From e8cd10d49bbde067471a3cd87d78165bdb5d765e Mon Sep 17 00:00:00 2001 From: Techno Tim Date: Sun, 28 Jul 2024 14:29:32 -0500 Subject: [PATCH] chore(deps): Updated all k8s components (#532) * chore(deps): Updated all k8s components * Metallb 0.14.4 support (#533) * Added support for metallb >= 0.14.4 * update gpg * Added support for metallb >= 0.14.4 * remove extra file --------- Co-authored-by: Konstantin Kornienko Co-authored-by: Konstantin Kornienko * chore(deps): Updated actions * chore(dependencies): Roll back ansible-core * chore(deps): Updated kube-vip * chore(deps): Updated dependencies * chore(deps): Updated dependencies * fix(cilium): fixing logic * fix(cilium): fixing logic --------- Co-authored-by: Konstantin Kornienko Co-authored-by: Konstantin Kornienko --- .github/workflows/lint.yml | 2 +- inventory/sample/group_vars/all.yml | 12 ++++++------ requirements.txt | 2 +- roles/k3s_server/tasks/main.yml | 2 +- roles/k3s_server_post/tasks/main.yml | 2 +- roles/k3s_server_post/tasks/metallb.yml | 16 +++++++++++++++- 6 files changed, 25 insertions(+), 11 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9029e71..b10e0a0 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -47,7 +47,7 @@ jobs: - name: Checkout code uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7 - name: Ensure SHA pinned actions - uses: zgosalvez/github-actions-ensure-sha-pinned-actions@2f2ebc6d914ab515939dc13f570f91baeb2c194c # 3.0.6 + uses: zgosalvez/github-actions-ensure-sha-pinned-actions@74606c30450304eee8660aae751818321754feb1 # 3.0.9 with: allowlist: | aws-actions/ diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 909746d..01b1fe9 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -1,5 +1,5 @@ --- -k3s_version: v1.29.2+k3s1 +k3s_version: v1.30.2+k3s2 # this is the user that has ssh access to these machines ansible_user: ansibleuser systemd_dir: /etc/systemd/system @@ -13,13 +13,13 @@ flannel_iface: "eth0" # uncomment calico_iface to use tigera operator/calico cni instead of flannel https://docs.tigera.io/calico/latest/about # calico_iface: "eth0" calico_ebpf: false # use eBPF dataplane instead of iptables -calico_tag: "v3.27.2" # calico version tag +calico_tag: "v3.28.0" # calico version tag # uncomment cilium_iface to use cilium cni instead of flannel or calico # ensure v4.19.57, v5.1.16, v5.2.0 or more recent kernel # cilium_iface: "eth0" cilium_mode: "native" # native when nodes on same subnet or using bgp, else set routed -cilium_tag: "v1.15.2" # cilium version tag +cilium_tag: "v1.16.0" # cilium version tag cilium_hubble: true # enable hubble observability relay and ui # if using calico or cilium, you may specify the cluster pod cidr pool @@ -72,7 +72,7 @@ extra_agent_args: >- {{ extra_args }} # image tag for kube-vip -kube_vip_tag_version: "v0.7.2" +kube_vip_tag_version: "v0.8.2" # tag for kube-vip-cloud-provider manifest # kube_vip_cloud_provider_tag_version: "main" @@ -93,8 +93,8 @@ metal_lb_mode: "layer2" # metal_lb_bgp_peer_address: "192.168.30.1" # image tag for metal lb -metal_lb_speaker_tag_version: "v0.14.3" -metal_lb_controller_tag_version: "v0.14.3" +metal_lb_speaker_tag_version: "v0.14.8" +metal_lb_controller_tag_version: "v0.14.8" # metallb ip range for load balancer metal_lb_ip_range: "192.168.30.80-192.168.30.90" diff --git a/requirements.txt b/requirements.txt index 998a02d..079e561 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ # ansible-compat==4.1.11 # via molecule -ansible-core==2.17.0 +ansible-core==2.16.6 # via # -r requirements.in # ansible-compat diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 45adf9a..ae2d8e9 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -29,7 +29,7 @@ - name: Deploy metallb manifest include_tasks: metallb.yml tags: metallb - when: kube_vip_lb_ip_range is not defined and (cilium_bgp is not defined or cilium_iface is not defined) + when: kube_vip_lb_ip_range is not defined and (not cilium_bgp or cilium_iface is not defined) - name: Deploy kube-vip manifest include_tasks: kube-vip.yml diff --git a/roles/k3s_server_post/tasks/main.yml b/roles/k3s_server_post/tasks/main.yml index 2cf679c..588f026 100644 --- a/roles/k3s_server_post/tasks/main.yml +++ b/roles/k3s_server_post/tasks/main.yml @@ -12,7 +12,7 @@ - name: Deploy metallb pool include_tasks: metallb.yml tags: metallb - when: kube_vip_lb_ip_range is not defined and (cilium_bgp is not defined or cilium_iface is not defined) + when: kube_vip_lb_ip_range is not defined and (not cilium_bgp or cilium_iface is not defined) - name: Remove tmp directory used for manifests file: diff --git a/roles/k3s_server_post/tasks/metallb.yml b/roles/k3s_server_post/tasks/metallb.yml index 07a23b0..7699fb4 100644 --- a/roles/k3s_server_post/tasks/metallb.yml +++ b/roles/k3s_server_post/tasks/metallb.yml @@ -83,9 +83,23 @@ loop_control: label: "{{ item.description }}" +- name: Set metallb webhook service name + set_fact: + metallb_webhook_service_name: >- + {{ + ( + (metal_lb_controller_tag_version | regex_replace('^v', '')) + is + version('0.14.4', '<', version_type='semver') + ) | ternary( + 'webhook-service', + 'metallb-webhook-service' + ) + }} + - name: Test metallb-system webhook-service endpoint command: >- - k3s kubectl -n metallb-system get endpoints webhook-service + k3s kubectl -n metallb-system get endpoints {{ metallb_webhook_service_name }} changed_when: false with_items: "{{ groups[group_name_master | default('master')] }}" run_once: true