kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Upgrade AWS VPC CNI to 1.9.3 w/ k8s 1.22 support

This commit is contained in:
Peter Rifel 2021-10-20 22:29:54 -07:00
parent 924e68c381
commit 477d930348
No known key found for this signature in database
GPG Key ID: BC6469E5B16DB2B6
12 changed files with 502 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/apis/kops/validation/validation.go
View File

@ -753,8 +753,6 @@ func validateNetworking(cluster *kops.Cluster, v *kops.NetworkingSpec, fldPath *
if c.CloudProvider != "aws" { if c.CloudProvider != "aws" {
allErrs = append(allErrs, field.Forbidden(fldPath.Child("amazonvpc"), "amazon-vpc-routed-eni networking is supported only in AWS")) allErrs = append(allErrs, field.Forbidden(fldPath.Child("amazonvpc"), "amazon-vpc-routed-eni networking is supported only in AWS"))
} else if cluster.IsKubernetesGTE("1.22") {
allErrs = append(allErrs, field.Forbidden(fldPath.Child("amazonvpc"), "amazon-vpc-routed-eni networking is supported only for Kubernetes 1.21 and lower"))
} }
} }

2
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -82,7 +82,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.16 - id: k8s-1.16
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
manifestHash: 1ac1bb6a9f34065b83625f4ab94a9faad251a644199664b38a10123d07e6139e manifestHash: 3522f8761e75814ac416ad7640e77303c489201144499610528a9c50b02185b0
name: networking.amazon-vpc-routed-eni name: networking.amazon-vpc-routed-eni
needsRollingUpdate: all needsRollingUpdate: all
selector: selector:

50
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content
View File

@ -4,7 +4,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
roleRef: roleRef:
@ -24,7 +28,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
rules: rules:
@ -33,14 +41,21 @@ rules:
resources: resources:
- eniconfigs - eniconfigs
verbs: verbs:
- get
- list - list
- watch - watch
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- get
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- namespaces
verbs: verbs:
- list - list
- watch - watch
@ -65,13 +80,17 @@ rules:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: eniconfigs.crd.k8s.amazonaws.com name: eniconfigs.crd.k8s.amazonaws.com
spec: spec:
@ -80,9 +99,14 @@ spec:
kind: ENIConfig kind: ENIConfig
plural: eniconfigs plural: eniconfigs
singular: eniconfig singular: eniconfig
preserveUnknownFields: false
scope: Cluster scope: Cluster
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
served: true served: true
storage: true storage: true
@ -94,7 +118,10 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
@ -106,6 +133,8 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/name: aws-node
k8s-app: aws-node k8s-app: aws-node
spec: spec:
affinity: affinity:
@ -136,14 +165,17 @@ spec:
fieldPath: spec.nodeName fieldPath: spec.nodeName
- name: CLUSTER_NAME - name: CLUSTER_NAME
value: minimal.example.com value: minimal.example.com
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5
name: aws-node name: aws-node
ports: ports:
- containerPort: 61678 - containerPort: 61678
@ -153,7 +185,10 @@ spec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 1 initialDelaySeconds: 1
timeoutSeconds: 5
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -179,7 +214,7 @@ spec:
- env: - env:
- name: DISABLE_TCP_EARLY_DEMUX - name: DISABLE_TCP_EARLY_DEMUX
value: "false" value: "false"
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
name: aws-vpc-cni-init name: aws-vpc-cni-init
securityContext: securityContext:
@ -188,6 +223,7 @@ spec:
- mountPath: /host/opt/cni/bin - mountPath: /host/opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
priorityClassName: system-node-critical priorityClassName: system-node-critical
securityContext: {}
serviceAccountName: aws-node serviceAccountName: aws-node
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
tolerations: tolerations:
@ -224,7 +260,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
namespace: kube-system namespace: kube-system

2
tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -82,7 +82,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.16 - id: k8s-1.16
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
manifestHash: 1ac1bb6a9f34065b83625f4ab94a9faad251a644199664b38a10123d07e6139e manifestHash: 3522f8761e75814ac416ad7640e77303c489201144499610528a9c50b02185b0
name: networking.amazon-vpc-routed-eni name: networking.amazon-vpc-routed-eni
needsRollingUpdate: all needsRollingUpdate: all
selector: selector:

50
tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content
View File

@ -4,7 +4,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
roleRef: roleRef:
@ -24,7 +28,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
rules: rules:
@ -33,14 +41,21 @@ rules:
resources: resources:
- eniconfigs - eniconfigs
verbs: verbs:
- get
- list - list
- watch - watch
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- get
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- namespaces
verbs: verbs:
- list - list
- watch - watch
@ -65,13 +80,17 @@ rules:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: eniconfigs.crd.k8s.amazonaws.com name: eniconfigs.crd.k8s.amazonaws.com
spec: spec:
@ -80,9 +99,14 @@ spec:
kind: ENIConfig kind: ENIConfig
plural: eniconfigs plural: eniconfigs
singular: eniconfig singular: eniconfig
preserveUnknownFields: false
scope: Cluster scope: Cluster
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
served: true served: true
storage: true storage: true
@ -94,7 +118,10 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
@ -106,6 +133,8 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/name: aws-node
k8s-app: aws-node k8s-app: aws-node
spec: spec:
affinity: affinity:
@ -136,14 +165,17 @@ spec:
fieldPath: spec.nodeName fieldPath: spec.nodeName
- name: CLUSTER_NAME - name: CLUSTER_NAME
value: minimal.example.com value: minimal.example.com
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5
name: aws-node name: aws-node
ports: ports:
- containerPort: 61678 - containerPort: 61678
@ -153,7 +185,10 @@ spec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 1 initialDelaySeconds: 1
timeoutSeconds: 5
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -179,7 +214,7 @@ spec:
- env: - env:
- name: DISABLE_TCP_EARLY_DEMUX - name: DISABLE_TCP_EARLY_DEMUX
value: "false" value: "false"
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
name: aws-vpc-cni-init name: aws-vpc-cni-init
securityContext: securityContext:
@ -188,6 +223,7 @@ spec:
- mountPath: /host/opt/cni/bin - mountPath: /host/opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
priorityClassName: system-node-critical priorityClassName: system-node-critical
securityContext: {}
serviceAccountName: aws-node serviceAccountName: aws-node
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
tolerations: tolerations:
@ -224,7 +260,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
namespace: kube-system namespace: kube-system

2
tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -82,7 +82,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.16 - id: k8s-1.16
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
manifestHash: 1ac1bb6a9f34065b83625f4ab94a9faad251a644199664b38a10123d07e6139e manifestHash: 3522f8761e75814ac416ad7640e77303c489201144499610528a9c50b02185b0
name: networking.amazon-vpc-routed-eni name: networking.amazon-vpc-routed-eni
needsRollingUpdate: all needsRollingUpdate: all
selector: selector:

50
tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content
View File

@ -4,7 +4,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
roleRef: roleRef:
@ -24,7 +28,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
rules: rules:
@ -33,14 +41,21 @@ rules:
resources: resources:
- eniconfigs - eniconfigs
verbs: verbs:
- get
- list - list
- watch - watch
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- get
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- namespaces
verbs: verbs:
- list - list
- watch - watch
@ -65,13 +80,17 @@ rules:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: eniconfigs.crd.k8s.amazonaws.com name: eniconfigs.crd.k8s.amazonaws.com
spec: spec:
@ -80,9 +99,14 @@ spec:
kind: ENIConfig kind: ENIConfig
plural: eniconfigs plural: eniconfigs
singular: eniconfig singular: eniconfig
preserveUnknownFields: false
scope: Cluster scope: Cluster
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
served: true served: true
storage: true storage: true
@ -94,7 +118,10 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
@ -106,6 +133,8 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/name: aws-node
k8s-app: aws-node k8s-app: aws-node
spec: spec:
affinity: affinity:
@ -136,14 +165,17 @@ spec:
fieldPath: spec.nodeName fieldPath: spec.nodeName
- name: CLUSTER_NAME - name: CLUSTER_NAME
value: minimal.example.com value: minimal.example.com
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5
name: aws-node name: aws-node
ports: ports:
- containerPort: 61678 - containerPort: 61678
@ -153,7 +185,10 @@ spec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 1 initialDelaySeconds: 1
timeoutSeconds: 5
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -179,7 +214,7 @@ spec:
- env: - env:
- name: DISABLE_TCP_EARLY_DEMUX - name: DISABLE_TCP_EARLY_DEMUX
value: "false" value: "false"
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
name: aws-vpc-cni-init name: aws-vpc-cni-init
securityContext: securityContext:
@ -188,6 +223,7 @@ spec:
- mountPath: /host/opt/cni/bin - mountPath: /host/opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
priorityClassName: system-node-critical priorityClassName: system-node-critical
securityContext: {}
serviceAccountName: aws-node serviceAccountName: aws-node
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
tolerations: tolerations:
@ -224,7 +260,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
namespace: kube-system namespace: kube-system

510
upup/models/cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.16.yaml.template
View File

@ -1,244 +1,278 @@
# Vendored from https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.9/config/v1.9/aws-k8s-cni.yaml # Vendored from https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/master/config/v1.9/aws-k8s-cni.yaml
--- ---
"apiVersion": "rbac.authorization.k8s.io/v1" # Source: aws-vpc-cni/templates/clusterrolebinding.yaml
"kind": "ClusterRoleBinding" apiVersion: rbac.authorization.k8s.io/v1
"metadata": kind: ClusterRoleBinding
"name": "aws-node" metadata:
"roleRef": name: aws-node
"apiGroup": "rbac.authorization.k8s.io" labels:
"kind": "ClusterRole" app.kubernetes.io/name: aws-node
"name": "aws-node" app.kubernetes.io/instance: aws-vpc-cni
"subjects": k8s-app: aws-node
- "kind": "ServiceAccount" app.kubernetes.io/version: "v1.9.3"
"name": "aws-node" roleRef:
"namespace": "kube-system" apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: aws-node
subjects:
- kind: ServiceAccount
name: aws-node
namespace: kube-system
--- ---
"apiVersion": "rbac.authorization.k8s.io/v1" # Source: aws-vpc-cni/templates/clusterrole.yaml
"kind": "ClusterRole" apiVersion: rbac.authorization.k8s.io/v1
"metadata": kind: ClusterRole
"name": "aws-node" metadata:
"rules": name: aws-node
- "apiGroups": labels:
- "crd.k8s.amazonaws.com" app.kubernetes.io/name: aws-node
"resources": app.kubernetes.io/instance: aws-vpc-cni
- "eniconfigs" k8s-app: aws-node
"verbs": app.kubernetes.io/version: "v1.9.3"
- "get" rules:
- "list" - apiGroups:
- "watch" - crd.k8s.amazonaws.com
- "apiGroups": resources:
- "" - eniconfigs
"resources": verbs: ["list", "watch", "get"]
- "pods" - apiGroups: [""]
- "namespaces" resources:
"verbs": - namespaces
- "list" verbs: ["list", "watch", "get"]
- "watch" - apiGroups: [""]
- "get" resources:
- "apiGroups": - pods
- "" verbs: ["list", "watch", "get"]
"resources": - apiGroups: [""]
- "nodes" resources:
"verbs": - nodes
- "list" verbs: ["list", "watch", "get", "update"]
- "watch" - apiGroups: ["extensions", "apps"]
- "get" resources:
- "update" - '*'
- "apiGroups": verbs: ["list", "watch"]
- "extensions"
- "apps"
"resources":
- "*"
"verbs":
- "list"
- "watch"
--- ---
"apiVersion": "apiextensions.k8s.io/v1beta1" # Source: aws-vpc-cni/templates/customresourcedefinition.yaml
"kind": "CustomResourceDefinition" apiVersion: apiextensions.k8s.io/v1
"metadata": kind: CustomResourceDefinition
"name": "eniconfigs.crd.k8s.amazonaws.com" metadata:
"spec": name: eniconfigs.crd.k8s.amazonaws.com
"group": "crd.k8s.amazonaws.com" labels:
"names": app.kubernetes.io/name: aws-node
"kind": "ENIConfig" app.kubernetes.io/instance: aws-vpc-cni
"plural": "eniconfigs" k8s-app: aws-node
"singular": "eniconfig" app.kubernetes.io/version: "v1.9.3"
"scope": "Cluster" spec:
"versions": scope: Cluster
- "name": "v1alpha1" group: crd.k8s.amazonaws.com
"served": true preserveUnknownFields: false
"storage": true versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
names:
plural: eniconfigs
singular: eniconfig
kind: ENIConfig
--- ---
"apiVersion": "apps/v1" # Source: aws-vpc-cni/templates/daemonset.yaml
"kind": "DaemonSet" kind: DaemonSet
"metadata": apiVersion: apps/v1
"labels": metadata:
"k8s-app": "aws-node" name: aws-node
"name": "aws-node" namespace: kube-system
"namespace": "kube-system" labels:
"spec": app.kubernetes.io/name: aws-node
"selector": app.kubernetes.io/instance: aws-vpc-cni
"matchLabels": k8s-app: aws-node
"k8s-app": "aws-node" app.kubernetes.io/version: "v1.9.3"
"template": spec:
"metadata": updateStrategy:
"labels": type: OnDelete
"k8s-app": "aws-node" selector:
"spec": matchLabels:
"affinity": k8s-app: aws-node
"nodeAffinity": template:
"requiredDuringSchedulingIgnoredDuringExecution": metadata:
"nodeSelectorTerms": labels:
- "matchExpressions": app.kubernetes.io/name: aws-node
- "key": "kubernetes.io/os" app.kubernetes.io/instance: aws-vpc-cni
