diff --git a/Makefile b/Makefile index 07c303fac9..bfebbfaca5 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ GOVERSION=1.6 # See http://stackoverflow.com/questions/18136918/how-to-get-current-relative-directory-of-your-makefile MAKEDIR:=$(strip $(shell dirname "$(realpath $(lastword $(MAKEFILE_LIST)))")) -TAG=1.3 +TAG=1.4 ifndef VERSION VERSION := git-$(shell git describe --always) diff --git a/cmd/kops/main.go b/cmd/kops/main.go index e93cb9bf5a..080bfcb042 100644 --- a/cmd/kops/main.go +++ b/cmd/kops/main.go @@ -2,9 +2,15 @@ package main import ( "fmt" + "k8s.io/kops/upup/pkg/fi/cloudup" "os" ) +var ( + // value overwritten during build. This can be used to resolve issues. + BuildVersion = cloudup.NodeUpVersion +) + func main() { Execute() } diff --git a/cmd/kops/version.go b/cmd/kops/version.go index 3732ff780f..20924fa8ee 100644 --- a/cmd/kops/version.go +++ b/cmd/kops/version.go @@ -6,11 +6,6 @@ import ( "github.com/spf13/cobra" ) -var ( - // value overwritten during build. This can be used to resolve issues. - BuildVersion = "0.1" -) - type VersionCmd struct { cobraCommand *cobra.Command } diff --git a/docs/adding_a_feature.md b/docs/adding_a_feature.md index 79105573bc..c128e08560 100644 --- a/docs/adding_a_feature.md +++ b/docs/adding_a_feature.md @@ -110,9 +110,9 @@ func TestBuildTags_UpdatePolicy_Nil(t *testing.T) { }, } - tags, err := buildClusterTags(c) + tags, err := buildCloudupTags(c) if err != nil { - t.Fatalf("buildTags error: %v", err) + t.Fatalf("buildCloudupTags error: %v", err) } nodeUpTags, err := buildNodeupTags(api.InstanceGroupRoleNode, c, tags) @@ -132,9 +132,9 @@ func TestBuildTags_UpdatePolicy_External(t *testing.T) { }, } - tags, err := buildClusterTags(c) + tags, err := buildCloudupTags(c) if err != nil { - t.Fatalf("buildTags error: %v", err) + t.Fatalf("buildCloudupTags error: %v", err) } nodeUpTags, err := buildNodeupTags(api.InstanceGroupRoleNode, c, tags) @@ -184,9 +184,9 @@ and then push nodeup using: ``` export S3_BUCKET_NAME= -make upload S3_BUCKET=s3://${S3_BUCKET_NAME} VERSION=1.3 +make upload S3_BUCKET=s3://${S3_BUCKET_NAME} VERSION=1.4.0 -export NODEUP_URL=https://${S3_BUCKET_NAME}.s3.amazonaws.com/kops/1.3/linux/amd64/nodeup +export NODEUP_URL=https://${S3_BUCKET_NAME}.s3.amazonaws.com/kops/1.4.0/linux/amd64/nodeup kops create cluster --zones us-east-1b ... diff --git a/docs/testing.md b/docs/testing.md index 436aa4e7b8..5353c0f8e9 100644 --- a/docs/testing.md +++ b/docs/testing.md @@ -59,12 +59,16 @@ tar zxf kubernetes-server-linux-amd64.tar.gz rm kubernetes/server/bin/federation* rm kubernetes/server/bin/hyperkube +rm kubernetes/server/bin/kubeadm rm kubernetes/server/bin/kube-apiserver rm kubernetes/server/bin/kube-controller-manager +rm kubernetes/server/bin/kube-discovery rm kubernetes/server/bin/kube-dns rm kubernetes/server/bin/kubemark rm kubernetes/server/bin/kube-proxy rm kubernetes/server/bin/kube-scheduler +rm kubernetes/kubernetes-src.tar.gz + find kubernetes/server/bin -type f -name "*.tar" | xargs -I {} /bin/bash -c "sha1sum {} | cut -f1 -d ' ' > {}.sha1" find kubernetes/server/bin -type f -name "kube???" | xargs -I {} /bin/bash -c "sha1sum {} | cut -f1 -d ' ' > {}.sha1" diff --git a/docs/work_in_progress/pushing_updates_without_rebooting.md b/docs/work_in_progress/pushing_updates_without_rebooting.md index 396bddca0f..0995491724 100644 --- a/docs/work_in_progress/pushing_updates_without_rebooting.md +++ b/docs/work_in_progress/pushing_updates_without_rebooting.md @@ -31,7 +31,7 @@ cat <<'EOF' | ssh admin@${ip} 'sudo bash -s' #/bin/bash set -e set -x -NODEUP_URL=https://kubeupv2.s3.amazonaws.com/kops/1.3/linux/amd64/nodeup +NODEUP_URL=https://kubeupv2.s3.amazonaws.com/kops/1.4.0/linux/amd64/nodeup INSTALL_DIR="/var/cache/kubernetes-install" mkdir -p ${INSTALL_DIR} diff --git a/e2e/runtests.sh b/e2e/runtests.sh index 91cfe56f99..7103caf054 100755 --- a/e2e/runtests.sh +++ b/e2e/runtests.sh @@ -85,7 +85,7 @@ chmod +x /tmp/e2e.sh curl -fsS --retry 3 "https://storage.googleapis.com/kubernetes-release/release/v1.3.5/bin/linux/amd64/kubectl" > /usr/local/bin/kubectl chmod +x /usr/local/bin/kubectl -curl -fsS --retry 3 "https://kubeupv2.s3.amazonaws.com/kops/1.3/linux/amd64/kops" > /tmp/kops +curl -fsS --retry 3 "https://kubeupv2.s3.amazonaws.com/kops/1.4.0/linux/amd64/kops" > /tmp/kops cp /tmp/kops /usr/local/bin/kops chmod +x /usr/local/bin/kops diff --git a/upup/models/cloudup/manifests/addons.yaml b/upup/models/cloudup/manifests/addons.yaml new file mode 100644 index 0000000000..4ebb924b15 --- /dev/null +++ b/upup/models/cloudup/manifests/addons.yaml @@ -0,0 +1,15 @@ +managedFile/{{ ClusterName }}-addons-bootstrap: + location: addons/bootstrap-channel.yaml + contents: resources/addons/bootstrap-channel.yaml + +managedFile/{{ ClusterName }}-addons-bootstrap-kube-dns: + location: addons/kube-dns/v1.4.0.yaml + contents: resources/addons/kube-dns/v1.4.0.yaml + +managedFile/{{ ClusterName }}-addons-bootstrap-core: + location: addons/core/v1.4.0.yaml + contents: resources/addons/core/v1.4.0.yaml + +managedFile/{{ ClusterName }}-addons-bootstrap-dns-controller: + location: addons/dns-controller/v1.4.0.yaml + contents: resources/addons/dns-controller/v1.4.0.yaml diff --git a/upup/models/cloudup/resources/addons/kube-dns/v1.4.0.yaml.template b/upup/models/cloudup/resources/addons/kube-dns/v1.4.0.yaml.template index 3de1aceceb..446a2d562d 100644 --- a/upup/models/cloudup/resources/addons/kube-dns/v1.4.0.yaml.template +++ b/upup/models/cloudup/resources/addons/kube-dns/v1.4.0.yaml.template @@ -147,4 +147,4 @@ spec: protocol: UDP - name: dns-tcp port: 53 - protocol: TCP \ No newline at end of file + protocol: TCP diff --git a/upup/models/config/components/kube-apiserver/_k8s_1_3/kube-apiserver.options b/upup/models/config/components/kube-apiserver/_k8s_1_3/kube-apiserver.options new file mode 100644 index 0000000000..db9f8946a4 --- /dev/null +++ b/upup/models/config/components/kube-apiserver/_k8s_1_3/kube-apiserver.options @@ -0,0 +1,8 @@ +KubeAPIServer: + # If we include ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely. + AdmissionControl: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - PersistentVolumeLabel + - ResourceQuota \ No newline at end of file diff --git a/upup/models/config/components/kube-apiserver/_k8s_1_4/kube-apiserver.options b/upup/models/config/components/kube-apiserver/_k8s_1_4/kube-apiserver.options new file mode 100644 index 0000000000..cc40fb6d7a --- /dev/null +++ b/upup/models/config/components/kube-apiserver/_k8s_1_4/kube-apiserver.options @@ -0,0 +1,9 @@ +KubeAPIServer: + # If we include ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely. + AdmissionControl: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - PersistentVolumeLabel + - DefaultStorageClass + - ResourceQuota \ No newline at end of file diff --git a/upup/models/config/components/kube-apiserver/_k8s_1_5/kube-apiserver.options b/upup/models/config/components/kube-apiserver/_k8s_1_5/kube-apiserver.options