- Apr 21, 2021
-
-
Cristian Calin authored
* add hashes for calico v3.17.3 * add hashes for claico v3.18.1 * bump default calico version to v3.17.3 * calico crds are missing yaml separator breaking kdd
-
Xachman authored
-
Kenichi Omichi authored
As the official document[1], the parameter keepcache should be '0' or '1' as string. To avoid the following warning message, this fixes the parameter value: [WARNING]: The value False (type bool) in a string field was converted to u'False' (type string). If this does not look like what you expect, quote the entire value to ensure it does not change. https://docs.ansible.com/ansible/latest/collections/ansible/builtin/yum_repository_module.html
-
Mathieu Parent authored
Fixes "mapping values are not allowed in this context
-
holmesb authored
Fixes issue #7528 - allow configuring CALICO_STARTUP_LOGLEVEL via a new variable: calico_node_startup_loglevel (#7530) Signed-off-by: Brendan Holmes <5072156+holmesb@users.noreply.github.com>
-
Florian Ruynat authored
-
- Apr 19, 2021
-
-
Frank Ritchie authored
This is a followup to https://github.com/kubernetes-sigs/kubespray/pull/7413 Although the code worked there was a desire for a better solution. Hopefully people will be happy with this alternative.
-
- Apr 16, 2021
-
-
Florian Ruynat authored
-
Florian Ruynat authored
-
- Apr 15, 2021
-
-
Samuel Liu authored
-
Florian Ruynat authored
-
- Apr 14, 2021
-
-
muzi502 authored
-
- Apr 13, 2021
-
-
Krystian Młynek authored
-
- Apr 12, 2021
-
-
Etienne Champetier authored
This allow to configure when K8S certificates renewal runs Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
Etienne Champetier authored
We were regenerating only the cert of the first node While at it speed up the check step Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
emiran-orange authored
Use kubeadm_feature_gates instead of kube_feature_gates to leverage kubeadm feature gates and not to interfere with k8s components feature gates (#7447)
-
Zhong Jianxin authored
* Add containerd_extra_args This is useful for custom containerd config, e.g. auth Signed-off-by: Zhong Jianxin <azuwis@gmail.com> * Make containerd config.toml mode 0640 It may contain sensitive information like password Signed-off-by: Zhong Jianxin <azuwis@gmail.com>
-
- Apr 11, 2021
-
-
Samuel Liu authored
-
- Apr 09, 2021
-
-
Florian Ruynat authored
-
Florian Ruynat authored
-
Sergey authored
* add CI test for auto_renew_certificates * change timer value fix typo error in rotate cert script
-
- Apr 08, 2021
-
-
Samuel Liu authored
* kubelet absolute path * kubelet absolute path
-
Kenichi Omichi authored
According to the document[1], audit-webhook-batch-max-size and audit-webhook-batch-max-wait are used only in the batch mode. This adds a condition to avoid unnecessary writting on the config. [1]: https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#batching
-
Frank Ritchie authored
This PR is to move the cilium kvstore options to the configmap rather than specifying them in the deployment as args. This is not technically necessary but keeping all the options in one place is probably not a bad idea. Tested with cilium 1.9.5.
-
- Apr 07, 2021
-
-
Florian Ruynat authored
-
- Apr 06, 2021
-
-
Frank Ritchie authored
When attempting a fresh install without cilium_ipsec_enabled I ran into the following error: failed: [k8m01] (item={'name': 'cilium', 'file': 'cilium-secret.yml', 'type': 'secret', 'when': 'cilium_ipsec_enabled'}) => {"ansible_loop_var": "item", "changed": false, "item": {"file": "cilium-secret.yml", "name": "cilium", "type": "secret", "when": "cilium_ipsec_enabled"},"msg": "AnsibleUndefinedVariable: 'cilium_ipsec_key' is undefined"} Moving the when condition from the item level to the task level solved the issue.
-
Maciej Wereski authored
* Add KubeSchedulerConfiguration for k8s 1.19 and up With release of version 1.19.0 of kubernetes KubeSchedulerConfiguration was graduated to beta. It allows to extend different stages of scheduling with profiles. Such effect is achieved by using plugins and extensions. This patch adds KubeSchedulerConfiguration for versions 1.19 and later. Configuration is set to k8s defaults or to kubespray vars. Moving those defaults to new vars will be done in following patch. Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com> * KubeSchedulerConfiguration: add defaults Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
-
- Apr 05, 2021
-
-
Florian Ruynat authored
-
Samuel Liu authored
-
Necatican Yıldırım authored
* Add support for crun v0.19 * Change default crun version to v0.19
-
Samuel Liu authored
-
- Apr 02, 2021
-
-
Daniil Muidinov authored
* Set containerd version to 1.4.3 * Set containerd version to 1.4.4 Co-authored-by: Barry Melbourne <9964974+bmelbourne@users.noreply.github.com>
-
orange-llajeanne authored
-
- Apr 01, 2021
-
-
Pasquale Toscano authored
-
Frank Ritchie authored
Starting with Cilium v1.9 the default ipam mode has changed to "Cluster Scope". See: https://docs.cilium.io/en/v1.9/concepts/networking/ipam/ With this ipam mode Cilium handles assigning subnets to nodes to use for pod ip addresses. The default Kubespray deploy uses the Kube Controller Manager for this (the --allocate-node-cidrs kube-controller-manager flag is set). This makes the proper ipam mode for kubespray using cilium v1.9+ "kubernetes". Tested with Cilium 1.9.5. This PR also mounts the cilium-config ConfigMap for this variable to be read properly. In the future we can probably remove the kvstore and kvstore-opt Cilium Operator args since they can be in the ConfigMap. I will tackle that after this merges.
-
- Mar 31, 2021
-
-
Helmut Januschka authored
fix undefinedElse
-
- Mar 30, 2021
-
-
Etienne Champetier authored
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
-
- Mar 29, 2021
-
-
Fernando authored
-
Frank Ritchie authored
When upgrading cilium from 1.8.8 to 1.9.5 I ran into the following error: level=error msg="Unable to update CRD" error="customresourcedefinitions.apiextensions.k8s.io \"ciliumnodes.cilium.io\" is forbidden: User \"system:serviceaccount:kube-system:cilium-operator\" cannot update resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope" name=CiliumNode/v2 subsys=k8s The fix was to add the update verb to the clusterrole. I also added create to match the clusterrole created by the cilium helm chart.
-
Samuel Liu authored
-