- Nov 08, 2023
-
-
borgiacis authored
* Create variables for ipvs kernel modules * Corrected kubernetes role node task missing name * Added changes as suggested during review by VannTen
-
Seal1998 authored
* metallb --lb-class cmd arg to support multiple load balancer implementations * removed loadbalancer_class from metallb_config; metallb_loadbalancer_class in role defaults
-
Max Gautier authored
* Use RandomizedDelaySec to spread out control certificates renewal plane If the number of control plane node is superior to 6, using (index * 10 minutes) will fail (03:60:00 is not a valid timestamp). Compared to just fixing the jinja expression (to use a modulo for example), this should avoid having two control planes certificates update node being triggered at the same time. * Make k8s-certs-renew.timer Persistent If the control plane happens to be offline during the scheduled certificates renewal (node failure or anything like that), we still want the renewal to happen.
-
Max Gautier authored
* containerd: refactor handlers to use 'listen' * cri-dockerd: refactor handlers to use 'listen' * cri-o: refactor handlers to use 'listen' * docker: refactor handlers to use 'listen' * etcd: refactor handlers to use 'listen' * control-plane: refactor handlers to use 'listen' * kubeadm: refactor handlers to use 'listen' * node: refactor handlers to use 'listen' * preinstall: refactor handlers to use 'listen' * calico: refactor handlers to use 'listen' * kube-router: refactor handlers to use 'listen' * macvlan: refactor handlers to use 'listen'
-
- Nov 03, 2023
-
-
Mohamed Omar Zaian authored
-
- Nov 02, 2023
-
-
Boris Barnier authored
Signed-off-by: Boris Barnier <bozzo@users.noreply.github.com>
-
Mohamed Omar Zaian authored
-
- Nov 01, 2023
-
-
Hedayat Vatankhah (هدایت) authored
It was not 'false', which made some tasks (e.g. using systemd-resolved template) to effectively remove default search domains; caused DNS loop after rebooting the node/restarting cluster, so localdns service didn't run correctly.
-
yun authored
-
- Oct 30, 2023
-
-
Max Gautier authored
This make native ansible features (dry-run, changed state) easier to have, and should have a minimal performance impact, since it only runs on the etcd members.
-
chansuke authored
-
qlijin authored
Spicify the runc path when we use the containerd container engine and change the bin_dir path. (#10154) * Specify the runc path when we use the containerd container engine and change the bin_dir path. Signed-off-by: Jin Li <qlijin@gmail.com> * Update roles/container-engine/containerd/templates/config.toml.j2 Co-authored-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr> --------- Signed-off-by: Jin Li <qlijin@gmail.com> Co-authored-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
-
yun authored
-
Max Gautier authored
The blockSize attribute from Calico IPPool resources cannot be changed once set [1]. Consequently, we use the one currently defined when configuring the existing IPPool, avoiding upgrade errors by trying to change it. In particular, this can be useful when calico_pool_blocksize default changes in kubespray, which would otherwise force users to add an explicit setting to their inventories. [1]: https://docs.tigera.io/calico/latest/reference/resources/ippool#spec
-
Mohamed Omar Zaian authored
-
Louis Tu authored
Signed-off-by: tu1h <lihai.tu@daocloud.io>
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
- Oct 20, 2023
-
-
Mohamed Omar Zaian authored
-
- Oct 19, 2023
-
-
Marc Brugger authored
Signed-off-by: Marc Brugger <m.brugger@bison-group.com>
-
Max Gautier authored
This allows this task to work with a forks count > 10 and the default configuration of sshd, which is to limit sessions to 10. (see MaxSessions in sshd_config). Since this is a delegate_to task, it connects to the same host (first etcd) for each node in the cluster, thus easily going above 10. Raising the ssh connection attempts allow for more robustness, without decreasing the forks count or serialising the tasks, which could slow the task (or the playbook as a whole, if decreasing forks).
-
- Oct 17, 2023
-
-
Unai Arríen authored
* Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane * Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane * Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane
-
Max Gautier authored
-
Ugur Can Ozturk authored
* [external-lb-kubeconfig]: fix server address in worker kubelet.conf Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com> * [external-lb-kubeconfig]: fix server address in kube-proxy Signed-off-by: Furkan Pehlivan <furkanpehlivan34@gmail.com> --------- Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com> Signed-off-by: Furkan Pehlivan <furkanpehlivan34@gmail.com> Co-authored-by: Furkan Pehlivan <furkanpehlivan34@gmail.com>
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
- Oct 13, 2023
-
-
emiran-orange authored
-
- Oct 12, 2023
-
-
Mohamed Omar Zaian authored
-
- Oct 11, 2023
-
-
ERIK authored
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
-
- Oct 10, 2023
-
-
Elias-elastisys authored
-
- Oct 07, 2023
-
-
Ross Kusler authored
-
- Sep 29, 2023
-
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
- Sep 28, 2023
-
-
Heather Lapointe authored
Namely, the libexec paths have changed since 2.5. This also makes kata_containers_virtio_fs_cache configurable.
-
- Sep 26, 2023
-
-
Feruzjon Muyassarov authored
Refactor NRI (Node Resource Interface) activation in CRI-O and containerd. Introduce a shared variable, nri_enabled, to streamline the process. Currently, enabling NRI requires a separate update of defaults for each container runtime independently, without any verification of NRI support for the specific version of containerd or CRI-O in use. With this commit, the previous approach is replaced. Now, a single variable, nri_enabled, handles this functionality. Also, this commit separates the responsibility of verifying NRI supported versions of containerd and CRI-O from cluster administrators, and leaves it to Ansible. Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
-
Majid Garoosi authored
-
qlijin authored
-