new file mode 100644 index 0000000000..cc40fb6d7a --- /dev/null +++ b/upup/models/config/components/kube-apiserver/_k8s_1_5/kube-apiserver.options @@ -0,0 +1,9 @@ +KubeAPIServer: + # If we include ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely. + AdmissionControl: + - NamespaceLifecycle + - LimitRanger + - ServiceAccount + - PersistentVolumeLabel + - DefaultStorageClass + - ResourceQuota \ No newline at end of file diff --git a/upup/models/config/components/kube-apiserver/kube-apiserver.options b/upup/models/config/components/kube-apiserver/kube-apiserver.options index 231dbf7c2f..43c44466a5 100644 --- a/upup/models/config/components/kube-apiserver/kube-apiserver.options +++ b/upup/models/config/components/kube-apiserver/kube-apiserver.options @@ -3,9 +3,10 @@ KubeAPIServer: PathSrvKubernetes: /srv/kubernetes PathSrvSshproxy: /srv/sshproxy Address: 127.0.0.1 - EtcdServers: http://127.0.0.1:4001 - EtcdServersOverrides: /events#http://127.0.0.1:4002 - AdmissionControl: NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota,PersistentVolumeLabel + EtcdServers: + - http://127.0.0.1:4001 + EtcdServersOverrides: + - /events#http://127.0.0.1:4002 ServiceClusterIPRange: {{ .ServiceClusterIPRange }} ClientCAFile: /srv/kubernetes/ca.crt BasicAuthFile: /srv/kubernetes/basic_auth.csv diff --git a/upup/models/nodeup/_kubernetes_master/_aws/kope-aws/files/etc/kubernetes/manifests/kope-aws.manifest.template b/upup/models/nodeup/_kubernetes_master/_aws/kope-aws/files/etc/kubernetes/manifests/kope-aws.manifest.template deleted file mode 100644 index 050952d360..0000000000 --- a/upup/models/nodeup/_kubernetes_master/_aws/kope-aws/files/etc/kubernetes/manifests/kope-aws.manifest.template +++ /dev/null @@ -1,18 +0,0 @@ -# kope-aws podspec -apiVersion: v1 -kind: Pod -metadata: - name: kope-aws - namespace: kube-system -spec: - hostNetwork: true - containers: - - name: kope-aws - image: kope/aws-controller:1.3 - command: - - /usr/bin/aws-controller - - -healthz-port=10245 - - -zone-name={{ .DNSZone }} - - -v=4 - securityContext: - privileged: true diff --git a/upup/models/nodeup/_kubernetes_master/kube-apiserver/files/etc/kubernetes/manifests/kube-apiserver.manifest.template b/upup/models/nodeup/_kubernetes_master/kube-apiserver/files/etc/kubernetes/manifests/kube-apiserver.manifest.template index 20f77fb418..63dafbcd28 100644 --- a/upup/models/nodeup/_kubernetes_master/kube-apiserver/files/etc/kubernetes/manifests/kube-apiserver.manifest.template +++ b/upup/models/nodeup/_kubernetes_master/kube-apiserver/files/etc/kubernetes/manifests/kube-apiserver.manifest.template @@ -1,6 +1,9 @@ apiVersion: v1 kind: Pod metadata: + annotations: + dns.alpha.kubernetes.io/external: {{ .MasterPublicName }} + dns.alpha.kubernetes.io/internal: {{ .MasterInternalName }} name: kube-apiserver namespace: kube-system spec: diff --git a/upup/pkg/api/componentconfig.go b/upup/pkg/api/componentconfig.go index a747f5ebdb..96508702e1 100644 --- a/upup/pkg/api/componentconfig.go +++ b/upup/pkg/api/componentconfig.go @@ -64,7 +64,7 @@ type KubeletConfigSpec struct { // of the actual hostname. // Note: We recognize some additional values: // @aws uses the hostname from the AWS metadata service - HostnameOverride string `json:"hostnameOverride" flag:"hostname-override"` + HostnameOverride string `json:"hostnameOverride,omitempty" flag:"hostname-override"` //// podInfraContainerImage is the image whose network/ipc namespaces //// containers in each pod will