External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-03 10:38:19 -03:30
Code Issues Packages Projects Releases Wiki Activity
7,255 Commits 45 Branches 88 Tags
b9e3861385d394467eb54a144eaeba20db15141c
Commit Graph

4873 Commits

Author SHA1 Message Date
Kay Yan
b9e3861385 add-cpuManagerPolicy (#10309) 2023-07-25 13:12:20 -07:00
satandyh
050bd0527f enchance security with CIS Kubernetes V1.23 (#10304) 
Benchmark item number 4.1.9
 2023-07-23 19:24:11 -07:00
Mohamed Omar Zaian
fe32de94b9 [kubernetes] Add hashes for kubernetes 1.27.4, 1.26.7, 1.25.12 (#10300) 2023-07-23 19:20:10 -07:00
Louis Tu
d2383d27a9 Bump versions (#10295) 
The following applications have been upgraded:

* helm
* skopeo
* yq

Signed-off-by: tu1h <lihai.tu@daocloud.io>
 2023-07-19 00:26:03 -07:00
yangsenzk
13aa32278a bugfix: fix grep command without -w option causing prefix matched while adding one etcd member (#10291) 2023-07-13 21:43:29 -07:00
Mohamed Omar Zaian
38ce02c610 [ingress-nginx] upgrade to 1.8.1 (#10281) 2023-07-10 21:05:12 -07:00
yun
1d86919883 Clean up calicoctl_alternate_download_url (#10271) 2023-07-05 08:16:57 -07:00
Victor Morales
78c1775661 Upgrade versions (#9798) 
The following applications have been upgraded:

* Cilium
* Helm
* crun
* Katacontainers
* youki
* gvisor
* skopeo
* yq

Signed-off-by: Victor Morales <chipahuac@hotmail.com>
 2023-07-05 03:32:58 -07:00
Arthur Outhenin-Chalandre
5d00b851ce project: fix var-spacing ansible rule (#10266) 
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-07-04 20:36:54 -07:00
jeremy-thuon
0405af1107 [cilium] add custom vars for clusterrole cilium operator (#10267) 2023-07-03 02:20:51 -07:00
Wendy
872e173887 update cilium version to 1.13.4 (#10269) 
Signed-off-by: yulng <wei.yang@daocloud.io>
 2023-07-03 00:02:51 -07:00
yun
b42757d330 Fix RHEL subscription activation key by removing auto_attach and syspurpose (#10258) 2023-06-30 03:21:45 -07:00
Arthur Outhenin-Chalandre
f8f197e26b Fix outdated tag and experimental ansible-lint rules (#10254) 
* project: fix outdated tag and experimental

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: remove no longer useful noqa 301

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: replace unnamed-task by name[missing]

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix daemon-reload -> daemon_reload

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-30 02:51:57 -07:00
Cyclinder
4f85b75087 using configmap to configure calico cni config (#10177) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2023-06-30 02:51:45 -07:00
Arthur Outhenin-Chalandre
37e004164b metallb: increase wait timeout from 30s to 2m (#10260) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-27 20:54:32 -07:00
Mathieu Parent
77069354cf Add system-upgrade to upgrade-cluster playbook (#10184) 2023-06-26 18:24:30 -07:00
ERIK
2aafab6c19 fix etcdctl copy operation in crio (#10242) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-06-26 18:08:30 -07:00
Arthur Outhenin-Chalandre
25cb90bc2d Upgrade ansible (#10190) 
* project: update all dependencies including ansible

Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue
with ansible 8/ansible-core 2.15 so we remain on those versions for now.
It's quite a big bump already anyway.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* tests: install aws galaxy collection

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* ansible-lint: disable various rules after ansible upgrade

Temporarily disable a bunch of linting action following ansible upgrade.
Those should be taken care of separately.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve deprecated-module ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve no-free-form ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[meta] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[playbook] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[tasks] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve risky-file-permissions ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve risky-shell-pipe ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: remove deprecated warn args

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: use fqcn for non builtin tasks

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve syntax-check[missing-file] for contrib playbook

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: use arithmetic inside jinja to fix ansible 6 upgrade

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-26 03:15:45 -07:00
Tiago Epifânio
eb31653d66 Disable fapolicyd service (#10081) 2023-06-23 20:49:06 -07:00
Vyacheslav Vershinin
180df831ba feat: add option to use custome CA for https_proxy (#10215) 2023-06-23 09:59:24 -07:00
Pat Riehecky
2fa64f9fd6 Add flag to prevent running helm update (#10169) 
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
 2023-06-23 06:03:23 -07:00
Victor Morales
bf31a3a872 Split defaults main file (#10121) 2023-06-22 02:19:40 -07:00
peterw
4a8fd94a5f add growpart azure enabled (#10241) 2023-06-21 06:23:40 -07:00
Louis Tu
e214bd0e1b clean up outdate os files (#10236) 
Signed-off-by: tu1h <lihai.tu@daocloud.io>
 2023-06-21 02:45:39 -07:00
Arthur Outhenin-Chalandre
4ad89ef8f1 local_path_provisioner: fix invalid podhelper yaml (#10237) 
New line was not inserted between image and imagePullPolicy for some
reasons with the jinja. Simplifying this altogether should fix this.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-20 20:10:21 -07:00
Emin AKTAS
7a66be8254 bump flannel version to v0.22.0 and flannel-cni-plugin version to v1.1.2 (#10205) 
This also changes flannel repository from flannelcni to flannel

Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
 2023-06-19 16:52:24 -07:00
Samuel Liu
db696785d5 update local path provisioner version and remove psp (#10054) 
* update local_path_provisioner_version

* remove psp and update cm
 2023-06-19 11:44:21 -07:00
Mohamed Omar Zaian
dfec133273 [calico] add hashes for v3.26.1 (#10235) 2023-06-19 10:40:23 -07:00
Arthur Outhenin-Chalandre
475abcc3a8 project: drop Kubernetes 1.24 support (#10234) 
* project: drop Kubernetes 1.24 support

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* readme: bump crio version to 1.27 in the readme

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-19 08:42:21 -07:00
Mohamed Omar Zaian
3a7d84e014 [feature] Correct CoreDNS versions for kubernetes releases (#10233) 2023-06-19 07:34:22 -07:00
Mohamed Omar Zaian
ad3f84df98 [argocd] update argocd to v2.7.4 (#10226) 2023-06-19 07:20:22 -07:00
Emin AKTAS
79e742c03b bump coredns version to 1.10.1 (#10199) 
Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
 2023-06-19 04:06:21 -07:00
Takuya Murakami
b2f6abe4ab fix parsing of RHSM proxy configuration (#10060) (#10228) 
Remove URL scheme part from http_proxy for server.proxy_hostname
 2023-06-19 02:24:21 -07:00
Louis Tu
c5dac1cdf6 Add Debian 12(bookworm) support and CI (#10221) 
Signed-off-by: tu1h <lihai.tu@daocloud.io>
 2023-06-19 02:20:21 -07:00
Samuel Liu
d296adcd65 allow change argocd url (#10176) 2023-06-18 19:18:20 -07:00
Mohamed Omar Zaian
141064c443 [helm] upgrade to 3.12.1 (#10225) 2023-06-18 17:04:20 -07:00
ERIK
54859cb814 Fix etcdctl copy operation (#10230) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-06-16 04:18:19 -07:00
Mohamed Omar Zaian
0f0991b145 [ingress-nginx] upgrade to 1.8.0 (#10223) 2023-06-15 19:48:25 -07:00
Mohamed Omar Zaian
658d62be16 [kubernetes] upgrade versions to address CVE-2023-2728 (#10220) 
* [kubernetes] Add hashes for 1.27.3, 1.26.6, 1.25.11
* [kubernetes] make 1.26.6 default
 2023-06-15 19:48:18 -07:00
Mohamed Omar Zaian
0139bfdb71 [calico] add hashes for v3.26.0 (#10224) 2023-06-15 19:44:18 -07:00
Furkan Türkal
b4db077e6a containerd: bump to 1.7.2 (#10219) 
Signed-off-by: Furkan <furkan.turkal@trendyol.com>
 2023-06-15 03:22:18 -07:00
Ugur Can Ozturk
a962fa2357 [podSecurityConfiguration]: fix apiVersion and change default policy versions (#10210) 
Signed-off-by: Ugur <ugurozturk918@gmail.com>
 2023-06-12 17:55:57 -07:00
palme
775851b00c [flatcar] add python dependency check for helm-apps (#10192) 
* add pyyaml install via task instead of package

* Change condition for better consistency in the codebase
 2023-06-12 17:51:58 -07:00
Arthur Outhenin-Chalandre
f8fadf53cd helm: fix pyyaml package on RH distros (#10204) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-06-12 17:39:57 -07:00
ERIK
ce13699dfa Use a uniform way to get the local path of the binaries (#10211) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2023-06-12 00:39:48 -07:00
Ashish Singh Dev
fc5937e948 fix gce-pd-csi driver (#10208) 
* fix gce-pd-csi driver

* fixed, 1. reading replicas value from defaults.yml, and 2. corrected gcp-pd-csi driver version in README.md
 2023-06-11 20:45:47 -07:00
Emin AKTAS
2b80d053f3 bump nodelocaldns version to 1.22.20 (#10200) 
Signed-off-by: Emin Aktaş <eminaktas34@gmail.com>
 2023-06-08 03:08:14 -07:00
Pat Riehecky
f5ee8b71ff Permit custom names for API server lb/proxy containers. (#10166) 
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
 2023-06-08 02:54:13 -07:00
James
4c76feb574 Kubelet csr approver fixes (#10165) 
* Fix upgrade-path for kubelet-csr-approver

Fixes an error when you enable kubelet-csr-approver when upgrading.
It hangs waiting for the certificate to be approved since the
kubelet-csr-approver is not installed yet.

* Add missing package when using helm role
 2023-06-06 02:27:00 -07:00
yun
5ebd305d17 remove cri-o using crio_bin_files (#10182) 2023-06-04 20:02:42 -07:00