kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8865 from hakman/calico-3.13.2 

Update Calico and Canal to v3.13.2
This commit is contained in:
Kubernetes Prow Robot 2020-04-07 02:13:44 -07:00 committed by GitHub
parent 711816d844 49dfafc606
commit 302bc54782
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 138 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
upup/models/cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.16.yaml.template
View File

@ -330,6 +330,12 @@ rules:
- list - list
# Used to discover Typhas. # Used to discover Typhas.
- get - get
# Pod CIDR auto-detection on kubeadm needs access to config maps.
- apiGroups: [""]
resources:
- configmaps
verbs:
- get
- apiGroups: [""] - apiGroups: [""]
resources: resources:
- nodes/status - nodes/status
@ -407,6 +413,7 @@ rules:
verbs: verbs:
- create - create
- update - update
--- ---
# Flannel ClusterRole # Flannel ClusterRole
# Pulled from https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel-rbac.yml # Pulled from https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel-rbac.yml
@ -542,7 +549,7 @@ spec:
securityContext: securityContext:
fsGroup: 65534 fsGroup: 65534
containers: containers:
- image: calico/typha:v3.13.1 - image: calico/typha:v3.13.2
name: calico-typha name: calico-typha
ports: ports:
- containerPort: 5473 - containerPort: 5473
@ -653,7 +660,7 @@ spec:
# This container installs the CNI binaries # This container installs the CNI binaries
# and CNI network config file on each node. # and CNI network config file on each node.
- name: install-cni - name: install-cni
image: calico/cni:v3.13.1 image: calico/cni:v3.13.2
command: ["/install-cni.sh"] command: ["/install-cni.sh"]
env: env:
# Name of the CNI config file to create. # Name of the CNI config file to create.
@ -689,7 +696,7 @@ spec:
# Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes # Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes
# to communicate with Felix over the Policy Sync API. # to communicate with Felix over the Policy Sync API.
- name: flexvol-driver - name: flexvol-driver
image: calico/pod2daemon-flexvol:v3.13.1 image: calico/pod2daemon-flexvol:v3.13.2
volumeMounts: volumeMounts:
- name: flexvol-driver-host - name: flexvol-driver-host
mountPath: /host/driver mountPath: /host/driver
@ -700,7 +707,7 @@ spec:
# container programs network policy and routes on each # container programs network policy and routes on each
# host. # host.
- name: calico-node - name: calico-node
image: calico/node:v3.13.1 image: calico/node:v3.13.2
env: env:
# Use Kubernetes API as the backing datastore. # Use Kubernetes API as the backing datastore.
- name: DATASTORE_TYPE - name: DATASTORE_TYPE
@ -751,9 +758,9 @@ spec:
# Disable IPv6 on Kubernetes. # Disable IPv6 on Kubernetes.
- name: FELIX_IPV6SUPPORT - name: FELIX_IPV6SUPPORT
value: "false" value: "false"
# Set Felix logging to "INFO" # Set Felix logging to "info"
- name: FELIX_LOGSEVERITYSCREEN - name: FELIX_LOGSEVERITYSCREEN
value: "{{- or .Networking.Canal.LogSeveritySys "INFO" }}" value: "{{- or .Networking.Canal.LogSeveritySys "info" }}"
- name: FELIX_HEALTHENABLED - name: FELIX_HEALTHENABLED
value: "true" value: "true"
@ -780,7 +787,7 @@ spec:
privileged: true privileged: true
resources: resources:
requests: requests:
cpu: 250m cpu: 90m
livenessProbe: livenessProbe:
exec: exec:
command: command:

253
upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.16.yaml.template
View File

