External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-04 11:08:16 -03:30
Code Issues Packages Projects Releases Wiki Activity
8,351 Commits 46 Branches 88 Tags
ce26f17e9ecab564dc833e51d54190c4cdcf554c
Commit Graph

51 Commits

Author SHA1 Message Date
ChengHao Yang
5e2e63ebe3 Make cilium dnsProxy transparent mode configure 
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
 2025-05-19 08:48:15 +08:00
ChengHao Yang
db290ca686 Add cilium gateway api support 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
6619d98682 Add cilium hubble export dynamic content 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
b771d73fe0 Add cilium hubble export file max backups & size mb 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
86437730de Use cilium-cli install Cilium 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
1e471d5eeb Upgrade outdated cilium_min_version_required 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:11 +08:00
ErmolenkoMaxim
46a0dc9a51 Add support for hubble-export-file-max-backups and max-size-mb variables (#12072) 
* feat(cilium): add configurable Hubble export log rotation parameters

- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals

* Fix indentation for hubble export settings

* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors

* Update main.yml

rollback
 2025-05-17 00:35:13 -07:00
felipe88alves
9bbd597e20 create cilium_operator_tolerations variable in group_var (#12200) 
- This enables ithe override of the tolerations for the cilium-operator deployment
 - default behaviour is to leave the toleration as is unless the var is set
 2025-05-12 03:25:15 -07:00
Max Gautier
d6d87e9a83 Move cilium_deploy_additionnaly to kubespray-default (#12191) 
Instead of using default(false) all over the place, use
kubespray-defaults
 2025-05-07 05:05:17 -07:00
Max Gautier
f9a263090a Propagate v-less version everywhere 2025-03-05 16:18:39 +01:00
Boris
a51e7dd07d refact ip stack (#11953) 2025-02-11 03:37:58 -08:00
logicsys
b8541962f3 Partial Cilium 1.16+ Support & Add vars for configuring cilium IP load balancer pools and bgp v1 & v2 apis (#11620) 
* Add vars for configuring cilium IP load balancer pools and bgp peer policies

* Cilium 1.16+ Support - Add vars for configuring cilium bgpv2 api & handle cilium_kube_proxy_replacement unsupported values
 2024-11-19 02:48:53 +00:00
peterw
6b499186b0 add cilium hubble-ui enable flag (#10939) 2024-10-01 06:53:49 +01:00
Serge Hartmann
0eeac591ad variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config (#11230) 
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
 2024-09-30 08:22:02 +01:00
peterw
edce2b528d add cilium_hubble_event_buffer_capacity & cilium_hubble_event_queue_size vars (#10943) 2024-06-23 20:14:56 -07:00
Devesh Kumar
eee5b5890d feat: Add support for cilium 1.15 and updated cilium to v1.15.4 (#11106) 2024-04-23 19:42:11 -07:00
Arthur Outhenin-Chalandre
5d00b851ce project: fix var-spacing ansible rule (#10266) 
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-07-04 20:36:54 -07:00
jeremy-thuon
0405af1107 [cilium] add custom vars for clusterrole cilium operator (#10267) 2023-07-03 02:20:51 -07:00
jeremy-thuon
4a03d13d08 [cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959) 
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
 2023-04-09 22:07:15 -07:00
xiuguang.huang
4020a93d7e delete the probe option of cilium_kube_proxy_replacement (#9929) 2023-03-27 08:08:28 -07:00
Kay Yan
309aaee427 fix-cilium-error (#9902) 2023-03-20 02:41:17 -07:00
biqiang Wu
2ae3ea9ee3 Modified the default value of cilium IPAM and added the support for related parameters (#9443) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2023-03-13 17:45:10 -07:00
biqiang Wu
c681435432 Add switch cilium_enable_bandwidth_manager (#9441) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-10-28 03:08:31 -07:00
Necatican Yıldırım
7da3dbcb39 Cilium 1.12 Upgrade (#9225) 
* Drop support for Cilium < 1.10

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Synchronize Cilium templates for 1.11.7

Signed-off-by: necatican <contact@necatican.com>

* Set Cilium v1.12.1 as the default version

Signed-off-by: necatican <contact@necatican.com>

Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
 2022-09-19 02:14:31 -07:00
Tristan
bbd1161147 9035: Make Cilium rolling-restart delay/timeout configurable (#9176) 
See #9035
 2022-08-22 02:37:44 -07:00
Emin AKTAS
5071529a74 feat: upgrade cilium and add default variables (#9065) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: Emin Aktas <emin.aktas@trendyol.com>
 2022-07-07 10:35:34 -07:00
mahjonp
c927da00e0 Support cilium ip-masq-agent configuration (#8893) 
* fix deploy Cilium with eBPF-based Masquerading failed

Signed-off-by: mahjonp <junpeng.man@gmail.com>

* forget to add the enable-ip-masq-agent flag

Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-05-31 09:26:53 -07:00
Necatican Yıldırım
13443b05a6 Overhaul Cilium manifests to match the newer versions (#8717) 
* [cilium] Separate templates for cilium, cilium-operator, and hubble installations

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-operator templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Allow using custom args and mounting extra volumes for the Cilium Operator

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update the cilium configmap to filter out the deprecated variables, and add the new variables

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Add an option to use Wireguard encryption on Cilium 1.10 and up

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-agent templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Bump Cilium version to 1.11.3

