External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-01 17:48:12 -03:30
Code Issues Packages Projects Releases Wiki Activity
8,673 Commits 45 Branches 88 Tags
f071fccc3376adf922ce38f61a39a594fdb191ef
Commit Graph

8673 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tushar240503
f071fccc33 updated prometheus-operator crd checksum autobump (#12939) 
* updated prometheus-operator crd checksum autobump

Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com>

* updated to Next-Gen format

Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com>

---------

Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com>
 2026-01-31 19:44:24 +05:30
Eugene Shutov
70daea701a local_path_provisioner: add resources (#12548) 
* local_path_provisioner: add resources

* Update roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-deployment.yml.j2

Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

---------

Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-31 00:08:25 +05:30
Ali Afsharzadeh
3e42b84e94 Upgrade Dockerfile base image from Ubuntu 22.04 to 24.04 (#12935) 
* Upgrade Dockerfile base image from Ubuntu 22.04 to 24.04

* Add --break-system-packages flag to testcases_run.sh file
 2026-01-30 19:57:44 +05:30
Max Gautier
868ff3cea9 Auto-bump checksums on last 3 branches (#12934) 
We now have all supported release branches (last 3) using the new
checksums format, which means they all work with the auto-bump tooling.
 2026-01-30 15:39:44 +05:30
Max Gautier
0b69a18e35 Remove nifcloud terraform provider support (it is no longer available) (#12936) 
The nifcloud terraform provider has been deleted, so remove support and
CI.
 2026-01-30 15:05:44 +05:30
ChengHao Yang
e30076016c Releng: Galaxy version upgrade to 2.31.0 (#12909) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-30 13:35:43 +05:30
ChengHao Yang
f4ccdb5e72 Docs: update 2.29.0 to 2.30.0 (#12899) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
v2.30.0 		2026-01-29 23:45:50 +05:30
Max Gautier
fcecaf6943 wait for control plane node to become ready after joining (#12794) 
When joining a control plane node and "upgrading" the cluster setup (for
example, to update etcd addresses after adding a new etcd) in the same
playbook run, the node can take a bit of time to become ready after
joining.
This triggers a kubeadm preflight check (ControlPlaneNodesReady) in
kubeadm upgrade, which is run directly after the join tasks.

Add a configurable wait for the control plane node to become Ready to
fix this race condition.
 2026-01-28 22:15:51 +05:30
Max Gautier
37f7a86014 etcd-certs: only change necessary permissions (#12908) 
We currently **recursively** set the permissions of /etc/ssl/etcd/ssl
(default path) to 700. But this removes group permission from the files
under it, and certain composents (like calio with etcd datastore) rely
on it ; thus, the upgrade of a cluster can fail because the
calico-kube-controller can't access the certs, and thus the etcd.

This works in other case because as far as I can tell, the apiserver
which do access the etcd run as root (the owner of the files, not just
the "group owner")

We also for some reasons do this twice.

Only create the etcd cert directory with the correct permissions once,
not recursively.
 2026-01-27 20:25:52 +05:30
Max Gautier
fff7f10a85 Patch versions updates (#12912) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-27 20:21:53 +05:30
ChengHao Yang
dc09298f7e Docs: cilium_kube_proxy_replacement change boolean (#12898) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-27 16:43:48 +05:30
dependabot[bot]
680db0c921 build(deps): bump jmespath from 1.0.1 to 1.1.0 (#12905) 
Bumps [jmespath](https://github.com/jmespath/jmespath.py) from 1.0.1 to 1.1.0.
- [Changelog](https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/jmespath/jmespath.py/compare/1.0.1...1.1.0)

---
updated-dependencies:
- dependency-name: jmespath
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 16:39:49 +05:30
dependabot[bot]
9977d4dc10 build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#12906) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e8c483db8...de0fac2e45)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-26 20:41:53 +05:30
dependabot[bot]
1b6129566b build(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#12907) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](98357b18bf...c0f553fe54)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-26 20:37:51 +05:30
Ali Afsharzadeh
c3404c3685 Upgrade cilium from 1.18.5 to 1.18.6 (#12900) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-01-26 20:21:50 +05:30
Max Gautier
fba8708486 RELEASE.md: fix minor typo (#12891) 2026-01-22 16:43:29 +05:30
accuROAMC
8dacb9cd16 cri-o: fix duplicate top-level "auths" keys in registry config template (#12845) 
The config.json.j2 template was generating invalid JSON when multiple
crio_registry_auth entries were defined, resulting in multiple top-level
"auths" objects being rendered, e.g.:

