External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-14 23:47:30 -02:30
Code Issues Packages Projects Releases Wiki Activity
8,745 Commits 46 Branches 88 Tags
af6296a31d6537128afdb25818fd742053a00ce0
Commit Graph

57 Commits

Author SHA1 Message Date
Shaleen Bathla
979fe25521 cilium: remove unused bpf clock probe variable (#13050) 
Signed-off-by: Shaleen Bathla <shaleen.bathla@servicenow.com>
 2026-03-11 16:39:38 +05:30
Ali Afsharzadeh
39744146b4 Remove legacy cilium_remove_old_resources task (#12771) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2025-12-07 07:36:55 -08:00
Clement Phu
6c147dfe3c Add cilium_extra_values to make use of any cilium values (#12375) 
fix noqa
 2025-08-08 20:29:43 -07:00
Mustafa Mertcan Çam
cde6e815dd Cilium: Pass cluster DNS to hubble.peerService in values.yaml.j2 (#12346) 
* cilium: pass cluster DNS to hubble.peerService in values.yaml.j2

* Add dedicated Hubble variable defaulting to inventory cluster domain
 2025-07-03 09:37:25 -07:00
Takuya Murakami
048967e3b0 feat: Add cilium_install_extra_flags (#12262) 
Enable to use --chart-directory options etc for offline installation

Signed-off-by: Takuya Murakami <murakami_da@nec.com>
 2025-06-25 05:58:29 -07:00
ChengHao Yang
7bb9552e94 Fix: add cilium remove old resources option 
Give users two options: besides skip Cilium, add
`cilium_remove_old_resources`, default is `false`, when set to `true`,
it will remove the content of the old version, but it will cause the
downtime, need to be careful to use.

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-06-05 21:14:49 +08:00
ChengHao Yang
5e2e63ebe3 Make cilium dnsProxy transparent mode configure 
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
 2025-05-19 08:48:15 +08:00
ChengHao Yang
db290ca686 Add cilium gateway api support 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
6619d98682 Add cilium hubble export dynamic content 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
b771d73fe0 Add cilium hubble export file max backups & size mb 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
86437730de Use cilium-cli install Cilium 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
1e471d5eeb Upgrade outdated cilium_min_version_required 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:11 +08:00
ErmolenkoMaxim
46a0dc9a51 Add support for hubble-export-file-max-backups and max-size-mb variables (#12072) 
* feat(cilium): add configurable Hubble export log rotation parameters

- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals

* Fix indentation for hubble export settings

* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors

* Update main.yml

rollback
 2025-05-17 00:35:13 -07:00
felipe88alves
9bbd597e20 create cilium_operator_tolerations variable in group_var (#12200) 
- This enables ithe override of the tolerations for the cilium-operator deployment
 - default behaviour is to leave the toleration as is unless the var is set
 2025-05-12 03:25:15 -07:00
Max Gautier
d6d87e9a83 Move cilium_deploy_additionnaly to kubespray-default (#12191) 
Instead of using default(false) all over the place, use
kubespray-defaults
 2025-05-07 05:05:17 -07:00
Max Gautier
f9a263090a Propagate v-less version everywhere 2025-03-05 16:18:39 +01:00
Boris
a51e7dd07d refact ip stack (#11953) 2025-02-11 03:37:58 -08:00
logicsys
b8541962f3 Partial Cilium 1.16+ Support & Add vars for configuring cilium IP load balancer pools and bgp v1 & v2 apis (#11620) 
* Add vars for configuring cilium IP load balancer pools and bgp peer policies

* Cilium 1.16+ Support - Add vars for configuring cilium bgpv2 api & handle cilium_kube_proxy_replacement unsupported values
 2024-11-19 02:48:53 +00:00
peterw
6b499186b0 add cilium hubble-ui enable flag (#10939) 2024-10-01 06:53:49 +01:00
Serge Hartmann
0eeac591ad variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config (#11230) 
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
 2024-09-30 08:22:02 +01:00
peterw
edce2b528d add cilium_hubble_event_buffer_capacity & cilium_hubble_event_queue_size vars (#10943) 2024-06-23 20:14:56 -07:00
Devesh Kumar
eee5b5890d feat: Add support for cilium 1.15 and updated cilium to v1.15.4 (#11106) 2024-04-23 19:42:11 -07:00
Arthur Outhenin-Chalandre
5d00b851ce project: fix var-spacing ansible rule (#10266) 
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-07-04 20:36:54 -07:00
jeremy-thuon
0405af1107 [cilium] add custom vars for clusterrole cilium operator (#10267) 2023-07-03 02:20:51 -07:00
jeremy-thuon
4a03d13d08 [cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959) 
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
 2023-04-09 22:07:15 -07:00
xiuguang.huang
4020a93d7e delete the probe option of cilium_kube_proxy_replacement (#9929) 2023-03-27 08:08:28 -07:00
Kay Yan
309aaee427 fix-cilium-error (#9902) 2023-03-20 02:41:17 -07:00
biqiang Wu
2ae3ea9ee3 Modified the default value of cilium IPAM and added the support for related parameters (#9443) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2023-03-13 17:45:10 -07:00
biqiang Wu
c681435432 Add switch cilium_enable_bandwidth_manager (#9441) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-10-28 03:08:31 -07:00
Necatican Yıldırım
7da3dbcb39 Cilium 1.12 Upgrade (#9225) 
* Drop support for Cilium < 1.10

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Synchronize Cilium templates for 1.11.7

Signed-off-by: necatican <contact@necatican.com>

* Set Cilium v1.12.1 as the default version

Signed-off-by: necatican <contact@necatican.com>

Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
 2022-09-19 02:14:31 -07:00
Tristan
bbd1161147 9035: Make Cilium rolling-restart delay/timeout configurable (#9176) 
See #9035
 2022-08-22 02:37:44 -07:00
Emin AKTAS
5071529a74 feat: upgrade cilium and add default variables (#9065) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: Emin Aktas <emin.aktas@trendyol.com>
 2022-07-07 10:35:34 -07:00
mahjonp
c927da00e0 Support cilium ip-masq-agent configuration (#8893) 
* fix deploy Cilium with eBPF-based Masquerading failed

Signed-off-by: mahjonp <junpeng.man@gmail.com>

* forget to add the enable-ip-masq-agent flag

Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-05-31 09:26:53 -07:00
Necatican Yıldırım
13443b05a6 Overhaul Cilium manifests to match the newer versions (#8717) 
* [cilium] Separate templates for cilium, cilium-operator, and hubble installations

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-operator templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Allow using custom args and mounting extra volumes for the Cilium Operator

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update the cilium configmap to filter out the deprecated variables, and add the new variables

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Add an option to use Wireguard encryption on Cilium 1.10 and up

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-agent templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Bump Cilium version to 1.11.3

Signed-off-by: necatican <necaticanyildirim@gmail.com>
 2022-05-11 06:23:04 -07:00
Tom Stian Berget
84b93090a8 Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode (#8519) 
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode

* Change inventory sample
 2022-02-08 14:04:35 -08:00
Necatican Yıldırım
caff539ccd Add identity_allocation_mode support for Cilium (#8430) 
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
 2022-01-16 09:29:28 -08:00
Sergey
5336943a8c add cilium_operator_api_serve_addr to cilium operator config (#7901) 2021-08-24 03:49:13 -07:00
bac-w
2556eb2733 Upgrade cilium role (#7521) 
* Upgrade cilium roles

* Del old test result

* Add hubble ui examples

* Refactor hubble metrics

* Markdown fix pipeline errors

* yamllint check and fix

* refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520

* Docs syntax change (fix)

* Cilium set default 1.8.9

* Update cilium version in Readme
 2021-04-30 08:09:59 -07:00
Frank Ritchie
f05d6b3711 Add cilium_ipam_mode variable (#7418) 
Starting with Cilium v1.9 the default ipam mode has changed to "Cluster
Scope". See:

https://docs.cilium.io/en/v1.9/concepts/networking/ipam/

With this ipam mode Cilium handles assigning subnets to nodes to use
for pod ip addresses. The default Kubespray deploy uses the Kube
Controller Manager for this (the --allocate-node-cidrs
kube-controller-manager flag is set). This makes the proper ipam mode
for kubespray using cilium v1.9+ "kubernetes".

Tested with Cilium 1.9.5.

This PR also mounts the cilium-config ConfigMap for this variable
to be read properly.

In the future we can probably remove the kvstore and kvstore-opt
Cilium Operator args since they can be in the ConfigMap. I will tackle
that after this merges.
 2021-04-01 07:33:22 -07:00
Qasim Sarfraz
d53fd29e34 Add support for cilium ipsec (#7342) 
* Add support for cilium ipsec

* Fix typo for bpffs
 2021-03-23 13:46:06 -07:00
Dmitry Chusovitin
c09aabab0c Remove executable bit from yaml and j2 files (#6894) 2020-11-29 20:18:48 -08:00
Arthur Outhenin-Chalandre
e6dae03a0d Add cilium hubble server in config (#6575) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-26 23:19:02 -07:00
Arthur Outhenin-Chalandre
ca8e59fa85 Add new cilium options for native routing (#6519) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-18 00:39:42 -07:00
Arthur Outhenin-Chalandre
bedb411d06 improve Cilium metrics support (#6513) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-18 00:35:29 -07:00
Arthur Outhenin-Chalandre
3550e3c145 Adding kube-proxy-replacement support in cilium (#6334) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-07-30 02:46:31 -07:00
Arthur Outhenin-Chalandre
1a1fe99669 Add a way to deploy cilium alongside another CNI (#6373) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-07-17 05:57:01 -07:00
Pasquale Toscano
4ce970c0b2 Cilium: overwrite auto-detected MTU of underlying network (#6329) 2020-07-02 07:12:47 -07:00
Fredrik Lönnegren
e257d92f41 Cilium updates (#5438) 
* Add resources needed to deploy 1.6.4

* Use cilium v1.6.4

* Change deprecated option name

* Add update crd to clusterrole cilium

* Cilium 1.6.4 -> 1.6.5

* Make monitor-aggregation config configurable as a variable

* Change monitor-aggregation default none->medium

* Cilium 1.6.5 -> 1.6.6

* Update to 1.7.0

* v1.7.0->v1.7.1
 2020-03-11 08:15:36 -07:00
Junho Suh
076f254a67 Add cilium_tunnel_mode variable to the cilium config (#5295) 2019-11-11 03:19:42 -08:00
Holger Frydrych
bc6de32faf Upgrade Cilium network plugin to v1.5.5. (#5014) 
* Needs an additional cilium-operator deployment.
  * Added option to enable hostPort mappings.
 2019-08-06 01:37:55 -07:00