"operator": "In" k8s-app: aws-node
"values": spec:
- "linux" priorityClassName: "system-node-critical"
- "key": "kubernetes.io/arch" serviceAccountName: aws-node
"operator": "In" hostNetwork: true
"values": initContainers:
- "amd64" - name: aws-vpc-cni-init
- "arm64" image: "{{- or .Networking.AmazonVPC.InitImageName "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3" }}"
- "key": "eks.amazonaws.com/compute-type" imagePullPolicy: Always
"operator": "NotIn" env:
"values": - name: DISABLE_TCP_EARLY_DEMUX
- "fargate" value: "false"
"containers": securityContext:
- "env": privileged: true
{{- range $name, $value := AmazonVpcEnvVars }} volumeMounts:
- "name": "{{ $name }}" - mountPath: /host/opt/cni/bin
"value": "{{ $value }}" name: cni-bin-dir
{{- end }}
# The below envs are commented-out on purpose and replaced by the above range. terminationGracePeriodSeconds: 10
# See https://github.com/kubernetes/kops/issues/11144 for more context. tolerations:
# - "name": "ADDITIONAL_ENI_TAGS" - operator: Exists
# "value": "{}" securityContext:
# - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" {}
# "value": "true" containers:
# - "name": "AWS_VPC_ENI_MTU" - name: aws-node
# "value": "9001" image: "{{- or .Networking.AmazonVPC.ImageName "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3" }}"
# - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" imagePullPolicy: Always
# "value": "false" ports:
# - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - containerPort: 61678
# "value": "false" name: metrics
# - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" livenessProbe:
# "value": "false" exec:
# - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" command:
# "value": "DEBUG" - /app/grpc-health-probe
# - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - -addr=:50051
# "value": "/host/var/log/aws-routed-eni/ipamd.log" - -connect-timeout=2s
# - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - -rpc-timeout=2s
# "value": "prng" initialDelaySeconds: 60
# - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" timeoutSeconds: 5
# "value": "eni" readinessProbe:
# - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" exec:
# "value": "/var/log/aws-routed-eni/plugin.log" command:
# - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - /app/grpc-health-probe
# "value": "DEBUG" - -addr=:50051
# - "name": "DISABLE_INTROSPECTION" - -connect-timeout=2s
# "value": "false" - -rpc-timeout=2s
# - "name": "DISABLE_METRICS" initialDelaySeconds: 1
# "value": "false" timeoutSeconds: 5
# - "name": "DISABLE_NETWORK_RESOURCE_PROVISIONING" env:
# "value": "false" {{- range $name, $value := AmazonVpcEnvVars }}
# - "name": "ENABLE_POD_ENI" - "name": "{{ $name }}"
# "value": "false" "value": "{{ $value }}"
# - "name": "ENABLE_PREFIX_DELEGATION" {{- end }}
# "value": "false" # The below envs are commented-out on purpose and replaced by the above range.
- "name": "MY_NODE_NAME" # See https://github.com/kubernetes/kops/issues/11144 for more context
"valueFrom": # - name: ADDITIONAL_ENI_TAGS
"fieldRef": # value: "{}"
"fieldPath": "spec.nodeName" # - name: AWS_VPC_CNI_NODE_PORT_SUPPORT
# - "name": "WARM_ENI_TARGET" # value: "true"
# "value": "1" # - name: AWS_VPC_ENI_MTU
# - "name": "WARM_PREFIX_TARGET" # value: "9001"
# "value": "1" # - name: AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER
- "name": "CLUSTER_NAME" # value: "false"
"value": "{{ ClusterName }}" # - name: AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG
"image": "{{- or .Networking.AmazonVPC.ImageName "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1" }}" # value: "false"
"imagePullPolicy": "Always" # - name: AWS_VPC_K8S_CNI_EXTERNALSNAT
"livenessProbe": # value: "false"
"exec": # - name: AWS_VPC_K8S_CNI_LOGLEVEL
"command": # value: "DEBUG"
- "/app/grpc-health-probe" # - name: AWS_VPC_K8S_CNI_LOG_FILE
