-
-
Notifications
You must be signed in to change notification settings - Fork 976
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix master taint implementation - linting problems #95
Conversation
Adds the kube-vip IP as a Subject Alternative Name in the TLS cert. It is needed otherwise you cannot access the cluster.
- improves taint logic
Hey! Thanks for the fixes! Looks like the tests are failing. |
Oh well... typo was the reason!!! another advantage of having tests ;-) |
I have fixed the bugs, but linting is failing outside my commits. I fixed a couple of them and I will try to hack some more fixes. |
* fixes undefined group['node'] if missing from hosts.ini - improves application of master taint by centralizing code * improves molecule testing, fixes linting * hacking at linter problems, small tweaks - increases the metallb timeout error due to intermittent testing errors in GitHub actions
...
k3s_node_exists: "{{ 'true' if groups['node'] | default([]) | length >= 1 else 'false' }}"
...
extra_server_args: >-
{{ extra_args }}
{{ '--node-taint node-role.kubernetes.io/master=true:NoSchedule' if k3s_node_exists | bool else '' }}
--tls-san {{ apiserver_endpoint }}
--disable servicelb
--disable traefik There is no need for users to mess with the roles even for the The new addition in About testing and lintingIn the ipv6 molecule test, because we override the
The rest of the changes were to make the linter happy, despite my commits had nothing to do with breaking the linter. I wonder if anyone could make any pull request without the linting action failing... ;-) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The rest of the changes were to make the linter happy, despite my commits had nothing to do with breaking the linter. I wonder if anyone could make any pull request without the linting action failing... ;-)
No, the lint is currently just plain broken 😅 {{ansible-lint}} 6.6.0 (which was released a few days ago) has introduced some new false positives. I have issued a separate PR for that problem: #96.
The default molecule seems to have failed due to the infamous GitHub rate limiting problem… |
So, I think tainting is both smart and a curse - with where it's going. The first time I built a cluster on under-powered (lack of memory) RPI-3, and the master node took on load and became unresponsive, it was a huge problem ;) My current build / setup is 4 RPI CM4s with enough memory (more than 1G) to run loads and I wanted to test the HA etcd, add longhorn and test rolling patches for the cluster once I get going, so tainting the masters would be counter productive. In 1 master, 3 nodes, taint the heck out of the master :). but with masters & 1 node - i don't want to taint. How about we set a variable - k3s_taint_master_nodes and let the users set it? I think the "computed" tainting will typically be backwards for each use case. Those wanting to test HA, with a 3 or 4 node cluster, you need 3 nodes for HA, so you will want workload there...whereas others...may want to taint, even in a 2 node system, 1 master, 1 worker... |
Yeah, I tend to agree. At first I thought it might be nice to apply the taint according to typical uses however I am quickly seeing how this can get out of hand. I am starting to think we might just revert and not apply any taint and just let those taint them how they want. |
This pull requests fixes most of the problems. It consolidates handling of the taint in a single file: By default if even a single node exists , taint is applied. However, by changing the |
I agree with @ioagel here: This PR provides a sensible default for the "best-practice HA" setup, but users are in full control via the group vars. To make that more clear, I would propose renaming If we want to simplify even further, we could get rid of the variable altogether and just include the required arguments for server tainting in the docstring of In any case, I think it's great that we can now use the same VIP manifest regardless of tainting or not 🎉 So it really only comes down to the server args now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this is to be merged, could you please remove the parts of the patch that were only supposed to make the linter happy? :-)
@sleiner check this pull request to my fork, do you agree with the naming? I was working on that already!!!! hehe... I added a comment to instruct how to override the auto check and change the taint manually. By the way I used a boolean value, no need to convert string to bool. The pull request is ready to be merged. |
- makes variable boolean
@ioagel Very nice :-) Still, could you please remove the linter stuff? |
Thank you! I like the flexibility: computed for best practice and overrides for anything else.
I feel like we should also check for these taints either via |
Very good idea... Using |
Yes! Or even test with the existing metallb pods, that way we can do it in process too! This is nice because it will fail CI and also alert the user who is using it (2 for 1) :) |
Thank you all so much! |
* Replaced manifest files with double extention to '-' (techno-tim#41) Co-authored-by: Adrian Jones <[email protected]> * Fix .gitignore (techno-tim#40) For more details, see: https://stackoverflow.com/a/20652768 * feat(upgrades): Updated k3s, metalls, and kubevip and fixed bugs (techno-tim#46) * fix(kube-vip): Cleaning up; adding missing rbac api groups * replaced --no-deploy with --disable (techno-tim#49) According to https://rancher.com/docs/k3s/latest/en/installation/install-options/server-config/ > Kubernetes Components section the --disable <value> flag should be used as the --no-deploy is a deprecated option * Add linux-modules-extra-raspi package for Ubuntu 22.x on Raspberry. (techno-tim#50) * Add task for linux-modules-extra-raspi Ubuntu 22.x on Raspberry Pi needs the linux-modules-extra-raspi package for the vxlans kernel module. * Remove linux-modules-extra-reaspi package Not sure we want to do this but including it in the PR anyway for discussion. * Fix k3s manifest (techno-tim#53) * fix(k3s): Remove manifests and folders from bootstrapped cluster * chore(github): Updated issue template * Print fewer logs when removing manifests (techno-tim#55) * fix(ansible): Refactored ansible steps to now install metallb in post… (techno-tim#58) * fix(ansible): Refactored ansible steps to now install metallb in post task and verify * chore(lint): Fix yaml lint * fix(ansible): run task on one master * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): add wait * fix(ci): Fix Linting (techno-tim#61) * Execute Vagrant cluster in CI (techno-tim#57) * add ansible.posix module to requirements.yml (techno-tim#59) Co-authored-by: arch <arch@local> Co-authored-by: Techno Tim <[email protected]> * fix(ansible): added longer wait with todo * fix(ansible): Install services separate from config (techno-tim#63) * Pin GitHub Actions to SHA + Dependabot (techno-tim#62) * feat(repo): Add dependabot * fix(ci): clean up * fix(gh-actions): pin to sha * fix(lint): fixing yaml lint * feat(repo): Add dependabot * fix(vagrant): up retry count to 60 because gh actions are sloooooow * upgrade k3s to v1.24.4+k3s1 (techno-tim#64) * feat(k3s): Upgrade to v1.24.4+k3s1 * feat(metallb): updated to v0.13.5 * fix(ansible): use k3s kubectl * Test playbook using molecule (techno-tim#67) * Test cluster using molecule * Fix detection of first control node * Include --flannel-iface and --node-ip as k3s arguments * Store logs of k3s-init.service as GitHub job artifacts * fix(ansible): fixing permissions on tmp folder * Mitigate CI flakiness (techno-tim#70) * Increase SSH connection timeouts and retries * Make MetalLB timeouts configurable * Retry applying MetalLB CRs * Fix location of MetalLB CRs template * Make MetalLB wait logic more compact * Fix typo * retrigger 1 * retrigger 2 * retrigger 3 * retrigger 4 * retrigger 5 * add editorconfig and fix trailing whitespaces (techno-tim#68) Co-authored-by: Techno Tim <[email protected]> * fix(ansible): Fix group permissions on tmp folder (techno-tim#77) * Test single-node cluster (techno-tim#78) * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * Molecule: Add single_node scenario * Fix get_nodes test for the case of empty groups * Add support for API servers on IPv6 addresses (techno-tim#48) * Remove duplicate file for deletion * Add support for IPv6 clusters To correctly escape IPv6 addresses when ports are used, they must be wrapped in square brackets [1]. This patch adds support for that, using Ansible's ipwrap filter [2]. [1]: https://datatracker.ietf.org/doc/html/rfc4038#section-5.1 [2]: http:https://docs.ansible.com/ansible/latest/collections/ansible/utils/docsite/filters_ipaddr.html#wrapping-ipv6-addresses-in-brackets * Do not abort other molecule jobs on failure * Fix cache keys for Vagrant boxes * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * chore(docs): Updated with ansible collections install (techno-tim#89) * chore(docs): Fixing thanks section * chore(docs): Updated with collections command * fix(github): ignore readme updates (techno-tim#94) * Fix master node taints in multi node installs (techno-tim#93) * Taint master nodes if more than one node * Kick off fork workflow tests Co-authored-by: Techno Tim <[email protected]> * CI: Fix linting job for ansible-lint 6.6.0 (techno-tim#96) * CI: Fix linting job for ansible-lint 6.6.0 * Increase MetalLB timeout to mitigate CI flakiness * Drop support for CentOS, test Rocky and Debian in CI (techno-tim#92) * Test CentOS 7 in CI * Drop support for CentOS, test on Rocky and Debian * Fix reset playbook for Rocky Linux * Fix typo * Disable firewalld during testing Co-authored-by: Techno Tim <[email protected]> * fix master taint implementation - linting problems (techno-tim#95) * add virtual-ip to certificate SAN entries Adds the kube-vip IP as a Subject Alternative Name in the TLS cert. It is needed otherwise you cannot access the cluster. * fixes bug with master taints (#1) - improves taint logic * fixes typo * fixes formatting * fixes undefined group['node'] if missing from hosts.ini (#2) * fixes undefined group['node'] if missing from hosts.ini - improves application of master taint by centralizing code * improves molecule testing, fixes linting * hacking at linter problems, small tweaks - increases the metallb timeout error due to intermittent testing errors in GitHub actions * improves context by renaming taint variable - makes variable boolean * fix bug * removes linting hacks Co-authored-by: Ioannis Angelakopoulos <[email protected]> * Fix role order in reset playbook (techno-tim#104) * Fix download-boxes.sh if no boxes are present (techno-tim#106) In case of grep not matching any line, it would return an error code and thus stop the script. This patch sets "present_boxes" to an empty value in case any of the commands fail. * adds colors to molecule testing in GitHub action (techno-tim#109) * Add "collection" to the ansible-galaxy command as it will run without making changes if that collection argument is not provided. (techno-tim#113) * k3s, metallb, kube-vip updates (techno-tim#119) * feat(k3s): Updated to v1.24.6+k3s1 * feat(kube-vip): Update to v0.5.5 * feat(metal-lb): Update to v0.13.6 * fix(pip): Freeze requirements * fix(lint): Fixed ansible-lint * Removing accidental tear-down step that is clearly a typo (techno-tim#117) Co-authored-by: Techno Tim <[email protected]> * chore(deps): bump google-auth from 2.12.0 to 2.13.0 (techno-tim#122) Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.12.0 to 2.13.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.12.0...v2.13.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump oauthlib from 3.2.1 to 3.2.2 (techno-tim#123) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](oauthlib/oauthlib@v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ruamel-yaml-clib from 0.2.6 to 0.2.7 (techno-tim#124) Bumps [ruamel-yaml-clib](https://sourceforge.net/p/ruamel-yaml-clib/code/ci/default/tree) from 0.2.6 to 0.2.7. --- updated-dependencies: - dependency-name: ruamel-yaml-clib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump zipp from 3.9.0 to 3.10.0 (techno-tim#128) Bumps [zipp](https://github.com/jaraco/zipp) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pre-commit hooks (techno-tim#125) * feat: pre-commit * empty * fix: requirements.txt * chore(deps): bump ansible-lint from 6.8.2 to 6.8.3 (techno-tim#129) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.2 to 6.8.3. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.2...v6.8.3) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-lint from 6.8.3 to 6.8.4 (techno-tim#130) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.3 to 6.8.4. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.3...v6.8.4) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(ci): switching to self-hosted runners (techno-tim#133) * feat(ci): switching to self-hosted runners * feat(gh-actions-controller): added * feat(gh-actions-controller): added * Revert "feat(ci): switching to self-hosted runners (techno-tim#133)" (techno-tim#135) This reverts commit a840571. * chore(deps): bump pyrsistent from 0.18.1 to 0.19.2 (techno-tim#141) Bumps [pyrsistent](https://github.com/tobgu/pyrsistent) from 0.18.1 to 0.19.2. - [Release notes](https://github.com/tobgu/pyrsistent/releases) - [Changelog](https://github.com/tobgu/pyrsistent/blob/master/CHANGES.txt) - [Commits](https://github.com/tobgu/pyrsistent/commits) --- updated-dependencies: - dependency-name: pyrsistent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(requirements.txt): Use pip-compile (techno-tim#148) * fix(requirements.txt): Use pip-compile * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * GitHub Actions Fixes (techno-tim#150) * chore: ⚡ Multiple configuration changes (techno-tim#144) Added yaml stdout for better readability, optimize ssh connections, moved become to correct section * Adding additional reboot (optional) (techno-tim#139) * Create reboot.yml * Create reboot.sh * Updated the Playbook and Tasks Name Co-authored-by: Techno Tim <[email protected]> * Updates (techno-tim#151) * fix(gitignore): Add ansible logs * chore(metallb): Updated to 0.13.9 * chore(metallb): Updated to 1.24.7 * chore(python): Upddate dependencies * fix(metal-lb): set to 0.13.7 (latest released) * fix(requirements.txt): dedup and sort alpha * docs(README): Updated readme with fixes and context (techno-tim#154) * chore(dependencies): updated kube-vip to 0.5.6 (techno-tim#166) * Pre commit fixes (techno-tim#167) * chore(dependencies): updated kube-vip to 0.5.6 * fix(pre-commit): pin to hash * fix(pre-commit): added more hooks and fixed lint * fix(pre-commit): added pre-commit hook so we don't have to run it manually * fix(pre-commit): Added docs to readme * fix(pre-commit): added texthooks * fix(pre-commit): pin to hash * fix(pre-commit): added mor hooks and fixed lint * fix(lint): Fixing quotes * fix(ci): only run test if linting passes * fix(ci): convert to reusable workflows * fix(pr template): Reorder steps * fix(ci): remove self-hosted * chore(deps): bump pre-commit-hooks from 4.3.0 to 4.4.0 (techno-tim#168) Bumps [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) from 4.3.0 to 4.4.0. - [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases) - [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit-hooks@v4.3.0...v4.4.0) --- updated-dependencies: - dependency-name: pre-commit-hooks dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Techno Tim <[email protected]> * "command" module no longer supports "warn" argument (techno-tim#169) * "command" module no longer supports "warn" argument * correct indetation lint errors * fix: config warning callback_whitelist (techno-tim#170) Co-authored-by: Jan Jansen <[email protected]> * K3s 1 24 8 (techno-tim#171) * chore(dependencies): Updated actions * chore(dependencies): updated to k3s to v1.24.8+k3s1 and kube-vip to v0.5.7 * chore(deps): bump molecule from 4.0.3 to 4.0.4 (techno-tim#175) Bumps [molecule](https://github.com/ansible-community/molecule) from 4.0.3 to 4.0.4. - [Release notes](https://github.com/ansible-community/molecule/releases) - [Commits](ansible/molecule@v4.0.3...v4.0.4) --- updated-dependencies: - dependency-name: molecule dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-core from 2.13.5 to 2.14.1 (techno-tim#176) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.13.5 to 2.14.1. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](ansible/ansible@v2.13.5...v2.14.1) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: SwaggaRitz <[email protected]> Co-authored-by: Adrian Jones <[email protected]> Co-authored-by: Simon Leiner <[email protected]> Co-authored-by: Techno Tim <[email protected]> Co-authored-by: slemmercs <[email protected]> Co-authored-by: Lance A. Brown <[email protected]> Co-authored-by: niki-on-github <[email protected]> Co-authored-by: arch <arch@local> Co-authored-by: Vitalij Dovhanyc <[email protected]> Co-authored-by: BMeach <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: ccoane <[email protected]> Co-authored-by: Irakli Nadareishvili <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: samerbahri98 <[email protected]> Co-authored-by: snoopy82481 <[email protected]> Co-authored-by: automationxpert <[email protected]> Co-authored-by: Sherif Metwally <[email protected]> Co-authored-by: theonejj <[email protected]> Co-authored-by: Jan Jansen <[email protected]>
commit bf2bd1e Author: Techno Tim <[email protected]> Date: Fri Jan 6 18:53:40 2023 -0600 feat(k3s): Updated to v1.24.9+k3s1 (techno-tim#197) commit e98e3ee Author: irish1986 <[email protected]> Date: Mon Jan 2 00:04:22 2023 -0500 Split manifest into separate task for ease of use (techno-tim#191) commit 78f7a60 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun Dec 25 23:50:56 2022 -0600 chore(deps): bump pre-commit from 2.20.0 to 2.21.0 (techno-tim#188) Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 2.20.0 to 2.21.0. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v2.20.0...v2.21.0) --- updated-dependencies: - dependency-name: pre-commit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit e64fea7 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Dec 6 22:30:24 2022 -0600 chore(deps): bump ansible-core from 2.13.5 to 2.14.1 (techno-tim#176) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.13.5 to 2.14.1. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](ansible/ansible@v2.13.5...v2.14.1) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 764e32c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Dec 5 22:26:07 2022 -0600 chore(deps): bump molecule from 4.0.3 to 4.0.4 (techno-tim#175) Bumps [molecule](https://github.com/ansible-community/molecule) from 4.0.3 to 4.0.4. - [Release notes](https://github.com/ansible-community/molecule/releases) - [Commits](ansible/molecule@v4.0.3...v4.0.4) --- updated-dependencies: - dependency-name: molecule dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit e6cf14e Author: Techno Tim <[email protected]> Date: Fri Dec 2 23:14:06 2022 -0600 K3s 1 24 8 (techno-tim#171) * chore(dependencies): Updated actions * chore(dependencies): updated to k3s to v1.24.8+k3s1 and kube-vip to v0.5.7 commit da049dc Author: theonejj <[email protected]> Date: Fri Dec 2 06:09:02 2022 +0100 fix: config warning callback_whitelist (techno-tim#170) Co-authored-by: Jan Jansen <[email protected]> commit 2604caa Author: Sherif Metwally <[email protected]> Date: Wed Nov 30 02:26:01 2022 +0000 "command" module no longer supports "warn" argument (techno-tim#169) * "command" module no longer supports "warn" argument * correct indetation lint errors commit 82d8208 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Nov 24 20:54:33 2022 -0600 chore(deps): bump pre-commit-hooks from 4.3.0 to 4.4.0 (techno-tim#168) Bumps [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) from 4.3.0 to 4.4.0. - [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases) - [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit-hooks@v4.3.0...v4.4.0) --- updated-dependencies: - dependency-name: pre-commit-hooks dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Techno Tim <[email protected]> commit da72884 Author: Timothy Stewart <[email protected]> Date: Wed Nov 23 23:30:06 2022 -0600 fix(ci): remove self-hosted commit 17a74b6 Author: Techno Tim <[email protected]> Date: Sun Nov 13 22:42:49 2022 -0600 Pre commit fixes (techno-tim#167) * chore(dependencies): updated kube-vip to 0.5.6 * fix(pre-commit): pin to hash * fix(pre-commit): added more hooks and fixed lint * fix(pre-commit): added pre-commit hook so we don't have to run it manually * fix(pre-commit): Added docs to readme * fix(pre-commit): added texthooks * fix(pre-commit): pin to hash * fix(pre-commit): added mor hooks and fixed lint * fix(lint): Fixing quotes * fix(ci): only run test if linting passes * fix(ci): convert to reusable workflows * fix(pr template): Reorder steps commit 88d679e Author: Techno Tim <[email protected]> Date: Sun Nov 13 17:17:03 2022 -0600 chore(dependencies): updated kube-vip to 0.5.6 (techno-tim#166) commit 6bf3bcc Author: Techno Tim <[email protected]> Date: Sun Nov 6 14:07:07 2022 -0600 docs(README): Updated readme with fixes and context (techno-tim#154) commit cff815a Author: Techno Tim <[email protected]> Date: Sun Nov 6 12:08:19 2022 -0600 Updates (techno-tim#151) * fix(gitignore): Add ansible logs * chore(metallb): Updated to 0.13.9 * chore(metallb): Updated to 1.24.7 * chore(python): Upddate dependencies * fix(metal-lb): set to 0.13.7 (latest released) * fix(requirements.txt): dedup and sort alpha commit f892029 Author: automationxpert <[email protected]> Date: Sun Nov 6 11:24:29 2022 +0530 Adding additional reboot (optional) (techno-tim#139) * Create reboot.yml * Create reboot.sh * Updated the Playbook and Tasks Name Co-authored-by: Techno Tim <[email protected]> commit 6b37ba5 Author: snoopy82481 <[email protected]> Date: Sat Nov 5 20:54:06 2022 -0600 chore: :zap: Multiple configuration changes (techno-tim#144) Added yaml stdout for better readability, optimize ssh connections, moved become to correct section commit b1fee44 Author: Techno Tim <[email protected]> Date: Sat Nov 5 19:57:36 2022 -0500 GitHub Actions Fixes (techno-tim#150) commit a1c7175 Author: Techno Tim <[email protected]> Date: Sat Nov 5 18:37:46 2022 -0500 fix(requirements.txt): Use pip-compile (techno-tim#148) * fix(requirements.txt): Use pip-compile * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * fix(lint): Remove anchors from molecule since they aren't yet supported via lint commit 69d3bdc Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Nov 4 23:07:18 2022 -0500 chore(deps): bump pyrsistent from 0.18.1 to 0.19.2 (techno-tim#141) Bumps [pyrsistent](https://github.com/tobgu/pyrsistent) from 0.18.1 to 0.19.2. - [Release notes](https://github.com/tobgu/pyrsistent/releases) - [Changelog](https://github.com/tobgu/pyrsistent/blob/master/CHANGES.txt) - [Commits](https://github.com/tobgu/pyrsistent/commits) --- updated-dependencies: - dependency-name: pyrsistent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 5268ef3 Author: Techno Tim <[email protected]> Date: Mon Oct 31 18:50:34 2022 -0500 Revert "feat(ci): switching to self-hosted runners (techno-tim#133)" (techno-tim#135) This reverts commit a840571. commit a840571 Author: Techno Tim <[email protected]> Date: Mon Oct 31 17:56:22 2022 -0500 feat(ci): switching to self-hosted runners (techno-tim#133) * feat(ci): switching to self-hosted runners * feat(gh-actions-controller): added * feat(gh-actions-controller): added commit b137040 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Oct 28 17:16:35 2022 -0500 chore(deps): bump ansible-lint from 6.8.3 to 6.8.4 (techno-tim#130) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.3 to 6.8.4. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.3...v6.8.4) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 12d57a0 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Oct 26 21:55:42 2022 -0500 chore(deps): bump ansible-lint from 6.8.2 to 6.8.3 (techno-tim#129) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.2 to 6.8.3. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.2...v6.8.3) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 4f3b8ec Author: samerbahri98 <[email protected]> Date: Thu Oct 27 02:15:24 2022 +0200 Pre-commit hooks (techno-tim#125) * feat: pre-commit * empty * fix: requirements.txt commit 45ddd65 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Oct 26 19:13:53 2022 -0500 chore(deps): bump zipp from 3.9.0 to 3.10.0 (techno-tim#128) Bumps [zipp](https://github.com/jaraco/zipp) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit b2a62ea Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat Oct 22 13:37:11 2022 -0500 chore(deps): bump ruamel-yaml-clib from 0.2.6 to 0.2.7 (techno-tim#124) Bumps [ruamel-yaml-clib](https://sourceforge.net/p/ruamel-yaml-clib/code/ci/default/tree) from 0.2.6 to 0.2.7. --- updated-dependencies: - dependency-name: ruamel-yaml-clib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit a8697ed Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Oct 18 19:20:28 2022 -0500 chore(deps): bump oauthlib from 3.2.1 to 3.2.2 (techno-tim#123) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](oauthlib/oauthlib@v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit d3218f5 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Oct 17 23:06:58 2022 -0500 chore(deps): bump google-auth from 2.12.0 to 2.13.0 (techno-tim#122) Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.12.0 to 2.13.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.12.0...v2.13.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 590a802 Author: Irakli Nadareishvili <[email protected]> Date: Sat Oct 15 15:15:25 2022 -0400 Removing accidental tear-down step that is clearly a typo (techno-tim#117) Co-authored-by: Techno Tim <[email protected]> commit cb2fa7c Author: Techno Tim <[email protected]> Date: Sat Oct 15 12:23:50 2022 -0500 k3s, metallb, kube-vip updates (techno-tim#119) * feat(k3s): Updated to v1.24.6+k3s1 * feat(kube-vip): Update to v0.5.5 * feat(metal-lb): Update to v0.13.6 * fix(pip): Freeze requirements * fix(lint): Fixed ansible-lint commit 14508ec Author: ccoane <[email protected]> Date: Tue Oct 4 20:41:19 2022 -0500 Add "collection" to the ansible-galaxy command as it will run without making changes if that collection argument is not provided. (techno-tim#113) commit fb6c9a6 Author: Ioannis Angelakopoulos <[email protected]> Date: Wed Sep 28 06:48:25 2022 +0300 adds colors to molecule testing in GitHub action (techno-tim#109) commit d5d0228 Author: Simon Leiner <[email protected]> Date: Tue Sep 27 00:21:37 2022 +0200 Fix download-boxes.sh if no boxes are present (techno-tim#106) In case of grep not matching any line, it would return an error code and thus stop the script. This patch sets "present_boxes" to an empty value in case any of the commands fail. commit 57e5288 Author: Simon Leiner <[email protected]> Date: Sun Sep 25 19:35:36 2022 +0200 Fix role order in reset playbook (techno-tim#104) commit cd76fa0 Author: Ioannis Angelakopoulos <[email protected]> Date: Sun Sep 25 04:12:24 2022 +0300 fix master taint implementation - linting problems (techno-tim#95) * add virtual-ip to certificate SAN entries Adds the kube-vip IP as a Subject Alternative Name in the TLS cert. It is needed otherwise you cannot access the cluster. * fixes bug with master taints (#1) - improves taint logic * fixes typo * fixes formatting * fixes undefined group['node'] if missing from hosts.ini (#2) * fixes undefined group['node'] if missing from hosts.ini - improves application of master taint by centralizing code * improves molecule testing, fixes linting * hacking at linter problems, small tweaks - increases the metallb timeout error due to intermittent testing errors in GitHub actions * improves context by renaming taint variable - makes variable boolean * fix bug * removes linting hacks Co-authored-by: Ioannis Angelakopoulos <[email protected]> commit d5b37ac Author: Simon Leiner <[email protected]> Date: Sat Sep 24 07:10:55 2022 +0200 Drop support for CentOS, test Rocky and Debian in CI (techno-tim#92) * Test CentOS 7 in CI * Drop support for CentOS, test on Rocky and Debian * Fix reset playbook for Rocky Linux * Fix typo * Disable firewalld during testing Co-authored-by: Techno Tim <[email protected]> commit 5225493 Author: Simon Leiner <[email protected]> Date: Sat Sep 24 06:28:21 2022 +0200 CI: Fix linting job for ansible-lint 6.6.0 (techno-tim#96) * CI: Fix linting job for ansible-lint 6.6.0 * Increase MetalLB timeout to mitigate CI flakiness commit 4acbe91 Author: BMeach <[email protected]> Date: Sat Sep 17 14:56:09 2022 -0600 Fix master node taints in multi node installs (techno-tim#93) * Taint master nodes if more than one node * Kick off fork workflow tests Co-authored-by: Techno Tim <[email protected]> commit f1c2f3b Author: Techno Tim <[email protected]> Date: Sat Sep 17 00:18:56 2022 -0500 fix(github): ignore readme updates (techno-tim#94) commit 76718a0 Author: Techno Tim <[email protected]> Date: Wed Sep 14 21:32:34 2022 -0500 chore(docs): Updated with ansible collections install (techno-tim#89) * chore(docs): Fixing thanks section * chore(docs): Updated with collections command commit a1ef590 Author: Simon Leiner <[email protected]> Date: Sat Sep 10 19:57:38 2022 +0200 Add support for API servers on IPv6 addresses (techno-tim#48) * Remove duplicate file for deletion * Add support for IPv6 clusters To correctly escape IPv6 addresses when ports are used, they must be wrapped in square brackets [1]. This patch adds support for that, using Ansible's ipwrap filter [2]. [1]: https://datatracker.ietf.org/doc/html/rfc4038#section-5.1 [2]: http:https://docs.ansible.com/ansible/latest/collections/ansible/utils/docsite/filters_ipaddr.html#wrapping-ipv6-addresses-in-brackets * Do not abort other molecule jobs on failure * Fix cache keys for Vagrant boxes * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml commit 9ff3bb6 Author: Simon Leiner <[email protected]> Date: Fri Sep 9 18:47:26 2022 +0200 Test single-node cluster (techno-tim#78) * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * Molecule: Add single_node scenario * Fix get_nodes test for the case of empty groups commit b1df966 Author: Techno Tim <[email protected]> Date: Thu Sep 8 22:00:54 2022 -0500 fix(ansible): Fix group permissions on tmp folder (techno-tim#77) commit 58c3a61 Author: Vitalij Dovhanyc <[email protected]> Date: Thu Sep 8 03:00:13 2022 +0200 add editorconfig and fix trailing whitespaces (techno-tim#68) Co-authored-by: Techno Tim <[email protected]> commit 60bc09b Author: Simon Leiner <[email protected]> Date: Thu Sep 8 01:47:58 2022 +0200 Mitigate CI flakiness (techno-tim#70) * Increase SSH connection timeouts and retries * Make MetalLB timeouts configurable * Retry applying MetalLB CRs * Fix location of MetalLB CRs template * Make MetalLB wait logic more compact * Fix typo * retrigger 1 * retrigger 2 * retrigger 3 * retrigger 4 * retrigger 5 commit 4365a2a Author: Timothy Stewart <[email protected]> Date: Tue Sep 6 19:07:09 2022 -0500 fix(ansible): fixing permissions on tmp folder commit a6b2a95 Author: Simon Leiner <[email protected]> Date: Sat Sep 3 17:36:28 2022 +0200 Test playbook using molecule (techno-tim#67) * Test cluster using molecule * Fix detection of first control node * Include --flannel-iface and --node-ip as k3s arguments * Store logs of k3s-init.service as GitHub job artifacts commit 3c36dc8 Author: Timothy Stewart <[email protected]> Date: Fri Sep 2 11:07:17 2022 -0500 fix(ansible): use k3s kubectl commit 6695d13 Author: Techno Tim <[email protected]> Date: Thu Sep 1 21:20:25 2022 -0500 upgrade k3s to v1.24.4+k3s1 (techno-tim#64) * feat(k3s): Upgrade to v1.24.4+k3s1 * feat(metallb): updated to v0.13.5 commit 74e1dc1 Author: Techno Tim <[email protected]> Date: Tue Aug 30 23:15:15 2022 -0500 Pin GitHub Actions to SHA + Dependabot (techno-tim#62) * feat(repo): Add dependabot * fix(ci): clean up * fix(gh-actions): pin to sha * fix(lint): fixing yaml lint * feat(repo): Add dependabot * fix(vagrant): up retry count to 60 because gh actions are sloooooow commit 56f8f21 Author: Techno Tim <[email protected]> Date: Tue Aug 30 21:44:55 2022 -0500 fix(ansible): Install services separate from config (techno-tim#63) commit 117c608 Author: Timothy Stewart <[email protected]> Date: Mon Aug 29 23:16:13 2022 -0500 fix(ansible): added longer wait with todo commit e28d8f3 Author: niki-on-github <[email protected]> Date: Tue Aug 30 05:58:57 2022 +0200 add ansible.posix module to requirements.yml (techno-tim#59) Co-authored-by: arch <arch@local> Co-authored-by: Techno Tim <[email protected]> commit 9d8a5cc Author: Simon Leiner <[email protected]> Date: Tue Aug 30 02:45:07 2022 +0200 Execute Vagrant cluster in CI (techno-tim#57) commit 2296959 Author: Techno Tim <[email protected]> Date: Sun Aug 28 20:36:05 2022 -0500 fix(ci): Fix Linting (techno-tim#61) commit 6d793c5 Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 17:49:38 2022 -0500 fix(ansible): add wait commit 47ac514 Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 16:42:07 2022 -0500 fix(ansible): fix lint commit 611cf5a Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 16:32:52 2022 -0500 fix(ansible): fix lint commit c82cbfc Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 16:29:04 2022 -0500 fix(ansible): fix lint commit f603a04 Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 16:26:46 2022 -0500 fix(ansible): fix lint commit 4b95971 Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 16:00:10 2022 -0500 fix(ansible): run task on one master commit db8fbd9 Author: Timothy Stewart <[email protected]> Date: Sun Aug 28 14:27:22 2022 -0500 chore(lint): Fix yaml lint commit aa05ab1 Author: Techno Tim <[email protected]> Date: Sun Aug 28 14:25:09 2022 -0500 fix(ansible): Refactored ansible steps to now install metallb in post… (techno-tim#58) * fix(ansible): Refactored ansible steps to now install metallb in post task and verify commit 370e191 Author: Simon Leiner <[email protected]> Date: Wed Aug 24 06:26:08 2022 +0200 Print fewer logs when removing manifests (techno-tim#55) commit e04f3ba Author: Timothy Stewart <[email protected]> Date: Sat Aug 20 16:22:56 2022 -0500 chore(github): Updated issue template commit cdd7c4e Author: Techno Tim <[email protected]> Date: Sat Aug 20 16:19:20 2022 -0500 Fix k3s manifest (techno-tim#53) * fix(k3s): Remove manifests and folders from bootstrapped cluster commit 90bbc0a Author: Lance A. Brown <[email protected]> Date: Thu Aug 11 22:23:56 2022 -0400 Add linux-modules-extra-raspi package for Ubuntu 22.x on Raspberry. (techno-tim#50) * Add task for linux-modules-extra-raspi Ubuntu 22.x on Raspberry Pi needs the linux-modules-extra-raspi package for the vxlans kernel module. * Remove linux-modules-extra-reaspi package Not sure we want to do this but including it in the PR anyway for discussion. commit 1e4b48f Author: slemmercs <[email protected]> Date: Fri Aug 12 04:23:47 2022 +0200 replaced --no-deploy with --disable (techno-tim#49) According to https://rancher.com/docs/k3s/latest/en/installation/install-options/server-config/ > Kubernetes Components section the --disable <value> flag should be used as the --no-deploy is a deprecated option commit ac5325a Author: Timothy Stewart <[email protected]> Date: Sat Jul 30 22:11:28 2022 -0500 fix(kube-vip): Cleaning up; adding missing rbac api groups commit a33ed48 Author: Techno Tim <[email protected]> Date: Wed Jul 27 23:13:43 2022 -0500 feat(upgrades): Updated k3s, metalls, and kubevip and fixed bugs (techno-tim#46) commit 1830b9c Author: Simon Leiner <[email protected]> Date: Thu Jul 28 04:24:59 2022 +0200 Fix .gitignore (techno-tim#40) For more details, see: https://stackoverflow.com/a/20652768 commit 39581f4 Author: SwaggaRitz <[email protected]> Date: Thu Jul 28 03:21:38 2022 +0100 Replaced manifest files with double extention to '-' (techno-tim#41) Co-authored-by: Adrian Jones <[email protected]>
