kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Upgrade complex integration test case to k8s 1.24

This commit is contained in:
Peter Rifel 2022-07-11 19:47:59 -06:00
parent 95cd078cc4
commit 026037ee70
No known key found for this signature in database
GPG Key ID: BC6469E5B16DB2B6
22 changed files with 1404 additions and 259 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/kops/integration_test.go
View File

@ -319,14 +319,20 @@ func TestHighAvailabilityGCE(t *testing.T) {
func TestComplex(t *testing.T) {
newIntegrationTest("complex.example.com", "complex").withoutSSHKey().
withAddons(
awsEBSCSIAddon,
dnsControllerAddon,
awsCCMAddon,
leaderElectionAddon,
awsAuthenticatorAddon,
).
runTestTerraformAWS(t)
newIntegrationTest("complex.example.com", "complex").withoutSSHKey().runTestCloudformation(t)
newIntegrationTest("complex.example.com", "complex").withoutSSHKey().withVersion("legacy-v1alpha2").
withAddons(
awsEBSCSIAddon,
dnsControllerAddon,
awsCCMAddon,
leaderElectionAddon,
awsAuthenticatorAddon,
).
runTestTerraformAWS(t)

119
tests/integration/update_cluster/complex/cloudformation.json
View File

@ -48,21 +48,11 @@
"Value": "",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "master",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane",
"Value": "",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master",
"Value": "",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers",
"Value": "",
@ -155,11 +145,6 @@
"Value": "fib+baz",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "node",
"PropagateAtLaunch": true
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node",
"Value": "",
@ -335,18 +320,10 @@
"Key": "k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/kops-controller-pki",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "master"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers",
"Value": ""
@ -388,18 +365,10 @@
"Key": "k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/kops-controller-pki",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "master"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master",
"Value": ""
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers",
"Value": ""
@ -503,10 +472,6 @@
"Key": "foo/bar",
"Value": "fib+baz"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "node"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node",
"Value": ""
@ -544,10 +509,6 @@
"Key": "foo/bar",
"Value": "fib+baz"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role",
"Value": "node"
},
{
"Key": "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node",
"Value": ""
@ -1732,39 +1693,6 @@
"*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
"StringEquals": {
"aws:RequestTag/KubernetesCluster": "complex.example.com",
"ec2:CreateAction": [
"CreateSecurityGroup"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"Null": {
"aws:RequestTag/KubernetesCluster": "true"
},
"StringEquals": {
"aws:ResourceTag/KubernetesCluster": "complex.example.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
@ -1801,19 +1729,45 @@
"arn:aws-test:ec2:*:*:snapshot/*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
"StringEquals": {
"aws:RequestTag/KubernetesCluster": "complex.example.com",
"ec2:CreateAction": [
"CreateSecurityGroup"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"Null": {
"aws:RequestTag/KubernetesCluster": "true"
},
"StringEquals": {
"aws:ResourceTag/KubernetesCluster": "complex.example.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeTags",
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DeleteRoute",
"ec2:DeleteSecurityGroup",
"ec2:DeleteVolume",
"ec2:DescribeAccountAttributes",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
@ -1826,19 +1780,12 @@
"ec2:DescribeVolumes",
"ec2:DescribeVolumesModifications",
"ec2:DescribeVpcs",
"ec2:DetachVolume",
"ec2:ModifyInstanceAttribute",
"ec2:ModifyVolume",
"elasticloadbalancing:AddTags",
"elasticloadbalancing:CreateListener",
"elasticloadbalancing:CreateTargetGroup",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterTargets",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:DescribeKey",

62
tests/integration/update_cluster/complex/cloudformation.json.extracted.yaml
View File

@ -135,20 +135,21 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC'
cloudConfig:
awsEBSCSIDriver:
enabled: false
enabled: true
version: v1.8.0
manageStorageClasses: true
containerRuntime: containerd
containerd:
logLevel: info
version: 1.4.13
version: 1.6.6
docker:
skipInstall: true
encryptionConfig: null
etcdClusters:
events:
version: 3.4.13
version: 3.5.4
main:
version: 3.4.13
version: 3.5.4
kubeAPIServer:
allowPrivileged: true
anonymousAuth: false
@ -158,7 +159,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
auditWebhookBatchThrottleQps: 3140m
authorizationMode: AlwaysAllow
bindAddress: 0.0.0.0
cloudProvider: aws
cloudProvider: external
cpuLimit: 500m
cpuRequest: 200m
enableAdmissionPlugins:
@ -175,7 +176,10 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
- https://127.0.0.1:4001
etcdServersOverrides:
- /events#https://127.0.0.1:4002
image: registry.k8s.io/kube-apiserver:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-apiserver:v1.24.0
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@ -200,11 +204,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
kubeControllerManager:
allocateNodeCIDRs: true
attachDetachReconcileSyncPeriod: 1m0s
cloudProvider: aws
cloudProvider: external
clusterCIDR: 100.96.0.0/11
clusterName: complex.example.com
configureCloudRoutes: false
image: registry.k8s.io/kube-controller-manager:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-controller-manager:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -212,10 +219,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
image: registry.k8s.io/kube-proxy:v1.21.0
image: registry.k8s.io/kube-proxy:v1.24.0
logLevel: 2
kubeScheduler:
image: registry.k8s.io/kube-scheduler:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-scheduler:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -223,32 +233,38 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
masterKubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
registerSchedulable: false
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
@ -260,7 +276,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties.
ConfigBase: memfs://clusters.example.com/complex.example.com
InstanceGroupName: master-us-test-1a
InstanceGroupRole: Master
NodeupConfigHash: 2z3rsoW4KP8Gqw0aUFdjvd2YyXwYWxKKga67rBa24is=
NodeupConfigHash: /kzT+UsXGjhR1gYHcSZeQvy9456yLuzeKFyG7m6xfiM=
__EOF_KUBE_ENV
@ -414,33 +430,37 @@ Resources.AWSEC2LaunchTemplatenodescomplexexamplecom.Properties.LaunchTemplateDa
cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC'
cloudConfig:
awsEBSCSIDriver:
enabled: false
enabled: true
version: v1.8.0
manageStorageClasses: true
containerRuntime: containerd
containerd:
logLevel: info
version: 1.4.13
version: 1.6.6
docker:
skipInstall: true
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
image: registry.k8s.io/kube-proxy:v1.21.0
image: registry.k8s.io/kube-proxy:v1.24.0
logLevel: 2
kubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
@ -451,7 +471,7 @@ Resources.AWSEC2LaunchTemplatenodescomplexexamplecom.Properties.LaunchTemplateDa
ConfigBase: memfs://clusters.example.com/complex.example.com
InstanceGroupName: nodes
InstanceGroupRole: Node
NodeupConfigHash: oyLlt7/39B+J9SVUVVHuaHhkMF/6ILMeyHSNyTOPdjE=
NodeupConfigHash: L0VdC8YFhsuRM5mI3UFFMGk1vaXqq79w0xwZYnt0lGg=
__EOF_KUBE_ENV

