airship
/
promenade
Code Issues Proposed changes

k8s upgrade to v1.23.7 

Address changes and deprecations in Kubernetes v1.21=>v1.23

controller-manager:
* --authorization-kubeconfig and --authentication-kubeconfig must be set
* liveness/readiness probes must use HTTPS
* the default port has been changed to 10257

kubelet:
* --dynamic-config-dir has been deprecated, will not move to GA
* --cni-bin-dir has been deprecated, will be removed with dockershim
* --cni-conf-dir has been deprecated, will be removed with dockershim
* --network-plugin has been deprecated, will be removed with dockershim

https: //github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#deprecation
https: //kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/
https: //github.com/kubernetes/enhancements/tree/master/keps/sig-node/281-dynamic-kubelet-configuration
Change-Id: Ia996d7c14d81d1d8b8067f11c02ffb4ce90eb49a
This commit is contained in:
Ruslan Aliev 2022-06-28 23:08:30 -05:00
parent 0f9818eccc
commit e207bbe966
43 changed files with 175 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.zuul.yaml
View File

@ -124,13 +124,13 @@
nodeset: airship-promenade-single-node
- job:
name: airship-promenade-docker-build-gate-ubuntu_xenial
name: airship-promenade-docker-build-gate-ubuntu_bionic
voting: false
run: tools/zuul/playbooks/docker-image-build.yaml
nodeset: airship-promenade-single-node
vars:
publish: false
distro: ubuntu_xenial
distro: ubuntu_bionic
tags:
dynamic:
patch_set: true

2
charts/apiserver-webhook/values.yaml
View File

@ -17,7 +17,7 @@ release_uuid: null
images:
tags:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest
scripted_test: docker.io/openstackhelm/heat:newton
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1

6
charts/apiserver/values.yaml
View File

@ -58,9 +58,9 @@ const:
images:
tags:
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
key_rotate: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
key_rotate: bitnami/kubectl:1.23.7
pull_policy: "IfNotPresent"
local_registry:
active: false

1
charts/controller_manager/templates/daemonset.yaml
View File

@ -79,6 +79,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_controller_manager.port }}
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5

4
charts/controller_manager/templates/etc/_kubernetes-controller-manager.yaml.tpl
View File

@ -44,6 +44,8 @@ spec:
{{- range .Values.command_prefix }}
- {{ . }}
{{- end }}
- --authentication-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml
- --authorization-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml
- --bind-address=127.0.0.1
- --configure-cloud-routes=false
- --leader-elect=true
@ -60,6 +62,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_controller_manager.port }}
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
@ -70,6 +73,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_controller_manager.port }}
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1

6
charts/controller_manager/values.yaml
View File

@ -16,8 +16,8 @@ release_group: null
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
pull_policy: "IfNotPresent"
labels:
@ -75,7 +75,7 @@ network:
pod_cidr: 10.97.0.0/16
service_cidr: 10.96.0.0/16
kubernetes_controller_manager:
port: 10252
port: 10257
service:
name: kubernetes-controller-manager

4
charts/etcd/values.yaml
View File

@ -14,8 +14,8 @@
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
etcdctl_backup: "quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_bionic"
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic

2
charts/haproxy/values.yaml
View File

@ -64,7 +64,7 @@ conf:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.25
test: python:3.6
pull_policy: "IfNotPresent"

2
charts/proxy/values.yaml
View File

@ -68,7 +68,7 @@ pod:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
pull_policy: "IfNotPresent"
proxy:

8
charts/scheduler/templates/etc/_kubernetes-scheduler.yaml.tpl
View File

@ -44,8 +44,10 @@ spec:
{{- range .Values.command_prefix }}
- {{ . }}
{{- end }}
- --address=127.0.0.1
- --port={{ .Values.network.kubernetes_scheduler.port }}
- --authentication-kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml
- --authorization-kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml
- --bind-address=127.0.0.1
- --secure-port={{ .Values.network.kubernetes_scheduler.port }}
- --leader-elect=true
- --kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml
{{- if .Values.scheduler.logging.log_level }}
@ -57,6 +59,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_scheduler.port }}
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
@ -67,6 +70,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_scheduler.port }}
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1

1
charts/scheduler/templates/sched-anchor.yaml
View File

@ -71,6 +71,7 @@ spec:
host: 127.0.0.1
path: /healthz
port: {{ .Values.network.kubernetes_scheduler.port }}
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5

6
charts/scheduler/values.yaml
View File

@ -85,14 +85,14 @@ secrets:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
pull_policy: "IfNotPresent"
network:
kubernetes_netloc: 10.96.0.1
kubernetes_scheduler:
port: 10251
port: 10259
service:
name: kubernetes-scheduler

2
doc/source/conf.py
View File

@ -66,7 +66,7 @@ release = u'0.1.0'
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None
language = 'en'
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.

