From e207bbe9661716efab8dc017925489072d28a936 Mon Sep 17 00:00:00 2001 From: Ruslan Aliev Date: Tue, 28 Jun 2022 23:08:30 -0500 Subject: [PATCH] k8s upgrade to v1.23.7 Address changes and deprecations in Kubernetes v1.21=>v1.23 controller-manager: * --authorization-kubeconfig and --authentication-kubeconfig must be set * liveness/readiness probes must use HTTPS * the default port has been changed to 10257 kubelet: * --dynamic-config-dir has been deprecated, will not move to GA * --cni-bin-dir has been deprecated, will be removed with dockershim * --cni-conf-dir has been deprecated, will be removed with dockershim * --network-plugin has been deprecated, will be removed with dockershim https: //github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#deprecation https: //kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ https: //github.com/kubernetes/enhancements/tree/master/keps/sig-node/281-dynamic-kubelet-configuration Change-Id: Ia996d7c14d81d1d8b8067f11c02ffb4ce90eb49a --- .zuul.yaml | 4 +-- charts/apiserver-webhook/values.yaml | 2 +- charts/apiserver/values.yaml | 6 ++-- .../templates/daemonset.yaml | 1 + .../_kubernetes-controller-manager.yaml.tpl | 4 +++ charts/controller_manager/values.yaml | 6 ++-- charts/etcd/values.yaml | 4 +-- charts/haproxy/values.yaml | 2 +- charts/proxy/values.yaml | 2 +- .../etc/_kubernetes-scheduler.yaml.tpl | 8 +++-- charts/scheduler/templates/sched-anchor.yaml | 1 + charts/scheduler/values.yaml | 6 ++-- doc/source/conf.py | 2 +- doc/source/configuration/genesis.rst | 8 ++--- doc/source/configuration/host-system.rst | 8 ++--- examples/basic/Genesis.yaml | 8 ++--- examples/basic/HostSystem.yaml | 6 ++-- examples/basic/Kubelet.yaml | 3 -- examples/basic/armada-resources.yaml | 32 +++++++++---------- examples/complete/Genesis.yaml | 8 ++--- examples/complete/HostSystem.yaml | 6 ++-- examples/complete/armada-resources.yaml | 30 ++++++++--------- examples/containerd/Genesis.yaml | 8 ++--- examples/containerd/HostSystem.yaml | 6 ++-- examples/containerd/Kubelet.yaml | 3 -- examples/containerd/armada-resources.yaml | 32 +++++++++---------- examples/gate/Genesis.yaml | 8 ++--- examples/gate/HostSystem.yaml | 6 ++-- examples/gate/armada-resources.yaml | 32 +++++++++---------- .../kubelet/dynamic-config/.gitignore | 3 -- .../common/etc/systemd/system/kubelet.service | 1 - .../kubernetes-controller-manager.yaml | 2 ++ requirements-direct.txt | 4 +-- requirements-frozen.txt | 4 +-- tests/unit/api/test_validatedesign.py | 17 ++++------ tests/unit/builder_data/simple/Genesis.yaml | 8 ++--- .../unit/builder_data/simple/HostSystem.yaml | 4 +-- .../builder_data/simple/armada-resources.yaml | 24 +++++++------- tools/gate/config-templates/site-config.yaml | 3 -- tools/gate/default-config-env | 16 +++++----- tools/helm_install.sh | 2 +- tools/helm_tk.sh | 2 +- tools/registry/IMAGES | 12 +++---- 43 files changed, 175 insertions(+), 179 deletions(-) delete mode 100644 promenade/templates/roles/common/etc/kubernetes/kubelet/dynamic-config/.gitignore diff --git a/.zuul.yaml b/.zuul.yaml index 0e7de6f0..dfbfe25b 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -124,13 +124,13 @@ nodeset: airship-promenade-single-node - job: - name: airship-promenade-docker-build-gate-ubuntu_xenial + name: airship-promenade-docker-build-gate-ubuntu_bionic voting: false run: tools/zuul/playbooks/docker-image-build.yaml nodeset: airship-promenade-single-node vars: publish: false - distro: ubuntu_xenial + distro: ubuntu_bionic tags: dynamic: patch_set: true diff --git a/charts/apiserver-webhook/values.yaml b/charts/apiserver-webhook/values.yaml index ae4caa47..b09437de 100644 --- a/charts/apiserver-webhook/values.yaml +++ b/charts/apiserver-webhook/values.yaml @@ -17,7 +17,7 @@ release_uuid: null images: tags: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest scripted_test: docker.io/openstackhelm/heat:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 diff --git a/charts/apiserver/values.yaml b/charts/apiserver/values.yaml index f321e8ba..5363d0cc 100644 --- a/charts/apiserver/values.yaml +++ b/charts/apiserver/values.yaml @@ -58,9 +58,9 @@ const: images: tags: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - key_rotate: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + key_rotate: bitnami/kubectl:1.23.7 pull_policy: "IfNotPresent" local_registry: active: false diff --git a/charts/controller_manager/templates/daemonset.yaml b/charts/controller_manager/templates/daemonset.yaml index 27946803..d409214d 100644 --- a/charts/controller_manager/templates/daemonset.yaml +++ b/charts/controller_manager/templates/daemonset.yaml @@ -79,6 +79,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_controller_manager.port }} + scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 5 diff --git a/charts/controller_manager/templates/etc/_kubernetes-controller-manager.yaml.tpl b/charts/controller_manager/templates/etc/_kubernetes-controller-manager.yaml.tpl index 21a5e14a..50d265d5 100644 --- a/charts/controller_manager/templates/etc/_kubernetes-controller-manager.yaml.tpl +++ b/charts/controller_manager/templates/etc/_kubernetes-controller-manager.yaml.tpl @@ -44,6 +44,8 @@ spec: {{- range .Values.command_prefix }} - {{ . }} {{- end }} + - --authentication-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml + - --authorization-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml - --bind-address=127.0.0.1 - --configure-cloud-routes=false - --leader-elect=true @@ -60,6 +62,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_controller_manager.port }} + scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 5 @@ -70,6 +73,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_controller_manager.port }} + scheme: HTTPS initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 diff --git a/charts/controller_manager/values.yaml b/charts/controller_manager/values.yaml index 2cb208e2..faf31f12 100644 --- a/charts/controller_manager/values.yaml +++ b/charts/controller_manager/values.yaml @@ -16,8 +16,8 @@ release_group: null images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 pull_policy: "IfNotPresent" labels: @@ -75,7 +75,7 @@ network: pod_cidr: 10.97.0.0/16 service_cidr: 10.96.0.0/16 kubernetes_controller_manager: - port: 10252 + port: 10257 service: name: kubernetes-controller-manager diff --git a/charts/etcd/values.yaml b/charts/etcd/values.yaml index 6b2c2f98..c6ac9476 100644 --- a/charts/etcd/values.yaml +++ b/charts/etcd/values.yaml @@ -14,8 +14,8 @@ images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 etcdctl_backup: "quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_bionic" dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml index a64d8d8a..e3d92bd6 100644 --- a/charts/haproxy/values.yaml +++ b/charts/haproxy/values.yaml @@ -64,7 +64,7 @@ conf: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.25 test: python:3.6 pull_policy: "IfNotPresent" diff --git a/charts/proxy/values.yaml b/charts/proxy/values.yaml index 0a590bf6..8c339c00 100644 --- a/charts/proxy/values.yaml +++ b/charts/proxy/values.yaml @@ -68,7 +68,7 @@ pod: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 pull_policy: "IfNotPresent" proxy: diff --git a/charts/scheduler/templates/etc/_kubernetes-scheduler.yaml.tpl b/charts/scheduler/templates/etc/_kubernetes-scheduler.yaml.tpl index 8fc9da69..c6108338 100644 --- a/charts/scheduler/templates/etc/_kubernetes-scheduler.yaml.tpl +++ b/charts/scheduler/templates/etc/_kubernetes-scheduler.yaml.tpl @@ -44,8 +44,10 @@ spec: {{- range .Values.command_prefix }} - {{ . }} {{- end }} - - --address=127.0.0.1 - - --port={{ .Values.network.kubernetes_scheduler.port }} + - --authentication-kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml + - --authorization-kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml + - --bind-address=127.0.0.1 + - --secure-port={{ .Values.network.kubernetes_scheduler.port }} - --leader-elect=true - --kubeconfig=/etc/kubernetes/scheduler/kubeconfig.yaml {{- if .Values.scheduler.logging.log_level }} @@ -57,6 +59,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_scheduler.port }} + scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 5 @@ -67,6 +70,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_scheduler.port }} + scheme: HTTPS initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 diff --git a/charts/scheduler/templates/sched-anchor.yaml b/charts/scheduler/templates/sched-anchor.yaml index 3a8e91b1..ce5df100 100644 --- a/charts/scheduler/templates/sched-anchor.yaml +++ b/charts/scheduler/templates/sched-anchor.yaml @@ -71,6 +71,7 @@ spec: host: 127.0.0.1 path: /healthz port: {{ .Values.network.kubernetes_scheduler.port }} + scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 5 diff --git a/charts/scheduler/values.yaml b/charts/scheduler/values.yaml index 11ab185a..bd651703 100644 --- a/charts/scheduler/values.yaml +++ b/charts/scheduler/values.yaml @@ -85,14 +85,14 @@ secrets: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 pull_policy: "IfNotPresent" network: kubernetes_netloc: 10.96.0.1 kubernetes_scheduler: - port: 10251 + port: 10259 service: name: kubernetes-scheduler diff --git a/doc/source/conf.py b/doc/source/conf.py index 8781dc4b..75403236 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -66,7 +66,7 @@ release = u'0.1.0' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = None +language = 'en' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/doc/source/configuration/genesis.rst b/doc/source/configuration/genesis.rst index 9c3b0e4d..fd04b906 100644 --- a/doc/source/configuration/genesis.rst +++ b/doc/source/configuration/genesis.rst @@ -42,10 +42,10 @@ Here is a complete sample document: images: armada: quay.io/airshipit/armada:latest kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "" diff --git a/doc/source/configuration/host-system.rst b/doc/source/configuration/host-system.rst index 4a513eb3..6fcd5a55 100644 --- a/doc/source/configuration/host-system.rst +++ b/doc/source/configuration/host-system.rst @@ -16,13 +16,13 @@ Sample Document to run containers in Docker runtime data: files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 images: haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 monitoring_image: busybox:1.28.3 packages: repositories: @@ -115,13 +115,13 @@ Sample Document to run containers in Containerd runtime data: files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 images: haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 monitoring_image: busybox:1.28.3 packages: additional: diff --git a/examples/basic/Genesis.yaml b/examples/basic/Genesis.yaml index 86d21746..9e1ba7c7 100644 --- a/examples/basic/Genesis.yaml +++ b/examples/basic/Genesis.yaml @@ -46,10 +46,10 @@ data: images: armada: quay.io/airshipit/armada:master-ubuntu_bionic kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" diff --git a/examples/basic/HostSystem.yaml b/examples/basic/HostSystem.yaml index 08b67e59..78e50a9b 100644 --- a/examples/basic/HostSystem.yaml +++ b/examples/basic/HostSystem.yaml @@ -13,11 +13,11 @@ data: enable: true files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 - path: /usr/local/bin/kubectl - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubectl mode: 0555 - path: /etc/systemd/system/kube-cgroup.service @@ -77,7 +77,7 @@ data: monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 packages: common: repositories: diff --git a/examples/basic/Kubelet.yaml b/examples/basic/Kubelet.yaml index 7c5d95aa..427544cd 100644 --- a/examples/basic/Kubelet.yaml +++ b/examples/basic/Kubelet.yaml @@ -9,9 +9,6 @@ metadata: storagePolicy: cleartext data: arguments: - - --cni-bin-dir=/opt/cni/bin - - --cni-conf-dir=/etc/cni/net.d - - --network-plugin=cni - --v=3 images: pause: k8s.gcr.io/pause-amd64:3.1 diff --git a/examples/basic/armada-resources.yaml b/examples/basic/armada-resources.yaml index f6736e21..e14f20cd 100644 --- a/examples/basic/armada-resources.yaml +++ b/examples/basic/armada-resources.yaml @@ -111,7 +111,7 @@ data: type: git location: https://git.openstack.org/openstack/openstack-helm-infra subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -135,7 +135,7 @@ data: type: git location: https://git.openstack.org/openstack/openstack-helm-infra subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -159,7 +159,7 @@ data: values: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 network: kubernetes_netloc: 127.0.0.1:6553 source: @@ -363,8 +363,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: @@ -519,7 +519,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.4.13 + calico_etcd: quay.io/coreos/etcd:v3.5.4 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -534,7 +534,7 @@ data: source: type: git location: https://git.openstack.org/openstack/openstack-helm-infra - reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 subpath: calico dependencies: - infra-helm-toolkit @@ -626,7 +626,7 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.3 test: python:3.6 @@ -734,8 +734,8 @@ data: endpoints: https://127.0.0.1:2378 images: tags: - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 network: kubernetes_service_ip: 10.96.0.1 pod_cidr: 10.97.0.0/16 @@ -800,8 +800,8 @@ data: values: images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 secrets: service_account: private_key: placeholder @@ -874,8 +874,8 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 source: type: local @@ -1071,8 +1071,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: diff --git a/examples/complete/Genesis.yaml b/examples/complete/Genesis.yaml index 8cec2c0f..6d778d1f 100644 --- a/examples/complete/Genesis.yaml +++ b/examples/complete/Genesis.yaml @@ -35,10 +35,10 @@ data: images: armada: quay.io/airshipit/armada:master-ubuntu_bionic kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" diff --git a/examples/complete/HostSystem.yaml b/examples/complete/HostSystem.yaml index 8dfee424..3b79e83a 100644 --- a/examples/complete/HostSystem.yaml +++ b/examples/complete/HostSystem.yaml @@ -10,11 +10,11 @@ metadata: data: files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 - path: /usr/local/bin/kubectl - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubectl mode: 0555 - path: /etc/logrotate.d/json-logrotate @@ -42,7 +42,7 @@ data: monitoring_image: busybox:1.28.3 haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 packages: common: repositories: diff --git a/examples/complete/armada-resources.yaml b/examples/complete/armada-resources.yaml index 54d070e5..4644f934 100644 --- a/examples/complete/armada-resources.yaml +++ b/examples/complete/armada-resources.yaml @@ -152,7 +152,7 @@ data: type: git location: https://git.openstack.org/openstack/openstack-helm-infra subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -177,7 +177,7 @@ data: type: git location: https://git.openstack.org/openstack/openstack-helm-infra subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -200,7 +200,7 @@ data: values: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 network: kubernetes_netloc: 127.0.0.1:6553 source: @@ -400,8 +400,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: @@ -540,7 +540,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.4.13 + calico_etcd: quay.io/coreos/etcd:v3.5.4 calico_node: quay.io/calico/node:v2.6.5 calico_cni: quay.io/calico/cni:v1.11.2 calico_ctl: quay.io/calico/ctl:v1.6.2 @@ -643,7 +643,7 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.3 test: python:3.6 @@ -736,8 +736,8 @@ data: endpoints: https://127.0.0.1:2378 images: tags: - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 secrets: service_account: public_key: placeholder @@ -813,8 +813,8 @@ data: values: images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 secrets: service_account: private_key: placeholder @@ -886,8 +886,8 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 source: type: local @@ -1083,8 +1083,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: diff --git a/examples/containerd/Genesis.yaml b/examples/containerd/Genesis.yaml index 09957894..563b1f30 100644 --- a/examples/containerd/Genesis.yaml +++ b/examples/containerd/Genesis.yaml @@ -46,10 +46,10 @@ data: images: armada: quay.io/airshipit/armada:master-ubuntu_bionic kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" diff --git a/examples/containerd/HostSystem.yaml b/examples/containerd/HostSystem.yaml index 711510ff..65bbf31b 100644 --- a/examples/containerd/HostSystem.yaml +++ b/examples/containerd/HostSystem.yaml @@ -13,11 +13,11 @@ data: enable: true