Upgrade k8s from v1.17.3 to v1.18.6
This ps makes following changes to upgrade kubernetes from v1.17.3
to v1.18.6.
- Updated all references to k8s images to 1.18.6
- Updated command options and api object and versions based on
k8s 1.18 release notes:
https://kubernetes.io/docs/setup/release/notes/
- Uplifted uwsgi to 2.0.19.1 to align with other airship
components, and to bring in fixes and improvements.
- Added build-essentials and python3-dev packages to pass the zull
gate, which was looking for a c compiler.
Change-Id: I1160d1e6e2f02a0524043641b9296ea39edb301e
This commit is contained in:
Mahmoudi, Ahmad (am495p)
Ahmad Mahmoudi
parent
4eb069dd88
commit
c302a083a6
2
Makefile
2
Makefile
@ -73,7 +73,7 @@ gate-lint: gate-lint-deps
|
||||
tox -e gate-lint
|
||||
|
||||
gate-lint-deps:
|
||||
sudo apt-get install -y --no-install-recommends shellcheck
|
||||
sudo apt-get install -y --no-install-recommends shellcheck tox
|
||||
|
||||
helm-lint: $(addprefix helm-lint-,$(CHARTS))
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ release_uuid: null
|
||||
|
||||
images:
|
||||
tags:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest
|
||||
scripted_test: docker.io/openstackhelm/heat:newton
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
@ -325,10 +325,10 @@ conf:
|
||||
encryption_provider:
|
||||
file: 'encryption_provider.yaml'
|
||||
command_options:
|
||||
- '--experimental-encryption-provider-config=/etc/webhook_apiserver/dynamic/encryption_provider.yaml'
|
||||
- '--encryption-provider-config=/etc/webhook_apiserver/dynamic/encryption_provider.yaml'
|
||||
content:
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
policy:
|
||||
- resource:
|
||||
verbs:
|
||||
|
||||
@ -58,9 +58,9 @@ const:
|
||||
images:
|
||||
tags:
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
key_rotate: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
key_rotate: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
pull_policy: "IfNotPresent"
|
||||
local_registry:
|
||||
active: false
|
||||
@ -146,10 +146,10 @@ conf:
|
||||
encryption_provider:
|
||||
file: encryption_provider.yaml
|
||||
command_options:
|
||||
- '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
- '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
content:
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
resources:
|
||||
- resources:
|
||||
- 'secrets'
|
||||
|
||||
@ -16,8 +16,8 @@ release_group: null
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
pull_policy: "IfNotPresent"
|
||||
|
||||
labels:
|
||||
|
||||
@ -64,7 +64,7 @@ conf:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.25
|
||||
test: python:3.6
|
||||
pull_policy: "IfNotPresent"
|
||||
|
||||
@ -49,7 +49,7 @@ conf:
|
||||
images:
|
||||
tags:
|
||||
monitoring_image: busybox:1.28.3
|
||||
hyperkube: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
hyperkube: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
promenade: quay.io/airshipit/promenade:latest
|
||||
ks_user: docker.io/openstackhelm/heat:newton
|
||||
ks_service: docker.io/openstackhelm/heat:newton
|
||||
|
||||
@ -67,7 +67,7 @@ pod:
|
||||
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
pull_policy: "IfNotPresent"
|
||||
|
||||
proxy:
|
||||
|
||||
@ -85,8 +85,8 @@ secrets:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
pull_policy: "IfNotPresent"
|
||||
|
||||
network:
|
||||
@ -100,4 +100,7 @@ service:
|
||||
command_prefix:
|
||||
- /hyperkube
|
||||
- kube-scheduler
|
||||
- --feature-gates=TaintNodesByCondition=true
|
||||
# TaintNodesByCondition feature is unconditionally enabled and the
|
||||
# corresponding --feature-gates flags have been removed in 1.18.x
|
||||
# See: https://kubernetes.io/docs/setup/release/notes/#urgent-upgrade-notes
|
||||
#- --feature-gates=TaintNodesByCondition=true
|
||||
|
||||
@ -48,10 +48,10 @@ Here is a complete sample document:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: ""
|
||||
|
||||
@ -16,7 +16,7 @@ Sample Document to run containers in Docker runtime
|
||||
data:
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
images:
|
||||
@ -24,7 +24,7 @@ Sample Document to run containers in Docker runtime
|
||||
helm:
|
||||
helm: lachlanevenson/k8s-helm:v2.14.0
|
||||
kubernetes:
|
||||
kubectl: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
kubectl: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
packages:
|
||||
repositories:
|
||||
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
|
||||
@ -116,7 +116,7 @@ Sample Document to run containers in Containerd runtime