Signed-off-by: necatican <necaticanyildirim@gmail.com>
 2022-05-11 06:23:04 -07:00
Tom Stian Berget
84b93090a8 Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode (#8519) 
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode

* Change inventory sample
 2022-02-08 14:04:35 -08:00
Necatican Yıldırım
caff539ccd Add identity_allocation_mode support for Cilium (#8430) 
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
 2022-01-16 09:29:28 -08:00
Sergey
5336943a8c add cilium_operator_api_serve_addr to cilium operator config (#7901) 2021-08-24 03:49:13 -07:00
bac-w
2556eb2733 Upgrade cilium role (#7521) 
* Upgrade cilium roles

* Del old test result

* Add hubble ui examples

* Refactor hubble metrics

* Markdown fix pipeline errors

* yamllint check and fix

* refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520

* Docs syntax change (fix)

* Cilium set default 1.8.9

* Update cilium version in Readme
 2021-04-30 08:09:59 -07:00
Frank Ritchie
f05d6b3711 Add cilium_ipam_mode variable (#7418) 
Starting with Cilium v1.9 the default ipam mode has changed to "Cluster
Scope". See:

https://docs.cilium.io/en/v1.9/concepts/networking/ipam/

With this ipam mode Cilium handles assigning subnets to nodes to use
for pod ip addresses. The default Kubespray deploy uses the Kube
Controller Manager for this (the --allocate-node-cidrs
kube-controller-manager flag is set). This makes the proper ipam mode
for kubespray using cilium v1.9+ "kubernetes".

Tested with Cilium 1.9.5.

This PR also mounts the cilium-config ConfigMap for this variable
to be read properly.

In the future we can probably remove the kvstore and kvstore-opt
Cilium Operator args since they can be in the ConfigMap. I will tackle
that after this merges.
 2021-04-01 07:33:22 -07:00
Qasim Sarfraz
d53fd29e34 Add support for cilium ipsec (#7342) 
* Add support for cilium ipsec

* Fix typo for bpffs
 2021-03-23 13:46:06 -07:00
Dmitry Chusovitin
c09aabab0c Remove executable bit from yaml and j2 files (#6894) 2020-11-29 20:18:48 -08:00
Arthur Outhenin-Chalandre
e6dae03a0d Add cilium hubble server in config (#6575) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-26 23:19:02 -07:00
Arthur Outhenin-Chalandre
ca8e59fa85 Add new cilium options for native routing (#6519) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-18 00:39:42 -07:00
Arthur Outhenin-Chalandre
bedb411d06 improve Cilium metrics support (#6513) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-08-18 00:35:29 -07:00
Arthur Outhenin-Chalandre
3550e3c145 Adding kube-proxy-replacement support in cilium (#6334) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-07-30 02:46:31 -07:00
Arthur Outhenin-Chalandre
1a1fe99669 Add a way to deploy cilium alongside another CNI (#6373) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-07-17 05:57:01 -07:00
Pasquale Toscano
4ce970c0b2 Cilium: overwrite auto-detected MTU of underlying network (#6329) 2020-07-02 07:12:47 -07:00
Fredrik Lönnegren
e257d92f41 Cilium updates (#5438) 
* Add resources needed to deploy 1.6.4

* Use cilium v1.6.4

* Change deprecated option name

* Add update crd to clusterrole cilium

* Cilium 1.6.4 -> 1.6.5

* Make monitor-aggregation config configurable as a variable

* Change monitor-aggregation default none->medium

* Cilium 1.6.5 -> 1.6.6

* Update to 1.7.0

* v1.7.0->v1.7.1
 2020-03-11 08:15:36 -07:00
Junho Suh
076f254a67 Add cilium_tunnel_mode variable to the cilium config (#5295) 2019-11-11 03:19:42 -08:00
Holger Frydrych
bc6de32faf Upgrade Cilium network plugin to v1.5.5. (#5014) 
* Needs an additional cilium-operator deployment.
  * Added option to enable hostPort mappings.
 2019-08-06 01:37:55 -07:00
Matthew Mosesohn
05dc2b3a09 Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) 
* Use K8s 1.14 and add kubeadm experimental control plane mode

This reverts commit d39c273d96.

* Cleanup kubeadm setup run on first master

* pin kubeadm_certificate_key in test

* Remove kubelet autolabel of kube-node, add symlink for pki dir

Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
 2019-04-19 06:01:54 -07:00
Matthew Mosesohn
d39c273d96 Revert "Use K8s 1.14 and add kubeadm experimental control plane mode (#4317)" (#4510) 
This reverts commit 316508626d.
 2019-04-11 12:52:43 -07:00
Matthew Mosesohn
316508626d Use K8s 1.14 and add kubeadm experimental control plane mode (#4317) 
* Use Kubernetes 1.14 and experimental control plane support

* bump to v1.14.0
 2019-04-11 05:30:13 -07:00
Andreas Krüger
d5ce5874e8 Streamline path to certs dir (#3836) 
* Streamline path to certs dir

* More fixes

* Set path to etcd certs in kubernetes defaults instead
 2018-12-06 23:11:53 -08:00
Wong Hoi Sing Edison
c3b3572025 Always create service account even rbac_enabled = false 2018-08-22 11:41:29 +08:00
Zinin D.A
22b89edbbc cilium v1.1.2 
Update all configs to current upstream state.
Add more resources (unable to pass tests now)...
 2018-08-08 22:42:50 +03:00