diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_cluster-completed.spec_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_cluster-completed.spec_content new file mode 100644 index 0000000000..3abaefbaf8 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_cluster-completed.spec_content @@ -0,0 +1,192 @@ +apiVersion: kops.k8s.io/v1alpha2 +kind: Cluster +metadata: + creationTimestamp: "2017-01-01T00:00:00Z" + name: minimal-gce-with-a-very-very-very-very-very-long-name.example.com +spec: + api: + loadBalancer: + subnets: + - name: us-test-1 + type: Internal + useForInternalApi: true + authorization: + alwaysAllow: {} + channel: stable + cloudConfig: + gcpPDCSIDriver: + enabled: true + manageStorageClasses: true + multizone: true + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node + cloudProvider: gce + clusterDNSDomain: cluster.local + configBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com + configStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com + containerRuntime: containerd + containerd: + logLevel: info + version: 1.6.6 + dnsZone: "1" + docker: + skipInstall: true + etcdClusters: + - backups: + backupStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main + etcdMembers: + - instanceGroup: master-us-test1-a + name: "1" + name: main + version: 3.5.4 + - backups: + backupStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events + etcdMembers: + - instanceGroup: master-us-test1-a + name: "1" + name: events + version: 3.5.4 + externalDns: + provider: dns-controller + iam: + legacy: false + keyStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/pki + kubeAPIServer: + allowPrivileged: true + anonymousAuth: false + apiAudiences: + - kubernetes.svc.default + apiServerCount: 1 + authorizationMode: AlwaysAllow + bindAddress: 0.0.0.0 + cloudProvider: gce + enableAdmissionPlugins: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - DefaultStorageClass + - DefaultTolerationSeconds + - MutatingAdmissionWebhook + - ValidatingAdmissionWebhook + - NodeRestriction + - ResourceQuota + etcdServers: + - https://127.0.0.1:4001 + etcdServersOverrides: + - /events#https://127.0.0.1:4002 + image: registry.k8s.io/kube-apiserver:v1.23.0 + kubeletPreferredAddressTypes: + - InternalIP + - Hostname + - ExternalIP + logLevel: 2 + requestheaderAllowedNames: + - aggregator + requestheaderExtraHeaderPrefixes: + - X-Remote-Extra- + requestheaderGroupHeaders: + - X-Remote-Group + requestheaderUsernameHeaders: + - X-Remote-User + securePort: 443 + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks + serviceClusterIPRange: 100.64.0.0/13 + storageBackend: etcd3 + kubeControllerManager: + allocateNodeCIDRs: true + attachDetachReconcileSyncPeriod: 1m0s + cloudProvider: gce + clusterCIDR: 100.96.0.0/11 + clusterName: minimal-gce-with-a-very-very-very-very-very-long-name-example-com + configureCloudRoutes: false + enableLeaderMigration: true + image: registry.k8s.io/kube-controller-manager:v1.23.0 + leaderElection: + leaderElect: true + logLevel: 2 + useServiceAccountCredentials: true + kubeDNS: + cacheMaxConcurrent: 150 + cacheMaxSize: 1000 + cpuRequest: 100m + domain: cluster.local + memoryLimit: 170Mi + memoryRequest: 70Mi + nodeLocalDNS: + cpuRequest: 25m + enabled: false + image: registry.k8s.io/dns/k8s-dns-node-cache:1.21.3 + memoryRequest: 5Mi + provider: CoreDNS + serverIP: 100.64.0.10 + kubeProxy: + clusterCIDR: 100.96.0.0/11 + cpuRequest: 100m + image: registry.k8s.io/kube-proxy:v1.23.0 + logLevel: 2 + kubeScheduler: + image: registry.k8s.io/kube-scheduler:v1.23.0 + leaderElection: + leaderElect: true + logLevel: 2 + kubelet: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s + kubernetesApiAccess: + - 0.0.0.0/0 + kubernetesVersion: 1.23.0 + masterInternalName: api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + masterKubelet: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + registerSchedulable: false + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s + masterPublicName: api.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + networking: + cni: {} + nonMasqueradeCIDR: 100.64.0.0/10 + podCIDR: 100.96.0.0/11 + project: testproject + secretStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/secrets + serviceClusterIPRange: 100.64.0.0/13 + sshAccess: + - 0.0.0.0/0 + subnets: + - cidr: 10.0.16.0/20 + name: us-test1 + region: us-test1 + type: Private + topology: + dns: + type: Public + masters: private + nodes: private diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-events_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-events_content new file mode 100644 index 0000000000..06759fa2b2 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-events_content @@ -0,0 +1,4 @@ +{ + "memberCount": 1, + "etcdVersion": "3.5.4" +} diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-main_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-main_content new file mode 100644 index 0000000000..06759fa2b2 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_etcd-cluster-spec-main_content @@ -0,0 +1,4 @@ +{ + "memberCount": 1, + "etcdVersion": "3.5.4" +} diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_kops-version.txt_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_kops-version.txt_content new file mode 100644 index 0000000000..b7340298dc --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_kops-version.txt_content @@ -0,0 +1 @@ +1.21.0-alpha.1 diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content new file mode 100644 index 0000000000..43e66092d0 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content @@ -0,0 +1,62 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + k8s-app: etcd-manager-events + name: etcd-manager-events + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager + --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events + --client-urls=https://__name__:4002 --cluster-name=etcd-events --containerized=true + --dns-suffix=.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + --grpc-port=3997 --peer-urls=https://__name__:2381 --quarantine-client-urls=https://__name__:3995 + --v=6 --volume-name-tag=k8s-io-etcd-events --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com + --volume-tag=k8s-io-etcd-events --volume-tag=k8s-io-role-master=master > /tmp/pipe + 2>&1 + image: registry.k8s.io/etcdadm/etcd-manager:v3.0.20220617 + name: etcd-manager + resources: + requests: + cpu: 200m + memory: 100Mi + securityContext: + privileged: true + volumeMounts: + - mountPath: /rootfs + name: rootfs + - mountPath: /run + name: run + - mountPath: /etc/kubernetes/pki/etcd-manager + name: pki + - mountPath: /var/log/etcd.log + name: varlogetcd + hostNetwork: true + hostPID: true + priorityClassName: system-cluster-critical + tolerations: + - key: CriticalAddonsOnly + operator: Exists + volumes: + - hostPath: + path: / + type: Directory + name: rootfs + - hostPath: + path: /run + type: DirectoryOrCreate + name: run + - hostPath: + path: /etc/kubernetes/pki/etcd-manager-events + type: DirectoryOrCreate + name: pki + - hostPath: + path: /var/log/etcd-events.log + type: FileOrCreate + name: varlogetcd +status: {} diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content new file mode 100644 index 0000000000..54d5c289bb --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content @@ -0,0 +1,62 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + k8s-app: etcd-manager-main + name: etcd-manager-main + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager + --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main + --client-urls=https://__name__:4001 --cluster-name=etcd --containerized=true + --dns-suffix=.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + --grpc-port=3996 --peer-urls=https://__name__:2380 --quarantine-client-urls=https://__name__:3994 + --v=6 --volume-name-tag=k8s-io-etcd-main --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com + --volume-tag=k8s-io-etcd-main --volume-tag=k8s-io-role-master=master > /tmp/pipe + 2>&1 + image: registry.k8s.io/etcdadm/etcd-manager:v3.0.20220617 + name: etcd-manager + resources: + requests: + cpu: 200m + memory: 100Mi + securityContext: + privileged: true + volumeMounts: + - mountPath: /rootfs + name: rootfs + - mountPath: /run + name: run + - mountPath: /etc/kubernetes/pki/etcd-manager + name: pki + - mountPath: /var/log/etcd.log + name: varlogetcd + hostNetwork: true + hostPID: true + priorityClassName: system-cluster-critical + tolerations: + - key: CriticalAddonsOnly + operator: Exists + volumes: + - hostPath: + path: / + type: Directory + name: rootfs + - hostPath: + path: /run + type: DirectoryOrCreate + name: run + - hostPath: + path: /etc/kubernetes/pki/etcd-manager-main + type: DirectoryOrCreate + name: pki + - hostPath: + path: /var/log/etcd.log + type: FileOrCreate + name: varlogetcd +status: {} diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content new file mode 100644 index 0000000000..a1bdd67679 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null +spec: + containers: + - args: + - --ca-cert=/secrets/ca.crt + - --client-cert=/secrets/client.crt + - --client-key=/secrets/client.key + image: registry.k8s.io/kops/kube-apiserver-healthcheck:1.25.0-alpha.1 + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /.kube-apiserver-healthcheck/healthz + port: 3990 + initialDelaySeconds: 5 + timeoutSeconds: 5 + name: healthcheck + resources: {} + securityContext: + runAsNonRoot: true + runAsUser: 10012 + volumeMounts: + - mountPath: /secrets + name: healthcheck-secrets + readOnly: true + volumes: + - hostPath: + path: /etc/kubernetes/kube-apiserver-healthcheck/secrets + type: Directory + name: healthcheck-secrets +status: {} diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-bootstrap_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content similarity index 93% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-bootstrap_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content index bb2a9ddc86..19c2ed3dcd 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content @@ -6,7 +6,7 @@ spec: addons: - id: k8s-1.16 manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml - manifestHash: 7411afd1b1a8639041be4f64fddfbf2eb3c5f8e31f8e861cb60c094d626fd403 + manifestHash: d5f7f2688667e92286467680486bc02ef5052d9192b1da6db36924a4e32d7c64 name: kops-controller.addons.k8s.io needsRollingUpdate: control-plane selector: @@ -55,7 +55,7 @@ spec: version: 9.99.0 - id: k8s-1.23 manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml - manifestHash: 89709fa44dc0e1deef589f173dd9ea3135073ff8f3d3a93f065023cd6dfbc4d5 + manifestHash: 58a0ffcf43005dce350ffe7d4faa1776b2c9ec9bf2654aed3429ed9e780ee7cc name: gcp-pd-csi-driver.addons.k8s.io selector: k8s-addon: gcp-pd-csi-driver.addons.k8s.io diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content similarity index 99% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content index 41f4679d83..b47792272d 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content @@ -715,7 +715,7 @@ spec: - args: - --v=5 - --endpoint=unix:/csi/csi.sock - - --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-long-name-example-com + - --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 name: gce-pd-driver volumeMounts: diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content similarity index 89% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content index 2798e8d8f1..30f0794f25 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content @@ -1,7 +1,7 @@ apiVersion: v1 data: config.yaml: | - {"cloud":"gce","configBase":"memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com","server":{"Listen":":3988","provider":{"gce":{"projectID":"testproject","region":"us-test1","clusterName":"minimal-gce-with-a-very-very-very-long-name.example.com","MaxTimeSkew":300}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}} + {"cloud":"gce","configBase":"memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com","server":{"Listen":":3988","provider":{"gce":{"projectID":"testproject","region":"us-test1","clusterName":"minimal-gce-with-a-very-very-very-very-very-long-name.example.com","MaxTimeSkew":300}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}} kind: ConfigMap metadata: creationTimestamp: null @@ -33,7 +33,7 @@ spec: template: metadata: annotations: - dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal-gce-with-a-very-very-very-long-name.example.com + dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com creationTimestamp: null labels: k8s-addon: kops-controller.addons.k8s.io diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content new file mode 100644 index 0000000000..4461b20037 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content @@ -0,0 +1,273 @@ +APIServerConfig: + KubeAPIServer: + allowPrivileged: true + anonymousAuth: false + apiAudiences: + - kubernetes.svc.default + apiServerCount: 1 + authorizationMode: AlwaysAllow + bindAddress: 0.0.0.0 + cloudProvider: gce + enableAdmissionPlugins: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - DefaultStorageClass + - DefaultTolerationSeconds + - MutatingAdmissionWebhook + - ValidatingAdmissionWebhook + - NodeRestriction + - ResourceQuota + etcdServers: + - https://127.0.0.1:4001 + etcdServersOverrides: + - /events#https://127.0.0.1:4002 + image: registry.k8s.io/kube-apiserver:v1.23.0 + kubeletPreferredAddressTypes: + - InternalIP + - Hostname + - ExternalIP + logLevel: 2 + requestheaderAllowedNames: + - aggregator + requestheaderExtraHeaderPrefixes: + - X-Remote-Extra- + requestheaderGroupHeaders: + - X-Remote-Group + requestheaderUsernameHeaders: + - X-Remote-User + securePort: 443 + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks + serviceClusterIPRange: 100.64.0.0/13 + storageBackend: etcd3 + ServiceAccountPublicKeys: | + -----BEGIN RSA PUBLIC KEY----- + MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANiW3hfHTcKnxCig+uWhpVbOfH1pANKm + XVSysPKgE80QSU4tZ6m49pAEeIMsvwvDMaLsb2v6JvXe0qvCmueU+/sCAwEAAQ== + -----END RSA PUBLIC KEY----- + -----BEGIN RSA PUBLIC KEY----- + MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKOE64nZbH+GM91AIrqf7HEk4hvzqsZF + Ftxc+8xir1XC3mI/RhCCrs6AdVRZNZ26A6uHArhi33c2kHQkCjyLA7sCAwEAAQ== + -----END RSA PUBLIC KEY----- +Assets: + amd64: + - 4756ff345dd80704b749d87efb8eb294a143a1f4a251ec586197d26ad20ea518@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/kubelet + - 2d0f5ba6faa787878b642c151ccb2c3390ce4c1e6c8e2b59568b3869ba407c4f@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/kubectl + - ab63ef67b254a2eae51782106593c266e0b054ac2248e2cb913f6d165afae83c@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/mounter + - 962100bbc4baeaaa5748cdbfce941f756b1531c2eadb290129401498bfac21e7@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz + - 0212869675742081d70600a1afc6cea4388435cc52bf5dc21f4efdcb9a92d2ef@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-amd64.tar.gz + - 6e8b24be90fffce6b025d254846da9d2ca6d65125f9139b6354bab0272253d01@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64 + - f90ed6dcef534e6d1ae17907dc7eb40614b8945ad4af7f0e98d2be7cde8165c6@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/protokube,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/protokube-linux-amd64 + - 9992e7eb2a2e93f799e5a9e98eb718637433524bc65f630357201a79f49b13d0@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/channels,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/channels-linux-amd64 + arm64: + - a546fb7ccce69c4163e4a0b19a31f30ea039b4e4560c23fd6e3016e2b2dfd0d9@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/kubelet + - 1d77d6027fc8dfed772609ad9bd68f611b7e4ce73afa949f27084ad3a92b15fe@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/kubectl + - 6ef5620ad47035a168bf28335aa39a09f246e17f5d6e42f0d8daba7d90fc4e9f@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/mounter + - ef17764ffd6cdcb16d76401bac1db6acc050c9b088f1be5efa0e094ea3b01df0@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-arm64-v0.9.1.tgz + - 807bf333df331d713708ead66919189d7b142a0cc21ec32debbc988f9069d5eb@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-arm64.tar.gz + - 00c9ad161a77a01d9dcbd25b1d76fa9822e57d8e4abf26ba8907c98f6bcfcd0f@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.arm64 + - 2f599c3d54f4c4bdbcc95aaf0c7b513a845d8f9503ec5b34c9f86aa1bc34fc0c@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/protokube,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/protokube-linux-arm64 + - 9d842e3636a95de2315cdea2be7a282355aac0658ef0b86d5dc2449066538f13@https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/channels,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/channels-linux-arm64 +CAs: + apiserver-aggregator-ca: | + -----BEGIN CERTIFICATE----- + MIIBgjCCASygAwIBAgIMFo3gINaZLHjisEcbMA0GCSqGSIb3DQEBCwUAMCIxIDAe + BgNVBAMTF2FwaXNlcnZlci1hZ2dyZWdhdG9yLWNhMB4XDTIxMDYzMDA0NTExMloX + DTMxMDYzMDA0NTExMlowIjEgMB4GA1UEAxMXYXBpc2VydmVyLWFnZ3JlZ2F0b3It + Y2EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAyyE71AOU3go5XFegLQ6fidI0LhhM + x7CzpTzh2xWKcHUfbNI7itgJvC/+GlyG5W+DF5V7ba0IJiQLsFve0oLdewIDAQAB + o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU + ALfqF5ZmfqvqORuJIFilZYKF3d0wDQYJKoZIhvcNAQELBQADQQAHAomFKsF4jvYX + WM/UzQXDj9nSAFTf8dBPCXyZZNotsOH7+P6W4mMiuVs8bAuGiXGUdbsQ2lpiT/Rk + CzMeMdr4 + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBgjCCASygAwIBAgIMFo3gM0nxQpiX/agfMA0GCSqGSIb3DQEBCwUAMCIxIDAe + BgNVBAMTF2FwaXNlcnZlci1hZ2dyZWdhdG9yLWNhMB4XDTIxMDYzMDA0NTIzMVoX + DTMxMDYzMDA0NTIzMVowIjEgMB4GA1UEAxMXYXBpc2VydmVyLWFnZ3JlZ2F0b3It + Y2EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAyyE71AOU3go5XFegLQ6fidI0LhhM + x7CzpTzh2xWKcHUfbNI7itgJvC/+GlyG5W+DF5V7ba0IJiQLsFve0oLdewIDAQAB + o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU + ALfqF5ZmfqvqORuJIFilZYKF3d0wDQYJKoZIhvcNAQELBQADQQCXsoezoxXu2CEN + QdlXZOfmBT6cqxIX/RMHXhpHwRiqPsTO8IO2bVA8CSzxNwMuSv/ZtrMHoh8+PcVW + HLtkTXH8 + -----END CERTIFICATE----- + etcd-clients-ca: | + -----BEGIN CERTIFICATE----- + MIIBcjCCARygAwIBAgIMFo1ogHnr26DL9YkqMA0GCSqGSIb3DQEBCwUAMBoxGDAW + BgNVBAMTD2V0Y2QtY2xpZW50cy1jYTAeFw0yMTA2MjgxNjE5MDFaFw0zMTA2Mjgx + NjE5MDFaMBoxGDAWBgNVBAMTD2V0Y2QtY2xpZW50cy1jYTBcMA0GCSqGSIb3DQEB + AQUAA0sAMEgCQQDYlt4Xx03Cp8QooPrloaVWznx9aQDSpl1UsrDyoBPNEElOLWep + uPaQBHiDLL8LwzGi7G9r+ib13tKrwprnlPv7AgMBAAGjQjBAMA4GA1UdDwEB/wQE + AwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQjlt4Ue54AbJPWlDpRM51s + x+PeBDANBgkqhkiG9w0BAQsFAANBAAZAdf8ROEVkr3Rf7I+s+CQOil2toadlKWOY + qCeJ2XaEROfp9aUTEIU1MGM3g57MPyAPPU7mURskuOQz6B1UFaY= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBcjCCARygAwIBAgIMFo1olfBnC/CsT+dqMA0GCSqGSIb3DQEBCwUAMBoxGDAW + BgNVBAMTD2V0Y2QtY2xpZW50cy1jYTAeFw0yMTA2MjgxNjIwMzNaFw0zMTA2Mjgx + NjIwMzNaMBoxGDAWBgNVBAMTD2V0Y2QtY2xpZW50cy1jYTBcMA0GCSqGSIb3DQEB + AQUAA0sAMEgCQQDYlt4Xx03Cp8QooPrloaVWznx9aQDSpl1UsrDyoBPNEElOLWep + uPaQBHiDLL8LwzGi7G9r+ib13tKrwprnlPv7AgMBAAGjQjBAMA4GA1UdDwEB/wQE + AwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQjlt4Ue54AbJPWlDpRM51s + x+PeBDANBgkqhkiG9w0BAQsFAANBAF1xUz77PlUVUnd9duF8F7plou0TONC9R6/E + YQ8C6vM1b+9NSDGjCW8YmwEU2fBgskb/BBX2lwVZ32/RUEju4Co= + -----END CERTIFICATE----- + etcd-manager-ca-events: | + -----BEGIN CERTIFICATE----- + MIIBgDCCASqgAwIBAgIMFo+bKjm04vB4rNtaMA0GCSqGSIb3DQEBCwUAMCExHzAd + BgNVBAMTFmV0Y2QtbWFuYWdlci1jYS1ldmVudHMwHhcNMjEwNzA1MjAwOTU2WhcN + MzEwNzA1MjAwOTU2WjAhMR8wHQYDVQQDExZldGNkLW1hbmFnZXItY2EtZXZlbnRz + MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKiC8tndMlEFZ7qzeKxeKqFVjaYpsh/H + g7RxWo15+1kgH3suO0lxp9+RxSVv97hnsfbySTPZVhy2cIQj7eZtZt8CAwEAAaNC + MEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFBg6 + CEZkQNnRkARBwFce03AEWa+sMA0GCSqGSIb3DQEBCwUAA0EAJMnBThok/uUe8q8O + sS5q19KUuE8YCTUzMDj36EBKf6NX4NoakCa1h6kfQVtlMtEIMWQZCjbm8xGK5ffs + GS/VUw== + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBgDCCASqgAwIBAgIMFo+bQ+EgIiBmGghjMA0GCSqGSIb3DQEBCwUAMCExHzAd + BgNVBAMTFmV0Y2QtbWFuYWdlci1jYS1ldmVudHMwHhcNMjEwNzA1MjAxMTQ2WhcN + MzEwNzA1MjAxMTQ2WjAhMR8wHQYDVQQDExZldGNkLW1hbmFnZXItY2EtZXZlbnRz + MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKFhHVVxxDGv8d1jBvtdSxz7KIVoBOjL + DMxsmTsINiQkTQaFlb+XPlnY1ar4+RhE519AFUkqfhypk4Zxqf1YFXUCAwEAAaNC + MEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNuW + LLH5c8kDubDbr6BHgedW0iJ9MA0GCSqGSIb3DQEBCwUAA0EAiKUoBoaGu7XzboFE + hjfKlX0TujqWuW3qMxDEJwj4dVzlSLrAoB/G01MJ+xxYKh456n48aG6N827UPXhV + cPfVNg== + -----END CERTIFICATE----- + etcd-manager-ca-main: | + -----BEGIN CERTIFICATE----- + MIIBfDCCASagAwIBAgIMFo+bKjm1c3jfv6hIMA0GCSqGSIb3DQEBCwUAMB8xHTAb + BgNVBAMTFGV0Y2QtbWFuYWdlci1jYS1tYWluMB4XDTIxMDcwNTIwMDk1NloXDTMx + MDcwNTIwMDk1NlowHzEdMBsGA1UEAxMUZXRjZC1tYW5hZ2VyLWNhLW1haW4wXDAN + BgkqhkiG9w0BAQEFAANLADBIAkEAxbkDbGYmCSShpRG3r+lzTOFujyuruRfjOhYm + ZRX4w1Utd5y63dUc98sjc9GGUYMHd+0k1ql/a48tGhnK6N6jJwIDAQABo0IwQDAO + BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWZLkbBFx + GAgPU4i62c52unSo7RswDQYJKoZIhvcNAQELBQADQQAj6Pgd0va/8FtkyMlnohLu + Gf4v8RJO6zk3Y6jJ4+cwWziipFM1ielMzSOZfFcCZgH3m5Io40is4hPSqyq2TOA6 + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBfDCCASagAwIBAgIMFo+bQ+Eg8Si30gr4MA0GCSqGSIb3DQEBCwUAMB8xHTAb + BgNVBAMTFGV0Y2QtbWFuYWdlci1jYS1tYWluMB4XDTIxMDcwNTIwMTE0NloXDTMx + MDcwNTIwMTE0NlowHzEdMBsGA1UEAxMUZXRjZC1tYW5hZ2VyLWNhLW1haW4wXDAN + BgkqhkiG9w0BAQEFAANLADBIAkEAw33jzcd/iosN04b0WXbDt7B0c3sJ3aafcGLP + vG3xRB9N5bYr9+qZAq3mzAFkxscn4j1ce5b1/GKTDEAClmZgdQIDAQABo0IwQDAO + BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUE/h+3gDP + DvKwHRyiYlXM8voZ1wowDQYJKoZIhvcNAQELBQADQQBXuimeEoAOu5HN4hG7NqL9 + t40K3ZRhRZv3JQWnRVJCBDjg1rD0GQJR/n+DoWvbeijI5C9pNjr2pWSIYR1eYCvd + -----END CERTIFICATE----- + etcd-peers-ca-events: | + -----BEGIN CERTIFICATE----- + MIIBfDCCASagAwIBAgIMFo+bKjmxTPh3/lYJMA0GCSqGSIb3DQEBCwUAMB8xHTAb + BgNVBAMTFGV0Y2QtcGVlcnMtY2EtZXZlbnRzMB4XDTIxMDcwNTIwMDk1NloXDTMx + MDcwNTIwMDk1NlowHzEdMBsGA1UEAxMUZXRjZC1wZWVycy1jYS1ldmVudHMwXDAN + BgkqhkiG9w0BAQEFAANLADBIAkEAv5g4HF2xmrYyouJfY9jXx1M3gPLD/pupvxPY + xyjJw5pNCy5M5XGS3iTqRD5RDE0fWudVHFZKLIe8WPc06NApXwIDAQABo0IwQDAO + BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUf6xiDI+O + Yph1ziCGr2hZaQYt+fUwDQYJKoZIhvcNAQELBQADQQBBxj5hqEQstonTb8lnqeGB + DEYtUeAk4eR/HzvUMjF52LVGuvN3XVt+JTrFeKNvb6/RDUbBNRj3azalcUkpPh6V + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBfDCCASagAwIBAgIMFo+bQ+Eq69jgzpKwMA0GCSqGSIb3DQEBCwUAMB8xHTAb + BgNVBAMTFGV0Y2QtcGVlcnMtY2EtZXZlbnRzMB4XDTIxMDcwNTIwMTE0NloXDTMx + MDcwNTIwMTE0NlowHzEdMBsGA1UEAxMUZXRjZC1wZWVycy1jYS1ldmVudHMwXDAN + BgkqhkiG9w0BAQEFAANLADBIAkEAo5Nj2CjX1qp3mEPw1H5nHAFWLoGNSLSlRFJW + 03NxaNPMFzL5PrCoyOXrX8/MWczuZYw0Crf8EPOOQWi2+W0XLwIDAQABo0IwQDAO + BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUxauhhKQh + cvdZND78rHe0RQVTTiswDQYJKoZIhvcNAQELBQADQQB+cq4jIS9q0zXslaRa+ViI + J+dviA3sMygbmSJO0s4DxYmoazKJblux5q0ASSvS9iL1l9ShuZ1dWyp2tpZawHyb + -----END CERTIFICATE----- + etcd-peers-ca-main: | + -----BEGIN CERTIFICATE----- + MIIBeDCCASKgAwIBAgIMFo+bKjmuLDDLcDHsMA0GCSqGSIb3DQEBCwUAMB0xGzAZ + BgNVBAMTEmV0Y2QtcGVlcnMtY2EtbWFpbjAeFw0yMTA3MDUyMDA5NTZaFw0zMTA3 + MDUyMDA5NTZaMB0xGzAZBgNVBAMTEmV0Y2QtcGVlcnMtY2EtbWFpbjBcMA0GCSqG + SIb3DQEBAQUAA0sAMEgCQQCyRaXWpwgN6INQqws9p/BvPElJv2Rno9dVTFhlQqDA + aUJXe7MBmiO4NJcW76EozeBh5ztR3/4NE1FM2x8TisS3AgMBAAGjQjBAMA4GA1Ud + DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQtE1d49uSvpURf + OQ25Vlu6liY20DANBgkqhkiG9w0BAQsFAANBAAgLVaetJZcfOA3OIMMvQbz2Ydrt + uWF9BKkIad8jrcIrm3IkOtR8bKGmDIIaRKuG/ZUOL6NMe2fky3AAfKwleL4= + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBeDCCASKgAwIBAgIMFo+bQ+EuVthBfuZvMA0GCSqGSIb3DQEBCwUAMB0xGzAZ + BgNVBAMTEmV0Y2QtcGVlcnMtY2EtbWFpbjAeFw0yMTA3MDUyMDExNDZaFw0zMTA3 + MDUyMDExNDZaMB0xGzAZBgNVBAMTEmV0Y2QtcGVlcnMtY2EtbWFpbjBcMA0GCSqG + SIb3DQEBAQUAA0sAMEgCQQCxNbycDZNx5V1ZOiXxZSvaFpHRwKeHDfcuMUitdoPt + naVMlMTGDWAMuCVmFHFAWohIYynemEegmZkZ15S7AErfAgMBAAGjQjBAMA4GA1Ud + DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTAjQ8T4HclPIsC + qipEfUIcLP6jqTANBgkqhkiG9w0BAQsFAANBAJdZ17TN3HlWrH7HQgfR12UBwz8K + G9DurDznVaBVUYaHY8Sg5AvAXeb+yIF2JMmRR+bK+/G1QYY2D3/P31Ic2Oo= + -----END CERTIFICATE----- + kubernetes-ca: | + -----BEGIN CERTIFICATE----- + MIIBbjCCARigAwIBAgIMFpANqBD8NSD82AUSMA0GCSqGSIb3DQEBCwUAMBgxFjAU + BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwODAwWhcNMzEwNzA3MDcw + ODAwWjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD + SwAwSAJBANFI3zr0Tk8krsW8vwjfMpzJOlWQ8616vG3YPa2qAgI7V4oKwfV0yIg1 + jt+H6f4P/wkPAPTPTfRp9Iy8oHEEFw0CAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG + MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNG3zVjTcLlJwDsJ4/K9DV7KohUA + MA0GCSqGSIb3DQEBCwUAA0EAB8d03fY2w7WKpfO29qI295pu2C4ca9AiVGOpgSc8 + tmQsq6rcxt3T+rb589PVtz0mw/cKTxOk6gH2CCC+yHfy2w== + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBbjCCARigAwIBAgIMFpANvmSa0OAlYmXKMA0GCSqGSIb3DQEBCwUAMBgxFjAU + BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwOTM2WhcNMzEwNzA3MDcw + OTM2WjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD + SwAwSAJBAMF6F4aZdpe0RUpyykaBpWwZCnwbffhYGOw+fs6RdLuUq7QCNmJm/Eq7 + WWOziMYDiI9SbclpD+6QiJ0N3EqppVUCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG + MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLImp6ARjPDAH6nhI+scWVt3Q9bn + MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA + 9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw== + -----END CERTIFICATE----- +ClusterName: minimal-gce-with-a-very-very-very-very-very-long-name.example.com +Hooks: +- null +- null +KeypairIDs: + apiserver-aggregator-ca: "6980187172486667078076483355" + etcd-clients-ca: "6979622252718071085282986282" + etcd-manager-ca-events: "6982279354000777253151890266" + etcd-manager-ca-main: "6982279354000936168671127624" + etcd-peers-ca-events: "6982279353999767935825892873" + etcd-peers-ca-main: "6982279353998887468930183660" + kubernetes-ca: "6982820025135291416230495506" + service-account: "2" +KubeletConfig: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + nodeLabels: + kops.k8s.io/kops-controller-pki: "" + kubernetes.io/role: master + node-role.kubernetes.io/control-plane: "" + node-role.kubernetes.io/master: "" + node.kubernetes.io/exclude-from-external-load-balancers: "" + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + registerSchedulable: false + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s +UpdatePolicy: automatic +channels: +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml +containerdConfig: + logLevel: info + version: 1.6.6 +etcdManifests: +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/main.yaml +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/events.yaml +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-nodes_content b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-nodes_content new file mode 100644 index 0000000000..a48e928362 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_nodeupconfig-nodes_content @@ -0,0 +1,70 @@ +Assets: + amd64: + - 4756ff345dd80704b749d87efb8eb294a143a1f4a251ec586197d26ad20ea518@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/kubelet + - 2d0f5ba6faa787878b642c151ccb2c3390ce4c1e6c8e2b59568b3869ba407c4f@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/kubectl + - ab63ef67b254a2eae51782106593c266e0b054ac2248e2cb913f6d165afae83c@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/amd64/mounter + - 962100bbc4baeaaa5748cdbfce941f756b1531c2eadb290129401498bfac21e7@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz + - 0212869675742081d70600a1afc6cea4388435cc52bf5dc21f4efdcb9a92d2ef@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-amd64.tar.gz + - 6e8b24be90fffce6b025d254846da9d2ca6d65125f9139b6354bab0272253d01@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64 + arm64: + - a546fb7ccce69c4163e4a0b19a31f30ea039b4e4560c23fd6e3016e2b2dfd0d9@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/kubelet + - 1d77d6027fc8dfed772609ad9bd68f611b7e4ce73afa949f27084ad3a92b15fe@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/kubectl + - 6ef5620ad47035a168bf28335aa39a09f246e17f5d6e42f0d8daba7d90fc4e9f@https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/arm64/mounter + - ef17764ffd6cdcb16d76401bac1db6acc050c9b088f1be5efa0e094ea3b01df0@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.9.1/cni-plugins-linux-arm64-v0.9.1.tgz + - 807bf333df331d713708ead66919189d7b142a0cc21ec32debbc988f9069d5eb@https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-arm64.tar.gz + - 00c9ad161a77a01d9dcbd25b1d76fa9822e57d8e4abf26ba8907c98f6bcfcd0f@https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.arm64 +CAs: + kubernetes-ca: | + -----BEGIN CERTIFICATE----- + MIIBbjCCARigAwIBAgIMFpANqBD8NSD82AUSMA0GCSqGSIb3DQEBCwUAMBgxFjAU + BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwODAwWhcNMzEwNzA3MDcw + ODAwWjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD + SwAwSAJBANFI3zr0Tk8krsW8vwjfMpzJOlWQ8616vG3YPa2qAgI7V4oKwfV0yIg1 + jt+H6f4P/wkPAPTPTfRp9Iy8oHEEFw0CAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG + MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNG3zVjTcLlJwDsJ4/K9DV7KohUA + MA0GCSqGSIb3DQEBCwUAA0EAB8d03fY2w7WKpfO29qI295pu2C4ca9AiVGOpgSc8 + tmQsq6rcxt3T+rb589PVtz0mw/cKTxOk6gH2CCC+yHfy2w== + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIBbjCCARigAwIBAgIMFpANvmSa0OAlYmXKMA0GCSqGSIb3DQEBCwUAMBgxFjAU + BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwOTM2WhcNMzEwNzA3MDcw + OTM2WjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD + SwAwSAJBAMF6F4aZdpe0RUpyykaBpWwZCnwbffhYGOw+fs6RdLuUq7QCNmJm/Eq7 + WWOziMYDiI9SbclpD+6QiJ0N3EqppVUCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG + MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLImp6ARjPDAH6nhI+scWVt3Q9bn + MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA + 9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw== + -----END CERTIFICATE----- +ClusterName: minimal-gce-with-a-very-very-very-very-very-long-name.example.com +Hooks: +- null +- null +KeypairIDs: + kubernetes-ca: "6982820025135291416230495506" +KubeletConfig: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + nodeLabels: + kubernetes.io/role: node + node-role.kubernetes.io/node: "" + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s +UpdatePolicy: automatic +channels: +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml +containerdConfig: + logLevel: info + version: 1.6.6 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script similarity index 94% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script index d7dea893f9..57aaa3f7a5 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script @@ -127,7 +127,7 @@ cloudConfig: enabled: true manageStorageClasses: true multizone: true - nodeTags: minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node containerRuntime: containerd containerd: logLevel: info @@ -178,8 +178,8 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 - serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com - serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com/openid/v1/jwks + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -187,7 +187,7 @@ kubeControllerManager: attachDetachReconcileSyncPeriod: 1m0s cloudProvider: gce clusterCIDR: 100.96.0.0/11 - clusterName: minimal-gce-with-a-very-very-very-long-name-example-com + clusterName: minimal-gce-with-a-very-very-very-very-very-long-name-example-com configureCloudRoutes: false enableLeaderMigration: true image: registry.k8s.io/kube-controller-manager:v1.23.0 @@ -247,10 +247,10 @@ __EOF_CLUSTER_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' CloudProvider: gce -ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com +ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com InstanceGroupName: master-us-test1-a InstanceGroupRole: Master -NodeupConfigHash: rBhlT48Ka8FXOl0zD16niWBHbLe0ne7IBh7THg4bFLQ= +NodeupConfigHash: FgrpSg7uv4tUwPz0jDDVjlni6FjrVC3caGLmTOUOQ3w= __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys similarity index 100% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script similarity index 95% rename from tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script rename to tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script index a1b935dbee..95fbc6583c 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script @@ -127,7 +127,7 @@ cloudConfig: enabled: true manageStorageClasses: true multizone: true - nodeTags: minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node containerRuntime: containerd containerd: logLevel: info @@ -162,10 +162,10 @@ __EOF_CLUSTER_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' CloudProvider: gce -ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com +ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com InstanceGroupName: nodes InstanceGroupRole: Node -NodeupConfigHash: eKSMWkttkEQHrhltD/neO5WET+f6xZSBSLZdH+cwOIs= +NodeupConfigHash: RuWbAsmnhsynl19a6k/yV6Qg5xnqogdwH9AEkkELdhw= __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/minimal_gce_ilb_longclustername/kubernetes.tf b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/kubernetes.tf new file mode 100644 index 0000000000..00790667f1 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_ilb_longclustername/kubernetes.tf @@ -0,0 +1,577 @@ +locals { + cluster_name = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" + project = "testproject" + region = "us-test1" +} + +output "cluster_name" { + value = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" +} + +output "project" { + value = "testproject" +} + +output "region" { + value = "us-test1" +} + +provider "google" { + project = "testproject" + region = "us-test1" +} + +provider "aws" { + alias = "files" + region = "us-test-1" +} + +resource "aws_s3_object" "cluster-completed-spec" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_cluster-completed.spec_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/cluster-completed.spec" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "etcd-cluster-spec-events" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-events_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events/control/etcd-cluster-spec" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "etcd-cluster-spec-main" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-main_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main/control/etcd-cluster-spec" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "kops-version-txt" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_kops-version.txt_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/kops-version.txt" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "manifests-etcdmanager-events" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-events_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/events.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "manifests-etcdmanager-main" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-main_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/main.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "manifests-static-kube-apiserver-healthcheck" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/static/kube-apiserver-healthcheck.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-bootstrap" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-coredns-addons-k8s-io-k8s-1-12" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/coredns.addons.k8s.io/k8s-1.12.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-dns-controller-addons-k8s-io-k8s-1-12" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/dns-controller.addons.k8s.io/k8s-1.12.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-gcp-pd-csi-driver-addons-k8s-io-k8s-1-23" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-kops-controller-addons-k8s-io-k8s-1-16" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-kubelet-api-rbac-addons-k8s-io-k8s-1-9" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-leader-migration-rbac-addons-k8s-io-k8s-1-23" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-limit-range-addons-k8s-io" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/limit-range.addons.k8s.io/v1.5.0.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-metadata-proxy-addons-k8s-io-v0-1-12" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/metadata-proxy.addons.k8s.io/v0.1.12.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-storage-gce-addons-k8s-io-v1-7-0" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/storage-gce.addons.k8s.io/v1.7.0.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "nodeupconfig-master-us-test1-a" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_nodeupconfig-master-us-test1-a_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/igconfig/master/master-us-test1-a/nodeupconfig.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "aws_s3_object" "nodeupconfig-nodes" { + bucket = "testingBucket" + content = file("${path.module}/data/aws_s3_object_nodeupconfig-nodes_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/igconfig/node/nodes/nodeupconfig.yaml" + provider = aws.files + server_side_encryption = "AES256" +} + +resource "google_compute_backend_service" "api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + backend { + group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f.instance_group + } + health_checks = [google_compute_health_check.api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" + name = "api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + protocol = "TCP" +} + +resource "google_compute_disk" "d1-etcd-events-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { + labels = { + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + "k8s-io-etcd-events" = "1-2f1" + "k8s-io-role-master" = "master" + } + name = "d1-etcd-events-minimal-gce-with-a-very-very-very-very-ve-96dqvi" + size = 20 + type = "pd-ssd" + zone = "us-test1-a" +} + +resource "google_compute_disk" "d1-etcd-main-minimal-gce-with-a-very-very-very-very-very-96dqvi" { + labels = { + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + "k8s-io-etcd-main" = "1-2f1" + "k8s-io-role-master" = "master" + } + name = "d1-etcd-main-minimal-gce-with-a-very-very-very-very-very-96dqvi" + size = 20 + type = "pd-ssd" + zone = "us-test1-a" +} + +resource "google_compute_firewall" "master-to-master-minimal-gce-with-a-very-very-very-very--96dqvi" { + allow { + protocol = "tcp" + } + allow { + protocol = "udp" + } + allow { + protocol = "icmp" + } + allow { + protocol = "esp" + } + allow { + protocol = "ah" + } + allow { + protocol = "sctp" + } + disabled = false + name = "master-to-master-minimal-gce-with-a-very-very-very-very--96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] +} + +resource "google_compute_firewall" "master-to-node-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { + allow { + protocol = "tcp" + } + allow { + protocol = "udp" + } + allow { + protocol = "icmp" + } + allow { + protocol = "esp" + } + allow { + protocol = "ah" + } + allow { + protocol = "sctp" + } + disabled = false + name = "master-to-node-minimal-gce-with-a-very-very-very-very-ve-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_firewall" "node-to-master-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { + allow { + ports = ["443"] + protocol = "tcp" + } + allow { + ports = ["3988"] + protocol = "tcp" + } + disabled = false + name = "node-to-master-minimal-gce-with-a-very-very-very-very-ve-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] +} + +resource "google_compute_firewall" "node-to-node-minimal-gce-with-a-very-very-very-very-very-96dqvi" { + allow { + protocol = "tcp" + } + allow { + protocol = "udp" + } + allow { + protocol = "icmp" + } + allow { + protocol = "esp" + } + allow { + protocol = "ah" + } + allow { + protocol = "sctp" + } + disabled = false + name = "node-to-node-minimal-gce-with-a-very-very-very-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_firewall" "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-96dqvi" { + allow { + ports = ["30000-32767"] + protocol = "tcp" + } + allow { + ports = ["30000-32767"] + protocol = "udp" + } + disabled = true + name = "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["::/0"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_firewall" "nodeport-external-to-node-minimal-gce-with-a-very-very-v-96dqvi" { + allow { + ports = ["30000-32767"] + protocol = "tcp" + } + allow { + ports = ["30000-32767"] + protocol = "udp" + } + disabled = true + name = "nodeport-external-to-node-minimal-gce-with-a-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["0.0.0.0/0"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_firewall" "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-96dqvi" { + allow { + ports = ["22"] + protocol = "tcp" + } + disabled = true + name = "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["::/0"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] +} + +resource "google_compute_firewall" "ssh-external-to-master-minimal-gce-with-a-very-very-very-96dqvi" { + allow { + ports = ["22"] + protocol = "tcp" + } + disabled = false + name = "ssh-external-to-master-minimal-gce-with-a-very-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["0.0.0.0/0"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] +} + +resource "google_compute_firewall" "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-96dqvi" { + allow { + ports = ["22"] + protocol = "tcp" + } + disabled = true + name = "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["::/0"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-with-a-very-very-very-v-96dqvi" { + allow { + ports = ["22"] + protocol = "tcp" + } + disabled = false + name = "ssh-external-to-node-minimal-gce-with-a-very-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_ranges = ["0.0.0.0/0"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_forwarding_rule" "us-test-1-minimal-gce-with-a-very-very-very-very-very-lo-96dqvi" { + backend_service = google_compute_backend_service.api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.id + ip_protocol = "TCP" + load_balancing_scheme = "INTERNAL" + name = "us-test-1-minimal-gce-with-a-very-very-very-very-very-lo-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + ports = ["443"] + subnetwork = "us-test-1" +} + +resource "google_compute_health_check" "api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + name = "api-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + tcp_health_check { + port = 443 + } +} + +resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f" { + base_instance_name = "master-us-test1-a" + name = "a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f" + target_size = 1 + version { + instance_template = google_compute_instance_template.master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.self_link + } + zone = "us-test1-a" +} + +resource "google_compute_instance_group_manager" "a-nodes-minimal-gce-with-a-very-very-very-very-very-long-qk78uj" { + base_instance_name = "nodes" + name = "a-nodes-minimal-gce-with-a-very-very-very-very-very-long-qk78uj" + target_size = 2 + version { + instance_template = google_compute_instance_template.nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.self_link + } + zone = "us-test1-a" +} + +resource "google_compute_instance_template" "master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + can_ip_forward = true + disk { + auto_delete = true + boot = true + device_name = "persistent-disks-0" + disk_name = "" + disk_size_gb = 64 + disk_type = "pd-standard" + interface = "" + mode = "READ_WRITE" + source = "" + source_image = "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-57-9202-64-0" + type = "PERSISTENT" + } + labels = { + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + "k8s-io-instance-group" = "master-us-test1-a" + "k8s-io-role-master" = "" + } + machine_type = "n1-standard-1" + metadata = { + "cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" + "kops-k8s-io-instance-group-name" = "master-us-test1-a" + "ssh-keys" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys") + "startup-script" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script") + } + name_prefix = "master-us-test1-a-minimal-ivl9ll-" + network_interface { + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name + } + scheduling { + automatic_restart = true + on_host_maintenance = "MIGRATE" + preemptible = false + } + service_account { + email = google_service_account.control-plane.email + scopes = ["https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/monitoring", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/devstorage.read_write", "https://www.googleapis.com/auth/ndev.clouddns.readwrite"] + } + tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] +} + +resource "google_compute_instance_template" "nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + can_ip_forward = true + disk { + auto_delete = true + boot = true + device_name = "persistent-disks-0" + disk_name = "" + disk_size_gb = 128 + disk_type = "pd-standard" + interface = "" + mode = "READ_WRITE" + source = "" + source_image = "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-57-9202-64-0" + type = "PERSISTENT" + } + labels = { + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + "k8s-io-instance-group" = "nodes" + "k8s-io-role-node" = "" + } + machine_type = "n1-standard-2" + metadata = { + "cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" + "kops-k8s-io-instance-group-name" = "nodes" + "ssh-keys" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys") + "startup-script" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script") + } + name_prefix = "nodes-minimal-gce-with-a--k0ql96-" + network_interface { + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name + } + scheduling { + automatic_restart = true + on_host_maintenance = "MIGRATE" + preemptible = false + } + service_account { + email = google_service_account.node.email + scopes = ["https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/monitoring", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/devstorage.read_only"] + } + tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] +} + +resource "google_compute_network" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + auto_create_subnetworks = false + name = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" +} + +resource "google_compute_router" "nat-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + name = "nat-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name +} + +resource "google_compute_router_nat" "nat-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { + name = "nat-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" + nat_ip_allocate_option = "AUTO_ONLY" + region = "us-test1" + router = google_compute_router.nat-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS" + subnetwork { + name = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name + source_ip_ranges_to_nat = ["ALL_IP_RANGES"] + } +} + +resource "google_compute_subnetwork" "us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi" { + ip_cidr_range = "10.0.16.0/20" + name = "us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + region = "us-test1" +} + +resource "google_project_iam_binding" "serviceaccount-control-plane" { + members = ["serviceAccount:control-plane-minimal-g-96dqvi@testproject.iam.gserviceaccount.com"] + project = "testproject" + role = "roles/container.serviceAgent" +} + +resource "google_project_iam_binding" "serviceaccount-nodes" { + members = ["serviceAccount:node-minimal-gce-with-a-96dqvi@testproject.iam.gserviceaccount.com"] + project = "testproject" + role = "roles/compute.viewer" +} + +resource "google_service_account" "control-plane" { + account_id = "control-plane-minimal-g-96dqvi" + description = "kubernetes control-plane instances" + display_name = "control-plane" + project = "testproject" +} + +resource "google_service_account" "node" { + account_id = "node-minimal-gce-with-a-96dqvi" + description = "kubernetes worker nodes" + display_name = "node" + project = "testproject" +} + +terraform { + required_version = ">= 0.15.0" + required_providers { + google = { + "source" = "hashicorp/google" + "version" = ">= 2.19.0" + } + } +} diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_cluster-completed.spec_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_cluster-completed.spec_content index 3359f8334e..18f2ddb594 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_cluster-completed.spec_content +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_cluster-completed.spec_content @@ -2,7 +2,7 @@ apiVersion: kops.k8s.io/v1alpha2 kind: Cluster metadata: creationTimestamp: "2017-01-01T00:00:00Z" - name: minimal-gce-with-a-very-very-very-long-name.example.com + name: minimal-gce-with-a-very-very-very-very-very-long-name.example.com spec: api: dns: {} @@ -14,11 +14,11 @@ spec: enabled: true manageStorageClasses: true multizone: true - nodeTags: minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node cloudProvider: gce clusterDNSDomain: cluster.local - configBase: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com - configStore: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com + configBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com + configStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com containerRuntime: containerd containerd: logLevel: info @@ -28,14 +28,14 @@ spec: skipInstall: true etcdClusters: - backups: - backupStore: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/main + backupStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main etcdMembers: - instanceGroup: master-us-test1-a name: "1" name: main version: 3.5.4 - backups: - backupStore: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/events + backupStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events etcdMembers: - instanceGroup: master-us-test1-a name: "1" @@ -45,7 +45,7 @@ spec: provider: dns-controller iam: legacy: false - keyStore: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/pki + keyStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/pki kubeAPIServer: allowPrivileged: true anonymousAuth: false @@ -84,8 +84,8 @@ spec: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 - serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com - serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com/openid/v1/jwks + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -93,7 +93,7 @@ spec: attachDetachReconcileSyncPeriod: 1m0s cloudProvider: gce clusterCIDR: 100.96.0.0/11 - clusterName: minimal-gce-with-a-very-very-very-long-name-example-com + clusterName: minimal-gce-with-a-very-very-very-very-very-long-name-example-com configureCloudRoutes: false enableLeaderMigration: true image: registry.k8s.io/kube-controller-manager:v1.23.0 @@ -146,7 +146,7 @@ spec: kubernetesApiAccess: - 0.0.0.0/0 kubernetesVersion: 1.23.0 - masterInternalName: api.internal.minimal-gce-with-a-very-very-very-long-name.example.com + masterInternalName: api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com masterKubelet: anonymousAuth: false cgroupDriver: systemd @@ -166,13 +166,13 @@ spec: registerSchedulable: false shutdownGracePeriod: 30s shutdownGracePeriodCriticalPods: 10s - masterPublicName: api.minimal-gce-with-a-very-very-very-long-name.example.com + masterPublicName: api.minimal-gce-with-a-very-very-very-very-very-long-name.example.com networking: cni: {} nonMasqueradeCIDR: 100.64.0.0/10 podCIDR: 100.96.0.0/11 project: testproject - secretStore: memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/secrets + secretStore: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/secrets serviceClusterIPRange: 100.64.0.0/13 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content index ba0faaa9fa..43e66092d0 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-events_content @@ -12,11 +12,11 @@ spec: - /bin/sh - -c - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager - --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/events + --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events --client-urls=https://__name__:4002 --cluster-name=etcd-events --containerized=true - --dns-suffix=.internal.minimal-gce-with-a-very-very-very-long-name.example.com + --dns-suffix=.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com --grpc-port=3997 --peer-urls=https://__name__:2381 --quarantine-client-urls=https://__name__:3995 - --v=6 --volume-name-tag=k8s-io-etcd-events --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-long-name-example-com + --v=6 --volume-name-tag=k8s-io-etcd-events --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com --volume-tag=k8s-io-etcd-events --volume-tag=k8s-io-role-master=master > /tmp/pipe 2>&1 image: registry.k8s.io/etcdadm/etcd-manager:v3.0.20220617 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content index edbbb8a1a4..54d5c289bb 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_manifests-etcdmanager-main_content @@ -12,11 +12,11 @@ spec: - /bin/sh - -c - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager - --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/main + --backup-store=memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main --client-urls=https://__name__:4001 --cluster-name=etcd --containerized=true - --dns-suffix=.internal.minimal-gce-with-a-very-very-very-long-name.example.com + --dns-suffix=.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com --grpc-port=3996 --peer-urls=https://__name__:2380 --quarantine-client-urls=https://__name__:3994 - --v=6 --volume-name-tag=k8s-io-etcd-main --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-long-name-example-com + --v=6 --volume-name-tag=k8s-io-etcd-main --volume-provider=gce --volume-tag=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com --volume-tag=k8s-io-etcd-main --volume-tag=k8s-io-role-master=master > /tmp/pipe 2>&1 image: registry.k8s.io/etcdadm/etcd-manager:v3.0.20220617 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content new file mode 100644 index 0000000000..19c2ed3dcd --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content @@ -0,0 +1,69 @@ +kind: Addons +metadata: + creationTimestamp: null + name: bootstrap +spec: + addons: + - id: k8s-1.16 + manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml + manifestHash: d5f7f2688667e92286467680486bc02ef5052d9192b1da6db36924a4e32d7c64 + name: kops-controller.addons.k8s.io + needsRollingUpdate: control-plane + selector: + k8s-addon: kops-controller.addons.k8s.io + version: 9.99.0 + - id: k8s-1.12 + manifest: coredns.addons.k8s.io/k8s-1.12.yaml + manifestHash: 36dc915b1233981f10e02284dc34088aaa3fadff6592bc5edc84e9269b32be57 + name: coredns.addons.k8s.io + selector: + k8s-addon: coredns.addons.k8s.io + version: 9.99.0 + - id: k8s-1.9 + manifest: kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml + manifestHash: 01c120e887bd98d82ef57983ad58a0b22bc85efb48108092a24c4b82e4c9ea81 + name: kubelet-api.rbac.addons.k8s.io + selector: + k8s-addon: kubelet-api.rbac.addons.k8s.io + version: 9.99.0 + - id: k8s-1.23 + manifest: leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml + manifestHash: b9c91e09c0f28c9b74ff140b8395d611834c627d698846d625c10975a74a48c4 + name: leader-migration.rbac.addons.k8s.io + selector: + k8s-addon: leader-migration.rbac.addons.k8s.io + version: 9.99.0 + - manifest: limit-range.addons.k8s.io/v1.5.0.yaml + manifestHash: 2d55c3bc5e354e84a3730a65b42f39aba630a59dc8d32b30859fcce3d3178bc2 + name: limit-range.addons.k8s.io + selector: + k8s-addon: limit-range.addons.k8s.io + version: 9.99.0 + - id: k8s-1.12 + manifest: dns-controller.addons.k8s.io/k8s-1.12.yaml + manifestHash: e1e790c1224460db1cf94484580e4934e90e3092008648a4bc051ff9a46cda81 + name: dns-controller.addons.k8s.io + selector: + k8s-addon: dns-controller.addons.k8s.io + version: 9.99.0 + - id: v1.7.0 + manifest: storage-gce.addons.k8s.io/v1.7.0.yaml + manifestHash: 6c6d100b10243fc62e0195706aa862b42632faeac05a117d07a263a2c5a8e87c + name: storage-gce.addons.k8s.io + selector: + k8s-addon: storage-gce.addons.k8s.io + version: 9.99.0 + - id: k8s-1.23 + manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml + manifestHash: 58a0ffcf43005dce350ffe7d4faa1776b2c9ec9bf2654aed3429ed9e780ee7cc + name: gcp-pd-csi-driver.addons.k8s.io + selector: + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + version: 9.99.0 + - id: v0.1.12 + manifest: metadata-proxy.addons.k8s.io/v0.1.12.yaml + manifestHash: 86ec56ce7f5f4103793e3a03af7b213a8830dc958d4bf1fd65f0a032bf6d65b0 + name: metadata-proxy.addons.k8s.io + selector: + k8s-addon: metadata-proxy.addons.k8s.io + version: 9.99.0 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content new file mode 100644 index 0000000000..6cd12eb9b6 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content @@ -0,0 +1,385 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + kubernetes.io/cluster-service: "true" + name: coredns + namespace: kube-system + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + kubernetes.io/bootstrapping: rbac-defaults + name: system:coredns +rules: +- apiGroups: + - "" + resources: + - endpoints + - services + - pods + - namespaces + verbs: + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + kubernetes.io/bootstrapping: rbac-defaults + name: system:coredns +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:coredns +subjects: +- kind: ServiceAccount + name: coredns + namespace: kube-system + +--- + +apiVersion: v1 +data: + Corefile: |- + .:53 { + errors + health { + lameduck 5s + } + ready + kubernetes cluster.local. in-addr.arpa ip6.arpa { + pods insecure + fallthrough in-addr.arpa ip6.arpa + ttl 30 + } + prometheus :9153 + forward . /etc/resolv.conf { + max_concurrent 1000 + } + cache 30 + loop + reload + loadbalance + } +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + addonmanager.kubernetes.io/mode: EnsureExists + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + name: coredns + namespace: kube-system + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + kubernetes.io/name: CoreDNS + name: coredns + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: kube-dns + strategy: + rollingUpdate: + maxSurge: 10% + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + k8s-app: kube-dns + kops.k8s.io/managed-by: kops + spec: + containers: + - args: + - -conf + - /etc/coredns/Corefile + image: registry.k8s.io/coredns/coredns:v1.9.3 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 5 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + successThreshold: 1 + timeoutSeconds: 5 + name: coredns + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9153 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /ready + port: 8181 + scheme: HTTP + resources: + limits: + memory: 170Mi + requests: + cpu: 100m + memory: 70Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - all + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /etc/coredns + name: config-volume + readOnly: true + dnsPolicy: Default + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + serviceAccountName: coredns + tolerations: + - key: CriticalAddonsOnly + operator: Exists + topologySpreadConstraints: + - labelSelector: + matchLabels: + k8s-app: kube-dns + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + - labelSelector: + matchLabels: + k8s-app: kube-dns + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + volumes: + - configMap: + name: coredns + name: config-volume + +--- + +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9153" + prometheus.io/scrape: "true" + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + kubernetes.io/name: CoreDNS + name: kube-dns + namespace: kube-system + resourceVersion: "0" +spec: + clusterIP: 100.64.0.10 + ports: + - name: dns + port: 53 + protocol: UDP + - name: dns-tcp + port: 53 + protocol: TCP + - name: metrics + port: 9153 + protocol: TCP + selector: + k8s-app: kube-dns + +--- + +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + name: kube-dns + namespace: kube-system +spec: + maxUnavailable: 50% + selector: + matchLabels: + k8s-app: kube-dns + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + name: coredns-autoscaler + namespace: kube-system + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + name: coredns-autoscaler +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - replicationcontrollers/scale + verbs: + - get + - update +- apiGroups: + - extensions + - apps + resources: + - deployments/scale + - replicasets/scale + verbs: + - get + - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - create + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + name: coredns-autoscaler +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: coredns-autoscaler +subjects: +- kind: ServiceAccount + name: coredns-autoscaler + namespace: kube-system + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: coredns.