|
||||
data:
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
images:
|
||||
@ -124,7 +124,7 @@ Sample Document to run containers in Containerd runtime
|
||||
helm:
|
||||
helm: lachlanevenson/k8s-helm:v2.14.0
|
||||
kubernetes:
|
||||
kubectl: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
kubectl: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
packages:
|
||||
additional:
|
||||
- curl
|
||||
|
||||
@ -26,7 +26,7 @@ data:
|
||||
- --endpoint-reconciler-type=lease
|
||||
- --feature-gates=PodShareProcessNamespace=true
|
||||
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
|
||||
- --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --v=3
|
||||
armada:
|
||||
target_manifest: cluster-bootstrap
|
||||
@ -51,10 +51,10 @@ data:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: "# placeholder for triggering calico etcd bootstrapping"
|
||||
|
||||
@ -13,11 +13,11 @@ data:
|
||||
enable: true
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
- path: /usr/local/bin/kubectl
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubectl
|
||||
mode: 0555
|
||||
- path: /etc/systemd/system/kube-cgroup.service
|
||||
|
||||
@ -16,11 +16,10 @@ data:
|
||||
images:
|
||||
pause: gcr.io/google_containers/pause-amd64:3.1
|
||||
config_file_overrides:
|
||||
cgroupRoot: "/kube_whitelist"
|
||||
evictionMaxPodGracePeriod: -1
|
||||
featureGates:
|
||||
PodShareProcessNamespace: true
|
||||
TaintBasedEvictions: false
|
||||
TaintBasedEvictions: true
|
||||
nodeStatusUpdateFrequency: "5s"
|
||||
serializeImagePulls: false
|
||||
...
|
||||
|
||||
@ -160,7 +160,7 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_netloc: 127.0.0.1:6553
|
||||
source:
|
||||
@ -627,7 +627,7 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.3
|
||||
test: python:3.6
|
||||
|
||||
@ -719,17 +719,17 @@ data:
|
||||
encryption_provider:
|
||||
file: encryption_provider.yaml
|
||||
command_options:
|
||||
- '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
- '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
content:
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
apiserver:
|
||||
etcd:
|
||||
endpoints: https://127.0.0.1:2378
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_service_ip: 10.96.0.1
|
||||
pod_cidr: 10.97.0.0/16
|
||||
@ -794,8 +794,8 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
private_key: placeholder
|
||||
@ -868,8 +868,8 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
|
||||
source:
|
||||
type: local
|
||||
|
||||
@ -39,10 +39,10 @@ data:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: "# placeholder for triggering calico etcd bootstrapping"
|
||||
|
||||
@ -10,11 +10,11 @@ metadata:
|
||||
data:
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
- path: /usr/local/bin/kubectl
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubectl
|
||||
mode: 0555
|
||||
- path: /etc/logrotate.d/json-logrotate
|
||||
|
||||
@ -201,7 +201,7 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_netloc: 127.0.0.1:6553
|
||||
source:
|
||||
@ -644,7 +644,7 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.3
|
||||
test: python:3.6
|
||||
|
||||
@ -730,8 +730,8 @@ data:
|
||||
endpoints: https://127.0.0.1:2378
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
public_key: placeholder
|
||||
@ -807,8 +807,8 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
private_key: placeholder
|
||||
@ -880,8 +880,8 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
|
||||
source:
|
||||
type: local
|
||||
|
||||
@ -26,7 +26,7 @@ data:
|
||||
- --endpoint-reconciler-type=lease
|
||||
- --feature-gates=PodShareProcessNamespace=true
|
||||
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
|
||||
- --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --v=3
|
||||
armada:
|
||||
target_manifest: cluster-bootstrap
|
||||
@ -51,10 +51,10 @@ data:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: "# placeholder for triggering calico etcd bootstrapping"
|
||||
|
||||
@ -13,11 +13,11 @@ data:
|
||||
enable: true
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
- path: /usr/local/bin/kubectl
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubectl
|
||||
mode: 0555
|
||||
- path: /etc/systemd/system/kube-cgroup.service
|
||||
|
||||
@ -22,7 +22,7 @@ data:
|
||||
evictionMaxPodGracePeriod: -1
|
||||
featureGates:
|
||||
PodShareProcessNamespace: true
|
||||
TaintBasedEvictions: false
|
||||
TaintBasedEvictions: true
|
||||
nodeStatusUpdateFrequency: "5s"
|
||||
serializeImagePulls: false
|
||||
...
|
||||
|
||||
@ -160,7 +160,7 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_netloc: 127.0.0.1:6553
|
||||
source:
|
||||
@ -524,7 +524,7 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.3
|
||||
test: python:3.6
|
||||
|
||||
@ -617,17 +617,17 @@ data:
|
||||
encryption_provider:
|
||||
file: encryption_provider.yaml
|
||||
command_options:
|
||||
- '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
- '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
content:
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
apiserver:
|
||||
etcd:
|
||||
endpoints: https://127.0.0.1:2378
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_service_ip: 10.96.0.1
|
||||
pod_cidr: 10.97.0.0/16
|
||||
@ -692,8 +692,8 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
private_key: placeholder
|
||||
@ -766,8 +766,8 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
|
||||
source:
|
||||
type: local
|
||||
|
||||
@ -26,7 +26,7 @@ data:
|
||||
- --endpoint-reconciler-type=lease
|
||||
- --feature-gates=PodShareProcessNamespace=true
|
||||
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
|
||||
- --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
|
||||
- --v=3
|
||||
armada:
|
||||
target_manifest: cluster-bootstrap
|
||||
@ -51,10 +51,10 @@ data:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: "# placeholder for triggering calico etcd bootstrapping"
|
||||
|
||||
@ -13,11 +13,11 @@ data:
|
||||
enable: true
|
||||
files:
|
||||
- path: /opt/kubernetes/bin/kubelet
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubelet
|
||||
mode: 0555
|
||||
- path: /usr/local/bin/kubectl
|
||||
tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
tar_path: kubernetes/node/bin/kubectl
|
||||
mode: 0555
|
||||
- path: /etc/systemd/system/kube-cgroup.service
|
||||
|
||||
@ -19,7 +19,7 @@ data:
|
||||
evictionMaxPodGracePeriod: -1
|
||||
featureGates:
|
||||
PodShareProcessNamespace: true
|
||||
TaintBasedEvictions: false
|
||||
TaintBasedEvictions: true
|
||||
nodeStatusUpdateFrequency: "5s"
|
||||
serializeImagePulls: false
|
||||
...
|
||||
|
||||
@ -160,7 +160,7 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_netloc: 127.0.0.1:6553
|
||||
source:
|
||||
@ -530,7 +530,7 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.3
|
||||
test: python:3.6
|
||||
|
||||
@ -623,17 +623,17 @@ data:
|
||||
encryption_provider:
|
||||
file: encryption_provider.yaml
|
||||
command_options:
|
||||
- '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
- '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
|
||||
content:
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
apiserver:
|
||||
etcd:
|
||||
endpoints: https://127.0.0.1:2378
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_service_ip: 10.96.0.1
|
||||
pod_cidr: 10.97.0.0/16
|
||||
@ -698,8 +698,8 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
private_key: placeholder
|
||||
@ -772,8 +772,8 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
|
||||
source:
|
||||
type: local
|
||||
|
||||
@ -243,7 +243,7 @@ spec:
|
||||
EOPOD
|
||||
|
||||
wait_for_node_ready $NODE 300
|
||||
wait_for_pod_termination $NAMESPACE $POD_NAME
|
||||
wait_for_pod_termination $NAMESPACE $POD_NAME 400
|
||||
sleep 5
|
||||
ACTUAL_LOGS=$(kubectl --namespace $NAMESPACE logs $POD_NAME)
|
||||
if [ "x$ACTUAL_LOGS" != "xEXPECTED RESULT" ]; then
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
kind: EncryptionConfig
|
||||
apiVersion: v1
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
resources:
|
||||
{{ config.get_path('Genesis:apiserver.encryption', {}) | toyaml | indent(2, true) }}
|
||||
|
||||
@ -20,7 +20,10 @@ spec:
|
||||
- kube-scheduler
|
||||
- --leader-elect=true
|
||||
- --kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml
|
||||
- --feature-gates=TaintNodesByCondition=true
|
||||
# TaintNodesByCondition feature is unconditionally enabled and the
|
||||
# corresponding --feature-gates flags have been removed in 1.18.x
|
||||
# See: https://kubernetes.io/docs/setup/release/notes/#urgent-upgrade-notes
|
||||
#- --feature-gates=TaintNodesByCondition=true
|
||||
- --v=5
|
||||
volumeMounts:
|
||||
- name: config
|
||||
|
||||
@ -13,5 +13,5 @@ oslo.policy==1.40.1
|
||||
pastedeploy==1.5.2
|
||||
pyyaml~=5.1
|
||||
requests==2.22.0
|
||||
uwsgi==2.0.17.1
|
||||
uwsgi==2.0.19.1
|
||||
git+https://opendev.org/airship/deckhand.git@7d2092b100bddcab77fca0acadd9fc99ba59797b#egg=deckhand
|
||||
|
||||
@ -105,7 +105,7 @@ testtools==2.4.0
|
||||
traceback2==1.4.0
|
||||
unittest2==1.1.0
|
||||
urllib3==1.25.9
|
||||
uWSGI==2.0.17.1
|
||||
uWSGI==2.0.19.1
|
||||
vine==1.3.0
|
||||
wcwidth==0.2.4
|
||||
WebOb==1.8.6
|
||||
|
||||
@ -107,13 +107,13 @@ VALID_DOCS = [
|
||||
},
|
||||
'kubernetes': {
|
||||
'apiserver':
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.17.3',
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.18.6',
|
||||
'controller-manager':
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.17.3',
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.18.6',
|
||||
'etcd':
|
||||
'quay.io/coreos/etcd:v3.4.2',
|
||||
'scheduler':
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.17.3'
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.18.6'
|
||||
}
|
||||
},
|
||||
'ip':
|
||||
@ -149,7 +149,7 @@ VALID_DOCS = [
|
||||
'tar_path':
|
||||
'kubernetes/node/bin/kubelet',
|
||||
'tar_url':
|
||||
'https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz'
|
||||
'https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz'
|
||||
},
|
||||
{
|
||||
'content':
|
||||
@ -166,7 +166,7 @@ VALID_DOCS = [
|
||||
},
|
||||
'kubernetes': {
|
||||
'kubectl':
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.17.3'
|
||||
'gcr.io/google_containers/hyperkube-amd64:v1.18.6'
|
||||
}
|
||||
},
|
||||
'packages': {
|
||||
|
||||
@ -36,10 +36,10 @@ data:
|
||||
helm:
|
||||
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
kubernetes:
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
etcd: quay.io/coreos/etcd:v3.4.2
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
files:
|
||||
- path: /var/lib/anchor/calico-etcd-bootstrap
|
||||
content: "# placeholder for triggering calico etcd bootstrapping"
|
||||
|
||||
@ -14,7 +14,7 @@ data:
|
||||
# attempt to actually run Kubernetes, only to construct the genesis and
|
||||
# join scripts.
|
||||
# - path: /opt/kubernetes/bin/kubelet
|
||||
# tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
# tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
# tar_path: kubernetes/node/bin/kubelet
|
||||
# mode: 0555
|
||||
- path: /etc/logrotate.d/json-logrotate
|
||||
|
||||
@ -161,7 +161,7 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
network:
|
||||
kubernetes_netloc: 127.0.0.1:6553
|
||||
source:
|
||||
@ -537,7 +537,7 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
haproxy: haproxy:1.8.3
|
||||
test: python:3.6
|
||||
|
||||
@ -629,8 +629,8 @@ data:
|
||||
endpoints: https://127.0.0.1:2378
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
public_key: placeholder
|
||||
@ -706,8 +706,8 @@ data:
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
secrets:
|
||||
service_account:
|
||||
private_key: placeholder
|
||||
@ -779,8 +779,8 @@ data:
|
||||
|
||||
images:
|
||||
