External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-03 02:28:15 -03:30
Code Issues Packages Projects Releases Wiki Activity
8,297 Commits 45 Branches 88 Tags
fa6888df4ca8510f213688d5d57b341ef6fb84bc
Commit Graph

93 Commits

Author SHA1 Message Date
felipe88alves
9bbd597e20 create cilium_operator_tolerations variable in group_var (#12200) 
- This enables ithe override of the tolerations for the cilium-operator deployment
 - default behaviour is to leave the toleration as is unless the var is set
 2025-05-12 03:25:15 -07:00
Cheolhui Kim
fceb1516b8 Update: add Cilium LB IP Pool configuration to support ranges (#12140) 2025-05-12 01:39:18 -07:00
Kim Hyunyoung, Abel
e1be469995 fix: do not mount hubble-ui tls volume when cilium_hubble_tls_generate is false (#12143) 2025-05-11 20:27:14 -07:00
peterw
c8d75effcb cilium 1.17: fix etcd trusted-ca-file config var (#11986) 2025-03-10 21:19:46 -07:00
Max Gautier
f9a263090a Propagate v-less version everywhere 2025-03-05 16:18:39 +01:00
logicsys
b8541962f3 Partial Cilium 1.16+ Support & Add vars for configuring cilium IP load balancer pools and bgp v1 & v2 apis (#11620) 
* Add vars for configuring cilium IP load balancer pools and bgp peer policies

* Cilium 1.16+ Support - Add vars for configuring cilium bgpv2 api & handle cilium_kube_proxy_replacement unsupported values
 2024-11-19 02:48:53 +00:00
peterw
6b499186b0 add cilium hubble-ui enable flag (#10939) 2024-10-01 06:53:49 +01:00
Serge Hartmann
0eeac591ad variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config (#11230) 
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
 2024-09-30 08:22:02 +01:00
Baargav
860c15cec1 Update cluster-role for cilium to prevent errors in agent startup (#11466) 
* Update cluster-role for cilium to prevent errors in agent startup

ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71

The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.

* Remove list/watch permissions for secrets

* Remove secrets from list/watch permissions
 2024-09-29 02:30:02 +01:00
peterw
edce2b528d add cilium_hubble_event_buffer_capacity & cilium_hubble_event_queue_size vars (#10943) 2024-06-23 20:14:56 -07:00
Max Gautier
d50f61eae5 pre-commit: apply autofixes hooks and fix the rest manually 
- markdownlint (manual fix)
- end-of-file-fixer
- requirements-txt-fixer
- trailing-whitespace
 2024-05-28 13:26:44 +02:00
Devesh Kumar
eee5b5890d feat: Add support for cilium 1.15 and updated cilium to v1.15.4 (#11106) 2024-04-23 19:42:11 -07:00
Clement Phu
04e40f2e6f Add configuration to create cilium CNI plugin file when cilium>=1.14.0 (#10966) 2024-03-02 20:56:06 -08:00
Ryan Lonergan
eda7ea5695 feat: add support for Cilium 1.14 (#10684) 
* update cilium configmap template for new routing mode and tunnel-protocol options
Ryan Lonergan ryan.tlonergan@gmail.com

* add rbac for new cilium crd in 1.14
Ryan Lonergan ryan.tlonergan@gmail.com

* add conditional for cni-install.sh that's no longer included in cilium 1.14
Ryan Lonergan ryan.tlonergan@gmail.com

* Update roles/network_plugin/cilium/templates/cilium/ds.yml.j2

Co-authored-by: Cyclinder <qifeng.guo@daocloud.io>

---------

Co-authored-by: Cyclinder <qifeng.guo@daocloud.io>
 2024-01-08 02:43:02 +01:00
Eeo Jun
eb015c0362 configure cluster-name for hubble relay (#10614) 2023-11-13 19:22:40 +01:00
Marc Brugger
3f1409d87d Correct cilium metrics port mapping (#10519) 
Signed-off-by: Marc Brugger <m.brugger@bison-group.com>
 2023-10-19 05:09:13 +02:00
Toon Albers
31f6d38cd2 [cilium] fix: invalid hubble yaml if cilium_hubble_tls_generate is enabled (#10430) 2023-09-13 04:16:15 -07:00
charlychiu
3b68d63643 fix: not mount tls when disable (#10357) 2023-08-11 09:01:27 -07:00
Arthur Outhenin-Chalandre
5d00b851ce project: fix var-spacing ansible rule (#10266) 
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
 2023-07-04 20:36:54 -07:00
jeremy-thuon
0405af1107 [cilium] add custom vars for clusterrole cilium operator (#10267) 2023-07-03 02:20:51 -07:00
jeremy-thuon
4a03d13d08 [cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959) 
* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>
 2023-04-09 22:07:15 -07:00
Anton
1bb4f88af1 cilium: Additional fix the configuration of tls for hubble #9880 (#9932) 2023-03-27 08:48:27 -07:00
Toru Komatsu
8afd74ce1f cilium: Fix the configuration of tls for hubble (#9880) 
Signed-off-by: utam0k <k0ma@utam0k.jp>
 2023-03-24 01:10:31 -07:00
Jiri Fiala
9b37699d0d Cilium Operator replicas configuration (#9894) 
Signed-off-by: Fiala, JiriX <jirix.fiala@intel.com>
 2023-03-22 08:28:38 -07:00
Will Hegedus
97dfdcd8fe feat: support cilium 1.13.1 (#9914) 
Cilium 1.13.1 changed how the cilium-cni binary gets placed in /opt/cni/bin,
so that it takes place in an init container rather than in the main agent.
 2023-03-21 12:56:12 -07:00
prashantchitta
a9f52060c9 Fix ciliums hubble relay configuration (#9876) 
* Fix ciliums hubble relay configuration