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: coredns.addons.k8s.io + k8s-app: coredns-autoscaler + kubernetes.io/cluster-service: "true" + name: coredns-autoscaler + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: coredns-autoscaler + template: + metadata: + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" + creationTimestamp: null + labels: + k8s-app: coredns-autoscaler + kops.k8s.io/managed-by: kops + spec: + containers: + - command: + - /cluster-proportional-autoscaler + - --namespace=kube-system + - --configmap=coredns-autoscaler + - --target=Deployment/coredns + - --default-params={"linear":{"coresPerReplica":256,"nodesPerReplica":16,"preventSinglePointFailure":true}} + - --logtostderr=true + - --v=2 + image: registry.k8s.io/cpa/cluster-proportional-autoscaler:1.8.5 + name: autoscaler + resources: + requests: + cpu: 20m + memory: 10Mi + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + serviceAccountName: coredns-autoscaler + tolerations: + - key: CriticalAddonsOnly + operator: Exists diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content new file mode 100644 index 0000000000..4c5efb55a5 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content @@ -0,0 +1,140 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: dns-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: dns-controller.addons.k8s.io + k8s-app: dns-controller + version: v1.25.0-alpha.1 + name: dns-controller + namespace: kube-system +spec: + replicas: 1 + selector: + matchLabels: + k8s-app: dns-controller + strategy: + type: Recreate + template: + metadata: + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" + creationTimestamp: null + labels: + k8s-addon: dns-controller.addons.k8s.io + k8s-app: dns-controller + kops.k8s.io/managed-by: kops + version: v1.25.0-alpha.1 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists + containers: + - args: + - --watch-ingress=false + - --dns=google-clouddns + - --zone=*/1 + - --internal-ipv4 + - --zone=*/* + - -v=2 + command: null + env: + - name: KUBERNETES_SERVICE_HOST + value: 127.0.0.1 + image: registry.k8s.io/kops/dns-controller:1.25.0-alpha.1 + name: dns-controller + resources: + requests: + cpu: 50m + memory: 50Mi + securityContext: + runAsNonRoot: true + dnsPolicy: Default + hostNetwork: true + nodeSelector: null + priorityClassName: system-cluster-critical + serviceAccount: dns-controller + tolerations: + - key: node.cloudprovider.kubernetes.io/uninitialized + operator: Exists + - key: node.kubernetes.io/not-ready + operator: Exists + - key: node-role.kubernetes.io/control-plane + operator: Exists + - key: node-role.kubernetes.io/master + operator: Exists + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: dns-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: dns-controller.addons.k8s.io + name: dns-controller + namespace: kube-system + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: dns-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: dns-controller.addons.k8s.io + name: kops:dns-controller +rules: +- apiGroups: + - "" + resources: + - endpoints + - services + - pods + - ingress + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: dns-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: dns-controller.addons.k8s.io + name: kops:dns-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kops:dns-controller +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: system:serviceaccount:kube-system:dns-controller diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content new file mode 100644 index 0000000000..b47792272d --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content @@ -0,0 +1,855 @@ +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + annotations: + storageclass.kubernetes.io/is-default-class: "true" + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + kubernetes.io/cluster-service: "true" + name: standard-csi +parameters: + type: pd-standard +provisioner: pd.csi.storage.gke.io +volumeBindingMode: WaitForFirstConsumer + +--- + +apiVersion: v1 +kind: Namespace +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: gce-pd-csi-driver + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-node-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-provisioner-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - update +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - get + - list +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-provisioner-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-provisioner-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-attacher-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments/status + verbs: + - patch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-attacher-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-attacher-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: scheduling.k8s.io/v1 +description: This priority class should be used for the GCE PD CSI driver controller + deployment only. +globalDefault: false +kind: PriorityClass +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller +value: 900000000 + +--- + +apiVersion: scheduling.k8s.io/v1 +description: This priority class should be used for the GCE PD CSI driver node deployment + only. +globalDefault: false +kind: PriorityClass +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-node +value: 900001000 + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-resizer-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims/status + verbs: + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-resizer-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-resizer-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-deploy +rules: +- apiGroups: + - policy + resourceNames: + - csi-gce-pd-controller-psp + resources: + - podsecuritypolicies + verbs: + - use + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-deploy +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-controller-deploy +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-node-deploy +rules: +- apiGroups: + - policy + resourceNames: + - csi-gce-pd-node-psp + resources: + - podsecuritypolicies + verbs: + - use + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-node +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-node-deploy +subjects: +- kind: ServiceAccount + name: csi-gce-pd-node-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-node-deploy +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-snapshotter-role +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotclasses + verbs: + - get + - list + - watch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - create + - get + - list + - watch + - update + - delete +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents/status + verbs: + - update + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller-snapshotter-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-snapshotter-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + k8s-app: gcp-compute-persistent-disk-csi-driver + name: csi-gce-pd-leaderelection-role + namespace: gce-pd-csi-driver +rules: +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + k8s-app: gcp-compute-persistent-disk-csi-driver + name: csi-gce-pd-controller-leaderelection-binding + namespace: gce-pd-csi-driver +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: csi-gce-pd-leaderelection-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-controller + namespace: gce-pd-csi-driver +spec: + replicas: 1 + selector: + matchLabels: + app: gcp-compute-persistent-disk-csi-driver + template: + metadata: + creationTimestamp: null + labels: + app: gcp-compute-persistent-disk-csi-driver + kops.k8s.io/managed-by: kops + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - key: kubernetes.io/os + operator: In + values: + - linux + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists + - key: kubernetes.io/os + operator: In + values: + - linux + containers: + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --feature-gates=Topology=true + - --http-endpoint=:22011 + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=250s + - --extra-create-metadata + - --leader-election + - --default-fstype=ext4 + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-provisioner + ports: + - containerPort: 22011 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --http-endpoint=:22012 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=250s + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-attacher + ports: + - containerPort: 22012 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --http-endpoint=:22013 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --handle-volume-inuse-error=false + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-resizer + ports: + - containerPort: 22013 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --metrics-address=:22014 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=300s + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3 + name: csi-snapshotter + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --endpoint=unix:/csi/csi.sock + - --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com + image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 + name: gce-pd-driver + volumeMounts: + - mountPath: /csi + name: socket-dir + hostNetwork: true + nodeSelector: null + priorityClassName: csi-gce-pd-controller + serviceAccountName: csi-gce-pd-controller-sa + tolerations: + - effect: NoSchedule + operator: Exists + - key: CriticalAddonsOnly + operator: Exists + volumes: + - emptyDir: {} + name: socket-dir + +--- + +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: pd.csi.storage.gke.io +spec: + attachRequired: true + podInfoOnMount: false + +--- + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: gcp-pd-csi-driver.addons.k8s.io + name: csi-gce-pd-node + namespace: gce-pd-csi-driver +spec: + selector: + matchLabels: + app: gcp-compute-persistent-disk-csi-driver + template: + metadata: + creationTimestamp: null + labels: + app: gcp-compute-persistent-disk-csi-driver + kops.k8s.io/managed-by: kops + spec: + containers: + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/pd.csi.storage.gke.io/csi.sock + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0 + name: csi-driver-registrar + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /registration + name: registration-dir + - args: + - --v=5 + - --endpoint=unix:/csi/csi.sock + - --run-controller-service=false + image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 + name: gce-pd-driver + securityContext: + privileged: true + volumeMounts: + - mountPath: /var/lib/kubelet + mountPropagation: Bidirectional + name: kubelet-dir + - mountPath: /csi + name: plugin-dir + - mountPath: /dev + name: device-dir + - mountPath: /etc/udev + name: udev-rules-etc + - mountPath: /lib/udev + name: udev-rules-lib + - mountPath: /run/udev + name: udev-socket + - mountPath: /sys + name: sys + hostNetwork: true + nodeSelector: + kubernetes.io/os: linux + priorityClassName: csi-gce-pd-node + serviceAccountName: csi-gce-pd-node-sa + tolerations: + - operator: Exists + volumes: + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: Directory + name: registration-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: kubelet-dir + - hostPath: + path: /var/lib/kubelet/plugins/pd.csi.storage.gke.io/ + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + path: /dev + type: Directory + name: device-dir + - hostPath: + path: /etc/udev + type: Directory + name: udev-rules-etc + - hostPath: + path: /lib/udev + type: Directory + name: udev-rules-lib + - hostPath: + path: /run/udev + type: Directory + name: udev-socket + - hostPath: + path: /sys + type: Directory + name: sys diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content new file mode 100644 index 0000000000..30f0794f25 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content @@ -0,0 +1,225 @@ +apiVersion: v1 +data: + config.yaml: | + {"cloud":"gce","configBase":"memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com","server":{"Listen":":3988","provider":{"gce":{"projectID":"testproject","region":"us-test1","clusterName":"minimal-gce-with-a-very-very-very-very-very-long-name.example.com","MaxTimeSkew":300}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller + namespace: kube-system + +--- + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + k8s-app: kops-controller + version: v1.25.0-alpha.1 + name: kops-controller + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: kops-controller + template: + metadata: + annotations: + dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + creationTimestamp: null + labels: + k8s-addon: kops-controller.addons.k8s.io + k8s-app: kops-controller + kops.k8s.io/managed-by: kops + version: v1.25.0-alpha.1 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - key: kops.k8s.io/kops-controller-pki + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists + - key: kops.k8s.io/kops-controller-pki + operator: Exists + containers: + - args: + - --v=2 + - --conf=/etc/kubernetes/kops-controller/config/config.yaml + command: null + env: + - name: KUBERNETES_SERVICE_HOST + value: 127.0.0.1 + image: registry.k8s.io/kops/kops-controller:1.25.0-alpha.1 + name: kops-controller + resources: + requests: + cpu: 50m + memory: 50Mi + securityContext: + runAsNonRoot: true + runAsUser: 10011 + volumeMounts: + - mountPath: /etc/kubernetes/kops-controller/config/ + name: kops-controller-config + - mountPath: /etc/kubernetes/kops-controller/pki/ + name: kops-controller-pki + dnsPolicy: Default + hostNetwork: true + nodeSelector: null + priorityClassName: system-cluster-critical + serviceAccount: kops-controller + tolerations: + - key: node.cloudprovider.kubernetes.io/uninitialized + operator: Exists + - key: node.kubernetes.io/not-ready + operator: Exists + - key: node-role.kubernetes.io/master + operator: Exists + - key: node-role.kubernetes.io/control-plane + operator: Exists + volumes: + - configMap: + name: kops-controller + name: kops-controller-config + - hostPath: + path: /etc/kubernetes/kops-controller/ + type: Directory + name: kops-controller-pki + updateStrategy: + type: OnDelete + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller + namespace: kube-system + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch + - patch + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kops-controller +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: system:serviceaccount:kube-system:kops-controller + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller + namespace: kube-system +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - create +- apiGroups: + - "" + - coordination.k8s.io + resourceNames: + - kops-controller-leader + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - patch + - update + - delete +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - create + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kops-controller.