{
  "auths": { "registry1": { "auth": "xxxx" } },
  "auths": { "registry2": { "auth": "yyyy" } }
}

This change moves the loop inside the "auths" object so that all registries
are rendered as siblings under a single "auths" key, producing valid JSON:

{
  "auths": {
    "registry1": { "auth": "xxxx" },
    "registry2": { "auth": "yyyy" }
  }
}
 2026-01-20 19:20:50 +05:30
Max Gautier
df3f0a2341 k8s-certs-renew: fix broken script (#12876) 
Unproquer quoting of variable assignment make the shell interpret it as
a command ; since the variable is unused anyway, just delete it.
 2026-01-19 22:57:47 +05:30
Kubernetes Prow Robot
62e90b3122 Merge pull request #12872 from VannTen/fix/defaut_lb_address 
Use loadbalancer IP as default apiserver endpoint if no LB hostname is used
 2026-01-19 21:45:50 +05:30
Max Gautier
6b5cc5bdfb Fix defaults for apiserver_loadbalancer_domain_name 
Since we're not longer injecting pseudo DNS into /etc/hosts,
'lb-apiserver.kubernetes.local' (the previous default) won't resolve to
anything.

Instead, default to the loadbalancer IP if defined, or to the node local
loadbalancer if it's in use.

Make the necessary adjustements in use site to deal with ip addresses as
well as hostnames.
 2026-01-19 09:43:48 +01:00
dependabot[bot]
a277cfdee7 build(deps): bump stefanbuck/github-issue-parser from 3.2.2 to 3.2.3 (#12874) 
Bumps [stefanbuck/github-issue-parser](https://github.com/stefanbuck/github-issue-parser) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/stefanbuck/github-issue-parser/releases)
- [Commits](25f1485edf...10dcc54158)

---
updated-dependencies:
- dependency-name: stefanbuck/github-issue-parser
  dependency-version: 3.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-19 09:35:10 +05:30
Max Gautier
bc5528f585 Patch versions updates (#12854) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-17 23:57:09 +05:30
Max Gautier
2740c13c0c Do not use apiserver LB in etcd certificates 
etcd does not use the apiserver load balancer, there is no reason to
include it's DNS into etcd certificates.
 2026-01-15 16:50:45 +01:00
Bas
52b68bccad Fix: ansible_facts.selinux.status added. (#12861) 2026-01-14 23:31:40 +05:30
Will Xiang
82c4c0afdf fix syntax in haproxy.cfg.j2 for IPv6 binding (#12862) 2026-01-14 12:33:35 +05:30
Kirill Statsenko
63a43cf6db add metallb_namespace default value (#12860) 2026-01-13 20:55:43 +05:30
Ali Afsharzadeh
666a3a9500 Upgrade containerd and nerdctl from 2.1.6 to 2.2.1 (#12825) 2026-01-12 15:24:10 +05:30
Max Gautier
28f9c126bf ansible-lint: disable jinja[spacing] warning (#12848) 
This pollutes ansible-lint output and force us to scroll to check what
the actuall issues are.
The spacing issues are minor and very opinionated, so it's no great
loss.
 2026-01-12 13:42:07 +05:30
Sivaram Singana
d41b629be3 updated elastx_ubuntu20 to ubuntu24 (#12844) 
* Updated the job name to elastx_ubuntu24 and ci matrix and test file

Signed-off-by: sivaram <singana.sivaram.naidu@ibm.com>

* remove unused OVH CI tf file (tf-ovh_ubuntu20-calico.yml)

Signed-off-by: sivaram <singana.sivaram.naidu@ibm.com>

* remove ubuntu20 for pre-commit fix

Signed-off-by: sivaram <singana.sivaram.naidu@ibm.com>

---------

Signed-off-by: sivaram <singana.sivaram.naidu@ibm.com>
 2026-01-10 23:35:56 +05:30
Ali Afsharzadeh
851abbc2e3 Disable discard_unpacked_layers for containerd >= 2.1 (#12821) 
Only set `discard_unpacked_layers` in the CRI image config for containerd
versions earlier than 2.1.0.

