kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Upgrade LBC manifest to 2.6.2

This commit is contained in:
Peter Rifel 2023-12-06 17:22:37 -06:00
parent 0db3d49d78
commit 5e647d3760
No known key found for this signature in database
GPG Key ID: BC6469E5B16DB2B6
1 changed files with 114 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template
View File

@ -1,5 +1,5 @@
{{- with .CloudProvider.AWS.LoadBalancerController }} {{- with .CloudProvider.AWS.LoadBalancerController }}
# sourced from https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases/download/v2.4.6/v2_4_6_full.yaml # sourced from https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases/download/v2.6.2/v2_6_2_full.yaml
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@ -64,6 +64,12 @@ spec:
required: required:
- name - name
type: object type: object
inboundCIDRs:
description: InboundCIDRs specifies the CIDRs that are allowed to
access the Ingresses that belong to IngressClass with this IngressClassParams.
items:
type: string
type: array
ipAddressType: ipAddressType:
description: IPAddressType defines the ip address type for all Ingresses description: IPAddressType defines the ip address type for all Ingresses
that belong to IngressClass with this IngressClassParams. that belong to IngressClass with this IngressClassParams.
@ -143,6 +149,34 @@ spec:
- internal - internal
- internet-facing - internet-facing
type: string type: string
sslPolicy:
description: SSLPolicy specifies the SSL Policy for all Ingresses
that belong to IngressClass with this IngressClassParams.
type: string
subnets:
description: Subnets defines the subnets for all Ingresses that belong
to IngressClass with this IngressClassParams.
properties:
ids:
description: IDs specify the resource IDs of subnets. Exactly
one of this or `tags` must be specified.
items:
description: SubnetID specifies a subnet ID.
pattern: subnet-[0-9a-f]+
type: string
minItems: 1
type: array
tags:
additionalProperties:
items:
type: string
type: array
description: Tags specifies subnets in the load balancer's VPC
where each tag specified in the map key contains one of the
values in the corresponding value list. Exactly one of this
or `ids` must be specified.
type: object
type: object
tags: tags:
description: Tags defines list of Tags on AWS resources provisioned description: Tags defines list of Tags on AWS resources provisioned
for Ingresses that belong to IngressClass with this IngressClassParams. for Ingresses that belong to IngressClass with this IngressClassParams.
@ -594,6 +628,22 @@ rules:
- get - get
- update - update
- patch - patch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- apiGroups:
- coordination.k8s.io
resourceNames:
- aws-load-balancer-controller-leader
resources:
- leases
verbs:
- get
- update
- patch
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
@ -845,7 +895,7 @@ spec:
fieldRef: fieldRef:
apiVersion: v1 apiVersion: v1
fieldPath: spec.nodeName fieldPath: spec.nodeName
image: public.ecr.aws/eks/aws-load-balancer-controller:{{ or .Version "v2.4.6" }} image: public.ecr.aws/eks/aws-load-balancer-controller:{{ or .Version "v2.6.2" }}
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:
@ -921,9 +971,19 @@ spec:
- aws-load-balancer-webhook-service.kube-system.svc.cluster.local - aws-load-balancer-webhook-service.kube-system.svc.cluster.local
issuerRef: issuerRef:
kind: Issuer kind: Issuer
name: aws-load-balancer-controller.addons.k8s.io name: aws-load-balancer-selfsigned-issuer
secretName: aws-load-balancer-webhook-tls secretName: aws-load-balancer-webhook-tls
--- ---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
labels:
app.kubernetes.io/name: aws-load-balancer-controller
name: aws-load-balancer-selfsigned-issuer
namespace: kube-system
spec:
selfSigned: {}
---
apiVersion: admissionregistration.k8s.io/v1 apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration kind: MutatingWebhookConfiguration
metadata: metadata:
@ -933,6 +993,31 @@ metadata:
app.kubernetes.io/name: aws-load-balancer-controller app.kubernetes.io/name: aws-load-balancer-controller
name: aws-load-balancer-webhook name: aws-load-balancer-webhook
webhooks: webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: aws-load-balancer-webhook-service
namespace: kube-system
path: /mutate-v1-service
failurePolicy: Fail
name: mservice.elbv2.k8s.aws
objectSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: NotIn
values:
- aws-load-balancer-controller
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- CREATE
resources:
- services
sideEffects: None
- admissionReviewVersions: - admissionReviewVersions:
- v1beta1 - v1beta1
clientConfig: clientConfig:
@ -994,6 +1079,32 @@ metadata:
app.kubernetes.io/name: aws-load-balancer-controller app.kubernetes.io/name: aws-load-balancer-controller
name: aws-load-balancer-webhook name: aws-load-balancer-webhook
webhooks: webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: aws-load-balancer-webhook-service
namespace: kube-system
path: /validate-elbv2-k8s-aws-v1beta1-ingressclassparams
failurePolicy: Fail
name: vingressclassparams.elbv2.k8s.aws
objectSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: NotIn
values:
- aws-load-balancer-controller
rules:
- apiGroups:
- elbv2.k8s.aws
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- ingressclassparams
sideEffects: None
- admissionReviewVersions: - admissionReviewVersions:
- v1beta1 - v1beta1
clientConfig: clientConfig: