- Apr 01, 2021
-
-
Pasquale Toscano authored
-
Frank Ritchie authored
Starting with Cilium v1.9 the default ipam mode has changed to "Cluster Scope". See: https://docs.cilium.io/en/v1.9/concepts/networking/ipam/ With this ipam mode Cilium handles assigning subnets to nodes to use for pod ip addresses. The default Kubespray deploy uses the Kube Controller Manager for this (the --allocate-node-cidrs kube-controller-manager flag is set). This makes the proper ipam mode for kubespray using cilium v1.9+ "kubernetes". Tested with Cilium 1.9.5. This PR also mounts the cilium-config ConfigMap for this variable to be read properly. In the future we can probably remove the kvstore and kvstore-opt Cilium Operator args since they can be in the ConfigMap. I will tackle that after this merges.
-
- Mar 31, 2021
-
-
Helmut Januschka authored
fix undefinedElse
-
- Mar 30, 2021
-
-
Etienne Champetier authored
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
- Mar 29, 2021
-
-
Fernando authored
-
Frank Ritchie authored
When upgrading cilium from 1.8.8 to 1.9.5 I ran into the following error: level=error msg="Unable to update CRD" error="customresourcedefinitions.apiextensions.k8s.io \"ciliumnodes.cilium.io\" is forbidden: User \"system:serviceaccount:kube-system:cilium-operator\" cannot update resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope" name=CiliumNode/v2 subsys=k8s The fix was to add the update verb to the clusterrole. I also added create to match the clusterrole created by the cilium helm chart.
-
Samuel Liu authored
-
Terry authored
DNSSEC is off by default on ubuntu/bionic64 (18.04) as per resolved.conf(5). These tasks are artefacts of obsolete infra configuration, and no longer needed. Further removing these tasks resolves the issue that the tasks always reports 'changed' and bounces systemd-resolved unneccesarily, even if there was no actual modification of /etc/systemd/resolved.conf.
-
- Mar 26, 2021
-
-
Etienne Champetier authored
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
Etienne Champetier authored
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
Anthony Rabbito authored
`-%` causes `etcd-unsupported-arch: arm64` to print on COL 1 instead of COL 6. Signed-off-by: anthr76 <hello@anthonyrabbito.com>
-
Kaleb Elwert authored
* Allow connecting to bastion via non-standard port * Fix bastion connection when ansible_port is not provided
-
- Mar 25, 2021
-
-
rptaylor authored
-
Kenichi Omichi authored
To avoid ModuleNotFoundError due to no module named 'setuptools_rust', this adds cryptography installation to requirements.txt. Created by jfc-evs originally as https://github.com/kubernetes-sigs/kubespray/pull/7264
-
- Mar 24, 2021
-
-
Etienne Champetier authored
* Remove contrib/vault This is marked as broken since 2018 / 3dcb9146 This still reference apiserver.pem, not used since ddffdb63 Signed-off-by: Etienne Champetier <e.champetier@ateme.com> * Finish nuking vault from the codebase Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
-
Jacky Wu authored
-
Kenichi Omichi authored
This replaces kube-master with kube_control_plane because of [1]: The Kubernetes project is moving away from wording that is considered offensive. A new working group WG Naming was created to track this work, and the word "master" was declared as offensive. A proposal was formalized for replacing the word "master" with "control plane". This means it should be removed from source code, documentation, and user-facing configuration from Kubernetes and its sub-projects. NOTE: The reason why this changes it to kube_control_plane not kube-control-plane is for valid group names on ansible. [1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
-
- Mar 23, 2021
-
-
Qasim Sarfraz authored
* Add support for cilium ipsec * Fix typo for bpffs
-
Maciej Wereski authored
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
-
p53 authored
* Fix permissions of cinder cert * Change runuser for external_cloud_controller to kube user with id 999, part of 999 - kube-cert group
-
Samuel Liu authored
-
- Mar 22, 2021
-
-
Etienne Champetier authored
While at it remove force_certificate_regeneration This boolean only forced the renewal of the apiserver certs Either manually use k8s-certs-renew.sh or set auto_renew_certificates Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
- Mar 19, 2021
-
-
Florian Ruynat authored
-
Florian Ruynat authored
-
Necatican Yıldırım authored
* Add crun download_url and checksum * Change versioning format to crun native versioning * Download crun using download_file.yml * Get crun version from download defaults * Delegate crun binary copy task to crun role
-
Florian Ruynat authored
-
Florian Ruynat authored
-
Florian Ruynat authored
-
Florian Ruynat authored
-
LuciferInLove authored
* Added experimental cri-o support for Amazon Linux 2 * Fixed dependencies order
-
Erwan Miran authored
* Download Calico KDD CRDs * Replace kustomize with lineinfile and use ansible assemble module * Replace find+lineinfile by sed in shell module to avoid nested loop * add condition on sed * use block for kdd tasks + remove supernumerary kdd manifest apply in start "Start Calico resources"
-
Mikael Johansson authored
Signed-off-by: Mikael Johansson <mik.json@gmail.com>
-
Samuel Liu authored
-
- Mar 18, 2021
-
-
zhangshj-inspur authored
-
- Mar 17, 2021
-
-
Maciej Wereski authored
15.1 has reached EOL on 2021-02-02. Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
-
- Mar 15, 2021
-
-
Etienne Champetier authored
"The error was: 'proxy_disable_env' is undefined\n\nThe error appears to be in '<censored>scale.yml': line 72, column 7" Fixes 067db686 Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
Florian Ruynat authored
-
Kenichi Omichi authored
upgrades.md explains how to do upgrade from v1.4.3 to v1.4.6 as an example. The versions are a little old, and the doc readers would have a concern the upgrade works fine or not. This updates versions after verifying the way works fine by hands.
-
Ewnetu Bayuh Lakew authored
* terraform support for UpCloud * terraform support for UpCloud * terraform support for UpCloud * terraform support for UpCloud * terraform support for UpCloud * terraform support for UpCloud * terraform support for UpCloud * Updates to README.md and main.tf files * formatting and updating readme * added a .terraform_validate CI job * fixed format issue * added sample inventory * added symbolic link to group_vars * added missing tf variables and minor fixes * added text formatting * minor formatting fixes
-