8
doc/source/configuration/genesis.rst
View File

@ -42,10 +42,10 @@ Here is a complete sample document:
images:
armada: quay.io/airshipit/armada:latest
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: ""

8
doc/source/configuration/host-system.rst
View File

@ -16,13 +16,13 @@ Sample Document to run containers in Docker runtime
data:
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
images:
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
monitoring_image: busybox:1.28.3
packages:
repositories:
@ -115,13 +115,13 @@ Sample Document to run containers in Containerd runtime
data:
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
images:
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
monitoring_image: busybox:1.28.3
packages:
additional:

8
examples/basic/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"

6
examples/basic/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
@ -77,7 +77,7 @@ data:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
packages:
common:
repositories:

3
examples/basic/Kubelet.yaml
View File

@ -9,9 +9,6 @@ metadata:
storagePolicy: cleartext
data:
arguments:
- --cni-bin-dir=/opt/cni/bin
- --cni-conf-dir=/etc/cni/net.d
- --network-plugin=cni
- --v=3
images:
pause: k8s.gcr.io/pause-amd64:3.1

32
examples/basic/armada-resources.yaml
View File

@ -111,7 +111,7 @@ data:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -135,7 +135,7 @@ data:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -159,7 +159,7 @@ data:
values:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@ -363,8 +363,8 @@ data:
filename: calico-etcd-bootstrap
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:
@ -519,7 +519,7 @@ data:
images:
tags:
calico_etcd: quay.io/coreos/etcd:v3.4.13
calico_etcd: quay.io/coreos/etcd:v3.5.4
calico_node: quay.io/calico/node:v3.4.0
calico_cni: quay.io/calico/cni:v3.4.0
calico_ctl: quay.io/calico/ctl:v3.4.0
@ -534,7 +534,7 @@ data:
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
subpath: calico
dependencies:
- infra-helm-toolkit
@ -626,7 +626,7 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.3
test: python:3.6
@ -734,8 +734,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@ -800,8 +800,8 @@ data:
values:
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
secrets:
service_account:
private_key: placeholder
@ -874,8 +874,8 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
source:
type: local
@ -1071,8 +1071,8 @@ data:
host_etc_path: /etc/etcd/kubernetes
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:

8
examples/complete/Genesis.yaml
View File

@ -35,10 +35,10 @@ data:
images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"

6
examples/complete/HostSystem.yaml
View File

@ -10,11 +10,11 @@ metadata:
data:
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/logrotate.d/json-logrotate
@ -42,7 +42,7 @@ data:
monitoring_image: busybox:1.28.3
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
packages:
common:
repositories:

30
examples/complete/armada-resources.yaml
View File

@ -152,7 +152,7 @@ data:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -177,7 +177,7 @@ data:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -200,7 +200,7 @@ data:
values:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@ -400,8 +400,8 @@ data:
filename: calico-etcd-bootstrap
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:
@ -540,7 +540,7 @@ data:
images:
tags:
calico_etcd: quay.io/coreos/etcd:v3.4.13
calico_etcd: quay.io/coreos/etcd:v3.5.4
calico_node: quay.io/calico/node:v2.6.5
calico_cni: quay.io/calico/cni:v1.11.2
calico_ctl: quay.io/calico/ctl:v1.6.2
@ -643,7 +643,7 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.3
test: python:3.6
@ -736,8 +736,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
secrets:
service_account:
public_key: placeholder
@ -813,8 +813,8 @@ data:
values:
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
secrets:
service_account:
private_key: placeholder
@ -886,8 +886,8 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
source:
type: local
@ -1083,8 +1083,8 @@ data:
host_etc_path: /etc/etcd/kubernetes
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:

8
examples/containerd/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"

6
examples/containerd/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
@ -85,7 +85,7 @@ data:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
packages:
common:
additional:

3
examples/containerd/Kubelet.yaml
View File

@ -11,9 +11,6 @@ data:
arguments:
- --container-runtime=remote
- --container-runtime-endpoint=unix:///run/containerd/containerd.sock
- --cni-bin-dir=/opt/cni/bin
- --cni-conf-dir=/etc/cni/net.d
- --network-plugin=cni
- --v=3
images:
pause: k8s.gcr.io/pause-amd64:3.0

32
examples/containerd/armada-resources.yaml
View File

@ -111,7 +111,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -135,7 +135,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -159,7 +159,7 @@ data:
values:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@ -276,8 +276,8 @@ data:
filename: calico-etcd-bootstrap
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:
@ -413,7 +413,7 @@ data:
images:
tags:
calico_etcd: quay.io/coreos/etcd:v3.4.13
calico_etcd: quay.io/coreos/etcd:v3.5.4
calico_node: quay.io/calico/node:v3.4.0
calico_cni: quay.io/calico/cni:v3.4.0
calico_ctl: quay.io/calico/ctl:v3.4.0
@ -428,7 +428,7 @@ data:
source:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
subpath: calico
dependencies:
- infra-helm-toolkit
@ -523,7 +523,7 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.3
test: python:3.6
@ -632,8 +632,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@ -698,8 +698,8 @@ data:
values:
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
secrets:
service_account:
private_key: placeholder
@ -772,8 +772,8 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
source:
type: local
@ -883,8 +883,8 @@ data:
host_etc_path: /etc/etcd/kubernetes
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:

8
examples/gate/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"

6
examples/gate/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
@ -77,7 +77,7 @@ data:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
packages:
common:
repositories:

32
examples/gate/armada-resources.yaml
View File

@ -111,7 +111,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -135,7 +135,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
dependencies: []
---
schema: armada/Chart/v1
@ -159,7 +159,7 @@ data:
values:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@ -282,8 +282,8 @@ data:
filename: calico-etcd-bootstrap
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:
@ -419,7 +419,7 @@ data:
images:
tags:
calico_etcd: quay.io/coreos/etcd:v3.4.13
calico_etcd: quay.io/coreos/etcd:v3.5.4
calico_node: quay.io/calico/node:v3.4.0
calico_cni: quay.io/calico/cni:v3.4.0
calico_ctl: quay.io/calico/ctl:v3.4.0
@ -434,7 +434,7 @@ data:
source:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
subpath: calico
dependencies:
- infra-helm-toolkit
@ -529,7 +529,7 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.3
test: python:3.6
@ -638,8 +638,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
@ -704,8 +704,8 @@ data:
values:
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
secrets:
service_account:
private_key: placeholder
@ -778,8 +778,8 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
source:
type: local
@ -889,8 +889,8 @@ data:
host_etc_path: /etc/etcd/kubernetes
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:

3
promenade/templates/roles/common/etc/kubernetes/kubelet/dynamic-config/.gitignore vendored
View File

@ -1,3 +0,0 @@
# This .gitignore exists to force git to track the containing empty directory.
*
!.gitignore

1
promenade/templates/roles/common/etc/systemd/system/kubelet.service
View File

@ -6,7 +6,6 @@ After=network-online.target
[Service]
ExecStart=/opt/kubernetes/bin/kubelet \
--config=/etc/kubernetes/kubelet/config.yaml \
--dynamic-config-dir=/etc/kubernetes/kubelet/dynamic-config \
--hostname-override={{ config.get_first('Genesis:hostname', 'KubernetesNode:hostname') }} \
--kubeconfig=/etc/kubernetes/kubeconfig \
--node-ip={{ config.get_first('Genesis:ip', 'KubernetesNode:ip') }} \

2
promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml
View File

@ -17,6 +17,8 @@ spec:
command:
- kube-controller-manager
- --allocate-node-cidrs=true
- --authentication-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml
- --authorization-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml
- --cluster-cidr={{ config['KubernetesNetwork:kubernetes.pod_cidr'] }}
- --configure-cloud-routes=false
- --bind-address=127.0.0.1

4
requirements-direct.txt
View File

@ -7,7 +7,7 @@ jsonschema==3.2.0
keystoneauth1==3.18.0
keystonemiddleware==5.3.0
setuptools==40.4.3
kubernetes<23
kubernetes<24
oslo.context==2.21.0
oslo.policy==1.40.1
pastedeploy==1.5.2
@ -15,4 +15,4 @@ pylibyaml~=0.1
pyyaml~=5.1
requests==2.22.0
uwsgi==2.0.19.1
git+https://opendev.org/airship/deckhand.git@1f0c011a1708c1235a2be65edada7d386cd55d2a#egg=deckhand
git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand

4
requirements-frozen.txt
View File

@ -13,7 +13,7 @@ cmd2==0.8.9
cryptography==3.1.1
debtcollector==1.22.0
pbr==5.4.5
Deckhand @ git+https://opendev.org/airship/deckhand.git@1f0c011a1708c1235a2be65edada7d386cd55d2a#egg=deckhand
Deckhand @ git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand
decorator==4.4.2
deepdiff==3.3.0
dnspython==1.16.0
@ -39,7 +39,7 @@ jsonschema==3.2.0
keystoneauth1==3.18.0
keystonemiddleware==5.3.0
kombu==4.6.10
kubernetes==22.6.0
kubernetes==23.6.0; python_version >= '3.6'
linecache2==1.0.0
Mako==1.1.3
MarkupSafe==1.1.1

17
tests/unit/api/test_validatedesign.py
View File

@ -104,13 +104,13 @@ VALID_DOCS = [
'armada': 'quay.io/airshipit/armada:master-ubuntu_bionic',
'kubernetes': {
'apiserver':
'k8s.gcr.io/kube-apiserver-amd64:v1.21.7',
'k8s.gcr.io/kube-apiserver-amd64:v1.23.7',
'controller-manager':
'k8s.gcr.io/kube-controller-manager-amd64:v1.21.7',
'k8s.gcr.io/kube-controller-manager-amd64:v1.23.7',
'etcd':
'quay.io/coreos/etcd:v3.4.13',
'quay.io/coreos/etcd:v3.5.4',
'scheduler':
'k8s.gcr.io/kube-scheduler-amd64:v1.21.7'
'k8s.gcr.io/kube-scheduler-amd64:v1.23.7'
}
},
'ip':
@ -146,7 +146,7 @@ VALID_DOCS = [
'tar_path':
'kubernetes/node/bin/kubelet',
'tar_url':
'https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz'
'https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz'
},
{
'content':
@ -159,7 +159,7 @@ VALID_DOCS = [
'images': {
'haproxy': 'haproxy:1.8.3',
'helm': {
'helm': 'lachlanevenson/k8s-helm:v3.6.2'
'helm': 'lachlanevenson/k8s-helm:v3.8.2'
}
},
'packages': {
@ -193,10 +193,7 @@ VALID_DOCS = [
},
{
'data': {
'arguments': [
'--cni-bin-dir=/opt/cni/bin', '--cni-conf-dir=/etc/cni/net.d',
'--network-plugin=cni', '--v=5'
],
'arguments': ['--v=5'],
'images': {
'pause': 'k8s.gcr.io/pause-amd64:3.1'
},

8
tests/unit/builder_data/simple/Genesis.yaml
View File

@ -32,10 +32,10 @@ data:
images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
etcd: quay.io/coreos/etcd:v3.4.13
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping"

4
tests/unit/builder_data/simple/HostSystem.yaml
View File

@ -14,7 +14,7 @@ data:
# attempt to actually run Kubernetes, only to construct the genesis and
# join scripts.
# - path: /opt/kubernetes/bin/kubelet
# tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
# tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz
# tar_path: kubernetes/node/bin/kubelet
# mode: 0555
- path: /etc/logrotate.d/json-logrotate
@ -38,7 +38,7 @@ data:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
helm:
helm: lachlanevenson/k8s-helm:v3.6.2
helm: lachlanevenson/k8s-helm:v3.8.2
packages:
common:
repositories:

24
tests/unit/builder_data/simple/armada-resources.yaml
View File

@ -160,7 +160,7 @@ data:
values:
images:
tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7
proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7
network:
kubernetes_netloc: 127.0.0.1:6553
source:
@ -303,8 +303,8 @@ data:
filename: calico-etcd-bootstrap
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:
@ -536,7 +536,7 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
anchor: bitnami/kubectl:1.23.7
haproxy: haproxy:1.8.3
test: python:3.6
@ -635,8 +635,8 @@ data:
endpoints: https://127.0.0.1:2378
images:
tags:
anchor: bitnami/kubectl:1.21.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7
secrets:
service_account:
public_key: placeholder
@ -712,8 +712,8 @@ data:
values:
images:
tags:
anchor: bitnami/kubectl:1.21.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
secrets:
service_account:
private_key: placeholder
@ -785,8 +785,8 @@ data:
images:
tags:
anchor: bitnami/kubectl:1.21.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7
anchor: bitnami/kubectl:1.23.7
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7
source:
type: local
@ -924,8 +924,8 @@ data:
host_etc_path: /etc/etcd/kubernetes
images:
tags:
etcd: quay.io/coreos/etcd:v3.4.13
etcdctl: quay.io/coreos/etcd:v3.4.13
etcd: quay.io/coreos/etcd:v3.5.4
etcdctl: quay.io/coreos/etcd:v3.5.4
nodes:
- name: n0
tls:

3
tools/gate/config-templates/site-config.yaml
View File

@ -157,9 +157,6 @@ metadata:
storagePolicy: cleartext
data:
arguments:
- --cni-bin-dir=/opt/cni/bin
- --cni-conf-dir=/etc/cni/net.d
- --network-plugin=cni
- --v=5
images:
pause: k8s.gcr.io/pause-amd64:3.1

16
tools/gate/default-config-env
View File

@ -5,12 +5,12 @@ IMAGE_CALICO_KUBE_CONTROLLERS=quay.io/calico/kube-controllers:v1.0.2
IMAGE_CALICO_NODE=quay.io/calico/node:v2.6.5
IMAGE_COREDNS=coredns/coredns:1.7.0
IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
IMAGE_ETCD=quay.io/coreos/etcd:v3.4.13
IMAGE_ETCD=quay.io/coreos/etcd:v3.5.4
IMAGE_HAPROXY=haproxy:1.8.3
IMAGE_HELM=lachlanevenson/k8s-helm:v3.6.2
IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.21.7
IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.21.7
IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.21.7
IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.21.7
IMAGE_ANCHOR=bitnami/kubectl:1.21.7
KUBELET_URL=https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz
IMAGE_HELM=lachlanevenson/k8s-helm:v3.8.2
IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.23.7
IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.23.7
IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.23.7
IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.23.7
IMAGE_ANCHOR=bitnami/kubectl:1.23.7
KUBELET_URL=https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz

2
tools/helm_install.sh
View File

@ -17,7 +17,7 @@
set -x
HELM=$1
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.6.3-linux-amd64.tar.gz"}
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.8.2-linux-amd64.tar.gz"}
function install_helm_binary {

2
tools/helm_tk.sh
View File

@ -17,7 +17,7 @@
set -eux
HTK_REPO=${HTK_REPO:-"https://opendev.org/openstack/openstack-helm-infra.git"}
HTK_STABLE_COMMIT=${HTK_COMMIT:-"2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3"}
HTK_STABLE_COMMIT=${HTK_COMMIT:-"ee331fd0d38e3584fecbefbf6218ba0c8e112338"}
TMP_DIR=$(mktemp -d)

12
tools/registry/IMAGES
View File

@ -1,14 +1,14 @@
# source_name, tag, cache_name
coredns/coredns,1.7.0,coredns
bitnami/kubectl,1.21.7,kubectl
k8s.gcr.io/kube-apiserver-amd64,v1.21.7,apiserver
k8s.gcr.io/kube-controller-manager-amd64,v1.21.7,controller-manager
k8s.gcr.io/kube-scheduler-amd64,v1.21.7,scheduler
k8s.gcr.io/kube-proxy-amd64,v1.21.7,proxy
bitnami/kubectl,1.23.7,kubectl
k8s.gcr.io/kube-apiserver-amd64,v1.23.7,apiserver
k8s.gcr.io/kube-controller-manager-amd64,v1.23.7,controller-manager
k8s.gcr.io/kube-scheduler-amd64,v1.23.7,scheduler
k8s.gcr.io/kube-proxy-amd64,v1.23.7,proxy
k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64,1.14.4,k8s-dns-dnsmasq-nanny-amd64
k8s.gcr.io/k8s-dns-kube-dns-amd64,1.14.4,k8s-dns-kube-dns-amd64
k8s.gcr.io/k8s-dns-sidecar-amd64,1.14.4,k8s-dns-sidecar-amd64
lachlanevenson/k8s-helm,v3.6.3,helm
lachlanevenson/k8s-helm,v3.8.2,helm
quay.io/airshipit/armada,master,armada
quay.io/calico/cni,v1.11.0,calico-cni
quay.io/calico/ctl,v1.6.1,calico-ctl