Update Kubernetes to v1.32.1

Add ability to set resources for components.

Change-Id: I9c4b57fbba3a744d28118133303f9159d1595782

.gitignore

@@ -39,6 +39,7 @@ ENV/
 
 # vscode ide
 .vscode
+.devcontainer/
 
 # Unit test / coverage reports
 htmlcov/

charts/apiserver-webhook/values.yaml

@@ -17,7 +17,7 @@ release_uuid: null
 
 images:
   tags:
-    apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+    apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest
     scripted_test: docker.io/openstackhelm/heat:newton
     dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal

charts/apiserver/values.yaml

@@ -59,7 +59,7 @@ images:
   tags:
     dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
     anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-    apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+    apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     key_rotate: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
   pull_policy: "IfNotPresent"
   local_registry:

charts/controller_manager/values.yaml

@@ -17,7 +17,7 @@ release_group: null
 images:
   tags:
     anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-    controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+    controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
   pull_policy: "IfNotPresent"
 
 labels:

charts/proxy/values.yaml

@@ -68,7 +68,7 @@ pod:
 
 images:
   tags:
-    proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+    proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
   pull_policy: "IfNotPresent"
 
 proxy:

charts/scheduler/values.yaml

@@ -81,7 +81,7 @@ secrets:
 images:
   tags:
     anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-    scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+    scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   pull_policy: "IfNotPresent"
 
 network:

doc/source/configuration/genesis.rst

@@ -43,11 +43,11 @@ Here is a complete sample document:
         armada: quay.io/airshipit/armada:latest
         armada-operator: quay.io/airshipit/armada-operator:latest
         kubernetes:
-          apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+          apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-          controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+          controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
           etcd: quay.io/coreos/etcd:v3.5.12
           etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-          scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+          scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
       files:
         - path: /var/lib/anchor/calico-etcd-bootstrap
           content: ""

doc/source/configuration/host-system.rst

@@ -16,7 +16,7 @@ Sample Document to run containers in Docker runtime
     data:
       files:
         - path: /opt/kubernetes/bin/kubelet
-          tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+          tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
           tar_path: kubernetes/node/bin/kubelet
           mode: 0555
       images:
@@ -115,7 +115,7 @@ Sample Document to run containers in Containerd runtime
     data:
       files:
         - path: /opt/kubernetes/bin/kubelet
-          tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+          tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
           tar_path: kubernetes/node/bin/kubelet
           mode: 0555
       images:

examples/basic/Genesis.yaml

@@ -27,10 +27,72 @@ data:
       - --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
       - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
       - --v=3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  controller-manager:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  scheduler:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   armada:
     target_manifest: cluster-bootstrap
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    manager:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   etcd:
     auxiliary_threshold: 3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+
   labels:
     dynamic:
       - calico-etcd=enabled
@@ -43,15 +105,22 @@ data:
       - ucp-control-plane=enabled
   haproxy:
     run_as_user: 65534
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   images:
     armada: quay.io/airshipit/armada:latest-ubuntu_focal
     armada-operator: quay.io/airshipit/armada-operator:latest
     kubernetes:
-      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
       etcd: quay.io/coreos/etcd:v3.5.12
       etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping"

examples/basic/HostSystem.yaml

@@ -13,11 +13,11 @@ data:
       enable: true
   files:
     - path: /opt/kubernetes/bin/kubelet
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubelet
       mode: 0555
     - path: /usr/local/bin/kubectl
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubectl
       mode: 0555
     - path: /etc/systemd/system/kube-cgroup.service

examples/basic/armada-resources.yaml

@@ -159,7 +159,7 @@ data:
   values:
     images:
       tags:
-        proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+        proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
     network:
       kubernetes_netloc: 127.0.0.1:6553
   source:
@@ -735,7 +735,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     network:
       kubernetes_service_ip: 10.96.0.1
       pod_cidr: 10.97.0.0/16
@@ -801,7 +801,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
     secrets:
       service_account:
         private_key: placeholder
@@ -875,7 +875,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
 
   source:
     type: local

examples/complete/Genesis.yaml

@@ -11,10 +11,72 @@ data:
   hostname: n0
   ip: 192.168.77.10
   external_ip: 192.168.77.10
+  apiserver:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  controller-manager:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  scheduler:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   armada:
     target_manifest: cluster-bootstrap
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    manager:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   etcd:
     auxiliary_threshold: 3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   labels:
     dynamic:
       - calico-etcd=enabled
@@ -36,11 +98,11 @@ data:
     armada: quay.io/airshipit/armada:latest-ubuntu_focal
     armada-operator: quay.io/airshipit/armada-operator:latest
     kubernetes:
-      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
       etcd: quay.io/coreos/etcd:v3.5.12
       etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping"