* Replaced manifest files with double extention to '-' (techno-tim#41) Co-authored-by: Adrian Jones <[email protected]> * Fix .gitignore (techno-tim#40) For more details, see: https://stackoverflow.com/a/20652768 * feat(upgrades): Updated k3s, metalls, and kubevip and fixed bugs (techno-tim#46) * fix(kube-vip): Cleaning up; adding missing rbac api groups * replaced --no-deploy with --disable (techno-tim#49) According to https://rancher.com/docs/k3s/latest/en/installation/install-options/server-config/ > Kubernetes Components section the --disable <value> flag should be used as the --no-deploy is a deprecated option * Add linux-modules-extra-raspi package for Ubuntu 22.x on Raspberry. (techno-tim#50) * Add task for linux-modules-extra-raspi Ubuntu 22.x on Raspberry Pi needs the linux-modules-extra-raspi package for the vxlans kernel module. * Remove linux-modules-extra-reaspi package Not sure we want to do this but including it in the PR anyway for discussion. * Fix k3s manifest (techno-tim#53) * fix(k3s): Remove manifests and folders from bootstrapped cluster * chore(github): Updated issue template * Print fewer logs when removing manifests (techno-tim#55) * fix(ansible): Refactored ansible steps to now install metallb in post… (techno-tim#58) * fix(ansible): Refactored ansible steps to now install metallb in post task and verify * chore(lint): Fix yaml lint * fix(ansible): run task on one master * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): add wait * fix(ci): Fix Linting (techno-tim#61) * Execute Vagrant cluster in CI (techno-tim#57) * add ansible.posix module to requirements.yml (techno-tim#59) Co-authored-by: arch <arch@local> Co-authored-by: Techno Tim <[email protected]> * fix(ansible): added longer wait with todo * fix(ansible): Install services separate from config (techno-tim#63) * Pin GitHub Actions to SHA + Dependabot (techno-tim#62) * feat(repo): Add dependabot * fix(ci): clean up * fix(gh-actions): pin to sha * fix(lint): fixing yaml lint * feat(repo): Add dependabot * fix(vagrant): up retry count to 60 because gh actions are sloooooow * upgrade k3s to v1.24.4+k3s1 (techno-tim#64) * feat(k3s): Upgrade to v1.24.4+k3s1 * feat(metallb): updated to v0.13.5 * fix(ansible): use k3s kubectl * Test playbook using molecule (techno-tim#67) * Test cluster using molecule * Fix detection of first control node * Include --flannel-iface and --node-ip as k3s arguments * Store logs of k3s-init.service as GitHub job artifacts * fix(ansible): fixing permissions on tmp folder * Mitigate CI flakiness (techno-tim#70) * Increase SSH connection timeouts and retries * Make MetalLB timeouts configurable * Retry applying MetalLB CRs * Fix location of MetalLB CRs template * Make MetalLB wait logic more compact * Fix typo * retrigger 1 * retrigger 2 * retrigger 3 * retrigger 4 * retrigger 5 * add editorconfig and fix trailing whitespaces (techno-tim#68) Co-authored-by: Techno Tim <[email protected]> * fix(ansible): Fix group permissions on tmp folder (techno-tim#77) * Test single-node cluster (techno-tim#78) * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * Molecule: Add single_node scenario * Fix get_nodes test for the case of empty groups * Add support for API servers on IPv6 addresses (techno-tim#48) * Remove duplicate file for deletion * Add support for IPv6 clusters To correctly escape IPv6 addresses when ports are used, they must be wrapped in square brackets [1]. This patch adds support for that, using Ansible's ipwrap filter [2]. [1]: https://datatracker.ietf.org/doc/html/rfc4038#section-5.1 [2]: http:https://docs.ansible.com/ansible/latest/collections/ansible/utils/docsite/filters_ipaddr.html#wrapping-ipv6-addresses-in-brackets * Do not abort other molecule jobs on failure * Fix cache keys for Vagrant boxes * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * chore(docs): Updated with ansible collections install (techno-tim#89) * chore(docs): Fixing thanks section * chore(docs): Updated with collections command * fix(github): ignore readme updates (techno-tim#94) * Fix master node taints in multi node installs (techno-tim#93) * Taint master nodes if more than one node * Kick off fork workflow tests Co-authored-by: Techno Tim <[email protected]> * CI: Fix linting job for ansible-lint 6.6.0 (techno-tim#96) * CI: Fix linting job for ansible-lint 6.6.0 * Increase MetalLB timeout to mitigate CI flakiness * Drop support for CentOS, test Rocky and Debian in CI (techno-tim#92) * Test CentOS 7 in CI * Drop support for CentOS, test on Rocky and Debian * Fix reset playbook for Rocky Linux * Fix typo * Disable firewalld during testing Co-authored-by: Techno Tim <[email protected]> * fix master taint implementation - linting problems (techno-tim#95) * add virtual-ip to certificate SAN entries Adds the kube-vip IP as a Subject Alternative Name in the TLS cert. It is needed otherwise you cannot access the cluster. * fixes bug with master taints (#1) - improves taint logic * fixes typo * fixes formatting * fixes undefined group['node'] if missing from hosts.ini (#2) * fixes undefined group['node'] if missing from hosts.ini - improves application of master taint by centralizing code * improves molecule testing, fixes linting * hacking at linter problems, small tweaks - increases the metallb timeout error due to intermittent testing errors in GitHub actions * improves context by renaming taint variable - makes variable boolean * fix bug * removes linting hacks Co-authored-by: Ioannis Angelakopoulos <[email protected]> * Fix role order in reset playbook (techno-tim#104) * Fix download-boxes.sh if no boxes are present (techno-tim#106) In case of grep not matching any line, it would return an error code and thus stop the script. This patch sets "present_boxes" to an empty value in case any of the commands fail. * adds colors to molecule testing in GitHub action (techno-tim#109) * Add "collection" to the ansible-galaxy command as it will run without making changes if that collection argument is not provided. (techno-tim#113) * k3s, metallb, kube-vip updates (techno-tim#119) * feat(k3s): Updated to v1.24.6+k3s1 * feat(kube-vip): Update to v0.5.5 * feat(metal-lb): Update to v0.13.6 * fix(pip): Freeze requirements * fix(lint): Fixed ansible-lint * Removing accidental tear-down step that is clearly a typo (techno-tim#117) Co-authored-by: Techno Tim <[email protected]> * chore(deps): bump google-auth from 2.12.0 to 2.13.0 (techno-tim#122) Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.12.0 to 2.13.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.12.0...v2.13.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump oauthlib from 3.2.1 to 3.2.2 (techno-tim#123) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](oauthlib/oauthlib@v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ruamel-yaml-clib from 0.2.6 to 0.2.7 (techno-tim#124) Bumps [ruamel-yaml-clib](https://sourceforge.net/p/ruamel-yaml-clib/code/ci/default/tree) from 0.2.6 to 0.2.7. --- updated-dependencies: - dependency-name: ruamel-yaml-clib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump zipp from 3.9.0 to 3.10.0 (techno-tim#128) Bumps [zipp](https://github.com/jaraco/zipp) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pre-commit hooks (techno-tim#125) * feat: pre-commit * empty * fix: requirements.txt * chore(deps): bump ansible-lint from 6.8.2 to 6.8.3 (techno-tim#129) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.2 to 6.8.3. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.2...v6.8.3) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-lint from 6.8.3 to 6.8.4 (techno-tim#130) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.3 to 6.8.4. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.3...v6.8.4) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(ci): switching to self-hosted runners (techno-tim#133) * feat(ci): switching to self-hosted runners * feat(gh-actions-controller): added * feat(gh-actions-controller): added * Revert "feat(ci): switching to self-hosted runners (techno-tim#133)" (techno-tim#135) This reverts commit a840571. * chore(deps): bump pyrsistent from 0.18.1 to 0.19.2 (techno-tim#141) Bumps [pyrsistent](https://github.com/tobgu/pyrsistent) from 0.18.1 to 0.19.2. - [Release notes](https://github.com/tobgu/pyrsistent/releases) - [Changelog](https://github.com/tobgu/pyrsistent/blob/master/CHANGES.txt) - [Commits](https://github.com/tobgu/pyrsistent/commits) --- updated-dependencies: - dependency-name: pyrsistent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(requirements.txt): Use pip-compile (techno-tim#148) * fix(requirements.txt): Use pip-compile * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * GitHub Actions Fixes (techno-tim#150) * chore: ⚡ Multiple configuration changes (techno-tim#144) Added yaml stdout for better readability, optimize ssh connections, moved become to correct section * Adding additional reboot (optional) (techno-tim#139) * Create reboot.yml * Create reboot.sh * Updated the Playbook and Tasks Name Co-authored-by: Techno Tim <[email protected]> * Updates (techno-tim#151) * fix(gitignore): Add ansible logs * chore(metallb): Updated to 0.13.9 * chore(metallb): Updated to 1.24.7 * chore(python): Upddate dependencies * fix(metal-lb): set to 0.13.7 (latest released) * fix(requirements.txt): dedup and sort alpha * docs(README): Updated readme with fixes and context (techno-tim#154) * chore(dependencies): updated kube-vip to 0.5.6 (techno-tim#166) * Pre commit fixes (techno-tim#167) * chore(dependencies): updated kube-vip to 0.5.6 * fix(pre-commit): pin to hash * fix(pre-commit): added more hooks and fixed lint * fix(pre-commit): added pre-commit hook so we don't have to run it manually * fix(pre-commit): Added docs to readme * fix(pre-commit): added texthooks * fix(pre-commit): pin to hash * fix(pre-commit): added mor hooks and fixed lint * fix(lint): Fixing quotes * fix(ci): only run test if linting passes * fix(ci): convert to reusable workflows * fix(pr template): Reorder steps * fix(ci): remove self-hosted * chore(deps): bump pre-commit-hooks from 4.3.0 to 4.4.0 (techno-tim#168) Bumps [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) from 4.3.0 to 4.4.0. - [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases) - [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit-hooks@v4.3.0...v4.4.0) --- updated-dependencies: - dependency-name: pre-commit-hooks dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Techno Tim <[email protected]> * "command" module no longer supports "warn" argument (techno-tim#169) * "command" module no longer supports "warn" argument * correct indetation lint errors * fix: config warning callback_whitelist (techno-tim#170) Co-authored-by: Jan Jansen <[email protected]> * K3s 1 24 8 (techno-tim#171) * chore(dependencies): Updated actions * chore(dependencies): updated to k3s to v1.24.8+k3s1 and kube-vip to v0.5.7 * chore(deps): bump molecule from 4.0.3 to 4.0.4 (techno-tim#175) Bumps [molecule](https://github.com/ansible-community/molecule) from 4.0.3 to 4.0.4. - [Release notes](https://github.com/ansible-community/molecule/releases) - [Commits](ansible/molecule@v4.0.3...v4.0.4) --- updated-dependencies: - dependency-name: molecule dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-core from 2.13.5 to 2.14.1 (techno-tim#176) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.13.5 to 2.14.1. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](ansible/ansible@v2.13.5...v2.14.1) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump pre-commit from 2.20.0 to 2.21.0 (techno-tim#188) Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 2.20.0 to 2.21.0. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v2.20.0...v2.21.0) --- updated-dependencies: - dependency-name: pre-commit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Split manifest into separate task for ease of use (techno-tim#191) * feat(k3s): Updated to v1.24.9+k3s1 (techno-tim#197) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: SwaggaRitz <[email protected]> Co-authored-by: Adrian Jones <[email protected]> Co-authored-by: Simon Leiner <[email protected]> Co-authored-by: Techno Tim <[email protected]> Co-authored-by: slemmercs <[email protected]> Co-authored-by: Lance A. Brown <[email protected]> Co-authored-by: niki-on-github <[email protected]> Co-authored-by: arch <arch@local> Co-authored-by: Vitalij Dovhanyc <[email protected]> Co-authored-by: BMeach <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: ccoane <[email protected]> Co-authored-by: Irakli Nadareishvili <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: samerbahri98 <[email protected]> Co-authored-by: snoopy82481 <[email protected]> Co-authored-by: automationxpert <[email protected]> Co-authored-by: Sherif Metwally <[email protected]> Co-authored-by: theonejj <[email protected]> Co-authored-by: Jan Jansen <[email protected]> Co-authored-by: irish1986 <[email protected]>
Adds the kube-vip IP as a Subject Alternative Name in the TLS cert.
Prevents
kubectl
erroring out when connecting to cluster due to virtual ip missing in the SANs of the api server certificate.