- Oct 29, 2020
-
-
David Medinets authored
* Add note about changing private IP in admin.conf. When I run kubespray, a load balancer is created which should be used instead of the ip of the controller node. * Procedure to find load balancer and update admin.conf When I run kubespray, a load balancer is used instead of the private ip of the controller.
-
- Oct 28, 2020
-
-
Mikhail Snetkov authored
-
David Medinets authored
* update version of ingress-nginx controller. Change tag from controller-v0.34.0 to controller-v0.40.2 to use newest tag. * Update docs about aws deploy templates. In the yaml templates, there is no mention of idle timeouts. This is why I removed the documentation about it. This might be a mistake. Please verify this. I don't know enough to verify it myself. * Change label when checking version. When checking for `app.kubernetes.io/name=ingress-nginx`, a completed pod was selected which is not helpful when trying to `exec`. Changing the label selects the running controller pod. * put back the information about ELB Idle Timeouts. When I removed the information, I had overlooked that it was mentioned in the L7 yaml file. Thanks.
-
axelgobletbdr authored
* fixed bug in etcd retention where backups are not sorted by date * added directory filter to find command
-
- Oct 26, 2020
-
-
Hans Feldt authored
and thereby support upgrade from e.g. 1.18.x to 1.19.y Included OSes: - Centos7/8 - Ubuntu18/20 New variables for overriding by default installed packages: - centos_crio_packages - ubuntu_crio_packages
-
- Oct 23, 2020
-
-
axelgobletbdr authored
* added an ansible var to manage retention of etcd backups * refactord ls/grep into find in etcd backup removal command
-
Victor Morales authored
* Enable Kata Containers for CRI-O runtime Kata Containers is an OCI runtime where containers are run inside lightweight VMs. This runtime has been enabled for containerd runtime thru the kata_containers_enabled variable. This change enables Kata Containers to CRI-O container runtime. Signed-off-by:
Victor Morales <v.morales@samsung.com> * Set appropiate conmon_cgroup when crio_cgroup_manager is 'cgroupfs' * Set manage_ns_lifecycle=true when KataContainers is enabed * Add preinstall check for katacontainers Signed-off-by:
Victor Morales <v.morales@samsung.com> Co-authored-by:
Pasquale Toscano <pasqualetoscano90@gmail.com>
-
- Oct 22, 2020
-
-
Florian Ruynat authored
-
Maciej authored
Command line flags aren't added to kube-proxy which results in missing feature gates set in this component. Add appropriate setting to ConfigMap instead. Signed-off-by:
Maciej Wereski <m.wereski@partner.samsung.com>
-
- Oct 21, 2020
-
-
Hans Feldt authored
'ansible.vars.hostvars.HostVarsVars object' has no attribute 'kubeadm_upload_cert' kubeadm_upload_cert will never be found as a hostvar for the first master since the task is executed for a worker. Fix by executing the upload task for the first master and register the needed key. After that, workers can read hostvars for the master Var kubeadm_etcd_refresh_cert_key removed since it no longer has any use.
-
Hans Feldt authored
When using kubeadm managed etcd, configuring an etcd group can now be skipped.
-
Maxime Guyot authored
-
Florian Ruynat authored
-
wand3r3r authored
* Adding option to disable gloablly applying a proxy to etc/yum.conf * Change made to proxy_yum_globaly basedon reviewer feedback * fix trailing spaces in ymllint
-
- Oct 20, 2020
-
-
Etienne Champetier authored
This fixes the Containerd + EL8 case that was missed in 7d1ab337 On CentOS 8 with proxy ansible render inline `proxy` and `module_hotfixes` options. For example: ``` proxy=http://127.0.0.1:3128module_hotfixes=True ``` But expected result: ``` proxy=http://127.0.0.1:3128 module_hotfixes=True ``` Signed-off-by:
Etienne Champetier <champetier.etienne@gmail.com>
-
- Oct 19, 2020
-
-
David Louks authored
* Use existing variable for tiller service account name * keep crb as tiller
-
- Oct 15, 2020
-
-
Florent Monbillard authored
-
- Oct 13, 2020
-
-
Matt Calvert authored
I can't see any reason why audio devices would be needed, and it can cause issues with the host audio
-
Hans Feldt authored
* bump crio version to 1.19 * crio package name has changed for debian/ubuntu * crio upgrade does not work, see #6757 * update crio info in docs
-
Sergey authored
-
Samuel Liu authored
-
yelhouti authored
-
Hans Feldt authored
crio refuses to delete pods when cni is unavailable which is the case e.g. using calico with kdd datastore. See: https://github.com/cri-o/cri-o/issues/4084 Fix by deleting storage associated with containers. Stop and disable crio service so switching container runtime can be done.
-
- Oct 12, 2020
-
-
Bogdan Peste authored
* Added option to force apiserver and respective client certificate to be regenerated without necessarily needing to bump the K8S cluster version * Removed extra blank line
-
Hans Feldt authored
No longer used/supported
-
rptaylor authored
k8s_master_no_etcd_fips should not be input var
-
- Oct 11, 2020
-
-
holmesb authored
Signed-off-by:
holmesb <5072156+holmesb@users.noreply.github.com>
-
Nikita Velgin authored
Handlers with the same name (Kubeadm | restart kubelet) leads to incorrect playbook execution. As a result, after completing the tasks, kubelet does not restart. This PR fix this behavior
-
Hans Feldt authored
Users should opt in for features and not opt out.
-
- Oct 09, 2020
-
-
Kenichi Omichi authored
After upgrading to newer Kubernetes(v1.17 at least), kubectl command shows the following warning message: WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/foo/.kube/config The kubeconfig was copied from {{ artifacts_dir }}/admin.conf with kubeconfig_localhost feature. It is better to set valid file mode at getting it on Kubespray.
-
Florian Ruynat authored
-
holmesb authored
If no_proxy_exclude_workers is true, workers will be excluded from the no_proxy variable. This prevents docker engine restarting when scaling workers. (#6520) Signed-off-by:
holmesb <5072156+holmesb@users.noreply.github.com>
-
- Oct 07, 2020
-
-
Hans Feldt authored
-
- Oct 06, 2020
-
-
Sergey authored
Remove task with install etcdctl from etcd role when etcd_kubeadm_enabled=true
-
rafal-jan authored
-
bozzo authored
The CA cert was only deployed on master nodes
-
5-sigma authored
Added Comment line above checksum section to add clarification about Kubespray's version support and testing (#6785)
-
Florian Ruynat authored
-
Florian Ruynat authored
-
Kenichi Omichi authored
-