80
tests/integration/update_cluster/complex/data/aws_iam_role_policy_masters.complex.example.com_policy
View File

@ -94,39 +94,6 @@
"*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
"StringEquals": {
"aws:RequestTag/KubernetesCluster": "complex.example.com",
"ec2:CreateAction": [
"CreateSecurityGroup"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"Null": {
"aws:RequestTag/KubernetesCluster": "true"
},
"StringEquals": {
"aws:ResourceTag/KubernetesCluster": "complex.example.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
@ -163,19 +130,45 @@
"arn:aws-test:ec2:*:*:snapshot/*"
]
},
{
"Action": "ec2:CreateTags",
"Condition": {
"StringEquals": {
"aws:RequestTag/KubernetesCluster": "complex.example.com",
"ec2:CreateAction": [
"CreateSecurityGroup"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"Null": {
"aws:RequestTag/KubernetesCluster": "true"
},
"StringEquals": {
"aws:ResourceTag/KubernetesCluster": "complex.example.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws-test:ec2:*:*:security-group/*"
]
},
{
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeTags",
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DeleteRoute",
"ec2:DeleteSecurityGroup",
"ec2:DeleteVolume",
"ec2:DescribeAccountAttributes",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
@ -188,19 +181,12 @@
"ec2:DescribeVolumes",
"ec2:DescribeVolumesModifications",
"ec2:DescribeVpcs",
"ec2:DetachVolume",
"ec2:ModifyInstanceAttribute",
"ec2:ModifyVolume",
"elasticloadbalancing:AddTags",
"elasticloadbalancing:CreateListener",
"elasticloadbalancing:CreateTargetGroup",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterTargets",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:DescribeKey",

46
tests/integration/update_cluster/complex/data/aws_launch_template_master-us-test-1a.masters.complex.example.com_user_data
View File

@ -134,20 +134,21 @@ ensure-install-dir
cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC'
cloudConfig:
awsEBSCSIDriver:
enabled: false
enabled: true
version: v1.8.0
manageStorageClasses: true
containerRuntime: containerd
containerd:
logLevel: info
version: 1.4.13
version: 1.6.6
docker:
skipInstall: true
encryptionConfig: null
etcdClusters:
events:
version: 3.4.13
version: 3.5.4
main:
version: 3.4.13
version: 3.5.4
kubeAPIServer:
allowPrivileged: true
anonymousAuth: false
@ -157,7 +158,7 @@ kubeAPIServer:
auditWebhookBatchThrottleQps: 3140m
authorizationMode: AlwaysAllow
bindAddress: 0.0.0.0
cloudProvider: aws
cloudProvider: external
cpuLimit: 500m
cpuRequest: 200m
enableAdmissionPlugins:
@ -174,7 +175,10 @@ kubeAPIServer:
- https://127.0.0.1:4001
etcdServersOverrides:
- /events#https://127.0.0.1:4002
image: registry.k8s.io/kube-apiserver:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-apiserver:v1.24.0
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@ -199,11 +203,14 @@ kubeAPIServer:
kubeControllerManager:
allocateNodeCIDRs: true
attachDetachReconcileSyncPeriod: 1m0s
cloudProvider: aws
cloudProvider: external
clusterCIDR: 100.96.0.0/11
clusterName: complex.example.com
configureCloudRoutes: false
image: registry.k8s.io/kube-controller-manager:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-controller-manager:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -211,10 +218,13 @@ kubeControllerManager:
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
image: registry.k8s.io/kube-proxy:v1.21.0
image: registry.k8s.io/kube-proxy:v1.24.0
logLevel: 2
kubeScheduler:
image: registry.k8s.io/kube-scheduler:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-scheduler:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -222,32 +232,38 @@ kubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
masterKubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
registerSchedulable: false
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
@ -259,7 +275,7 @@ CloudProvider: aws
ConfigBase: memfs://clusters.example.com/complex.example.com
InstanceGroupName: master-us-test-1a
InstanceGroupRole: Master
NodeupConfigHash: 2z3rsoW4KP8Gqw0aUFdjvd2YyXwYWxKKga67rBa24is=
NodeupConfigHash: /kzT+UsXGjhR1gYHcSZeQvy9456yLuzeKFyG7m6xfiM=
__EOF_KUBE_ENV

16
tests/integration/update_cluster/complex/data/aws_launch_template_nodes.complex.example.com_user_data
View File

