Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add CI test for auto_renew_certificates #7472

Merged
merged 2 commits into from
Apr 9, 2021
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@ echo "## Renewing certificates managed by kubeadm ##"

echo "## Restarting control plane pods managed by kubeadm ##"
{% if container_manager == "docker" %}
{{ docker_bin_dir }}/docker ps -af 'name=k8s_POD_(kube-apiserver|kube-controller-manager|kube-scheduler|etcd)-*' -q | /usr/bin/xargs {{ docker_bin_dir }}/docker rm -f"
{{ docker_bin_dir }}/docker ps -af 'name=k8s_POD_(kube-apiserver|kube-controller-manager|kube-scheduler|etcd)-*' -q | /usr/bin/xargs {{ docker_bin_dir }}/docker rm -f
{% else %}
{{ bin_dir }}/crictl pods --namespace kube-system --name 'kube-scheduler-*|kube-controller-manager-*|kube-apiserver-*|etcd-*' -q | /usr/bin/xargs {{ bin_dir }}/crictl rmp -f
{% endif %}
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ Description=Timer to renew K8S control plane certificates

[Timer]
# First Monday of each month
OnCalendar=Mon *-*-1..7 03:{{ groups['kube_control_plane'].index(inventory_hostname) }}0:00
OnCalendar=Mon *-*-1,2,3,4,5,6,7 03:{{ groups['kube_control_plane'].index(inventory_hostname) }}0:00

[Install]
WantedBy=multi-user.target
2 changes: 2 additions & 0 deletions tests/files/packet_centos7-calico-ha-once-localhost.yml
Original file line number Diff line number Diff line change
@@ -13,3 +13,5 @@ typha_enabled: true
calico_backend: kdd
typha_secure: true
disable_ipv6_dns: true

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_centos7-calico-ha.yml
Original file line number Diff line number Diff line change
@@ -12,3 +12,5 @@ dns_min_replicas: 1
typha_enabled: true
calico_backend: kdd
typha_secure: true

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_centos8-crio.yml
Original file line number Diff line number Diff line change
@@ -13,3 +13,5 @@ etcd_deployment_type: host

# required
calico_iptables_backend: "Auto"

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_debian10-containerd.yml
Original file line number Diff line number Diff line change
@@ -14,3 +14,5 @@ helm_enabled: true
# https://gitlab.com/miouge/kubespray-ci/-/blob/a4fd5ed6857807f1c353cb60848aedebaf7d2c94/manifests/http-proxy.yml#L42
http_proxy: http://172.30.30.30:8888
https_proxy: http://172.30.30.30:8888

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_debian9-macvlan.yml
Original file line number Diff line number Diff line change
@@ -10,3 +10,5 @@ enable_nodelocaldns: false
dns_min_replicas: 1
kube_proxy_masquerade_all: true
macvlan_interface: "eth0"

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_fedora33-calico.yml
Original file line number Diff line number Diff line change
@@ -10,3 +10,5 @@ kube_network_plugin: calico

# Only docker package 20.10 for Fedora33
docker_version: '20.10'

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_opensuse-canal.yml
Original file line number Diff line number Diff line change
@@ -11,3 +11,5 @@ dns_min_replicas: 1

# test Ambassador
ingress_ambassador_enabled: true

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_oracle7-canal-ha.yml
Original file line number Diff line number Diff line change
@@ -9,3 +9,5 @@ kube_network_plugin: canal
dynamic_kubelet_configuration: true
deploy_netchecker: true
dns_min_replicas: 1

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_ubuntu16-weave-sep.yml
Original file line number Diff line number Diff line change
@@ -7,3 +7,5 @@ mode: separate
kube_network_plugin: weave
deploy_netchecker: true
dns_min_replicas: 1

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_ubuntu18-cilium-sep.yml
Original file line number Diff line number Diff line change
@@ -8,3 +8,5 @@ kube_network_plugin: cilium
deploy_netchecker: true
enable_network_policy: true
dns_min_replicas: 1

auto_renew_certificates: true
2 changes: 2 additions & 0 deletions tests/files/packet_ubuntu20-calico-aio.yml
Original file line number Diff line number Diff line change
@@ -12,3 +12,5 @@ dns_min_replicas: 1
# Currently ipvs not available on KVM: https://packages.ubuntu.com/search?suite=focal&arch=amd64&mode=exactfilename&searchon=contents&keywords=ip_vs_sh.ko
kube_proxy_mode: iptables
enable_nodelocaldns: False

auto_renew_certificates: true