epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-14 05:45:06 +03:00
Code Issues Packages Projects Releases Wiki Activity
8,357 Commits 44 Branches 87 Tags
5243b33bd79b5fcda5b4ebaec989b48ec259ce11
Commit Graph

8357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Gautier
5243b33bd7 Cleanup support for removed OS in bootstrap 
- centos < 8
- debian 10
 2025-06-05 11:16:25 +02:00
Max Gautier
d5b2a9b5ba opensuse: move package installation to system_packages 
No reason to special case
 2025-06-05 11:16:24 +02:00
Max Gautier
2152022926 debian-based distro: handle apt update cache when installing packages 
The package module pass options to the underlying packages manager
module if they support it. No need to handle it in bootstrap.
 2025-06-05 11:16:24 +02:00
Max Gautier
f13b80cac0 ClearLinux: remove special casing 
- put package install in system_packages
- docker should be handled by the approriate roles if used as container
  engine
 2025-06-05 11:16:23 +02:00
ChengHao Yang
b1fc870750 Add tico88612 as approver (#12281) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-06-04 22:56:42 -07:00
dependabot[bot]
d0e9088976 build(deps): bump cryptography from 45.0.2 to 45.0.3 (#12259) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.2 to 45.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-02 22:50:45 -07:00
Imran Ahmed
ce26f17e9e fix unquoted san cert causing issues with ips (#12256) 2025-06-02 22:50:38 -07:00
Christos Papageorgiou
a9f600ffa2 Import centos bootstrap os task for Alma/Rocky Linux (#12264) 2025-06-02 22:42:38 -07:00
ERIK
3454cd2c69 feat: Support certificate validity period config in kubeadm v1beta4 (#12272) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-06-02 20:44:37 -07:00
Kubernetes Prow Robot
c7c3d2ba95 Merge pull request #12163 from VannTen/cleanup/etcd_inv_sample 
Move etcd inventory sample doc to role defaults
 2025-05-26 03:16:16 -07:00
Ali Afsharzadeh
c89c34f4d6 Update load balancers versions to Nginx 1.28.0, Haproxy 3.1.7 (#12178) 2025-05-23 20:50:34 -07:00
Max Gautier
92e8ac9de2 Remove tag 'master' (#12228) 
* Remove tag master

Following it's deprecation in 4b324cb0f (Rename master to control plane
- non-breaking changes only (#11394), 2024-09-06)

* Add fail fast path when using removed tags

- Used for the master tag, but this could be used for other things in
  the future
 2025-05-22 01:20:36 -07:00
Anshuman Agarwala
73b3e9b557 Removed weave support (#12230) 2025-05-22 01:10:36 -07:00
Max Gautier
b79f7d79f0 docs: remove obsolete cgroups variables (#12239) 
Those variables are removed since 1bc61c9f3 (Simplify kubelet-config
template, 2023-11-23), removing them from docs as well.
 2025-05-21 22:40:35 -07:00
Max Gautier
490dece3bf Cleanup assert after 2.28 (#12245) 
Users should have used 2.28 and adapted their inventories now.
 2025-05-21 20:28:35 -07:00
ChengHao Yang
871941f663 Chore: upgrade galaxy.yml version (#12241) 
* Chore: upgrade galaxy.yml version

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Docs: upgrade version to v2.28.0