tags:
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
|
||||
source:
|
||||
type: local
|
||||
|
||||
@ -3,7 +3,7 @@ export BASE_IMAGE_SIZE=${BASE_IMAGE_SIZE:-344784896}
|
||||
export BASE_IMAGE_URL=${BASE_IMAGE_URL:-https://cloud-images.ubuntu.com/releases/bionic/release/ubuntu-18.04-server-cloudimg-amd64.img}
|
||||
export IMAGE_PROMENADE=${IMAGE_PROMENADE:-quay.io/airshipit/promenade:master}
|
||||
export IMAGE_PROMENADE_DISTRO=${IMAGE_PROMENADE_DISTRO:-ubuntu_bionic}
|
||||
export IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.17.3}
|
||||
export IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.18.6}
|
||||
export NGINX_DIR="${TEMP_DIR}/nginx"
|
||||
export NGINX_URL="http://192.168.77.1:7777"
|
||||
export PROMENADE_BASE_URL="http://promenade-api.ucp.svc.cluster.local"
|
||||
|
||||
@ -21,7 +21,7 @@ etcdctl_member_remove() {
|
||||
NODE=${3}
|
||||
shift 3
|
||||
|
||||
MEMBER_ID=$(etcdctl_cmd $CLUSTER ${VM} member list | awk -F', ' "/${NODE}/ "'{ print $1}')
|
||||
MEMBER_ID=$(etcdctl_cmd "$CLUSTER" "${VM}" member list | awk -F', ' "/${NODE}/ "'{ print $1}')
|
||||
if [[ -n $MEMBER_ID ]] ; then
|
||||
etcdctl_cmd "${CLUSTER}" "${VM}" member remove "$MEMBER_ID"
|
||||
else
|
||||
|
||||
@ -17,7 +17,7 @@ validate_etcd_membership() {
|
||||
log Validating "${CLUSTER}" etcd membership via "${VM}" for members: "${EXPECTED_MEMBERS[@]}"
|
||||
|
||||
local retries=25
|
||||
for ((n=0;n<=$retries;n++)); do
|
||||
for ((n=0;n<=retries;n++)); do
|
||||
FOUND_MEMBERS=$(etcdctl_member_list "${CLUSTER}" "${VM}" | tr '\n' ' ' | sed 's/ $//')
|
||||
|
||||
log "Found \"${FOUND_MEMBERS}\", expected \"${EXPECTED_MEMBERS}\""
|
||||
|
||||
@ -8,6 +8,6 @@ IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
IMAGE_ETCD=quay.io/coreos/etcd:v3.4.2
|
||||
IMAGE_HAPROXY=haproxy:1.8.3
|
||||
IMAGE_HELM=lachlanevenson/k8s-helm:v2.14.0
|
||||
IMAGE_HYPERKUBE=gcr.io/google_containers/hyperkube-amd64:v1.17.3
|
||||
IMAGE_HYPERKUBE=gcr.io/google_containers/hyperkube-amd64:v1.18.6
|
||||
IMAGE_TILLER=gcr.io/kubernetes-helm/tiller:v2.16.1
|
||||
KUBELET_URL=https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
|
||||
KUBELET_URL=https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# source_name, tag, cache_name
|
||||
coredns/coredns,0.9.9,coredns
|
||||
gcr.io/google_containers/hyperkube-amd64,v1.17.3,hyperkube
|
||||
gcr.io/google_containers/hyperkube-amd64,v1.18.6,hyperkube
|
||||
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64,1.14.4,k8s-dns-dnsmasq-nanny-amd64
|
||||
gcr.io/google_containers/k8s-dns-kube-dns-amd64,1.14.4,k8s-dns-kube-dns-amd64
|
||||
gcr.io/google_containers/k8s-dns-sidecar-amd64,1.14.4,k8s-dns-sidecar-amd64
|
||||
|
||||
@ -21,6 +21,7 @@ export DEBIAN_FRONTEND=noninteractive
|
||||
sudo apt-get update -qq
|
||||
sudo apt-get install -q -y --no-install-recommends \
|
||||
apt-transport-https \
|
||||
build-essential \
|
||||
ca-certificates \
|
||||
curl \
|
||||
fio \
|
||||
@ -28,6 +29,7 @@ sudo apt-get install -q -y --no-install-recommends \
|
||||
jq \
|
||||
libstring-shellquote-perl \
|
||||
libvirt-bin \
|
||||
python3-dev \
|
||||
qemu-kvm \
|
||||
qemu-utils \
|
||||
software-properties-common \
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
set -eux
|
||||
|
||||
IMAGE_PROMENADE=${IMAGE_PROMENADE:-quay.io/airshipit/promenade:master}
|
||||
IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.17.3}
|
||||
IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.18.6}
|
||||
PROMENADE_DEBUG=${PROMENADE_DEBUG:-0}
|
||||
|
||||
SCRIPT_DIR=$(realpath $(dirname $0))
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user