diff --git a/Makefile b/Makefile
index 5ed03747..f80e714f 100644
--- a/Makefile
+++ b/Makefile
@@ -73,7 +73,7 @@ gate-lint: gate-lint-deps
tox -e gate-lint
gate-lint-deps:
- sudo apt-get install -y --no-install-recommends shellcheck
+ sudo apt-get install -y --no-install-recommends shellcheck tox
helm-lint: $(addprefix helm-lint-,$(CHARTS))
diff --git a/charts/apiserver-webhook/values.yaml b/charts/apiserver-webhook/values.yaml
index c1ab32bb..1233d811 100644
--- a/charts/apiserver-webhook/values.yaml
+++ b/charts/apiserver-webhook/values.yaml
@@ -17,7 +17,7 @@ release_uuid: null
images:
tags:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest
scripted_test: docker.io/openstackhelm/heat:newton
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
@@ -325,10 +325,10 @@ conf:
encryption_provider:
file: 'encryption_provider.yaml'
command_options:
- - '--experimental-encryption-provider-config=/etc/webhook_apiserver/dynamic/encryption_provider.yaml'
+ - '--encryption-provider-config=/etc/webhook_apiserver/dynamic/encryption_provider.yaml'
content:
- kind: EncryptionConfig
- apiVersion: v1
+ kind: EncryptionConfiguration
+ apiVersion: apiserver.config.k8s.io/v1
policy:
- resource:
verbs:
diff --git a/charts/apiserver/values.yaml b/charts/apiserver/values.yaml
index 77114000..808be191 100644
--- a/charts/apiserver/values.yaml
+++ b/charts/apiserver/values.yaml
@@ -58,9 +58,9 @@ const:
images:
tags:
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- key_rotate: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ key_rotate: gcr.io/google_containers/hyperkube-amd64:v1.18.6
pull_policy: "IfNotPresent"
local_registry:
active: false
@@ -146,10 +146,10 @@ conf:
encryption_provider:
file: encryption_provider.yaml
command_options:
- - '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
+ - '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
content:
- kind: EncryptionConfig
- apiVersion: v1
+ kind: EncryptionConfiguration
+ apiVersion: apiserver.config.k8s.io/v1
resources:
- resources:
- 'secrets'
diff --git a/charts/controller_manager/values.yaml b/charts/controller_manager/values.yaml
index 7e217302..4475a96e 100644
--- a/charts/controller_manager/values.yaml
+++ b/charts/controller_manager/values.yaml
@@ -16,8 +16,8 @@ release_group: null
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
pull_policy: "IfNotPresent"
labels:
diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml
index 7cdf02f6..b334b2b1 100644
--- a/charts/haproxy/values.yaml
+++ b/charts/haproxy/values.yaml
@@ -64,7 +64,7 @@ conf:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.25
test: python:3.6
pull_policy: "IfNotPresent"
diff --git a/charts/promenade/values.yaml b/charts/promenade/values.yaml
index d82692f7..39136d61 100644
--- a/charts/promenade/values.yaml
+++ b/charts/promenade/values.yaml
@@ -49,7 +49,7 @@ conf:
images:
tags:
monitoring_image: busybox:1.28.3
- hyperkube: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ hyperkube: gcr.io/google_containers/hyperkube-amd64:v1.18.6
promenade: quay.io/airshipit/promenade:latest
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
diff --git a/charts/proxy/values.yaml b/charts/proxy/values.yaml
index f6cec724..268e54c2 100644
--- a/charts/proxy/values.yaml
+++ b/charts/proxy/values.yaml
@@ -67,7 +67,7 @@ pod:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
pull_policy: "IfNotPresent"
proxy:
diff --git a/charts/scheduler/values.yaml b/charts/scheduler/values.yaml
index cc7d3390..b18ff5ef 100644
--- a/charts/scheduler/values.yaml
+++ b/charts/scheduler/values.yaml
@@ -85,8 +85,8 @@ secrets:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
pull_policy: "IfNotPresent"
network:
@@ -100,4 +100,7 @@ service:
command_prefix:
- /hyperkube
- kube-scheduler
- - --feature-gates=TaintNodesByCondition=true
+ # TaintNodesByCondition feature is unconditionally enabled and the
+ # corresponding --feature-gates flags have been removed in 1.18.x
+ # See: https://kubernetes.io/docs/setup/release/notes/#urgent-upgrade-notes
+ #- --feature-gates=TaintNodesByCondition=true
diff --git a/doc/source/configuration/genesis.rst b/doc/source/configuration/genesis.rst
index 3ff6321d..2266268d 100644
--- a/doc/source/configuration/genesis.rst
+++ b/doc/source/configuration/genesis.rst
@@ -48,10 +48,10 @@ Here is a complete sample document:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: ""
diff --git a/doc/source/configuration/host-system.rst b/doc/source/configuration/host-system.rst
index d12a8321..f60b7335 100644
--- a/doc/source/configuration/host-system.rst
+++ b/doc/source/configuration/host-system.rst
@@ -16,7 +16,7 @@ Sample Document to run containers in Docker runtime
data:
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
images:
@@ -24,7 +24,7 @@ Sample Document to run containers in Docker runtime
helm:
helm: lachlanevenson/k8s-helm:v2.14.0
kubernetes:
- kubectl: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ kubectl: gcr.io/google_containers/hyperkube-amd64:v1.18.6
packages:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
@@ -116,7 +116,7 @@ Sample Document to run containers in Containerd runtime
data:
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
images:
@@ -124,7 +124,7 @@ Sample Document to run containers in Containerd runtime
helm:
helm: lachlanevenson/k8s-helm:v2.14.0
kubernetes:
- kubectl: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ kubectl: gcr.io/google_containers/hyperkube-amd64:v1.18.6
packages:
additional:
- curl
diff --git a/examples/basic/Genesis.yaml b/examples/basic/Genesis.yaml
index 4c59f5f3..fc631069 100644
--- a/examples/basic/Genesis.yaml
+++ b/examples/basic/Genesis.yaml
@@ -26,7 +26,7 @@ data:
- --endpoint-reconciler-type=lease
- --feature-gates=PodShareProcessNamespace=true
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
- - --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
+ - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
- --v=3
armada:
target_manifest: cluster-bootstrap
@@ -51,10 +51,10 @@ data:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"
diff --git a/examples/basic/HostSystem.yaml b/examples/basic/HostSystem.yaml
index 7a04dd85..9c0bc131 100644
--- a/examples/basic/HostSystem.yaml
+++ b/examples/basic/HostSystem.yaml
@@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
diff --git a/examples/basic/Kubelet.yaml b/examples/basic/Kubelet.yaml
index 0e6bc305..868ae1c8 100644
--- a/examples/basic/Kubelet.yaml
+++ b/examples/basic/Kubelet.yaml
@@ -16,11 +16,10 @@ data:
images:
pause: gcr.io/google_containers/pause-amd64:3.1
config_file_overrides:
- cgroupRoot: "/kube_whitelist"
evictionMaxPodGracePeriod: -1
featureGates:
PodShareProcessNamespace: true
- TaintBasedEvictions: false
+ TaintBasedEvictions: true
nodeStatusUpdateFrequency: "5s"
serializeImagePulls: false
...
diff --git a/examples/basic/armada-resources.yaml b/examples/basic/armada-resources.yaml
index f7543545..48bbafce 100644
--- a/examples/basic/armada-resources.yaml
+++ b/examples/basic/armada-resources.yaml
@@ -160,7 +160,7 @@ data:
values:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@@ -627,7 +627,7 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.3
test: python:3.6
@@ -719,17 +719,17 @@ data:
encryption_provider:
file: encryption_provider.yaml
command_options:
- - '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
+ - '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
content:
- kind: EncryptionConfig
- apiVersion: v1
+ kind: EncryptionConfiguration
+ apiVersion: apiserver.config.k8s.io/v1
apiserver:
etcd:
endpoints: https://127.0.0.1:2378
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@@ -794,8 +794,8 @@ data:
values:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
private_key: placeholder
@@ -868,8 +868,8 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
source:
type: local
diff --git a/examples/complete/Genesis.yaml b/examples/complete/Genesis.yaml
index 3c7bd1cc..f6542008 100644
--- a/examples/complete/Genesis.yaml
+++ b/examples/complete/Genesis.yaml
@@ -39,10 +39,10 @@ data:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"
diff --git a/examples/complete/HostSystem.yaml b/examples/complete/HostSystem.yaml
index 5bd71501..86bef535 100644
--- a/examples/complete/HostSystem.yaml
+++ b/examples/complete/HostSystem.yaml
@@ -10,11 +10,11 @@ metadata:
data:
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/logrotate.d/json-logrotate
diff --git a/examples/complete/armada-resources.yaml b/examples/complete/armada-resources.yaml
index 1235829c..f743a5a8 100644
--- a/examples/complete/armada-resources.yaml
+++ b/examples/complete/armada-resources.yaml
@@ -201,7 +201,7 @@ data:
values:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@@ -644,7 +644,7 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.3
test: python:3.6
@@ -730,8 +730,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
public_key: placeholder
@@ -807,8 +807,8 @@ data:
values:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
private_key: placeholder
@@ -880,8 +880,8 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
source:
type: local
diff --git a/examples/containerd/Genesis.yaml b/examples/containerd/Genesis.yaml
index debfca59..2967d2d8 100644
--- a/examples/containerd/Genesis.yaml
+++ b/examples/containerd/Genesis.yaml
@@ -26,7 +26,7 @@ data:
- --endpoint-reconciler-type=lease
- --feature-gates=PodShareProcessNamespace=true
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
- - --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
+ - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
- --v=3
armada:
target_manifest: cluster-bootstrap
@@ -51,10 +51,10 @@ data:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"
diff --git a/examples/containerd/HostSystem.yaml b/examples/containerd/HostSystem.yaml
index 80490b87..3cc36e9e 100644
--- a/examples/containerd/HostSystem.yaml
+++ b/examples/containerd/HostSystem.yaml
@@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
diff --git a/examples/containerd/Kubelet.yaml b/examples/containerd/Kubelet.yaml
index 7d8e7fd2..0ae30dfa 100644
--- a/examples/containerd/Kubelet.yaml
+++ b/examples/containerd/Kubelet.yaml
@@ -22,7 +22,7 @@ data:
evictionMaxPodGracePeriod: -1
featureGates:
PodShareProcessNamespace: true
- TaintBasedEvictions: false
+ TaintBasedEvictions: true
nodeStatusUpdateFrequency: "5s"
serializeImagePulls: false
...
