- Mar 03, 2025
-
-
Mathieu Parent authored
-
Chad Swenson authored
This adds a new flag with default `kubeadm_config_validate_enabled: true` to use when debugging features and enhancements affected by the `kubeadm config validate command`. This new flag should be set to `false` only for development and testing scenarios where validation is expected to fail (pre-release Kubernetes versions, etc). While working with development and test versions of Kubernetes and Kubespray, I found this option very useful.
-
- Feb 28, 2025
-
-
Mathieu Parent authored
-
- Feb 27, 2025
-
-
ERIK authored
Signed-off-by:
bo.jiang <bo.jiang@daocloud.io>
-
- Feb 19, 2025
-
-
Ekko authored
Signed-off-by:
ekko <lihai.tu@daocloud.io>
-
- Feb 14, 2025
-
-
Max Gautier authored
* Automatically derive defaults versions from checksums Currently, when updating checksums, we manually update the default versions. However, AFAICT, for all components where we have checksums, we're using the newest version out of those checksums. Codify this in the `_version` defaults variables definition to make the process automatic and reduce manual steps (as well as the diff size during reviews). We assume the versions are sorted, with newest first. This should be guaranteed by the pre-commit hooks. * Validate checksums are ordered by versions, newest first * Generalize render-readme-versions hook for other static files The pre-commit hook introduced a142f40e (Update versions in README.md with pre-commit, 2025-01-21) allow to update our README with new versions. It turns out other "static" files (== which don't interpret Ansible variables) also use the default version (in that case, our Dockefiles, but there might be others) The Dockerfile breaks if the variable they use (`kube_version`) is a Jinja template. For helping with automatic version upgrade, generalize the hook to deal with other static files, and make a template out of the Dockerfile. * Dockerfile: template kube_version with pre-commit instead of runtime * Validate all versions/checksums are strings in pre-commit All the ansible/python tooling for version is for version strings. YAML unhelpfully consider some stuff as number, so enforce this. * Stringify checksums versions
-
- Feb 11, 2025
-
-
Boris authored
-
- Feb 08, 2025
-
-
Ali Afsharzadeh authored
-
- Feb 06, 2025
-
-
Kay Yan authored
* exclude .ansible in ansible-lint * remote ctr i pull workdaround Signed-off-by:
Kay Yan <kay.yan@daocloud.io> --------- Signed-off-by:
Kay Yan <kay.yan@daocloud.io>
-
- Feb 05, 2025
-
-
Mohamed Omar Zaian authored
-
Mohamed Omar Zaian authored
-
- Feb 03, 2025
-
-
Antoine Legrand authored
This reverts commit 76c0a3aa.
-
- Jan 27, 2025
-
-
Boris authored
-
- Jan 24, 2025
-
-
Max Gautier authored
* Remove krew installation support Krew is fundamentally to install kubectl plugins, which are eminently a client side things. It's also not difficult to install on a client machine. * Remove krew cleanup
-
- Jan 23, 2025
-
-
Max Gautier authored
This has been deprecated for a long time, time to pull the plug. We leave an assert for one release to have a straightforward failure if some users were still using the variable.
-
- Jan 15, 2025
-
-
Kay Yan authored
* [kubernetes] Support Kubernetes v1.32.0 * add workaround for RHEL8 Signed-off-by:
Kay Yan <kay.yan@daocloud.io> --------- Signed-off-by:
Kay Yan <kay.yan@daocloud.io> Co-authored-by:
Mohamed Zaian <mohamedzaian@gmail.com>
-
- Jan 13, 2025
-
-
ChengHao Yang authored
* Add `manual` option in the `external_cloud_provider` value Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Update external cloud provider description in roles & sample inventory Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Jan 07, 2025
-
-
Chad Swenson authored
Adds the ability to configure the Kubernetes API server with a structured authorization configuration file. Structured AuthorizationConfiguration is a new feature in Kubernetes v1.29+ (GA in v1.32) that configures the API server's authorization modes with a structured configuration file. AuthorizationConfiguration files offer features not available with the `--authorization-mode` flag, although Kubespray supports both methods and authorization-mode remains the default for now. Note: Because the `--authorization-config` and `--authorization-mode` flags are mutually exclusive, the `authorization_modes` ansible variable is ignored when `kube_apiserver_use_authorization_config_file` is set to true. The two features cannot be used at the same time. Docs: https://kubernetes.io/docs/reference/access-authn-authz/authorization/#configuring-the-api-server-using-an-authorization-config-file Blog + Examples: https://kubernetes.io/blog/2024/04/26/multi-webhook-and-modular-authorization-made-much-easier/ KEP: https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3221-structured-authorization-configuration I tested this all the way back to k8s v1.29 when AuthorizationConfiguration was first introduced as an alpha feature, although v1.29 required some additional workarounds with `kubeadm_patches`, which I included in example comments. I also included some example comments with CEL expressions that allowed me to configure webhook authorizers without hitting kubeadm 1.29+ issues that block cluster creation and upgrades such as this one: https://github.com/kubernetes/cloud-provider-openstack/issues/2575. My workaround configures the webhook to ignore requests from kubeadm and system components, which prevents fatal errors from webhooks that are not available yet, and should be authorized by Node or RBAC anyway.
