epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-14 05:45:06 +03:00
Code Issues Packages Projects Releases Wiki Activity
7,892 Commits 44 Branches 87 Tags
a16d7b4365e0b1c94d46898dda2f5d25938b187d
Commit Graph

7892 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ChengHao Yang
a16d7b4365 Test: revert accidental deletion Fedora 39 CRI-O CI (#11611) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-08 14:32:23 +01:00
Seena Fallah
7f90fc7b12 containerd: simplify registry mirror template (#11326) 
Simplify registry mirror rendering in config.toml.
The map filter can extract the host list from mirrors so we can
just unique them and render them without needing to construct vars
for it.
For the registry mirror tls section, we can first extract mirrors
from the dict then filter on only the ones having skip_veridy defined
first and then filter on the ones having true (as the dict might not
have skip_verify defined and that would cause errors of undefined var).

This will speed up and simply the templating.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2024-10-08 08:46:22 +01:00
Kay Yan
fb312e5179 cleanup kube 1.28 and cri-o 1.28 (#11609) 2024-10-08 08:28:22 +01:00
Kubernetes Prow Robot
9204f60b19 Merge pull request #11606 from VannTen/cleanup/pre_commit_ansible_lint 
Reduce pre-commit hooks dependencies
 2024-10-08 06:56:22 +01:00
Max Gautier
4f27bc2bf9 pre-commit: drop redundant ansible-syntax-check 
ansible-lint hook already check syntax on the playbooks.
 2024-10-07 14:18:36 +02:00
Max Gautier
07e551ab77 pre-commit: auto-update all hooks 2024-10-07 14:15:34 +02:00
Max Gautier
a7ace2e55b ansible-lint: Adjust pre-commit hooks dependencies 
Dropping the ansible dependencies for ansible-lint will allow us to
catch missing dependencies collections in galaxy.yml. For collections
needed for contrib/ or tests/ (i.e: not part of core kubespray
dependencies), we can just configure ansible-lint to mock them.

This mean it won't check the mocked module parameters, but for those
area of the code base it's an acceptable trade-off.
 2024-10-07 14:11:24 +02:00
ChengHao Yang
8aa4c9ac0c Cleanup: Fedora 37/38 CI tests & docs (#11600) 
* Feat: update the remaining Fedora 37 vagrant CI

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Cleanup: remove EOL Fedora 37/38 CI tests

Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>

* Docs: remove EOL Fedora 37/38

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

---------

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-07 09:16:06 +01:00
dependabot[bot]
fb92206918 Bump tox from 4.20.0 to 4.21.2 (#11602) 
Bumps [tox](https://github.com/tox-dev/tox) from 4.20.0 to 4.21.2.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.20.0...4.21.2)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-07 08:48:05 +01:00
Max Gautier
6b3eaf8312 Use correct secret name for csi-upcloud pull secret (#11597) 2024-10-04 13:44:28 +01:00
Kubernetes Prow Robot
ddd92c998c Merge pull request #11507 from VannTen/cleanup/shell_etcd_reset 
Refactor remove-etcd-node
 2024-10-03 11:58:27 +01:00
Max Gautier
80b2765f20 Fix dynamic groups definition when using --limit (#11577) 
Using the hosts directive at the play level prevent those tasks from
being run when using --limit and the group in question is not part of
the limit (ex: running scale.yml on new worker nodes only)

Instead, run on all hosts, and for each group, partition between that
group and '_' (generic group name which is not used; using an empty
string as the group is not supported by ansible.builtin.group_by)

Reported-by: asteppat <asteppat@cisco.com>
 2024-10-03 10:14:27 +01:00
Baargav
bb4f1b1168 update cilium to 1.15.9 (#11593) 2024-10-03 10:10:27 +01:00
Olivier Boudry
583583942c Fix Flatcar bug #11268 missing default value for ansible_interpreter_python_fallback variable (#11270) 2024-10-03 09:54:27 +01:00
ChengHao Yang
b0563c20b0 Feat: support Fedora 39/40 (#11573) 
* Add Fedora 39/40 to Vagrantfile

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Add CI tests for Fedora 39/40

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Update CI tests documentation

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

* Update support OS version in README.md

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>

---------

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-10-01 07:57:49 +01:00
peterw
6b499186b0 add cilium hubble-ui enable flag (#10939) 2024-10-01 06:53:49 +01:00
dependabot[bot]
1ccf0df540 Bump tzdata from 2024.1 to 2024.2 (#11590) 
Bumps [tzdata](https://github.com/python/tzdata) from 2024.1 to 2024.2.
- [Release notes](https://github.com/python/tzdata/releases)
- [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md)
- [Commits](https://github.com/python/tzdata/compare/2024.1...2024.2)

---
updated-dependencies:
- dependency-name: tzdata
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-30 10:40:03 +01:00
kyrie
d59a5bf431 update containerd_max_container_log_line_size default value (#11585) 
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
 2024-09-30 09:12:03 +01:00
Kay Yan
fcbcf3c03b cri-o Switch to libexecdir (#11584) 
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2024-09-30 08:34:03 +01:00
Serge Hartmann
0eeac591ad variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config (#11230) 
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
 2024-09-30 08:22:02 +01:00
ChengHao Yang
fabf17a10c Add Fedora 39/40 images in test-infra (#11578) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2024-09-29 08:48:02 +01:00
Baargav
860c15cec1 Update cluster-role for cilium to prevent errors in agent startup (#11466) 
* Update cluster-role for cilium to prevent errors in agent startup

ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71

The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.

