- Feb 09, 2021
-
-
David Louks authored
* Add unique annotation on coredns deployment and only remove existing deployment if annotation is missing. * Ignore errors when gathering coredns deployment details to handle case where it doesn't exist yet * Remove run_once, deletegate_to and add to when statement
-
David Louks authored
* Added force_etcd_cert_refresh var to maintain existing functionality. Broke out etcd node cert syncing from member and admin cert sync logic. Now first etcd will sync node certs to other etcd members on every run to keep all etcds up to date after adding additional worker nodes to the cluster * Updated etcd cert check tasks to better detect when new certificates need to be generated * Move usage of force_etcd_cert_refresh var to gen_certs fact set * Force etcd cert generation per server if force_etcd_cert_refresh is set to true * Include gathering of node certs even if k8s-cluster member and in etcd group. * Removed run_once due to when statement
-
- Feb 08, 2021
-
-
Vyacheslav authored
```` TASK [bootstrap-os : Enable RHEL 8 repos] *************************************************************************************************************************************************************************************************** fatal: [node6]: FAILED! => {"changed": false, "msg": "This system has no repositories available through subscriptions"} fatal: [node7]: FAILED! => {"changed": false, "msg": "This system has no repositories available through subscriptions"} fatal: [node1]: FAILED! => {"changed": false, "msg": "This system has no repositories available through subscriptions"} root@node1:/kubespray# cat /etc/os-release NAME="Ubuntu" VERSION="18.04.5 LTS (Bionic Beaver)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 18.04.5 LTS" VERSION_ID="18.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=bionic UBUNTU_CODENAME=bionic root@node1:/kubespray# ```
-
- Feb 05, 2021
-
-
Geonju Kim authored
-
Mathieu Parent authored
Helm v3.5.2 is a security (patch) release. Users are strongly recommended to update to this release. It fixes two security issues in upstream dependencies and one security issue in the Helm codebase. See https://github.com/helm/helm/releases/tag/v3.5.2
-
Arian van Putten authored
This makes the docker role work the same as the containerd role. Being able to override this is needed when you have your own debian repository. E.g. when performing an airgapped installation
-
Maciej authored
Fixes 7244 Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
-
petruha authored
-
Matt Calvert authored
-
Matt Calvert authored
-
Matt Calvert authored
-
Matt Calvert authored
When enable_dual_stack_networks is set, we need to make sure IPv6DualStack=true is set too, otherwise we end up with a broken cluster.
-
Matt Calvert authored
-
Matt Calvert authored
-
Florian Ruynat authored
-
- Feb 03, 2021
-
-
Cristian Klein authored
* contrib/terraform/exoscale: Rework SSH public keys Exoscale has a few limitations with `exoscale_ssh_keypair` resources. Creating several clusters with these scripts may lead to an error like: ``` Error: API error ParamError 431 (InvalidParameterValueException 4350): The key pair "lj-sc-ssh-key" already has this fingerprint ``` This patch reworks handling of SSH public keys. Specifically, we rely on the more cloud-agnostic way of configuring SSH public keys via `cloud-init`. * contrib/terraform/exoscale: terraform fmt * contrib/terraform/exoscale: Add terraform validate * contrib/terraform/exoscale: Inline public SSH keys The Terraform scripts need to install some SSH key, so that Kubespray (i.e., the "Ansible part") can take over. Initially, we pointed the Terraform scripts to `~/.ssh/id_rsa.pub`. This proved to be suboptimal: Operators sharing responbility for a cluster risk unnecessarily replacing resources. Therefore, it has been determined that it's best to inline the public SSH keys. The chosen variable `ssh_public_keys` provides some uniformity with `contrib/azurerm`. * Fix Terraform Exoscale test * Fix Terraform 0.14 test
-
forselli-stratio authored
* Fix calico-rr tasks * revert stdin only when it's already a string
-
Sebastian Schmid authored
* update local-path-storage config template to version v0.0.19 * changes local_path_provisioner image tag to v0.0.19 * removes copy paste example from rancher local-path-provisioner repo
-
Kenichi Omichi authored
According to the following recommendation, this moves the directory to control-plane: The Kubernetes project is moving away from wording that is considered offensive. A new working group WG Naming was created to track this work, and the word "master" was declared as offensive. A proposal was formalized for replacing the word "master" with "control plane".
-
Maciej authored
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
-
- Feb 02, 2021
-
-
Lennart Jern authored
-
- Feb 01, 2021
-
-
Kenichi Omichi authored
This is a small step to replace "master" with "control-plane" in Kubespray project.
-
- Jan 29, 2021
-
-
Sander Cornelissen authored
Ensure when use_oracle_public_repo is set to false the public Oracle Linux yum repos are not set (#7228)
-
- Jan 28, 2021
-
-
Felix Breuer authored
Fixes the following error when using Bastion Node with the sample config. ``` fatal: [bastion]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'bastion'\n\nThe error appears to be in '/home/felix/inovex/kubespray/roles/bastion-ssh-config/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: set bastion host IP\n ^ here\n"} ```
-
- Jan 27, 2021
-
-
Robin Elfrink authored
-
- Jan 26, 2021
-
-
David Louks authored
Add retries to drain during upgrade. Allow leaving nodes cordoned after drain failure. Allow continuing upgrade if drain fails. (#7206)
-
Florian Ruynat authored
-
Ryler Hockenbury authored
* Allow configureable vni and port for flannel overlay * additional options for azure cloud config
-
Jorik Jonker authored
Previous check for presence of NM assumed "systemctl show NetworkManager" would exit with a nonzero status code, which seems not the case anymore with recent Flatcar Container Linux. This new check also checks the activeness of network manager, as `is-active` implies presence. Signed-off-by Jorik Jonker <jorik@kippendief.biz>
-
- Jan 25, 2021
-
-
Etienne Champetier authored
This was introduced in 143e2272 Extra repo is enabled by default in CentOS, and is not the right repo for EL8 Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository For RHEL 7, we need the "extras" repo for container-selinux For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
-
- Jan 23, 2021
-
-
Samuel Liu authored
* Add downlaod bin tasks * Add tags never and etcd * yamllint
-
Fredrik Liv authored
* Added terraform support for Exoscale * Fixed markdown lint error on exoscale terraform
-
Florian Ruynat authored
-
- Jan 22, 2021
-
-
Etienne Champetier authored
calicoctl.sh get ipPool default-pool -o json { "kind": "IPPool", "apiVersion": "projectcalico.org/v3", "metadata": { "name": "default-pool", ... }, "spec": { "cidr": "10.233.64.0/18", "ipipMode": "Always", "natOutgoing": true, "blockSize": 24, "nodeSelector": "all()" } } Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
-
Etienne Champetier authored
fixes 8c182122 Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
-
- Jan 21, 2021
-
-
Maxime Guyot authored
-
Florian Ruynat authored
-
Andrea Zonca authored
Implemented in #6547
-
- Jan 20, 2021
-
-
Rick Haan authored
Only checking the kubernetes api on the first master when upgrading is not enough. Each master needs to be checked before it's upgrade. Signed-off-by: Rick Haan <rickhaan94@gmail.com>
-
- Jan 19, 2021
-
-
Florian Ruynat authored
-