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

---------

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-21 07:46:35 -07:00
Anshuman Agarwala
63cdf87915 Removed equinix provider (#12229) v2.28.0 2025-05-20 03:53:15 -07:00
Max Gautier
175babc4df Move some approvers to emeritus (#12156) 
Thanks for you work !
 2025-05-20 03:11:17 -07:00
Ekko
6c5c45b328 Allow stopping ubuntu unattended-upgrades (#12174) 
Signed-off-by: Ekko Tu <lihai.tu@daocloud.io>
 2025-05-20 01:07:16 -07:00
Kubernetes Prow Robot
019cf2ab42 Merge pull request #12101 from tico88612/refactor/cilium-install 
Refactor Cilium CNI installation
 2025-05-20 01:01:15 -07:00
dependabot[bot]
571e747689 build(deps): bump cryptography from 44.0.3 to 45.0.2 (#12235) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 44.0.3 to 45.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 07:21:15 -07:00
ChengHao Yang
1266527014 Add cilium cli binary hash before 0.18.3 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
5e2e63ebe3 Make cilium dnsProxy transparent mode configure 
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
 2025-05-19 08:48:15 +08:00
ChengHao Yang
db290ca686 Add cilium gateway api support 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
6619d98682 Add cilium hubble export dynamic content 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
b771d73fe0 Add cilium hubble export file max backups & size mb 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
65751e8193 Add cilium operator tolerations default values 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
4c16fc155f Cilium values k8sServiceHost and k8sServicePort use auto 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
dcd3461bce Cilium values use image variables 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
48f75c2c2b Upgrade Cilium related images 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
a4b73c09a7 Upgrade cilium version to 1.17.3 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
af62570110 Change cilium_kube_proxy_replacement to true for CI tests 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
bebba47eb4 Change kube_owner to root for cilium CI test 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
86437730de Use cilium-cli install Cilium 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
6fe64323db Remove old cilium templates install 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:13 +08:00
ChengHao Yang
1e471d5eeb Upgrade outdated cilium_min_version_required 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:11 +08:00
Max Gautier
3a2862ea19 Move checksums to kubespray_defaults/vars (#12234) 
The checksums are not a defaults and are not meant to be changed from
the inventories.

Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.
 2025-05-18 16:13:14 -07:00
Jay.H
8a4f4d13f7 fix manage-offline-container-images.sh create_registry (#11964) 2025-05-17 07:25:13 -07:00
ErmolenkoMaxim
46a0dc9a51 Add support for hubble-export-file-max-backups and max-size-mb variables (#12072) 
* feat(cilium): add configurable Hubble export log rotation parameters

- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals

* Fix indentation for hubble export settings

* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors

* Update main.yml

rollback
 2025-05-17 00:35:13 -07:00
Max Gautier
faae36086c Patch versions updates (#12226) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-16 14:13:14 -07:00
Max Gautier
9c2bdeec63 Decouple etcd defaults in a separate role 
This allows us to reuse the defaults in other places without putting
everything in kubespray-defaults.

In that, for kubernetes/control-plane.
 2025-05-16 14:51:29 +02:00
ERIK
e4c0c427a3 improve NTP package conflict handling (#12212) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-16 03:55:14 -07:00
Max Gautier
bca5a4ce3b CI: remove ci-not-authorized job (#12225) 
This is now handled directly at the failfast-ci level (== integration
Github <-> Gitlab).
The whole pipeline will not be triggered unless:
- The author is a maintainer
- The PR has the /ok-to-test label
 2025-05-16 03:27:13 -07:00
Antoine Legrand
5c07c6e6d3 Add option to [not] install coredns via Kubespray (#12218) 2025-05-16 03:23:13 -07:00
Takuya Murakami
c6dfe22a41 Improve logging of kubeadm init failure of first control plane node (#12216) 
Split retry task of 'kubeadm init' to show the failure log of
the first execution.
 2025-05-16 03:01:13 -07:00
Seena Fallah
ec85b7e2c9 download: respect enable_dns_autoscaler when enabling dnsautoscaler (#12217) 
dnsautoscaler should only be enabled when enable_dns_autoscaler is
set to true. without this, it could be enabled without any manifest
actually using it, which makes it a false signal.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2025-05-15 12:45:13 -07:00
Kubernetes Prow Robot
acd6872c80 Merge pull request #12219 from VannTen/test/ha_etcd_separate 
Fix broken workaround for separate etcd setup
 2025-05-15 12:39:14 -07:00
Max Gautier
22d3cf9c2b Move 'pretend certificates' **after** cert distribution 
The link target will only exist after we distribute the certs on each node.
 2025-05-15 18:35:34 +02:00
Max Gautier
2d3bd8686f Add testcase separate ha-etcd 
Also use a distinct node to test certificate distribution.
 2025-05-15 18:20:13 +02:00
Hyeonki Hong
2c3b6c9199 feat: add trigger to restart kube-apiserver when config files change (#12172) 
* feat: add trigger to restart kube-apiserver when config files change

* fix: remove not upgrade_cluster_setup condition

* refactor: streamline kube-apiserver restart notifications
 2025-05-15 06:51:14 -07:00