examples/complete/HostSystem.yaml

@@ -13,11 +13,11 @@ data:
       enable: true
   files:
     - path: /opt/kubernetes/bin/kubelet
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubelet
       mode: 0555
     - path: /usr/local/bin/kubectl
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubectl
       mode: 0555
     - path: /etc/systemd/system/kube-cgroup.service

examples/complete/armada-resources.yaml

@@ -200,7 +200,7 @@ data:
   values:
     images:
       tags:
-        proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+        proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
     network:
       kubernetes_netloc: 127.0.0.1:6553
   source:
@@ -736,7 +736,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     secrets:
       service_account:
         public_key: placeholder
@@ -813,7 +813,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
     secrets:
       service_account:
         private_key: placeholder
@@ -886,7 +886,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
 
   source:
     type: local

examples/containerd/Genesis.yaml

@@ -27,10 +27,71 @@ data:
       - --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
       - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
       - --v=3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  controller-manager:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  scheduler:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   armada:
     target_manifest: cluster-bootstrap
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    manager:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   etcd:
     auxiliary_threshold: 3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   labels:
     dynamic:
       - calico-etcd=enabled
@@ -47,11 +108,11 @@ data:
     armada: quay.io/airshipit/armada:latest-ubuntu_focal
     armada-operator: quay.io/airshipit/armada-operator:latest
     kubernetes:
-      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
       etcd: quay.io/coreos/etcd:v3.5.12
       etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping"

examples/containerd/HostSystem.yaml

@@ -13,11 +13,11 @@ data:
       enable: true
   files:
     - path: /opt/kubernetes/bin/kubelet
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubelet
       mode: 0555
     - path: /usr/local/bin/kubectl
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubectl
       mode: 0555
     - path: /etc/systemd/system/kube-cgroup.service

examples/containerd/armada-resources.yaml

@@ -159,7 +159,7 @@ data:
   values:
     images:
       tags:
-        proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+        proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
     network:
       kubernetes_netloc: 127.0.0.1:6553
   source:
@@ -623,7 +623,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     network:
       kubernetes_service_ip: 10.96.0.1
       pod_cidr: 10.97.0.0/16
@@ -689,7 +689,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
     secrets:
       service_account:
         private_key: placeholder
@@ -763,7 +763,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
 
   source:
     type: local

examples/gate/Genesis.yaml

@@ -27,10 +27,71 @@ data:
       - --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
       - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
       - --v=3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  controller-manager:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  scheduler:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   armada:
     target_manifest: cluster-bootstrap
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    manager:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   etcd:
     auxiliary_threshold: 3
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
   labels:
     dynamic:
       - calico-etcd=enabled
@@ -47,11 +108,11 @@ data:
     armada: quay.io/airshipit/armada:latest-ubuntu_focal
     armada-operator: quay.io/airshipit/armada-operator:latest
     kubernetes:
-      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
       etcd: quay.io/coreos/etcd:v3.5.12
       etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping"

examples/gate/HostSystem.yaml

@@ -13,11 +13,11 @@ data:
       enable: true
   files:
     - path: /opt/kubernetes/bin/kubelet
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubelet
       mode: 0555
     - path: /usr/local/bin/kubectl
-      tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+      tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
       tar_path: kubernetes/node/bin/kubectl
       mode: 0555
     - path: /etc/systemd/system/kube-cgroup.service

examples/gate/armada-resources.yaml

@@ -159,7 +159,7 @@ data:
   values:
     images:
       tags:
-        proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+        proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
     network:
       kubernetes_netloc: 127.0.0.1:6553
   source:
@@ -629,7 +629,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     network:
       kubernetes_service_ip: 10.96.0.1
       pod_cidr: 10.97.0.0/16
@@ -695,7 +695,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
     secrets:
       service_account:
         private_key: placeholder
@@ -769,7 +769,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
 
   source:
     type: local

promenade/schemas/Genesis.yaml

@@ -65,6 +65,18 @@ data:
     armada:
       type: object
       properties:
+        resources:
+          type: object
+        manager:
+          type: object
+          properties:
+            resources:
+              type: object
+        monitor:
+          type: object
+          properties:
+            resources:
+              type: object
         target_manifest:
           type: string
         metrics:
@@ -80,6 +92,8 @@ data:
     apiserver:
       type: object
       properties:
+        resources:
+          type: object
         command_prefix:
           type: array
           items:
@@ -104,6 +118,18 @@ data:
                   additionalProperties: true
       additionalProperties: false
 