- "-addr=:50051" # value: "/host/var/log/aws-routed-eni/ipamd.log"
"initialDelaySeconds": 60 # - name: AWS_VPC_K8S_CNI_RANDOMIZESNAT
"name": "aws-node" # value: "prng"
"ports": # - name: AWS_VPC_K8S_CNI_VETHPREFIX
- "containerPort": 61678 # value: "eni"
"name": "metrics" # - name: AWS_VPC_K8S_PLUGIN_LOG_FILE
"readinessProbe": # value: "/var/log/aws-routed-eni/plugin.log"
"exec": # - name: AWS_VPC_K8S_PLUGIN_LOG_LEVEL
"command": # value: "DEBUG"
- "/app/grpc-health-probe" # - name: DISABLE_INTROSPECTION
- "-addr=:50051" # value: "false"
"initialDelaySeconds": 1 # - name: DISABLE_METRICS
"resources": # value: "false"
"requests": # - name: DISABLE_NETWORK_RESOURCE_PROVISIONING
"cpu": "10m" # value: "false"
"securityContext": # - name: ENABLE_IPv4
"capabilities": # value: "true"
"add": # - name: ENABLE_IPv6
- "NET_ADMIN" # value: "false"
"volumeMounts": # - name: ENABLE_POD_ENI
- "mountPath": "/host/opt/cni/bin" # value: "false"
"name": "cni-bin-dir" # - name: ENABLE_PREFIX_DELEGATION
- "mountPath": "/host/etc/cni/net.d" # value: "false"
"name": "cni-net-dir" # - name: WARM_ENI_TARGET
- "mountPath": "/host/var/log/aws-routed-eni" # value: "1"
"name": "log-dir" # - name: WARM_PREFIX_TARGET
- "mountPath": "/var/run/aws-node" # value: "1"
"name": "run-dir" - name: MY_NODE_NAME
- "mountPath": "/var/run/dockershim.sock" valueFrom:
"name": "dockershim" fieldRef:
- "mountPath": "/run/xtables.lock" fieldPath: spec.nodeName
"name": "xtables-lock" - name: "CLUSTER_NAME"
"hostNetwork": true value: "{{ ClusterName }}"
"initContainers": resources:
- "env": requests:
- "name": "DISABLE_TCP_EARLY_DEMUX" cpu: 10m
"value": "false" securityContext:
"image": "{{- or .Networking.AmazonVPC.InitImageName "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1" }}" capabilities:
"imagePullPolicy": "Always" add:
"name": "aws-vpc-cni-init" - NET_ADMIN
"securityContext": volumeMounts:
"privileged": true - mountPath: /host/opt/cni/bin
"volumeMounts": name: cni-bin-dir
- "mountPath": "/host/opt/cni/bin" - mountPath: /host/etc/cni/net.d
"name": "cni-bin-dir" name: cni-net-dir
"priorityClassName": "system-node-critical" - mountPath: /host/var/log/aws-routed-eni
"serviceAccountName": "aws-node" name: log-dir
"terminationGracePeriodSeconds": 10 - mountPath: /var/run/aws-node
"tolerations": name: run-dir
- "operator": "Exists" - mountPath: /var/run/dockershim.sock
"volumes": name: dockershim
- "hostPath": - mountPath: /run/xtables.lock
"path": "/opt/cni/bin" name: xtables-lock
"name": "cni-bin-dir" volumes:
- "hostPath": - name: cni-bin-dir
"path": "/etc/cni/net.d" hostPath:
"name": "cni-net-dir" path: /opt/cni/bin
- "hostPath": - name: cni-net-dir
"path": "{{ if eq .ContainerRuntime "containerd" }}/run/containerd/containerd.sock{{ else }}/var/run/dockershim.sock{{ end }}" hostPath:
"name": "dockershim" path: /etc/cni/net.d
- "hostPath": - name: dockershim
"path": "/run/xtables.lock" hostPath:
"name": "xtables-lock" path: "{{ if eq .ContainerRuntime "containerd" }}/run/containerd/containerd.sock{{ else }}/var/run/dockershim.sock{{ end }}"
- "hostPath": - name: xtables-lock
"path": "/var/log/aws-routed-eni" hostPath:
"type": "DirectoryOrCreate" path: /run/xtables.lock
"name": "log-dir" - name: log-dir
- "hostPath": hostPath:
"path": "/var/run/aws-node" path: /var/log/aws-routed-eni
"type": "DirectoryOrCreate" type: DirectoryOrCreate
"name": "run-dir" - name: run-dir
"updateStrategy": hostPath:
"type": "OnDelete" path: /var/run/aws-node
type: DirectoryOrCreate
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- key: eks.amazonaws.com/compute-type
operator: NotIn
values:
- fargate
--- ---
"apiVersion": "v1" # Source: aws-vpc-cni/templates/serviceaccount.yaml
"kind": "ServiceAccount" apiVersion: v1
"metadata": kind: ServiceAccount
"name": "aws-node" metadata:
"namespace": "kube-system" name: aws-node
... namespace: kube-system
labels:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.9.3"

