Max Gautier · Arthur Outhenin-Chalandre · Mohamed Omar Zaian · 03ac02af · 03ac02af · 03ac02af
--- a/README.md
+++ b/README.md
@@ -160,7 +160,7 @@ Note: Upstart/SysV init based OS types are not supported.
 ## Supported Components

 - Core
-  - [kubernetes](https://github.com/kubernetes/kubernetes) v1.29.2
+  - [kubernetes](https://github.com/kubernetes/kubernetes) v1.29.3
  - [etcd](https://github.com/etcd-io/etcd) v3.5.10
  - [docker](https://www.docker.com/) v24.0 (see [Note](#container-runtime-notes))
  - [containerd](https://containerd.io/) v1.7.13

--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -17,7 +17,7 @@ kube_token_dir: "{{ kube_config_dir }}/tokens"
 kube_api_anonymous_auth: true

 ## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.29.2
+kube_version: v1.29.3

 # Where the binaries will be downloaded.
 # Note: ensure that you've enough disk space (about 1G)

--- a/roles/bootstrap-os/tasks/bootstrap-amazon.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-amazon.yml
--- a/roles/bootstrap-os/tasks/bootstrap-coreos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-coreos.yml
---
-# CoreOS ships without Python installed
-
- name: Check if bootstrap is needed
-  raw: stat /opt/bin/.bootstrapped
-  register: need_bootstrap
-  failed_when: false
-  changed_when: false
-  tags:
-    - facts
-
- name: Force binaries directory for Container Linux by CoreOS and Flatcar
-  set_fact:
-    bin_dir: "/opt/bin"
-  tags:
-    - facts
-
- name: Run bootstrap.sh
-  script: bootstrap.sh
-  become: true
-  environment: "{{ proxy_env }}"
-  when:
-    - need_bootstrap.rc != 0
-
- name: Set the ansible_python_interpreter fact
-  set_fact:
-    ansible_python_interpreter: "{{ bin_dir }}/python"
-  tags:
-    - facts
-
- name: Disable auto-upgrade
-  systemd:
-    name: locksmithd.service
-    masked: true
-    state: stopped
-  when:
-    - coreos_locksmithd_disable
--- a/roles/bootstrap-os/tasks/bootstrap-centos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-centos.yml
--- a/roles/bootstrap-os/tasks/bootstrap-clearlinux.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-clearlinux.yml
--- a/roles/bootstrap-os/tasks/bootstrap-debian.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-debian.yml
@@ -55,22 +55,10 @@
  raw: apt-get update --allow-releaseinfo-change
  become: true
  when:
-    - '''ID=debian'' in os_release.stdout_lines'
-    - '''VERSION_ID="10"'' in os_release.stdout_lines or ''VERSION_ID="11"'' in os_release.stdout_lines'
+    - os_release_dict['ID'] == 'debian'
+    - os_release_dict['VERSION_ID'] in ["10", "11"]
  register: bootstrap_update_apt_result
  changed_when:
    - '"changed its" in bootstrap_update_apt_result.stdout'
    - '"value from" in bootstrap_update_apt_result.stdout'
  ignore_errors: true
-
- name: Set the ansible_python_interpreter fact
-  set_fact:
-    ansible_python_interpreter: "/usr/bin/python3"
-
-# Workaround for https://github.com/ansible/ansible/issues/25543
- name: Install dbus for the hostname module
-  package:
-    name: dbus
-    state: present
-    use: apt
-  become: true
--- a/roles/bootstrap-os/tasks/bootstrap-fedora-coreos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-fedora-coreos.yml
@@ -38,9 +38,3 @@
    delay: 5
    sleep: 5
  when: need_bootstrap.rc != 0
-
- name: Store the fact if this is an fedora core os host
-  set_fact:
-    is_fedora_coreos: True
-  tags:
-    - facts
--- a/roles/bootstrap-os/tasks/bootstrap-fedora.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-fedora.yml
--- a/roles/bootstrap-os/tasks/bootstrap-flatcar.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-flatcar.yml
@@ -9,12 +9,6 @@
  tags:
    - facts

- name: Force binaries directory for Flatcar Container Linux by Kinvolk
-  set_fact:
-    bin_dir: "/opt/bin"
-  tags:
-    - facts
-
 - name: Run bootstrap.sh
  script: bootstrap.sh
  become: true
@@ -22,11 +16,14 @@
  when:
    - need_bootstrap.rc != 0

