Skip to content
  1. Jan 05, 2024
  2. Jan 04, 2024
  3. Dec 21, 2023
  4. Dec 19, 2023
  5. Dec 18, 2023
  6. Dec 15, 2023
  7. Dec 14, 2023
  8. Dec 12, 2023
    • Mohamed Omar Zaian's avatar
    • jandres - moscardo's avatar
      New PR default node selector (#10607) · cb848fa7
      jandres - moscardo authored
      cb848fa7
    • Max Gautier's avatar
      Disable podCIDR allocation from control-plane when using calico (#10639) · 8abf49ae
      Max Gautier authored
      * Disable control plane allocating podCIDR for nodes when using calico
      
      Calico does not use the .spec.podCIDR field for its IP address
      management.
      Furthermore, it can false positives from the kube controller manager if
      kube_network_node_prefix and calico_pool_blocksize are unaligned, which
      is the case with the default shipped by kubespray.
      
      If the subnets obtained from using kube_network_node_prefix are bigger,
      this would result at some point in the control plane thinking it does
      not have subnets left for a new node, while calico will work without
      problems.
      
      Explicitely set a default value of false for calico_ipam_host_local to
      facilitate its use in templates.
      
      * Don't default to kube_network_node_prefix for calico_pool_blocksize
      
      They have different semantics: kube_network_node_prefix is intended to
      be the size of the subnet for all pods on a node, while there can be
      more than on calico block of the specified size (they are allocated on
      demand).
      
      Besides, this commit does not actually change anything, because the
      current code is buggy: we don't ever default to
      kube_network_node_prefix, since the variable is defined in the role
      defaults.
      8abf49ae
    • Max Gautier's avatar
      Revert "Update etcd-servers for apiserver (#8253)" (#10652) · 81a3f81a
      Max Gautier authored
      This reverts commit ee0f1e9d.
      
      Avoid restarting all api servers at once by changing their config.
      81a3f81a
    • Max Gautier's avatar
      etcd: use dynamic group for certs generation check (#10610) · 0fb404c7
      Max Gautier authored
      We take advantage of group_by to create the list of nodes needing new
      certs, instead of manually looping inside a Jinja template.
      
      This should make the role more readable and less susceptible to
      white space problems.
      0fb404c7
  9. Dec 11, 2023
  10. Dec 07, 2023
    • Max Gautier's avatar
      Use systemd for disabling swap when it's used (#10587) · 2c3ea84e
      Max Gautier authored
      * Mask systemd swap.target do disable swap
      
      This is a more generic way to disable swap, since it pulls .swap units
      in systemd distributions; fstab is only one way to generate .swap units.
      
      * Unconditionally disable swap
      
      We only care to disable it (the "swapon" registered variable is not used
      anywhere else.
      This allows to get rid of the ignore_errors, since this was added
      because swapon.stdout does not exist in check_mode (see issue #6642).
      
      * Don't explicitly disable swapOnZram
      
      We're already masking the swap.target, which would pull the zram unit,
      hence no need to handle zram-generator specifically.
      2c3ea84e
    • Max Gautier's avatar
      Remove unneeded workaround for removing kubeadm DNS (#10695) · 85f15900
      Max Gautier authored
      Kubeadm dns phase is correctly skipped.
      This was a workaround for kubernetes/kubeadm#1557, which was actually
      not a bug ; the correct fix was #4867
      85f15900
  11. Dec 06, 2023
  12. Dec 05, 2023
  13. Nov 29, 2023
  14. Nov 28, 2023
  15. Nov 27, 2023
  16. Nov 24, 2023
  17. Nov 20, 2023
  18. Nov 17, 2023
    • Max Gautier's avatar
      Validate systemd unit files (#10597) · 0d4f57aa
      Max Gautier authored
      * Validate systemd unit files
      
      This ensure that we fail early if we have a bad systemd unit file
      (syntax error, using a version not available in the local version, etc)
      
      * Hack to check systemd version for service files validation
      
      factory-reset.target was introduced in system 250, same version as the
      aliasing feature we need for verifying systemd services with ansible.
      So we only actually executes the validation if that target is present.
      
      This is an horrible hack which should be reverted as soon as we drop
      support for distributions with systemd<250.
      0d4f57aa
    • 刘旭's avatar
  19. Nov 16, 2023
Loading