epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-13 21:34:40 +03:00
Code Issues Packages Projects Releases Wiki Activity
8,610 Commits 44 Branches 87 Tags
master
Commit Graph

5683 Commits

Author SHA1 Message Date
Max Gautier
5243b33bd7 Cleanup support for removed OS in bootstrap 
- centos < 8
- debian 10
 2025-06-05 11:16:25 +02:00
Max Gautier
d5b2a9b5ba opensuse: move package installation to system_packages 
No reason to special case
 2025-06-05 11:16:24 +02:00
Max Gautier
2152022926 debian-based distro: handle apt update cache when installing packages 
The package module pass options to the underlying packages manager
module if they support it. No need to handle it in bootstrap.
 2025-06-05 11:16:24 +02:00
Max Gautier
f13b80cac0 ClearLinux: remove special casing 
- put package install in system_packages
- docker should be handled by the approriate roles if used as container
  engine
 2025-06-05 11:16:23 +02:00
Shuu
a87b86c6d3 Make main_ip cacheable in facts (#12243) 2025-06-05 01:58:38 -07:00
Peter Pan
85b0be144a Fix: check expiry before do breaking renew and container restart actions (#12194) 
* Fix: check expiraty before renew

Since certificate renewal and container restarts involve higher risks,
they should be executed with extra caution.

* squash to Fix: check expiraty before renew

* squash to Fix: address more comments from VannTen

Signed-off-by: Peter Pan <Peter.Pan@daocloud.io>

---------

Signed-off-by: Peter Pan <Peter.Pan@daocloud.io>
 2025-06-05 01:04:41 -07:00
ChengHao Yang
6f7822d25c [flannel] upgrade to 0.26.7 (#12260) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-06-05 00:42:53 -07:00
Imran Ahmed
ce26f17e9e fix unquoted san cert causing issues with ips (#12256) 2025-06-02 22:50:38 -07:00
Christos Papageorgiou
a9f600ffa2 Import centos bootstrap os task for Alma/Rocky Linux (#12264) 2025-06-02 22:42:38 -07:00
ERIK
3454cd2c69 feat: Support certificate validity period config in kubeadm v1beta4 (#12272) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-06-02 20:44:37 -07:00
Kubernetes Prow Robot
c7c3d2ba95 Merge pull request #12163 from VannTen/cleanup/etcd_inv_sample 
Move etcd inventory sample doc to role defaults
 2025-05-26 03:16:16 -07:00
Ali Afsharzadeh
c89c34f4d6 Update load balancers versions to Nginx 1.28.0, Haproxy 3.1.7 (#12178) 2025-05-23 20:50:34 -07:00
Max Gautier
92e8ac9de2 Remove tag 'master' (#12228) 
* Remove tag master

Following it's deprecation in 4b324cb0f (Rename master to control plane
- non-breaking changes only (#11394), 2024-09-06)

* Add fail fast path when using removed tags

- Used for the master tag, but this could be used for other things in
  the future
 2025-05-22 01:20:36 -07:00
Anshuman Agarwala
73b3e9b557 Removed weave support (#12230) 2025-05-22 01:10:36 -07:00
Max Gautier
490dece3bf Cleanup assert after 2.28 (#12245) 
Users should have used 2.28 and adapted their inventories now.
 2025-05-21 20:28:35 -07:00
Takuya Murakami
16c05338d9 Update cri-o to 1.33.0 for kubernetes 1.33 
Use ubuntu 22.04 for molecule test of cri-o,
because crun included in the cri-o does not work on
ubuntu 20.04.
 2025-05-22 08:43:03 +09:00
Takuya Murakami
8ad1253b4f [kubernetes] Support kubernetes 1.33.1 
- Add checksum entries.
- Set min required version to Kubernetes 1.31.x
- Update supported versions
- Refactor coredns_version
 2025-05-21 23:56:47 +09:00
Ekko
6c5c45b328 Allow stopping ubuntu unattended-upgrades (#12174) 
Signed-off-by: Ekko Tu <lihai.tu@daocloud.io>
 2025-05-20 01:07:16 -07:00
ChengHao Yang
1266527014 Add cilium cli binary hash before 0.18.3 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
5e2e63ebe3 Make cilium dnsProxy transparent mode configure 
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
 2025-05-19 08:48:15 +08:00
ChengHao Yang
db290ca686 Add cilium gateway api support 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
6619d98682 Add cilium hubble export dynamic content 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
b771d73fe0 Add cilium hubble export file max backups & size mb 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
65751e8193 Add cilium operator tolerations default values 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
4c16fc155f Cilium values k8sServiceHost and k8sServicePort use auto 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
dcd3461bce Cilium values use image variables 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
48f75c2c2b Upgrade Cilium related images 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
a4b73c09a7 Upgrade cilium version to 1.17.3 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
86437730de Use cilium-cli install Cilium 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
6fe64323db Remove old cilium templates install 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:13 +08:00
ChengHao Yang
1e471d5eeb Upgrade outdated cilium_min_version_required 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:11 +08:00
Max Gautier
3a2862ea19 Move checksums to kubespray_defaults/vars (#12234) 
The checksums are not a defaults and are not meant to be changed from
the inventories.

Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.
 2025-05-18 16:13:14 -07:00
ErmolenkoMaxim
46a0dc9a51 Add support for hubble-export-file-max-backups and max-size-mb variables (#12072) 
* feat(cilium): add configurable Hubble export log rotation parameters

- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals

* Fix indentation for hubble export settings

* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors

* Update main.yml

rollback
 2025-05-17 00:35:13 -07:00
Max Gautier
faae36086c Patch versions updates (#12226) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-16 14:13:14 -07:00
Max Gautier
9c2bdeec63 Decouple etcd defaults in a separate role 
This allows us to reuse the defaults in other places without putting
everything in kubespray-defaults.

In that, for kubernetes/control-plane.
 2025-05-16 14:51:29 +02:00
ERIK
e4c0c427a3 improve NTP package conflict handling (#12212) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-16 03:55:14 -07:00
Antoine Legrand
5c07c6e6d3 Add option to [not] install coredns via Kubespray (#12218) 2025-05-16 03:23:13 -07:00
Takuya Murakami
c6dfe22a41 Improve logging of kubeadm init failure of first control plane node (#12216) 
Split retry task of 'kubeadm init' to show the failure log of
the first execution.
 2025-05-16 03:01:13 -07:00
Seena Fallah
ec85b7e2c9 download: respect enable_dns_autoscaler when enabling dnsautoscaler (#12217) 
dnsautoscaler should only be enabled when enable_dns_autoscaler is
set to true. without this, it could be enabled without any manifest
actually using it, which makes it a false signal.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2025-05-15 12:45:13 -07:00
Kubernetes Prow Robot
acd6872c80 Merge pull request #12219 from VannTen/test/ha_etcd_separate 
Fix broken workaround for separate etcd setup
 2025-05-15 12:39:14 -07:00
Max Gautier
22d3cf9c2b Move 'pretend certificates' **after** cert distribution 
The link target will only exist after we distribute the certs on each node.
 2025-05-15 18:35:34 +02:00
Hyeonki Hong
2c3b6c9199 feat: add trigger to restart kube-apiserver when config files change (#12172) 
* feat: add trigger to restart kube-apiserver when config files change

* fix: remove not upgrade_cluster_setup condition

* refactor: streamline kube-apiserver restart notifications
 2025-05-15 06:51:14 -07:00
Max Gautier
a55932e1de Patch versions updates (#12204) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-14 18:55:20 -07:00
Max Gautier
973bd2e520 Stop cleaning up containerd packages (#12213) 
The switch to not use system packages for containerd packages happened
multiples releases ago ; there should not be any up-to-date installation
of kubespray needing that cleanup.

Remove those steps and variables only used by them.
 2025-05-13 21:07:16 -07:00
Kubernetes Prow Robot
ea7331f5fc Merge pull request #12211 from VannTen/cleanup/rename_remove_node 
rename-without-hypens: remove-node/pre-remove
 2025-05-13 17:13:16 -07:00
Kubernetes Prow Robot
df241800ce Merge pull request #12203 from VannTen/cleanup/rename_bootstrap_os 
Rename bootstrap-os to bootstrap_os
 2025-05-13 05:03:16 -07:00
Cyclinder
8cc5694580 calico: update calico-kube-controller manifest (#12169) 2025-05-13 01:43:17 -07:00
Max Gautier
1d15baf405 Add compat and deprecation warning for boostrap-os 2025-05-13 09:39:59 +02:00
Max Gautier
47508d5c6e Rename bootstrap-os to bootstrap_os 
Role names in ansible collections should not have hyphens.
 2025-05-13 09:39:54 +02:00
Max Gautier
2a1ae14275 Compat layer remove-node/pre-remove 2025-05-12 22:22:20 +02:00