diff --git a/examples/containerd/armada-resources.yaml b/examples/containerd/armada-resources.yaml
index 0714778c..0e39b7eb 100644
--- a/examples/containerd/armada-resources.yaml
+++ b/examples/containerd/armada-resources.yaml
@@ -160,7 +160,7 @@ data:
values:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@@ -524,7 +524,7 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.3
test: python:3.6
@@ -617,17 +617,17 @@ data:
encryption_provider:
file: encryption_provider.yaml
command_options:
- - '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
+ - '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
content:
- kind: EncryptionConfig
- apiVersion: v1
+ kind: EncryptionConfiguration
+ apiVersion: apiserver.config.k8s.io/v1
apiserver:
etcd:
endpoints: https://127.0.0.1:2378
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@@ -692,8 +692,8 @@ data:
values:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
private_key: placeholder
@@ -766,8 +766,8 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
source:
type: local
diff --git a/examples/gate/Genesis.yaml b/examples/gate/Genesis.yaml
index debfca59..2967d2d8 100644
--- a/examples/gate/Genesis.yaml
+++ b/examples/gate/Genesis.yaml
@@ -26,7 +26,7 @@ data:
- --endpoint-reconciler-type=lease
- --feature-gates=PodShareProcessNamespace=true
- --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml
- - --experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
+ - --encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml
- --v=3
armada:
target_manifest: cluster-bootstrap
@@ -51,10 +51,10 @@ data:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"
diff --git a/examples/gate/HostSystem.yaml b/examples/gate/HostSystem.yaml
index 05bd43a9..c1928812 100644
--- a/examples/gate/HostSystem.yaml
+++ b/examples/gate/HostSystem.yaml
@@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
- tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
diff --git a/examples/gate/Kubelet.yaml b/examples/gate/Kubelet.yaml
index f053601f..868ae1c8 100644
--- a/examples/gate/Kubelet.yaml
+++ b/examples/gate/Kubelet.yaml
@@ -19,7 +19,7 @@ data:
evictionMaxPodGracePeriod: -1
featureGates:
PodShareProcessNamespace: true
- TaintBasedEvictions: false
+ TaintBasedEvictions: true
nodeStatusUpdateFrequency: "5s"
serializeImagePulls: false
...
diff --git a/examples/gate/armada-resources.yaml b/examples/gate/armada-resources.yaml
index 7e1687d6..22a83989 100644
--- a/examples/gate/armada-resources.yaml
+++ b/examples/gate/armada-resources.yaml
@@ -160,7 +160,7 @@ data:
values:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@@ -530,7 +530,7 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.3
test: python:3.6
@@ -623,17 +623,17 @@ data:
encryption_provider:
file: encryption_provider.yaml
command_options:
- - '--experimental-encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
+ - '--encryption-provider-config=/etc/kubernetes/apiserver/encryption_provider.yaml'
content:
- kind: EncryptionConfig
- apiVersion: v1
+ kind: EncryptionConfiguration
+ apiVersion: apiserver.config.k8s.io/v1
apiserver:
etcd:
endpoints: https://127.0.0.1:2378
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@@ -698,8 +698,8 @@ data:
values:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
private_key: placeholder
@@ -772,8 +772,8 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
source:
type: local
diff --git a/promenade/templates/include/utils.sh b/promenade/templates/include/utils.sh
index 853bde51..bb290eac 100644
--- a/promenade/templates/include/utils.sh
+++ b/promenade/templates/include/utils.sh
@@ -243,7 +243,7 @@ spec:
EOPOD
wait_for_node_ready $NODE 300
- wait_for_pod_termination $NAMESPACE $POD_NAME
+ wait_for_pod_termination $NAMESPACE $POD_NAME 400
sleep 5
ACTUAL_LOGS=$(kubectl --namespace $NAMESPACE logs $POD_NAME)
if [ "x$ACTUAL_LOGS" != "xEXPECTED RESULT" ]; then