@ -134,33 +134,37 @@ ensure-install-dir
cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC'
cloudConfig:
awsEBSCSIDriver:
enabled: false
enabled: true
version: v1.8.0
manageStorageClasses: true
containerRuntime: containerd
containerd:
logLevel: info
version: 1.4.13
version: 1.6.6
docker:
skipInstall: true
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
image: registry.k8s.io/kube-proxy:v1.21.0
image: registry.k8s.io/kube-proxy:v1.24.0
logLevel: 2
kubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
@ -171,7 +175,7 @@ CloudProvider: aws
ConfigBase: memfs://clusters.example.com/complex.example.com
InstanceGroupName: nodes
InstanceGroupRole: Node
NodeupConfigHash: oyLlt7/39B+J9SVUVVHuaHhkMF/6ILMeyHSNyTOPdjE=
NodeupConfigHash: L0VdC8YFhsuRM5mI3UFFMGk1vaXqq79w0xwZYnt0lGg=
__EOF_KUBE_ENV

55
tests/integration/update_cluster/complex/data/aws_s3_object_cluster-completed.spec_content
View File

@ -29,8 +29,18 @@ spec:
channel: stable
cloudConfig:
awsEBSCSIDriver:
enabled: false
enabled: true
version: v1.8.0
manageStorageClasses: true
cloudControllerManager:
allocateNodeCIDRs: true
clusterCIDR: 100.64.0.0/10
clusterName: complex.example.com
configureCloudRoutes: false
enableLeaderMigration: true
image: registry.k8s.io/provider-aws/cloud-controller-manager:v1.24.0
leaderElection:
leaderElect: true
cloudLabels:
Owner: John Doe
foo/bar: fib+baz
@ -41,7 +51,7 @@ spec:
containerRuntime: containerd
containerd:
logLevel: info
version: 1.4.13
version: 1.6.6
dnsZone: Z1AFAKE1ZON3YO
docker:
skipInstall: true
@ -52,14 +62,14 @@ spec:
- instanceGroup: master-us-test-1a
name: a
name: main
version: 3.4.13
version: 3.5.4
- backups:
backupStore: memfs://clusters.example.com/complex.example.com/backups/etcd/events
etcdMembers:
- instanceGroup: master-us-test-1a
name: a
name: events
version: 3.4.13
version: 3.5.4
externalDns:
provider: dns-controller
iam:
@ -75,7 +85,7 @@ spec:
auditWebhookBatchThrottleQps: 3140m
authorizationMode: AlwaysAllow
bindAddress: 0.0.0.0
cloudProvider: aws
cloudProvider: external
cpuLimit: 500m
cpuRequest: 200m
enableAdmissionPlugins:
@ -92,7 +102,10 @@ spec:
- https://127.0.0.1:4001
etcdServersOverrides:
- /events#https://127.0.0.1:4002
image: registry.k8s.io/kube-apiserver:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-apiserver:v1.24.0
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@ -117,11 +130,14 @@ spec:
kubeControllerManager:
allocateNodeCIDRs: true
attachDetachReconcileSyncPeriod: 1m0s
cloudProvider: aws
cloudProvider: external
clusterCIDR: 100.96.0.0/11
clusterName: complex.example.com
configureCloudRoutes: false
image: registry.k8s.io/kube-controller-manager:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-controller-manager:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -143,10 +159,13 @@ spec:
kubeProxy:
clusterCIDR: 100.96.0.0/11
cpuRequest: 100m
image: registry.k8s.io/kube-proxy:v1.21.0
image: registry.k8s.io/kube-proxy:v1.24.0
logLevel: 2
kubeScheduler:
image: registry.k8s.io/kube-scheduler:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-scheduler:v1.24.0
leaderElection:
leaderElect: true
logLevel: 2
@ -154,37 +173,43 @@ spec:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
kubernetesApiAccess:
- 1.1.1.0/24
- pl-44444444
kubernetesVersion: 1.21.0
kubernetesVersion: 1.24.0
masterInternalName: api.internal.complex.example.com
masterKubelet:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
registerSchedulable: false
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s

2
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-authentication.aws-k8s-1.12_content
View File

@ -197,7 +197,7 @@ spec:
name: output
hostNetwork: true
nodeSelector:
node-role.kubernetes.io/master: ""
node-role.kubernetes.io/control-plane: ""
priorityClassName: system-node-critical
serviceAccountName: aws-iam-authenticator
tolerations:

238
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-aws-cloud-controller.addons.k8s.io-k8s-1.18_content Normal file
View File

@ -0,0 +1,238 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: aws-cloud-controller.addons.k8s.io
k8s-app: aws-cloud-controller-manager
name: aws-cloud-controller-manager
namespace: kube-system
spec:
selector:
matchLabels:
k8s-app: aws-cloud-controller-manager
template:
metadata:
creationTimestamp: null
labels:
k8s-app: aws-cloud-controller-manager
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: Exists
- matchExpressions:
- key: node-role.kubernetes.io/master
operator: Exists
containers:
- args:
- --allocate-node-cidrs=true
- --cluster-cidr=100.64.0.0/10
- --cluster-name=complex.example.com
- --configure-cloud-routes=false
- --enable-leader-migration=true
- --leader-elect=true
- --v=2
- --cloud-provider=aws
- --use-service-account-credentials=true
- --cloud-config=/etc/kubernetes/cloud.config
env:
- name: KUBERNETES_SERVICE_HOST
value: 127.0.0.1
image: registry.k8s.io/provider-aws/cloud-controller-manager:v1.24.0
imagePullPolicy: IfNotPresent
name: aws-cloud-controller-manager
resources:
requests:
cpu: 200m
volumeMounts:
- mountPath: /etc/kubernetes/cloud.config
name: cloudconfig
readOnly: true
hostNetwork: true
nodeSelector: null
priorityClassName: system-cluster-critical
serviceAccountName: aws-cloud-controller-manager
tolerations:
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
- effect: NoSchedule
key: node.kubernetes.io/not-ready
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
- effect: NoSchedule
key: node-role.kubernetes.io/master
volumes:
- hostPath:
path: /etc/kubernetes/cloud.config
type: ""
name: cloudconfig
updateStrategy:
type: RollingUpdate
---
apiVersion: v1
kind: ServiceAccount
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: aws-cloud-controller.addons.k8s.io
name: aws-cloud-controller-manager
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: aws-cloud-controller.addons.k8s.io
name: cloud-controller-manager:apiserver-authentication-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- apiGroup: ""
kind: ServiceAccount
name: aws-cloud-controller-manager
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: aws-cloud-controller.addons.k8s.io
name: system:cloud-controller-manager
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- '*'
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
- apiGroups:
- ""
resources:
- services
verbs:
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- create
- get
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resourceNames:
- node-controller
- service-controller
- route-controller
resources:
- serviceaccounts/token
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: aws-cloud-controller.addons.k8s.io
name: system:cloud-controller-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:cloud-controller-manager
subjects:
- apiGroup: ""
kind: ServiceAccount
name: aws-cloud-controller-manager
namespace: kube-system

792
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-aws-ebs-csi-driver.addons.k8s.io-k8s-1.17_content Normal file
View File

@ -0,0 +1,792 @@
apiVersion: v1
kind: ServiceAccount
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-controller-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-external-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- csi.storage.k8s.io
resources:
- csinodeinfos
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-external-provisioner-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- create
- delete
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- update
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- watch
- create
- update
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshots
verbs:
- get
- list
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents
verbs:
- get
- list
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-external-resizer-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims/status
verbs:
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- watch
- create
- update
- patch
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-external-snapshotter-role
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- list
- watch
- create
- update
- patch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotclasses
verbs:
- get
- list
- watch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents
verbs:
- create
- get
- list
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ebs-external-attacher-role
subjects:
- kind: ServiceAccount
name: ebs-csi-controller-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ebs-external-provisioner-role
subjects:
- kind: ServiceAccount
name: ebs-csi-controller-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ebs-external-resizer-role
subjects:
- kind: ServiceAccount
name: ebs-csi-controller-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-snapshotter-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ebs-external-snapshotter-role
subjects:
- kind: ServiceAccount
name: ebs-csi-controller-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-node-getter-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ebs-csi-node-role
subjects:
- kind: ServiceAccount
name: ebs-csi-node-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-node-role
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
---
apiVersion: v1
kind: ServiceAccount
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-node-sa
namespace: kube-system
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-node
namespace: kube-system
spec:
selector:
matchLabels:
app: ebs-csi-node
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
template:
metadata:
creationTimestamp: null
labels:
app: ebs-csi-node
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
kops.k8s.io/managed-by: kops
spec:
containers:
- args:
- node
- --endpoint=$(CSI_ENDPOINT)
- --logtostderr
- --v=2
env:
- name: CSI_ENDPOINT
value: unix:/csi/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.8.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 3
name: ebs-plugin
ports:
- containerPort: 9808
name: healthz
protocol: TCP
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/lib/kubelet
mountPropagation: Bidirectional
name: kubelet-dir
- mountPath: /csi
name: plugin-dir
- mountPath: /dev
name: device-dir
- args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=5
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: /var/lib/kubelet/plugins/ebs.csi.aws.com/csi.sock
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- rm -rf /registration/ebs.csi.aws.com-reg.sock /csi/csi.sock
name: node-driver-registrar
volumeMounts:
- mountPath: /csi
name: plugin-dir
- mountPath: /registration
name: registration-dir
- args:
- --csi-address=/csi/csi.sock
image: registry.k8s.io/sig-storage/livenessprobe:v2.5.0
imagePullPolicy: IfNotPresent
name: liveness-probe
volumeMounts:
- mountPath: /csi
name: plugin-dir
nodeSelector:
kubernetes.io/os: linux
priorityClassName: system-node-critical
serviceAccountName: ebs-csi-node-sa
tolerations:
- operator: Exists
volumes:
- hostPath:
path: /var/lib/kubelet
type: Directory
name: kubelet-dir
- hostPath:
path: /var/lib/kubelet/plugins/ebs.csi.aws.com/
type: DirectoryOrCreate
name: plugin-dir
- hostPath:
path: /var/lib/kubelet/plugins_registry/
type: Directory
name: registration-dir
- hostPath:
path: /dev
type: Directory
name: device-dir
---
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: ebs-csi-controller
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
template:
metadata:
creationTimestamp: null
labels:
app: ebs-csi-controller
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: Exists
- key: kubernetes.io/os
operator: In
values:
- linux
- matchExpressions:
- key: node-role.kubernetes.io/master
operator: Exists
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- controller
- --endpoint=$(CSI_ENDPOINT)
- --logtostderr
- --k8s-tag-cluster-id=complex.example.com
- --extra-tags=KubernetesCluster=complex.example.com,Owner=John Doe,foo/bar=fib+baz
- --v=5
env:
- name: CSI_ENDPOINT
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
key: key_id
name: aws-secret
optional: true
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
key: access_key
name: aws-secret
optional: true
image: registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.8.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 3
name: ebs-plugin
ports:
- containerPort: 9808
name: healthz
protocol: TCP
readinessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 3
volumeMounts:
- mountPath: /var/lib/csi/sockets/pluginproxy/
name: socket-dir
- args:
- --csi-address=$(ADDRESS)
- --v=5
- --feature-gates=Topology=true
- --extra-create-metadata
- --leader-election=true
- --default-fstype=ext4
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
image: registry.k8s.io/sig-storage/csi-provisioner:v3.1.0
imagePullPolicy: IfNotPresent
name: csi-provisioner
volumeMounts:
- mountPath: /var/lib/csi/sockets/pluginproxy/
name: socket-dir
- args:
- --csi-address=$(ADDRESS)
- --v=5
- --leader-election=true
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
image: registry.k8s.io/sig-storage/csi-attacher:v3.4.0
imagePullPolicy: IfNotPresent
name: csi-attacher
volumeMounts:
- mountPath: /var/lib/csi/sockets/pluginproxy/
name: socket-dir
- args:
- --csi-address=$(ADDRESS)
- --v=5
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
image: registry.k8s.io/sig-storage/csi-resizer:v1.4.0
imagePullPolicy: IfNotPresent
name: csi-resizer
volumeMounts:
- mountPath: /var/lib/csi/sockets/pluginproxy/
name: socket-dir
- args:
- --csi-address=/csi/csi.sock
image: registry.k8s.io/sig-storage/livenessprobe:v2.5.0
imagePullPolicy: IfNotPresent
name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
nodeSelector: null
priorityClassName: system-cluster-critical
serviceAccountName: ebs-csi-controller-sa
tolerations:
- operator: Exists
topologySpreadConstraints:
- labelSelector:
matchLabels:
app: ebs-csi-controller
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app: ebs-csi-controller
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/name: aws-ebs-csi-driver
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
volumes:
- emptyDir: {}
name: socket-dir
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs.csi.aws.com
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: aws-ebs-csi-driver.addons.k8s.io
app.kubernetes.io/instance: aws-ebs-csi-driver
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-ebs-csi-driver
app.kubernetes.io/version: v1.8.0
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
name: ebs-csi-controller
namespace: kube-system
spec:
maxUnavailable: 1
selector:
matchLabels:
app: ebs-csi-controller
app.kubernetes.io/instance: aws-ebs-csi-driver