+    controller-manager:
+      type: object
+      properties:
+        resources:
+          type: object
+
+    scheduler:
+      type: object
+      properties:
+        resources:
+          type: object
+
     etcd:
       type: object
       properties:
@@ -123,6 +149,11 @@ data:
           type: integer
         resources:
           type: object
+        monitor:
+          type: object
+          properties:
+            resources:
+              type: object
       additionalProperties: false
 
     files:

promenade/templates/roles/common/etc/kubernetes/manifests/haproxy.yaml

@@ -32,6 +32,10 @@ spec:
         - name: etc
           mountPath: /usr/local/etc/haproxy
           readOnly: true
+{%- if config['Genesis:haproxy.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:haproxy.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
   volumes:
     - name: etc
       hostPath:

promenade/templates/roles/genesis/etc/kubernetes/manifests/auxiliary-kubernetes-etcd.yaml

@@ -127,6 +127,10 @@ spec:
           value: /etc/etcd/pki/etcd-client.pem
         - name: ETCDCTL_KEY
           value: /etc/etcd/pki/etcd-client-key.pem
+{%- if config['Genesis:etcd.monitor.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:etcd.monitor.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: all-etcd-data
           mountPath: /var/lib/etcd

promenade/templates/roles/genesis/etc/kubernetes/manifests/bootstrap-armada.yaml

@@ -62,6 +62,10 @@ spec:
         - name: no_proxy
           value: {{ config.get(kind='KubernetesNetwork') | fill_no_proxy }}
   {%- endif %}
+{%- if config['Genesis:armada.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:armada.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: assets
           mountPath: /etc/genesis/armada/assets
@@ -111,6 +115,10 @@ spec:
         periodSeconds: 10
       securityContext:
         runAsUser: 0
+{%- if config['Genesis:armada.manager.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:armada.manager.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: auth
           mountPath: /root/.kube
@@ -131,6 +139,10 @@ spec:
 
           rm -f /etc/kubernetes/manifests/bootstrap-armada.yaml
           sleep 10000
+{%- if config['Genesis:armada.monitor.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:armada.monitor.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: ipc
           mountPath: /ipc

promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-apiserver.yaml

@@ -21,6 +21,10 @@ spec:
 {% include "genesis-apiserver.yaml" with context %}
         - --etcd-servers=https://localhost:2379
         - --secure-port=6443
+{%- if config['Genesis:apiserver.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:apiserver.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: config
           mountPath: /etc/kubernetes/apiserver

promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml

@@ -29,6 +29,10 @@ spec:
       - --service-cluster-ip-range={{ config['KubernetesNetwork:kubernetes.service_cidr'] }}
       - --use-service-account-credentials=true
       - --v=5
+{%- if config['Genesis:controller-manager.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:controller-manager.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
       volumeMounts:
         - name: config
           mountPath: /etc/kubernetes/controller-manager

promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-scheduler.yaml

@@ -26,6 +26,10 @@ spec:
       volumeMounts:
         - name: config
           mountPath: /etc/kubernetes/scheduler
+{%- if config['Genesis:scheduler.resources'] is defined %}
+      resources:
+{{ config.get_path('Genesis:scheduler.resources', {}) | toyaml | trim | indent(8, true) }}
+{%- endif %}
   volumes:
     - name: config
       hostPath:

tests/unit/api/test_validatedesign.py

@@ -104,11 +104,11 @@ VALID_DOCS = [
                 'armada-operator': 'quay.io/airshipit/armada-operator:latest',
                 'kubernetes': {
                     'apiserver':
-                    'registry.k8s.io/kube-apiserver-amd64:v1.29.4',
+                    'registry.k8s.io/kube-apiserver-amd64:v1.32.1',
                     'controller-manager':
-                    'registry.k8s.io/kube-controller-manager-amd64:v1.29.4',
+                    'registry.k8s.io/kube-controller-manager-amd64:v1.32.1',
                     'etcd': 'quay.io/coreos/etcd:v3.5.12',
-                    'scheduler': 'registry.k8s.io/kube-scheduler-amd64:v1.29.4'
+                    'scheduler': 'registry.k8s.io/kube-scheduler-amd64:v1.32.1'
                 }
             },
             'ip':
@@ -143,7 +143,7 @@ VALID_DOCS = [
                 'tar_path':
                 'kubernetes/node/bin/kubelet',
                 'tar_url':
-                'https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz'
+                'https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz'
             }, {
                 'content':
                 '/var/lib/docker/containers/*/*-json.log\n{\n    compress\n    copytruncate\n    create 0644 root root\n    daily\n    dateext\n    dateformat -%Y%m%d-%s\n    maxsize 10M\n    missingok\n    notifempty\n    su root root\n    rotate 1\n}',

tests/unit/builder_data/simple/Genesis.yaml

@@ -17,8 +17,71 @@ data:
       - --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
       - --service-cluster-ip-range=10.96.0.0/16
       - --endpoint-reconciler-type=lease
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  controller-manager:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+  scheduler:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
   armada:
     target_manifest: cluster-bootstrap
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    manager:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+  etcd:
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "128Mi"
+      limits:
+        cpu: "8"
+        memory: "8Gi"
+    monitor:
+      resources:
+        requests:
+          cpu: "100m"
+          memory: "128Mi"
+        limits:
+          cpu: "8"
+          memory: "8Gi"
+    target_manifest: cluster-bootstrap
   labels:
     dynamic:
       - calico-etcd=enabled
@@ -33,11 +96,11 @@ data:
     armada: quay.io/airshipit/armada:latest-ubuntu_focal
     armada-operator: quay.io/airshipit/armada-operator:latest
     kubernetes:
-      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+      apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
-      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+      controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
       etcd: quay.io/coreos/etcd:v3.5.12
       etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
-      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+      scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping"

tests/unit/builder_data/simple/HostSystem.yaml

@@ -14,7 +14,7 @@ data:
     # attempt to actually run Kubernetes, only to construct the genesis and
     # join scripts.
     # - path: /opt/kubernetes/bin/kubelet
-    #   tar_url: https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+    #   tar_url: https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz
     #   tar_path: kubernetes/node/bin/kubelet
     #   mode: 0555
     - path: /etc/logrotate.d/json-logrotate

tests/unit/builder_data/simple/armada-resources.yaml

@@ -160,7 +160,7 @@ data:
   values:
     images:
       tags:
-        proxy: registry.k8s.io/kube-proxy-amd64:v1.29.4
+        proxy: registry.k8s.io/kube-proxy-amd64:v1.32.1
     network:
       kubernetes_netloc: 127.0.0.1:6553
   source:
@@ -635,7 +635,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.4
+        apiserver: registry.k8s.io/kube-apiserver-amd64:v1.32.1
     secrets:
       service_account:
         public_key: placeholder
@@ -712,7 +712,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+        controller_manager: registry.k8s.io/kube-controller-manager-amd64:v1.32.1
     secrets:
       service_account:
         private_key: placeholder
@@ -785,7 +785,7 @@ data:
     images:
       tags:
         anchor: quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.4
+        scheduler: registry.k8s.io/kube-scheduler-amd64:v1.32.1
 
   source:
     type: local

tools/gate/default-config-env

@@ -10,9 +10,9 @@ IMAGE_ETCD=quay.io/coreos/etcd:v3.5.12
 IMAGE_ETCDCTL=quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal
 IMAGE_HAPROXY=haproxy:2.4
 IMAGE_HELM=lachlanevenson/k8s-helm:v3.15.4
-IMAGE_APISERVER=registry.k8s.io/kube-apiserver-amd64:v1.29.4
+IMAGE_APISERVER=registry.k8s.io/kube-apiserver-amd64:v1.32.1
-IMAGE_CONTROLLER_MANAGER=registry.k8s.io/kube-controller-manager-amd64:v1.29.4
+IMAGE_CONTROLLER_MANAGER=registry.k8s.io/kube-controller-manager-amd64:v1.32.1
-IMAGE_SCHEDULER=registry.k8s.io/kube-scheduler-amd64:v1.29.4
+IMAGE_SCHEDULER=registry.k8s.io/kube-scheduler-amd64:v1.32.1
-IMAGE_PROXY=registry.k8s.io/kube-proxy-amd64:v1.29.4
+IMAGE_PROXY=registry.k8s.io/kube-proxy-amd64:v1.32.1
 IMAGE_ANCHOR=quay.io/airshipit/porthole-compute-utility:latest-ubuntu_focal
-KUBELET_URL=https://dl.k8s.io/v1.29.4/kubernetes-node-linux-amd64.tar.gz
+KUBELET_URL=https://dl.k8s.io/v1.32.1/kubernetes-node-linux-amd64.tar.gz

tools/registry/IMAGES

@@ -2,10 +2,10 @@
 coredns/coredns,1.11.1,coredns
 quay.io/airshipit/porthole-compute-utility,latest-ubuntu_focal,kubectl
 quay.io/airshipit/porthole-etcdctl-utility,latest-ubuntu_focal
-registry.k8s.io/kube-apiserver-amd64,v1.29.4,apiserver
+registry.k8s.io/kube-apiserver-amd64,v1.32.1,apiserver
-registry.k8s.io/kube-controller-manager-amd64,v1.29.4,controller-manager
+registry.k8s.io/kube-controller-manager-amd64,v1.32.1,controller-manager
-registry.k8s.io/kube-scheduler-amd64,v1.29.4,scheduler
+registry.k8s.io/kube-scheduler-amd64,v1.32.1,scheduler
-registry.k8s.io/kube-proxy-amd64,v1.29.4,proxy
+registry.k8s.io/kube-proxy-amd64,v1.32.1,proxy
 lachlanevenson/k8s-helm,v3.15.4,helm
 quay.io/airshipit/armada,master,armada
 quay.io/airshipit/armada-operator,latest,armada-operator