diff --git a/roles/azimuth/defaults/main.yml b/roles/azimuth/defaults/main.yml index ea7967a45..f2bf823b8 100644 --- a/roles/azimuth/defaults/main.yml +++ b/roles/azimuth/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use azimuth_chart_repo: https://stackhpc.github.io/azimuth azimuth_chart_name: azimuth -azimuth_chart_version: 0.2.0 +azimuth_chart_version: 0.3.2 # Release information for the Azimuth release azimuth_release_namespace: azimuth @@ -215,6 +215,16 @@ azimuth_openstack_domain: default azimuth_openstack_interface: public # Whether or not to verify SSL azimuth_openstack_verify_ssl: true +# The template to use when searching for the internal network +# Only used if the internal network is not tagged +# If given, network auto-creation is disabled +# The fragment '{tenant_name}' is replaced with the current tenancy name, e.g. "{tenant_name}-internal" +azimuth_openstack_internal_net_template: +# The template to use when searching for the external network +# Only used if the external network is not tagged +# If not given, there must be exactly one external network available to tenants +# The fragment '{tenant_name}' is replaced with the current tenancy name, e.g. "{tenant_name}-external" +azimuth_openstack_external_net_template: # Indicates whether tenant internal networks should be auto-created if not present azimuth_openstack_create_internal_net: true # The CIDR to use for auto-created tenant internal networks @@ -233,11 +243,21 @@ azimuth_openstack_provider: >- "createInternalNet": azimuth_openstack_create_internal_net, "internalNetCidr": azimuth_openstack_internal_net_cidr } | - combine( - { "internalNetDNSNameservers": azimuth_openstack_internal_net_dns_nameservers } - if azimuth_openstack_internal_net_dns_nameservers | length > 0 - else {} - ) + combine( + { "internalNetTemplate": azimuth_openstack_internal_net_template } + if azimuth_openstack_internal_net_template + else {} + ) | + combine( + { "externalNetTemplate": azimuth_openstack_external_net_template } + if azimuth_openstack_external_net_template + else {} + ) | + combine( + { "internalNetDNSNameservers": azimuth_openstack_internal_net_dns_nameservers } + if azimuth_openstack_internal_net_dns_nameservers | length > 0 + else {} + ) }} # App proxy settings diff --git a/roles/azimuth_caas_operator/defaults/main.yml b/roles/azimuth_caas_operator/defaults/main.yml index 3bfafb9f0..32a5a8d07 100644 --- a/roles/azimuth_caas_operator/defaults/main.yml +++ b/roles/azimuth_caas_operator/defaults/main.yml @@ -2,7 +2,7 @@ # The chart to use azimuth_caas_operator_chart_repo: https://stackhpc.github.io/azimuth-caas-operator azimuth_caas_operator_chart_name: azimuth-caas-operator -azimuth_caas_operator_chart_version: '0.7.0' +azimuth_caas_operator_chart_version: '0.8.0' # Release information for the operator release # Use the same namespace as Azimuth by default @@ -79,7 +79,7 @@ azimuth_caas_stackhpc_slurm_appliance_enabled: "{{ azimuth_clusters_enabled }}" # The git URL for the StackHPC Slurm appliance azimuth_caas_stackhpc_slurm_appliance_git_url: https://github.com/stackhpc/ansible-slurm-appliance.git # The git version for the StackHPC Slurm appliance -azimuth_caas_stackhpc_slurm_appliance_git_version: v1.137 +azimuth_caas_stackhpc_slurm_appliance_git_version: v1.138 # The playbook to use for the StackHPC Slurm appliance azimuth_caas_stackhpc_slurm_appliance_playbook: ansible/site.yml # The metadata root for the StackHPC Slurm appliance diff --git a/roles/azimuth_capi_operator/defaults/main.yml b/roles/azimuth_capi_operator/defaults/main.yml index a754eff74..daaa26d25 100644 --- a/roles/azimuth_capi_operator/defaults/main.yml +++ b/roles/azimuth_capi_operator/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use azimuth_capi_operator_chart_repo: https://stackhpc.github.io/azimuth-capi-operator azimuth_capi_operator_chart_name: azimuth-capi-operator -azimuth_capi_operator_chart_version: 0.2.0 +azimuth_capi_operator_chart_version: 0.3.1 # Release information for the CAPI operator release # Use the same namespace as Azimuth