29
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-bootstrap_content
View File

@ -6,7 +6,7 @@ spec:
addons:
- id: k8s-1.16
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
manifestHash: 3916df96fe3ae06954938f730d8129a19de8c068fe63988db3777f0b39a91d9e
manifestHash: 9929ee7ecfd68d72c25f435c661060cbaf4846ebbfa7a88c1f1b97a1ab84b871
name: kops-controller.addons.k8s.io
needsRollingUpdate: control-plane
selector:
@ -14,7 +14,7 @@ spec:
version: 9.99.0
- id: k8s-1.12
manifest: coredns.addons.k8s.io/k8s-1.12.yaml
manifestHash: 85cf4f827417c4b9d574dfe9b0ee72d41d3efdf544dd055843add78b1a8ca69d
manifestHash: 36dc915b1233981f10e02284dc34088aaa3fadff6592bc5edc84e9269b32be57
name: coredns.addons.k8s.io
selector:
k8s-addon: coredns.addons.k8s.io
@ -26,6 +26,13 @@ spec:
selector:
k8s-addon: kubelet-api.rbac.addons.k8s.io
version: 9.99.0
- id: k8s-1.23
manifest: leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml
manifestHash: b9c91e09c0f28c9b74ff140b8395d611834c627d698846d625c10975a74a48c4
name: leader-migration.rbac.addons.k8s.io
selector:
k8s-addon: leader-migration.rbac.addons.k8s.io
version: 9.99.0
- manifest: limit-range.addons.k8s.io/v1.5.0.yaml
manifestHash: 2d55c3bc5e354e84a3730a65b42f39aba630a59dc8d32b30859fcce3d3178bc2
name: limit-range.addons.k8s.io
@ -41,15 +48,29 @@ spec:
version: 9.99.0
- id: v1.15.0
manifest: storage-aws.addons.k8s.io/v1.15.0.yaml
manifestHash: 065ae832ddac8d0931e9992d6a76f43a33a36975a38003b34f4c5d86a7d42780
manifestHash: 4e2cda50cd5048133aad1b5e28becb60f4629d3f9e09c514a2757c27998b4200
name: storage-aws.addons.k8s.io
selector:
k8s-addon: storage-aws.addons.k8s.io
version: 9.99.0
- id: k8s-1.12
manifest: authentication.aws/k8s-1.12.yaml
manifestHash: 853d0d96e385e22dba8e7c0673a7990748a454900f1bb40ca94e7f1b959d8dc5
manifestHash: aabaf46bd54c0d325b6ff3a7ea7af0abde58bf27e97acdc48260851c48f71541
name: authentication.aws
selector:
role.kubernetes.io/authentication: "1"
version: 9.99.0
- id: k8s-1.18
manifest: aws-cloud-controller.addons.k8s.io/k8s-1.18.yaml
manifestHash: a898fc86900a2455b2a3f424f0adbd7d96509895dd2619808623efb06b6c43a6
name: aws-cloud-controller.addons.k8s.io
selector:
k8s-addon: aws-cloud-controller.addons.k8s.io
version: 9.99.0
- id: k8s-1.17
manifest: aws-ebs-csi-driver.addons.k8s.io/k8s-1.17.yaml
manifestHash: 9c73b6541877bf379004b4ef3f714578679326e8aa326fb633c40cdccfb7886a
name: aws-ebs-csi-driver.addons.k8s.io
selector:
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
version: 9.99.0

2
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content
View File

@ -242,7 +242,7 @@ spec:
---
apiVersion: policy/v1beta1
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
creationTimestamp: null

2
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content
View File

@ -1,7 +1,7 @@
apiVersion: v1
data:
config.yaml: |
{"cloud":"aws","configBase":"memfs://clusters.example.com/complex.example.com","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.complex.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
{"cloud":"aws","configBase":"memfs://clusters.example.com/complex.example.com","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.complex.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"],"useInstanceIDForNodeName":true}}
kind: ConfigMap
metadata:
creationTimestamp: null

52
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content Normal file
View File