@ -1,4 +1,4 @@
# Pulled and modified from: https://docs.projectcalico.org/v3.12/manifests/calico-typha.yaml # Pulled and modified from: https://docs.projectcalico.org/v3.13/manifests/calico-typha.yaml
--- ---
# Source: calico/templates/calico-config.yaml # Source: calico/templates/calico-config.yaml
@ -60,106 +60,6 @@ data:
--- ---
# Source: calico/templates/kdd-crds.yaml # Source: calico/templates/kdd-crds.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: felixconfigurations.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: FelixConfiguration
plural: felixconfigurations
singular: felixconfiguration
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamblocks.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMBlock
plural: ipamblocks
singular: ipamblock
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: blockaffinities.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: BlockAffinity
plural: blockaffinities
singular: blockaffinity
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamhandles.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMHandle
plural: ipamhandles
singular: ipamhandle
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamconfigs.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMConfig
plural: ipamconfigs
singular: ipamconfig
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: bgppeers.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: BGPPeer
plural: bgppeers
singular: bgppeer
---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
@ -177,11 +77,10 @@ spec:
singular: bgpconfiguration singular: bgpconfiguration
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: ippools.crd.projectcalico.org name: bgppeers.crd.projectcalico.org
labels: labels:
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
spec: spec:
@ -189,16 +88,15 @@ spec:
group: crd.projectcalico.org group: crd.projectcalico.org
version: v1 version: v1
names: names:
kind: IPPool kind: BGPPeer
plural: ippools plural: bgppeers
singular: ippool singular: bgppeer
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: hostendpoints.crd.projectcalico.org name: blockaffinities.crd.projectcalico.org
labels: labels:
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
spec: spec:
@ -206,12 +104,11 @@ spec:
group: crd.projectcalico.org group: crd.projectcalico.org
version: v1 version: v1
names: names:
kind: HostEndpoint kind: BlockAffinity
plural: hostendpoints plural: blockaffinities
singular: hostendpoint singular: blockaffinity
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -229,6 +126,22 @@ spec:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: felixconfigurations.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: FelixConfiguration
plural: felixconfigurations
singular: felixconfiguration
---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -245,7 +158,6 @@ spec:
singular: globalnetworkpolicy singular: globalnetworkpolicy
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -262,7 +174,86 @@ spec:
singular: globalnetworkset singular: globalnetworkset
--- ---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: hostendpoints.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: HostEndpoint
plural: hostendpoints
singular: hostendpoint
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamblocks.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMBlock
plural: ipamblocks
singular: ipamblock
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamconfigs.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMConfig
plural: ipamconfigs
singular: ipamconfig
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ipamhandles.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPAMHandle
plural: ipamhandles
singular: ipamhandle
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ippools.crd.projectcalico.org
labels:
role.kubernetes.io/networking: "1"
spec:
scope: Cluster
group: crd.projectcalico.org
version: v1
names:
kind: IPPool
plural: ippools
singular: ippool
---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -279,7 +270,6 @@ spec:
singular: networkpolicy singular: networkpolicy
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -294,6 +284,7 @@ spec:
kind: NetworkSet kind: NetworkSet
plural: networksets plural: networksets
singular: networkset singular: networkset
--- ---
# Source: calico/templates/rbac.yaml # Source: calico/templates/rbac.yaml
@ -388,6 +379,12 @@ rules:
- list - list
# Used to discover Typhas. # Used to discover Typhas.
- get - get
# Pod CIDR auto-detection on kubeadm needs access to config maps.
- apiGroups: [""]
resources:
- configmaps
verbs:
- get
- apiGroups: [""] - apiGroups: [""]
resources: resources:
- nodes/status - nodes/status
@ -495,6 +492,7 @@ rules:
- daemonsets - daemonsets
verbs: verbs:
- get - get
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
