- Jun 17, 2022
-
-
Alessio Greggi authored
* feat: make kubernetes owner parametrized * docs: update hardening guide with configuration for CIS 1.1.19 * fix: set etcd data directory permissions to be compliant to CIS 1.1.12
-
Kay Yan authored
-
- Jun 15, 2022
-
-
Calin Cristian Andrei authored
-
Calin Cristian Andrei authored
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
-
Kay Yan authored
-
- Jun 09, 2022
-
-
Kenichi Omichi authored
Ansible v2.9 and v2.10 are EOL as [1]. This drops those version supports by following the upstream Ansible. This sets use_ssh_args true always because that is required to use ssh_args on ansible.cfg on Ansible v2.11 or later[2]. ansible_ssh_host is replaced with ansible_host because ansible_ssh_host has been deprecated already and cenots7 jobs were failed due to the deprecated ansible_ssh_host. [1]: https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#ansible-core-changelogs [2]: https://docs.ansible.com/ansible/latest/collections/ansible/posix/synchronize_module.html#parameter-use_ssh_args
-
- Jun 07, 2022
-
-
Ilya Margolin authored
* Allow disabling calico CNI logs with calico_cni_log_file_path Calico CNI logs up to 1G if it log a lot with current default settings: log_file_max_size 100 Max file size in MB log files can reach before they are rotated. log_file_max_age 30 Max age in days that old log files will be kept on the host before they are removed. log_file_max_count 10 Max number of rotated log files allowed on the host before they are cleaned up. See https://projectcalico.docs.tigera.io/reference/cni-plugin/configuration#logging To save disk space, make the path configurable and allow disabling this log by setting `calico_cni_log_file_path: false` * Fix markdown * Update roles/network_plugin/canal/templates/cni-canal.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
-
- Jun 06, 2022
-
-
zhougw authored
* fix dir error * the command line should align
-
- May 29, 2022
-
-
Alessio Greggi authored
-
- May 20, 2022
-
-
Kenichi Omichi authored
Due many patterns of Linux distributions, it is difficult to install ansible dependencies as system-wide stably. Apart of Kubespray doc[1] recommends to use venv to avoid such issue, and this applies venv usage to the other parts of the doc. [1]: https://github.com/kubernetes-sigs/kubespray/blob/master/docs/setting-up-your-first-cluster.md#set-up-kubespray
-
- May 16, 2022
-
-
Cristian Calin authored
drop note about not supporting ansible 2.9 since we still cover it in nightly CI
-
- May 14, 2022
-
-
Kenichi Omichi authored
kata-container is not used by default even if enabling kata_containers_enabled. This updates the doc for writing how to do that.
-
- May 12, 2022
-
-
Oogy authored
* support metallb peer password * add MetalLB BGP password example
-
- May 11, 2022
-
-
Necatican Yıldırım authored
* [cilium] Separate templates for cilium, cilium-operator, and hubble installations Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Update cilium-operator templates Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Allow using custom args and mounting extra volumes for the Cilium Operator Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Update the cilium configmap to filter out the deprecated variables, and add the new variables Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Add an option to use Wireguard encryption on Cilium 1.10 and up Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Update cilium-agent templates Signed-off-by: necatican <necaticanyildirim@gmail.com> * [cilium] Bump Cilium version to 1.11.3 Signed-off-by: necatican <necaticanyildirim@gmail.com>
-
- May 10, 2022
-
-
weizhoublue authored
when cilium v1.10 , it is ok to support arm64 https://cilium.io/blog/2021/05/20/cilium-110 Signed-off-by: weizhou.lan@daocloud.io <weizhou.lan@daocloud.io>
-
- May 09, 2022
-
-
Alessio Greggi authored
feat: add variables to manage makeIPTablesUtilChains and streamingConnectionIdleTimeout kubelet parameters (#8796)
-
- May 06, 2022
-
-
Alessio Greggi authored
* feat: add variable to manage service-account-lookup on kube-apiserver * docs: add documentation about service-account-lookup variable
-
- May 02, 2022
-
-
Alessio Greggi authored
* feat: add support for EventRateLimit admission plugin * docs: add documentation about admission_control_config_file and EventRateLimit configuration
-
- Apr 27, 2022
-
-
- Apr 26, 2022
-
-
Kenichi Omichi authored
* kata container related options exist in k8s-cluster.yml, not k8s_cluster.yml * https://github.com/kata-containers/runtime has been archived and https://github.com/kata-containers/kata-containers is used today.
-
- Apr 14, 2022
-
-
Cristian Calin authored
-
- Apr 07, 2022
-
-
Mathieu Parent authored
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
-
- Apr 05, 2022
-
-
Alessio Greggi authored
* feat: split kube_feature_gates variable for different kubernetes components * docs: add kube_feaute_gates componet variables
-
- Mar 31, 2022
-
-
Kenichi Omichi authored
To read it easily, this puts new lines.
-
- Mar 30, 2022
-
-
Cristian Calin authored
* [ansible] make ansible 5.x the new default version and move different versions tested to nightly jobs * [CI] jobs were missing proper ansible cleanup
-
- Mar 18, 2022
-
-
Cristian Calin authored
* [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
-
- Mar 17, 2022
-
-
Cristian Calin authored
-
- Mar 02, 2022
-
-
Tom Janson authored
This reverts commit 41718024.
-
- Feb 28, 2022
-
-
Tom Janson authored
As far as I can tell this is simply a typo that has existed from the beginning. Having it this way around (`etcd` group as a child and thus subset of `k8s_cluster`) mirrors what is written in the preceeding sentence.
-
- Feb 23, 2022
-
-
Alex authored
* change default value for Encrypting Secret Data at Rest to secretbox, remove experimental flag and add documentation * fix MD012/no-multiple-blanks
-
- Feb 22, 2022
-
-
Necatican Yıldırım authored
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable Signed-off-by: necatican <necaticanyildirim@gmail.com> * Add etcd kubeadm deployment documentation Signed-off-by: necatican <necaticanyildirim@gmail.com> * Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable Signed-off-by: necatican <necaticanyildirim@gmail.com>
-
- Feb 16, 2022
-
-
Mac Chaffee authored
* Allow pausing after upgrade but before uncordon * Expand docs for upgrade pausing vars Signed-off-by: Mac Chaffee <me@macchaffee.com>
-
- Feb 15, 2022
-
-
kakkotetsu authored
-
- Feb 09, 2022
-
-
Takuya Murakami authored
* Add containerd/runc/nerdctl download url * Add insecure registries configuration for containerd
-
- Feb 05, 2022
-
-
Krystian Młynek authored
-
- Feb 02, 2022
-
-
Julio H Morimoto authored
* Amend PR https://github.com/kubernetes-sigs/kubespray/pull/8471 with missing inventory configuration. Signed-off-by: Julio Morimoto <julio@morimoto.net.br> * Amend PR https://github.com/kubernetes-sigs/kubespray/pull/8471 with missing inventory configuration. Signed-off-by: Julio Morimoto <julio@morimoto.net.br>
-
- Feb 01, 2022
-
-
Tristan authored
Using the coredns_cluster_zone_cache_block variable
-
- Jan 31, 2022
-
-
Ilya Margolin authored
refs #8247
-
- Jan 27, 2022
-
-
Cristian Calin authored
-
Julio H Morimoto authored
Provide initial guidelines for a container engine migration (docker-2-containerd), with special emphasis on the fact that the procedure is still not officially supported. (#8471) Follow up from https://github.com/kubernetes-sigs/kubespray/issues/8431 . Signed-off-by: Julio Morimoto <julio@morimoto.net.br>
-