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/manifest.yaml
View File

@ -54,7 +54,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.16 - id: k8s-1.16
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
manifestHash: c9134986550e6cae3cdb688e09d5c6b893947a995e41396792c1e175595f89a5 manifestHash: 75da98966cc04594813596f6bcd22fa34987f3ac91c44803659729c0c759f462
name: networking.amazon-vpc-routed-eni name: networking.amazon-vpc-routed-eni
needsRollingUpdate: all needsRollingUpdate: all
selector: selector:

50
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/networking.amazon-vpc-routed-eni-k8s-1.16.yaml
View File

@ -4,7 +4,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
roleRef: roleRef:
@ -24,7 +28,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
rules: rules:
@ -33,14 +41,21 @@ rules:
resources: resources:
- eniconfigs - eniconfigs
verbs: verbs:
- get
- list - list
- watch - watch
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- get
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- namespaces
verbs: verbs:
- list - list
- watch - watch
@ -65,13 +80,17 @@ rules:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: eniconfigs.crd.k8s.amazonaws.com name: eniconfigs.crd.k8s.amazonaws.com
spec: spec:
@ -80,9 +99,14 @@ spec:
kind: ENIConfig kind: ENIConfig
plural: eniconfigs plural: eniconfigs
singular: eniconfig singular: eniconfig
preserveUnknownFields: false
scope: Cluster scope: Cluster
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
served: true served: true
storage: true storage: true
@ -94,7 +118,10 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
@ -106,6 +133,8 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/name: aws-node
k8s-app: aws-node k8s-app: aws-node
spec: spec:
affinity: affinity:
@ -140,14 +169,17 @@ spec:
fieldPath: spec.nodeName fieldPath: spec.nodeName
- name: CLUSTER_NAME - name: CLUSTER_NAME
value: minimal.example.com value: minimal.example.com
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5
name: aws-node name: aws-node
ports: ports:
- containerPort: 61678 - containerPort: 61678
@ -157,7 +189,10 @@ spec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 1 initialDelaySeconds: 1
timeoutSeconds: 5
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -183,7 +218,7 @@ spec:
- env: - env:
- name: DISABLE_TCP_EARLY_DEMUX - name: DISABLE_TCP_EARLY_DEMUX
value: "false" value: "false"
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
name: aws-vpc-cni-init name: aws-vpc-cni-init
securityContext: securityContext:
@ -192,6 +227,7 @@ spec:
- mountPath: /host/opt/cni/bin - mountPath: /host/opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
priorityClassName: system-node-critical priorityClassName: system-node-critical
securityContext: {}
serviceAccountName: aws-node serviceAccountName: aws-node
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
tolerations: tolerations:
@ -228,7 +264,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
namespace: kube-system namespace: kube-system