Starting with containerd v2.1, the CRI plugin uses the Transfer Service for
image pulls by default. The `discard_unpacked_layers` option is incompatible
with the Transfer Service and triggers containerd to fall back to local
image pulls, logging a warning.

This change prevents unsupported configuration from being applied on newer
containerd versions, avoiding runtime warnings and ensuring default image
pull behavior.

Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-01-08 19:39:40 +05:30
Qasim Mehmood
17c72367bc kube-vip: Fix template, drop all capabilities and use kube_vip_version (#12835) 
* Drop capabilities in kube-vip and use kube_vip_version

* Preserve trailing newline for kube_vip_cidr env var
 2026-01-07 07:43:38 +05:30
Max Gautier
d91c7d7576 Fix ansible-lint config error (#12842) 2026-01-06 20:15:11 +05:30
Kubernetes Prow Robot
14b20ad2a2 Merge pull request #12832 from VannTen/cleanup/network_facts 
network_facts: streamline set_fact and setup calls
 2026-01-06 15:01:10 +05:30
Max Gautier
72cb1356ef ci: make opentofu elastx not optionnal 2026-01-05 15:55:01 +01:00
Max Gautier
51304d57e2 network_facts: streamline set_fact and setup calls 
- invoke setup module only once to gather ipv4 and ipv6 addresses
- eliminate remaining use of `fallback_ip` and `fallback_ip6`, allowing
  us to define (with `set_fact` all the "computed" IPs variable in one
  go, since there is no longer a dependency between them.
 2026-01-05 15:54:56 +01:00
Goutham K
a0d7bef90e Remove deprecated kubelet flag (#12639) 2026-01-05 18:56:42 +05:30
Max Gautier
a1ec88e290 openstack-cleanup: delete old keypairs as well (#12833) 
* openstack-cleanup: format and logging

* openstack-cleanup: delete old keypairs as well
 2026-01-05 17:42:37 +05:30
Kubernetes Prow Robot
c9ff62944e Merge pull request #12355 from tico88612/feat/rocky-10-support 
RockyLinux 10 support (experimental)
 2026-01-05 14:32:37 +05:30
LawiK974
20ab9179af Update kube-vip to v1.0.3 (#12815) 2026-01-04 22:52:37 +05:30
ChengHao Yang
5be35c811a Docs: Rocky Linux 10 experimental description 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-03 15:40:01 +08:00
ChengHao Yang
ad522d4aab Docs: add rockylinux-10-extra description 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-03 00:52:30 +08:00
ChengHao Yang
9c511069cc CI: change rockylinux 10 image with kernel-module-extra 
How to build RockyLinux 10 + `kernel-module-extra` with dib
https://github.com/kubernetes-sigs/kubespray/pull/12355#issuecomment-3705400093

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-02 23:10:41 +08:00
ChengHao Yang
ed270fcab4 Docs: update support system RHEL-based variants 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-02 23:10:41 +08:00
ChengHao Yang
0615929727 CI: add cilium test for rockylinux 10 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-02 23:10:41 +08:00
ChengHao Yang
48c25d9ebf CI: add calico test for rockylinux 10 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-01-02 23:10:40 +08:00
LawiK974
0bffcacbe7 Add rbac for calico kube-controllers to access services (#12828) 2026-01-02 20:04:35 +05:30
R. P. Taylor
c857252225 terraform openstack: allow ICMPv6 by default (#12805) 2026-01-02 14:50:38 +05:30
Ali Afsharzadeh
a0f00761ac Removed deprecated keys from containerd config (#12820) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-01-02 14:26:35 +05:30
r3m8
3a3e5d6954 fix(cilium): add dynamic api server endpoint configuration (#12624) 2026-01-01 17:26:34 +05:30
ChengHao Yang
2d6e508084 Fix: molecule 25.12.0 test (#12808) 
* Bump molecule to 25.12.0

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Fixed ansible role not found in molecule after 25.2.0

Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>

---------

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
Signed-off-by: ChengHao Yang
 2025-12-31 15:12:34 +05:30