) 
Co-authored-by: Rene Luria <rene.luria@infomaniak.com>
 2022-09-29 23:34:30 -07:00
Florian Ruynat
841e2f44c0 Remove references to 1.22 (#9342) 2022-09-28 14:10:29 -07:00
Hugo Blom
a8e4984cf7 Add missing permissions to openstack cc (#9335) 
Add missing permissions to Openstack cloud controller to make sure controller runs as intended
 2022-09-27 22:19:35 -07:00
Hugo Blom
49196c2ec4 [Openstack] Add bastion_allowed_ports to allow custom security group rules on bastion node (#9336) 
* make it possible to configure bastion remote ips

* Update README.md
 2022-09-27 22:03:35 -07:00
Rene Luria
3646dc0bd2 fix: remove trailing backslash and yaml indent (#9339) 
* fix: remove trailing backslash

* fixed indent in cilium config template
 2022-09-27 19:45:35 -07:00
Alex
694de1d67b update README to reference docker v2.20.0 tag (#9334) 2022-09-27 19:41:36 -07:00
biqiang Wu
31caab5f92 Fix: The Hubble certificate is faulty because the cluster name is hard coded (#9340) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-09-27 05:57:52 -07:00
ERIK
472996c8b3 update pause image version (#9337) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2022-09-27 00:49:52 -07:00
Shelming.Song
d62c67a5f5 allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml (#9330) 2022-09-26 21:57:45 -07:00
Federico Cucinella
e486151aea cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 (#9332) 2022-09-26 17:35:46 -07:00
Florian Ruynat
9c407e667d Update kubespray version following release (#9333) 2022-09-26 17:31:46 -07:00
Ho Kim
18efdc2c51 Fix typos in calico (#9327) v2.20.0 2022-09-26 00:11:44 -07:00
Zhong Jianxin
6dff39344b preinstall: Add nodelocaldns to supersede_nameserver if enabled (#9282) 
When a machine that use dhclient and resolvconf reboots, this will make /etc/resolv.conf
remain close to the one before reboot
 2022-09-25 20:19:44 -07:00
Robin Wallace
c4de3df492 upcloud csi driver: bump version to v0.3.3 (#9317) 2022-09-24 13:18:04 -07:00
Ilya Margolin
f2e11f088b Hotfix containerd restart (#9322) 2022-09-24 13:14:04 -07:00
Victor Morales
782f0511b9 Define ostree variable for runc (#9321) 
The ostree variable is not defined previously raising an error when
the runtime tries to read it.
 2022-09-24 13:00:11 -07:00
Kevin Huang
fa093ee609 feat(docs/openstack.md): Put Additional step needed when using calico or kube-router in own section (#9320) 2022-09-24 13:00:04 -07:00
Samuel Liu
612bcc4bb8 add liupeng0518 to approvers list (#9313) 2022-09-24 12:52:05 -07:00
Florian Ruynat
4ad67acedd Move back vsphere csi to kube-system ns (#9312) 2022-09-23 10:46:26 -07:00
Kei Kori
467dc19cbd support removing options in resolvconf with tab separator (#9304) 2022-09-23 10:42:27 -07:00
Ilya Margolin
726711513f [containerd] Allow configuring base_runtime_spec per containerd runtime (#9302) 
and supply a default runtime spec.
 2022-09-23 10:38:27 -07:00