-
- Jan 02, 2025
-
- Dec 27, 2024
-
-
ChengHao Yang authored
* Bump: Containerd upgrade to 1.7.24 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Docs: README.md update Containerd version 1.7.24 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Bump: runc upgrade to v1.2.3 Runc upgrade to v1.2.3, and add v1.1.15, v1.2.x checksum Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Dec 26, 2024
-
-
ChengHao Yang authored
* Bump: Helm default version v3.16.4 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Docs: README.md update helm version Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
Mohamed Omar Zaian authored
-
ChengHao Yang authored
* Bump: kubernetes upgrade to 1.31.4 Add Kubernetes 1.31.4, 1.30.8 and 1.29.12 version Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Docs: Upgrade Kubernetes version to 1.31.4 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Dec 19, 2024
-
-
Max Gautier authored
We use a lot of facts where variables are enough, and format too early, which prevent reusing the variables in different contexts. - Moves set_fact variables to the vars directory, remove unnecessary intermediate variables, and render them at usage sites to only do logic on native Ansible/Jinja lists. - Use defaults/ rather than default filters for several variables.
-
- Dec 02, 2024
-
-
ERIK authored
Signed-off-by:
bo.jiang <bo.jiang@daocloud.io>
-
- Nov 29, 2024
-
-
ERIK authored
Signed-off-by:
bo.jiang <bo.jiang@daocloud.io>
-
- Nov 25, 2024
-
-
ChengHao Yang authored
* Refactor: replace registry.k8s.io with kube_image_repo variable Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Bump: OpenStack Cloud Controller Manager upgrade to v1.31.1 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Refactor: remove occm image tag from sample inventory Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
ChengHao Yang authored
* Bump: Kubernetes default version set to v1.31.3 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Docs: README.md update kubernetes version Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Nov 19, 2024
-
-
logicsys authored
Partial Cilium 1.16+ Support & Add vars for configuring cilium IP load balancer pools and bgp v1 & v2 apis (#11620) * Add vars for configuring cilium IP load balancer pools and bgp peer policies * Cilium 1.16+ Support - Add vars for configuring cilium bgpv2 api & handle cilium_kube_proxy_replacement unsupported values
-
- Nov 08, 2024
-
-
ChengHao Yang authored
Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Nov 06, 2024
-
-
Lihai Tu authored
-
- Nov 05, 2024
-
-
ChengHao Yang authored
If kube_version is v1.31 or higher, it will be v1beta4, otherwise it will be v1beta3. Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
ChengHao Yang authored
For this change, `external_cloud_provider` set default value to empty string. Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
ChengHao Yang authored
For this change, `cloud_provider` change the default value to empty string. Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Nov 04, 2024
-
-
ChengHao Yang authored
Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
ChengHao Yang authored
Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
ChengHao Yang authored
* Feat: upgrade cert-manager version to v1.15.3 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Feat: upgrade cert-manager crd to v1.15.3 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Feat: update cert-manager v1.15.3 deployment files Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> * Docs: upgrade cert-manager to v1.15.3 Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com> --------- Signed-off-by:
ChengHao Yang <17496418+tico88612@users.noreply.github.com>
-
- Oct 31, 2024
-
-
kyrie authored
Signed-off-by:
KubeKyrie <shaolong.qin@daocloud.io>
-
- Oct 24, 2024
-
-
Robert Volkmann authored
-
Robert Volkmann authored
-