@ -0,0 +1,52 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: leader-migration.rbac.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: leader-migration.rbac.addons.k8s.io
name: system::leader-locking-migration
namespace: kube-system
rules:
- apiGroups:
- coordination.k8s.io
resourceNames:
- cloud-provider-extraction-migration
resources:
- leases
verbs:
- create
- list
- get
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: leader-migration.rbac.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: leader-migration.rbac.addons.k8s.io
name: system::leader-locking-migration
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: system::leader-locking-migration
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:kube-controller-manager
- kind: ServiceAccount
name: kube-controller-manager
namespace: kube-system
- kind: ServiceAccount
name: aws-cloud-controller-manager
namespace: kube-system
- kind: ServiceAccount
name: cloud-controller-manager
namespace: kube-system

22
tests/integration/update_cluster/complex/data/aws_s3_object_complex.example.com-addons-storage-aws.addons.k8s.io-v1.15.0_content
View File

@ -35,7 +35,7 @@ apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
storageclass.kubernetes.io/is-default-class: "true"
storageclass.kubernetes.io/is-default-class: "false"
creationTimestamp: null
labels:
addon.kops.k8s.io/name: storage-aws.addons.k8s.io
@ -50,6 +50,26 @@ volumeBindingMode: WaitForFirstConsumer
---
allowVolumeExpansion: true
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
storageclass.kubernetes.io/is-default-class: "true"
creationTimestamp: null
labels:
addon.kops.k8s.io/name: storage-aws.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: storage-aws.addons.k8s.io
name: kops-csi-1-21
parameters:
encrypted: "true"
type: gp3
provisioner: ebs.csi.aws.com
volumeBindingMode: WaitForFirstConsumer
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:

2
tests/integration/update_cluster/complex/data/aws_s3_object_etcd-cluster-spec-events_content
View File

@ -1,4 +1,4 @@
{
"memberCount": 1,
"etcdVersion": "3.4.13"
"etcdVersion": "3.5.4"
}

2
tests/integration/update_cluster/complex/data/aws_s3_object_etcd-cluster-spec-main_content
View File

@ -1,4 +1,4 @@
{
"memberCount": 1,
"etcdVersion": "3.4.13"
"etcdVersion": "3.5.4"
}

37
tests/integration/update_cluster/complex/data/aws_s3_object_nodeupconfig-master-us-test-1a_content
View File

@ -8,7 +8,7 @@ APIServerConfig:
auditWebhookBatchThrottleQps: 3140m
authorizationMode: AlwaysAllow
bindAddress: 0.0.0.0
cloudProvider: aws
cloudProvider: external
cpuLimit: 500m
cpuRequest: 200m
enableAdmissionPlugins:
@ -25,7 +25,10 @@ APIServerConfig:
- https://127.0.0.1:4001
etcdServersOverrides:
- /events#https://127.0.0.1:4002
image: registry.k8s.io/kube-apiserver:v1.21.0
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
image: registry.k8s.io/kube-apiserver:v1.24.0
kubeletPreferredAddressTypes:
- InternalIP
- Hostname
@ -58,17 +61,19 @@ APIServerConfig:
-----END RSA PUBLIC KEY-----
Assets:
amd64:
- 681c81b7934ae2bf38b9f12d891683972d1fbbf6d7d97e50940a47b139d41b35@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubelet
- 9f74f2fa7ee32ad07e17211725992248470310ca1988214518806b39b1dad9f0@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubectl
- 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz
- 29ef1e8635795c2a49a20a56e778f45ff163c5400a5428ca33999ed53d44e3d8@https://github.com/containerd/containerd/releases/download/v1.4.13/cri-containerd-cni-1.4.13-linux-amd64.tar.gz
- 3d98ac8b4fb8dc99f9952226f2565951cc366c442656a889facc5b1b2ec2ba52@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/amd64/kubelet
- 94d686bb6772f6fb59e3a32beff908ab406b79acdfb2427abdc4ac3ce1bb98d7@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/amd64/kubectl
- 962100bbc4baeaaa5748cdbfce941f756b1531c2eadb290129401498bfac21e7@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz
- 0212869675742081d70600a1afc6cea4388435cc52bf5dc21f4efdcb9a92d2ef@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-amd64.tar.gz
- 6e8b24be90fffce6b025d254846da9d2ca6d65125f9139b6354bab0272253d01@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64
- f90ed6dcef534e6d1ae17907dc7eb40614b8945ad4af7f0e98d2be7cde8165c6@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/protokube,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/protokube-linux-amd64
- 9992e7eb2a2e93f799e5a9e98eb718637433524bc65f630357201a79f49b13d0@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/channels,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/channels-linux-amd64
arm64:
- 17832b192be5ea314714f7e16efd5e5f65347974bbbf41def6b02f68931380c4@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/arm64/kubelet
- a4dd7100f547a40d3e2f83850d0bab75c6ea5eb553f0a80adcf73155bef1fd0d@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/arm64/kubectl
- ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz
- debed306ed9a4e70dcbcb228a0b3898f9730099e324f34bb0e76abbaddf7a6a7@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.13.tgz
- 8f066c9a048dd1704bf22ccf6e994e2fa2ea1175c9768a786f6cb6608765025e@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/arm64/kubelet
- 449278789de283648e4076ade46816da249714f96e71567e035e9d17e1fff06d@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/arm64/kubectl
- ef17764ffd6cdcb16d76401bac1db6acc050c9b088f1be5efa0e094ea3b01df0@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-arm64-v0.9.1.tgz
- 807bf333df331d713708ead66919189d7b142a0cc21ec32debbc988f9069d5eb@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-arm64.tar.gz
- 00c9ad161a77a01d9dcbd25b1d76fa9822e57d8e4abf26ba8907c98f6bcfcd0f@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.arm64
- 2f599c3d54f4c4bdbcc95aaf0c7b513a845d8f9503ec5b34c9f86aa1bc34fc0c@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/protokube,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/protokube-linux-arm64
- 9d842e3636a95de2315cdea2be7a282355aac0658ef0b86d5dc2449066538f13@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/channels,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/channels-linux-arm64
CAs:
@ -240,22 +245,23 @@ KubeletConfig:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
nodeLabels:
kops.k8s.io/kops-controller-pki: ""
kubernetes.io/role: master
node-role.kubernetes.io/control-plane: ""
node-role.kubernetes.io/master: ""
node.kubernetes.io/exclude-from-external-load-balancers: ""
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
registerSchedulable: false
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
@ -264,10 +270,11 @@ channels:
- memfs://clusters.example.com/complex.example.com/addons/bootstrap-channel.yaml
containerdConfig:
logLevel: info
version: 1.4.13
version: 1.6.6
etcdManifests:
- memfs://clusters.example.com/complex.example.com/manifests/etcd/main.yaml
- memfs://clusters.example.com/complex.example.com/manifests/etcd/events.yaml
staticManifests:
- key: kube-apiserver-healthcheck
path: manifests/static/kube-apiserver-healthcheck.yaml
useInstanceIDForNodeName: true