* Fixed the tls from code review

* Updated to dna_domain instead of hardcoding
 2023-03-21 12:50:12 -07:00
Kay Yan
309aaee427 fix-cilium-error (#9902) 2023-03-20 02:41:17 -07:00
biqiang Wu
2ae3ea9ee3 Modified the default value of cilium IPAM and added the support for related parameters (#9443) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2023-03-13 17:45:10 -07:00
DRAGON2002
1d9502e01d update args (#9856) 
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
 2023-03-05 18:38:57 -08:00
Bas
2c93c997cf pre-commit autocorrected files (#9750) 2023-02-06 01:35:16 -08:00
James
36c6de9abd Fix cilium's hubble ui configuration (#9735) 
This fixes the CrashLoopBackoff error that appears because envoy
configuration has changed a lot and upstream removed the envoy proxy to
use nginx only instead. Those changes are based on upstream cilium helm.
 2023-01-31 00:28:48 -08:00
charlychiu
6bff338bad fix: hubble relay tls error (#9457) 2022-11-02 00:14:46 -07:00
biqiang Wu
c681435432 Add switch cilium_enable_bandwidth_manager (#9441) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-10-28 03:08:31 -07:00
Kay Yan
4701abff4c upgrade-api-version-for-PodDisruptionBudget (#9369) 2022-10-10 17:51:02 -07:00
Rene Luria
3646dc0bd2 fix: remove trailing backslash and yaml indent (#9339) 
* fix: remove trailing backslash

* fixed indent in cilium config template
 2022-09-27 19:45:35 -07:00
biqiang Wu
31caab5f92 Fix: The Hubble certificate is faulty because the cluster name is hard coded (#9340) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-09-27 05:57:52 -07:00
Necatican Yıldırım
7da3dbcb39 Cilium 1.12 Upgrade (#9225) 
* Drop support for Cilium < 1.10

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Synchronize Cilium templates for 1.11.7

Signed-off-by: necatican <contact@necatican.com>

* Set Cilium v1.12.1 as the default version

Signed-off-by: necatican <contact@necatican.com>

Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
 2022-09-19 02:14:31 -07:00
Thearas
ea29cd0890 add list nodes rules to cilium-operator clusterrole (#9178) 2022-08-18 01:02:36 -07:00
Denis Khachyan
8306adb102 update cilium to v1.11.7 (#9119) 2022-07-26 10:33:11 -07:00
Emin AKTAS
5071529a74 feat: upgrade cilium and add default variables (#9065) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: Emin Aktas <emin.aktas@trendyol.com>
 2022-07-07 10:35:34 -07:00
Tom Stian Berget
e1f06dd406 Add support for the updated (startup|liveness|readiness)Probe.Port numbers in Cilium (#9031) 2022-06-27 11:00:59 -07:00
mahjonp
8030e6f76c fix 8893#issuecomment-1147154353 (#8933) 
Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-06-06 12:40:21 -07:00
mahjonp
c927da00e0 Support cilium ip-masq-agent configuration (#8893) 
* fix deploy Cilium with eBPF-based Masquerading failed

Signed-off-by: mahjonp <junpeng.man@gmail.com>

* forget to add the enable-ip-masq-agent flag

Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-05-31 09:26:53 -07:00
Necatican Yıldırım
13443b05a6 Overhaul Cilium manifests to match the newer versions (#8717) 
* [cilium] Separate templates for cilium, cilium-operator, and hubble installations

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-operator templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Allow using custom args and mounting extra volumes for the Cilium Operator

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update the cilium configmap to filter out the deprecated variables, and add the new variables

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Add an option to use Wireguard encryption on Cilium 1.10 and up

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Update cilium-agent templates

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* [cilium] Bump Cilium version to 1.11.3

Signed-off-by: necatican <necaticanyildirim@gmail.com>
 2022-05-11 06:23:04 -07:00
Tom Stian Berget
84b93090a8 Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode (#8519) 
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode

* Change inventory sample
 2022-02-08 14:04:35 -08:00
Necatican Yıldırım
caff539ccd Add identity_allocation_mode support for Cilium (#8430) 
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
 2022-01-16 09:29:28 -08:00
Necatican Yıldırım
bf00550388 Upgrade Cilium to 1.11.0 (#8354) 
* Remove kvstore args from Cilium DaemonSet

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Bump Cilium to 1.11.0

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>

Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
 2022-01-05 00:36:32 -08:00
Léopold Jacquot
598f178054 Fix cilium operator metrics activation (#8000) 2021-09-22 10:00:02 -07:00
Sergey
5336943a8c add cilium_operator_api_serve_addr to cilium operator config (#7901) 2021-08-24 03:49:13 -07:00
bac-w
2556eb2733 Upgrade cilium role (#7521) 
* Upgrade cilium roles

* Del old test result

* Add hubble ui examples

* Refactor hubble metrics

* Markdown fix pipeline errors

* yamllint check and fix

* refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520

* Docs syntax change (fix)

* Cilium set default 1.8.9

* Update cilium version in Readme
 2021-04-30 08:09:59 -07:00