diff --git a/promenade/templates/roles/genesis/etc/genesis/apiserver/encryption_provider.yaml b/promenade/templates/roles/genesis/etc/genesis/apiserver/encryption_provider.yaml
index 3aab7fa7..4a705fc6 100644
--- a/promenade/templates/roles/genesis/etc/genesis/apiserver/encryption_provider.yaml
+++ b/promenade/templates/roles/genesis/etc/genesis/apiserver/encryption_provider.yaml
@@ -1,4 +1,4 @@
-kind: EncryptionConfig
-apiVersion: v1
+kind: EncryptionConfiguration
+apiVersion: apiserver.config.k8s.io/v1
resources:
{{ config.get_path('Genesis:apiserver.encryption', {}) | toyaml | indent(2, true) }}
diff --git a/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-scheduler.yaml b/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-scheduler.yaml
index 842f201a..0cde75d8 100644
--- a/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-scheduler.yaml
+++ b/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-scheduler.yaml
@@ -20,7 +20,10 @@ spec:
- kube-scheduler
- --leader-elect=true
- --kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml
- - --feature-gates=TaintNodesByCondition=true
+ # TaintNodesByCondition feature is unconditionally enabled and the
+ # corresponding --feature-gates flags have been removed in 1.18.x
+ # See: https://kubernetes.io/docs/setup/release/notes/#urgent-upgrade-notes
+ #- --feature-gates=TaintNodesByCondition=true
- --v=5
volumeMounts:
- name: config
diff --git a/requirements-direct.txt b/requirements-direct.txt
index e513c717..a7545510 100644
--- a/requirements-direct.txt
+++ b/requirements-direct.txt
@@ -13,5 +13,5 @@ oslo.policy==1.40.1
pastedeploy==1.5.2
pyyaml~=5.1
requests==2.22.0
-uwsgi==2.0.17.1
+uwsgi==2.0.19.1
git+https://opendev.org/airship/deckhand.git@7d2092b100bddcab77fca0acadd9fc99ba59797b#egg=deckhand
diff --git a/requirements-frozen.txt b/requirements-frozen.txt
index 2ae7d9fc..636dc66f 100644
--- a/requirements-frozen.txt
+++ b/requirements-frozen.txt
@@ -105,7 +105,7 @@ testtools==2.4.0
traceback2==1.4.0
unittest2==1.1.0
urllib3==1.25.9
-uWSGI==2.0.17.1
+uWSGI==2.0.19.1
vine==1.3.0
wcwidth==0.2.4
WebOb==1.8.6
diff --git a/tests/unit/api/test_validatedesign.py b/tests/unit/api/test_validatedesign.py
index 075e6c31..ad0ebe8e 100644
--- a/tests/unit/api/test_validatedesign.py
+++ b/tests/unit/api/test_validatedesign.py
@@ -107,13 +107,13 @@ VALID_DOCS = [
},
'kubernetes': {
'apiserver':
- 'gcr.io/google_containers/hyperkube-amd64:v1.17.3',
+ 'gcr.io/google_containers/hyperkube-amd64:v1.18.6',
'controller-manager':
- 'gcr.io/google_containers/hyperkube-amd64:v1.17.3',
+ 'gcr.io/google_containers/hyperkube-amd64:v1.18.6',
'etcd':
'quay.io/coreos/etcd:v3.4.2',
'scheduler':
- 'gcr.io/google_containers/hyperkube-amd64:v1.17.3'
+ 'gcr.io/google_containers/hyperkube-amd64:v1.18.6'
}
},
'ip':
@@ -149,7 +149,7 @@ VALID_DOCS = [
'tar_path':
'kubernetes/node/bin/kubelet',
'tar_url':
- 'https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz'
+ 'https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz'
},
{
'content':
@@ -166,7 +166,7 @@ VALID_DOCS = [
},
'kubernetes': {
'kubectl':
- 'gcr.io/google_containers/hyperkube-amd64:v1.17.3'
+ 'gcr.io/google_containers/hyperkube-amd64:v1.18.6'
}
},
'packages': {
diff --git a/tests/unit/builder_data/simple/Genesis.yaml b/tests/unit/builder_data/simple/Genesis.yaml
index 2d177fc6..3b2fd3b3 100644
--- a/tests/unit/builder_data/simple/Genesis.yaml
+++ b/tests/unit/builder_data/simple/Genesis.yaml
@@ -36,10 +36,10 @@ data:
helm:
tiller: gcr.io/kubernetes-helm/tiller:v2.16.1
kubernetes:
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
etcd: quay.io/coreos/etcd:v3.4.2
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"
diff --git a/tests/unit/builder_data/simple/HostSystem.yaml b/tests/unit/builder_data/simple/HostSystem.yaml
index 19c7017b..de6618c4 100644
--- a/tests/unit/builder_data/simple/HostSystem.yaml
+++ b/tests/unit/builder_data/simple/HostSystem.yaml
@@ -14,7 +14,7 @@ data:
# attempt to actually run Kubernetes, only to construct the genesis and
# join scripts.
# - path: /opt/kubernetes/bin/kubelet
- # tar_url: https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+ # tar_url: https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
# tar_path: kubernetes/node/bin/kubelet
# mode: 0555
- path: /etc/logrotate.d/json-logrotate
diff --git a/tests/unit/builder_data/simple/armada-resources.yaml b/tests/unit/builder_data/simple/armada-resources.yaml
index e8d20806..63560200 100644
--- a/tests/unit/builder_data/simple/armada-resources.yaml
+++ b/tests/unit/builder_data/simple/armada-resources.yaml
@@ -161,7 +161,7 @@ data:
values:
images:
tags:
- proxy: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ proxy: gcr.io/google_containers/hyperkube-amd64:v1.18.6
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@@ -537,7 +537,7 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
haproxy: haproxy:1.8.3
test: python:3.6
@@ -629,8 +629,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- apiserver: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ apiserver: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
public_key: placeholder
@@ -706,8 +706,8 @@ data:
values:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.18.6
secrets:
service_account:
private_key: placeholder
@@ -779,8 +779,8 @@ data:
images:
tags:
- anchor: gcr.io/google_containers/hyperkube-amd64:v1.17.3
- scheduler: gcr.io/google_containers/hyperkube-amd64:v1.17.3
+ anchor: gcr.io/google_containers/hyperkube-amd64:v1.18.6
+ scheduler: gcr.io/google_containers/hyperkube-amd64:v1.18.6
source:
type: local
diff --git a/tools/g2/lib/config.sh b/tools/g2/lib/config.sh
index 98f79262..21f772eb 100644
--- a/tools/g2/lib/config.sh
+++ b/tools/g2/lib/config.sh
@@ -3,7 +3,7 @@ export BASE_IMAGE_SIZE=${BASE_IMAGE_SIZE:-344784896}
export BASE_IMAGE_URL=${BASE_IMAGE_URL:-https://cloud-images.ubuntu.com/releases/bionic/release/ubuntu-18.04-server-cloudimg-amd64.img}
export IMAGE_PROMENADE=${IMAGE_PROMENADE:-quay.io/airshipit/promenade:master}
export IMAGE_PROMENADE_DISTRO=${IMAGE_PROMENADE_DISTRO:-ubuntu_bionic}
-export IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.17.3}
+export IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.18.6}
export NGINX_DIR="${TEMP_DIR}/nginx"
export NGINX_URL="http://192.168.77.1:7777"
export PROMENADE_BASE_URL="http://promenade-api.ucp.svc.cluster.local"
diff --git a/tools/g2/lib/etcd.sh b/tools/g2/lib/etcd.sh
index dad7200b..5bfe0bca 100644
--- a/tools/g2/lib/etcd.sh
+++ b/tools/g2/lib/etcd.sh
@@ -21,7 +21,7 @@ etcdctl_member_remove() {
NODE=${3}
shift 3
- MEMBER_ID=$(etcdctl_cmd $CLUSTER ${VM} member list | awk -F', ' "/${NODE}/ "'{ print $1}')
+ MEMBER_ID=$(etcdctl_cmd "$CLUSTER" "${VM}" member list | awk -F', ' "/${NODE}/ "'{ print $1}')
if [[ -n $MEMBER_ID ]] ; then
