diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 9752080237..0ec0777f0e 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -878,6 +878,16 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -921,14 +931,14 @@ spec: - mountPath: /var/run/secrets/amazonaws.com/ name: token-amazonaws-com readOnly: true - nodeSelector: - node-role.kubernetes.io/master: "" priorityClassName: system-cluster-critical securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -1137,3 +1147,24 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb + +--- + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: aws-load-balancer-controller.addons.k8s.io + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: kops + app.kubernetes.io/name: aws-load-balancer-controller + k8s-addon: aws-load-balancer-controller.addons.k8s.io + name: aws-load-balancer-controller + namespace: kube-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content index 7ba8d66d61..bf2cc552e3 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content @@ -53,7 +53,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: b6ed9a1c67a7120d5b37ca4512547c1f7ce8171ce1fbe2a9934d2bc23cc513cb + manifestHash: add4c7189d8ae5f5fada50f493fa212ab1794f3824ee2823e65b033d4295d799 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 9752080237..0ec0777f0e 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -878,6 +878,16 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -921,14 +931,14 @@ spec: - mountPath: /var/run/secrets/amazonaws.com/ name: token-amazonaws-com readOnly: true - nodeSelector: - node-role.kubernetes.io/master: "" priorityClassName: system-cluster-critical securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -1137,3 +1147,24 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb + +--- + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: aws-load-balancer-controller.addons.k8s.io + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: kops + app.kubernetes.io/name: aws-load-balancer-controller + k8s-addon: aws-load-balancer-controller.addons.k8s.io + name: aws-load-balancer-controller + namespace: kube-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content index 2ed2f6c89f..833e1353be 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content @@ -103,7 +103,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: b6ed9a1c67a7120d5b37ca4512547c1f7ce8171ce1fbe2a9934d2bc23cc513cb + manifestHash: add4c7189d8ae5f5fada50f493fa212ab1794f3824ee2823e65b033d4295d799 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 9752080237..0ec0777f0e 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -878,6 +878,16 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -921,14 +931,14 @@ spec: - mountPath: /var/run/secrets/amazonaws.com/ name: token-amazonaws-com readOnly: true - nodeSelector: - node-role.kubernetes.io/master: "" priorityClassName: system-cluster-critical securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -1137,3 +1147,24 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb + +--- + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: aws-load-balancer-controller.addons.k8s.io + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: kops + app.kubernetes.io/name: aws-load-balancer-controller + k8s-addon: aws-load-balancer-controller.addons.k8s.io + name: aws-load-balancer-controller + namespace: kube-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content index c8cf9160e3..4093fd14ff 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content @@ -110,7 +110,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: b6ed9a1c67a7120d5b37ca4512547c1f7ce8171ce1fbe2a9934d2bc23cc513cb + manifestHash: add4c7189d8ae5f5fada50f493fa212ab1794f3824ee2823e65b033d4295d799 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 5cc42a926f..9ab9062954 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -878,6 +878,16 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -913,14 +923,14 @@ spec: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - nodeSelector: - node-role.kubernetes.io/master: "" priorityClassName: system-cluster-critical securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -1121,3 +1131,24 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb + +--- + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: aws-load-balancer-controller.addons.k8s.io + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: kops + app.kubernetes.io/name: aws-load-balancer-controller + k8s-addon: aws-load-balancer-controller.addons.k8s.io + name: aws-load-balancer-controller + namespace: kube-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content index d3bab83327..03efb40c4c 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content @@ -103,7 +103,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: d42e618c15f4c6fce08b13f0a3fb56695c140e20858c15c7a602adf55ed84e31 + manifestHash: f23127aa568c8acb1cba4790d3c2484525f5078bc2afb1b873e4bc89dc839e66 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 5cc42a926f..9ab9062954 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -878,6 +878,16 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -913,14 +923,14 @@ spec: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - nodeSelector: - node-role.kubernetes.io/master: "" priorityClassName: system-cluster-critical securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -1121,3 +1131,24 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb + +--- + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + creationTimestamp: null + labels: + addon.kops.k8s.io/name: aws-load-balancer-controller.addons.k8s.io + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: kops + app.kubernetes.io/name: aws-load-balancer-controller + k8s-addon: aws-load-balancer-controller.addons.k8s.io + name: aws-load-balancer-controller + namespace: kube-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content index 34eb3fde6d..68084e59ac 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content @@ -103,7 +103,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: d42e618c15f4c6fce08b13f0a3fb56695c140e20858c15c7a602adf55ed84e31 + manifestHash: f23127aa568c8acb1cba4790d3c2484525f5078bc2afb1b873e4bc89dc839e66 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template index 816d78cf84..76be55e55b 100644 --- a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template +++ b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template @@ -736,6 +736,16 @@ spec: app.kubernetes.io/component: controller app.kubernetes.io/name: aws-load-balancer-controller spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --cluster-name={{ ClusterName }} @@ -772,13 +782,13 @@ spec: name: cert readOnly: true priorityClassName: system-cluster-critical - nodeSelector: - node-role.kubernetes.io/master: "" securityContext: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists - key: node-role.kubernetes.io/master operator: Exists topologySpreadConstraints: @@ -949,3 +959,18 @@ spec: apiGroup: elbv2.k8s.aws kind: IngressClassParams name: alb +--- +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: aws-load-balancer-controller + namespace: kube-system + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller +spec: + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: aws-load-balancer-controller + maxUnavailable: 1