files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 - path: /usr/local/bin/kubectl - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubectl mode: 0555 - path: /etc/systemd/system/kube-cgroup.service @@ -85,7 +85,7 @@ data: monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 packages: common: additional: diff --git a/examples/containerd/Kubelet.yaml b/examples/containerd/Kubelet.yaml index b911caf6..2d1b8f59 100644 --- a/examples/containerd/Kubelet.yaml +++ b/examples/containerd/Kubelet.yaml @@ -11,9 +11,6 @@ data: arguments: - --container-runtime=remote - --container-runtime-endpoint=unix:///run/containerd/containerd.sock - - --cni-bin-dir=/opt/cni/bin - - --cni-conf-dir=/etc/cni/net.d - - --network-plugin=cni - --v=3 images: pause: k8s.gcr.io/pause-amd64:3.0 diff --git a/examples/containerd/armada-resources.yaml b/examples/containerd/armada-resources.yaml index dc51586e..0c252dfa 100644 --- a/examples/containerd/armada-resources.yaml +++ b/examples/containerd/armada-resources.yaml @@ -111,7 +111,7 @@ data: type: git location: https://opendev.org/openstack/openstack-helm-infra.git subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -135,7 +135,7 @@ data: type: git location: https://opendev.org/openstack/openstack-helm-infra.git subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -159,7 +159,7 @@ data: values: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 network: kubernetes_netloc: 127.0.0.1:6553 source: @@ -276,8 +276,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: @@ -413,7 +413,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.4.13 + calico_etcd: quay.io/coreos/etcd:v3.5.4 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -428,7 +428,7 @@ data: source: type: git location: https://opendev.org/openstack/openstack-helm-infra.git - reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 subpath: calico dependencies: - infra-helm-toolkit @@ -523,7 +523,7 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.3 test: python:3.6 @@ -632,8 +632,8 @@ data: endpoints: https://127.0.0.1:2378 images: tags: - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 network: kubernetes_service_ip: 10.96.0.1 pod_cidr: 10.97.0.0/16 @@ -698,8 +698,8 @@ data: values: images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 secrets: service_account: private_key: placeholder @@ -772,8 +772,8 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 source: type: local @@ -883,8 +883,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: diff --git a/examples/gate/Genesis.yaml b/examples/gate/Genesis.yaml index 09957894..563b1f30 100644 --- a/examples/gate/Genesis.yaml +++ b/examples/gate/Genesis.yaml @@ -46,10 +46,10 @@ data: images: armada: quay.io/airshipit/armada:master-ubuntu_bionic kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" diff --git a/examples/gate/HostSystem.yaml b/examples/gate/HostSystem.yaml index a363adac..2a02b2bb 100644 --- a/examples/gate/HostSystem.yaml +++ b/examples/gate/HostSystem.yaml @@ -13,11 +13,11 @@ data: enable: true files: - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubelet mode: 0555 - path: /usr/local/bin/kubectl - tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz tar_path: kubernetes/node/bin/kubectl mode: 0555 - path: /etc/systemd/system/kube-cgroup.service @@ -77,7 +77,7 @@ data: monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 packages: common: repositories: diff --git a/examples/gate/armada-resources.yaml b/examples/gate/armada-resources.yaml index eec555e8..6f319faf 100644 --- a/examples/gate/armada-resources.yaml +++ b/examples/gate/armada-resources.yaml @@ -111,7 +111,7 @@ data: type: git location: https://opendev.org/openstack/openstack-helm-infra.git subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -135,7 +135,7 @@ data: type: git location: https://opendev.org/openstack/openstack-helm-infra.git subpath: helm-toolkit - reference: 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 dependencies: [] --- schema: armada/Chart/v1 @@ -159,7 +159,7 @@ data: values: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 network: kubernetes_netloc: 127.0.0.1:6553 source: @@ -282,8 +282,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: @@ -419,7 +419,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.4.13 + calico_etcd: quay.io/coreos/etcd:v3.5.4 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -434,7 +434,7 @@ data: source: type: git location: https://opendev.org/openstack/openstack-helm-infra.git - reference: b50fae62a4ad0992ce877cd632800e1eed5f71a9 + reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338 subpath: calico dependencies: - infra-helm-toolkit @@ -529,7 +529,7 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.3 test: python:3.6 @@ -638,8 +638,8 @@ data: endpoints: https://127.0.0.1:2378 images: tags: - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 network: kubernetes_service_ip: 10.96.0.1 pod_cidr: 10.97.0.0/16 @@ -704,8 +704,8 @@ data: values: images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 secrets: service_account: private_key: placeholder @@ -778,8 +778,8 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 source: type: local @@ -889,8 +889,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: diff --git a/promenade/templates/roles/common/etc/kubernetes/kubelet/dynamic-config/.gitignore b/promenade/templates/roles/common/etc/kubernetes/kubelet/dynamic-config/.gitignore deleted file mode 100644 index 607997a6..00000000 --- a/promenade/templates/roles/common/etc/kubernetes/kubelet/dynamic-config/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -# This .gitignore exists to force git to track the containing empty directory. -* -!.gitignore diff --git a/promenade/templates/roles/common/etc/systemd/system/kubelet.service b/promenade/templates/roles/common/etc/systemd/system/kubelet.service index 396bacc2..6670bb6c 100644 --- a/promenade/templates/roles/common/etc/systemd/system/kubelet.service +++ b/promenade/templates/roles/common/etc/systemd/system/kubelet.service @@ -6,7 +6,6 @@ After=network-online.target [Service] ExecStart=/opt/kubernetes/bin/kubelet \ --config=/etc/kubernetes/kubelet/config.yaml \ - --dynamic-config-dir=/etc/kubernetes/kubelet/dynamic-config \ --hostname-override={{ config.get_first('Genesis:hostname', 'KubernetesNode:hostname') }} \ --kubeconfig=/etc/kubernetes/kubeconfig \ --node-ip={{ config.get_first('Genesis:ip', 'KubernetesNode:ip') }} \ diff --git a/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml b/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml index 24b0fe47..8fbe6465 100644 --- a/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml +++ b/promenade/templates/roles/genesis/etc/kubernetes/manifests/kubernetes-controller-manager.yaml @@ -17,6 +17,8 @@ spec: command: - kube-controller-manager - --allocate-node-cidrs=true + - --authentication-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml + - --authorization-kubeconfig=/etc/kubernetes/controller-manager/kubeconfig.yaml - --cluster-cidr={{ config['KubernetesNetwork:kubernetes.pod_cidr'] }} - --configure-cloud-routes=false - --bind-address=127.0.0.1 diff --git a/requirements-direct.txt b/requirements-direct.txt index fbd912d9..1c40237a 100644 --- a/requirements-direct.txt +++ b/requirements-direct.txt @@ -7,7 +7,7 @@ jsonschema==3.2.0 keystoneauth1==3.18.0 keystonemiddleware==5.3.0 setuptools==40.4.3 -kubernetes<23 +kubernetes<24 oslo.context==2.21.0 oslo.policy==1.40.1 pastedeploy==1.5.2 @@ -15,4 +15,4 @@ pylibyaml~=0.1 pyyaml~=5.1 requests==2.22.0 uwsgi==2.0.19.1 -git+https://opendev.org/airship/deckhand.git@1f0c011a1708c1235a2be65edada7d386cd55d2a#egg=deckhand +git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand diff --git a/requirements-frozen.txt b/requirements-frozen.txt index 99d2d2da..588a2637 100644 --- a/requirements-frozen.txt +++ b/requirements-frozen.txt @@ -13,7 +13,7 @@ cmd2==0.8.9 cryptography==3.1.1 debtcollector==1.22.0 pbr==5.4.5 -Deckhand @ git+https://opendev.org/airship/deckhand.git@1f0c011a1708c1235a2be65edada7d386cd55d2a#egg=deckhand +Deckhand @ git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand decorator==4.4.2 deepdiff==3.3.0 dnspython==1.16.0 @@ -39,7 +39,7 @@ jsonschema==3.2.0 keystoneauth1==3.18.0 keystonemiddleware==5.3.0 kombu==4.6.10 -kubernetes==22.6.0 +kubernetes==23.6.0; python_version >= '3.6' linecache2==1.0.0 Mako==1.1.3 MarkupSafe==1.1.1 diff --git a/tests/unit/api/test_validatedesign.py b/tests/unit/api/test_validatedesign.py index 2a70ea52..13266c7b 100644 --- a/tests/unit/api/test_validatedesign.py +++ b/tests/unit/api/test_validatedesign.py @@ -104,13 +104,13 @@ VALID_DOCS = [ 'armada': 'quay.io/airshipit/armada:master-ubuntu_bionic', 'kubernetes': { 'apiserver': - 'k8s.gcr.io/kube-apiserver-amd64:v1.21.7', + 'k8s.gcr.io/kube-apiserver-amd64:v1.23.7', 'controller-manager': - 'k8s.gcr.io/kube-controller-manager-amd64:v1.21.7', + 'k8s.gcr.io/kube-controller-manager-amd64:v1.23.7', 'etcd': - 'quay.io/coreos/etcd:v3.4.13', + 'quay.io/coreos/etcd:v3.5.4', 'scheduler': - 'k8s.gcr.io/kube-scheduler-amd64:v1.21.7' + 'k8s.gcr.io/kube-scheduler-amd64:v1.23.7' } }, 'ip': @@ -146,7 +146,7 @@ VALID_DOCS = [ 'tar_path': 'kubernetes/node/bin/kubelet', 'tar_url': - 'https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz' + 'https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz' }, { 'content': @@ -159,7 +159,7 @@ VALID_DOCS = [ 'images': { 'haproxy': 'haproxy:1.8.3', 'helm': { - 'helm': 'lachlanevenson/k8s-helm:v3.6.2' + 'helm': 'lachlanevenson/k8s-helm:v3.8.2' } }, 'packages': { @@ -193,10 +193,7 @@ VALID_DOCS = [ }, { 'data': { - 'arguments': [ - '--cni-bin-dir=/opt/cni/bin', '--cni-conf-dir=/etc/cni/net.d', - '--network-plugin=cni', '--v=5' - ], + 'arguments': ['--v=5'], 'images': { 'pause': 'k8s.gcr.io/pause-amd64:3.1' }, diff --git a/tests/unit/builder_data/simple/Genesis.yaml b/tests/unit/builder_data/simple/Genesis.yaml index 88d9cdd6..358a7eb7 100644 --- a/tests/unit/builder_data/simple/Genesis.yaml +++ b/tests/unit/builder_data/simple/Genesis.yaml @@ -32,10 +32,10 @@ data: images: armada: quay.io/airshipit/armada:master-ubuntu_bionic kubernetes: - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 - controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 - etcd: quay.io/coreos/etcd:v3.4.13 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 + controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 + etcd: quay.io/coreos/etcd:v3.5.4 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" diff --git a/tests/unit/builder_data/simple/HostSystem.yaml b/tests/unit/builder_data/simple/HostSystem.yaml index ed126c8c..510f53c0 100644 --- a/tests/unit/builder_data/simple/HostSystem.yaml +++ b/tests/unit/builder_data/simple/HostSystem.yaml @@ -14,7 +14,7 @@ data: # attempt to actually run Kubernetes, only to construct the genesis and # join scripts. # - path: /opt/kubernetes/bin/kubelet - # tar_url: https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz + # tar_url: https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz # tar_path: kubernetes/node/bin/kubelet # mode: 0555 - path: /etc/logrotate.d/json-logrotate @@ -38,7 +38,7 @@ data: monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: - helm: lachlanevenson/k8s-helm:v3.6.2 + helm: lachlanevenson/k8s-helm:v3.8.2 packages: common: repositories: diff --git a/tests/unit/builder_data/simple/armada-resources.yaml b/tests/unit/builder_data/simple/armada-resources.yaml index fd7df29a..d73e3e3f 100644 --- a/tests/unit/builder_data/simple/armada-resources.yaml +++ b/tests/unit/builder_data/simple/armada-resources.yaml @@ -160,7 +160,7 @@ data: values: images: tags: - proxy: k8s.gcr.io/kube-proxy-amd64:v1.21.7 + proxy: k8s.gcr.io/kube-proxy-amd64:v1.23.7 network: kubernetes_netloc: 127.0.0.1:6553 source: @@ -303,8 +303,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: @@ -536,7 +536,7 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 + anchor: bitnami/kubectl:1.23.7 haproxy: haproxy:1.8.3 test: python:3.6 @@ -635,8 +635,8 @@ data: endpoints: https://127.0.0.1:2378 images: tags: - anchor: bitnami/kubectl:1.21.7 - apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.23.7 secrets: service_account: public_key: placeholder @@ -712,8 +712,8 @@ data: values: images: tags: - anchor: bitnami/kubectl:1.21.7 - controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 secrets: service_account: private_key: placeholder @@ -785,8 +785,8 @@ data: images: tags: - anchor: bitnami/kubectl:1.21.7 - scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.21.7 + anchor: bitnami/kubectl:1.23.7 + scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.23.7 source: type: local @@ -924,8 +924,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.4.13 - etcdctl: quay.io/coreos/etcd:v3.4.13 + etcd: quay.io/coreos/etcd:v3.5.4 + etcdctl: quay.io/coreos/etcd:v3.5.4 nodes: - name: n0 tls: diff --git a/tools/gate/config-templates/site-config.yaml b/tools/gate/config-templates/site-config.yaml index 953de315..015e3d19 100644 --- a/tools/gate/config-templates/site-config.yaml +++ b/tools/gate/config-templates/site-config.yaml @@ -157,9 +157,6 @@ metadata: storagePolicy: cleartext data: arguments: - - --cni-bin-dir=/opt/cni/bin - - --cni-conf-dir=/etc/cni/net.d - - --network-plugin=cni - --v=5 images: pause: k8s.gcr.io/pause-amd64:3.1 diff --git a/tools/gate/default-config-env b/tools/gate/default-config-env index 43266913..66ef908c 100644 --- a/tools/gate/default-config-env +++ b/tools/gate/default-config-env @@ -5,12 +5,12 @@ IMAGE_CALICO_KUBE_CONTROLLERS=quay.io/calico/kube-controllers:v1.0.2 IMAGE_CALICO_NODE=quay.io/calico/node:v2.6.5 IMAGE_COREDNS=coredns/coredns:1.7.0 IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 -IMAGE_ETCD=quay.io/coreos/etcd:v3.4.13 +IMAGE_ETCD=quay.io/coreos/etcd:v3.5.4 IMAGE_HAPROXY=haproxy:1.8.3 -IMAGE_HELM=lachlanevenson/k8s-helm:v3.6.2 -IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.21.7 -IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.21.7 -IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.21.7 -IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.21.7 -IMAGE_ANCHOR=bitnami/kubectl:1.21.7 -KUBELET_URL=https://dl.k8s.io/v1.21.7/kubernetes-node-linux-amd64.tar.gz +IMAGE_HELM=lachlanevenson/k8s-helm:v3.8.2 +IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.23.7 +IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.23.7 +IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.23.7 +IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.23.7 +IMAGE_ANCHOR=bitnami/kubectl:1.23.7 +KUBELET_URL=https://dl.k8s.io/v1.23.7/kubernetes-node-linux-amd64.tar.gz diff --git a/tools/helm_install.sh b/tools/helm_install.sh index 730d1413..364d2805 100755 --- a/tools/helm_install.sh +++ b/tools/helm_install.sh @@ -17,7 +17,7 @@ set -x HELM=$1 -HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.6.3-linux-amd64.tar.gz"} +HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.8.2-linux-amd64.tar.gz"} function install_helm_binary { diff --git a/tools/helm_tk.sh b/tools/helm_tk.sh index ebeed2b6..88e175f3 100755 --- a/tools/helm_tk.sh +++ b/tools/helm_tk.sh @@ -17,7 +17,7 @@ set -eux HTK_REPO=${HTK_REPO:-"https://opendev.org/openstack/openstack-helm-infra.git"} -HTK_STABLE_COMMIT=${HTK_COMMIT:-"2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3"} +HTK_STABLE_COMMIT=${HTK_COMMIT:-"ee331fd0d38e3584fecbefbf6218ba0c8e112338"} TMP_DIR=$(mktemp -d) diff --git a/tools/registry/IMAGES b/tools/registry/IMAGES index 6c3eeda8..2e8009b0 100644 --- a/tools/registry/IMAGES +++ b/tools/registry/IMAGES @@ -1,14 +1,14 @@ # source_name, tag, cache_name coredns/coredns,1.7.0,coredns -bitnami/kubectl,1.21.7,kubectl -k8s.gcr.io/kube-apiserver-amd64,v1.21.7,apiserver -k8s.gcr.io/kube-controller-manager-amd64,v1.21.7,controller-manager -k8s.gcr.io/kube-scheduler-amd64,v1.21.7,scheduler -k8s.gcr.io/kube-proxy-amd64,v1.21.7,proxy +bitnami/kubectl,1.23.7,kubectl +k8s.gcr.io/kube-apiserver-amd64,v1.23.7,apiserver +k8s.gcr.io/kube-controller-manager-amd64,v1.23.7,controller-manager +k8s.gcr.io/kube-scheduler-amd64,v1.23.7,scheduler +k8s.gcr.io/kube-proxy-amd64,v1.23.7,proxy k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64,1.14.4,k8s-dns-dnsmasq-nanny-amd64 k8s.gcr.io/k8s-dns-kube-dns-amd64,1.14.4,k8s-dns-kube-dns-amd64 k8s.gcr.io/k8s-dns-sidecar-amd64,1.14.4,k8s-dns-sidecar-amd64 -lachlanevenson/k8s-helm,v3.6.3,helm +lachlanevenson/k8s-helm,v3.8.2,helm quay.io/airshipit/armada,master,armada quay.io/calico/cni,v1.11.0,calico-cni quay.io/calico/ctl,v1.6.1,calico-ctl