use. //PodInfraContainerImage string `json:"podInfraContainerImage"` @@ -362,9 +362,9 @@ type KubeAPIServerConfig struct { CloudProvider string `json:"cloudProvider,omitempty" flag:"cloud-provider"` SecurePort int `json:"securePort,omitempty" flag:"secure-port"` Address string `json:"address,omitempty" flag:"address"` - EtcdServers string `json:"etcdServers,omitempty" flag:"etcd-servers"` - EtcdServersOverrides string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"` - AdmissionControl string `json:"admissionControl,omitempty" flag:"admission-control"` + EtcdServers []string `json:"etcdServers,omitempty" flag:"etcd-servers"` + EtcdServersOverrides []string `json:"etcdServersOverrides,omitempty" flag:"etcd-servers-overrides"` + AdmissionControl []string `json:"admissionControl,omitempty" flag:"admission-control"` ServiceClusterIPRange string `json:"serviceClusterIPRange,omitempty" flag:"service-cluster-ip-range"` ClientCAFile string `json:"clientCAFile,omitempty" flag:"client-ca-file"` BasicAuthFile string `json:"basicAuthFile,omitempty" flag:"basic-auth-file"` diff --git a/upup/pkg/api/kubeletconfig.go b/upup/pkg/api/kubeletconfig.go index eca5ee88ac..90ae0cd53c 100644 --- a/upup/pkg/api/kubeletconfig.go +++ b/upup/pkg/api/kubeletconfig.go @@ -2,6 +2,9 @@ package api import "k8s.io/kops/upup/pkg/fi/utils" +const RoleLabelName = "kubernetes.io/role" +const RoleMasterLabelValue = "master" + // NodeLabels are defined in the InstanceGroup, but set flags on the kubelet config. // We have a conflict here: on the one hand we want an easy to use abstract specification // for the cluster, on the other hand we don't want two fields that do the same thing. @@ -22,6 +25,13 @@ func BuildKubeletConfigSpec(cluster *Cluster, instanceGroup *InstanceGroup) (*Ku utils.JsonMergeStruct(c, cluster.Spec.Kubelet) } + if instanceGroup.Spec.Role == InstanceGroupRoleMaster { + if c.NodeLabels == nil { + c.NodeLabels = make(map[string]string) + } + c.NodeLabels[RoleLabelName] = RoleMasterLabelValue + } + for k, v := range instanceGroup.Spec.NodeLabels { if c.NodeLabels == nil { c.NodeLabels = make(map[string]string) diff --git a/upup/pkg/api/registry.go b/upup/pkg/api/registry.go index cd18c3d26b..8fec2dfdf6 100644 --- a/upup/pkg/api/registry.go +++ b/upup/pkg/api/registry.go @@ -327,6 +327,9 @@ func (r *ClusterRegistry) DeleteAllClusterState(clusterName string) error { if relativePath == "config" || relativePath == "cluster.spec" { continue } + if strings.HasPrefix(relativePath, "addons/") { + continue + } if strings.HasPrefix(relativePath, "pki/") { continue } diff --git a/upup/pkg/fi/cloudup/apply_cluster.go b/upup/pkg/fi/cloudup/apply_cluster.go index 2abbb61f69..92eb62cfcc 100644 --- a/upup/pkg/fi/cloudup/apply_cluster.go +++ b/upup/pkg/fi/cloudup/apply_cluster.go @@ -19,6 +19,10 @@ import ( "strings" ) +const ( + NodeUpVersion = "1.4.0" +) + const MaxAttemptsWithNoProgress = 3 type ApplyClusterCmd struct { @@ -101,6 +105,10 @@ func (c *ApplyClusterCmd) Run() error { return fmt.Errorf("error getting config base: %v", err) } + channels := []string{ + configBase.Join("addons", "bootstrap-channel.yaml").Path(), + } + // Normalize k8s version versionWithoutV := strings.TrimSpace(cluster.Spec.KubernetesVersion) if strings.HasPrefix(versionWithoutV, "v") { @@ -159,7 +167,7 @@ func (c *ApplyClusterCmd) Run() error { if c.NodeUpSource == "" { location := os.Getenv("NODEUP_URL") if location == "" { - location = "https://kubeupv2.s3.amazonaws.com/kops/1.3/linux/amd64/nodeup" + location = "https://kubeupv2.s3.amazonaws.com/kops/" + NodeUpVersion + "/linux/amd64/nodeup" glog.V(2).Infof("Using default nodeup location: %q", location) } else { glog.Warningf("Using nodeup location from NODEUP_URL env var: %q", location) @@ -388,6 +396,8 @@ func (c *ApplyClusterCmd) Run() error { } } + config.Channels = channels + yaml, err := api.ToYaml(config) if err != nil { return "", err diff --git a/upup/pkg/fi/cloudup/template_functions.go b/upup/pkg/fi/cloudup/template_functions.go index da642398e9..efa8d063cb 100644 --- a/upup/pkg/fi/cloudup/template_functions.go +++ b/upup/pkg/fi/cloudup/template_functions.go @@ -101,6 +101,10 @@ func (tf *TemplateFunctions) AddTo(dest template.FuncMap) { dest["CloudTags"] = tf.CloudTags dest["APIServerCount"] = tf.APIServerCount + + dest["KubeDNS"] = func() *api.KubeDNSConfig { + return tf.cluster.Spec.KubeDNS + } } func (tf *TemplateFunctions) EtcdClusterMemberTags(etcd *api.EtcdClusterSpec, m *api.EtcdMemberSpec) map[string]string { @@ -125,7 +129,7 @@ func (tf *TemplateFunctions) EtcdClusterMemberTags(etcd *api.EtcdClusterSpec, m // SharedVPC is a simple helper function which makes the templates for a shared VPC clearer func (tf *TemplateFunctions) SharedVPC() bool { - return tf.cluster.Spec.NetworkID != "" + return tf.cluster.SharedVPC() } // SharedZone is a simple helper function which makes the templates for a shared Zone clearer @@ -220,11 +224,6 @@ func (tf *TemplateFunctions) CloudTags(ig *api.InstanceGroup) (map[string]string if ig.Spec.Role == api.InstanceGroupRoleMaster { labels["k8s.io/role/master"] = "1" - labels["k8s.io/dns/internal"] = "api.internal." + tf.cluster.Name - - if !tf.HasTag("_master_lb") { - labels["k8s.io/dns/public"] = "api." + tf.cluster.Name - } } if ig.Spec.Role == api.InstanceGroupRoleNode { @@ -244,7 +243,7 @@ func (tf *TemplateFunctions) GetInstanceGroup(name string) (*api.InstanceGroup, return nil, fmt.Errorf("InstanceGroup %q not found", name) } -// APIServerCount returns the value for the kubeapiserver --apiserver-count flag +// APIServerCount returns the value for the apiserver --apiserver-count flag func (tf *TemplateFunctions) APIServerCount() int { count := 0 for _, ig := range tf.instanceGroups { diff --git a/upup/pkg/fi/nodeup/command.go b/upup/pkg/fi/nodeup/command.go index c9a28f987f..bc4d684a88 100644 --- a/upup/pkg/fi/nodeup/command.go +++ b/upup/pkg/fi/nodeup/command.go @@ -165,10 +165,6 @@ func (c *NodeUpCommand) Run(out io.Writer) error { tags[tag] = struct{}{} } - // For the transition to 1.4, we will force the _kube-addons tag - // In 1.4, we will remove this tag and replace it with the protokube channels management - tags["_kube-addons"] = struct{}{} - glog.Infof("Config tags: %v", c.config.Tags) glog.Infof("OS tags: %v", osTags) @@ -255,10 +251,13 @@ func evaluateSpec(c *api.Cluster) error { } func evaluateHostnameOverride(hostnameOverride string) (string, error) { + if hostnameOverride == "" { + return "", nil + } k := strings.TrimSpace(hostnameOverride) k = strings.ToLower(k) - if hostnameOverride != "@aws" { + if k != "@aws" { return hostnameOverride, nil } diff --git a/upup/pkg/fi/values.go b/upup/pkg/fi/values.go index 55fbec5d5e..b276cdaca3 100644 --- a/upup/pkg/fi/values.go +++ b/upup/pkg/fi/values.go @@ -13,6 +13,13 @@ func StringValue(s *string) string { return *s } +func IsNilOrEmpty(s *string) bool { + if s == nil { + return true + } + return *s == "" +} + func String(s string) *string { return &s }