29
tests/integration/update_cluster/complex/data/aws_s3_object_nodeupconfig-nodes_content
View File

@ -1,14 +1,16 @@
Assets:
amd64:
- 681c81b7934ae2bf38b9f12d891683972d1fbbf6d7d97e50940a47b139d41b35@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubelet
- 9f74f2fa7ee32ad07e17211725992248470310ca1988214518806b39b1dad9f0@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubectl
- 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz
- 29ef1e8635795c2a49a20a56e778f45ff163c5400a5428ca33999ed53d44e3d8@https://github.com/containerd/containerd/releases/download/v1.4.13/cri-containerd-cni-1.4.13-linux-amd64.tar.gz
- 3d98ac8b4fb8dc99f9952226f2565951cc366c442656a889facc5b1b2ec2ba52@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/amd64/kubelet
- 94d686bb6772f6fb59e3a32beff908ab406b79acdfb2427abdc4ac3ce1bb98d7@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/amd64/kubectl
- 962100bbc4baeaaa5748cdbfce941f756b1531c2eadb290129401498bfac21e7@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz
- 0212869675742081d70600a1afc6cea4388435cc52bf5dc21f4efdcb9a92d2ef@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-amd64.tar.gz
- 6e8b24be90fffce6b025d254846da9d2ca6d65125f9139b6354bab0272253d01@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64
arm64:
- 17832b192be5ea314714f7e16efd5e5f65347974bbbf41def6b02f68931380c4@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/arm64/kubelet
- a4dd7100f547a40d3e2f83850d0bab75c6ea5eb553f0a80adcf73155bef1fd0d@https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/arm64/kubectl
- ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz
- debed306ed9a4e70dcbcb228a0b3898f9730099e324f34bb0e76abbaddf7a6a7@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.13.tgz
- 8f066c9a048dd1704bf22ccf6e994e2fa2ea1175c9768a786f6cb6608765025e@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/arm64/kubelet
- 449278789de283648e4076ade46816da249714f96e71567e035e9d17e1fff06d@https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/arm64/kubectl
- ef17764ffd6cdcb16d76401bac1db6acc050c9b088f1be5efa0e094ea3b01df0@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-arm64-v0.9.1.tgz
- 807bf333df331d713708ead66919189d7b142a0cc21ec32debbc988f9069d5eb@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-arm64.tar.gz
- 00c9ad161a77a01d9dcbd25b1d76fa9822e57d8e4abf26ba8907c98f6bcfcd0f@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.arm64
CAs:
kubernetes-ca: |
-----BEGIN CERTIFICATE-----
@ -41,19 +43,21 @@ KubeletConfig:
anonymousAuth: false
cgroupDriver: systemd
cgroupRoot: /
cloudProvider: aws
cloudProvider: external
clusterDNS: 100.64.0.10
clusterDomain: cluster.local
enableDebuggingHandlers: true
evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5%
featureGates:
CSIMigrationAWS: "true"
InTreePluginAWSUnregister: "true"
kubeconfigPath: /var/lib/kubelet/kubeconfig
logLevel: 2
networkPluginName: cni
nodeLabels:
kubernetes.io/role: node
node-role.kubernetes.io/node: ""
podInfraContainerImage: registry.k8s.io/pause:3.6
podManifestPath: /etc/kubernetes/manifests
protectKernelDefaults: true
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
UpdatePolicy: automatic
@ -61,6 +65,7 @@ channels:
- memfs://clusters.example.com/complex.example.com/addons/bootstrap-channel.yaml
containerdConfig:
logLevel: info
version: 1.4.13
version: 1.6.6
packages:
- nfs-common
useInstanceIDForNodeName: true

2
tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml
View File

@ -50,7 +50,7 @@ spec:
memoryLimit: 1000Mi
kubelet:
anonymousAuth: false
kubernetesVersion: v1.21.0
kubernetesVersion: v1.24.0
masterInternalName: api.internal.complex.example.com
masterPublicName: api.complex.example.com
networkCIDR: 172.20.0.0/16

2
tests/integration/update_cluster/complex/in-v1alpha2.yaml
View File

@ -50,7 +50,7 @@ spec:
memoryLimit: 1000Mi
kubelet:
anonymousAuth: false
kubernetesVersion: v1.21.0
kubernetesVersion: v1.24.0
masterInternalName: api.internal.complex.example.com
masterPublicName: api.complex.example.com
networkCIDR: 172.20.0.0/16