@ -558,16 +556,16 @@ spec:
selector: selector:
matchLabels: matchLabels:
k8s-app: calico-typha k8s-app: calico-typha
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
template: template:
metadata: metadata:
labels: labels:
k8s-app: calico-typha k8s-app: calico-typha
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
annotations: annotations:
# This, along with the CriticalAddonsOnly toleration below, marks the pod as a critical
# add-on, ensuring it gets priority scheduling and that its resources are reserved
# if it ever gets evicted.
scheduler.alpha.kubernetes.io/critical-pod: ''
cluster-autoscaler.kubernetes.io/safe-to-evict: 'true' cluster-autoscaler.kubernetes.io/safe-to-evict: 'true'
spec: spec:
nodeSelector: nodeSelector:
@ -588,7 +586,7 @@ spec:
securityContext: securityContext:
fsGroup: 65534 fsGroup: 65534
containers: containers:
- image: calico/typha:v3.12.0 - image: calico/typha:v3.13.2
name: calico-typha name: calico-typha
ports: ports:
- containerPort: 5473 - containerPort: 5473
@ -677,12 +675,6 @@ spec:
labels: labels:
k8s-app: calico-node k8s-app: calico-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
annotations:
# This, along with the CriticalAddonsOnly toleration below,
# marks the pod as a critical add-on, ensuring it gets
# priority scheduling and that its resources are reserved
# if it ever gets evicted.
scheduler.alpha.kubernetes.io/critical-pod: ''
spec: spec:
nodeSelector: nodeSelector:
kubernetes.io/os: linux kubernetes.io/os: linux
@ -706,7 +698,7 @@ spec:
# It can be deleted if this is a fresh installation, or if you have already # It can be deleted if this is a fresh installation, or if you have already
# upgraded to use calico-ipam. # upgraded to use calico-ipam.
- name: upgrade-ipam - name: upgrade-ipam
image: calico/cni:v3.12.0 image: calico/cni:v3.13.2
command: ["/opt/cni/bin/calico-ipam", "-upgrade"] command: ["/opt/cni/bin/calico-ipam", "-upgrade"]
env: env:
- name: KUBERNETES_NODE_NAME - name: KUBERNETES_NODE_NAME
@ -728,7 +720,7 @@ spec:
# This container installs the CNI binaries # This container installs the CNI binaries
# and CNI network config file on each node. # and CNI network config file on each node.
- name: install-cni - name: install-cni
image: calico/cni:v3.12.0 image: calico/cni:v3.13.2
command: ["/install-cni.sh"] command: ["/install-cni.sh"]
env: env:
# Name of the CNI config file to create. # Name of the CNI config file to create.
@ -764,7 +756,7 @@ spec:
# Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes # Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes
# to communicate with Felix over the Policy Sync API. # to communicate with Felix over the Policy Sync API.
- name: flexvol-driver - name: flexvol-driver
image: calico/pod2daemon-flexvol:v3.12.0 image: calico/pod2daemon-flexvol:v3.13.2
volumeMounts: volumeMounts:
- name: flexvol-driver-host - name: flexvol-driver-host
mountPath: /host/driver mountPath: /host/driver
@ -775,7 +767,7 @@ spec:
# container programs network policy and routes on each # container programs network policy and routes on each
# host. # host.
- name: calico-node - name: calico-node
image: calico/node:v3.12.0 image: calico/node:v3.13.2
env: env:
# Use Kubernetes API as the backing datastore. # Use Kubernetes API as the backing datastore.
- name: DATASTORE_TYPE - name: DATASTORE_TYPE
@ -804,7 +796,6 @@ spec:
key: calico_backend key: calico_backend
# Cluster type to identify the deployment type # Cluster type to identify the deployment type
- name: CLUSTER_TYPE - name: CLUSTER_TYPE
# was value: "k8s,bgp"
value: "kops,bgp" value: "kops,bgp"
# Auto-detect the BGP IP address. # Auto-detect the BGP IP address.
- name: IP - name: IP
@ -980,7 +971,7 @@ spec:
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
containers: containers:
- name: calico-kube-controllers - name: calico-kube-controllers
image: calico/kube-controllers:v3.12.0 image: calico/kube-controllers:v3.13.2
env: env:
# Choose which controllers to run. # Choose which controllers to run.
- name: ENABLED_CONTROLLERS - name: ENABLED_CONTROLLERS

4
upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
View File

@ -703,7 +703,7 @@ func (b *BootstrapChannelBuilder) buildAddons() *channelsapi.Addons {
"k8s-1.7": "2.6.12-kops.1", "k8s-1.7": "2.6.12-kops.1",
"k8s-1.7-v3": "3.8.0-kops.2", "k8s-1.7-v3": "3.8.0-kops.2",
"k8s-1.12": "3.9.5-kops.1", "k8s-1.12": "3.9.5-kops.1",
"k8s-1.16": "3.12.0-kops.1", "k8s-1.16": "3.13.2-kops.1",
} }
{ {
@ -771,7 +771,7 @@ func (b *BootstrapChannelBuilder) buildAddons() *channelsapi.Addons {
"k8s-1.9": "3.2.3-kops.1", "k8s-1.9": "3.2.3-kops.1",
"k8s-1.12": "3.7.5-kops.1", "k8s-1.12": "3.7.5-kops.1",
"k8s-1.15": "3.12.0-kops.1", "k8s-1.15": "3.12.0-kops.1",
"k8s-1.16": "3.13.1-kops.1", "k8s-1.16": "3.13.2-kops.1",
} }
{ {
id := "k8s-1.9" id := "k8s-1.9"