- name: Set the ansible_python_interpreter fact
+# Workaround ansible https://github.com/ansible/ansible/pull/82821
+# We set the interpreter rather than ansible_python_interpreter to allow
+# - using virtual env with task level ansible_python_interpreter later
+# - let users specify an ansible_python_interpreter in group_vars
+
+- name: Make interpreter discovery works on Flatcar
  set_fact:
-    ansible_python_interpreter: "{{ bin_dir }}/python"
-  tags:
-    - facts
+    ansible_interpreter_python_fallback: "{{ ansible_interpreter_python_fallback + [ '/opt/bin/python' ] }}"

 - name: Disable auto-upgrade
  systemd:

--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -6,47 +6,29 @@
  # This command should always run, even in check mode
  check_mode: false

- name: Bootstrap CentOS
-  include_tasks: bootstrap-centos.yml
-  when: '''ID="centos"'' in os_release.stdout_lines or ''ID="ol"'' in os_release.stdout_lines or ''ID="almalinux"'' in os_release.stdout_lines or ''ID="rocky"'' in os_release.stdout_lines or ''ID="kylin"'' in os_release.stdout_lines  or ''ID="uos"'' in os_release.stdout_lines or ''ID="openEuler"'' in os_release.stdout_lines'
+- name: Include distro specifics vars and tasks
+  vars:
+    os_release_dict: "{{ os_release.stdout_lines | select('regex', '^.+=.*$') | map('regex_replace', '\"', '') |
+                         map('split', '=') | community.general.dict }}"
+  block:
+  - name: Include vars
+    include_vars: "{{ item }}"
+    tags:
+    - facts
+    with_first_found:
+    - &search
+      files:
+      - "{{ os_release_dict['ID'] }}-{{ os_release_dict['VARIANT_ID'] }}.yml"
+      - "{{ os_release_dict['ID'] }}.yml"
+      paths:
+      - vars/
+      skip: True
+  - name: Include tasks
+    include_tasks: "{{ item }}"
+    with_first_found:
+    - <<: *search
+      paths: []

- name: Bootstrap Amazon
-  include_tasks: bootstrap-amazon.yml
-  when: '''ID="amzn"'' in os_release.stdout_lines'
-
- name: Bootstrap RedHat
-  include_tasks: bootstrap-redhat.yml
-  when: '''ID="rhel"'' in os_release.stdout_lines'
-
- name: Bootstrap Clear Linux
-  include_tasks: bootstrap-clearlinux.yml
-  when: '''ID=clear-linux-os'' in os_release.stdout_lines'
-
-# Fedora CoreOS
- name: Bootstrap Fedora CoreOS
-  include_tasks: bootstrap-fedora-coreos.yml
-  when:
-    - '''ID=fedora'' in os_release.stdout_lines'
-    - '''VARIANT_ID=coreos'' in os_release.stdout_lines'
-
- name: Bootstrap Flatcar
-  include_tasks: bootstrap-flatcar.yml
-  when: '''ID=flatcar'' in os_release.stdout_lines'
-
- name: Bootstrap Debian
-  include_tasks: bootstrap-debian.yml
-  when: '''ID=debian'' in os_release.stdout_lines or ''ID=ubuntu'' in os_release.stdout_lines'
-
-# Fedora "classic"
- name: Boostrap Fedora
-  include_tasks: bootstrap-fedora.yml
-  when:
-    - '''ID=fedora'' in os_release.stdout_lines'
-    - '''VARIANT_ID=coreos'' not in os_release.stdout_lines'
-
- name: Bootstrap OpenSUSE
-  include_tasks: bootstrap-opensuse.yml
-  when: '''ID="opensuse-leap"'' in os_release.stdout_lines or ''ID="opensuse-tumbleweed"'' in os_release.stdout_lines'

 - name: Create remote_tmp for it is used by another module
  file:
@@ -54,9 +36,7 @@
    state: directory
    mode: 0700

-# Workaround for https://github.com/ansible/ansible/issues/42726
-# (1/3)
- name: Gather host facts to get ansible_os_family
+- name: Gather facts
  setup:
    gather_subset: '!all'
    filter: ansible_*
@@ -64,39 +44,12 @@
 - name: Assign inventory name to unconfigured hostnames (non-CoreOS, non-Flatcar, Suse and ClearLinux, non-Fedora)
  hostname:
    name: "{{ inventory_hostname }}"
-  when:
-    - override_system_hostname
-    - ansible_os_family not in ['Suse', 'Flatcar', 'Flatcar Container Linux by Kinvolk', 'ClearLinux']
-    - not ansible_distribution == "Fedora"
-    - not is_fedora_coreos
-
-# (2/3)
- name: Assign inventory name to unconfigured hostnames (CoreOS, Flatcar, Suse, ClearLinux and Fedora only)
-  command: "hostnamectl set-hostname {{ inventory_hostname }}"
-  register: hostname_changed
-  become: true
-  changed_when: false
-  when: >
-    override_system_hostname
-    and (ansible_os_family in ['Suse', 'Flatcar', 'Flatcar Container Linux by Kinvolk', 'ClearLinux']
-    or is_fedora_coreos
-    or ansible_distribution == "Fedora")
-
-# (3/3)
- name: Update hostname fact (CoreOS, Flatcar, Suse, ClearLinux and Fedora only)
-  setup:
-    gather_subset: '!all'
-    filter: ansible_hostname
-  when: >
-    override_system_hostname
-    and (ansible_os_family in ['Suse', 'Flatcar', 'Flatcar Container Linux by Kinvolk', 'ClearLinux']
-    or is_fedora_coreos
-    or ansible_distribution == "Fedora")
+  when: override_system_hostname

