epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-14 13:54:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
8,345 Commits 44 Branches 87 Tags
cf6e96deb0b6d3c8199a4fb847870d7e6dc03a81
Commit Graph

8345 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
k8s-infra-cherrypick-robot
cf6e96deb0 Add version pinning for AWS tf provider to fix CI (#12327) 
Co-authored-by: Chad Swenson <chadswen@gmail.com>
 2025-06-19 19:52:52 -07:00
k8s-infra-cherrypick-robot
0e5c532c9e Skip kube-proxy addon phase during kubeadm upgrade if disabled (#12320) 
Co-authored-by: Roman Davydchenko <xatteg@gmail.com>
 2025-06-18 04:42:51 -07:00
k8s-infra-cherrypick-robot
a8f5277628 fix manage-offline-container-images.sh get image_id (#12316) 
Co-authored-by: DearJay <zhongtianjieyi143@gmail.com>
 2025-06-15 07:42:58 -07:00
k8s-infra-cherrypick-robot
1290466c53 Add tico88612 as approver (#12292) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-06-10 10:06:24 -07:00
k8s-infra-cherrypick-robot
6ec991e772 Fix indentation issue in Cilium values file and ensure booleans are lowercase (#12283) 
This patch fixes the indentation in the `encryption` section.
Previously configuration like this:

```yml
cilium_encryption_enabled: true
cilium_encryption_type: wireguard
```

Would template to a `values.yaml` file with indentation that looks like this:

```yml
encryption:
  enabled: True
    type: wireguard
    nodeEncryption: False
```

instead of this:

```yml
encryption:
  enabled: true
  type: wireguard
  nodeEncryption: false
```

This syntax issue causes an error during Cilium installation.

This patch also makes all boolean values in this template file go through the `to_json` filter.
Since values like `True` and `False` are not compliant with the YAML v1.2 spec,
avoiding them is preferable.

`to_json` may be used for all other values in this template to ensure we end up with
a valid YAML document in all cases (even when various strings include special characters),
but this was left for another (future) patch.

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2025-06-10 07:50:24 -07:00
ChengHao Yang
a12e53e845 Bump galaxy.yml version (#12290) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-06-10 06:44:25 -07:00
Anshuman Agarwala
63cdf87915 Removed equinix provider (#12229) v2.28.0 2025-05-20 03:53:15 -07:00
Max Gautier
175babc4df Move some approvers to emeritus (#12156) 
Thanks for you work !
 2025-05-20 03:11:17 -07:00
Ekko
6c5c45b328 Allow stopping ubuntu unattended-upgrades (#12174) 
Signed-off-by: Ekko Tu <lihai.tu@daocloud.io>
 2025-05-20 01:07:16 -07:00
Kubernetes Prow Robot
019cf2ab42 Merge pull request #12101 from tico88612/refactor/cilium-install 
Refactor Cilium CNI installation
 2025-05-20 01:01:15 -07:00
dependabot[bot]
571e747689 build(deps): bump cryptography from 44.0.3 to 45.0.2 (#12235) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 44.0.3 to 45.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 07:21:15 -07:00
ChengHao Yang
1266527014 Add cilium cli binary hash before 0.18.3 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
5e2e63ebe3 Make cilium dnsProxy transparent mode configure 
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
 2025-05-19 08:48:15 +08:00
ChengHao Yang
db290ca686 Add cilium gateway api support 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
6619d98682 Add cilium hubble export dynamic content 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
b771d73fe0 Add cilium hubble export file max backups & size mb 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
65751e8193 Add cilium operator tolerations default values 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:15 +08:00
ChengHao Yang
4c16fc155f Cilium values k8sServiceHost and k8sServicePort use auto 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
dcd3461bce Cilium values use image variables 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
48f75c2c2b Upgrade Cilium related images 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
a4b73c09a7 Upgrade cilium version to 1.17.3 
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
af62570110 Change cilium_kube_proxy_replacement to true for CI tests 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
bebba47eb4 Change kube_owner to root for cilium CI test 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
86437730de Use cilium-cli install Cilium 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:14 +08:00
ChengHao Yang
6fe64323db Remove old cilium templates install 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:13 +08:00
ChengHao Yang
1e471d5eeb Upgrade outdated cilium_min_version_required 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-05-19 08:48:11 +08:00
Max Gautier
3a2862ea19 Move checksums to kubespray_defaults/vars (#12234) 
The checksums are not a defaults and are not meant to be changed from
the inventories.

Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.
 2025-05-18 16:13:14 -07:00
Jay.H
8a4f4d13f7 fix manage-offline-container-images.sh create_registry (#11964) 2025-05-17 07:25:13 -07:00
ErmolenkoMaxim
46a0dc9a51 Add support for hubble-export-file-max-backups and max-size-mb variables (#12072) 
* feat(cilium): add configurable Hubble export log rotation parameters

- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals

* Fix indentation for hubble export settings

* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors

* Update main.yml

rollback
 2025-05-17 00:35:13 -07:00
Max Gautier
faae36086c Patch versions updates (#12226) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-16 14:13:14 -07:00
ERIK
e4c0c427a3 improve NTP package conflict handling (#12212) 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-16 03:55:14 -07:00
Max Gautier
bca5a4ce3b CI: remove ci-not-authorized job (#12225) 
This is now handled directly at the failfast-ci level (== integration
Github <-> Gitlab).
The whole pipeline will not be triggered unless:
- The author is a maintainer
- The PR has the /ok-to-test label
 2025-05-16 03:27:13 -07:00
Antoine Legrand
5c07c6e6d3 Add option to [not] install coredns via Kubespray (#12218) 2025-05-16 03:23:13 -07:00
Takuya Murakami
c6dfe22a41 Improve logging of kubeadm init failure of first control plane node (#12216) 
Split retry task of 'kubeadm init' to show the failure log of
the first execution.
 2025-05-16 03:01:13 -07:00
Seena Fallah
ec85b7e2c9 download: respect enable_dns_autoscaler when enabling dnsautoscaler (#12217) 
dnsautoscaler should only be enabled when enable_dns_autoscaler is
set to true. without this, it could be enabled without any manifest
actually using it, which makes it a false signal.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2025-05-15 12:45:13 -07:00
Kubernetes Prow Robot
acd6872c80 Merge pull request #12219 from VannTen/test/ha_etcd_separate 
Fix broken workaround for separate etcd setup
 2025-05-15 12:39:14 -07:00
Max Gautier
22d3cf9c2b Move 'pretend certificates' **after** cert distribution 
The link target will only exist after we distribute the certs on each node.
 2025-05-15 18:35:34 +02:00
Max Gautier
2d3bd8686f Add testcase separate ha-etcd 
Also use a distinct node to test certificate distribution.
 2025-05-15 18:20:13 +02:00
Hyeonki Hong
2c3b6c9199 feat: add trigger to restart kube-apiserver when config files change (#12172) 
* feat: add trigger to restart kube-apiserver when config files change

* fix: remove not upgrade_cluster_setup condition

* refactor: streamline kube-apiserver restart notifications
 2025-05-15 06:51:14 -07:00
Max Gautier
a55932e1de Patch versions updates (#12204) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-14 18:55:20 -07:00
Max Gautier
973bd2e520 Stop cleaning up containerd packages (#12213) 
The switch to not use system packages for containerd packages happened
multiples releases ago ; there should not be any up-to-date installation
of kubespray needing that cleanup.

Remove those steps and variables only used by them.
 2025-05-13 21:07:16 -07:00
Kubernetes Prow Robot
ea7331f5fc Merge pull request #12211 from VannTen/cleanup/rename_remove_node 
rename-without-hypens: remove-node/pre-remove
 2025-05-13 17:13:16 -07:00
Kubernetes Prow Robot
df241800ce Merge pull request #12203 from VannTen/cleanup/rename_bootstrap_os 
Rename bootstrap-os to bootstrap_os
 2025-05-13 05:03:16 -07:00
Cyclinder
8cc5694580 calico: update calico-kube-controller manifest (#12169) 2025-05-13 01:43:17 -07:00
Max Gautier
1d15baf405 Add compat and deprecation warning for boostrap-os 2025-05-13 09:39:59 +02:00
Max Gautier
47508d5c6e Rename bootstrap-os to bootstrap_os 
Role names in ansible collections should not have hyphens.
 2025-05-13 09:39:54 +02:00
Max Gautier
2a1ae14275 Compat layer remove-node/pre-remove 2025-05-12 22:22:20 +02:00
Max Gautier
e361def9cd Rename remove-node/pre-remove (no hypens for role in collection) 2025-05-12 22:19:50 +02:00
Max Gautier
fa6888df4c kubernetes_audit: Remove redundant defaults filter (#12208) 2025-05-12 07:23:14 -07:00
Max Gautier
373b952a0c Cleanup CI scripts (#12205) 
* Delete unused scripts

- gen_tags.sh: not the right file, produce garbage even if path is fixed
- premoderator.sh: not used since ef6d24a49 (CI require a 'lgtm' or
  'ok-to-test' labels to pass (#11251), 2024-05-31)
- gitlab-branch-cleanup: unused AFAICT

* CI: inline molecule logs

Single use site -> less indirection makes it easier to read.
 2025-05-12 05:53:15 -07:00