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml
View File

@ -54,7 +54,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.16 - id: k8s-1.16
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
manifestHash: c9134986550e6cae3cdb688e09d5c6b893947a995e41396792c1e175595f89a5 manifestHash: 75da98966cc04594813596f6bcd22fa34987f3ac91c44803659729c0c759f462
name: networking.amazon-vpc-routed-eni name: networking.amazon-vpc-routed-eni
needsRollingUpdate: all needsRollingUpdate: all
selector: selector:

50
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/networking.amazon-vpc-routed-eni-k8s-1.16.yaml
View File

@ -4,7 +4,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
roleRef: roleRef:
@ -24,7 +28,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
rules: rules:
@ -33,14 +41,21 @@ rules:
resources: resources:
- eniconfigs - eniconfigs
verbs: verbs:
- get
- list - list
- watch - watch
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- get
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- namespaces
verbs: verbs:
- list - list
- watch - watch
@ -65,13 +80,17 @@ rules:
--- ---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: eniconfigs.crd.k8s.amazonaws.com name: eniconfigs.crd.k8s.amazonaws.com
spec: spec:
@ -80,9 +99,14 @@ spec:
kind: ENIConfig kind: ENIConfig
plural: eniconfigs plural: eniconfigs
singular: eniconfig singular: eniconfig
preserveUnknownFields: false
scope: Cluster scope: Cluster
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
served: true served: true
storage: true storage: true
@ -94,7 +118,10 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
@ -106,6 +133,8 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/name: aws-node
k8s-app: aws-node k8s-app: aws-node
spec: spec:
affinity: affinity:
@ -140,14 +169,17 @@ spec:
fieldPath: spec.nodeName fieldPath: spec.nodeName
- name: CLUSTER_NAME - name: CLUSTER_NAME
value: minimal.example.com value: minimal.example.com
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5
name: aws-node name: aws-node
ports: ports:
- containerPort: 61678 - containerPort: 61678
@ -157,7 +189,10 @@ spec:
command: command:
- /app/grpc-health-probe - /app/grpc-health-probe
- -addr=:50051 - -addr=:50051
- -connect-timeout=2s
- -rpc-timeout=2s
initialDelaySeconds: 1 initialDelaySeconds: 1
timeoutSeconds: 5
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -183,7 +218,7 @@ spec:
- env: - env:
- name: DISABLE_TCP_EARLY_DEMUX - name: DISABLE_TCP_EARLY_DEMUX
value: "false" value: "false"
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.1 image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3
imagePullPolicy: Always imagePullPolicy: Always
name: aws-vpc-cni-init name: aws-vpc-cni-init
securityContext: securityContext:
@ -192,6 +227,7 @@ spec:
- mountPath: /host/opt/cni/bin - mountPath: /host/opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
priorityClassName: system-node-critical priorityClassName: system-node-critical
securityContext: {}
serviceAccountName: aws-node serviceAccountName: aws-node
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
tolerations: tolerations:
@ -228,7 +264,11 @@ metadata:
creationTimestamp: null creationTimestamp: null
labels: labels:
addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni addon.kops.k8s.io/name: networking.amazon-vpc-routed-eni
app.kubernetes.io/instance: aws-vpc-cni
app.kubernetes.io/managed-by: kops app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.9.3
k8s-app: aws-node
role.kubernetes.io/networking: "1" role.kubernetes.io/networking: "1"
name: aws-node name: aws-node
namespace: kube-system namespace: kube-system