chore(deps): Updated cilium to v1.15.2 (#484)

* chore(deps): Updated cilium to v1.15.2

* fix(molecule): increase timeout for slow CI

.github/workflows/cache.yml

@@ -11,7 +11,7 @@ jobs:
 
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # 4.1.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -23,7 +23,7 @@ jobs:
 
       - name: Cache Vagrant boxes
         id: cache-vagrant
-        uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # 4.0
+        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
         with:
           lookup-only: true #if it exists, we don't need to restore and can skip the next step
           path: |

.github/workflows/lint.yml

@@ -11,7 +11,7 @@ jobs:
 
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # 4.1.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -22,7 +22,7 @@ jobs:
           cache: 'pip' # caching pip dependencies
 
       - name: Restore Ansible cache
-        uses: actions/cache/restore@ab5e6d0c87105b4c9c2047343972218f562e4319 # 4.0
+        uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
         with:
           path: ~/.ansible/collections
           key: ansible-${{ hashFiles('collections/requirements.yml') }}
@@ -45,7 +45,7 @@ jobs:
     runs-on: self-hosted
     steps:
       - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # 4.1.2
       - name: Ensure SHA pinned actions
         uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ba37328d4ea95eaf8b3bd6c6cef308f709a5f2ec # 3.0.3
         with:

.github/workflows/test.yml

@@ -10,7 +10,7 @@ jobs:
       matrix:
         scenario:
           - default
-          - ipv6
+          # - ipv6
           - single_node
           - calico
           - cilium
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # 4.1.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -65,7 +65,7 @@ jobs:
           cache: 'pip' # caching pip dependencies
 
       - name: Restore vagrant Boxes cache
-        uses: actions/cache/restore@ab5e6d0c87105b4c9c2047343972218f562e4319 # 4.0
+        uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
         with:
           path: ~/.vagrant.d/boxes
           key: vagrant-boxes-${{ hashFiles('**/molecule.yml') }}

README.md

@@ -96,8 +96,22 @@ ansible-playbook reset.yml -i inventory/my-cluster/hosts.ini
 To copy your `kube config` locally so that you can access your **Kubernetes** cluster run:
 
 ```bash
-scp debian@master_ip:~/.kube/config ~/.kube/config
+scp debian@master_ip:/etc/rancher/k3s/k3s.yaml ~/.kube/config
 ```
+If you get file Permission denied, go into the node and temporarly run:
+```bash
+sudo chmod 777 /etc/rancher/k3s/k3s.yaml
+```
+Then copy with the scp command and reset the permissions back to:
+```bash
+sudo chmod 600 /etc/rancher/k3s/k3s.yaml
+```
+
+You'll then want to modify the config to point to master IP by running:
+```bash
+sudo nano ~/.kube/config
+```
+Then change `server: https://127.0.0.1:6443` to match your master IP: `server: https://192.168.1.222:6443`
 
 ### 🔨 Testing your cluster
 

inventory/sample/group_vars/all.yml

@@ -1,5 +1,5 @@
 ---
-k3s_version: v1.29.0+k3s1
+k3s_version: v1.29.2+k3s1
 # this is the user that has ssh access to these machines
 ansible_user: ansibleuser
 systemd_dir: /etc/systemd/system
@@ -19,7 +19,7 @@ calico_tag: "v3.27.2"        # calico version tag
 # ensure v4.19.57, v5.1.16, v5.2.0 or more recent kernel
 # cilium_iface: "eth0"
 cilium_mode: "native"        # native when nodes on same subnet or using bgp, else set routed
-cilium_tag: "v1.15.1"        # cilium version tag
+cilium_tag: "v1.15.2"        # cilium version tag
 cilium_hubble: true          # enable hubble observability relay and ui
 
 # if using calico or cilium, you may specify the cluster pod cidr pool
@@ -72,7 +72,7 @@ extra_agent_args: >-
   {{ extra_args }}
 
 # image tag for kube-vip
-kube_vip_tag_version: "v0.7.1"
+kube_vip_tag_version: "v0.7.2"
 
 # tag for kube-vip-cloud-provider manifest
 # kube_vip_cloud_provider_tag_version: "main"
@@ -160,6 +160,10 @@ custom_registries_yaml: |
         username: yourusername
         password: yourpassword
 
+# On some distros like Diet Pi, there is no dbus installed. dbus required by the default reboot command.
+# Uncomment if you need a custom reboot command
+# custom_reboot_command: /usr/sbin/shutdown -r now
+
 # Only enable and configure these if you access the internet through a proxy
 # proxy_env:
 #   HTTP_PROXY: "http://proxy.domain.local:3128"

reboot.yml

@@ -6,4 +6,5 @@
     - name: Reboot the nodes (and Wait upto 5 mins max)
       become: true
       reboot:
+        reboot_command: "{{ custom_reboot_command | default(omit) }}"
         reboot_timeout: 300

reset.yml

@@ -12,6 +12,7 @@
     - name: Reboot and wait for node to come back up
       become: true
       reboot:
+        reboot_command: "{{ custom_reboot_command | default(omit) }}"
         reboot_timeout: 3600
 
 - name: Revert changes to Proxmox cluster

roles/k3s_server_post/tasks/calico.yml

@@ -48,7 +48,7 @@
         k3s kubectl wait {{ item.type }}/{{ item.name }}
         --namespace='tigera-operator'
         --for=condition=Available=True
-        --timeout=7s
+        --timeout=30s
       register: tigera_result
       changed_when: false
       until: tigera_result is succeeded
@@ -87,7 +87,7 @@
         --namespace='{{ item.namespace }}'
         --for=condition=Available
         {% endif %}
-        --timeout=7s
+        --timeout=30s
       register: cr_result
       changed_when: false
       until: cr_result is succeeded

roles/k3s_server_post/tasks/cilium.yml

@@ -202,7 +202,7 @@
         --namespace=kube-system
         --for=condition=Available
         {% endif %}
-        --timeout=7s
+        --timeout=30s
       register: cr_result
       changed_when: false
       until: cr_result is succeeded

roles/lxc/handlers/main.yml

@@ -2,4 +2,5 @@
 - name: Reboot server
   become: true
   reboot:
+    reboot_command: "{{ custom_reboot_command | default(omit) }}"
   listen: reboot server

roles/raspberrypi/handlers/main.yml

@@ -1,4 +1,5 @@
 ---
 - name: Reboot
   reboot:
+    reboot_command: "{{ custom_reboot_command | default(omit) }}"
   listen: reboot