66
tests/integration/update_cluster/complex/kubernetes.tf
View File

@ -140,21 +140,11 @@ resource "aws_autoscaling_group" "master-us-test-1a-masters-complex-example-com"
propagate_at_launch = true
value = ""
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role"
propagate_at_launch = true
value = "master"
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane"
propagate_at_launch = true
value = ""
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master"
propagate_at_launch = true
value = ""
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers"
propagate_at_launch = true
@ -213,11 +203,6 @@ resource "aws_autoscaling_group" "nodes-complex-example-com" {
propagate_at_launch = true
value = "fib+baz"
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role"
propagate_at_launch = true
value = "node"
}
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node"
propagate_at_launch = true
@ -399,9 +384,7 @@ resource "aws_launch_template" "master-us-test-1a-masters-complex-example-com" {
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/kops-controller-pki" = ""
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "master"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane" = ""
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master" = ""
"k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers" = ""
"k8s.io/role/master" = "1"
"kops.k8s.io/instancegroup" = "master-us-test-1a"
@ -416,9 +399,7 @@ resource "aws_launch_template" "master-us-test-1a-masters-complex-example-com" {
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/kops-controller-pki" = ""
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "master"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane" = ""
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master" = ""
"k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers" = ""
"k8s.io/role/master" = "1"
"kops.k8s.io/instancegroup" = "master-us-test-1a"
@ -431,9 +412,7 @@ resource "aws_launch_template" "master-us-test-1a-masters-complex-example-com" {
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/kops-controller-pki" = ""
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "master"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/control-plane" = ""
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/master" = ""
"k8s.io/cluster-autoscaler/node-template/label/node.kubernetes.io/exclude-from-external-load-balancers" = ""
"k8s.io/role/master" = "1"
"kops.k8s.io/instancegroup" = "master-us-test-1a"
@ -498,7 +477,6 @@ resource "aws_launch_template" "nodes-complex-example-com" {
"Name" = "nodes.complex.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "node"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node" = ""
"k8s.io/role/node" = "1"
"kops.k8s.io/instancegroup" = "nodes"
@ -512,7 +490,6 @@ resource "aws_launch_template" "nodes-complex-example-com" {
"Name" = "nodes.complex.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "node"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node" = ""
"k8s.io/role/node" = "1"
"kops.k8s.io/instancegroup" = "nodes"
@ -524,7 +501,6 @@ resource "aws_launch_template" "nodes-complex-example-com" {
"Name" = "nodes.complex.example.com"
"Owner" = "John Doe"
"foo/bar" = "fib+baz"
"k8s.io/cluster-autoscaler/node-template/label/kubernetes.io/role" = "node"
"k8s.io/cluster-autoscaler/node-template/label/node-role.kubernetes.io/node" = ""
"k8s.io/role/node" = "1"
"kops.k8s.io/instancegroup" = "nodes"
@ -706,6 +682,22 @@ resource "aws_s3_object" "complex-example-com-addons-authentication-aws-k8s-1-12
server_side_encryption = "AES256"
}
resource "aws_s3_object" "complex-example-com-addons-aws-cloud-controller-addons-k8s-io-k8s-1-18" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_complex.example.com-addons-aws-cloud-controller.addons.k8s.io-k8s-1.18_content")
key = "clusters.example.com/complex.example.com/addons/aws-cloud-controller.addons.k8s.io/k8s-1.18.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "complex-example-com-addons-aws-ebs-csi-driver-addons-k8s-io-k8s-1-17" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_complex.example.com-addons-aws-ebs-csi-driver.addons.k8s.io-k8s-1.17_content")
key = "clusters.example.com/complex.example.com/addons/aws-ebs-csi-driver.addons.k8s.io/k8s-1.17.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "complex-example-com-addons-bootstrap" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_complex.example.com-addons-bootstrap_content")
@ -746,6 +738,14 @@ resource "aws_s3_object" "complex-example-com-addons-kubelet-api-rbac-addons-k8s
server_side_encryption = "AES256"
}
resource "aws_s3_object" "complex-example-com-addons-leader-migration-rbac-addons-k8s-io-k8s-1-23" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_complex.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content")
key = "clusters.example.com/complex.example.com/addons/leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "complex-example-com-addons-limit-range-addons-k8s-io" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_complex.example.com-addons-limit-range.addons.k8s.io_content")
@ -1109,8 +1109,10 @@ resource "aws_security_group_rule" "tcp-api-pl-44444444" {
}
resource "aws_subnet" "us-east-1a-private-complex-example-com" {
availability_zone = "us-test-1a"
cidr_block = "172.20.64.0/19"
availability_zone = "us-test-1a"
cidr_block = "172.20.64.0/19"
enable_resource_name_dns_a_record_on_launch = true
private_dns_hostname_type_on_launch = "resource-name"
tags = {
"KubernetesCluster" = "complex.example.com"
"Name" = "us-east-1a-private.complex.example.com"
@ -1124,8 +1126,10 @@ resource "aws_subnet" "us-east-1a-private-complex-example-com" {
}
resource "aws_subnet" "us-east-1a-utility-complex-example-com" {
availability_zone = "us-test-1a"
cidr_block = "172.20.96.0/19"
availability_zone = "us-test-1a"
cidr_block = "172.20.96.0/19"
enable_resource_name_dns_a_record_on_launch = true
private_dns_hostname_type_on_launch = "resource-name"
tags = {
"KubernetesCluster" = "complex.example.com"
"Name" = "us-east-1a-utility.complex.example.com"
@ -1140,8 +1144,10 @@ resource "aws_subnet" "us-east-1a-utility-complex-example-com" {
}
resource "aws_subnet" "us-test-1a-complex-example-com" {
availability_zone = "us-test-1a"
cidr_block = "172.20.32.0/19"
availability_zone = "us-test-1a"
cidr_block = "172.20.32.0/19"
enable_resource_name_dns_a_record_on_launch = true
private_dns_hostname_type_on_launch = "resource-name"
tags = {
"KubernetesCluster" = "complex.example.com"
"Name" = "us-test-1a.complex.example.com"