by default diff --git a/roles/azimuth_identity_operator/defaults/main.yml b/roles/azimuth_identity_operator/defaults/main.yml index ea748dbfd..93f1786f2 100644 --- a/roles/azimuth_identity_operator/defaults/main.yml +++ b/roles/azimuth_identity_operator/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use azimuth_identity_operator_chart_repo: https://stackhpc.github.io/azimuth-identity-operator azimuth_identity_operator_chart_name: azimuth-identity-operator -azimuth_identity_operator_chart_version: 0.2.0 +azimuth_identity_operator_chart_version: 0.3.1 # Release information for the operator release # Use the same namespace as Azimuth by default diff --git a/roles/capi_cluster/defaults/main.yml b/roles/capi_cluster/defaults/main.yml index 595ae4d8e..addb72f46 100644 --- a/roles/capi_cluster/defaults/main.yml +++ b/roles/capi_cluster/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use capi_cluster_chart_repo: https://stackhpc.github.io/capi-helm-charts capi_cluster_chart_name: openstack-cluster -capi_cluster_chart_version: 0.1.6 +capi_cluster_chart_version: 0.1.8 # Release information for the cluster release capi_cluster_release_namespace: default @@ -38,16 +38,16 @@ capi_cluster_openstack_ca_cert: >- # Default, wire these up with an image from community images when available capi_cluster_kubernetes_version: >- {{- - community_images.kube_1_27.kubernetes_version - if community_images is defined and 'kube_1_27' in community_images + community_images.kube_1_28.kubernetes_version + if community_images is defined and 'kube_1_28' in community_images else undef(hint = 'capi_cluster_kubernetes_version is required') }} capi_cluster_machine_image_id: >- {{- - community_images_image_ids.kube_1_27 + community_images_image_ids.kube_1_28 if ( community_images_image_ids is defined and - 'kube_1_27' in community_images_image_ids + 'kube_1_28' in community_images_image_ids ) else undef(hint = 'capi_cluster_machine_image_id is required') }} diff --git a/roles/capi_cluster/tasks/main.yml b/roles/capi_cluster/tasks/main.yml index b4f48b1e7..d85e53fa6 100644 --- a/roles/capi_cluster/tasks/main.yml +++ b/roles/capi_cluster/tasks/main.yml @@ -120,8 +120,12 @@ --for=delete --namespace {{ capi_cluster_release_namespace }} --timeout 0s - changed_when: false register: capi_cluster_delete + changed_when: false + # Allow for the case where we never got as far as installing the CAPI controllers + failed_when: >- + capi_cluster_delete.rc != 0 and + "the server doesn't have a resource type" not in capi_cluster_delete.stderr until: capi_cluster_delete is succeeded # Wait up to 60 mins for the cluster to delete retries: 360 diff --git a/roles/certmanager/defaults/main.yml b/roles/certmanager/defaults/main.yml index b9e739358..f19330c0c 100644 --- a/roles/certmanager/defaults/main.yml +++ b/roles/certmanager/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use certmanager_chart_repo: https://charts.jetstack.io certmanager_chart_name: cert-manager -certmanager_chart_version: v1.13.2 +certmanager_chart_version: v1.13.3 # Release information for the cert-manager release certmanager_release_namespace: cert-manager diff --git a/roles/cloud_metrics/defaults/main.yml b/roles/cloud_metrics/defaults/main.yml index 234d9a65a..e160d0d92 100644 --- a/roles/cloud_metrics/defaults/main.yml +++ b/roles/cloud_metrics/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use for Grafana cloud_metrics_grafana_chart_repo: https://grafana.github.io/helm-charts cloud_metrics_grafana_chart_name: grafana -cloud_metrics_grafana_chart_version: 7.0.11 +cloud_metrics_grafana_chart_version: 7.0.19 # Release information for the Grafana release # By default, deploy into the same namespace as Azimuth diff --git a/roles/clusterapi/defaults/main.yml b/roles/clusterapi/defaults/main.yml index cfb281d49..85684970a 100644 --- a/roles/clusterapi/defaults/main.yml +++ b/roles/clusterapi/defaults/main.yml @@ -7,7 +7,7 @@ clusterapi_core_components: "{{ clusterapi_core_repo }}/releases/download/{{ clu # The repo, version and manifest URL for the