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kops-controller.addons.k8s.io + name: kops-controller + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kops-controller +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: system:serviceaccount:kube-system:kops-controller diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content new file mode 100644 index 0000000000..36761e1c56 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: kubelet-api.rbac.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: kubelet-api.rbac.addons.k8s.io + name: kops:system:kubelet-api-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:kubelet-api-admin +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: kubelet-api diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content new file mode 100644 index 0000000000..11ed6d46fd --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content @@ -0,0 +1,52 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: leader-migration.rbac.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: leader-migration.rbac.addons.k8s.io + name: system::leader-locking-migration + namespace: kube-system +rules: +- apiGroups: + - coordination.k8s.io + resourceNames: + - cloud-provider-extraction-migration + resources: + - leases + verbs: + - create + - list + - get + - update + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: leader-migration.rbac.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: leader-migration.rbac.addons.k8s.io + name: system::leader-locking-migration + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: system::leader-locking-migration +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: system:kube-controller-manager +- kind: ServiceAccount + name: kube-controller-manager + namespace: kube-system +- kind: ServiceAccount + name: aws-cloud-controller-manager + namespace: kube-system +- kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content new file mode 100644 index 0000000000..4dcdce48b9 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: LimitRange +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: limit-range.addons.k8s.io + app.kubernetes.io/managed-by: kops + k8s-addon: limit-range.addons.k8s.io + name: limits + namespace: default +spec: + limits: + - defaultRequest: + cpu: 100m + type: Container diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content new file mode 100644 index 0000000000..188a44d003 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content @@ -0,0 +1,127 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: metadata-proxy.addons.k8s.io + addonmanager.kubernetes.io/mode: Reconcile + app.kubernetes.io/managed-by: kops + k8s-addon: metadata-proxy.addons.k8s.io + k8s-app: metadata-proxy + kubernetes.io/cluster-service: "true" + name: metadata-proxy + namespace: kube-system + +--- + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: metadata-proxy.addons.k8s.io + addonmanager.kubernetes.io/mode: Reconcile + app.kubernetes.io/managed-by: kops + k8s-addon: metadata-proxy.addons.k8s.io + k8s-app: metadata-proxy + kubernetes.io/cluster-service: "true" + version: v0.12 + name: metadata-proxy-v0.12 + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: metadata-proxy + version: v0.12 + template: + metadata: + creationTimestamp: null + labels: + k8s-app: metadata-proxy + kops.k8s.io/managed-by: kops + kubernetes.io/cluster-service: "true" + version: v0.12 + spec: + containers: + - args: + - -addr=169.254.169.252:988 + image: k8s.gcr.io/metadata-proxy:v0.1.12 + name: metadata-proxy + resources: + limits: + cpu: 30m + memory: 25Mi + requests: + cpu: 30m + memory: 25Mi + securityContext: + privileged: true + - command: + - /monitor + - --stackdriver-prefix=custom.googleapis.com/addons + - --source=metadata_proxy:http://127.0.0.1:989?whitelisted=request_count + - --pod-id=$(POD_NAME) + - --namespace-id=$(POD_NAMESPACE) + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: k8s.gcr.io/prometheus-to-sd:v0.5.0 + name: prometheus-to-sd-exporter + resources: + limits: + cpu: 2m + memory: 20Mi + requests: + cpu: 2m + memory: 20Mi + dnsPolicy: Default + hostNetwork: true + initContainers: + - command: + - /bin/sh + - -c + - | + set -e + set -x + + if (ip link show ens4); then + PRIMARY_DEV=ens4 + else + PRIMARY_DEV=eth0 + fi + + ip addr add dev lo 169.254.169.252/32 + iptables -w -t nat -I PREROUTING -p tcp -d 169.254.169.254 ! -i "${PRIMARY_DEV}" --dport 80 -m comment --comment "metadata-concealment: bridge traffic to metadata server goes to metadata proxy" -j DNAT --to-destination 169.254.169.252:988 + iptables -w -t nat -I PREROUTING -p tcp -d 169.254.169.254 ! -i "${PRIMARY_DEV}" --dport 8080 -m comment --comment "metadata-concealment: bridge traffic to metadata server goes to metadata proxy" -j DNAT --to-destination 169.254.169.252:987 + image: k8s.gcr.io/k8s-custom-iptables:1.0 + imagePullPolicy: Always + name: update-ipdtables + securityContext: + privileged: true + volumeMounts: + - mountPath: /host + name: host + nodeSelector: + beta.kubernetes.io/os: linux + cloud.google.com/metadata-proxy-ready: "true" + priorityClassName: system-node-critical + serviceAccountName: metadata-proxy + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + operator: Exists + - effect: NoSchedule + operator: Exists + volumes: + - hostPath: + path: / + type: Directory + name: host + updateStrategy: + type: RollingUpdate diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content new file mode 100644 index 0000000000..1cfdf85f37 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content @@ -0,0 +1,14 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: storage-gce.addons.k8s.io + addonmanager.kubernetes.io/mode: EnsureExists + app.kubernetes.io/managed-by: kops + k8s-addon: storage-gce.addons.k8s.io + kubernetes.io/cluster-service: "true" + name: standard +parameters: + type: pd-standard +provisioner: kubernetes.io/gce-pd diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content index 0e6e7a3dcd..4461b20037 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-master-us-test1-a_content @@ -37,8 +37,8 @@ APIServerConfig: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 - serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com - serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-long-name.example.com/openid/v1/jwks + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 ServiceAccountPublicKeys: | @@ -221,7 +221,7 @@ CAs: MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA 9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw== -----END CERTIFICATE----- -ClusterName: minimal-gce-with-a-very-very-very-long-name.example.com +ClusterName: minimal-gce-with-a-very-very-very-very-very-long-name.example.com Hooks: - null - null @@ -261,13 +261,13 @@ KubeletConfig: shutdownGracePeriodCriticalPods: 10s UpdatePolicy: automatic channels: -- memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml containerdConfig: logLevel: info version: 1.6.6 etcdManifests: -- memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/manifests/etcd/main.yaml -- memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/manifests/etcd/events.yaml +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/main.yaml +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/events.yaml staticManifests: - key: kube-apiserver-healthcheck path: manifests/static/kube-apiserver-healthcheck.yaml diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-nodes_content b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-nodes_content index 745ecd08aa..a48e928362 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-nodes_content +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_nodeupconfig-nodes_content @@ -35,7 +35,7 @@ CAs: MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA 9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw== -----END CERTIFICATE----- -ClusterName: minimal-gce-with-a-very-very-very-long-name.example.com +ClusterName: minimal-gce-with-a-very-very-very-very-very-long-name.example.com Hooks: - null - null @@ -64,7 +64,7 @@ KubeletConfig: shutdownGracePeriodCriticalPods: 10s UpdatePolicy: automatic channels: -- memfs://tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml +- memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml containerdConfig: logLevel: info version: 1.6.6 diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys new file mode 100644 index 0000000000..e5d3b415dc --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys @@ -0,0 +1 @@ +admin: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCtWu40XQo8dczLsCq0OWV+hxm9uV3WxeH9Kgh4sMzQxNtoU1pvW0XdjpkBesRKGoolfWeCLXWxpyQb1IaiMkKoz7MdhQ/6UKjMjP66aFWWp3pwD0uj0HuJ7tq4gKHKRYGTaZIRWpzUiANBrjugVgA+Sd7E/mYwc/DMXkIyRZbvhQ== diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script new file mode 100644 index 0000000000..57aaa3f7a5 --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script @@ -0,0 +1,258 @@ +#!/bin/bash +set -o errexit +set -o nounset +set -o pipefail + +NODEUP_URL_AMD64=https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/nodeup,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/nodeup-linux-amd64 +NODEUP_HASH_AMD64=585fbda0f0a43184656b4bfc0cc5f0c0b85612faf43b8816acca1f99d422c924 +NODEUP_URL_ARM64=https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/nodeup,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/nodeup-linux-arm64 +NODEUP_HASH_ARM64=7603675379699105a9b9915ff97718ea99b1bbb01a4c184e2f827c8a96e8e865 + + + + + +sysctl -w net.core.rmem_max=16777216 || true +sysctl -w net.core.wmem_max=16777216 || true +sysctl -w net.ipv4.tcp_rmem='4096 87380 16777216' || true +sysctl -w net.ipv4.tcp_wmem='4096 87380 16777216' || true + + +function ensure-install-dir() { + INSTALL_DIR="/opt/kops" + # On ContainerOS, we install under /var/lib/toolbox; /opt is ro and noexec + if [[ -d /var/lib/toolbox ]]; then + INSTALL_DIR="/var/lib/toolbox/kops" + fi + mkdir -p ${INSTALL_DIR}/bin + mkdir -p ${INSTALL_DIR}/conf + cd ${INSTALL_DIR} +} + +# Retry a download until we get it. args: name, sha, urls +download-or-bust() { + local -r file="$1" + local -r hash="$2" + local -r urls=( $(split-commas "$3") ) + + if [[ -f "${file}" ]]; then + if ! validate-hash "${file}" "${hash}"; then + rm -f "${file}" + else + return 0 + fi + fi + + while true; do + for url in "${urls[@]}"; do + commands=( + "curl -f --compressed -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10" + "wget --compression=auto -O "${file}" --connect-timeout=20 --tries=6 --wait=10" + "curl -f -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10" + "wget -O "${file}" --connect-timeout=20 --tries=6 --wait=10" + ) + for cmd in "${commands[@]}"; do + echo "Attempting download with: ${cmd} {url}" + if ! (${cmd} "${url}"); then + echo "== Download failed with ${cmd} ==" + continue + fi + if ! validate-hash "${file}" "${hash}"; then + echo "== Hash validation of ${url} failed. Retrying. ==" + rm -f "${file}" + else + echo "== Downloaded ${url} (SHA256 = ${hash}) ==" + return 0 + fi + done + done + + echo "All downloads failed; sleeping before retrying" + sleep 60 + done +} + +validate-hash() { + local -r file="$1" + local -r expected="$2" + local actual + + actual=$(sha256sum ${file} | awk '{ print $1 }') || true + if [[ "${actual}" != "${expected}" ]]; then + echo "== ${file} corrupted, hash ${actual} doesn't match expected ${expected} ==" + return 1 + fi +} + +function split-commas() { + echo $1 | tr "," "\n" +} + +function download-release() { + case "$(uname -m)" in + x86_64*|i?86_64*|amd64*) + NODEUP_URL="${NODEUP_URL_AMD64}" + NODEUP_HASH="${NODEUP_HASH_AMD64}" + ;; + aarch64*|arm64*) + NODEUP_URL="${NODEUP_URL_ARM64}" + NODEUP_HASH="${NODEUP_HASH_ARM64}" + ;; + *) + echo "Unsupported host arch: $(uname -m)" >&2 + exit 1 + ;; + esac + + cd ${INSTALL_DIR}/bin + download-or-bust nodeup "${NODEUP_HASH}" "${NODEUP_URL}" + + chmod +x nodeup + + echo "Running nodeup" + # We can't run in the foreground because of https://github.com/docker/docker/issues/23793 + ( cd ${INSTALL_DIR}/bin; ./nodeup --install-systemd-unit --conf=${INSTALL_DIR}/conf/kube_env.yaml --v=8 ) +} + +#################################################################################### + +/bin/systemd-machine-id-setup || echo "failed to set up ensure machine-id configured" + +echo "== nodeup node config starting ==" +ensure-install-dir + +cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' +cloudConfig: + gcpPDCSIDriver: + enabled: true + manageStorageClasses: true + multizone: true + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node +containerRuntime: containerd +containerd: + logLevel: info + version: 1.6.6 +docker: + skipInstall: true +encryptionConfig: null +etcdClusters: + events: + version: 3.5.4 + main: + version: 3.5.4 +kubeAPIServer: + allowPrivileged: true + anonymousAuth: false + apiAudiences: + - kubernetes.svc.default + apiServerCount: 1 + authorizationMode: AlwaysAllow + bindAddress: 0.0.0.0 + cloudProvider: gce + enableAdmissionPlugins: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - DefaultStorageClass + - DefaultTolerationSeconds + - MutatingAdmissionWebhook + - ValidatingAdmissionWebhook + - NodeRestriction + - ResourceQuota + etcdServers: + - https://127.0.0.1:4001 + etcdServersOverrides: + - /events#https://127.0.0.1:4002 + image: registry.k8s.io/kube-apiserver:v1.23.0 + kubeletPreferredAddressTypes: + - InternalIP + - Hostname + - ExternalIP + logLevel: 2 + requestheaderAllowedNames: + - aggregator + requestheaderExtraHeaderPrefixes: + - X-Remote-Extra- + requestheaderGroupHeaders: + - X-Remote-Group + requestheaderUsernameHeaders: + - X-Remote-User + securePort: 443 + serviceAccountIssuer: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com + serviceAccountJWKSURI: https://api.internal.minimal-gce-with-a-very-very-very-very-very-long-name.example.com/openid/v1/jwks + serviceClusterIPRange: 100.64.0.0/13 + storageBackend: etcd3 +kubeControllerManager: + allocateNodeCIDRs: true + attachDetachReconcileSyncPeriod: 1m0s + cloudProvider: gce + clusterCIDR: 100.96.0.0/11 + clusterName: minimal-gce-with-a-very-very-very-very-very-long-name-example-com + configureCloudRoutes: false + enableLeaderMigration: true + image: registry.k8s.io/kube-controller-manager:v1.23.0 + leaderElection: + leaderElect: true + logLevel: 2 + useServiceAccountCredentials: true +kubeProxy: + clusterCIDR: 100.96.0.0/11 + cpuRequest: 100m + image: registry.k8s.io/kube-proxy:v1.23.0 + logLevel: 2 +kubeScheduler: + image: registry.k8s.io/kube-scheduler:v1.23.0 + leaderElection: + leaderElect: true + logLevel: 2 +kubelet: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s +masterKubelet: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + registerSchedulable: false + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s + +__EOF_CLUSTER_SPEC + +cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' +CloudProvider: gce +ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com +InstanceGroupName: master-us-test1-a +InstanceGroupRole: Master +NodeupConfigHash: FgrpSg7uv4tUwPz0jDDVjlni6FjrVC3caGLmTOUOQ3w= + +__EOF_KUBE_ENV + +download-release +echo "== nodeup node config done ==" diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys new file mode 100644 index 0000000000..e5d3b415dc --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys @@ -0,0 +1 @@ +admin: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCtWu40XQo8dczLsCq0OWV+hxm9uV3WxeH9Kgh4sMzQxNtoU1pvW0XdjpkBesRKGoolfWeCLXWxpyQb1IaiMkKoz7MdhQ/6UKjMjP66aFWWp3pwD0uj0HuJ7tq4gKHKRYGTaZIRWpzUiANBrjugVgA+Sd7E/mYwc/DMXkIyRZbvhQ== diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script new file mode 100644 index 0000000000..95fbc6583c --- /dev/null +++ b/tests/integration/update_cluster/minimal_gce_longclustername/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script @@ -0,0 +1,173 @@ +#!