etcdctl_cmd "${CLUSTER}" "${VM}" member remove "$MEMBER_ID"
else
diff --git a/tools/g2/lib/validate.sh b/tools/g2/lib/validate.sh
index ebfccf02..3c7d7000 100644
--- a/tools/g2/lib/validate.sh
+++ b/tools/g2/lib/validate.sh
@@ -17,7 +17,7 @@ validate_etcd_membership() {
log Validating "${CLUSTER}" etcd membership via "${VM}" for members: "${EXPECTED_MEMBERS[@]}"
local retries=25
- for ((n=0;n<=$retries;n++)); do
+ for ((n=0;n<=retries;n++)); do
FOUND_MEMBERS=$(etcdctl_member_list "${CLUSTER}" "${VM}" | tr '\n' ' ' | sed 's/ $//')
log "Found \"${FOUND_MEMBERS}\", expected \"${EXPECTED_MEMBERS}\""
diff --git a/tools/gate/default-config-env b/tools/gate/default-config-env
index 0c06bfdb..9b929005 100644
--- a/tools/gate/default-config-env
+++ b/tools/gate/default-config-env
@@ -8,6 +8,6 @@ IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
IMAGE_ETCD=quay.io/coreos/etcd:v3.4.2
IMAGE_HAPROXY=haproxy:1.8.3
IMAGE_HELM=lachlanevenson/k8s-helm:v2.14.0
-IMAGE_HYPERKUBE=gcr.io/google_containers/hyperkube-amd64:v1.17.3
+IMAGE_HYPERKUBE=gcr.io/google_containers/hyperkube-amd64:v1.18.6
IMAGE_TILLER=gcr.io/kubernetes-helm/tiller:v2.16.1
-KUBELET_URL=https://dl.k8s.io/v1.17.3/kubernetes-node-linux-amd64.tar.gz
+KUBELET_URL=https://dl.k8s.io/v1.18.6/kubernetes-node-linux-amd64.tar.gz
diff --git a/tools/registry/IMAGES b/tools/registry/IMAGES
index 84abafc6..fff69ae0 100644
--- a/tools/registry/IMAGES
+++ b/tools/registry/IMAGES
@@ -1,6 +1,6 @@
# source_name, tag, cache_name
coredns/coredns,0.9.9,coredns
-gcr.io/google_containers/hyperkube-amd64,v1.17.3,hyperkube
+gcr.io/google_containers/hyperkube-amd64,v1.18.6,hyperkube
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64,1.14.4,k8s-dns-dnsmasq-nanny-amd64
gcr.io/google_containers/k8s-dns-kube-dns-amd64,1.14.4,k8s-dns-kube-dns-amd64
gcr.io/google_containers/k8s-dns-sidecar-amd64,1.14.4,k8s-dns-sidecar-amd64
diff --git a/tools/setup_gate.sh b/tools/setup_gate.sh
index 641cff03..35ae3679 100755
--- a/tools/setup_gate.sh
+++ b/tools/setup_gate.sh
@@ -21,6 +21,7 @@ export DEBIAN_FRONTEND=noninteractive
sudo apt-get update -qq
sudo apt-get install -q -y --no-install-recommends \
apt-transport-https \
+ build-essential \
ca-certificates \
curl \
fio \
@@ -28,6 +29,7 @@ sudo apt-get install -q -y --no-install-recommends \
jq \
libstring-shellquote-perl \
libvirt-bin \
+ python3-dev \
qemu-kvm \
qemu-utils \
software-properties-common \
diff --git a/tools/simple-deployment.sh b/tools/simple-deployment.sh
index ec642539..7f066acf 100755
--- a/tools/simple-deployment.sh
+++ b/tools/simple-deployment.sh
@@ -3,7 +3,7 @@
set -eux
IMAGE_PROMENADE=${IMAGE_PROMENADE:-quay.io/airshipit/promenade:master}
-IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.17.3}
+IMAGE_HYPERKUBE=${IMAGE_HYPERKUBE:-gcr.io/google_containers/hyperkube-amd64:v1.18.6}
PROMENADE_DEBUG=${PROMENADE_DEBUG:-0}
SCRIPT_DIR=$(realpath $(dirname $0))