Skip to content
  1. Apr 01, 2021
    • Pasquale Toscano's avatar
      Update KataContainers to 1.12.1 (#7427) · 6330db89
      Pasquale Toscano authored
      6330db89
    • Frank Ritchie's avatar
      Add cilium_ipam_mode variable (#7418) · f05d6b37
      Frank Ritchie authored
      Starting with Cilium v1.9 the default ipam mode has changed to "Cluster
      Scope". See:
      
      https://docs.cilium.io/en/v1.9/concepts/networking/ipam/
      
      With this ipam mode Cilium handles assigning subnets to nodes to use
      for pod ip addresses. The default Kubespray deploy uses the Kube
      Controller Manager for this (the --allocate-node-cidrs
      kube-controller-manager flag is set). This makes the proper ipam mode
      for kubespray using cilium v1.9+ "kubernetes".
      
      Tested with Cilium 1.9.5.
      
      This PR also mounts the cilium-config ConfigMap for this variable
      to be read properly.
      
      In the future we can probably remove the kvstore and kvstore-opt
      Cilium Operator args since they can be in the ConfigMap. I will tackle
      that after this merges.
      f05d6b37
  2. Mar 31, 2021
  3. Mar 30, 2021
  4. Mar 29, 2021
    • Fernando's avatar
      add support for custom calico port (#7419) · 5dbce6a2
      Fernando authored
      5dbce6a2
    • Frank Ritchie's avatar
      Update cilium-operator clusterrole (#7416) · 5b0e8833
      Frank Ritchie authored
      When upgrading cilium from 1.8.8 to 1.9.5 I ran into the following
      error:
      
      level=error msg="Unable to update CRD" error="customresourcedefinitions.apiextensions.k8s.io
      \"ciliumnodes.cilium.io\" is forbidden: User \"system:serviceaccount:kube-system:cilium-operator\"
      cannot update resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the
      cluster scope" name=CiliumNode/v2 subsys=k8s
      
      The fix was to add the update verb to the clusterrole. I also added
      create to match the clusterrole created by the cilium helm chart.
      5b0e8833
    • Samuel Liu's avatar
      db43891f
    • Terry's avatar
      Remove DNSSEC config management in bootstrap-debian.yml (#7408) · f72063e7
      Terry authored
      DNSSEC is off by default on ubuntu/bionic64 (18.04) as per resolved.conf(5).
      These tasks are artefacts of obsolete infra configuration, and no longer needed.
      
      Further removing these tasks resolves the issue that the tasks always reports
      'changed' and bounces systemd-resolved unneccesarily, even if there was no
      actual modification of /etc/systemd/resolved.conf.
      f72063e7
  5. Mar 26, 2021
  6. Mar 25, 2021
  7. Mar 24, 2021
  8. Mar 23, 2021
  9. Mar 22, 2021
  10. Mar 19, 2021
  11. Mar 18, 2021
  12. Mar 17, 2021
  13. Mar 15, 2021
Loading