/bin/bash +set -o errexit +set -o nounset +set -o pipefail + +NODEUP_URL_AMD64=https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/amd64/nodeup,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/nodeup-linux-amd64 +NODEUP_HASH_AMD64=585fbda0f0a43184656b4bfc0cc5f0c0b85612faf43b8816acca1f99d422c924 +NODEUP_URL_ARM64=https://artifacts.k8s.io/binaries/kops/1.21.0-alpha.1/linux/arm64/nodeup,https://github.com/kubernetes/kops/releases/download/v1.21.0-alpha.1/nodeup-linux-arm64 +NODEUP_HASH_ARM64=7603675379699105a9b9915ff97718ea99b1bbb01a4c184e2f827c8a96e8e865 + + + + + +sysctl -w net.core.rmem_max=16777216 || true +sysctl -w net.core.wmem_max=16777216 || true +sysctl -w net.ipv4.tcp_rmem='4096 87380 16777216' || true +sysctl -w net.ipv4.tcp_wmem='4096 87380 16777216' || true + + +function ensure-install-dir() { + INSTALL_DIR="/opt/kops" + # On ContainerOS, we install under /var/lib/toolbox; /opt is ro and noexec + if [[ -d /var/lib/toolbox ]]; then + INSTALL_DIR="/var/lib/toolbox/kops" + fi + mkdir -p ${INSTALL_DIR}/bin + mkdir -p ${INSTALL_DIR}/conf + cd ${INSTALL_DIR} +} + +# Retry a download until we get it. args: name, sha, urls +download-or-bust() { + local -r file="$1" + local -r hash="$2" + local -r urls=( $(split-commas "$3") ) + + if [[ -f "${file}" ]]; then + if ! validate-hash "${file}" "${hash}"; then + rm -f "${file}" + else + return 0 + fi + fi + + while true; do + for url in "${urls[@]}"; do + commands=( + "curl -f --compressed -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10" + "wget --compression=auto -O "${file}" --connect-timeout=20 --tries=6 --wait=10" + "curl -f -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10" + "wget -O "${file}" --connect-timeout=20 --tries=6 --wait=10" + ) + for cmd in "${commands[@]}"; do + echo "Attempting download with: ${cmd} {url}" + if ! (${cmd} "${url}"); then + echo "== Download failed with ${cmd} ==" + continue + fi + if ! validate-hash "${file}" "${hash}"; then + echo "== Hash validation of ${url} failed. Retrying. ==" + rm -f "${file}" + else + echo "== Downloaded ${url} (SHA256 = ${hash}) ==" + return 0 + fi + done + done + + echo "All downloads failed; sleeping before retrying" + sleep 60 + done +} + +validate-hash() { + local -r file="$1" + local -r expected="$2" + local actual + + actual=$(sha256sum ${file} | awk '{ print $1 }') || true + if [[ "${actual}" != "${expected}" ]]; then + echo "== ${file} corrupted, hash ${actual} doesn't match expected ${expected} ==" + return 1 + fi +} + +function split-commas() { + echo $1 | tr "," "\n" +} + +function download-release() { + case "$(uname -m)" in + x86_64*|i?86_64*|amd64*) + NODEUP_URL="${NODEUP_URL_AMD64}" + NODEUP_HASH="${NODEUP_HASH_AMD64}" + ;; + aarch64*|arm64*) + NODEUP_URL="${NODEUP_URL_ARM64}" + NODEUP_HASH="${NODEUP_HASH_ARM64}" + ;; + *) + echo "Unsupported host arch: $(uname -m)" >&2 + exit 1 + ;; + esac + + cd ${INSTALL_DIR}/bin + download-or-bust nodeup "${NODEUP_HASH}" "${NODEUP_URL}" + + chmod +x nodeup + + echo "Running nodeup" + # We can't run in the foreground because of https://github.com/docker/docker/issues/23793 + ( cd ${INSTALL_DIR}/bin; ./nodeup --install-systemd-unit --conf=${INSTALL_DIR}/conf/kube_env.yaml --v=8 ) +} + +#################################################################################### + +/bin/systemd-machine-id-setup || echo "failed to set up ensure machine-id configured" + +echo "== nodeup node config starting ==" +ensure-install-dir + +cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' +cloudConfig: + gcpPDCSIDriver: + enabled: true + manageStorageClasses: true + multizone: true + nodeTags: minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node +containerRuntime: containerd +containerd: + logLevel: info + version: 1.6.6 +docker: + skipInstall: true +kubeProxy: + clusterCIDR: 100.96.0.0/11 + cpuRequest: 100m + image: registry.k8s.io/kube-proxy:v1.23.0 + logLevel: 2 +kubelet: + anonymousAuth: false + cgroupDriver: systemd + cgroupRoot: / + cloudProvider: gce + clusterDNS: 100.64.0.10 + clusterDomain: cluster.local + enableDebuggingHandlers: true + evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% + hairpinMode: promiscuous-bridge + kubeconfigPath: /var/lib/kubelet/kubeconfig + logLevel: 2 + networkPluginName: cni + podInfraContainerImage: registry.k8s.io/pause:3.6 + podManifestPath: /etc/kubernetes/manifests + protectKernelDefaults: true + shutdownGracePeriod: 30s + shutdownGracePeriodCriticalPods: 10s + +__EOF_CLUSTER_SPEC + +cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' +CloudProvider: gce +ConfigBase: memfs://tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com +InstanceGroupName: nodes +InstanceGroupRole: Node +NodeupConfigHash: RuWbAsmnhsynl19a6k/yV6Qg5xnqogdwH9AEkkELdhw= + +__EOF_KUBE_ENV + +download-release +echo "== nodeup node config done ==" diff --git a/tests/integration/update_cluster/minimal_gce_longclustername/kubernetes.tf b/tests/integration/update_cluster/minimal_gce_longclustername/kubernetes.tf index 2c6ca0cb41..5c54f8facf 100644 --- a/tests/integration/update_cluster/minimal_gce_longclustername/kubernetes.tf +++ b/tests/integration/update_cluster/minimal_gce_longclustername/kubernetes.tf @@ -1,11 +1,11 @@ locals { - cluster_name = "minimal-gce-with-a-very-very-very-long-name.example.com" + cluster_name = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" project = "testproject" region = "us-test1" } output "cluster_name" { - value = "minimal-gce-with-a-very-very-very-long-name.example.com" + value = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" } output "project" { @@ -29,7 +29,7 @@ provider "aws" { resource "aws_s3_object" "cluster-completed-spec" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_cluster-completed.spec_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/cluster-completed.spec" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/cluster-completed.spec" provider = aws.files server_side_encryption = "AES256" } @@ -37,7 +37,7 @@ resource "aws_s3_object" "cluster-completed-spec" { resource "aws_s3_object" "etcd-cluster-spec-events" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-events_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/events/control/etcd-cluster-spec" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/events/control/etcd-cluster-spec" provider = aws.files server_side_encryption = "AES256" } @@ -45,7 +45,7 @@ resource "aws_s3_object" "etcd-cluster-spec-events" { resource "aws_s3_object" "etcd-cluster-spec-main" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-main_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/backups/etcd/main/control/etcd-cluster-spec" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/backups/etcd/main/control/etcd-cluster-spec" provider = aws.files server_side_encryption = "AES256" } @@ -53,7 +53,7 @@ resource "aws_s3_object" "etcd-cluster-spec-main" { resource "aws_s3_object" "kops-version-txt" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_kops-version.txt_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/kops-version.txt" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/kops-version.txt" provider = aws.files server_side_encryption = "AES256" } @@ -61,7 +61,7 @@ resource "aws_s3_object" "kops-version-txt" { resource "aws_s3_object" "manifests-etcdmanager-events" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-events_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/manifests/etcd/events.yaml" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/events.yaml" provider = aws.files server_side_encryption = "AES256" } @@ -69,7 +69,7 @@ resource "aws_s3_object" "manifests-etcdmanager-events" { resource "aws_s3_object" "manifests-etcdmanager-main" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-main_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/manifests/etcd/main.yaml" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/etcd/main.yaml" provider = aws.files server_side_encryption = "AES256" } @@ -77,87 +77,87 @@ resource "aws_s3_object" "manifests-etcdmanager-main" { resource "aws_s3_object" "manifests-static-kube-apiserver-healthcheck" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/manifests/static/kube-apiserver-healthcheck.yaml" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/manifests/static/kube-apiserver-healthcheck.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-bootstrap" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-bootstrap" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-bootstrap_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/bootstrap-channel.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-coredns-addons-k8s-io-k8s-1-12" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-coredns-addons-k8s-io-k8s-1-12" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/coredns.addons.k8s.io/k8s-1.12.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/coredns.addons.k8s.io/k8s-1.12.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-dns-controller-addons-k8s-io-k8s-1-12" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-dns-controller-addons-k8s-io-k8s-1-12" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/dns-controller.addons.k8s.io/k8s-1.12.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-dns-controller.addons.k8s.io-k8s-1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/dns-controller.addons.k8s.io/k8s-1.12.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-gcp-pd-csi-driver-addons-k8s-io-k8s-1-23" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-gcp-pd-csi-driver-addons-k8s-io-k8s-1-23" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-kops-controller-addons-k8s-io-k8s-1-16" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-kops-controller-addons-k8s-io-k8s-1-16" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-kubelet-api-rbac-addons-k8s-io-k8s-1-9" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-kubelet-api-rbac-addons-k8s-io-k8s-1-9" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-leader-migration-rbac-addons-k8s-io-k8s-1-23" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-leader-migration-rbac-addons-k8s-io-k8s-1-23" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-leader-migration.rbac.addons.k8s.io-k8s-1.23_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/leader-migration.rbac.addons.k8s.io/k8s-1.23.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-limit-range-addons-k8s-io" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-limit-range-addons-k8s-io" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/limit-range.addons.k8s.io/v1.5.0.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-limit-range.addons.k8s.io_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/limit-range.addons.k8s.io/v1.5.0.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-metadata-proxy-addons-k8s-io-v0-1-12" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-metadata-proxy-addons-k8s-io-v0-1-12" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/metadata-proxy.addons.k8s.io/v0.1.12.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-metadata-proxy.addons.k8s.io-v0.1.12_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/metadata-proxy.addons.k8s.io/v0.1.12.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-com-addons-storage-gce-addons-k8s-io-v1-7-0" { +resource "aws_s3_object" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com-addons-storage-gce-addons-k8s-io-v1-7-0" { bucket = "testingBucket" - content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/addons/storage-gce.addons.k8s.io/v1.7.0.yaml" + content = file("${path.module}/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-storage-gce.addons.k8s.io-v1.7.0_content") + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/addons/storage-gce.addons.k8s.io/v1.7.0.yaml" provider = aws.files server_side_encryption = "AES256" } @@ -165,7 +165,7 @@ resource "aws_s3_object" "minimal-gce-with-a-very-very-very-long-name-example-co resource "aws_s3_object" "nodeupconfig-master-us-test1-a" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_nodeupconfig-master-us-test1-a_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/igconfig/master/master-us-test1-a/nodeupconfig.yaml" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/igconfig/master/master-us-test1-a/nodeupconfig.yaml" provider = aws.files server_side_encryption = "AES256" } @@ -173,60 +173,60 @@ resource "aws_s3_object" "nodeupconfig-master-us-test1-a" { resource "aws_s3_object" "nodeupconfig-nodes" { bucket = "testingBucket" content = file("${path.module}/data/aws_s3_object_nodeupconfig-nodes_content") - key = "tests/minimal-gce-with-a-very-very-very-long-name.example.com/igconfig/node/nodes/nodeupconfig.yaml" + key = "tests/minimal-gce-with-a-very-very-very-very-very-long-name.example.com/igconfig/node/nodes/nodeupconfig.yaml" provider = aws.files server_side_encryption = "AES256" } -resource "google_compute_disk" "d1-etcd-events-minimal-gce-with-a-very-very-very-long-na-jvje0u" { +resource "google_compute_disk" "d1-etcd-events-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { labels = { - "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-long-name-example-com" + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" "k8s-io-etcd-events" = "1-2f1" "k8s-io-role-master" = "master" } - name = "d1-etcd-events-minimal-gce-with-a-very-very-very-long-na-jvje0u" + name = "d1-etcd-events-minimal-gce-with-a-very-very-very-very-ve-96dqvi" size = 20 type = "pd-ssd" zone = "us-test1-a" } -resource "google_compute_disk" "d1-etcd-main-minimal-gce-with-a-very-very-very-long-name-jvje0u" { +resource "google_compute_disk" "d1-etcd-main-minimal-gce-with-a-very-very-very-very-very-96dqvi" { labels = { - "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-long-name-example-com" + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" "k8s-io-etcd-main" = "1-2f1" "k8s-io-role-master" = "master" } - name = "d1-etcd-main-minimal-gce-with-a-very-very-very-long-name-jvje0u" + name = "d1-etcd-main-minimal-gce-with-a-very-very-very-very-very-96dqvi" size = 20 type = "pd-ssd" zone = "us-test1-a" } -resource "google_compute_firewall" "kubernetes-master-https-ipv6-minimal-gce-with-a-very-ver-jvje0u" { +resource "google_compute_firewall" "kubernetes-master-https-ipv6-minimal-gce-with-a-very-ver-96dqvi" { allow { ports = ["443"] protocol = "tcp" } disabled = true - name = "kubernetes-master-https-ipv6-minimal-gce-with-a-very-ver-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "kubernetes-master-https-ipv6-minimal-gce-with-a-very-ver-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["::/0"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "kubernetes-master-https-minimal-gce-with-a-very-very-ver-jvje0u" { +resource "google_compute_firewall" "kubernetes-master-https-minimal-gce-with-a-very-very-ver-96dqvi" { allow { ports = ["443"] protocol = "tcp" } disabled = false - name = "kubernetes-master-https-minimal-gce-with-a-very-very-ver-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "kubernetes-master-https-minimal-gce-with-a-very-very-ver-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["0.0.0.0/0"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "master-to-master-minimal-gce-with-a-very-very-very-long--jvje0u" { +resource "google_compute_firewall" "master-to-master-minimal-gce-with-a-very-very-very-very--96dqvi" { allow { protocol = "tcp" } @@ -246,13 +246,13 @@ resource "google_compute_firewall" "master-to-master-minimal-gce-with-a-very-ver protocol = "sctp" } disabled = false - name = "master-to-master-minimal-gce-with-a-very-very-very-long--jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - source_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + name = "master-to-master-minimal-gce-with-a-very-very-very-very--96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "master-to-node-minimal-gce-with-a-very-very-very-long-na-jvje0u" { +resource "google_compute_firewall" "master-to-node-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { allow { protocol = "tcp" } @@ -272,13 +272,13 @@ resource "google_compute_firewall" "master-to-node-minimal-gce-with-a-very-very- protocol = "sctp" } disabled = false - name = "master-to-node-minimal-gce-with-a-very-very-very-long-na-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - source_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + name = "master-to-node-minimal-gce-with-a-very-very-very-very-ve-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_firewall" "node-to-master-minimal-gce-with-a-very-very-very-long-na-jvje0u" { +resource "google_compute_firewall" "node-to-master-minimal-gce-with-a-very-very-very-very-ve-96dqvi" { allow { ports = ["443"] protocol = "tcp" @@ -288,13 +288,13 @@ resource "google_compute_firewall" "node-to-master-minimal-gce-with-a-very-very- protocol = "tcp" } disabled = false - name = "node-to-master-minimal-gce-with-a-very-very-very-long-na-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - source_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + name = "node-to-master-minimal-gce-with-a-very-very-very-very-ve-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "node-to-node-minimal-gce-with-a-very-very-very-long-name-jvje0u" { +resource "google_compute_firewall" "node-to-node-minimal-gce-with-a-very-very-very-very-very-96dqvi" { allow { protocol = "tcp" } @@ -314,13 +314,13 @@ resource "google_compute_firewall" "node-to-node-minimal-gce-with-a-very-very-ve protocol = "sctp" } disabled = false - name = "node-to-node-minimal-gce-with-a-very-very-very-long-name-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - source_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + name = "node-to-node-minimal-gce-with-a-very-very-very-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + source_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_firewall" "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-jvje0u" { +resource "google_compute_firewall" "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-96dqvi" { allow { ports = ["30000-32767"] protocol = "tcp" @@ -330,13 +330,13 @@ resource "google_compute_firewall" "nodeport-external-to-node-ipv6-minimal-gce-w protocol = "udp" } disabled = true - name = "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "nodeport-external-to-node-ipv6-minimal-gce-with-a-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["::/0"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_firewall" "nodeport-external-to-node-minimal-gce-with-a-very-very-v-jvje0u" { +resource "google_compute_firewall" "nodeport-external-to-node-minimal-gce-with-a-very-very-v-96dqvi" { allow { ports = ["30000-32767"] protocol = "tcp" @@ -346,81 +346,81 @@ resource "google_compute_firewall" "nodeport-external-to-node-minimal-gce-with-a protocol = "udp" } disabled = true - name = "nodeport-external-to-node-minimal-gce-with-a-very-very-v-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "nodeport-external-to-node-minimal-gce-with-a-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["0.0.0.0/0"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_firewall" "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-jvje0u" { +resource "google_compute_firewall" "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-96dqvi" { allow { ports = ["22"] protocol = "tcp" } disabled = true - name = "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "ssh-external-to-master-ipv6-minimal-gce-with-a-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["::/0"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "ssh-external-to-master-minimal-gce-with-a-very-very-very-jvje0u" { +resource "google_compute_firewall" "ssh-external-to-master-minimal-gce-with-a-very-very-very-96dqvi" { allow { ports = ["22"] protocol = "tcp" } disabled = false - name = "ssh-external-to-master-minimal-gce-with-a-very-very-very-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "ssh-external-to-master-minimal-gce-with-a-very-very-very-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["0.0.0.0/0"] - target_tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + target_tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_firewall" "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-jvje0u" { +resource "google_compute_firewall" "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-96dqvi" { allow { ports = ["22"] protocol = "tcp" } disabled = true - name = "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "ssh-external-to-node-ipv6-minimal-gce-with-a-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["::/0"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-with-a-very-very-very-l-jvje0u" { +resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-with-a-very-very-very-v-96dqvi" { allow { ports = ["22"] protocol = "tcp" } disabled = false - name = "ssh-external-to-node-minimal-gce-with-a-very-very-very-l-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "ssh-external-to-node-minimal-gce-with-a-very-very-very-v-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name source_ranges = ["0.0.0.0/0"] - target_tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + target_tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-with-a-very-very-very-lo-kc2d24" { +resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f" { base_instance_name = "master-us-test1-a" - name = "a-master-us-test1-a-minimal-gce-with-a-very-very-very-lo-kc2d24" + name = "a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f" target_size = 1 version { - instance_template = google_compute_instance_template.master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com.self_link + instance_template = google_compute_instance_template.master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.self_link } zone = "us-test1-a" } -resource "google_compute_instance_group_manager" "a-nodes-minimal-gce-with-a-very-very-very-long-name-example-com" { +resource "google_compute_instance_group_manager" "a-nodes-minimal-gce-with-a-very-very-very-very-very-long-qk78uj" { base_instance_name = "nodes" - name = "a-nodes-minimal-gce-with-a-very-very-very-long-name-example-com" + name = "a-nodes-minimal-gce-with-a-very-very-very-very-very-long-qk78uj" target_size = 2 version { - instance_template = google_compute_instance_template.nodes-minimal-gce-with-a-very-very-very-long-name-example-com.self_link + instance_template = google_compute_instance_template.nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com.self_link } zone = "us-test1-a" } -resource "google_compute_instance_template" "master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com" { +resource "google_compute_instance_template" "master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { can_ip_forward = true disk { auto_delete = true @@ -436,23 +436,23 @@ resource "google_compute_instance_template" "master-us-test1-a-minimal-gce-with- type = "PERSISTENT" } labels = { - "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-long-name-example-com" + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" "k8s-io-instance-group" = "master-us-test1-a" "k8s-io-role-master" = "" } machine_type = "n1-standard-1" metadata = { - "cluster-name" = "minimal-gce-with-a-very-very-very-long-name.example.com" + "cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" "kops-k8s-io-instance-group-name" = "master-us-test1-a" - "ssh-keys" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys") - "startup-script" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script") + "ssh-keys" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys") + "startup-script" = file("${path.module}/data/google_compute_instance_template_master-us-test1-a-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script") } - name_prefix = "master-us-test1-a-minimal-2mclhl-" + name_prefix = "master-us-test1-a-minimal-ivl9ll-" network_interface { access_config { } - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-long-name-exa-jvje0u.name + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name } scheduling { automatic_restart = true @@ -463,10 +463,10 @@ resource "google_compute_instance_template" "master-us-test1-a-minimal-gce-with- email = google_service_account.control-plane.email scopes = ["https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/monitoring", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/devstorage.read_write", "https://www.googleapis.com/auth/ndev.clouddns.readwrite"] } - tags = ["minimal-gce-with-a-very-very-very-lon-jvje0u-k8s-io-role-master"] + tags = ["minimal-gce-with-a-very-very-very-ver-96dqvi-k8s-io-role-master"] } -resource "google_compute_instance_template" "nodes-minimal-gce-with-a-very-very-very-long-name-example-com" { +resource "google_compute_instance_template" "nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { can_ip_forward = true disk { auto_delete = true @@ -482,23 +482,23 @@ resource "google_compute_instance_template" "nodes-minimal-gce-with-a-very-very- type = "PERSISTENT" } labels = { - "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-long-name-example-com" + "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" "k8s-io-instance-group" = "nodes" "k8s-io-role-node" = "" } machine_type = "n1-standard-2" metadata = { - "cluster-name" = "minimal-gce-with-a-very-very-very-long-name.example.com" + "cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name.example.com" "kops-k8s-io-instance-group-name" = "nodes" - "ssh-keys" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_ssh-keys") - "startup-script" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-long-name-example-com_metadata_startup-script") + "ssh-keys" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_ssh-keys") + "startup-script" = file("${path.module}/data/google_compute_instance_template_nodes-minimal-gce-with-a-very-very-very-very-very-long-name-example-com_metadata_startup-script") } - name_prefix = "nodes-minimal-gce-with-a--16qkv2-" + name_prefix = "nodes-minimal-gce-with-a--k0ql96-" network_interface { access_config { } - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name - subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-long-name-exa-jvje0u.name + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name + subnetwork = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name } scheduling { automatic_restart = true @@ -509,42 +509,42 @@ resource "google_compute_instance_template" "nodes-minimal-gce-with-a-very-very- email = google_service_account.node.email scopes = ["https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/monitoring", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/devstorage.read_only"] } - tags = ["minimal-gce-with-a-very-very-very-long--jvje0u-k8s-io-role-node"] + tags = ["minimal-gce-with-a-very-very-very-very--96dqvi-k8s-io-role-node"] } -resource "google_compute_network" "minimal-gce-with-a-very-very-very-long-name-example-com" { +resource "google_compute_network" "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" { auto_create_subnetworks = false - name = "minimal-gce-with-a-very-very-very-long-name-example-com" + name = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com" } -resource "google_compute_subnetwork" "us-test1-minimal-gce-with-a-very-very-very-long-name-exa-jvje0u" { +resource "google_compute_subnetwork" "us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi" { ip_cidr_range = "10.0.16.0/20" - name = "us-test1-minimal-gce-with-a-very-very-very-long-name-exa-jvje0u" - network = google_compute_network.minimal-gce-with-a-very-very-very-long-name-example-com.name + name = "us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi" + network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-example-com.name region = "us-test1" } resource "google_project_iam_binding" "serviceaccount-control-plane" { - members = ["serviceAccount:control-plane-minimal-g-jvje0u@testproject.iam.gserviceaccount.com"] + members = ["serviceAccount:control-plane-minimal-g-96dqvi@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/container.serviceAgent" } resource "google_project_iam_binding" "serviceaccount-nodes" { - members = ["serviceAccount:node-minimal-gce-with-a-jvje0u@testproject.iam.gserviceaccount.com"] + members = ["serviceAccount:node-minimal-gce-with-a-96dqvi@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/compute.viewer" } resource "google_service_account" "control-plane" { - account_id = "control-plane-minimal-g-jvje0u" + account_id = "control-plane-minimal-g-96dqvi" description = "kubernetes control-plane instances" display_name = "control-plane" project = "testproject" } resource "google_service_account" "node" { - account_id = "node-minimal-gce-with-a-jvje0u" + account_id = "node-minimal-gce-with-a-96dqvi" description = "kubernetes worker nodes" display_name = "node" project = "testproject"