* Remove list/watch permissions for secrets

* Remove secrets from list/watch permissions
 2024-09-29 02:30:02 +01:00
Erwan Miran
8c3b2851f6 feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition (#11570) 2024-09-28 10:06:01 +01:00
M. Hamzah Khan
24e1765ae2 Added containernetworking-plugins to fcos bootstrap packages (#11273) 2024-09-27 20:24:01 +01:00
Andrea Zonca
d3113ad869 [doc] Add previously undocumented options in Terraform/Openstack (#11477) 
These options are available in 6ba3656410/contrib/terraform/openstack/modules/compute/variables.tf (L204-L218) but are currently undocumented in the README.md
 2024-09-27 19:02:02 +01:00
Kubernetes Prow Robot
bbd90f7657 Merge pull request #11568 from VannTen/cleanup/dont_rely_on_kube_node_existing 
Only require minimum structure in inventory, part II
 2024-09-27 11:30:02 +01:00
DirkTheDaring
3281c47f98 [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5 (#11581) 
* [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5

* Update checksums.yml

reintroduce --- for yaml
 2024-09-27 08:28:02 +01:00
janosbabik
6352fee0fd Update nerdctl version to 1.7.7 (#11575) 2024-09-27 05:04:01 +01:00
janosbabik
9f6db4012c Update runc version to v1.1.14 and add checksums (#11574) 2024-09-27 03:58:01 +01:00
Kubernetes Prow Robot
6c112a9b41 Merge pull request #11567 from VannTen/cleanup/remove_node_static_token_generation 
Remove generation of static tokens for cluster members
 2024-09-26 13:58:01 +01:00
janosbabik
656ed796b9 [etcd] make etcd 3.5.16 default (#11572) 
* [etcd] make etcd 3.5.16 default

* Update etcd binary checksums for version 3.5.16 and lower
 2024-09-26 09:12:01 +01:00
Bakke
e355bef79b fix: vsphere image repositories, tags and docs (#11564) 
The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053

As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.

I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.
 2024-09-26 08:22:02 +01:00
Philip Sabri
15bb5b0789 [kubernetes] Support kubernetes 1.31.1 (#11533) 2024-09-25 05:10:01 +01:00
Max Gautier
fbcc8cc336 control-plane: refactor group membership test 
Testing with group_names does not require the groups to exist.
 2024-09-24 11:16:32 +02:00
Max Gautier
0679d9c8e9 metrics-server: proper defaults, cleaner deploy template 2024-09-24 11:16:32 +02:00
Max Gautier
dba00f2d85 metrics-server: Unconditional control-plane tolerations 
There is no harm on having unneeded toleration when control-plane node
are not tainted, so simplify the template to always use the toleration.
 2024-09-24 11:16:31 +02:00
Max Gautier
9f45552201 Cleanup redundancy 
k8s_cluster = kube_control_plane + kube_node
 2024-09-24 11:16:30 +02:00
Max Gautier
ee0d9c5428 remove-etcd-node: cleanups, correct change semantics 2024-09-24 09:11:32 +02:00
Max Gautier
2a52e5f08c remove-etcd-node: refactor shell to ansible filters 
Remove unnecessary error handling. If the node ip is not defined, is
does not change anything whether we fail early of late.
 2024-09-24 09:08:54 +02:00
dependabot[bot]
ebdc599b05 Bump tox from 4.18.1 to 4.20.0 (#11562) 
Bumps [tox](https://github.com/tox-dev/tox) from 4.18.1 to 4.20.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.18.1...4.20.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-24 02:52:00 +01:00
Max Gautier
a2a2dfa419 k8s/control-plane: cleanup excessive defaulting 2024-09-23 20:37:56 +02:00
Max Gautier
baf0a331c9 Don't generate static tokens for nodes and control planes 
Nodes to api-server relies by default certificates, and bootstrap
tokens, and there should be no need to generate tokens for every nodes,
even when enabling static token auth.
 2024-09-23 16:58:42 +02:00
Baargav
1c0718bb7d update containerd 1.7.22 (#11554) 2024-09-23 15:31:59 +01:00
Kubernetes Prow Robot
03a055c383 Merge pull request #10643 from VannTen/cleanup/k8s_node_templates 
Refactor kubernetes/node templates
 2024-09-23 14:16:00 +01:00
Kubernetes Prow Robot
e9d406ed08 Merge pull request #11559 from VannTen/cleanup/less_inventory_boilerplate 
Only require minimum structure in inventory, compute the rest
 2024-09-23 10:08:00 +01:00
dependabot[bot]
99c6a884a9 Bump ansible-lint from 24.9.0 to 24.9.2 (#11563) 
Bumps [ansible-lint](https://github.com/ansible/ansible-lint) from 24.9.0 to 24.9.2.
- [Release notes](https://github.com/ansible/ansible-lint/releases)
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.9.0...v24.9.2)

---
updated-dependencies:
- dependency-name: ansible-lint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-23 09:32:00 +01:00
Max Gautier
1818993a8a CI: for upgrade testing, checkout old version before provisioning 
Otherwise, modifying the test inventory + it's expected structure will
always fail.
 2024-09-21 15:10:59 +02:00
Max Gautier
88b6f08e26 Documentation of k8s_cluster auto-defined 
Also remove the group from the example inventory, since it should not be
needed anymore.
 2024-09-21 14:35:36 +02:00
Max Gautier
7580e59bbf Define k8s_cluster dynamically 
This allows inventories to not define the k8s_cluster group manually.
 2024-09-21 14:35:35 +02:00
Max Gautier
2ec1c93897 Test group membership with group_names 
Testing for group membership with group names makes Kubespray more
tolerant towards the structure of the inventory.
Where 'inventory_hostname in groups["some_group"] would fail if
"some_group" is not defined, '"some_group" in group_names' would not.
 2024-09-21 14:09:09 +02:00