Cluster API OpenStack provider components clusterapi_openstack_repo: https://github.com/kubernetes-sigs/cluster-api-provider-openstack -clusterapi_openstack_version: v0.8.0 +clusterapi_openstack_version: v0.9.0 clusterapi_openstack_components: "{{ clusterapi_openstack_repo }}/releases/download/{{ clusterapi_openstack_version }}/infrastructure-components.yaml" # List of Cluster API component manifests to install @@ -79,7 +79,7 @@ clusterapi_watches: # Helm chart information for the Cluster API addon provider clusterapi_addon_provider_chart_repo: https://stackhpc.github.io/cluster-api-addon-provider clusterapi_addon_provider_chart_name: cluster-api-addon-provider -clusterapi_addon_provider_chart_version: 0.2.0 +clusterapi_addon_provider_chart_version: 0.3.1 # Release information for the Cluster API addon provider release clusterapi_addon_provider_release_namespace: capi-addon-system @@ -95,7 +95,7 @@ clusterapi_addon_provider_release_values: {} # Helm chart information for the Cluster API janitor clusterapi_janitor_openstack_chart_repo: https://stackhpc.github.io/cluster-api-janitor-openstack clusterapi_janitor_openstack_chart_name: cluster-api-janitor-openstack -clusterapi_janitor_openstack_chart_version: 0.3.0 +clusterapi_janitor_openstack_chart_version: 0.4.0 # Release information for the Cluster API janitor release clusterapi_janitor_openstack_release_namespace: capi-janitor-system diff --git a/roles/community_images/defaults/main.yml b/roles/community_images/defaults/main.yml index da53fe554..627f83ec2 100644 --- a/roles/community_images/defaults/main.yml +++ b/roles/community_images/defaults/main.yml @@ -33,7 +33,7 @@ community_images_disk_format: qcow2 # The repository to use for azimuth-images community_images_azimuth_images_repo: https://github.com/stackhpc/azimuth-images # The version of azimuth-images to use to populate the default community images -community_images_azimuth_images_version: 0.4.0 +community_images_azimuth_images_version: 0.5.1 # The azimuth-images manifest URL community_images_azimuth_images_manifest_url: >- {{ community_images_azimuth_images_repo }}/releases/download/{{ community_images_azimuth_images_version }}/manifest.json @@ -79,8 +79,8 @@ community_images_slurm_base_url: >- https://object.arcus.openstack.hpc.cam.ac.uk/swift/v1/AUTH_3a06571936a0424bb40bc5c672c4ccb1/openhpc-images community_images_slurm: openhpc: - name: openhpc-231206-1648-9d6aa4e4 # https://github.com/stackhpc/ansible-slurm-appliance/pull/340 - source_url: "{{ community_images_slurm_base_url }}/openhpc-231020-1357-b5d8b056" + name: openhpc-240102-1025-e533fd70 # https://github.com/stackhpc/ansible-slurm-appliance/pull/346 + source_url: "{{ community_images_slurm_base_url }}/openhpc-240102-1025-e533fd70" source_disk_format: qcow2 container_format: bare diff --git a/roles/helm/defaults/main.yml b/roles/helm/defaults/main.yml index 6484f1b70..abbc6d266 100644 --- a/roles/helm/defaults/main.yml +++ b/roles/helm/defaults/main.yml @@ -3,7 +3,7 @@ # The Helm repo helm_repo: https://github.com/helm/helm # The Helm version to download -helm_version: v3.13.2 +helm_version: v3.13.3 # The OS variant and architecture to use # See https://github.com/helm/helm/releases for the available options helm_os: "{{ ansible_system | lower }}" diff --git a/roles/ingress_nginx/defaults/main.yml b/roles/ingress_nginx/defaults/main.yml index e97f73783..f20c5d622 100644 --- a/roles/ingress_nginx/defaults/main.yml +++ b/roles/ingress_nginx/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use ingress_nginx_chart_repo: https://kubernetes.github.io/ingress-nginx ingress_nginx_chart_name: ingress-nginx -ingress_nginx_chart_version: 4.8.4 +ingress_nginx_chart_version: 4.9.0 # Release information for the NGINX ingress controller release ingress_nginx_release_namespace: ingress-nginx diff --git a/roles/k3s/defaults/main.yml b/roles/k3s/defaults/main.yml index 8ee29b812..c3f48e0ce 100644 --- a/roles/k3s/defaults/main.yml +++ b/roles/k3s/defaults/main.yml @@ -1,7 +1,7 @@ --- k3s_repo: https://github.com/k3s-io/k3s -k3s_version: v1.28.3+k3s2 +k3s_version: v1.29.0+k3s1 k3s_binary_url: "{{ k3s_repo }}/releases/download/{{ k3s_version }}/k3s" k3s_binary_checksum_url: "{{ k3s_repo }}/releases/download/{{ k3s_version }}/sha256sum-amd64.txt" k3s_binary_checksum: "sha256:{{ lookup('url', k3s_binary_checksum_url, wantlist = True) | first | split | first }}" diff --git a/roles/kube_prometheus_stack/defaults/main.yml b/roles/kube_prometheus_stack/defaults/main.yml index 380ebb2ce..2bad04101 100644 --- a/roles/kube_prometheus_stack/defaults/main.yml +++ b/roles/kube_prometheus_stack/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use kube_prometheus_stack_chart_repo: https://prometheus-community.github.io/helm-charts kube_prometheus_stack_chart_name: kube-prometheus-stack -kube_prometheus_stack_chart_version: 55.0.0 +kube_prometheus_stack_chart_version: 55.5.1 # Release information kube_prometheus_stack_release_namespace: monitoring-system @@ -14,6 +14,12 @@ kube_prometheus_stack_wait_timeout: 10m # The values for the kube-prometheus-stack release kube_prometheus_stack_release_defaults: + defaultRules: + disabled: + # None of these are relevant in k3s context + KubeSchedulerDown: true + KubeProxyDown: true + KubeControllerManagerDown: true prometheus: prometheusSpec: podMonitorSelectorNilUsesHelmValues: false @@ -37,7 +43,9 @@ kube_prometheus_stack_release_defaults: # Do NOT add the namespace matcher to routes from AlertmanagerConfig resources alertmanagerConfigMatcherStrategy: type: None + kube_prometheus_stack_release_overrides: {} + kube_prometheus_stack_release_values: >- {{- kube_prometheus_stack_release_defaults | diff --git a/roles/kustomize/defaults/main.yml b/roles/kustomize/defaults/main.yml index 43657d498..ce6d35ffb 100644 --- a/roles/kustomize/defaults/main.yml +++ b/roles/kustomize/defaults/main.yml @@ -3,7 +3,7 @@ # The kustomize repository kustomize_repo: https://github.com/kubernetes-sigs/kustomize # The kustomize version to download -kustomize_version: v5.2.1 +kustomize_version: v5.3.0 # The OS variant and architecture to use # See https://github.com/kubernetes-sigs/kustomize/releases for the available options kustomize_os: "{{ ansible_system | lower }}" diff --git a/roles/velero/defaults/main.yml b/roles/velero/defaults/main.yml index c17045660..815711465 100644 --- a/roles/velero/defaults/main.yml +++ b/roles/velero/defaults/main.yml @@ -12,7 +12,7 @@ velero_no_log: true ##### # Velero CLI installation config -velero_cli_version: v1.12.1 +velero_cli_version: v1.12.2 velero_cli_arch: linux-amd64 velero_cli_download_url: "https://github.com/vmware-tanzu/velero/releases/download/{{ velero_cli_version }}/velero-{{ velero_cli_version }}-{{ velero_cli_arch }}.tar.gz" @@ -32,7 +32,7 @@ velero_aws_secret_access_key: "{{ undef(hint='velero_aws_access_key_id and veler # Kubernetes CSI Snapshot Controller config velero_csi_snapshot_controller_chart_name: snapshot-controller velero_csi_snapshot_controller_chart_repo: https://piraeus.io/helm-charts/ -velero_csi_snapshot_controller_chart_version: 2.0.3 +velero_csi_snapshot_controller_chart_version: 2.0.4 velero_csi_snapshot_controller_release_namespace: kube-system velero_csi_snapshot_controller_release_name: csi-snapshot-controller velero_csi_snapshot_controller_wait_timeout: 10m @@ -56,7 +56,7 @@ velero_csi_plugin_image_version: v0.6.2 # Velero Helm chart config velero_chart_name: velero velero_chart_repo: https://vmware-tanzu.github.io/helm-charts -velero_chart_version: 5.1.6 +velero_chart_version: 5.2.0 velero_release_namespace: velero velero_release_name: velero velero_wait_timeout: 10m diff --git a/roles/zenith/defaults/main.yml b/roles/zenith/defaults/main.yml index 2b55330f1..e30d63cd6 100644 --- a/roles/zenith/defaults/main.yml +++ b/roles/zenith/defaults/main.yml @@ -3,7 +3,7 @@ # The chart to use zenith_chart_repo: https://stackhpc.github.io/zenith zenith_chart_name: zenith-server -zenith_chart_version: 0.2.0 +zenith_chart_version: 0.3.2 # Release information for the Zenith release # Use the same namespace as the Azimuth release by default