 - name: Install ceph-commmon package
  package:
    name:
-      - ceph-common
+    - ceph-common
    state: present
  when: rbd_provisioner_enabled | default(false)


--- a/roles/bootstrap-os/tasks/opensuse-leap.yml
+++ b/roles/bootstrap-os/tasks/opensuse-leap.yml
+opensuse.yml
\ No newline at end of file
--- a/roles/bootstrap-os/tasks/opensuse-tumbleweed.yml
+++ b/roles/bootstrap-os/tasks/opensuse-tumbleweed.yml
+opensuse.yml
\ No newline at end of file
--- a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
--- a/roles/bootstrap-os/tasks/bootstrap-redhat.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-redhat.yml
--- a/roles/bootstrap-os/tasks/ubuntu.yml
+++ b/roles/bootstrap-os/tasks/ubuntu.yml
+debian.yml
\ No newline at end of file
--- a/roles/bootstrap-os/vars/fedora-coreos.yml
+++ b/roles/bootstrap-os/vars/fedora-coreos.yml
+---
+is_fedora_coreos: True
--- a/roles/bootstrap-os/vars/flatcar.yml
+++ b/roles/bootstrap-os/vars/flatcar.yml
+---
+bin_dir: "/opt/bin"
--- a/roles/kubespray-defaults/defaults/main/checksums.yml
+++ b/roles/kubespray-defaults/defaults/main/checksums.yml
--- a/roles/kubespray-defaults/defaults/main/download.yml
+++ b/roles/kubespray-defaults/defaults/main/download.yml
@@ -75,13 +75,13 @@ image_arch: "{{ host_architecture | default('amd64') }}"

 # Versions
 kubeadm_version: "{{ kube_version }}"
-crun_version: 1.8.5
+crun_version: 1.14.4
 runc_version: v1.1.12
 kata_containers_version: 3.1.3
 youki_version: 0.1.0
-gvisor_version: 20230807
+gvisor_version: 20240305
 containerd_version: 1.7.13
-cri_dockerd_version: 0.3.9
+cri_dockerd_version: 0.3.11

 # this is relevant when container_manager == 'docker'
 docker_containerd_version: 1.6.28
@@ -117,7 +117,7 @@ cni_version: "v1.3.0"
 weave_version: 2.8.1

 cilium_version: "v1.13.4"
-cilium_cli_version: "v0.15.0"
+cilium_cli_version: "v0.16.0"
 cilium_enable_hubble: false

 kube_ovn_version: "v1.11.5"
@@ -127,7 +127,7 @@ multus_version: "v3.8"
 helm_version: "v3.14.2"
 nerdctl_version: "1.7.4"
 krew_version: "v0.4.4"
-skopeo_version: "v1.13.2"
+skopeo_version: "v1.14.2"

 # Get kubernetes major version (i.e. 1.17.4 => 1.17)
 kube_major_version: "{{ kube_version | regex_replace('^v([0-9])+\\.([0-9]+)\\.[0-9]+', 'v\\1.\\2') }}"
@@ -146,8 +146,8 @@ etcd_version: "{{ etcd_supported_versions[kube_major_version] }}"

 crictl_supported_versions:
  v1.29: "v1.29.0"
-  v1.28: "v1.28.0"
-  v1.27: "v1.27.1"
+  v1.28: "v1.28.4"
+  v1.27: "v1.27.4"
 crictl_version: "{{ crictl_supported_versions[kube_major_version] }}"

 crio_supported_versions:
@@ -163,7 +163,7 @@ scheduler_plugins_supported_versions:
  v1.27: v0.27.8
 scheduler_plugins_version: "{{ scheduler_plugins_supported_versions[kube_major_version] }}"

-yq_version: "v4.35.2"
+yq_version: "v4.42.1"

 # Download URLs
 kubelet_download_url: "https://dl.k8s.io/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubelet"