diff --git a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_master-us-test-1a.masters.bastionuserdata.example.com_user_data b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_master-us-test-1a.masters.bastionuserdata.example.com_user_data index fed98e3657..b9f640ad7c 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_master-us-test-1a.masters.bastionuserdata.example.com_user_data +++ b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_master-us-test-1a.masters.bastionuserdata.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.bastionuserdata.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: bastionuserdata.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: bastionuserdata.example.com ConfigBase: memfs://clusters.example.com/bastionuserdata.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_nodes.bastionuserdata.example.com_user_data b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_nodes.bastionuserdata.example.com_user_data index 81f299989d..186c782abd 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_nodes.bastionuserdata.example.com_user_data +++ b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_launch_template_nodes.bastionuserdata.example.com_user_data @@ -145,8 +145,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -155,23 +159,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -190,29 +193,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: bastionuserdata.example.com ConfigBase: memfs://clusters.example.com/bastionuserdata.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/bastionadditional_user-data/in-v1alpha2.yaml b/tests/integration/update_cluster/bastionadditional_user-data/in-v1alpha2.yaml index 4902a04608..fa77880edb 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/bastionadditional_user-data/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.bastionuserdata.example.com masterPublicName: api.bastionuserdata.example.com networkCIDR: 172.20.0.0/16 networking: - calico: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf b/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf index 700a455568..24c2d8d8c2 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf +++ b/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf @@ -807,15 +807,6 @@ resource "aws_security_group_rule" "from-nodes-bastionuserdata-example-com-egres type = "egress" } -resource "aws_security_group_rule" "from-nodes-bastionuserdata-example-com-ingress-4-0to0-masters-bastionuserdata-example-com" { - from_port = 0 - protocol = "4" - security_group_id = aws_security_group.masters-bastionuserdata-example-com.id - source_security_group_id = aws_security_group.nodes-bastionuserdata-example-com.id - to_port = 65535 - type = "ingress" -} - resource "aws_security_group_rule" "from-nodes-bastionuserdata-example-com-ingress-all-0to0-nodes-bastionuserdata-example-com" { from_port = 0 protocol = "-1" diff --git a/tests/integration/update_cluster/complex/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/complex/cloudformation.json.extracted.yaml index 333f061754..494dd13ecf 100644 --- a/tests/integration/update_cluster/complex/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/complex/cloudformation.json.extracted.yaml @@ -146,8 +146,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -156,16 +160,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 auditWebhookBatchThrottleQps: 3140m authorizationMode: AlwaysAllow @@ -188,9 +194,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -207,6 +211,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.complex.example.com serviceClusterIPRange: 100.64.0.0/13 serviceNodePortRange: 28000-32767 storageBackend: etcd3 @@ -216,8 +221,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: complex.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -226,46 +231,42 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -281,34 +282,32 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: complex.example.com ConfigBase: memfs://clusters.example.com/complex.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -337,6 +336,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscomplexexamplecom.Properties. - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -501,8 +503,12 @@ Resources.AWSEC2LaunchTemplatenodescomplexexamplecom.Properties.LaunchTemplateDa cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -511,28 +517,26 @@ Resources.AWSEC2LaunchTemplatenodescomplexexamplecom.Properties.LaunchTemplateDa - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -547,34 +551,32 @@ Resources.AWSEC2LaunchTemplatenodescomplexexamplecom.Properties.LaunchTemplateDa cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: complex.example.com ConfigBase: memfs://clusters.example.com/complex.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/complex/data/aws_launch_template_master-us-test-1a.masters.complex.example.com_user_data b/tests/integration/update_cluster/complex/data/aws_launch_template_master-us-test-1a.masters.complex.example.com_user_data index 353c8c990c..19b6245b18 100644 --- a/tests/integration/update_cluster/complex/data/aws_launch_template_master-us-test-1a.masters.complex.example.com_user_data +++ b/tests/integration/update_cluster/complex/data/aws_launch_template_master-us-test-1a.masters.complex.example.com_user_data @@ -145,8 +145,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -155,16 +159,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 auditWebhookBatchThrottleQps: 3140m authorizationMode: AlwaysAllow @@ -187,9 +193,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -206,6 +210,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.complex.example.com serviceClusterIPRange: 100.64.0.0/13 serviceNodePortRange: 28000-32767 storageBackend: etcd3 @@ -215,8 +220,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: complex.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -225,46 +230,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -280,34 +281,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: complex.example.com ConfigBase: memfs://clusters.example.com/complex.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -336,6 +335,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/complex/data/aws_launch_template_nodes.complex.example.com_user_data b/tests/integration/update_cluster/complex/data/aws_launch_template_nodes.complex.example.com_user_data index 27fa097653..4ee05df1b5 100644 --- a/tests/integration/update_cluster/complex/data/aws_launch_template_nodes.complex.example.com_user_data +++ b/tests/integration/update_cluster/complex/data/aws_launch_template_nodes.complex.example.com_user_data @@ -145,8 +145,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -155,28 +159,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -191,34 +193,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: complex.example.com ConfigBase: memfs://clusters.example.com/complex.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml b/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml index 0db3e26fb3..0b3e5c039a 100644 --- a/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml +++ b/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml @@ -43,7 +43,7 @@ spec: memoryLimit: 1000Mi kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.complex.example.com masterPublicName: api.complex.example.com networkCIDR: 172.20.0.0/16 @@ -51,7 +51,7 @@ spec: - 10.1.0.0/16 - 10.2.0.0/16 networking: - kubenet: {} + cni: {} nodePortAccess: - 1.2.3.4/32 - 10.20.30.0/24 diff --git a/tests/integration/update_cluster/complex/in-v1alpha2.yaml b/tests/integration/update_cluster/complex/in-v1alpha2.yaml index e09a700c68..7c0246ee9c 100644 --- a/tests/integration/update_cluster/complex/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/complex/in-v1alpha2.yaml @@ -43,7 +43,7 @@ spec: memoryLimit: 1000Mi kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.complex.example.com masterPublicName: api.complex.example.com networkCIDR: 172.20.0.0/16 @@ -51,7 +51,7 @@ spec: - 10.1.0.0/16 - 10.2.0.0/16 networking: - kubenet: {} + cni: {} nodePortAccess: - 1.2.3.4/32 - 10.20.30.0/24 diff --git a/tests/integration/update_cluster/compress/data/aws_launch_template_master-us-test-1a.masters.compress.example.com_user_data b/tests/integration/update_cluster/compress/data/aws_launch_template_master-us-test-1a.masters.compress.example.com_user_data index 8ef7c7bb6c..3a401f355c 100644 --- a/tests/integration/update_cluster/compress/data/aws_launch_template_master-us-test-1a.masters.compress.example.com_user_data +++ b/tests/integration/update_cluster/compress/data/aws_launch_template_master-us-test-1a.masters.compress.example.com_user_data @@ -141,11 +141,11 @@ function download-release() { echo "== nodeup node config starting ==" ensure-install-dir -echo "H4sIAAAAAAAA/+xWTW8TSRO++1e0eIW4xGNPHHhDC6Q1DkusjcHrBHav5e7yuNc93UN/ODa/flXd46+QLIfV3hAS8dTXPFX1VNUIbaMcWbNQFWcmat0R1gRQBt0smqBq5ExasUJ3UEjeYcyvVDM2PoDWnAUXsZPNSKeaCfivnC1Ae0zPdzDX6A8Sbasrp9boOPvLW9NdKN2Kb3CNmjNlFjYLPjWBYnZZDZuuV9/wbdmv9wJyfPuS8ATroELO7Bqdhu35WfvjDOLCdxhbo/PKGs7Ky6L/qhh00Ai3bYKy5iR/DEKOdPQBnacX4xpNSL+OYgyKQVH2O4zVoMzjulWc43A6vkW3zlUBre391Km10lihbKvGGBhrtrWNfhjD8lAiaFT2HdloAmclyWJYWqe+AaGeWImcDfU9bP2QYncYmysjh1I69J6zfpH+dRhLXZ46u1aSSg73VBA01JShrJUn4FMdK2V8rvVHqNE3IPBGLVBsRepOl92oWoUZmApdeiaASuBQCMKYRFMqgw9owherY403MEedNFe4gKjDbW7USIP3x/I7q9GlxG5RWCOzchIDBGWqPcw/cL60dpWUX0Ar+bT6o5U4Qx+cEhQ2yWbobXQCf482ABUhCJnL3Ga+DKHhvV55/v9UvZJf9PvlqeGnNTqnJLYevcyQ/z3meU7srxMvV5e+qIQrlO0RNbrQKJ+5sS6L8iL1SRmPIjp8d9zGfcAjg6l1gbPL/iV5UTiNYepwgc7hzvNu2+wgjk1AZ0CPp+nx2vpgoM49fb850h0GkJA7/BrRhyWCRJcohjIxI0eFqnJYQbDuoe37TXBwnX4SKrXZufzZnWFtA3aTRfeh3wdnY5P9Hjok1UP7z56g1/i4C2lpMxxV7OJikCSJtu2Uj6eJ0ZyV/X7x6oJq3SsHh5XyDsQKjeSJAoM01yNrgrNao5uAgeow3wICEu1G46uZP0x4CCCWV0j/z4jcQmm83RoxRaes5Kys+/6pMRUZJUXMEF+/yhDLg5KawpmwdUONL3ADdaOxEJYWpUjbLTocUfiZjQEP0J4gp9gn2K3bDA8s1bnHGtNY5e13JNvHPiVT9Hi6LkYOJZqgQO/g0Kunzm62/Id5N3GWiZB0lOayJfVuOjl78Qvc+xdPJ9mkVx3ldYSXDG7FEmXU7U17PIbf2/y7+rQzzJ++B6KiCZhZGzjr/YAsVx9vj+hc9o80Nl2s3WNBlNX7Y3CF81hVylTXYKSmidphxXVeotfgJGc11tZtC1iD0uT3puz3J+rMWIkLfyJ+vhMq+ut/dYhvXj4/S9X8znQnPbHtMLZACNHhBwjYHuL3mwadqtEE0COnghKgp1YOjbEh3RDOnhHyZ/9MDKp6Ho8pUK17a3A9rea9th29g8F3fDYY7q1b5bM5ufvM2et8KU4UeTIpjEE6kMYa+jaK6CBvidO1Q51qrBybhYPR7ntr/B31Goge+aA4z+YTMGqBPrRJYBAJuDMY0PfqVus7NVDPf/tJtZ9U+6+pRoe6ou9A125RqvyOYX8DAAD//wEAAP//suhCc3UMAAA=" | base64 -d | gzip -d > conf/cluster_spec.yaml +echo "H4sIAAAAAAAA/+xW32/bthN/919B9IuiL7FkJWm/q9AA85xuMZa0ntN1A4ZhOJNnmQtFqvyh2MX++OFI2bKTuH3YaxEglu4Hefe5z92JKxPExOilrEqmg1IDbrQHqdHOg/ayxpIJw+/Q9gpRDhjj0ed9i9ZKgSX7Z8AYY0I6WCgUfzUqVFI7dsH+eMatfPbngDFlqmtsUZVM6qUZpGPpLFwjf994ehwyDV62mPHKmtAIK1u0F27jPNZiwJhsbsB9KtkSlMP4/oEudL1EmeoyepXsb2f0cCkVPr48CnZ31rAeOvkZL4pRvROQ48XLAWPOGwsVlsy0aBVsTk+6hxMISzdgrEXrpNElK15no7OsOB+g5nbTeGn0AbbouZio4DxaFxNvUfv4tHfIWXaeFWcDxmqQ+mndXVjgeDa9RdsmBEEpcz+zspUKKxQl8zZQ1qCN3tQmuHHwqx4jaOQ4CImao0sI0IlWo0eXuZZnApcQlE+m6ZqJCdqXrCBZ8Ctj5WegBG8MlX+s7mHjxhTGgLGF1GIshEXnSjbK4h9xhsg2s6aVgsoD9wQeairgWNTSUY6zRJwU1Tuo0TXA8VoukW94rOSQXcta+jnoCm18pwAlxzHnFGMUzQgx51H7j0aFGq9hgSpqLlNqt6moEwXO7cs/GIU2JnaL3GiRlDfBg5e62oX5Gy5WxtxF5UdQUhxXvzMC5+i8lZyOjbI5OhMsx1+C8UAgeC4SzF3mK++bMs+L0/9H9IryfDQqDg23vdd55IlM/3vK85Q6pY4cvvvOZRW3mTQ51XwIjXSJRm2RnaY6kUKhn1lcorW4LeWHTbO9bKo9Wg1qOouvV8Z5DXWqztv1nq5vO4rB4qeAzq8QBNpIFhSxxulUqCqLFXhjH9q+XXsLV/GRopLrrcvvwznWxuMwWgwf+v1EQyT5PXSIqof2vzoKvcanXUhL8wB5sDgz1pfs/PwsSvYJOHUuEL+pEq7Mc2hkxk3dEIYZrqFuFJKgd+xmwnQWSV2yYjTKXp1T/fI4CboJ9APwO9SijCxIU2BitLdGKbQ3oKHqpwEHj8S8yfRy7vp54D3w1SXS/znxm0uFtxvNZ2ilESUr6pE71qk8RUknphBfv0ohFr2SqlmyI9mmnREsTuj4uQl+f3AfISjfZTisuxR7pqrEDoWxtdKw3JPt8j6kYXB4ODImFgVqL0FtoaKrZ9asN+VXE2/CPFEo6ijPVdcO/XZ88T3cuxfHk2ziVXt57cVLBrd8hSKoVN4jZ7idzX/Dp+v+8vj6SLt5u2X75Zzkc2N8yfKvsOjy3e0ez4vRnsbExbd9zYjLarcoLnERqkrq6gq0UNSj2xywTQP2CqwoWY21sZsMWpCK/N4Uo9GNPNFG4NIdiJ9vhZJ+3Y8W8c3L5ycR5UemW+mB7ZdLTngm5s+AUMxbsLmSi7wDOu8NHjFVo7839i4txa63tCSF0fQhFNBC6vHDoUFwNkZM9dLCZPvdNn3EmwaCw/IsO03mN6DlEp3v4kTP8/67IK87rRvUQIX5+RtPvvHkizyh5VrRV5jt5hfBs6XHvwAAAP//AQAA//8IlUPaegwAAA==" | base64 -d | gzip -d > conf/cluster_spec.yaml echo "H4sIAAAAAAAA/6qu5QIAAAD//wEAAP//BrCh3QMAAAA=" | base64 -d | gzip -d > conf/ig_spec.yaml -echo "H4sIAAAAAAAA/8RWTY/kthG9968gFjB8cUv8EClS8MHObGIv4nEWdnIOimSxWxg12SGpnl3/+kBS93hmHQfxZp2cJJGPVa+qXrH0dSlYy7AjBE5edcvLnjhhe6GCp4FS0SvpGPfGBO6MkaCFMqh4x0L31bHWcxnattSU4YDNIaXDhHAeS+PSqX2YLeaIFcs+44RQsL09L6xhXUNbO8Z2GuP8rl39r0cmrCuNHgUIBKUEkyIYSp31khtKQRhnWAAThOgs/k40XJ1WGsIBk44C04haUMmpCwKM7Ki2qLly1nMpgUkhQWikFo2i2nIJXtugPiZLEetjyg/78zQfxlhaF8fb+34luL/Qpm9kUw8/bRw7FYwwnTACUXsrg7aeIecG0XhDUVqhjGDW+152YqEHqLTWnfdKc/7E0afHOCXwjU/uAfNKcEtMqVBHtzzshO07rf6uunZD7ZluqGrE3uGVEeTTTUw+LEnpZK8oV8IIKqVzru8d9Q57oRg3RknFPm0VF/8vxESZ41bZTnihrLIBgtMURC96YZhjBm2wGrz8nWjcxNQHdIZB6DUa2WkfBFWBouuERZC8d9ox6pwAozR3QqDpmdOSc+iD8+g/tZgWgh+KyWOw3DlnpKOaSy0EZ8ppa5AikxYAJLMOvRUYHAvCiCCF5J7pziP47jeLCSC746+q6W6aS8X8PZxwIC6dzhlLafAdnM4TLjZ3dymG8fAHKDiQE57C4tttp14A2395+k0sFaLDb3Kaz5uXEyxn93PZVyx1z+Al6Ic04UDuV9Duz5vINg7rRRpTfH9Kc/l6rseBBJgK7ghxh+1oqgNpl+8pzf5tTpfRYx4IPJZ1cWX9+vsfB8IobVTX0IbRZzvpBGMcbp/NlBwsysK4ZPI12vlwGOPhW4h+wlwGUvO8eMfL6OqY4reQ/ZqklN83cIFxWs59ySi9H7+IyWMoL5Y/uy2Oy7P8KSN+KT/7YjzB4ZfQ2+oL7I6QgFDnjN9AxXXUEPLHd2fM4wljhekuj3V0ML1N/usY06KMFAfyamH+akfIMZUa4YR/uWDOo8eBfP4VPJbPd4SsnbUm/i0suW4vkNtptLfOb38G7AiZ0uE7vOA0EL4j5NoWb9dOuP/r3wZiKGUfbmx6WMzE9SJZIvsOLE7XQH7ut2ZMbV6Fsaln3V7g+2W1eQl0Kdacpv15gogDefXq36I3g1dYTPEeyj9mzODx7s3rH54phbarVs7Jv4khw12KFcaI+c1SmIE86NIcXF5MnmEuOIiGb/B7iGPAUq9pxOqe3STt6bq7KDTjYVzY/OiO6Oe19jeNuyPEuGZm/9vbsAXvUyytTamWmuG8v5pr3sNp2mF1TyQ/0sFTFEt4vl36aLP9CYzhBWMtm7lzTjUt2duy/vzXipAjlONAeitcHxR464Exy9D1HbVeWaOM013gnbE9ImqmIRgZuBecGSWo1ryToDe1rNJ88jawhpmG7mE6H6ERK6SkObtbz+3J7V6GXMcArpZmUcSYlokFecTSPqRzaV8aateuLu2To+0PpKmQm3VgPLd8GOtxth9Mos3qdRyVp6mwzstfOtr/R46W/fl84U0RDZzgpxTh8ToBPyKEp9+VW4GU4T11YBxzRlKLSkLoqBA9+OAcOgo910bQAILzzlrqOWodmF7GIYL/PxdoCed/UqBfd/TfFui55X8CAAD//wEAAP//ko7PaqUMAAA=" | base64 -d | gzip -d > conf/kube_env.yaml +echo "H4sIAAAAAAAA/8RWXa/jttG+968QAgS5iSR+fwi5SN5dvM2i2XSx+QHFkBzawpFFl5R99uTXF5Rs7zlptm3SbHslm3w483DmmRl+VwouZdg1DRyDEvVH28TIBGNSUy88RausQq50lJFJoZSzKjqFktDIDGBgNgoqHJVMgGQBgXx7WJZTGfq+LCnDHrt9SvsJ4TSWzqdj/3B2mGdcsLQZJ4SC/e17oR0jHendOPfTOJ8/9Cuv9ciEy0oPpLGSEB05p5GYwJAYho4yIY1WwgorpY2cOO+lQ0CmPDeRI9NMMMX8Z6Lnl2mlZ7U2TFjOglRKew1cAyjg3jkQhBICymiO2gWr0XA0Dg3XyFFDDATMv6RnSgt5GSP4pbR+Hj+yI53pdO/nsT1N5/04l3Yl2a4k2227W/Y/bzwjRc8McqnBRGrQSkUps4xbD9F6YogOWmipkFHvFVdcex0DAkQ0Qt95hvQ4TwlCF5J/wLyS3IJTFlhGXz9uwv6DUX9Vot9QLbUd4R0VVz6Qjzf5CQ1OecE0j547R7wz6K2kmmkaLJXGEi9BOYJSOGYtxXoB51BrRxSKPza/ldcL+TGJQihpNPHWUqVReaGUYhyDiUQCDYxE550wHpxSxlBiubFOsmC0Yvwz0bvJD5DyoJ30RLpADUGwTjplohAuAGgXnaCEC2AYaVAmBoOUSautDkqw+DnkV0n+Un6GS4IAxBOrpHMGnQ1CAqEiCqc0M94aqamMUgmliNYhooroVhFIan6z/ACyP3xCf6+mc1kw/whHHBqfjqeMpXT4AY6nCavF3as0x3H/f1BwaI54jNWz3069APa/evrNXBaYPf4pp/Np83KEerY9l3bBsrQUXoLepwmH5u0K2v15k9/GYW3Wc5qfjulcvjsvh6GJMBXcNY3f16Ov83jBPDTlqSx4DPf19yktQ9PX/1M6h3c5XcZQgfBY1sX1Nq9//GloKCGdEh3pKHm2k44wzsPtbzclD1VzONf4vkZ33u/Hef89zGHCXIZmyefKCi+jX8Y0fw85rMFL+amDC4xTPfcNJeTt+PWcAsbyYvnL2+JYv+X/M+I38suvxyPs/xF6W32B3TXNIZVlhiP+5YI5jwGH5qtv4bF8tWuatWrWkL6DGsX+ArmfRner9v4jYNc0U9r/gBechobtmmbG5THlh3erzq+ymce6kQL+AA6ndahuTrZq7sbU5zWrW+rX7Qpv62r3EujTvOQ0tacJZhyaL774p+jN4BU2p/ktlL+dMUPAV29ev3+WTtKvCT2l8GaOGV6leYFxxvymRm9oHkzp9j5Xkyc4Fxx4xzb4W5jHiGW5RgoX/6xP9cfrbpVRxv1Y2fzkDxjOa4JuAvUHmOc1Mu1vr6EeQkhz6V1KS1kynNqrue4JjtMOF38n+Tsd3G9Rrxf6KvbN9h9gDC84L2Uzd8ppSTV6W9Sfv72a5gDlMDTaca+jguACUOooei2IC/XtZb0RkQnrNCIaaiBaGVngjFrFiTFMSDCbWlZZ3r0NtKs9r4XpdICOr5CSztnjVaptc2up9/7eVUWMqQ4cyCOW/iGdSv/SUL+WXunvjrbnRrdA7tZe/9zyflwOZ/eLObdZvY6Rcm/oddz9iqP233JU98+nC+sK7+AIP6cZHq8D7Hdc4f46uSVIWaaJB+upt5I4VBKiIJxrCNF79AQ0M5aTCJwx4RwJDE19ZdHILUL4HyeoXue/kqBPO/pPE/Tc8jboX5T/Az4NzYY8jQXzBXN7QJiWgz+gf6hdbW1lH+v0+lr49Jmtev8OAAD//wEAAP//xoctYTINAAA=" | base64 -d | gzip -d > conf/kube_env.yaml download-release echo "== nodeup node config done ==" diff --git a/tests/integration/update_cluster/compress/data/aws_launch_template_nodes.compress.example.com_user_data b/tests/integration/update_cluster/compress/data/aws_launch_template_nodes.compress.example.com_user_data index e4e81f490e..75c51dc9eb 100644 --- a/tests/integration/update_cluster/compress/data/aws_launch_template_nodes.compress.example.com_user_data +++ b/tests/integration/update_cluster/compress/data/aws_launch_template_nodes.compress.example.com_user_data @@ -141,11 +141,11 @@ function download-release() { echo "== nodeup node config starting ==" ensure-install-dir -echo "H4sIAAAAAAAA/3xT3U7bTBC991OMkBA3iX/4E6xA+lDytURqIErpA0zssdlmPWP2x5A+fbVO0hSQemXvObO7c87ZKY2EaiJc60YBB2OSUtijZrLLwF63pKCSck32QFQqAXBr3c3YeTRGgbeBkm1Z5HQ3R/eioEbjaFg/4cqQOyBGmqnVPVkFP53wuNZmB3+jnowCzbVsgcfOxzPH0OLb2OlfdFvk7R8gbry9iP14sdiQAunJGtycjnY/Iwy1SwB6sk4LKyiu0vwyPUvWYUULK2+beHxpgvNkJ7PpUkGR5+n1ZZqneVYUkezCkl4COT9w8fZncZ6xpceerNUVKTj5D1/dSVTbDn2sr1zalDbVksWbxt1wVV+kxXmav9N6OrRiaNCJLLxpJbi74J8PhpWNldAtRbyCbOhXQrWw0usqmoiv7iBi+vB9q+HyPM3TIv+LkRY1q/0yNVKiSQCIYz5TWoWm0dzcI1eGrNsFC0C9Lr0WvkdbKWipFbtJsUdt4r6bIs/nesRSUe3ewcd7UMev+2KJbi6OR4NDn0r36LvaBKAm9MHSV/TkokMA/791ZHVL7NFMrPa6RLOQ6o5ZPPoh5KPY+dG/g4qul8PTX2D0OuvRZkavsl0c2aHgQ14ATP5V7HphQqN5/vRDwXWeFx+JB4zzE49h8pEUjpMRyGJFh7c25JRnQ1KdVDOuLU720zb79Jw6DI7UWXq6LZ8j65qc34kgXw6NWyZPLmt3rEt+AwAA//8BAAD//yusPHfrAwAA" | base64 -d | gzip -d > conf/cluster_spec.yaml +echo "H4sIAAAAAAAA/3yTTW/bPAzH7/4URIGil0SW0xc8FRrgGRoMLbC2QbbbMAyKRbtaZNHVi9sM+/CDlKReV2AnW3+SIvkjVRuK6ppso1sBNhpT1GSD1BbdKtqgOxSgqN6gGw1KFAB1jnkY0DmtUMCvAgBAaS/XBtX33sRWWw9z+HpUO330rQAw1H7CAY0AbRsqdtemu/AF64c+pN8pWBn0gKxuHcVeOT2gm/utD9ipAkD3d9I/CWik8ZjPX1JCPyqG2kWOEvDDk5022uD75Fl4zdnJl6nXP3Fe8e5VSIHz8wLAB3KyRQE0oDNyO5vsfyYyNr4AGNB5TVZAdcn4KavOik1c49LRyzajMtEHdNe3i5WAinN2ecE442VVJWMfV/gU0YdsS+kfyQcrOxzhnvwvn/1JarfLhWz+86ytHdNUpkzTPqcaKjbjjL9pdpZLMZgblZbstqPoP8TwOBLboT5AG1nv9BVREFDmPiiqpaNBq+Qon/3Y3OL+8663izPGWcX/sFAntRWHIzNUS5OGbtPgFriObatteyOtMui8gOBiqgoHXQdN9kY6JaDDjtyWyUFqk+KuKs7v9MSSwsa/kY8Pok5f/9EhXp0fTzK5d64H9Y3vv0eQeO6WfykTxXKQrjR6Xe5Bl6PDX5MAsBieyW2W+XHcy/S4aquTgWza64hOKhwXJcPkZcbZk7q1jZPXh2d4+24Xehk9ilM227nfSasb9GFfJ4Y61+YsBvRlt7f64jcAAAD//wEAAP//bcxyLQQEAAA=" | base64 -d | gzip -d > conf/cluster_spec.yaml echo "H4sIAAAAAAAA/6qu5QIAAAD//wEAAP//BrCh3QMAAAA=" | base64 -d | gzip -d > conf/ig_spec.yaml -echo "H4sIAAAAAAAA/7RVz5PcJha+919BTZXLF7cEQiBQ+WDveNeeWo93ypucUw94aFQjQQdQzzh/fUrq6djjJAen7JPg/fz4+B56nTOW3O8IgdnJdl3sieWm49I76inlnRSWNU5r31itBSguNcqmZb59dVvKIfd1nUtMMGA1xDhMCIcxVzbO9d1iMAUsmPcJJ4SM9fl7ZBVrK1qbMdTTGJaHeuu/pUxYNhgdcuAIUnImuNeUWuNEoykFrq1mHrTnvDX4g2DYMm0wuAUmLAWmEBWnoqHWc9CipcqgaqQ1rhECmOACuEJqUEuqTCPAKePlP2EpYLmP6W5/mJZhDLm2YTyv9xvA/ZFWXSWqMvx2wthKr7luueaIyhnhlXEMm0YjaqcpCsOl5sw414mWr/AApVKqdU6qpvkDo4v3YYrgKhftHaYN4ImYXKCMdv2YCesHJX+RbX2K2jNVUVnxvcVHRJDms5icX0lpRSdpI7nmVAhrbddZ6ix2XLJGaykk+763uPZ/IibKbGOkabnj0kjjwVtFgXe845pZptF4o8CJHwTjLKbOo9UMfKdQi1Y5z6n0FG3LDYJoOqsso9Zy0FI1lnPUHbNKNA103jp031tMK8CvxeTQm8Zaq4WlqhGK84ZJq4xGikwYABDMWHSGo7fMc8294KJxTLUOwbXfLCaAZG//Vk2X05ILpg8wY09snA8Jc67wAebDhGvN3WUMfhz+BRl7MuPs1972lPUksP7L7KuQCwSLb1NcDqcuITrMTx0f44Q9+RAd7v57ktWp6/Z0hhg+zXHJr5dy2xMPU8YdIXY4JcbSk3rdT3FxNykeR4epJ3CfN+OG882H//eEUVrJtqIVo1944gxj6M/baooWVi1hWLl7g2YZhjEM7yC4CVPuSUnL2h2Poy1jDO8guY2WmD5VcIRxWvNeMkqvxxfrQX1+Yn52No4bC/9JiC/FsxfjDMOfQ8/WJ7E7QjxCWRK+hYLbz4WQfz8cMI0zhgLTZRrLaGG6ie51CHHVQgw9uViRX+wIuY25BJjxf0dMaXTYk+ev4D4/3xGyzdJG/A2sXNdHSPU0mvOs158DdoRMcXiPR5x60uwIeRyEm0371z/93BNNKfvacVLAWiZsT8d6svdgcHo8yOcJq8ZYp00Wa8zmXBf71VY9DVvtPbm42OqFa8i/LpjA4eXVm49f3Dutt5s/RHcVfILLGAqMAdPVSnNP7lSuBpvWggdYMva8ak7h1xBGj7k8koLFfvES1POjN+/sLYSwHWX/7ZNSg3Mx5NrEWHJJcNg/lqs+wTztfgcAAP//AQAA///I7JLqSwgAAA==" | base64 -d | gzip -d > conf/kube_env.yaml +echo "H4sIAAAAAAAA/7SV3Y7UuBLH7/spIiTEDZ34+yPiAs6MzmF0gEXsA6zKdjkTTWL32ukeZp9+lfQ0MPuhFdJylaTqX/bP5b+dN7XiUvtd08AclFhf9k2MTDAmNfXCU7TKKuRKRxmZFEo5q6JTKAmNzAAGZqOgwlHJBEgWEMjr22U51L7r6pILDNgOOQ8TwmGsrc9zd3d0WBIuWPcFJ4SK3eV5oi0jLencmLppTMfP3ca1lUy4bHggjZWE6Mg5jcQEhsQwdJQJabQSVlgpbeTEeS8dAjLluYkcmWaCKeZ/EJ5fpg3Pam2YsJwFqZT2GrgGUMC9cyAIJQSU0Ry1C1aj4WgcGq6Ro4YYCJh/xDN1D2UZI/il7n0av9KR1rS682ncH6bjMKa63yD3G+T+nG6X4bczZ6TomUEuNZhIDVqpKGWWceshWk8M0UELLRUy6r3iimuvY0CAiEboL5wh36cpQ2hD9ndYNshzc+oCy+jXh5uw+2zUL0p0Z9We2pbwlopHHijzxX5Cg1NeMM2j584R7wx6K6lmmgZLpbHES1COoBSOWUtxXYBzqLUjCsW/u78r1xP7MYlCKGk08dZSpVF5oZRiHIOJRAINjETnnTAenFLGUGK5sU6yYLRi/AfhXewHSHnQTnoiXaCGIFgnnTJRCBcAtItOUMIFMIw0KBODQcqk1VYHJVj8EfZbIf9oP8MlQQDiiVXSOYPOBiGBUBGFU5oZb43UVEaphFJE6xBRRXSbCSQ1320/gOJv/8Z/V9OxLlg+wIx94/N8KFhri59hPky4jri7yimOw3+gYt/MOMd1Zn+ueiLs/rL6JtUFksf/lXw8nGdJOWB9mviUJ+ybDzng7v9nw51n3a7nlNPDnI/1zXG57ZsIU8Vd0/hhLbwu4wlL39SHuuAcvsQ/5bz0Tbd+T/kYPpZ8GsMqhPu6BTf+6w8/9w0lpFWiJS0l32TyDGPqL5/tlD2sLsO0dvQa3XEYxjS8hRQmLLVvlnJcqfA0+mXM6S2UsLUrl4cWTjBOa90rSsj78eXagFifhJ9fguPWnf8WxFfy+ctxhuHP0kv0iXbXNLe5Lglm/OmEpYwB++bFa7ivL3ZNs52TraUfYe1id4LSTaO7nO/uq2DXNFMe3uEJp75hu6ZJuNzncvdxc/ajUdK4JnLAd+Bw2n6j50nO57cdc1e2PV01W3J92a+x9qlsjffNs2fbeOk91F+PWCDg1c31p282h3Tb9hxyuEmxwFVOC4wJy83ai765M7UdfFkHPMCxYs9bdpa/hzRGrMvjunHx39wz3fyYrTt/CyltS9l/v807CCGn2rmcl7oUOOwfh2sfYJ52vwMAAP//AQAA//83fqhYbAgAAA==" | base64 -d | gzip -d > conf/kube_env.yaml download-release echo "== nodeup node config done ==" diff --git a/tests/integration/update_cluster/compress/in-v1alpha2.yaml b/tests/integration/update_cluster/compress/in-v1alpha2.yaml index 7478b33f42..ad46d9948d 100644 --- a/tests/integration/update_cluster/compress/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/compress/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.compress.example.com masterPublicName: api.compress.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/containerd-custom/cloudformation.json b/tests/integration/update_cluster/containerd-custom/cloudformation.json index 19dae3ec61..9bcea33281 100644 --- a/tests/integration/update_cluster/containerd-custom/cloudformation.json +++ b/tests/integration/update_cluster/containerd-custom/cloudformation.json @@ -561,20 +561,6 @@ "IpProtocol": "-1" } }, - "AWSEC2SecurityGroupIngressfromnodescontainerdexamplecomingress40to0masterscontainerdexamplecom": { - "Type": "AWS::EC2::SecurityGroupIngress", - "Properties": { - "GroupId": { - "Ref": "AWSEC2SecurityGroupmasterscontainerdexamplecom" - }, - "SourceSecurityGroupId": { - "Ref": "AWSEC2SecurityGroupnodescontainerdexamplecom" - }, - "FromPort": 0, - "ToPort": 65535, - "IpProtocol": "4" - } - }, "AWSEC2SecurityGroupIngressfromnodescontainerdexamplecomingressall0to0nodescontainerdexamplecom": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { diff --git a/tests/integration/update_cluster/containerd-custom/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/containerd-custom/cloudformation.json.extracted.yaml index bf6a53a8cb..2acf541ba0 100644 --- a/tests/integration/update_cluster/containerd-custom/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/containerd-custom/cloudformation.json.extracted.yaml @@ -181,6 +181,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -200,7 +202,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.19.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -215,6 +217,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.containerd.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -224,7 +227,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti clusterCIDR: 100.96.0.0/11 clusterName: containerd.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.19.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -233,15 +236,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.19.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -256,6 +260,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -280,13 +285,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 0000000000000000000000000000000000000000000000000000000000000000@https://github.com/containerd/containerd/releases/download/v1.3.9/cri-containerd-cni-1.3.9-linux-amd64.tar.gz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 6e3f80e8451ecbe7b3559247721c3e226be6b228acaadee7e13683f80c20e81c@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.0.tgz ClusterName: containerd.example.com @@ -295,6 +300,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -518,10 +524,11 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -545,13 +552,13 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 0000000000000000000000000000000000000000000000000000000000000000@https://github.com/containerd/containerd/releases/download/v1.3.9/cri-containerd-cni-1.3.9-linux-amd64.tar.gz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 6e3f80e8451ecbe7b3559247721c3e226be6b228acaadee7e13683f80c20e81c@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.0.tgz ClusterName: containerd.example.com @@ -560,6 +567,7 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 diff --git a/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml b/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml index 80742409d0..3b8318988e 100644 --- a/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml @@ -31,12 +31,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.19.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.containerd.example.com masterPublicName: api.containerd.example.com networkCIDR: 172.20.0.0/16 networking: - calico: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/containerd/cloudformation.json b/tests/integration/update_cluster/containerd/cloudformation.json index 19dae3ec61..9bcea33281 100644 --- a/tests/integration/update_cluster/containerd/cloudformation.json +++ b/tests/integration/update_cluster/containerd/cloudformation.json @@ -561,20 +561,6 @@ "IpProtocol": "-1" } }, - "AWSEC2SecurityGroupIngressfromnodescontainerdexamplecomingress40to0masterscontainerdexamplecom": { - "Type": "AWS::EC2::SecurityGroupIngress", - "Properties": { - "GroupId": { - "Ref": "AWSEC2SecurityGroupmasterscontainerdexamplecom" - }, - "SourceSecurityGroupId": { - "Ref": "AWSEC2SecurityGroupnodescontainerdexamplecom" - }, - "FromPort": 0, - "ToPort": 65535, - "IpProtocol": "4" - } - }, "AWSEC2SecurityGroupIngressfromnodescontainerdexamplecomingressall0to0nodescontainerdexamplecom": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { diff --git a/tests/integration/update_cluster/containerd/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/containerd/cloudformation.json.extracted.yaml index a4d38b4d41..dce675b98b 100644 --- a/tests/integration/update_cluster/containerd/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/containerd/cloudformation.json.extracted.yaml @@ -163,6 +163,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -182,7 +184,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.19.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -197,6 +199,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.containerd.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -206,7 +209,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti clusterCIDR: 100.96.0.0/11 clusterName: containerd.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.19.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -215,15 +218,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.19.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -238,6 +242,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -262,13 +267,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 2697a342e3477c211ab48313e259fd7e32ad1f5ded19320e6a559f50a82bff3d@https://github.com/containerd/containerd/releases/download/v1.4.3/cri-containerd-cni-1.4.3-linux-amd64.tar.gz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 6e3f80e8451ecbe7b3559247721c3e226be6b228acaadee7e13683f80c20e81c@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.0.tgz ClusterName: containerd.example.com @@ -277,6 +282,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amasterscontainerdexamplecom.Properti InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -482,10 +488,11 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -509,13 +516,13 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 2697a342e3477c211ab48313e259fd7e32ad1f5ded19320e6a559f50a82bff3d@https://github.com/containerd/containerd/releases/download/v1.4.3/cri-containerd-cni-1.4.3-linux-amd64.tar.gz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 6e3f80e8451ecbe7b3559247721c3e226be6b228acaadee7e13683f80c20e81c@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.0.tgz ClusterName: containerd.example.com @@ -524,6 +531,7 @@ Resources.AWSEC2LaunchTemplatenodescontainerdexamplecom.Properties.LaunchTemplat InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 diff --git a/tests/integration/update_cluster/containerd/in-v1alpha2.yaml b/tests/integration/update_cluster/containerd/in-v1alpha2.yaml index 691430775a..34bf416be9 100644 --- a/tests/integration/update_cluster/containerd/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/containerd/in-v1alpha2.yaml @@ -22,12 +22,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.19.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.containerd.example.com masterPublicName: api.containerd.example.com networkCIDR: 172.20.0.0/16 networking: - calico: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/docker-custom/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/docker-custom/cloudformation.json.extracted.yaml index c7ff560032..27b87fcdfb 100644 --- a/tests/integration/update_cluster/docker-custom/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/docker-custom/cloudformation.json.extracted.yaml @@ -141,6 +141,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -164,6 +166,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -183,7 +187,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.19.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -198,6 +202,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.docker.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -206,8 +211,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: docker.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.19.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -216,15 +221,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.19.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -234,13 +240,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -250,8 +256,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -267,13 +272,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 000000000000000000000000000000000000000000000000000000000000000a@https://download.docker.com/linux/static/stable/x86_64/docker-20.10.1.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 000000000000000000000000000000000000000000000000000000000000000b@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.1.tgz ClusterName: docker.example.com @@ -282,6 +287,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -291,8 +297,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersdockerexamplecom.Properties.L hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -472,6 +477,8 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -490,10 +497,11 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -503,8 +511,7 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -519,13 +526,13 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 000000000000000000000000000000000000000000000000000000000000000a@https://download.docker.com/linux/static/stable/x86_64/docker-20.10.1.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 000000000000000000000000000000000000000000000000000000000000000b@https://download.docker.com/linux/static/stable/aarch64/docker-20.10.1.tgz ClusterName: docker.example.com @@ -534,6 +541,7 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -543,8 +551,7 @@ Resources.AWSEC2LaunchTemplatenodesdockerexamplecom.Properties.LaunchTemplateDat hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml b/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml index d48b24a732..1ca10a9235 100644 --- a/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml @@ -28,12 +28,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.19.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.docker.example.com masterPublicName: api.docker.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1a.masters.existing-iam.example.com_user_data b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1a.masters.existing-iam.example.com_user_data index a11dec4914..e10e45a755 100644 --- a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1a.masters.existing-iam.example.com_user_data +++ b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1a.masters.existing-iam.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existing-iam.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existing-iam.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existing-iam.example.com ConfigBase: memfs://tests/existing-iam.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1b.masters.existing-iam.example.com_user_data b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1b.masters.existing-iam.example.com_user_data index b575f831e6..2b38567eac 100644 --- a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1b.masters.existing-iam.example.com_user_data +++ b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1b.masters.existing-iam.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existing-iam.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existing-iam.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existing-iam.example.com ConfigBase: memfs://tests/existing-iam.example.com InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1c.masters.existing-iam.example.com_user_data b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1c.masters.existing-iam.example.com_user_data index 0f07c82e49..828a54ed09 100644 --- a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1c.masters.existing-iam.example.com_user_data +++ b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_master-us-test-1c.masters.existing-iam.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existing-iam.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existing-iam.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existing-iam.example.com ConfigBase: memfs://tests/existing-iam.example.com InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_nodes.existing-iam.example.com_user_data b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_nodes.existing-iam.example.com_user_data index 7d42dc9d4b..0125fbed17 100644 --- a/tests/integration/update_cluster/existing_iam/data/aws_launch_template_nodes.existing-iam.example.com_user_data +++ b/tests/integration/update_cluster/existing_iam/data/aws_launch_template_nodes.existing-iam.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existing-iam.example.com ConfigBase: memfs://tests/existing-iam.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml b/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml index dbe201bae6..cb7f9d927b 100644 --- a/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml @@ -31,11 +31,11 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterPublicName: api.existing-iam.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 roleCustomIamRoles: Master: foo diff --git a/tests/integration/update_cluster/existing_iam_cloudformation/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/existing_iam_cloudformation/cloudformation.json.extracted.yaml index fada129274..6cc070b593 100644 --- a/tests/integration/update_cluster/existing_iam_cloudformation/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/existing_iam_cloudformation/cloudformation.json.extracted.yaml @@ -137,8 +137,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -147,16 +151,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -176,9 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,46 +216,42 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -266,34 +267,32 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -322,6 +321,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -466,8 +468,12 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -476,28 +482,26 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -512,34 +516,32 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml b/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml index 61d9157efc..b101fbaae2 100644 --- a/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal.example.com masterPublicName: api.minimal.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1a.masters.existingsg.example.com_user_data b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1a.masters.existingsg.example.com_user_data index 81b7b651d1..6c8a114176 100644 --- a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1a.masters.existingsg.example.com_user_data +++ b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1a.masters.existingsg.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existingsg.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existingsg.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existingsg.example.com ConfigBase: memfs://clusters.example.com/existingsg.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1b.masters.existingsg.example.com_user_data b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1b.masters.existingsg.example.com_user_data index 2e71332731..cea01daeb9 100644 --- a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1b.masters.existingsg.example.com_user_data +++ b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1b.masters.existingsg.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existingsg.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existingsg.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existingsg.example.com ConfigBase: memfs://clusters.example.com/existingsg.example.com InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1c.masters.existingsg.example.com_user_data b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1c.masters.existingsg.example.com_user_data index ebda72db9b..4c9c613699 100644 --- a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1c.masters.existingsg.example.com_user_data +++ b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_master-us-test-1c.masters.existingsg.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.existingsg.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: existingsg.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existingsg.example.com ConfigBase: memfs://clusters.example.com/existingsg.example.com InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_nodes.existingsg.example.com_user_data b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_nodes.existingsg.example.com_user_data index f08780b034..4e168ab1e7 100644 --- a/tests/integration/update_cluster/existing_sg/data/aws_launch_template_nodes.existingsg.example.com_user_data +++ b/tests/integration/update_cluster/existing_sg/data/aws_launch_template_nodes.existingsg.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: existingsg.example.com ConfigBase: memfs://clusters.example.com/existingsg.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml b/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml index 03f1a63190..250bc70a25 100644 --- a/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml @@ -32,12 +32,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.existingsg.example.com masterPublicName: api.existingsg.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/externallb/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/externallb/cloudformation.json.extracted.yaml index 115b23358c..03dbf3534e 100644 --- a/tests/integration/update_cluster/externallb/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/externallb/cloudformation.json.extracted.yaml @@ -137,8 +137,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -147,16 +151,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -176,9 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.externallb.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: externallb.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,46 +216,42 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -266,34 +267,32 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externallb.example.com ConfigBase: memfs://clusters.example.com/externallb.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -322,6 +321,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersexternallbexamplecom.Properti - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -466,8 +468,12 @@ Resources.AWSEC2LaunchTemplatenodesexternallbexamplecom.Properties.LaunchTemplat cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -476,28 +482,26 @@ Resources.AWSEC2LaunchTemplatenodesexternallbexamplecom.Properties.LaunchTemplat - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -512,34 +516,32 @@ Resources.AWSEC2LaunchTemplatenodesexternallbexamplecom.Properties.LaunchTemplat cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externallb.example.com ConfigBase: memfs://clusters.example.com/externallb.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/externallb/data/aws_launch_template_master-us-test-1a.masters.externallb.example.com_user_data b/tests/integration/update_cluster/externallb/data/aws_launch_template_master-us-test-1a.masters.externallb.example.com_user_data index e76e116fc0..a5315fa92a 100644 --- a/tests/integration/update_cluster/externallb/data/aws_launch_template_master-us-test-1a.masters.externallb.example.com_user_data +++ b/tests/integration/update_cluster/externallb/data/aws_launch_template_master-us-test-1a.masters.externallb.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.externallb.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: externallb.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externallb.example.com ConfigBase: memfs://clusters.example.com/externallb.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/externallb/data/aws_launch_template_nodes.externallb.example.com_user_data b/tests/integration/update_cluster/externallb/data/aws_launch_template_nodes.externallb.example.com_user_data index 1e2a9fbaca..52ef1e42cd 100644 --- a/tests/integration/update_cluster/externallb/data/aws_launch_template_nodes.externallb.example.com_user_data +++ b/tests/integration/update_cluster/externallb/data/aws_launch_template_nodes.externallb.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externallb.example.com ConfigBase: memfs://clusters.example.com/externallb.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/externallb/in-v1alpha2.yaml b/tests/integration/update_cluster/externallb/in-v1alpha2.yaml index b0e957d462..31bb53f07e 100644 --- a/tests/integration/update_cluster/externallb/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/externallb/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.externallb.example.com masterPublicName: api.externallb.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_master-us-test-1a.masters.externalpolicies.example.com_user_data b/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_master-us-test-1a.masters.externalpolicies.example.com_user_data index 3f7db4d496..af0b9aa40b 100644 --- a/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_master-us-test-1a.masters.externalpolicies.example.com_user_data +++ b/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_master-us-test-1a.masters.externalpolicies.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 auditWebhookBatchThrottleQps: 3140m authorizationMode: AlwaysAllow @@ -176,9 +182,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.externalpolicies.example.com serviceClusterIPRange: 100.64.0.0/13 serviceNodePortRange: 28000-32767 storageBackend: etcd3 @@ -202,8 +207,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: externalpolicies.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -212,46 +217,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -267,34 +268,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externalpolicies.example.com ConfigBase: memfs://clusters.example.com/externalpolicies.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -323,6 +322,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_nodes.externalpolicies.example.com_user_data b/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_nodes.externalpolicies.example.com_user_data index 8bdb9cec3c..e298210d5b 100644 --- a/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_nodes.externalpolicies.example.com_user_data +++ b/tests/integration/update_cluster/externalpolicies/data/aws_launch_template_nodes.externalpolicies.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: externalpolicies.example.com ConfigBase: memfs://clusters.example.com/externalpolicies.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml b/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml index fda0e8351f..3c93d0a6aa 100644 --- a/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml @@ -33,12 +33,12 @@ spec: auditWebhookBatchThrottleQps: 3.14 kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.externalpolicies.example.com masterPublicName: api.externalpolicies.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nodePortAccess: - 1.2.3.4/32 - 10.20.30.0/24 diff --git a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1a.masters.ha.example.com_user_data b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1a.masters.ha.example.com_user_data index 255e7fd670..cc22ab13ff 100644 --- a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1a.masters.ha.example.com_user_data +++ b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1a.masters.ha.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: ha.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha.example.com ConfigBase: memfs://tests/ha.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1b.masters.ha.example.com_user_data b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1b.masters.ha.example.com_user_data index 4afd7ad64d..8ab184d862 100644 --- a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1b.masters.ha.example.com_user_data +++ b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1b.masters.ha.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: ha.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha.example.com ConfigBase: memfs://tests/ha.example.com InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1c.masters.ha.example.com_user_data b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1c.masters.ha.example.com_user_data index 7355850d2b..5799bcaf61 100644 --- a/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1c.masters.ha.example.com_user_data +++ b/tests/integration/update_cluster/ha/data/aws_launch_template_master-us-test-1c.masters.ha.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: ha.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha.example.com ConfigBase: memfs://tests/ha.example.com InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha/data/aws_launch_template_nodes.ha.example.com_user_data b/tests/integration/update_cluster/ha/data/aws_launch_template_nodes.ha.example.com_user_data index 6e810e2bc7..7e5eef2a51 100644 --- a/tests/integration/update_cluster/ha/data/aws_launch_template_nodes.ha.example.com_user_data +++ b/tests/integration/update_cluster/ha/data/aws_launch_template_nodes.ha.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha.example.com ConfigBase: memfs://tests/ha.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/ha/in-v1alpha2.yaml b/tests/integration/update_cluster/ha/in-v1alpha2.yaml index 67c978c7da..84ad2fe163 100644 --- a/tests/integration/update_cluster/ha/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/ha/in-v1alpha2.yaml @@ -31,11 +31,11 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterPublicName: api.ha.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script index b99f236430..c66ee7014b 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: ha-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha-gce.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -202,8 +207,8 @@ kubeControllerManager: cloudProvider: gce clusterCIDR: 100.96.0.0/11 clusterName: ha-gce-example-com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,48 +216,44 @@ kubeControllerManager: kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -268,37 +269,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha-gce.example.com ConfigBase: memfs://tests/ha-gce.example.com InstanceGroupName: master-us-test1-a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -327,6 +326,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script index 744c4f7cbe..d673a2fa9d 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: ha-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha-gce.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -202,8 +207,8 @@ kubeControllerManager: cloudProvider: gce clusterCIDR: 100.96.0.0/11 clusterName: ha-gce-example-com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,48 +216,44 @@ kubeControllerManager: kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -268,37 +269,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha-gce.example.com ConfigBase: memfs://tests/ha-gce.example.com InstanceGroupName: master-us-test1-b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -327,6 +326,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script index b1fc394893..89f919c2f8 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: ha-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.ha-gce.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -202,8 +207,8 @@ kubeControllerManager: cloudProvider: gce clusterCIDR: 100.96.0.0/11 clusterName: ha-gce-example-com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,48 +216,44 @@ kubeControllerManager: kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -268,37 +269,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha-gce.example.com ConfigBase: memfs://tests/ha-gce.example.com InstanceGroupName: master-us-test1-c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -327,6 +326,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script index 422daf4fe6..5a9ecba8bb 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: ha-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,28 +152,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -184,37 +186,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: ha-gce.example.com ConfigBase: memfs://tests/ha-gce.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/ha_gce/in-v1alpha2.yaml b/tests/integration/update_cluster/ha_gce/in-v1alpha2.yaml index 6f954d061a..8e4b01b6be 100644 --- a/tests/integration/update_cluster/ha_gce/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/ha_gce/in-v1alpha2.yaml @@ -35,10 +35,10 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterPublicName: api.ha-gce.example.com networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 project: testproject sshAccess: diff --git a/tests/integration/update_cluster/launch_templates/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/launch_templates/cloudformation.json.extracted.yaml index 547d2951bc..31ce4dc11b 100644 --- a/tests/integration/update_cluster/launch_templates/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/launch_templates/cloudformation.json.extracted.yaml @@ -141,6 +141,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,12 +155,14 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -178,7 +182,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,15 +216,16 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -229,13 +235,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -245,8 +251,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -262,13 +267,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -277,6 +282,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -286,8 +292,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -467,6 +472,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -479,12 +486,14 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -504,7 +513,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -519,6 +528,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -527,8 +537,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -537,15 +547,16 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -555,13 +566,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -571,8 +582,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -588,13 +598,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -603,6 +613,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -612,8 +623,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -793,6 +803,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -805,12 +817,14 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -830,7 +844,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -845,6 +859,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -853,8 +868,8 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -863,15 +878,16 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -881,13 +897,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -897,8 +913,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -914,13 +929,13 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -929,6 +944,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -938,8 +954,7 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatese hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -1119,6 +1134,8 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -1132,10 +1149,11 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1145,8 +1163,7 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -1161,13 +1178,13 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -1176,6 +1193,7 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1185,8 +1203,7 @@ Resources.AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom.Proper hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1a.masters.launchtemplates.example.com_user_data b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1a.masters.launchtemplates.example.com_user_data index 89ddc883ba..3bb8db07da 100644 --- a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1a.masters.launchtemplates.example.com_user_data +++ b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1a.masters.launchtemplates.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1b.masters.launchtemplates.example.com_user_data b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1b.masters.launchtemplates.example.com_user_data index 5ee6a68ea5..3a3be31ab0 100644 --- a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1b.masters.launchtemplates.example.com_user_data +++ b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1b.masters.launchtemplates.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1c.masters.launchtemplates.example.com_user_data b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1c.masters.launchtemplates.example.com_user_data index 38534e8bbb..08a5d7b965 100644 --- a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1c.masters.launchtemplates.example.com_user_data +++ b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_master-us-test-1c.masters.launchtemplates.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.launchtemplates.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: launchtemplates.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_nodes.launchtemplates.example.com_user_data b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_nodes.launchtemplates.example.com_user_data index 09d98ba784..37c98b4b09 100644 --- a/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_nodes.launchtemplates.example.com_user_data +++ b/tests/integration/update_cluster/launch_templates/data/aws_launch_configuration_nodes.launchtemplates.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,10 +155,11 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -166,8 +169,7 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,13 +184,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: launchtemplates.example.com @@ -197,6 +199,7 @@ InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -206,8 +209,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/launch_templates/in-v1alpha2.yaml b/tests/integration/update_cluster/launch_templates/in-v1alpha2.yaml index dcbeabe9c6..d5e38a9804 100644 --- a/tests/integration/update_cluster/launch_templates/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/launch_templates/in-v1alpha2.yaml @@ -29,12 +29,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.18.9 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.launchtemplates.example.com masterPublicName: api.launchtemplates.example.com networkCIDR: 10.0.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/lifecycle_phases/in-v1alpha2.yaml b/tests/integration/update_cluster/lifecycle_phases/in-v1alpha2.yaml index e5e9baf1fe..e1a04619a8 100644 --- a/tests/integration/update_cluster/lifecycle_phases/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/lifecycle_phases/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.lifecyclephases.example.com masterPublicName: api.lifecyclephases.example.com networkCIDR: 172.20.0.0/16 networking: - weave: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json.extracted.yaml index fada129274..6cc070b593 100644 --- a/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json.extracted.yaml @@ -137,8 +137,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -147,16 +151,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -176,9 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,46 +216,42 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -266,34 +267,32 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -322,6 +321,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -466,8 +468,12 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -476,28 +482,26 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -512,34 +516,32 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/minimal-cloudformation/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal-cloudformation/in-v1alpha2.yaml index 02fcc27152..3a53b802ba 100644 --- a/tests/integration/update_cluster/minimal-cloudformation/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal-cloudformation/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal.example.com masterPublicName: api.minimal.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal-gp3/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/minimal-gp3/cloudformation.json.extracted.yaml index 59b99c29e5..6cc070b593 100644 --- a/tests/integration/update_cluster/minimal-gp3/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/minimal-gp3/cloudformation.json.extracted.yaml @@ -141,6 +141,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -159,6 +161,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -178,7 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.19.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.19.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,15 +216,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.19.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -229,13 +235,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -245,8 +251,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -262,13 +267,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com @@ -277,6 +282,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -286,8 +292,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersminimalexamplecom.Properties. hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -467,6 +472,8 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -480,10 +487,11 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -493,8 +501,7 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -509,13 +516,13 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com @@ -524,6 +531,7 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -533,8 +541,7 @@ Resources.AWSEC2LaunchTemplatenodesminimalexamplecom.Properties.LaunchTemplateDa hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data b/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data index 55a0c32807..ab55c3086a 100644 --- a/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data +++ b/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -158,6 +160,8 @@ etcdClusters: kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.19.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.19.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.19.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_nodes.minimal.example.com_user_data b/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_nodes.minimal.example.com_user_data index 635ba2fa15..0ce27e1d36 100644 --- a/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_nodes.minimal.example.com_user_data +++ b/tests/integration/update_cluster/minimal-gp3/data/aws_launch_template_nodes.minimal.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,10 +155,11 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.19.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -166,8 +169,7 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,13 +184,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3f03e5c160a8b658d30b34824a1c00abadbac96e62c4d01bf5c9271a2debc3ab@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubelet - - 79bb0d2f05487ff533999a639c075043c70a0a1ba25c1629eb1eef6ebe3ba70f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - d8fa5a9739ecc387dfcc55afa91ac6f4b0ccd01f1423c423dbd312d787bbb6bf@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubelet - - d4adf1b6b97252025cb2f7febf55daa3f42dc305822e3da133f77fd33071ec2f@https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com @@ -197,6 +199,7 @@ InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -206,8 +209,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/minimal-gp3/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal-gp3/in-v1alpha2.yaml index 69cefd5ecc..60e3d45050 100644 --- a/tests/integration/update_cluster/minimal-gp3/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal-gp3/in-v1alpha2.yaml @@ -25,12 +25,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.19.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal.example.com masterPublicName: api.minimal.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal-json/data/aws_launch_template_master-us-test-1a.masters.minimal-json.example.com_user_data b/tests/integration/update_cluster/minimal-json/data/aws_launch_template_master-us-test-1a.masters.minimal-json.example.com_user_data index a6c6fc55fd..c650fe9a2b 100644 --- a/tests/integration/update_cluster/minimal-json/data/aws_launch_template_master-us-test-1a.masters.minimal-json.example.com_user_data +++ b/tests/integration/update_cluster/minimal-json/data/aws_launch_template_master-us-test-1a.masters.minimal-json.example.com_user_data @@ -1 +1 @@ -IyEvYmluL2Jhc2gKc2V0IC1vIGVycmV4aXQKc2V0IC1vIG5vdW5zZXQKc2V0IC1vIHBpcGVmYWlsCgpOT0RFVVBfVVJMX0FNRDY0PWh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FtZDY0L25vZGV1cCxodHRwczovL2dpdGh1Yi5jb20va3ViZXJuZXRlcy9rb3BzL3JlbGVhc2VzL2Rvd25sb2FkL3YxLjE5LjAtYWxwaGEuMy9ub2RldXAtbGludXgtYW1kNjQsaHR0cHM6Ly9rdWJldXB2Mi5zMy5hbWF6b25hd3MuY29tL2tvcHMvMS4xOS4wLWFscGhhLjMvbGludXgvYW1kNjQvbm9kZXVwCk5PREVVUF9IQVNIX0FNRDY0PTY5ODBmZGE0ZmEzN2JiZGMwNDM3MzhjZjRkZGFjNjM4OGViNTdmNTYxODk1YzY5Mjk5YzFiMGVlMjYzZDQ2NWQKTk9ERVVQX1VSTF9BUk02ND1odHRwczovL2FydGlmYWN0cy5rOHMuaW8vYmluYXJpZXMva29wcy8xLjE5LjAtYWxwaGEuMy9saW51eC9hcm02NC9ub2RldXAsaHR0cHM6Ly9naXRodWIuY29tL2t1YmVybmV0ZXMva29wcy9yZWxlYXNlcy9kb3dubG9hZC92MS4xOS4wLWFscGhhLjMvbm9kZXVwLWxpbnV4LWFybTY0LGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FybTY0L25vZGV1cApOT0RFVVBfSEFTSF9BUk02ND1kY2M3ZjlmM2MxODBlZTc2YTUxMTYyN2U0NmRhMGFjNjljZGNiNTE4Y2RmM2JlMzQ4ZTVlZDA0NmQ0OTFlYjg3CgpleHBvcnQgQVdTX1JFR0lPTj11cy10ZXN0LTEKCgoKCmZ1bmN0aW9uIGVuc3VyZS1pbnN0YWxsLWRpcigpIHsKICBJTlNUQUxMX0RJUj0iL29wdC9rb3BzIgogICMgT24gQ29udGFpbmVyT1MsIHdlIGluc3RhbGwgdW5kZXIgL3Zhci9saWIvdG9vbGJveDsgL29wdCBpcyBybyBhbmQgbm9leGVjCiAgaWYgW1sgLWQgL3Zhci9saWIvdG9vbGJveCBdXTsgdGhlbgogICAgSU5TVEFMTF9ESVI9Ii92YXIvbGliL3Rvb2xib3gva29wcyIKICBmaQogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2JpbgogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2NvbmYKICBjZCAke0lOU1RBTExfRElSfQp9CgojIFJldHJ5IGEgZG93bmxvYWQgdW50aWwgd2UgZ2V0IGl0LiBhcmdzOiBuYW1lLCBzaGEsIHVybDEsIHVybDIuLi4KZG93bmxvYWQtb3ItYnVzdCgpIHsKICBsb2NhbCAtciBmaWxlPSIkMSIKICBsb2NhbCAtciBoYXNoPSIkMiIKICBzaGlmdCAyCgogIHVybHM9KCAkKiApCiAgd2hpbGUgdHJ1ZTsgZG8KICAgIGZvciB1cmwgaW4gIiR7dXJsc1tAXX0iOyBkbwogICAgICBjb21tYW5kcz0oCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC0tY29tcHJlc3NlZCAtTG8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0IDIwIC0tcmV0cnkgNiAtLXJldHJ5LWRlbGF5IDEwIgogICAgICAgICJ3Z2V0IC0taW5ldDQtb25seSAtLWNvbXByZXNzaW9uPWF1dG8gLU8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0PTIwIC0tdHJpZXM9NiAtLXdhaXQ9MTAiCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC1MbyAiJHtmaWxlfSIgLS1jb25uZWN0LXRpbWVvdXQgMjAgLS1yZXRyeSA2IC0tcmV0cnktZGVsYXkgMTAiCiAgICAgICAgIndnZXQgLS1pbmV0NC1vbmx5IC1PICIke2ZpbGV9IiAtLWNvbm5lY3QtdGltZW91dD0yMCAtLXRyaWVzPTYgLS13YWl0PTEwIgogICAgICApCiAgICAgIGZvciBjbWQgaW4gIiR7Y29tbWFuZHNbQF19IjsgZG8KICAgICAgICBlY2hvICJBdHRlbXB0aW5nIGRvd25sb2FkIHdpdGg6ICR7Y21kfSB7dXJsfSIKICAgICAgICBpZiAhICgke2NtZH0gIiR7dXJsfSIpOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBEb3dubG9hZCBmYWlsZWQgd2l0aCAke2NtZH0gPT0iCiAgICAgICAgICBjb250aW51ZQogICAgICAgIGZpCiAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dICYmICEgdmFsaWRhdGUtaGFzaCAiJHtmaWxlfSIgIiR7aGFzaH0iOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBIYXNoIHZhbGlkYXRpb24gb2YgJHt1cmx9IGZhaWxlZC4gUmV0cnlpbmcuID09IgogICAgICAgICAgcm0gLWYgIiR7ZmlsZX0iCiAgICAgICAgZWxzZQogICAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dOyB0aGVuCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9IChTSEExID0gJHtoYXNofSkgPT0iCiAgICAgICAgICBlbHNlCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9ID09IgogICAgICAgICAgZmkKICAgICAgICAgIHJldHVybgogICAgICAgIGZpCiAgICAgIGRvbmUKICAgIGRvbmUKCiAgICBlY2hvICJBbGwgZG93bmxvYWRzIGZhaWxlZDsgc2xlZXBpbmcgYmVmb3JlIHJldHJ5aW5nIgogICAgc2xlZXAgNjAKICBkb25lCn0KCnZhbGlkYXRlLWhhc2goKSB7CiAgbG9jYWwgLXIgZmlsZT0iJDEiCiAgbG9jYWwgLXIgZXhwZWN0ZWQ9IiQyIgogIGxvY2FsIGFjdHVhbAoKICBhY3R1YWw9JChzaGEyNTZzdW0gJHtmaWxlfSB8IGF3ayAneyBwcmludCAkMSB9JykgfHwgdHJ1ZQogIGlmIFtbICIke2FjdHVhbH0iICE9ICIke2V4cGVjdGVkfSIgXV07IHRoZW4KICAgIGVjaG8gIj09ICR7ZmlsZX0gY29ycnVwdGVkLCBoYXNoICR7YWN0dWFsfSBkb2Vzbid0IG1hdGNoIGV4cGVjdGVkICR7ZXhwZWN0ZWR9ID09IgogICAgcmV0dXJuIDEKICBmaQp9CgpmdW5jdGlvbiBzcGxpdC1jb21tYXMoKSB7CiAgZWNobyAkMSB8IHRyICIsIiAiXG4iCn0KCmZ1bmN0aW9uIHRyeS1kb3dubG9hZC1yZWxlYXNlKCkgewogIGxvY2FsIC1yIG5vZGV1cF91cmxzPSggJChzcGxpdC1jb21tYXMgIiR7Tk9ERVVQX1VSTH0iKSApCiAgaWYgW1sgLW4gIiR7Tk9ERVVQX0hBU0g6LX0iIF1dOyB0aGVuCiAgICBsb2NhbCAtciBub2RldXBfaGFzaD0iJHtOT0RFVVBfSEFTSH0iCiAgZWxzZQogICMgVE9ETzogUmVtb3ZlPwogICAgZWNobyAiRG93bmxvYWRpbmcgc2hhMjU2IChub3QgZm91bmQgaW4gZW52KSIKICAgIGRvd25sb2FkLW9yLWJ1c3Qgbm9kZXVwLnNoYTI1NiAiIiAiJHtub2RldXBfdXJsc1tAXS8lLy5zaGEyNTZ9IgogICAgbG9jYWwgLXIgbm9kZXVwX2hhc2g9JChjYXQgbm9kZXVwLnNoYTI1NikKICBmaQoKICBlY2hvICJEb3dubG9hZGluZyBub2RldXAgKCR7bm9kZXVwX3VybHNbQF19KSIKICBkb3dubG9hZC1vci1idXN0IG5vZGV1cCAiJHtub2RldXBfaGFzaH0iICIke25vZGV1cF91cmxzW0BdfSIKCiAgY2htb2QgK3ggbm9kZXVwCn0KCmZ1bmN0aW9uIGRvd25sb2FkLXJlbGVhc2UoKSB7CiAgY2FzZSAiJCh1bmFtZSAtbSkiIGluCiAgeDg2XzY0KnxpPzg2XzY0KnxhbWQ2NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQU1ENjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQU1ENjR9IgogICAgOzsKICBhYXJjaDY0Knxhcm02NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQVJNNjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQVJNNjR9IgogICAgOzsKICAqKQogICAgZWNobyAiVW5zdXBwb3J0ZWQgaG9zdCBhcmNoOiAkKHVuYW1lIC1tKSIgPiYyCiAgICBleGl0IDEKICAgIDs7CiAgZXNhYwoKICAjIEluIGNhc2Ugb2YgZmFpbHVyZSBjaGVja2luZyBpbnRlZ3JpdHkgb2YgcmVsZWFzZSwgcmV0cnkuCiAgY2QgJHtJTlNUQUxMX0RJUn0vYmluCiAgdW50aWwgdHJ5LWRvd25sb2FkLXJlbGVhc2U7IGRvCiAgICBzbGVlcCAxNQogICAgZWNobyAiQ291bGRuJ3QgZG93bmxvYWQgcmVsZWFzZS4gUmV0cnlpbmcuLi4iCiAgZG9uZQoKICBlY2hvICJSdW5uaW5nIG5vZGV1cCIKICAjIFdlIGNhbid0IHJ1biBpbiB0aGUgZm9yZWdyb3VuZCBiZWNhdXNlIG9mIGh0dHBzOi8vZ2l0aHViLmNvbS9kb2NrZXIvZG9ja2VyL2lzc3Vlcy8yMzc5MwogICggY2QgJHtJTlNUQUxMX0RJUn0vYmluOyAuL25vZGV1cCAtLWluc3RhbGwtc3lzdGVtZC11bml0IC0tY29uZj0ke0lOU1RBTExfRElSfS9jb25mL2t1YmVfZW52LnlhbWwgLS12PTggICkKfQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCgovYmluL3N5c3RlbWQtbWFjaGluZS1pZC1zZXR1cCB8fCBlY2hvICJmYWlsZWQgdG8gc2V0IHVwIGVuc3VyZSBtYWNoaW5lLWlkIGNvbmZpZ3VyZWQiCgplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgc3RhcnRpbmcgPT0iCmVuc3VyZS1pbnN0YWxsLWRpcgoKY2F0ID4gY29uZi9jbHVzdGVyX3NwZWMueWFtbCA8PCAnX19FT0ZfQ0xVU1RFUl9TUEVDJwpjbG91ZENvbmZpZzogbnVsbApjb250YWluZXJSdW50aW1lOiBkb2NrZXIKY29udGFpbmVyZDoKICBza2lwSW5zdGFsbDogdHJ1ZQpkb2NrZXI6CiAgaXBNYXNxOiBmYWxzZQogIGlwVGFibGVzOiBmYWxzZQogIGxvZ0RyaXZlcjoganNvbi1maWxlCiAgbG9nTGV2ZWw6IGluZm8KICBsb2dPcHQ6CiAgLSBtYXgtc2l6ZT0xMG0KICAtIG1heC1maWxlPTUKICBzdG9yYWdlOiBvdmVybGF5MixvdmVybGF5LGF1ZnMKICB2ZXJzaW9uOiAxOC4wNi4zCmVuY3J5cHRpb25Db25maWc6IG51bGwKZXRjZENsdXN0ZXJzOgogIGV2ZW50czoKICAgIHZlcnNpb246IDMuMy4xMAogIG1haW46CiAgICB2ZXJzaW9uOiAzLjMuMTAKa3ViZUFQSVNlcnZlcjoKICBhbGxvd1ByaXZpbGVnZWQ6IHRydWUKICBhbm9ueW1vdXNBdXRoOiBmYWxzZQogIGFwaVNlcnZlckNvdW50OiAxCiAgYXV0aG9yaXphdGlvbk1vZGU6IEFsd2F5c0FsbG93CiAgYmluZEFkZHJlc3M6IDAuMC4wLjAKICBjbG91ZFByb3ZpZGVyOiBhd3MKICBlbmFibGVBZG1pc3Npb25QbHVnaW5zOgogIC0gTmFtZXNwYWNlTGlmZWN5Y2xlCiAgLSBMaW1pdFJhbmdlcgogIC0gU2VydmljZUFjY291bnQKICAtIFBlcnNpc3RlbnRWb2x1bWVMYWJlbAogIC0gRGVmYXVsdFN0b3JhZ2VDbGFzcwogIC0gRGVmYXVsdFRvbGVyYXRpb25TZWNvbmRzCiAgLSBNdXRhdGluZ0FkbWlzc2lvbldlYmhvb2sKICAtIFZhbGlkYXRpbmdBZG1pc3Npb25XZWJob29rCiAgLSBOb2RlUmVzdHJpY3Rpb24KICAtIFJlc291cmNlUXVvdGEKICBldGNkU2VydmVyczoKICAtIGh0dHA6Ly8xMjcuMC4wLjE6NDAwMQogIGV0Y2RTZXJ2ZXJzT3ZlcnJpZGVzOgogIC0gL2V2ZW50cyNodHRwOi8vMTI3LjAuMC4xOjQwMDIKICBpbWFnZTogazhzLmdjci5pby9rdWJlLWFwaXNlcnZlcjp2MS4xNC4wCiAgaW5zZWN1cmVCaW5kQWRkcmVzczogMTI3LjAuMC4xCiAgaW5zZWN1cmVQb3J0OiA4MDgwCiAga3ViZWxldFByZWZlcnJlZEFkZHJlc3NUeXBlczoKICAtIEludGVybmFsSVAKICAtIEhvc3RuYW1lCiAgLSBFeHRlcm5hbElQCiAgbG9nTGV2ZWw6IDIKICByZXF1ZXN0aGVhZGVyQWxsb3dlZE5hbWVzOgogIC0gYWdncmVnYXRvcgogIHJlcXVlc3RoZWFkZXJFeHRyYUhlYWRlclByZWZpeGVzOgogIC0gWC1SZW1vdGUtRXh0cmEtCiAgcmVxdWVzdGhlYWRlckdyb3VwSGVhZGVyczoKICAtIFgtUmVtb3RlLUdyb3VwCiAgcmVxdWVzdGhlYWRlclVzZXJuYW1lSGVhZGVyczoKICAtIFgtUmVtb3RlLVVzZXIKICBzZWN1cmVQb3J0OiA0NDMKICBzZXJ2aWNlQ2x1c3RlcklQUmFuZ2U6IDEwMC42NC4wLjAvMTMKICBzdG9yYWdlQmFja2VuZDogZXRjZDMKa3ViZUNvbnRyb2xsZXJNYW5hZ2VyOgogIGFsbG9jYXRlTm9kZUNJRFJzOiB0cnVlCiAgYXR0YWNoRGV0YWNoUmVjb25jaWxlU3luY1BlcmlvZDogMW0wcwogIGNsb3VkUHJvdmlkZXI6IGF3cwogIGNsdXN0ZXJDSURSOiAxMDAuOTYuMC4wLzExCiAgY2x1c3Rlck5hbWU6IG1pbmltYWwtanNvbi5leGFtcGxlLmNvbQogIGNvbmZpZ3VyZUNsb3VkUm91dGVzOiB0cnVlCiAgaW1hZ2U6IGs4cy5nY3IuaW8va3ViZS1jb250cm9sbGVyLW1hbmFnZXI6djEuMTQuMAogIGxlYWRlckVsZWN0aW9uOgogICAgbGVhZGVyRWxlY3Q6IHRydWUKICBsb2dMZXZlbDogMgogIHVzZVNlcnZpY2VBY2NvdW50Q3JlZGVudGlhbHM6IHRydWUKa3ViZVByb3h5OgogIGNsdXN0ZXJDSURSOiAxMDAuOTYuMC4wLzExCiAgY3B1UmVxdWVzdDogMTAwbQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGltYWdlOiBrOHMuZ2NyLmlvL2t1YmUtcHJveHk6djEuMTQuMAogIGxvZ0xldmVsOiAyCmt1YmVTY2hlZHVsZXI6CiAgaW1hZ2U6IGs4cy5nY3IuaW8va3ViZS1zY2hlZHVsZXI6djEuMTQuMAogIGxlYWRlckVsZWN0aW9uOgogICAgbGVhZGVyRWxlY3Q6IHRydWUKICBsb2dMZXZlbDogMgprdWJlbGV0OgogIGFub255bW91c0F1dGg6IGZhbHNlCiAgY2dyb3VwUm9vdDogLwogIGNsb3VkUHJvdmlkZXI6IGF3cwogIGNsdXN0ZXJETlM6IDEwMC42NC4wLjEwCiAgY2x1c3RlckRvbWFpbjogY2x1c3Rlci5sb2NhbAogIGVuYWJsZURlYnVnZ2luZ0hhbmRsZXJzOiB0cnVlCiAgZXZpY3Rpb25IYXJkOiBtZW1vcnkuYXZhaWxhYmxlPDEwME1pLG5vZGVmcy5hdmFpbGFibGU8MTAlLG5vZGVmcy5pbm9kZXNGcmVlPDUlLGltYWdlZnMuYXZhaWxhYmxlPDEwJSxpbWFnZWZzLmlub2Rlc0ZyZWU8NSUKICBmZWF0dXJlR2F0ZXM6CiAgICBFeHBlcmltZW50YWxDcml0aWNhbFBvZEFubm90YXRpb246ICJ0cnVlIgogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5NVFU6IDkwMDEKICBuZXR3b3JrUGx1Z2luTmFtZToga3ViZW5ldAogIG5vbk1hc3F1ZXJhZGVDSURSOiAxMDAuNjQuMC4wLzEwCiAgcG9kSW5mcmFDb250YWluZXJJbWFnZTogazhzLmdjci5pby9wYXVzZTozLjIKICBwb2RNYW5pZmVzdFBhdGg6IC9ldGMva3ViZXJuZXRlcy9tYW5pZmVzdHMKbWFzdGVyS3ViZWxldDoKICBhbm9ueW1vdXNBdXRoOiBmYWxzZQogIGNncm91cFJvb3Q6IC8KICBjbG91ZFByb3ZpZGVyOiBhd3MKICBjbHVzdGVyRE5TOiAxMDAuNjQuMC4xMAogIGNsdXN0ZXJEb21haW46IGNsdXN0ZXIubG9jYWwKICBlbmFibGVEZWJ1Z2dpbmdIYW5kbGVyczogdHJ1ZQogIGV2aWN0aW9uSGFyZDogbWVtb3J5LmF2YWlsYWJsZTwxMDBNaSxub2RlZnMuYXZhaWxhYmxlPDEwJSxub2RlZnMuaW5vZGVzRnJlZTw1JSxpbWFnZWZzLmF2YWlsYWJsZTwxMCUsaW1hZ2Vmcy5pbm9kZXNGcmVlPDUlCiAgZmVhdHVyZUdhdGVzOgogICAgRXhwZXJpbWVudGFsQ3JpdGljYWxQb2RBbm5vdGF0aW9uOiAidHJ1ZSIKICBob3N0bmFtZU92ZXJyaWRlOiAnQGF3cycKICBrdWJlY29uZmlnUGF0aDogL3Zhci9saWIva3ViZWxldC9rdWJlY29uZmlnCiAgbG9nTGV2ZWw6IDIKICBuZXR3b3JrUGx1Z2luTVRVOiA5MDAxCiAgbmV0d29ya1BsdWdpbk5hbWU6IGt1YmVuZXQKICBub25NYXNxdWVyYWRlQ0lEUjogMTAwLjY0LjAuMC8xMAogIHBvZEluZnJhQ29udGFpbmVySW1hZ2U6IGs4cy5nY3IuaW8vcGF1c2U6My4yCiAgcG9kTWFuaWZlc3RQYXRoOiAvZXRjL2t1YmVybmV0ZXMvbWFuaWZlc3RzCiAgcmVnaXN0ZXJTY2hlZHVsYWJsZTogZmFsc2UKCl9fRU9GX0NMVVNURVJfU1BFQwoKY2F0ID4gY29uZi9pZ19zcGVjLnlhbWwgPDwgJ19fRU9GX0lHX1NQRUMnCnt9CgpfX0VPRl9JR19TUEVDCgpjYXQgPiBjb25mL2t1YmVfZW52LnlhbWwgPDwgJ19fRU9GX0tVQkVfRU5WJwpBc3NldHM6CiAgYW1kNjQ6CiAgLSBjM2I3MzZmZDBmMDAzNzY1YzEyZDk5ZjJjOTk1YTgzNjllNjI0MWY0QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4xNC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlbGV0CiAgLSA3ZTNhM2VhNjYzMTUzZjkwMGNiZDUyOTAwYTM5YzkxZmE5ZjMzNGJlQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4xNC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlY3RsCiAgLSAzY2ExNWMwYTE4ZWU4MzA1MjBjZjNhOTU0MDhiZTgyNmNiZDI1NWExNTM1YTM4ZTBiZTk2MDhiMjVhZDhiZjY0QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvbmV0d29yay1wbHVnaW5zL2NuaS1wbHVnaW5zLWFtZDY0LXYwLjcuNS50Z3oKICAtIDM0NmY5Mzk0MzkzZWU4ZGI1ZjhiZDFlMjI5ZWU5ZDkwZTViMzY5MzFiZGQ3NTQzMDhiMmFlNjg4ODRkZDY4MjJAaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3N0YXRpYy9zdGFibGUveDg2XzY0L2RvY2tlci0xOC4wNi4zLWNlLnRnegogIGFybTY0OgogIC0gZGYzOGUwNDU3NjAyNjM5MzA1NWNjYzc3YzBkY2U3MzYxMjk5NjU2MUBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMTQuMC9iaW4vbGludXgvYXJtNjQva3ViZWxldAogIC0gMDFjMmI2YjQzZDM2YjZiZmFmYzgwYTM3MzczOTFjMTllYmZiOGFkNUBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMTQuMC9iaW4vbGludXgvYXJtNjQva3ViZWN0bAogIC0gN2ZlYzkxYWY3OGU5NTQ4ZGYzMDZmMGVjNDNiZWE1MjdjOGMxMGNjM2E5NjgyYzMzZTk3MWM4NTIyYTdmY2RlZEBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL25ldHdvcmstcGx1Z2lucy9jbmktcGx1Z2lucy1hcm02NC12MC43LjUudGd6CiAgLSBkZWZiMmNjYzk1YzA4MjU4MzMyMTZjOGI5ZTBlMTViYWFhNTFiY2VkYjNlZmMxZjM5M2Y1MzUyZDE4NGRlYWQ0QGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC9zdGF0aWMvc3RhYmxlL2FhcmNoNjQvZG9ja2VyLTE4LjA2LjMtY2UudGd6CkNsdXN0ZXJOYW1lOiBtaW5pbWFsLWpzb24uZXhhbXBsZS5jb20KQ29uZmlnQmFzZTogbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20KSW5zdGFuY2VHcm91cE5hbWU6IG1hc3Rlci11cy10ZXN0LTFhCkluc3RhbmNlR3JvdXBSb2xlOiBNYXN0ZXIKS3ViZWxldENvbmZpZzoKICBhbm9ueW1vdXNBdXRoOiBmYWxzZQogIGNncm91cFJvb3Q6IC8KICBjbG91ZFByb3ZpZGVyOiBhd3MKICBjbHVzdGVyRE5TOiAxMDAuNjQuMC4xMAogIGNsdXN0ZXJEb21haW46IGNsdXN0ZXIubG9jYWwKICBlbmFibGVEZWJ1Z2dpbmdIYW5kbGVyczogdHJ1ZQogIGV2aWN0aW9uSGFyZDogbWVtb3J5LmF2YWlsYWJsZTwxMDBNaSxub2RlZnMuYXZhaWxhYmxlPDEwJSxub2RlZnMuaW5vZGVzRnJlZTw1JSxpbWFnZWZzLmF2YWlsYWJsZTwxMCUsaW1hZ2Vmcy5pbm9kZXNGcmVlPDUlCiAgZmVhdHVyZUdhdGVzOgogICAgRXhwZXJpbWVudGFsQ3JpdGljYWxQb2RBbm5vdGF0aW9uOiAidHJ1ZSIKICBob3N0bmFtZU92ZXJyaWRlOiAnQGF3cycKICBrdWJlY29uZmlnUGF0aDogL3Zhci9saWIva3ViZWxldC9rdWJlY29uZmlnCiAgbG9nTGV2ZWw6IDIKICBuZXR3b3JrUGx1Z2luTVRVOiA5MDAxCiAgbmV0d29ya1BsdWdpbk5hbWU6IGt1YmVuZXQKICBub2RlTGFiZWxzOgogICAga3ViZXJuZXRlcy5pby9yb2xlOiBtYXN0ZXIKICAgIG5vZGUtcm9sZS5rdWJlcm5ldGVzLmlvL2NvbnRyb2wtcGxhbmU6ICIiCiAgICBub2RlLXJvbGUua3ViZXJuZXRlcy5pby9tYXN0ZXI6ICIiCiAgbm9uTWFzcXVlcmFkZUNJRFI6IDEwMC42NC4wLjAvMTAKICBwb2RJbmZyYUNvbnRhaW5lckltYWdlOiBrOHMuZ2NyLmlvL3BhdXNlOjMuMgogIHBvZE1hbmlmZXN0UGF0aDogL2V0Yy9rdWJlcm5ldGVzL21hbmlmZXN0cwogIHJlZ2lzdGVyU2NoZWR1bGFibGU6IGZhbHNlCmNoYW5uZWxzOgotIG1lbWZzOi8vY2x1c3RlcnMuZXhhbXBsZS5jb20vbWluaW1hbC1qc29uLmV4YW1wbGUuY29tL2FkZG9ucy9ib290c3RyYXAtY2hhbm5lbC55YW1sCmV0Y2RNYW5pZmVzdHM6Ci0gbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20vbWFuaWZlc3RzL2V0Y2QvbWFpbi55YW1sCi0gbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20vbWFuaWZlc3RzL2V0Y2QvZXZlbnRzLnlhbWwKcHJvdG9rdWJlSW1hZ2U6CiAgYW1kNjQ6CiAgICBoYXNoOiA3YjNjN2Y2YWRiZGExMWIxZWM3NDBiZDZiOTY5Yzg0ZjI0OWI3ZWVlODE4YWY5NWYyZDMyMTk2MzA4ODI0NWE4CiAgICBuYW1lOiBwcm90b2t1YmU6MS4xOS4wLWFscGhhLjMKICAgIHNvdXJjZXM6CiAgICAtIGh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgICAtIGh0dHBzOi8vZ2l0aHViLmNvbS9rdWJlcm5ldGVzL2tvcHMvcmVsZWFzZXMvZG93bmxvYWQvdjEuMTkuMC1hbHBoYS4zL2ltYWdlcy1wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgICAtIGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgYXJtNjQ6CiAgICBoYXNoOiA2OTI3MGNhOWMxYzk1MGJlNjVhZjQwMzM3YWRmY2NlYzBhNzI4OTMwZmEzMjI0YmIwZDJlODhmMTgxZjM5ZWFkCiAgICBuYW1lOiBwcm90b2t1YmU6MS4xOS4wLWFscGhhLjMKICAgIHNvdXJjZXM6CiAgICAtIGh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYXJtNjQudGFyLmd6CiAgICAtIGh0dHBzOi8vZ2l0aHViLmNvbS9rdWJlcm5ldGVzL2tvcHMvcmVsZWFzZXMvZG93bmxvYWQvdjEuMTkuMC1hbHBoYS4zL2ltYWdlcy1wcm90b2t1YmUtYXJtNjQudGFyLmd6CiAgICAtIGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYXJtNjQudGFyLmd6CgpfX0VPRl9LVUJFX0VOVgoKZG93bmxvYWQtcmVsZWFzZQplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgZG9uZSA9PSIK +IyEvYmluL2Jhc2gKc2V0IC1vIGVycmV4aXQKc2V0IC1vIG5vdW5zZXQKc2V0IC1vIHBpcGVmYWlsCgpOT0RFVVBfVVJMX0FNRDY0PWh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FtZDY0L25vZGV1cCxodHRwczovL2dpdGh1Yi5jb20va3ViZXJuZXRlcy9rb3BzL3JlbGVhc2VzL2Rvd25sb2FkL3YxLjE5LjAtYWxwaGEuMy9ub2RldXAtbGludXgtYW1kNjQsaHR0cHM6Ly9rdWJldXB2Mi5zMy5hbWF6b25hd3MuY29tL2tvcHMvMS4xOS4wLWFscGhhLjMvbGludXgvYW1kNjQvbm9kZXVwCk5PREVVUF9IQVNIX0FNRDY0PTY5ODBmZGE0ZmEzN2JiZGMwNDM3MzhjZjRkZGFjNjM4OGViNTdmNTYxODk1YzY5Mjk5YzFiMGVlMjYzZDQ2NWQKTk9ERVVQX1VSTF9BUk02ND1odHRwczovL2FydGlmYWN0cy5rOHMuaW8vYmluYXJpZXMva29wcy8xLjE5LjAtYWxwaGEuMy9saW51eC9hcm02NC9ub2RldXAsaHR0cHM6Ly9naXRodWIuY29tL2t1YmVybmV0ZXMva29wcy9yZWxlYXNlcy9kb3dubG9hZC92MS4xOS4wLWFscGhhLjMvbm9kZXVwLWxpbnV4LWFybTY0LGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FybTY0L25vZGV1cApOT0RFVVBfSEFTSF9BUk02ND1kY2M3ZjlmM2MxODBlZTc2YTUxMTYyN2U0NmRhMGFjNjljZGNiNTE4Y2RmM2JlMzQ4ZTVlZDA0NmQ0OTFlYjg3CgpleHBvcnQgQVdTX1JFR0lPTj11cy10ZXN0LTEKCgoKCmZ1bmN0aW9uIGVuc3VyZS1pbnN0YWxsLWRpcigpIHsKICBJTlNUQUxMX0RJUj0iL29wdC9rb3BzIgogICMgT24gQ29udGFpbmVyT1MsIHdlIGluc3RhbGwgdW5kZXIgL3Zhci9saWIvdG9vbGJveDsgL29wdCBpcyBybyBhbmQgbm9leGVjCiAgaWYgW1sgLWQgL3Zhci9saWIvdG9vbGJveCBdXTsgdGhlbgogICAgSU5TVEFMTF9ESVI9Ii92YXIvbGliL3Rvb2xib3gva29wcyIKICBmaQogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2JpbgogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2NvbmYKICBjZCAke0lOU1RBTExfRElSfQp9CgojIFJldHJ5IGEgZG93bmxvYWQgdW50aWwgd2UgZ2V0IGl0LiBhcmdzOiBuYW1lLCBzaGEsIHVybDEsIHVybDIuLi4KZG93bmxvYWQtb3ItYnVzdCgpIHsKICBsb2NhbCAtciBmaWxlPSIkMSIKICBsb2NhbCAtciBoYXNoPSIkMiIKICBzaGlmdCAyCgogIHVybHM9KCAkKiApCiAgd2hpbGUgdHJ1ZTsgZG8KICAgIGZvciB1cmwgaW4gIiR7dXJsc1tAXX0iOyBkbwogICAgICBjb21tYW5kcz0oCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC0tY29tcHJlc3NlZCAtTG8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0IDIwIC0tcmV0cnkgNiAtLXJldHJ5LWRlbGF5IDEwIgogICAgICAgICJ3Z2V0IC0taW5ldDQtb25seSAtLWNvbXByZXNzaW9uPWF1dG8gLU8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0PTIwIC0tdHJpZXM9NiAtLXdhaXQ9MTAiCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC1MbyAiJHtmaWxlfSIgLS1jb25uZWN0LXRpbWVvdXQgMjAgLS1yZXRyeSA2IC0tcmV0cnktZGVsYXkgMTAiCiAgICAgICAgIndnZXQgLS1pbmV0NC1vbmx5IC1PICIke2ZpbGV9IiAtLWNvbm5lY3QtdGltZW91dD0yMCAtLXRyaWVzPTYgLS13YWl0PTEwIgogICAgICApCiAgICAgIGZvciBjbWQgaW4gIiR7Y29tbWFuZHNbQF19IjsgZG8KICAgICAgICBlY2hvICJBdHRlbXB0aW5nIGRvd25sb2FkIHdpdGg6ICR7Y21kfSB7dXJsfSIKICAgICAgICBpZiAhICgke2NtZH0gIiR7dXJsfSIpOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBEb3dubG9hZCBmYWlsZWQgd2l0aCAke2NtZH0gPT0iCiAgICAgICAgICBjb250aW51ZQogICAgICAgIGZpCiAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dICYmICEgdmFsaWRhdGUtaGFzaCAiJHtmaWxlfSIgIiR7aGFzaH0iOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBIYXNoIHZhbGlkYXRpb24gb2YgJHt1cmx9IGZhaWxlZC4gUmV0cnlpbmcuID09IgogICAgICAgICAgcm0gLWYgIiR7ZmlsZX0iCiAgICAgICAgZWxzZQogICAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dOyB0aGVuCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9IChTSEExID0gJHtoYXNofSkgPT0iCiAgICAgICAgICBlbHNlCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9ID09IgogICAgICAgICAgZmkKICAgICAgICAgIHJldHVybgogICAgICAgIGZpCiAgICAgIGRvbmUKICAgIGRvbmUKCiAgICBlY2hvICJBbGwgZG93bmxvYWRzIGZhaWxlZDsgc2xlZXBpbmcgYmVmb3JlIHJldHJ5aW5nIgogICAgc2xlZXAgNjAKICBkb25lCn0KCnZhbGlkYXRlLWhhc2goKSB7CiAgbG9jYWwgLXIgZmlsZT0iJDEiCiAgbG9jYWwgLXIgZXhwZWN0ZWQ9IiQyIgogIGxvY2FsIGFjdHVhbAoKICBhY3R1YWw9JChzaGEyNTZzdW0gJHtmaWxlfSB8IGF3ayAneyBwcmludCAkMSB9JykgfHwgdHJ1ZQogIGlmIFtbICIke2FjdHVhbH0iICE9ICIke2V4cGVjdGVkfSIgXV07IHRoZW4KICAgIGVjaG8gIj09ICR7ZmlsZX0gY29ycnVwdGVkLCBoYXNoICR7YWN0dWFsfSBkb2Vzbid0IG1hdGNoIGV4cGVjdGVkICR7ZXhwZWN0ZWR9ID09IgogICAgcmV0dXJuIDEKICBmaQp9CgpmdW5jdGlvbiBzcGxpdC1jb21tYXMoKSB7CiAgZWNobyAkMSB8IHRyICIsIiAiXG4iCn0KCmZ1bmN0aW9uIHRyeS1kb3dubG9hZC1yZWxlYXNlKCkgewogIGxvY2FsIC1yIG5vZGV1cF91cmxzPSggJChzcGxpdC1jb21tYXMgIiR7Tk9ERVVQX1VSTH0iKSApCiAgaWYgW1sgLW4gIiR7Tk9ERVVQX0hBU0g6LX0iIF1dOyB0aGVuCiAgICBsb2NhbCAtciBub2RldXBfaGFzaD0iJHtOT0RFVVBfSEFTSH0iCiAgZWxzZQogICMgVE9ETzogUmVtb3ZlPwogICAgZWNobyAiRG93bmxvYWRpbmcgc2hhMjU2IChub3QgZm91bmQgaW4gZW52KSIKICAgIGRvd25sb2FkLW9yLWJ1c3Qgbm9kZXVwLnNoYTI1NiAiIiAiJHtub2RldXBfdXJsc1tAXS8lLy5zaGEyNTZ9IgogICAgbG9jYWwgLXIgbm9kZXVwX2hhc2g9JChjYXQgbm9kZXVwLnNoYTI1NikKICBmaQoKICBlY2hvICJEb3dubG9hZGluZyBub2RldXAgKCR7bm9kZXVwX3VybHNbQF19KSIKICBkb3dubG9hZC1vci1idXN0IG5vZGV1cCAiJHtub2RldXBfaGFzaH0iICIke25vZGV1cF91cmxzW0BdfSIKCiAgY2htb2QgK3ggbm9kZXVwCn0KCmZ1bmN0aW9uIGRvd25sb2FkLXJlbGVhc2UoKSB7CiAgY2FzZSAiJCh1bmFtZSAtbSkiIGluCiAgeDg2XzY0KnxpPzg2XzY0KnxhbWQ2NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQU1ENjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQU1ENjR9IgogICAgOzsKICBhYXJjaDY0Knxhcm02NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQVJNNjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQVJNNjR9IgogICAgOzsKICAqKQogICAgZWNobyAiVW5zdXBwb3J0ZWQgaG9zdCBhcmNoOiAkKHVuYW1lIC1tKSIgPiYyCiAgICBleGl0IDEKICAgIDs7CiAgZXNhYwoKICAjIEluIGNhc2Ugb2YgZmFpbHVyZSBjaGVja2luZyBpbnRlZ3JpdHkgb2YgcmVsZWFzZSwgcmV0cnkuCiAgY2QgJHtJTlNUQUxMX0RJUn0vYmluCiAgdW50aWwgdHJ5LWRvd25sb2FkLXJlbGVhc2U7IGRvCiAgICBzbGVlcCAxNQogICAgZWNobyAiQ291bGRuJ3QgZG93bmxvYWQgcmVsZWFzZS4gUmV0cnlpbmcuLi4iCiAgZG9uZQoKICBlY2hvICJSdW5uaW5nIG5vZGV1cCIKICAjIFdlIGNhbid0IHJ1biBpbiB0aGUgZm9yZWdyb3VuZCBiZWNhdXNlIG9mIGh0dHBzOi8vZ2l0aHViLmNvbS9kb2NrZXIvZG9ja2VyL2lzc3Vlcy8yMzc5MwogICggY2QgJHtJTlNUQUxMX0RJUn0vYmluOyAuL25vZGV1cCAtLWluc3RhbGwtc3lzdGVtZC11bml0IC0tY29uZj0ke0lOU1RBTExfRElSfS9jb25mL2t1YmVfZW52LnlhbWwgLS12PTggICkKfQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCgovYmluL3N5c3RlbWQtbWFjaGluZS1pZC1zZXR1cCB8fCBlY2hvICJmYWlsZWQgdG8gc2V0IHVwIGVuc3VyZSBtYWNoaW5lLWlkIGNvbmZpZ3VyZWQiCgplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgc3RhcnRpbmcgPT0iCmVuc3VyZS1pbnN0YWxsLWRpcgoKY2F0ID4gY29uZi9jbHVzdGVyX3NwZWMueWFtbCA8PCAnX19FT0ZfQ0xVU1RFUl9TUEVDJwpjbG91ZENvbmZpZzogbnVsbApjb250YWluZXJSdW50aW1lOiBkb2NrZXIKY29udGFpbmVyZDoKICBjb25maWdPdmVycmlkZTogfAogICAgZGlzYWJsZWRfcGx1Z2lucyA9IFsiY3JpIl0KICBsb2dMZXZlbDogaW5mbwpkb2NrZXI6CiAgZXhlY09wdDoKICAtIG5hdGl2ZS5jZ3JvdXBkcml2ZXI9c3lzdGVtZAogIGlwTWFzcTogZmFsc2UKICBpcFRhYmxlczogZmFsc2UKICBsb2dEcml2ZXI6IGpzb24tZmlsZQogIGxvZ0xldmVsOiBpbmZvCiAgbG9nT3B0OgogIC0gbWF4LXNpemU9MTBtCiAgLSBtYXgtZmlsZT01CiAgc3RvcmFnZTogb3ZlcmxheTIsb3ZlcmxheSxhdWZzCiAgdmVyc2lvbjogMTkuMDMuMTQKZW5jcnlwdGlvbkNvbmZpZzogbnVsbApldGNkQ2x1c3RlcnM6CiAgZXZlbnRzOgogICAgdmVyc2lvbjogMy40LjEzCiAgbWFpbjoKICAgIHZlcnNpb246IDMuNC4xMwprdWJlQVBJU2VydmVyOgogIGFsbG93UHJpdmlsZWdlZDogdHJ1ZQogIGFub255bW91c0F1dGg6IGZhbHNlCiAgYXBpQXVkaWVuY2VzOgogIC0ga3ViZXJuZXRlcy5zdmMuZGVmYXVsdAogIGFwaVNlcnZlckNvdW50OiAxCiAgYXV0aG9yaXphdGlvbk1vZGU6IEFsd2F5c0FsbG93CiAgYmluZEFkZHJlc3M6IDAuMC4wLjAKICBjbG91ZFByb3ZpZGVyOiBhd3MKICBlbmFibGVBZG1pc3Npb25QbHVnaW5zOgogIC0gTmFtZXNwYWNlTGlmZWN5Y2xlCiAgLSBMaW1pdFJhbmdlcgogIC0gU2VydmljZUFjY291bnQKICAtIFBlcnNpc3RlbnRWb2x1bWVMYWJlbAogIC0gRGVmYXVsdFN0b3JhZ2VDbGFzcwogIC0gRGVmYXVsdFRvbGVyYXRpb25TZWNvbmRzCiAgLSBNdXRhdGluZ0FkbWlzc2lvbldlYmhvb2sKICAtIFZhbGlkYXRpbmdBZG1pc3Npb25XZWJob29rCiAgLSBOb2RlUmVzdHJpY3Rpb24KICAtIFJlc291cmNlUXVvdGEKICBldGNkU2VydmVyczoKICAtIGh0dHA6Ly8xMjcuMC4wLjE6NDAwMQogIGV0Y2RTZXJ2ZXJzT3ZlcnJpZGVzOgogIC0gL2V2ZW50cyNodHRwOi8vMTI3LjAuMC4xOjQwMDIKICBpbWFnZTogazhzLmdjci5pby9rdWJlLWFwaXNlcnZlcjp2MS4yMC4wCiAga3ViZWxldFByZWZlcnJlZEFkZHJlc3NUeXBlczoKICAtIEludGVybmFsSVAKICAtIEhvc3RuYW1lCiAgLSBFeHRlcm5hbElQCiAgbG9nTGV2ZWw6IDIKICByZXF1ZXN0aGVhZGVyQWxsb3dlZE5hbWVzOgogIC0gYWdncmVnYXRvcgogIHJlcXVlc3RoZWFkZXJFeHRyYUhlYWRlclByZWZpeGVzOgogIC0gWC1SZW1vdGUtRXh0cmEtCiAgcmVxdWVzdGhlYWRlckdyb3VwSGVhZGVyczoKICAtIFgtUmVtb3RlLUdyb3VwCiAgcmVxdWVzdGhlYWRlclVzZXJuYW1lSGVhZGVyczoKICAtIFgtUmVtb3RlLVVzZXIKICBzZWN1cmVQb3J0OiA0NDMKICBzZXJ2aWNlQWNjb3VudElzc3VlcjogaHR0cHM6Ly9hcGkubWluaW1hbC1qc29uLmV4YW1wbGUuY29tCiAgc2VydmljZUNsdXN0ZXJJUFJhbmdlOiAxMDAuNjQuMC4wLzEzCiAgc3RvcmFnZUJhY2tlbmQ6IGV0Y2QzCmt1YmVDb250cm9sbGVyTWFuYWdlcjoKICBhbGxvY2F0ZU5vZGVDSURSczogdHJ1ZQogIGF0dGFjaERldGFjaFJlY29uY2lsZVN5bmNQZXJpb2Q6IDFtMHMKICBjbG91ZFByb3ZpZGVyOiBhd3MKICBjbHVzdGVyQ0lEUjogMTAwLjk2LjAuMC8xMQogIGNsdXN0ZXJOYW1lOiBtaW5pbWFsLWpzb24uZXhhbXBsZS5jb20KICBjb25maWd1cmVDbG91ZFJvdXRlczogZmFsc2UKICBpbWFnZTogazhzLmdjci5pby9rdWJlLWNvbnRyb2xsZXItbWFuYWdlcjp2MS4yMC4wCiAgbGVhZGVyRWxlY3Rpb246CiAgICBsZWFkZXJFbGVjdDogdHJ1ZQogIGxvZ0xldmVsOiAyCiAgdXNlU2VydmljZUFjY291bnRDcmVkZW50aWFsczogdHJ1ZQprdWJlUHJveHk6CiAgY2x1c3RlckNJRFI6IDEwMC45Ni4wLjAvMTEKICBjcHVSZXF1ZXN0OiAxMDBtCiAgaG9zdG5hbWVPdmVycmlkZTogJ0Bhd3MnCiAgaW1hZ2U6IGs4cy5nY3IuaW8va3ViZS1wcm94eTp2MS4yMC4wCiAgbG9nTGV2ZWw6IDIKa3ViZVNjaGVkdWxlcjoKICBpbWFnZTogazhzLmdjci5pby9rdWJlLXNjaGVkdWxlcjp2MS4yMC4wCiAgbGVhZGVyRWxlY3Rpb246CiAgICBsZWFkZXJFbGVjdDogdHJ1ZQogIGxvZ0xldmVsOiAyCmt1YmVsZXQ6CiAgYW5vbnltb3VzQXV0aDogZmFsc2UKICBjZ3JvdXBEcml2ZXI6IHN5c3RlbWQKICBjZ3JvdXBSb290OiAvCiAgY2xvdWRQcm92aWRlcjogYXdzCiAgY2x1c3RlckROUzogMTAwLjY0LjAuMTAKICBjbHVzdGVyRG9tYWluOiBjbHVzdGVyLmxvY2FsCiAgZW5hYmxlRGVidWdnaW5nSGFuZGxlcnM6IHRydWUKICBldmljdGlvbkhhcmQ6IG1lbW9yeS5hdmFpbGFibGU8MTAwTWksbm9kZWZzLmF2YWlsYWJsZTwxMCUsbm9kZWZzLmlub2Rlc0ZyZWU8NSUsaW1hZ2Vmcy5hdmFpbGFibGU8MTAlLGltYWdlZnMuaW5vZGVzRnJlZTw1JQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5OYW1lOiBjbmkKICBub25NYXNxdWVyYWRlQ0lEUjogMTAwLjY0LjAuMC8xMAogIHBvZEluZnJhQ29udGFpbmVySW1hZ2U6IGs4cy5nY3IuaW8vcGF1c2U6My4yCiAgcG9kTWFuaWZlc3RQYXRoOiAvZXRjL2t1YmVybmV0ZXMvbWFuaWZlc3RzCm1hc3Rlckt1YmVsZXQ6CiAgYW5vbnltb3VzQXV0aDogZmFsc2UKICBjZ3JvdXBEcml2ZXI6IHN5c3RlbWQKICBjZ3JvdXBSb290OiAvCiAgY2xvdWRQcm92aWRlcjogYXdzCiAgY2x1c3RlckROUzogMTAwLjY0LjAuMTAKICBjbHVzdGVyRG9tYWluOiBjbHVzdGVyLmxvY2FsCiAgZW5hYmxlRGVidWdnaW5nSGFuZGxlcnM6IHRydWUKICBldmljdGlvbkhhcmQ6IG1lbW9yeS5hdmFpbGFibGU8MTAwTWksbm9kZWZzLmF2YWlsYWJsZTwxMCUsbm9kZWZzLmlub2Rlc0ZyZWU8NSUsaW1hZ2Vmcy5hdmFpbGFibGU8MTAlLGltYWdlZnMuaW5vZGVzRnJlZTw1JQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5OYW1lOiBjbmkKICBub25NYXNxdWVyYWRlQ0lEUjogMTAwLjY0LjAuMC8xMAogIHBvZEluZnJhQ29udGFpbmVySW1hZ2U6IGs4cy5nY3IuaW8vcGF1c2U6My4yCiAgcG9kTWFuaWZlc3RQYXRoOiAvZXRjL2t1YmVybmV0ZXMvbWFuaWZlc3RzCiAgcmVnaXN0ZXJTY2hlZHVsYWJsZTogZmFsc2UKCl9fRU9GX0NMVVNURVJfU1BFQwoKY2F0ID4gY29uZi9pZ19zcGVjLnlhbWwgPDwgJ19fRU9GX0lHX1NQRUMnCnt9CgpfX0VPRl9JR19TUEVDCgpjYXQgPiBjb25mL2t1YmVfZW52LnlhbWwgPDwgJ19fRU9GX0tVQkVfRU5WJwpBc3NldHM6CiAgYW1kNjQ6CiAgLSBmZjI0MjI1NzFjNGMxZTk2OTZlMzY3ZjVmMjU0NjZiOTZmYjZlNTAxZjI4YWVkMjlmNDE0YjE1MjRhNTJkZWEwQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4yMC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlbGV0CiAgLSBhNTg5NTAwN2YzMzFmMDhkMmUwODJlYjEyNDU4NzY0OTQ5NTU5ZjMwYmNjNWJlYWUyNmMzOGYzZTI3MjQyNjJjQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4yMC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlY3RsCiAgLSA5Nzc4MjQ5MzJkNTY2N2M3YTM3YWE2YTNjYmJhNDAxMDBhNjg3M2U3YmQ5N2U4M2U4YmU4MzdlM2U3YWZkMGE4QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rOHMtYXJ0aWZhY3RzLWNuaS9yZWxlYXNlL3YwLjguNy9jbmktcGx1Z2lucy1saW51eC1hbWQ2NC12MC44LjcudGd6CiAgLSA5ZjFlYzI4ZTM1N2E4ZjE4ZTk1NjExMjkyMzljYWY5YzA4MDdkNzQ3NTZlMjFjYzYzNjM3YzdmZGVhYWZlODQ3QGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC9zdGF0aWMvc3RhYmxlL3g4Nl82NC9kb2NrZXItMTkuMDMuMTQudGd6CiAgYXJtNjQ6CiAgLSA0N2FiNmM0MjczZmMzYmIwY2I4ZWM5NTE3MjcxZDkxNTg5MGM1YTZiMGU1NGIyOTkxZTdhOGZiYmU3N2IwNmU0QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4yMC4wL2Jpbi9saW51eC9hcm02NC9rdWJlbGV0CiAgLSAyNWU0NDY1ODcwYzk5MTY3ZTZjNDY2NjIzZWQ4ZjA1YTFkMjBmYmNiNDhjYWI2Njg4MTA5Mzg5YjUyZDg3NjIzQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4yMC4wL2Jpbi9saW51eC9hcm02NC9rdWJlY3RsCiAgLSBhZTEzZDdiNWMwNWJkMTgwZWE5YjViNjhmNDRiZGFhN2JmYjQxMDM0YTJlZjFkNjhmZDhlMTI1OTc5N2Q2NDJmQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rOHMtYXJ0aWZhY3RzLWNuaS9yZWxlYXNlL3YwLjguNy9jbmktcGx1Z2lucy1saW51eC1hcm02NC12MC44LjcudGd6CiAgLSA4MzUwZWFhMGMwOTY1YmI4ZWI5ZDQ1YTAxNGY0YjY3MjhjOTg1NzE1ZjU2NDY2MDc3ZGZlNmZlYjI3MWQ5NTE4QGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC9zdGF0aWMvc3RhYmxlL2FhcmNoNjQvZG9ja2VyLTE5LjAzLjE0LnRnegpDbHVzdGVyTmFtZTogbWluaW1hbC1qc29uLmV4YW1wbGUuY29tCkNvbmZpZ0Jhc2U6IG1lbWZzOi8vY2x1c3RlcnMuZXhhbXBsZS5jb20vbWluaW1hbC1qc29uLmV4YW1wbGUuY29tCkluc3RhbmNlR3JvdXBOYW1lOiBtYXN0ZXItdXMtdGVzdC0xYQpJbnN0YW5jZUdyb3VwUm9sZTogTWFzdGVyCkt1YmVsZXRDb25maWc6CiAgYW5vbnltb3VzQXV0aDogZmFsc2UKICBjZ3JvdXBEcml2ZXI6IHN5c3RlbWQKICBjZ3JvdXBSb290OiAvCiAgY2xvdWRQcm92aWRlcjogYXdzCiAgY2x1c3RlckROUzogMTAwLjY0LjAuMTAKICBjbHVzdGVyRG9tYWluOiBjbHVzdGVyLmxvY2FsCiAgZW5hYmxlRGVidWdnaW5nSGFuZGxlcnM6IHRydWUKICBldmljdGlvbkhhcmQ6IG1lbW9yeS5hdmFpbGFibGU8MTAwTWksbm9kZWZzLmF2YWlsYWJsZTwxMCUsbm9kZWZzLmlub2Rlc0ZyZWU8NSUsaW1hZ2Vmcy5hdmFpbGFibGU8MTAlLGltYWdlZnMuaW5vZGVzRnJlZTw1JQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5OYW1lOiBjbmkKICBub2RlTGFiZWxzOgogICAga3ViZXJuZXRlcy5pby9yb2xlOiBtYXN0ZXIKICAgIG5vZGUtcm9sZS5rdWJlcm5ldGVzLmlvL2NvbnRyb2wtcGxhbmU6ICIiCiAgICBub2RlLXJvbGUua3ViZXJuZXRlcy5pby9tYXN0ZXI6ICIiCiAgbm9uTWFzcXVlcmFkZUNJRFI6IDEwMC42NC4wLjAvMTAKICBwb2RJbmZyYUNvbnRhaW5lckltYWdlOiBrOHMuZ2NyLmlvL3BhdXNlOjMuMgogIHBvZE1hbmlmZXN0UGF0aDogL2V0Yy9rdWJlcm5ldGVzL21hbmlmZXN0cwogIHJlZ2lzdGVyU2NoZWR1bGFibGU6IGZhbHNlCmNoYW5uZWxzOgotIG1lbWZzOi8vY2x1c3RlcnMuZXhhbXBsZS5jb20vbWluaW1hbC1qc29uLmV4YW1wbGUuY29tL2FkZG9ucy9ib290c3RyYXAtY2hhbm5lbC55YW1sCmV0Y2RNYW5pZmVzdHM6Ci0gbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20vbWFuaWZlc3RzL2V0Y2QvbWFpbi55YW1sCi0gbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20vbWFuaWZlc3RzL2V0Y2QvZXZlbnRzLnlhbWwKcHJvdG9rdWJlSW1hZ2U6CiAgYW1kNjQ6CiAgICBoYXNoOiA3YjNjN2Y2YWRiZGExMWIxZWM3NDBiZDZiOTY5Yzg0ZjI0OWI3ZWVlODE4YWY5NWYyZDMyMTk2MzA4ODI0NWE4CiAgICBuYW1lOiBwcm90b2t1YmU6MS4xOS4wLWFscGhhLjMKICAgIHNvdXJjZXM6CiAgICAtIGh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgICAtIGh0dHBzOi8vZ2l0aHViLmNvbS9rdWJlcm5ldGVzL2tvcHMvcmVsZWFzZXMvZG93bmxvYWQvdjEuMTkuMC1hbHBoYS4zL2ltYWdlcy1wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgICAtIGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYW1kNjQudGFyLmd6CiAgYXJtNjQ6CiAgICBoYXNoOiA2OTI3MGNhOWMxYzk1MGJlNjVhZjQwMzM3YWRmY2NlYzBhNzI4OTMwZmEzMjI0YmIwZDJlODhmMTgxZjM5ZWFkCiAgICBuYW1lOiBwcm90b2t1YmU6MS4xOS4wLWFscGhhLjMKICAgIHNvdXJjZXM6CiAgICAtIGh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYXJtNjQudGFyLmd6CiAgICAtIGh0dHBzOi8vZ2l0aHViLmNvbS9rdWJlcm5ldGVzL2tvcHMvcmVsZWFzZXMvZG93bmxvYWQvdjEuMTkuMC1hbHBoYS4zL2ltYWdlcy1wcm90b2t1YmUtYXJtNjQudGFyLmd6CiAgICAtIGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2ltYWdlcy9wcm90b2t1YmUtYXJtNjQudGFyLmd6CnN0YXRpY01hbmlmZXN0czoKLSBrZXk6IGt1YmUtYXBpc2VydmVyLWhlYWx0aGNoZWNrCiAgcGF0aDogbWFuaWZlc3RzL3N0YXRpYy9rdWJlLWFwaXNlcnZlci1oZWFsdGhjaGVjay55YW1sCgpfX0VPRl9LVUJFX0VOVgoKZG93bmxvYWQtcmVsZWFzZQplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgZG9uZSA9PSIK diff --git a/tests/integration/update_cluster/minimal-json/data/aws_launch_template_nodes.minimal-json.example.com_user_data b/tests/integration/update_cluster/minimal-json/data/aws_launch_template_nodes.minimal-json.example.com_user_data index 544200e4e7..95fdc74872 100644 --- a/tests/integration/update_cluster/minimal-json/data/aws_launch_template_nodes.minimal-json.example.com_user_data +++ b/tests/integration/update_cluster/minimal-json/data/aws_launch_template_nodes.minimal-json.example.com_user_data @@ -1 +1 @@ -IyEvYmluL2Jhc2gKc2V0IC1vIGVycmV4aXQKc2V0IC1vIG5vdW5zZXQKc2V0IC1vIHBpcGVmYWlsCgpOT0RFVVBfVVJMX0FNRDY0PWh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FtZDY0L25vZGV1cCxodHRwczovL2dpdGh1Yi5jb20va3ViZXJuZXRlcy9rb3BzL3JlbGVhc2VzL2Rvd25sb2FkL3YxLjE5LjAtYWxwaGEuMy9ub2RldXAtbGludXgtYW1kNjQsaHR0cHM6Ly9rdWJldXB2Mi5zMy5hbWF6b25hd3MuY29tL2tvcHMvMS4xOS4wLWFscGhhLjMvbGludXgvYW1kNjQvbm9kZXVwCk5PREVVUF9IQVNIX0FNRDY0PTY5ODBmZGE0ZmEzN2JiZGMwNDM3MzhjZjRkZGFjNjM4OGViNTdmNTYxODk1YzY5Mjk5YzFiMGVlMjYzZDQ2NWQKTk9ERVVQX1VSTF9BUk02ND1odHRwczovL2FydGlmYWN0cy5rOHMuaW8vYmluYXJpZXMva29wcy8xLjE5LjAtYWxwaGEuMy9saW51eC9hcm02NC9ub2RldXAsaHR0cHM6Ly9naXRodWIuY29tL2t1YmVybmV0ZXMva29wcy9yZWxlYXNlcy9kb3dubG9hZC92MS4xOS4wLWFscGhhLjMvbm9kZXVwLWxpbnV4LWFybTY0LGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FybTY0L25vZGV1cApOT0RFVVBfSEFTSF9BUk02ND1kY2M3ZjlmM2MxODBlZTc2YTUxMTYyN2U0NmRhMGFjNjljZGNiNTE4Y2RmM2JlMzQ4ZTVlZDA0NmQ0OTFlYjg3CgpleHBvcnQgQVdTX1JFR0lPTj11cy10ZXN0LTEKCgoKCmZ1bmN0aW9uIGVuc3VyZS1pbnN0YWxsLWRpcigpIHsKICBJTlNUQUxMX0RJUj0iL29wdC9rb3BzIgogICMgT24gQ29udGFpbmVyT1MsIHdlIGluc3RhbGwgdW5kZXIgL3Zhci9saWIvdG9vbGJveDsgL29wdCBpcyBybyBhbmQgbm9leGVjCiAgaWYgW1sgLWQgL3Zhci9saWIvdG9vbGJveCBdXTsgdGhlbgogICAgSU5TVEFMTF9ESVI9Ii92YXIvbGliL3Rvb2xib3gva29wcyIKICBmaQogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2JpbgogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2NvbmYKICBjZCAke0lOU1RBTExfRElSfQp9CgojIFJldHJ5IGEgZG93bmxvYWQgdW50aWwgd2UgZ2V0IGl0LiBhcmdzOiBuYW1lLCBzaGEsIHVybDEsIHVybDIuLi4KZG93bmxvYWQtb3ItYnVzdCgpIHsKICBsb2NhbCAtciBmaWxlPSIkMSIKICBsb2NhbCAtciBoYXNoPSIkMiIKICBzaGlmdCAyCgogIHVybHM9KCAkKiApCiAgd2hpbGUgdHJ1ZTsgZG8KICAgIGZvciB1cmwgaW4gIiR7dXJsc1tAXX0iOyBkbwogICAgICBjb21tYW5kcz0oCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC0tY29tcHJlc3NlZCAtTG8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0IDIwIC0tcmV0cnkgNiAtLXJldHJ5LWRlbGF5IDEwIgogICAgICAgICJ3Z2V0IC0taW5ldDQtb25seSAtLWNvbXByZXNzaW9uPWF1dG8gLU8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0PTIwIC0tdHJpZXM9NiAtLXdhaXQ9MTAiCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC1MbyAiJHtmaWxlfSIgLS1jb25uZWN0LXRpbWVvdXQgMjAgLS1yZXRyeSA2IC0tcmV0cnktZGVsYXkgMTAiCiAgICAgICAgIndnZXQgLS1pbmV0NC1vbmx5IC1PICIke2ZpbGV9IiAtLWNvbm5lY3QtdGltZW91dD0yMCAtLXRyaWVzPTYgLS13YWl0PTEwIgogICAgICApCiAgICAgIGZvciBjbWQgaW4gIiR7Y29tbWFuZHNbQF19IjsgZG8KICAgICAgICBlY2hvICJBdHRlbXB0aW5nIGRvd25sb2FkIHdpdGg6ICR7Y21kfSB7dXJsfSIKICAgICAgICBpZiAhICgke2NtZH0gIiR7dXJsfSIpOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBEb3dubG9hZCBmYWlsZWQgd2l0aCAke2NtZH0gPT0iCiAgICAgICAgICBjb250aW51ZQogICAgICAgIGZpCiAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dICYmICEgdmFsaWRhdGUtaGFzaCAiJHtmaWxlfSIgIiR7aGFzaH0iOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBIYXNoIHZhbGlkYXRpb24gb2YgJHt1cmx9IGZhaWxlZC4gUmV0cnlpbmcuID09IgogICAgICAgICAgcm0gLWYgIiR7ZmlsZX0iCiAgICAgICAgZWxzZQogICAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dOyB0aGVuCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9IChTSEExID0gJHtoYXNofSkgPT0iCiAgICAgICAgICBlbHNlCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9ID09IgogICAgICAgICAgZmkKICAgICAgICAgIHJldHVybgogICAgICAgIGZpCiAgICAgIGRvbmUKICAgIGRvbmUKCiAgICBlY2hvICJBbGwgZG93bmxvYWRzIGZhaWxlZDsgc2xlZXBpbmcgYmVmb3JlIHJldHJ5aW5nIgogICAgc2xlZXAgNjAKICBkb25lCn0KCnZhbGlkYXRlLWhhc2goKSB7CiAgbG9jYWwgLXIgZmlsZT0iJDEiCiAgbG9jYWwgLXIgZXhwZWN0ZWQ9IiQyIgogIGxvY2FsIGFjdHVhbAoKICBhY3R1YWw9JChzaGEyNTZzdW0gJHtmaWxlfSB8IGF3ayAneyBwcmludCAkMSB9JykgfHwgdHJ1ZQogIGlmIFtbICIke2FjdHVhbH0iICE9ICIke2V4cGVjdGVkfSIgXV07IHRoZW4KICAgIGVjaG8gIj09ICR7ZmlsZX0gY29ycnVwdGVkLCBoYXNoICR7YWN0dWFsfSBkb2Vzbid0IG1hdGNoIGV4cGVjdGVkICR7ZXhwZWN0ZWR9ID09IgogICAgcmV0dXJuIDEKICBmaQp9CgpmdW5jdGlvbiBzcGxpdC1jb21tYXMoKSB7CiAgZWNobyAkMSB8IHRyICIsIiAiXG4iCn0KCmZ1bmN0aW9uIHRyeS1kb3dubG9hZC1yZWxlYXNlKCkgewogIGxvY2FsIC1yIG5vZGV1cF91cmxzPSggJChzcGxpdC1jb21tYXMgIiR7Tk9ERVVQX1VSTH0iKSApCiAgaWYgW1sgLW4gIiR7Tk9ERVVQX0hBU0g6LX0iIF1dOyB0aGVuCiAgICBsb2NhbCAtciBub2RldXBfaGFzaD0iJHtOT0RFVVBfSEFTSH0iCiAgZWxzZQogICMgVE9ETzogUmVtb3ZlPwogICAgZWNobyAiRG93bmxvYWRpbmcgc2hhMjU2IChub3QgZm91bmQgaW4gZW52KSIKICAgIGRvd25sb2FkLW9yLWJ1c3Qgbm9kZXVwLnNoYTI1NiAiIiAiJHtub2RldXBfdXJsc1tAXS8lLy5zaGEyNTZ9IgogICAgbG9jYWwgLXIgbm9kZXVwX2hhc2g9JChjYXQgbm9kZXVwLnNoYTI1NikKICBmaQoKICBlY2hvICJEb3dubG9hZGluZyBub2RldXAgKCR7bm9kZXVwX3VybHNbQF19KSIKICBkb3dubG9hZC1vci1idXN0IG5vZGV1cCAiJHtub2RldXBfaGFzaH0iICIke25vZGV1cF91cmxzW0BdfSIKCiAgY2htb2QgK3ggbm9kZXVwCn0KCmZ1bmN0aW9uIGRvd25sb2FkLXJlbGVhc2UoKSB7CiAgY2FzZSAiJCh1bmFtZSAtbSkiIGluCiAgeDg2XzY0KnxpPzg2XzY0KnxhbWQ2NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQU1ENjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQU1ENjR9IgogICAgOzsKICBhYXJjaDY0Knxhcm02NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQVJNNjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQVJNNjR9IgogICAgOzsKICAqKQogICAgZWNobyAiVW5zdXBwb3J0ZWQgaG9zdCBhcmNoOiAkKHVuYW1lIC1tKSIgPiYyCiAgICBleGl0IDEKICAgIDs7CiAgZXNhYwoKICAjIEluIGNhc2Ugb2YgZmFpbHVyZSBjaGVja2luZyBpbnRlZ3JpdHkgb2YgcmVsZWFzZSwgcmV0cnkuCiAgY2QgJHtJTlNUQUxMX0RJUn0vYmluCiAgdW50aWwgdHJ5LWRvd25sb2FkLXJlbGVhc2U7IGRvCiAgICBzbGVlcCAxNQogICAgZWNobyAiQ291bGRuJ3QgZG93bmxvYWQgcmVsZWFzZS4gUmV0cnlpbmcuLi4iCiAgZG9uZQoKICBlY2hvICJSdW5uaW5nIG5vZGV1cCIKICAjIFdlIGNhbid0IHJ1biBpbiB0aGUgZm9yZWdyb3VuZCBiZWNhdXNlIG9mIGh0dHBzOi8vZ2l0aHViLmNvbS9kb2NrZXIvZG9ja2VyL2lzc3Vlcy8yMzc5MwogICggY2QgJHtJTlNUQUxMX0RJUn0vYmluOyAuL25vZGV1cCAtLWluc3RhbGwtc3lzdGVtZC11bml0IC0tY29uZj0ke0lOU1RBTExfRElSfS9jb25mL2t1YmVfZW52LnlhbWwgLS12PTggICkKfQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCgovYmluL3N5c3RlbWQtbWFjaGluZS1pZC1zZXR1cCB8fCBlY2hvICJmYWlsZWQgdG8gc2V0IHVwIGVuc3VyZSBtYWNoaW5lLWlkIGNvbmZpZ3VyZWQiCgplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgc3RhcnRpbmcgPT0iCmVuc3VyZS1pbnN0YWxsLWRpcgoKY2F0ID4gY29uZi9jbHVzdGVyX3NwZWMueWFtbCA8PCAnX19FT0ZfQ0xVU1RFUl9TUEVDJwpjbG91ZENvbmZpZzogbnVsbApjb250YWluZXJSdW50aW1lOiBkb2NrZXIKY29udGFpbmVyZDoKICBza2lwSW5zdGFsbDogdHJ1ZQpkb2NrZXI6CiAgaXBNYXNxOiBmYWxzZQogIGlwVGFibGVzOiBmYWxzZQogIGxvZ0RyaXZlcjoganNvbi1maWxlCiAgbG9nTGV2ZWw6IGluZm8KICBsb2dPcHQ6CiAgLSBtYXgtc2l6ZT0xMG0KICAtIG1heC1maWxlPTUKICBzdG9yYWdlOiBvdmVybGF5MixvdmVybGF5LGF1ZnMKICB2ZXJzaW9uOiAxOC4wNi4zCmt1YmVQcm94eToKICBjbHVzdGVyQ0lEUjogMTAwLjk2LjAuMC8xMQogIGNwdVJlcXVlc3Q6IDEwMG0KICBob3N0bmFtZU92ZXJyaWRlOiAnQGF3cycKICBpbWFnZTogazhzLmdjci5pby9rdWJlLXByb3h5OnYxLjE0LjAKICBsb2dMZXZlbDogMgprdWJlbGV0OgogIGFub255bW91c0F1dGg6IGZhbHNlCiAgY2dyb3VwUm9vdDogLwogIGNsb3VkUHJvdmlkZXI6IGF3cwogIGNsdXN0ZXJETlM6IDEwMC42NC4wLjEwCiAgY2x1c3RlckRvbWFpbjogY2x1c3Rlci5sb2NhbAogIGVuYWJsZURlYnVnZ2luZ0hhbmRsZXJzOiB0cnVlCiAgZXZpY3Rpb25IYXJkOiBtZW1vcnkuYXZhaWxhYmxlPDEwME1pLG5vZGVmcy5hdmFpbGFibGU8MTAlLG5vZGVmcy5pbm9kZXNGcmVlPDUlLGltYWdlZnMuYXZhaWxhYmxlPDEwJSxpbWFnZWZzLmlub2Rlc0ZyZWU8NSUKICBmZWF0dXJlR2F0ZXM6CiAgICBFeHBlcmltZW50YWxDcml0aWNhbFBvZEFubm90YXRpb246ICJ0cnVlIgogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5NVFU6IDkwMDEKICBuZXR3b3JrUGx1Z2luTmFtZToga3ViZW5ldAogIG5vbk1hc3F1ZXJhZGVDSURSOiAxMDAuNjQuMC4wLzEwCiAgcG9kSW5mcmFDb250YWluZXJJbWFnZTogazhzLmdjci5pby9wYXVzZTozLjIKICBwb2RNYW5pZmVzdFBhdGg6IC9ldGMva3ViZXJuZXRlcy9tYW5pZmVzdHMKCl9fRU9GX0NMVVNURVJfU1BFQwoKY2F0ID4gY29uZi9pZ19zcGVjLnlhbWwgPDwgJ19fRU9GX0lHX1NQRUMnCnt9CgpfX0VPRl9JR19TUEVDCgpjYXQgPiBjb25mL2t1YmVfZW52LnlhbWwgPDwgJ19fRU9GX0tVQkVfRU5WJwpBc3NldHM6CiAgYW1kNjQ6CiAgLSBjM2I3MzZmZDBmMDAzNzY1YzEyZDk5ZjJjOTk1YTgzNjllNjI0MWY0QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4xNC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlbGV0CiAgLSA3ZTNhM2VhNjYzMTUzZjkwMGNiZDUyOTAwYTM5YzkxZmE5ZjMzNGJlQGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvcmVsZWFzZS92MS4xNC4wL2Jpbi9saW51eC9hbWQ2NC9rdWJlY3RsCiAgLSAzY2ExNWMwYTE4ZWU4MzA1MjBjZjNhOTU0MDhiZTgyNmNiZDI1NWExNTM1YTM4ZTBiZTk2MDhiMjVhZDhiZjY0QGh0dHBzOi8vc3RvcmFnZS5nb29nbGVhcGlzLmNvbS9rdWJlcm5ldGVzLXJlbGVhc2UvbmV0d29yay1wbHVnaW5zL2NuaS1wbHVnaW5zLWFtZDY0LXYwLjcuNS50Z3oKICAtIDM0NmY5Mzk0MzkzZWU4ZGI1ZjhiZDFlMjI5ZWU5ZDkwZTViMzY5MzFiZGQ3NTQzMDhiMmFlNjg4ODRkZDY4MjJAaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3N0YXRpYy9zdGFibGUveDg2XzY0L2RvY2tlci0xOC4wNi4zLWNlLnRnegogIGFybTY0OgogIC0gZGYzOGUwNDU3NjAyNjM5MzA1NWNjYzc3YzBkY2U3MzYxMjk5NjU2MUBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMTQuMC9iaW4vbGludXgvYXJtNjQva3ViZWxldAogIC0gMDFjMmI2YjQzZDM2YjZiZmFmYzgwYTM3MzczOTFjMTllYmZiOGFkNUBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMTQuMC9iaW4vbGludXgvYXJtNjQva3ViZWN0bAogIC0gN2ZlYzkxYWY3OGU5NTQ4ZGYzMDZmMGVjNDNiZWE1MjdjOGMxMGNjM2E5NjgyYzMzZTk3MWM4NTIyYTdmY2RlZEBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL25ldHdvcmstcGx1Z2lucy9jbmktcGx1Z2lucy1hcm02NC12MC43LjUudGd6CiAgLSBkZWZiMmNjYzk1YzA4MjU4MzMyMTZjOGI5ZTBlMTViYWFhNTFiY2VkYjNlZmMxZjM5M2Y1MzUyZDE4NGRlYWQ0QGh0dHBzOi8vZG93bmxvYWQuZG9ja2VyLmNvbS9saW51eC9zdGF0aWMvc3RhYmxlL2FhcmNoNjQvZG9ja2VyLTE4LjA2LjMtY2UudGd6CkNsdXN0ZXJOYW1lOiBtaW5pbWFsLWpzb24uZXhhbXBsZS5jb20KQ29uZmlnQmFzZTogbWVtZnM6Ly9jbHVzdGVycy5leGFtcGxlLmNvbS9taW5pbWFsLWpzb24uZXhhbXBsZS5jb20KSW5zdGFuY2VHcm91cE5hbWU6IG5vZGVzCkluc3RhbmNlR3JvdXBSb2xlOiBOb2RlCkt1YmVsZXRDb25maWc6CiAgYW5vbnltb3VzQXV0aDogZmFsc2UKICBjZ3JvdXBSb290OiAvCiAgY2xvdWRQcm92aWRlcjogYXdzCiAgY2x1c3RlckROUzogMTAwLjY0LjAuMTAKICBjbHVzdGVyRG9tYWluOiBjbHVzdGVyLmxvY2FsCiAgZW5hYmxlRGVidWdnaW5nSGFuZGxlcnM6IHRydWUKICBldmljdGlvbkhhcmQ6IG1lbW9yeS5hdmFpbGFibGU8MTAwTWksbm9kZWZzLmF2YWlsYWJsZTwxMCUsbm9kZWZzLmlub2Rlc0ZyZWU8NSUsaW1hZ2Vmcy5hdmFpbGFibGU8MTAlLGltYWdlZnMuaW5vZGVzRnJlZTw1JQogIGZlYXR1cmVHYXRlczoKICAgIEV4cGVyaW1lbnRhbENyaXRpY2FsUG9kQW5ub3RhdGlvbjogInRydWUiCiAgaG9zdG5hbWVPdmVycmlkZTogJ0Bhd3MnCiAga3ViZWNvbmZpZ1BhdGg6IC92YXIvbGliL2t1YmVsZXQva3ViZWNvbmZpZwogIGxvZ0xldmVsOiAyCiAgbmV0d29ya1BsdWdpbk1UVTogOTAwMQogIG5ldHdvcmtQbHVnaW5OYW1lOiBrdWJlbmV0CiAgbm9kZUxhYmVsczoKICAgIGt1YmVybmV0ZXMuaW8vcm9sZTogbm9kZQogICAgbm9kZS1yb2xlLmt1YmVybmV0ZXMuaW8vbm9kZTogIiIKICBub25NYXNxdWVyYWRlQ0lEUjogMTAwLjY0LjAuMC8xMAogIHBvZEluZnJhQ29udGFpbmVySW1hZ2U6IGs4cy5nY3IuaW8vcGF1c2U6My4yCiAgcG9kTWFuaWZlc3RQYXRoOiAvZXRjL2t1YmVybmV0ZXMvbWFuaWZlc3RzCmNoYW5uZWxzOgotIG1lbWZzOi8vY2x1c3RlcnMuZXhhbXBsZS5jb20vbWluaW1hbC1qc29uLmV4YW1wbGUuY29tL2FkZG9ucy9ib290c3RyYXAtY2hhbm5lbC55YW1sCgpfX0VPRl9LVUJFX0VOVgoKZG93bmxvYWQtcmVsZWFzZQplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgZG9uZSA9PSIK +IyEvYmluL2Jhc2gKc2V0IC1vIGVycmV4aXQKc2V0IC1vIG5vdW5zZXQKc2V0IC1vIHBpcGVmYWlsCgpOT0RFVVBfVVJMX0FNRDY0PWh0dHBzOi8vYXJ0aWZhY3RzLms4cy5pby9iaW5hcmllcy9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FtZDY0L25vZGV1cCxodHRwczovL2dpdGh1Yi5jb20va3ViZXJuZXRlcy9rb3BzL3JlbGVhc2VzL2Rvd25sb2FkL3YxLjE5LjAtYWxwaGEuMy9ub2RldXAtbGludXgtYW1kNjQsaHR0cHM6Ly9rdWJldXB2Mi5zMy5hbWF6b25hd3MuY29tL2tvcHMvMS4xOS4wLWFscGhhLjMvbGludXgvYW1kNjQvbm9kZXVwCk5PREVVUF9IQVNIX0FNRDY0PTY5ODBmZGE0ZmEzN2JiZGMwNDM3MzhjZjRkZGFjNjM4OGViNTdmNTYxODk1YzY5Mjk5YzFiMGVlMjYzZDQ2NWQKTk9ERVVQX1VSTF9BUk02ND1odHRwczovL2FydGlmYWN0cy5rOHMuaW8vYmluYXJpZXMva29wcy8xLjE5LjAtYWxwaGEuMy9saW51eC9hcm02NC9ub2RldXAsaHR0cHM6Ly9naXRodWIuY29tL2t1YmVybmV0ZXMva29wcy9yZWxlYXNlcy9kb3dubG9hZC92MS4xOS4wLWFscGhhLjMvbm9kZXVwLWxpbnV4LWFybTY0LGh0dHBzOi8va3ViZXVwdjIuczMuYW1hem9uYXdzLmNvbS9rb3BzLzEuMTkuMC1hbHBoYS4zL2xpbnV4L2FybTY0L25vZGV1cApOT0RFVVBfSEFTSF9BUk02ND1kY2M3ZjlmM2MxODBlZTc2YTUxMTYyN2U0NmRhMGFjNjljZGNiNTE4Y2RmM2JlMzQ4ZTVlZDA0NmQ0OTFlYjg3CgpleHBvcnQgQVdTX1JFR0lPTj11cy10ZXN0LTEKCgoKCmZ1bmN0aW9uIGVuc3VyZS1pbnN0YWxsLWRpcigpIHsKICBJTlNUQUxMX0RJUj0iL29wdC9rb3BzIgogICMgT24gQ29udGFpbmVyT1MsIHdlIGluc3RhbGwgdW5kZXIgL3Zhci9saWIvdG9vbGJveDsgL29wdCBpcyBybyBhbmQgbm9leGVjCiAgaWYgW1sgLWQgL3Zhci9saWIvdG9vbGJveCBdXTsgdGhlbgogICAgSU5TVEFMTF9ESVI9Ii92YXIvbGliL3Rvb2xib3gva29wcyIKICBmaQogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2JpbgogIG1rZGlyIC1wICR7SU5TVEFMTF9ESVJ9L2NvbmYKICBjZCAke0lOU1RBTExfRElSfQp9CgojIFJldHJ5IGEgZG93bmxvYWQgdW50aWwgd2UgZ2V0IGl0LiBhcmdzOiBuYW1lLCBzaGEsIHVybDEsIHVybDIuLi4KZG93bmxvYWQtb3ItYnVzdCgpIHsKICBsb2NhbCAtciBmaWxlPSIkMSIKICBsb2NhbCAtciBoYXNoPSIkMiIKICBzaGlmdCAyCgogIHVybHM9KCAkKiApCiAgd2hpbGUgdHJ1ZTsgZG8KICAgIGZvciB1cmwgaW4gIiR7dXJsc1tAXX0iOyBkbwogICAgICBjb21tYW5kcz0oCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC0tY29tcHJlc3NlZCAtTG8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0IDIwIC0tcmV0cnkgNiAtLXJldHJ5LWRlbGF5IDEwIgogICAgICAgICJ3Z2V0IC0taW5ldDQtb25seSAtLWNvbXByZXNzaW9uPWF1dG8gLU8gIiR7ZmlsZX0iIC0tY29ubmVjdC10aW1lb3V0PTIwIC0tdHJpZXM9NiAtLXdhaXQ9MTAiCiAgICAgICAgImN1cmwgLWYgLS1pcHY0IC1MbyAiJHtmaWxlfSIgLS1jb25uZWN0LXRpbWVvdXQgMjAgLS1yZXRyeSA2IC0tcmV0cnktZGVsYXkgMTAiCiAgICAgICAgIndnZXQgLS1pbmV0NC1vbmx5IC1PICIke2ZpbGV9IiAtLWNvbm5lY3QtdGltZW91dD0yMCAtLXRyaWVzPTYgLS13YWl0PTEwIgogICAgICApCiAgICAgIGZvciBjbWQgaW4gIiR7Y29tbWFuZHNbQF19IjsgZG8KICAgICAgICBlY2hvICJBdHRlbXB0aW5nIGRvd25sb2FkIHdpdGg6ICR7Y21kfSB7dXJsfSIKICAgICAgICBpZiAhICgke2NtZH0gIiR7dXJsfSIpOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBEb3dubG9hZCBmYWlsZWQgd2l0aCAke2NtZH0gPT0iCiAgICAgICAgICBjb250aW51ZQogICAgICAgIGZpCiAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dICYmICEgdmFsaWRhdGUtaGFzaCAiJHtmaWxlfSIgIiR7aGFzaH0iOyB0aGVuCiAgICAgICAgICBlY2hvICI9PSBIYXNoIHZhbGlkYXRpb24gb2YgJHt1cmx9IGZhaWxlZC4gUmV0cnlpbmcuID09IgogICAgICAgICAgcm0gLWYgIiR7ZmlsZX0iCiAgICAgICAgZWxzZQogICAgICAgICAgaWYgW1sgLW4gIiR7aGFzaH0iIF1dOyB0aGVuCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9IChTSEExID0gJHtoYXNofSkgPT0iCiAgICAgICAgICBlbHNlCiAgICAgICAgICAgIGVjaG8gIj09IERvd25sb2FkZWQgJHt1cmx9ID09IgogICAgICAgICAgZmkKICAgICAgICAgIHJldHVybgogICAgICAgIGZpCiAgICAgIGRvbmUKICAgIGRvbmUKCiAgICBlY2hvICJBbGwgZG93bmxvYWRzIGZhaWxlZDsgc2xlZXBpbmcgYmVmb3JlIHJldHJ5aW5nIgogICAgc2xlZXAgNjAKICBkb25lCn0KCnZhbGlkYXRlLWhhc2goKSB7CiAgbG9jYWwgLXIgZmlsZT0iJDEiCiAgbG9jYWwgLXIgZXhwZWN0ZWQ9IiQyIgogIGxvY2FsIGFjdHVhbAoKICBhY3R1YWw9JChzaGEyNTZzdW0gJHtmaWxlfSB8IGF3ayAneyBwcmludCAkMSB9JykgfHwgdHJ1ZQogIGlmIFtbICIke2FjdHVhbH0iICE9ICIke2V4cGVjdGVkfSIgXV07IHRoZW4KICAgIGVjaG8gIj09ICR7ZmlsZX0gY29ycnVwdGVkLCBoYXNoICR7YWN0dWFsfSBkb2Vzbid0IG1hdGNoIGV4cGVjdGVkICR7ZXhwZWN0ZWR9ID09IgogICAgcmV0dXJuIDEKICBmaQp9CgpmdW5jdGlvbiBzcGxpdC1jb21tYXMoKSB7CiAgZWNobyAkMSB8IHRyICIsIiAiXG4iCn0KCmZ1bmN0aW9uIHRyeS1kb3dubG9hZC1yZWxlYXNlKCkgewogIGxvY2FsIC1yIG5vZGV1cF91cmxzPSggJChzcGxpdC1jb21tYXMgIiR7Tk9ERVVQX1VSTH0iKSApCiAgaWYgW1sgLW4gIiR7Tk9ERVVQX0hBU0g6LX0iIF1dOyB0aGVuCiAgICBsb2NhbCAtciBub2RldXBfaGFzaD0iJHtOT0RFVVBfSEFTSH0iCiAgZWxzZQogICMgVE9ETzogUmVtb3ZlPwogICAgZWNobyAiRG93bmxvYWRpbmcgc2hhMjU2IChub3QgZm91bmQgaW4gZW52KSIKICAgIGRvd25sb2FkLW9yLWJ1c3Qgbm9kZXVwLnNoYTI1NiAiIiAiJHtub2RldXBfdXJsc1tAXS8lLy5zaGEyNTZ9IgogICAgbG9jYWwgLXIgbm9kZXVwX2hhc2g9JChjYXQgbm9kZXVwLnNoYTI1NikKICBmaQoKICBlY2hvICJEb3dubG9hZGluZyBub2RldXAgKCR7bm9kZXVwX3VybHNbQF19KSIKICBkb3dubG9hZC1vci1idXN0IG5vZGV1cCAiJHtub2RldXBfaGFzaH0iICIke25vZGV1cF91cmxzW0BdfSIKCiAgY2htb2QgK3ggbm9kZXVwCn0KCmZ1bmN0aW9uIGRvd25sb2FkLXJlbGVhc2UoKSB7CiAgY2FzZSAiJCh1bmFtZSAtbSkiIGluCiAgeDg2XzY0KnxpPzg2XzY0KnxhbWQ2NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQU1ENjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQU1ENjR9IgogICAgOzsKICBhYXJjaDY0Knxhcm02NCopCiAgICBOT0RFVVBfVVJMPSIke05PREVVUF9VUkxfQVJNNjR9IgogICAgTk9ERVVQX0hBU0g9IiR7Tk9ERVVQX0hBU0hfQVJNNjR9IgogICAgOzsKICAqKQogICAgZWNobyAiVW5zdXBwb3J0ZWQgaG9zdCBhcmNoOiAkKHVuYW1lIC1tKSIgPiYyCiAgICBleGl0IDEKICAgIDs7CiAgZXNhYwoKICAjIEluIGNhc2Ugb2YgZmFpbHVyZSBjaGVja2luZyBpbnRlZ3JpdHkgb2YgcmVsZWFzZSwgcmV0cnkuCiAgY2QgJHtJTlNUQUxMX0RJUn0vYmluCiAgdW50aWwgdHJ5LWRvd25sb2FkLXJlbGVhc2U7IGRvCiAgICBzbGVlcCAxNQogICAgZWNobyAiQ291bGRuJ3QgZG93bmxvYWQgcmVsZWFzZS4gUmV0cnlpbmcuLi4iCiAgZG9uZQoKICBlY2hvICJSdW5uaW5nIG5vZGV1cCIKICAjIFdlIGNhbid0IHJ1biBpbiB0aGUgZm9yZWdyb3VuZCBiZWNhdXNlIG9mIGh0dHBzOi8vZ2l0aHViLmNvbS9kb2NrZXIvZG9ja2VyL2lzc3Vlcy8yMzc5MwogICggY2QgJHtJTlNUQUxMX0RJUn0vYmluOyAuL25vZGV1cCAtLWluc3RhbGwtc3lzdGVtZC11bml0IC0tY29uZj0ke0lOU1RBTExfRElSfS9jb25mL2t1YmVfZW52LnlhbWwgLS12PTggICkKfQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCgovYmluL3N5c3RlbWQtbWFjaGluZS1pZC1zZXR1cCB8fCBlY2hvICJmYWlsZWQgdG8gc2V0IHVwIGVuc3VyZSBtYWNoaW5lLWlkIGNvbmZpZ3VyZWQiCgplY2hvICI9PSBub2RldXAgbm9kZSBjb25maWcgc3RhcnRpbmcgPT0iCmVuc3VyZS1pbnN0YWxsLWRpcgoKY2F0ID4gY29uZi9jbHVzdGVyX3NwZWMueWFtbCA8PCAnX19FT0ZfQ0xVU1RFUl9TUEVDJwpjbG91ZENvbmZpZzogbnVsbApjb250YWluZXJSdW50aW1lOiBkb2NrZXIKY29udGFpbmVyZDoKICBjb25maWdPdmVycmlkZTogfAogICAgZGlzYWJsZWRfcGx1Z2lucyA9IFsiY3JpIl0KICBsb2dMZXZlbDogaW5mbwpkb2NrZXI6CiAgZXhlY09wdDoKICAtIG5hdGl2ZS5jZ3JvdXBkcml2ZXI9c3lzdGVtZAogIGlwTWFzcTogZmFsc2UKICBpcFRhYmxlczogZmFsc2UKICBsb2dEcml2ZXI6IGpzb24tZmlsZQogIGxvZ0xldmVsOiBpbmZvCiAgbG9nT3B0OgogIC0gbWF4LXNpemU9MTBtCiAgLSBtYXgtZmlsZT01CiAgc3RvcmFnZTogb3ZlcmxheTIsb3ZlcmxheSxhdWZzCiAgdmVyc2lvbjogMTkuMDMuMTQKa3ViZVByb3h5OgogIGNsdXN0ZXJDSURSOiAxMDAuOTYuMC4wLzExCiAgY3B1UmVxdWVzdDogMTAwbQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGltYWdlOiBrOHMuZ2NyLmlvL2t1YmUtcHJveHk6djEuMjAuMAogIGxvZ0xldmVsOiAyCmt1YmVsZXQ6CiAgYW5vbnltb3VzQXV0aDogZmFsc2UKICBjZ3JvdXBEcml2ZXI6IHN5c3RlbWQKICBjZ3JvdXBSb290OiAvCiAgY2xvdWRQcm92aWRlcjogYXdzCiAgY2x1c3RlckROUzogMTAwLjY0LjAuMTAKICBjbHVzdGVyRG9tYWluOiBjbHVzdGVyLmxvY2FsCiAgZW5hYmxlRGVidWdnaW5nSGFuZGxlcnM6IHRydWUKICBldmljdGlvbkhhcmQ6IG1lbW9yeS5hdmFpbGFibGU8MTAwTWksbm9kZWZzLmF2YWlsYWJsZTwxMCUsbm9kZWZzLmlub2Rlc0ZyZWU8NSUsaW1hZ2Vmcy5hdmFpbGFibGU8MTAlLGltYWdlZnMuaW5vZGVzRnJlZTw1JQogIGhvc3RuYW1lT3ZlcnJpZGU6ICdAYXdzJwogIGt1YmVjb25maWdQYXRoOiAvdmFyL2xpYi9rdWJlbGV0L2t1YmVjb25maWcKICBsb2dMZXZlbDogMgogIG5ldHdvcmtQbHVnaW5OYW1lOiBjbmkKICBub25NYXNxdWVyYWRlQ0lEUjogMTAwLjY0LjAuMC8xMAogIHBvZEluZnJhQ29udGFpbmVySW1hZ2U6IGs4cy5nY3IuaW8vcGF1c2U6My4yCiAgcG9kTWFuaWZlc3RQYXRoOiAvZXRjL2t1YmVybmV0ZXMvbWFuaWZlc3RzCgpfX0VPRl9DTFVTVEVSX1NQRUMKCmNhdCA+IGNvbmYvaWdfc3BlYy55YW1sIDw8ICdfX0VPRl9JR19TUEVDJwp7fQoKX19FT0ZfSUdfU1BFQwoKY2F0ID4gY29uZi9rdWJlX2Vudi55YW1sIDw8ICdfX0VPRl9LVUJFX0VOVicKQXNzZXRzOgogIGFtZDY0OgogIC0gZmYyNDIyNTcxYzRjMWU5Njk2ZTM2N2Y1ZjI1NDY2Yjk2ZmI2ZTUwMWYyOGFlZDI5ZjQxNGIxNTI0YTUyZGVhMEBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMjAuMC9iaW4vbGludXgvYW1kNjQva3ViZWxldAogIC0gYTU4OTUwMDdmMzMxZjA4ZDJlMDgyZWIxMjQ1ODc2NDk0OTU1OWYzMGJjYzViZWFlMjZjMzhmM2UyNzI0MjYyY0BodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMjAuMC9iaW4vbGludXgvYW1kNjQva3ViZWN0bAogIC0gOTc3ODI0OTMyZDU2NjdjN2EzN2FhNmEzY2JiYTQwMTAwYTY4NzNlN2JkOTdlODNlOGJlODM3ZTNlN2FmZDBhOEBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20vazhzLWFydGlmYWN0cy1jbmkvcmVsZWFzZS92MC44LjcvY25pLXBsdWdpbnMtbGludXgtYW1kNjQtdjAuOC43LnRnegogIC0gOWYxZWMyOGUzNTdhOGYxOGU5NTYxMTI5MjM5Y2FmOWMwODA3ZDc0NzU2ZTIxY2M2MzYzN2M3ZmRlYWFmZTg0N0BodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvc3RhdGljL3N0YWJsZS94ODZfNjQvZG9ja2VyLTE5LjAzLjE0LnRnegogIGFybTY0OgogIC0gNDdhYjZjNDI3M2ZjM2JiMGNiOGVjOTUxNzI3MWQ5MTU4OTBjNWE2YjBlNTRiMjk5MWU3YThmYmJlNzdiMDZlNEBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMjAuMC9iaW4vbGludXgvYXJtNjQva3ViZWxldAogIC0gMjVlNDQ2NTg3MGM5OTE2N2U2YzQ2NjYyM2VkOGYwNWExZDIwZmJjYjQ4Y2FiNjY4ODEwOTM4OWI1MmQ4NzYyM0BodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20va3ViZXJuZXRlcy1yZWxlYXNlL3JlbGVhc2UvdjEuMjAuMC9iaW4vbGludXgvYXJtNjQva3ViZWN0bAogIC0gYWUxM2Q3YjVjMDViZDE4MGVhOWI1YjY4ZjQ0YmRhYTdiZmI0MTAzNGEyZWYxZDY4ZmQ4ZTEyNTk3OTdkNjQyZkBodHRwczovL3N0b3JhZ2UuZ29vZ2xlYXBpcy5jb20vazhzLWFydGlmYWN0cy1jbmkvcmVsZWFzZS92MC44LjcvY25pLXBsdWdpbnMtbGludXgtYXJtNjQtdjAuOC43LnRnegogIC0gODM1MGVhYTBjMDk2NWJiOGViOWQ0NWEwMTRmNGI2NzI4Yzk4NTcxNWY1NjQ2NjA3N2RmZTZmZWIyNzFkOTUxOEBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvc3RhdGljL3N0YWJsZS9hYXJjaDY0L2RvY2tlci0xOS4wMy4xNC50Z3oKQ2x1c3Rlck5hbWU6IG1pbmltYWwtanNvbi5leGFtcGxlLmNvbQpDb25maWdCYXNlOiBtZW1mczovL2NsdXN0ZXJzLmV4YW1wbGUuY29tL21pbmltYWwtanNvbi5leGFtcGxlLmNvbQpJbnN0YW5jZUdyb3VwTmFtZTogbm9kZXMKSW5zdGFuY2VHcm91cFJvbGU6IE5vZGUKS3ViZWxldENvbmZpZzoKICBhbm9ueW1vdXNBdXRoOiBmYWxzZQogIGNncm91cERyaXZlcjogc3lzdGVtZAogIGNncm91cFJvb3Q6IC8KICBjbG91ZFByb3ZpZGVyOiBhd3MKICBjbHVzdGVyRE5TOiAxMDAuNjQuMC4xMAogIGNsdXN0ZXJEb21haW46IGNsdXN0ZXIubG9jYWwKICBlbmFibGVEZWJ1Z2dpbmdIYW5kbGVyczogdHJ1ZQogIGV2aWN0aW9uSGFyZDogbWVtb3J5LmF2YWlsYWJsZTwxMDBNaSxub2RlZnMuYXZhaWxhYmxlPDEwJSxub2RlZnMuaW5vZGVzRnJlZTw1JSxpbWFnZWZzLmF2YWlsYWJsZTwxMCUsaW1hZ2Vmcy5pbm9kZXNGcmVlPDUlCiAgaG9zdG5hbWVPdmVycmlkZTogJ0Bhd3MnCiAga3ViZWNvbmZpZ1BhdGg6IC92YXIvbGliL2t1YmVsZXQva3ViZWNvbmZpZwogIGxvZ0xldmVsOiAyCiAgbmV0d29ya1BsdWdpbk5hbWU6IGNuaQogIG5vZGVMYWJlbHM6CiAgICBrdWJlcm5ldGVzLmlvL3JvbGU6IG5vZGUKICAgIG5vZGUtcm9sZS5rdWJlcm5ldGVzLmlvL25vZGU6ICIiCiAgbm9uTWFzcXVlcmFkZUNJRFI6IDEwMC42NC4wLjAvMTAKICBwb2RJbmZyYUNvbnRhaW5lckltYWdlOiBrOHMuZ2NyLmlvL3BhdXNlOjMuMgogIHBvZE1hbmlmZXN0UGF0aDogL2V0Yy9rdWJlcm5ldGVzL21hbmlmZXN0cwpjaGFubmVsczoKLSBtZW1mczovL2NsdXN0ZXJzLmV4YW1wbGUuY29tL21pbmltYWwtanNvbi5leGFtcGxlLmNvbS9hZGRvbnMvYm9vdHN0cmFwLWNoYW5uZWwueWFtbAoKX19FT0ZfS1VCRV9FTlYKCmRvd25sb2FkLXJlbGVhc2UKZWNobyAiPT0gbm9kZXVwIG5vZGUgY29uZmlnIGRvbmUgPT0iCg== diff --git a/tests/integration/update_cluster/minimal-json/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal-json/in-v1alpha2.yaml index db3739d082..309e4abd48 100644 --- a/tests/integration/update_cluster/minimal-json/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal-json/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal-json.example.com masterPublicName: api.minimal-json.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data b/tests/integration/update_cluster/minimal/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data index d8aa5a15ba..ab55c3086a 100644 --- a/tests/integration/update_cluster/minimal/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data +++ b/tests/integration/update_cluster/minimal/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/minimal/data/aws_launch_template_nodes.minimal.example.com_user_data b/tests/integration/update_cluster/minimal/data/aws_launch_template_nodes.minimal.example.com_user_data index c31260dc42..0ce27e1d36 100644 --- a/tests/integration/update_cluster/minimal/data/aws_launch_template_nodes.minimal.example.com_user_data +++ b/tests/integration/update_cluster/minimal/data/aws_launch_template_nodes.minimal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/minimal/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal/in-v1alpha2.yaml index 02fcc27152..3a53b802ba 100644 --- a/tests/integration/update_cluster/minimal/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal.example.com masterPublicName: api.minimal.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script index b8df20a6fd..3a0756c40b 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: minimal-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.minimal-gce.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -202,8 +207,8 @@ kubeControllerManager: cloudProvider: gce clusterCIDR: 100.96.0.0/11 clusterName: minimal-gce-example-com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,48 +216,44 @@ kubeControllerManager: kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -268,37 +269,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal-gce.example.com ConfigBase: memfs://tests/minimal-gce.example.com InstanceGroupName: master-us-test1-a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -327,6 +326,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script index e80c83d813..52c022f984 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script @@ -138,8 +138,12 @@ cloudConfig: nodeTags: minimal-gce-example-com-k8s-io-role-node containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,28 +152,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -184,37 +186,35 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - ae0d7b36c7f9559354ee35c14bf084a771132e32@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/mounter - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 6741b0ccfcffeb1ad36b2147643fa893362588a66bc07799e1cb00f54ef3348b@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/mounter + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - df7fc4fe107253603d284a549cac36ae072a0dcb@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/mounter - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - 5d6bbf60ddc55347c29f706081e24de0e9dbcff2236ab64db7444342accaa445@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/mounter + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal-gce.example.com ConfigBase: memfs://tests/minimal-gce.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: gce clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/minimal_gce/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal_gce/in-v1alpha2.yaml index 0a780d5132..2035c9cb48 100644 --- a/tests/integration/update_cluster/minimal_gce/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal_gce/in-v1alpha2.yaml @@ -27,10 +27,10 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterPublicName: api.minimal-gce.example.com networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 project: testproject sshAccess: diff --git a/tests/integration/update_cluster/minimal_openstack/in-v1alpha2.yaml b/tests/integration/update_cluster/minimal_openstack/in-v1alpha2.yaml index c460fee44b..ede75f1048 100644 --- a/tests/integration/update_cluster/minimal_openstack/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/minimal_openstack/in-v1alpha2.yaml @@ -29,10 +29,10 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterPublicName: api.minimal-openstack.k8s.local networking: - kubenet: {} + cni: {} networkCIDR: 192.168.0.0/16 nonMasqueradeCIDR: 100.64.0.0/10 project: testproject diff --git a/tests/integration/update_cluster/mixed_instances/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/mixed_instances/cloudformation.json.extracted.yaml index 0997eefdf8..91ca708471 100644 --- a/tests/integration/update_cluster/mixed_instances/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/mixed_instances/cloudformation.json.extracted.yaml @@ -141,6 +141,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,12 +155,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -178,7 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,15 +216,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -229,13 +235,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -245,8 +251,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -262,13 +267,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -277,6 +282,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -286,8 +292,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -467,6 +472,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -479,12 +486,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -504,7 +513,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -519,6 +528,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -527,8 +537,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -537,15 +547,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -555,13 +566,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -571,8 +582,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -588,13 +598,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -603,6 +613,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -612,8 +623,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -793,6 +803,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -805,12 +817,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -830,7 +844,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -845,6 +859,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -853,8 +868,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -863,15 +878,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -881,13 +897,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -897,8 +913,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -914,13 +929,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -929,6 +944,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -938,8 +954,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -1119,6 +1134,8 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -1132,10 +1149,11 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1145,8 +1163,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -1161,13 +1178,13 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -1176,6 +1193,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1185,8 +1203,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data index 7d69ed1d03..1fceea11f6 100644 --- a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data index 976b62c72c..ac7c64b2b1 100644 --- a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data index baca32c8ac..6530e575aa 100644 --- a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_nodes.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_nodes.mixedinstances.example.com_user_data index dcae909599..1775d93cb9 100644 --- a/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_nodes.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances/data/aws_launch_template_nodes.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,10 +155,11 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -166,8 +169,7 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,13 +184,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -197,6 +199,7 @@ InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -206,8 +209,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/mixed_instances/in-v1alpha2.yaml b/tests/integration/update_cluster/mixed_instances/in-v1alpha2.yaml index 9f06681e26..b628f5154b 100644 --- a/tests/integration/update_cluster/mixed_instances/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/mixed_instances/in-v1alpha2.yaml @@ -29,12 +29,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.18.9 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.mixedinstances.example.com masterPublicName: api.mixedinstances.example.com networkCIDR: 10.0.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/mixed_instances_spot/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/mixed_instances_spot/cloudformation.json.extracted.yaml index 0997eefdf8..91ca708471 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/mixed_instances_spot/cloudformation.json.extracted.yaml @@ -141,6 +141,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,12 +155,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -178,7 +182,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -193,6 +197,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,8 +206,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -211,15 +216,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -229,13 +235,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -245,8 +251,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -262,13 +267,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -277,6 +282,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -286,8 +292,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -467,6 +472,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -479,12 +486,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -504,7 +513,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -519,6 +528,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -527,8 +537,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -537,15 +547,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -555,13 +566,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -571,8 +582,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -588,13 +598,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -603,6 +613,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -612,8 +623,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1bmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -793,6 +803,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -805,12 +817,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -830,7 +844,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -845,6 +859,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -853,8 +868,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -863,15 +878,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -881,13 +897,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -897,8 +913,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -914,13 +929,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -929,6 +944,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -938,8 +954,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1cmastersmixedinstancesexamplecom.Prop hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -1119,6 +1134,8 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -1132,10 +1149,11 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1145,8 +1163,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -1161,13 +1178,13 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -1176,6 +1193,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -1185,8 +1203,7 @@ Resources.AWSEC2LaunchTemplatenodesmixedinstancesexamplecom.Properties.LaunchTem hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data index 7d69ed1d03..1fceea11f6 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1a.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data index 976b62c72c..ac7c64b2b1 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1b.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1b InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data index baca32c8ac..6530e575aa 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_master-us-test-1c.masters.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 3 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.9 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.mixedinstances.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: mixedinstances.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.18.9 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.9 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -228,13 +234,13 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -244,8 +250,7 @@ masterKubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -261,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -276,6 +281,7 @@ InstanceGroupName: master-us-test-1c InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -285,8 +291,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" diff --git a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_nodes.mixedinstances.example.com_user_data b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_nodes.mixedinstances.example.com_user_data index dcae909599..1775d93cb9 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_nodes.mixedinstances.example.com_user_data +++ b/tests/integration/update_cluster/mixed_instances_spot/data/aws_launch_template_nodes.mixedinstances.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,10 +155,11 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.9 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -166,8 +169,7 @@ kubelet: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,13 +184,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 5028b6548e8838e1e0851f10e8bd8d9a6ef1693e3f1dac09f7d50c4c2873f20b@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubelet - - 6a68756a2d3d04b4d0f52b00de6493ba2c1fcb28b32f3e4a0e99b3d9f6c4e8ed@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - 21b0fb4682deea19be3ac160403db9858dc9d02b101d60eb6fc22a86523ec434@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubelet - - 9f466ff8d40097914a1ded0288ef8b9eb6f4ad39a9990cb2c0f8d1a710013a4f@https://storage.googleapis.com/kubernetes-release/release/v1.18.9/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: mixedinstances.example.com @@ -197,6 +199,7 @@ InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -206,8 +209,7 @@ KubeletConfig: hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/mixed_instances_spot/in-v1alpha2.yaml b/tests/integration/update_cluster/mixed_instances_spot/in-v1alpha2.yaml index 322b94f156..62216136da 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/mixed_instances_spot/in-v1alpha2.yaml @@ -29,12 +29,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.18.9 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.mixedinstances.example.com masterPublicName: api.mixedinstances.example.com networkCIDR: 10.0.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/openstack_floatingip/in-v1alpha2.yaml b/tests/integration/update_cluster/openstack_floatingip/in-v1alpha2.yaml index 7fef5f8667..c34abfe679 100644 --- a/tests/integration/update_cluster/openstack_floatingip/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/openstack_floatingip/in-v1alpha2.yaml @@ -33,10 +33,10 @@ spec: anonymousAuth: false kubernetesApiAccess: - 0.0.0.0/0 - kubernetesVersion: v1.16.0 + kubernetesVersion: v1.20.0 masterPublicName: api.floatingip-openstack.k8s.local networking: - kubenet: {} + cni: {} networkCIDR: 192.168.0.0/16 nonMasqueradeCIDR: 100.64.0.0/10 project: testproject diff --git a/tests/integration/update_cluster/private-shared-ip/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/private-shared-ip/cloudformation.json.extracted.yaml index bc70ff9d58..cbb61206bc 100644 --- a/tests/integration/update_cluster/private-shared-ip/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/private-shared-ip/cloudformation.json.extracted.yaml @@ -138,8 +138,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.private-shared-ip.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -203,7 +208,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro clusterCIDR: 100.96.0.0/11 clusterName: private-shared-ip.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -212,23 +217,22 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -238,14 +242,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -265,29 +268,28 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-ip.example.com ConfigBase: memfs://clusters.example.com/private-shared-ip.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -320,6 +322,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatesharedipexamplecom.Pro - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -464,8 +469,12 @@ Resources.AWSEC2LaunchTemplatenodesprivatesharedipexamplecom.Properties.LaunchTe cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -474,23 +483,22 @@ Resources.AWSEC2LaunchTemplatenodesprivatesharedipexamplecom.Properties.LaunchTe - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -509,29 +517,28 @@ Resources.AWSEC2LaunchTemplatenodesprivatesharedipexamplecom.Properties.LaunchTe cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-ip.example.com ConfigBase: memfs://clusters.example.com/private-shared-ip.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_master-us-test-1a.masters.private-shared-ip.example.com_user_data b/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_master-us-test-1a.masters.private-shared-ip.example.com_user_data index 76d97f7b2f..8defbcd31e 100644 --- a/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_master-us-test-1a.masters.private-shared-ip.example.com_user_data +++ b/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_master-us-test-1a.masters.private-shared-ip.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.private-shared-ip.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: private-shared-ip.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-ip.example.com ConfigBase: memfs://clusters.example.com/private-shared-ip.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_nodes.private-shared-ip.example.com_user_data b/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_nodes.private-shared-ip.example.com_user_data index 7da54ca0c4..103f52fc58 100644 --- a/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_nodes.private-shared-ip.example.com_user_data +++ b/tests/integration/update_cluster/private-shared-ip/data/aws_launch_template_nodes.private-shared-ip.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-ip.example.com ConfigBase: memfs://clusters.example.com/private-shared-ip.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/private-shared-ip/in-v1alpha2.yaml b/tests/integration/update_cluster/private-shared-ip/in-v1alpha2.yaml index 9918e1fe98..61a320c64f 100644 --- a/tests/integration/update_cluster/private-shared-ip/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/private-shared-ip/in-v1alpha2.yaml @@ -21,13 +21,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.private-shared-ip.example.com masterPublicName: api.private-shared-ip.example.com networkCIDR: 172.20.0.0/16 networkID: vpc-12345678 networking: - weave: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_master-us-test-1a.masters.private-shared-subnet.example.com_user_data b/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_master-us-test-1a.masters.private-shared-subnet.example.com_user_data index 4a9ffbbab8..97c6f56a9e 100644 --- a/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_master-us-test-1a.masters.private-shared-subnet.example.com_user_data +++ b/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_master-us-test-1a.masters.private-shared-subnet.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.private-shared-subnet.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: private-shared-subnet.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-subnet.example.com ConfigBase: memfs://clusters.example.com/private-shared-subnet.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_nodes.private-shared-subnet.example.com_user_data b/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_nodes.private-shared-subnet.example.com_user_data index 65d07cc5df..3e3ba543a5 100644 --- a/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_nodes.private-shared-subnet.example.com_user_data +++ b/tests/integration/update_cluster/private-shared-subnet/data/aws_launch_template_nodes.private-shared-subnet.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: private-shared-subnet.example.com ConfigBase: memfs://clusters.example.com/private-shared-subnet.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/private-shared-subnet/in-v1alpha2.yaml b/tests/integration/update_cluster/private-shared-subnet/in-v1alpha2.yaml index da4450649e..d2a08f5665 100644 --- a/tests/integration/update_cluster/private-shared-subnet/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/private-shared-subnet/in-v1alpha2.yaml @@ -21,13 +21,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.private-shared-subnet.example.com masterPublicName: api.private-shared-subnet.example.com networkCIDR: 172.20.0.0/16 networkID: vpc-12345678 networking: - weave: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/privatecalico/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/privatecalico/cloudformation.json.extracted.yaml index a4f264a725..d3b44e447a 100644 --- a/tests/integration/update_cluster/privatecalico/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/privatecalico/cloudformation.json.extracted.yaml @@ -142,6 +142,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -154,12 +156,14 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -179,7 +183,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatecalico.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -203,7 +208,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope clusterCIDR: 100.96.0.0/11 clusterName: privatecalico.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.18.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -212,15 +217,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -236,6 +242,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -261,13 +268,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet - - bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet - - 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecalico.example.com @@ -276,6 +283,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivatecalicoexamplecom.Prope InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -465,6 +473,8 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -478,10 +488,11 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -506,13 +517,13 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet - - bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet - - 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecalico.example.com @@ -521,6 +532,7 @@ Resources.AWSEC2LaunchTemplatenodesprivatecalicoexamplecom.Properties.LaunchTemp InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 diff --git a/tests/integration/update_cluster/privatecalico/data/aws_launch_template_master-us-test-1a.masters.privatecalico.example.com_user_data b/tests/integration/update_cluster/privatecalico/data/aws_launch_template_master-us-test-1a.masters.privatecalico.example.com_user_data index 188b0854f9..4b79be48b2 100644 --- a/tests/integration/update_cluster/privatecalico/data/aws_launch_template_master-us-test-1a.masters.privatecalico.example.com_user_data +++ b/tests/integration/update_cluster/privatecalico/data/aws_launch_template_master-us-test-1a.masters.privatecalico.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -152,12 +154,14 @@ docker: encryptionConfig: null etcdClusters: events: - version: 3.4.3 + version: 3.4.13 main: - version: 3.4.3 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,7 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.18.0 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatecalico.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatecalico.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.18.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,15 +215,16 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.18.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -234,6 +240,7 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -259,13 +266,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet - - bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet - - 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecalico.example.com @@ -274,6 +281,7 @@ InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 diff --git a/tests/integration/update_cluster/privatecalico/data/aws_launch_template_nodes.privatecalico.example.com_user_data b/tests/integration/update_cluster/privatecalico/data/aws_launch_template_nodes.privatecalico.example.com_user_data index 8b17c8ba36..65d7201e75 100644 --- a/tests/integration/update_cluster/privatecalico/data/aws_launch_template_nodes.privatecalico.example.com_user_data +++ b/tests/integration/update_cluster/privatecalico/data/aws_launch_template_nodes.privatecalico.example.com_user_data @@ -140,6 +140,8 @@ containerd: disabled_plugins = ["cri"] logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -153,10 +155,11 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.18.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 @@ -181,13 +184,13 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - 3a90e7abf9910aebf9ef5845918c665afd4136a8832604ccfabca2defb35ce0f@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubelet - - bb16739fcad964c197752200ff89d89aad7b118cb1de5725dc53fe924c40e3f7@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - db91a26f8baa2bce017172305e717e77be5cfc4272592be8cb0155e1cfa7719e@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubelet - - 0de307f90502cd58e5785cdcbebeb552df81fa2399190f8a662afea9e30bc74d@https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecalico.example.com @@ -196,6 +199,7 @@ InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 diff --git a/tests/integration/update_cluster/privatecalico/in-v1alpha2.yaml b/tests/integration/update_cluster/privatecalico/in-v1alpha2.yaml index 40abfc4295..fb6e298ee9 100644 --- a/tests/integration/update_cluster/privatecalico/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatecalico/in-v1alpha2.yaml @@ -21,13 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.18.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatecalico.example.com masterPublicName: api.privatecalico.example.com networkCIDR: 172.20.0.0/16 networking: - calico: - majorVersion: v3 + calico: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/privatecanal/data/aws_launch_template_master-us-test-1a.masters.privatecanal.example.com_user_data b/tests/integration/update_cluster/privatecanal/data/aws_launch_template_master-us-test-1a.masters.privatecanal.example.com_user_data index 544b3dfb98..1f600c783d 100644 --- a/tests/integration/update_cluster/privatecanal/data/aws_launch_template_master-us-test-1a.masters.privatecanal.example.com_user_data +++ b/tests/integration/update_cluster/privatecanal/data/aws_launch_template_master-us-test-1a.masters.privatecanal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatecanal.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatecanal.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecanal.example.com ConfigBase: memfs://clusters.example.com/privatecanal.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privatecanal/data/aws_launch_template_nodes.privatecanal.example.com_user_data b/tests/integration/update_cluster/privatecanal/data/aws_launch_template_nodes.privatecanal.example.com_user_data index b0fcd7753d..d0b57733db 100644 --- a/tests/integration/update_cluster/privatecanal/data/aws_launch_template_nodes.privatecanal.example.com_user_data +++ b/tests/integration/update_cluster/privatecanal/data/aws_launch_template_nodes.privatecanal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecanal.example.com ConfigBase: memfs://clusters.example.com/privatecanal.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatecanal/in-v1alpha2.yaml b/tests/integration/update_cluster/privatecanal/in-v1alpha2.yaml index c5e010bf8f..ec9aab7037 100644 --- a/tests/integration/update_cluster/privatecanal/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatecanal/in-v1alpha2.yaml @@ -21,7 +21,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatecanal.example.com masterPublicName: api.privatecanal.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privatecilium/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/privatecilium/cloudformation.json.extracted.yaml index 27995e3e57..00524c7d8f 100644 --- a/tests/integration/update_cluster/privatecilium/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/privatecilium/cloudformation.json.extracted.yaml @@ -138,8 +138,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,16 +152,18 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatecilium.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -203,7 +208,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope clusterCIDR: 100.96.0.0/11 clusterName: privatecilium.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -212,23 +217,22 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -238,14 +242,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -265,29 +268,28 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecilium.example.com ConfigBase: memfs://clusters.example.com/privatecilium.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -320,6 +322,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumexamplecom.Prope - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -464,8 +469,12 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumexamplecom.Properties.LaunchTemp cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -474,23 +483,22 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumexamplecom.Properties.LaunchTemp - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -509,29 +517,28 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumexamplecom.Properties.LaunchTemp cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecilium.example.com ConfigBase: memfs://clusters.example.com/privatecilium.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatecilium/data/aws_launch_template_master-us-test-1a.masters.privatecilium.example.com_user_data b/tests/integration/update_cluster/privatecilium/data/aws_launch_template_master-us-test-1a.masters.privatecilium.example.com_user_data index d96c13f3ca..e63180f1c6 100644 --- a/tests/integration/update_cluster/privatecilium/data/aws_launch_template_master-us-test-1a.masters.privatecilium.example.com_user_data +++ b/tests/integration/update_cluster/privatecilium/data/aws_launch_template_master-us-test-1a.masters.privatecilium.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatecilium.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatecilium.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecilium.example.com ConfigBase: memfs://clusters.example.com/privatecilium.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privatecilium/data/aws_launch_template_nodes.privatecilium.example.com_user_data b/tests/integration/update_cluster/privatecilium/data/aws_launch_template_nodes.privatecilium.example.com_user_data index 8f25e287ce..5668234c7d 100644 --- a/tests/integration/update_cluster/privatecilium/data/aws_launch_template_nodes.privatecilium.example.com_user_data +++ b/tests/integration/update_cluster/privatecilium/data/aws_launch_template_nodes.privatecilium.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatecilium.example.com ConfigBase: memfs://clusters.example.com/privatecilium.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatecilium/in-v1alpha2.yaml b/tests/integration/update_cluster/privatecilium/in-v1alpha2.yaml index aa7a2b57c3..066e3c49bb 100644 --- a/tests/integration/update_cluster/privatecilium/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatecilium/in-v1alpha2.yaml @@ -21,7 +21,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatecilium.example.com masterPublicName: api.privatecilium.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privateciliumadvanced/cloudformation.json.extracted.yaml b/tests/integration/update_cluster/privateciliumadvanced/cloudformation.json.extracted.yaml index 4c7912206d..a4c813decc 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/cloudformation.json.extracted.yaml +++ b/tests/integration/update_cluster/privateciliumadvanced/cloudformation.json.extracted.yaml @@ -138,8 +138,12 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -148,18 +152,20 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: cilium: - version: 3.3.10 + version: 3.4.13 events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -179,9 +185,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -196,6 +200,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privateciliumadvanced.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -205,7 +210,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec clusterCIDR: 100.96.0.0/11 clusterName: privateciliumadvanced.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -215,23 +220,22 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec cpuRequest: 100m enabled: false hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -241,14 +245,13 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -268,29 +271,28 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateciliumadvanced.example.com ConfigBase: memfs://clusters.example.com/privateciliumadvanced.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -324,6 +326,9 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersprivateciliumadvancedexamplec - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz + staticManifests: + - key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV @@ -468,8 +473,12 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumadvancedexamplecom.Properties.La cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -478,24 +487,23 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumadvancedexamplecom.Properties.La - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m enabled: false hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -514,29 +522,28 @@ Resources.AWSEC2LaunchTemplatenodesprivateciliumadvancedexamplecom.Properties.La cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateciliumadvanced.example.com ConfigBase: memfs://clusters.example.com/privateciliumadvanced.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_master-us-test-1a.masters.privateciliumadvanced.example.com_user_data b/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_master-us-test-1a.masters.privateciliumadvanced.example.com_user_data index 45b3eb4e18..1d8a3e8ae5 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_master-us-test-1a.masters.privateciliumadvanced.example.com_user_data +++ b/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_master-us-test-1a.masters.privateciliumadvanced.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,18 +150,20 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: cilium: - version: 3.3.10 + version: 3.4.13 events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -177,9 +183,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -194,6 +198,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privateciliumadvanced.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -203,7 +208,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privateciliumadvanced.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -213,23 +218,22 @@ kubeProxy: cpuRequest: 100m enabled: false hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -239,14 +243,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -266,29 +269,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateciliumadvanced.example.com ConfigBase: memfs://clusters.example.com/privateciliumadvanced.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -322,6 +324,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_nodes.privateciliumadvanced.example.com_user_data b/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_nodes.privateciliumadvanced.example.com_user_data index 1d640dc571..5d9c09a30d 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_nodes.privateciliumadvanced.example.com_user_data +++ b/tests/integration/update_cluster/privateciliumadvanced/data/aws_launch_template_nodes.privateciliumadvanced.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,24 +150,23 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m enabled: false hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -182,29 +185,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateciliumadvanced.example.com ConfigBase: memfs://clusters.example.com/privateciliumadvanced.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privateciliumadvanced/in-v1alpha2.yaml b/tests/integration/update_cluster/privateciliumadvanced/in-v1alpha2.yaml index 1534d73c24..1294ab1878 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privateciliumadvanced/in-v1alpha2.yaml @@ -27,7 +27,7 @@ spec: anonymousAuth: false kubeProxy: enabled: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privateciliumadvanced.example.com masterPublicName: api.privateciliumadvanced.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privatedns1/data/aws_launch_template_master-us-test-1a.masters.privatedns1.example.com_user_data b/tests/integration/update_cluster/privatedns1/data/aws_launch_template_master-us-test-1a.masters.privatedns1.example.com_user_data index d5fb5465ef..8d90dd157e 100644 --- a/tests/integration/update_cluster/privatedns1/data/aws_launch_template_master-us-test-1a.masters.privatedns1.example.com_user_data +++ b/tests/integration/update_cluster/privatedns1/data/aws_launch_template_master-us-test-1a.masters.privatedns1.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatedns1.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatedns1.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatedns1.example.com ConfigBase: memfs://clusters.example.com/privatedns1.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privatedns1/data/aws_launch_template_nodes.privatedns1.example.com_user_data b/tests/integration/update_cluster/privatedns1/data/aws_launch_template_nodes.privatedns1.example.com_user_data index b55d58f3ad..0afa0ef070 100644 --- a/tests/integration/update_cluster/privatedns1/data/aws_launch_template_nodes.privatedns1.example.com_user_data +++ b/tests/integration/update_cluster/privatedns1/data/aws_launch_template_nodes.privatedns1.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatedns1.example.com ConfigBase: memfs://clusters.example.com/privatedns1.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatedns1/in-v1alpha2.yaml b/tests/integration/update_cluster/privatedns1/in-v1alpha2.yaml index d81661fa8e..d29c9ba1fe 100644 --- a/tests/integration/update_cluster/privatedns1/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatedns1/in-v1alpha2.yaml @@ -25,7 +25,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatedns1.example.com masterPublicName: api.privatedns1.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privatedns2/data/aws_launch_template_master-us-test-1a.masters.privatedns2.example.com_user_data b/tests/integration/update_cluster/privatedns2/data/aws_launch_template_master-us-test-1a.masters.privatedns2.example.com_user_data index b47799cbfc..d23140be74 100644 --- a/tests/integration/update_cluster/privatedns2/data/aws_launch_template_master-us-test-1a.masters.privatedns2.example.com_user_data +++ b/tests/integration/update_cluster/privatedns2/data/aws_launch_template_master-us-test-1a.masters.privatedns2.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatedns2.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatedns2.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatedns2.example.com ConfigBase: memfs://clusters.example.com/privatedns2.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privatedns2/data/aws_launch_template_nodes.privatedns2.example.com_user_data b/tests/integration/update_cluster/privatedns2/data/aws_launch_template_nodes.privatedns2.example.com_user_data index bcdd2f87b5..e7d9c57255 100644 --- a/tests/integration/update_cluster/privatedns2/data/aws_launch_template_nodes.privatedns2.example.com_user_data +++ b/tests/integration/update_cluster/privatedns2/data/aws_launch_template_nodes.privatedns2.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatedns2.example.com ConfigBase: memfs://clusters.example.com/privatedns2.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatedns2/in-v1alpha2.yaml b/tests/integration/update_cluster/privatedns2/in-v1alpha2.yaml index 0d130a85de..5909377f2c 100644 --- a/tests/integration/update_cluster/privatedns2/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatedns2/in-v1alpha2.yaml @@ -22,13 +22,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatedns2.example.com masterPublicName: api.privatedns2.example.com networkCIDR: 172.20.0.0/16 networkID: vpc-12345678 networking: - weave: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/privateflannel/data/aws_launch_template_master-us-test-1a.masters.privateflannel.example.com_user_data b/tests/integration/update_cluster/privateflannel/data/aws_launch_template_master-us-test-1a.masters.privateflannel.example.com_user_data index 7f7c478317..40e4ea899a 100644 --- a/tests/integration/update_cluster/privateflannel/data/aws_launch_template_master-us-test-1a.masters.privateflannel.example.com_user_data +++ b/tests/integration/update_cluster/privateflannel/data/aws_launch_template_master-us-test-1a.masters.privateflannel.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privateflannel.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privateflannel.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateflannel.example.com ConfigBase: memfs://clusters.example.com/privateflannel.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privateflannel/data/aws_launch_template_nodes.privateflannel.example.com_user_data b/tests/integration/update_cluster/privateflannel/data/aws_launch_template_nodes.privateflannel.example.com_user_data index c996f0c1a0..c46ce35c7b 100644 --- a/tests/integration/update_cluster/privateflannel/data/aws_launch_template_nodes.privateflannel.example.com_user_data +++ b/tests/integration/update_cluster/privateflannel/data/aws_launch_template_nodes.privateflannel.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateflannel.example.com ConfigBase: memfs://clusters.example.com/privateflannel.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privateflannel/in-v1alpha2.yaml b/tests/integration/update_cluster/privateflannel/in-v1alpha2.yaml index 3dc13e5302..0aa4d61a02 100644 --- a/tests/integration/update_cluster/privateflannel/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privateflannel/in-v1alpha2.yaml @@ -21,7 +21,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privateflannel.example.com masterPublicName: api.privateflannel.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_master-us-test-1a.masters.privatekopeio.example.com_user_data b/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_master-us-test-1a.masters.privatekopeio.example.com_user_data index 92f23c9ff4..6433ffad69 100644 --- a/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_master-us-test-1a.masters.privatekopeio.example.com_user_data +++ b/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_master-us-test-1a.masters.privatekopeio.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privatekopeio.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privatekopeio.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatekopeio.example.com ConfigBase: memfs://clusters.example.com/privatekopeio.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_nodes.privatekopeio.example.com_user_data b/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_nodes.privatekopeio.example.com_user_data index 2eb83c0132..217752b11d 100644 --- a/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_nodes.privatekopeio.example.com_user_data +++ b/tests/integration/update_cluster/privatekopeio/data/aws_launch_template_nodes.privatekopeio.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privatekopeio.example.com ConfigBase: memfs://clusters.example.com/privatekopeio.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privatekopeio/in-v1alpha2.yaml b/tests/integration/update_cluster/privatekopeio/in-v1alpha2.yaml index c5b121087f..a7af7f0211 100644 --- a/tests/integration/update_cluster/privatekopeio/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privatekopeio/in-v1alpha2.yaml @@ -21,7 +21,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privatekopeio.example.com masterPublicName: api.privatekopeio.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/privateweave/data/aws_launch_template_master-us-test-1a.masters.privateweave.example.com_user_data b/tests/integration/update_cluster/privateweave/data/aws_launch_template_master-us-test-1a.masters.privateweave.example.com_user_data index a8cf015303..015d88376b 100644 --- a/tests/integration/update_cluster/privateweave/data/aws_launch_template_master-us-test-1a.masters.privateweave.example.com_user_data +++ b/tests/integration/update_cluster/privateweave/data/aws_launch_template_master-us-test-1a.masters.privateweave.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.privateweave.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: privateweave.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateweave.example.com ConfigBase: memfs://clusters.example.com/privateweave.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/privateweave/data/aws_launch_template_nodes.privateweave.example.com_user_data b/tests/integration/update_cluster/privateweave/data/aws_launch_template_nodes.privateweave.example.com_user_data index 3fd0954abd..292f90d27b 100644 --- a/tests/integration/update_cluster/privateweave/data/aws_launch_template_nodes.privateweave.example.com_user_data +++ b/tests/integration/update_cluster/privateweave/data/aws_launch_template_nodes.privateweave.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: privateweave.example.com ConfigBase: memfs://clusters.example.com/privateweave.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/privateweave/in-v1alpha2.yaml b/tests/integration/update_cluster/privateweave/in-v1alpha2.yaml index 9b2ec7ce35..23266e12aa 100644 --- a/tests/integration/update_cluster/privateweave/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/privateweave/in-v1alpha2.yaml @@ -21,7 +21,7 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.privateweave.example.com masterPublicName: api.privateweave.example.com networkCIDR: 172.20.0.0/16 diff --git a/tests/integration/update_cluster/public-jwks/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data b/tests/integration/update_cluster/public-jwks/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data index 2f6c54eb94..8952775237 100644 --- a/tests/integration/update_cluster/public-jwks/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data +++ b/tests/integration/update_cluster/public-jwks/data/aws_launch_template_master-us-test-1a.masters.minimal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,13 +150,13 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: true @@ -179,9 +183,7 @@ kubeAPIServer: - /events#http://127.0.0.1:4002 featureGates: ServiceAccountIssuerDiscovery: "true" - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -206,8 +208,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -216,46 +218,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -271,34 +269,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -327,6 +323,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/public-jwks/data/aws_launch_template_nodes.minimal.example.com_user_data b/tests/integration/update_cluster/public-jwks/data/aws_launch_template_nodes.minimal.example.com_user_data index c31260dc42..0ce27e1d36 100644 --- a/tests/integration/update_cluster/public-jwks/data/aws_launch_template_nodes.minimal.example.com_user_data +++ b/tests/integration/update_cluster/public-jwks/data/aws_launch_template_nodes.minimal.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/public-jwks/in-v1alpha2.yaml b/tests/integration/update_cluster/public-jwks/in-v1alpha2.yaml index 02fcc27152..3a53b802ba 100644 --- a/tests/integration/update_cluster/public-jwks/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/public-jwks/in-v1alpha2.yaml @@ -21,12 +21,12 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.minimal.example.com masterPublicName: api.minimal.example.com networkCIDR: 172.20.0.0/16 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_master-us-test-1a.masters.sharedsubnet.example.com_user_data b/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_master-us-test-1a.masters.sharedsubnet.example.com_user_data index 7fdc2ceffb..e0d8e07779 100644 --- a/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_master-us-test-1a.masters.sharedsubnet.example.com_user_data +++ b/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_master-us-test-1a.masters.sharedsubnet.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.sharedsubnet.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: sharedsubnet.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: sharedsubnet.example.com ConfigBase: memfs://clusters.example.com/sharedsubnet.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_nodes.sharedsubnet.example.com_user_data b/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_nodes.sharedsubnet.example.com_user_data index 319d6d3369..8003ef2857 100644 --- a/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_nodes.sharedsubnet.example.com_user_data +++ b/tests/integration/update_cluster/shared_subnet/data/aws_launch_template_nodes.sharedsubnet.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: sharedsubnet.example.com ConfigBase: memfs://clusters.example.com/sharedsubnet.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/shared_subnet/in-v1alpha2.yaml b/tests/integration/update_cluster/shared_subnet/in-v1alpha2.yaml index 6ea917f9a9..b297f51b48 100644 --- a/tests/integration/update_cluster/shared_subnet/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/shared_subnet/in-v1alpha2.yaml @@ -21,13 +21,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.sharedsubnet.example.com masterPublicName: api.sharedsubnet.example.com networkCIDR: 172.20.0.0/16 networkID: vpc-12345678 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_master-us-test-1a.masters.sharedvpc.example.com_user_data b/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_master-us-test-1a.masters.sharedvpc.example.com_user_data index 3115d50d41..4171c84844 100644 --- a/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_master-us-test-1a.masters.sharedvpc.example.com_user_data +++ b/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_master-us-test-1a.masters.sharedvpc.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.sharedvpc.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -200,8 +205,8 @@ kubeControllerManager: cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: sharedvpc.example.com - configureCloudRoutes: true - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + configureCloudRoutes: false + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,46 +215,42 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -265,34 +266,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: sharedvpc.example.com ConfigBase: memfs://clusters.example.com/sharedvpc.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: master node-role.kubernetes.io/control-plane: "" @@ -321,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_nodes.sharedvpc.example.com_user_data b/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_nodes.sharedvpc.example.com_user_data index c936510f5e..d31b17873f 100644 --- a/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_nodes.sharedvpc.example.com_user_data +++ b/tests/integration/update_cluster/shared_vpc/data/aws_launch_template_nodes.sharedvpc.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,28 +150,26 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: k8s.gcr.io/pause:3.2 podManifestPath: /etc/kubernetes/manifests @@ -182,34 +184,32 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: sharedvpc.example.com ConfigBase: memfs://clusters.example.com/sharedvpc.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 - networkPluginMTU: 9001 - networkPluginName: kubenet + networkPluginName: cni nodeLabels: kubernetes.io/role: node node-role.kubernetes.io/node: "" diff --git a/tests/integration/update_cluster/shared_vpc/in-v1alpha2.yaml b/tests/integration/update_cluster/shared_vpc/in-v1alpha2.yaml index 4ebf3b426d..1971b52806 100644 --- a/tests/integration/update_cluster/shared_vpc/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/shared_vpc/in-v1alpha2.yaml @@ -21,13 +21,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.sharedvpc.example.com masterPublicName: api.sharedvpc.example.com networkCIDR: 172.20.0.0/16 networkID: vpc-12345678 networking: - kubenet: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0 diff --git a/tests/integration/update_cluster/unmanaged/data/aws_launch_template_master-us-test-1a.masters.unmanaged.example.com_user_data b/tests/integration/update_cluster/unmanaged/data/aws_launch_template_master-us-test-1a.masters.unmanaged.example.com_user_data index c25649c704..58932dbac7 100644 --- a/tests/integration/update_cluster/unmanaged/data/aws_launch_template_master-us-test-1a.masters.unmanaged.example.com_user_data +++ b/tests/integration/update_cluster/unmanaged/data/aws_launch_template_master-us-test-1a.masters.unmanaged.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,16 +150,18 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 encryptionConfig: null etcdClusters: events: - version: 3.3.10 + version: 3.4.13 main: - version: 3.3.10 + version: 3.4.13 kubeAPIServer: allowPrivileged: true anonymousAuth: false + apiAudiences: + - kubernetes.svc.default apiServerCount: 1 authorizationMode: AlwaysAllow bindAddress: 0.0.0.0 @@ -175,9 +181,7 @@ kubeAPIServer: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 - image: k8s.gcr.io/kube-apiserver:v1.14.0 - insecureBindAddress: 127.0.0.1 - insecurePort: 8080 + image: k8s.gcr.io/kube-apiserver:v1.20.0 kubeletPreferredAddressTypes: - InternalIP - Hostname @@ -192,6 +196,7 @@ kubeAPIServer: requestheaderUsernameHeaders: - X-Remote-User securePort: 443 + serviceAccountIssuer: https://api.unmanaged.example.com serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd3 kubeControllerManager: @@ -201,7 +206,7 @@ kubeControllerManager: clusterCIDR: 100.96.0.0/11 clusterName: unmanaged.example.com configureCloudRoutes: false - image: k8s.gcr.io/kube-controller-manager:v1.14.0 + image: k8s.gcr.io/kube-controller-manager:v1.20.0 leaderElection: leaderElect: true logLevel: 2 @@ -210,23 +215,22 @@ kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubeScheduler: - image: k8s.gcr.io/kube-scheduler:v1.14.0 + image: k8s.gcr.io/kube-scheduler:v1.20.0 leaderElection: leaderElect: true logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -236,14 +240,13 @@ kubelet: podManifestPath: /etc/kubernetes/manifests masterKubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -263,29 +266,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: unmanaged.example.com ConfigBase: memfs://clusters.example.com/unmanaged.example.com InstanceGroupName: master-us-test-1a InstanceGroupRole: Master KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -318,6 +320,9 @@ protokubeImage: - https://artifacts.k8s.io/binaries/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz - https://github.com/kubernetes/kops/releases/download/v1.19.0-alpha.3/images-protokube-arm64.tar.gz - https://kubeupv2.s3.amazonaws.com/kops/1.19.0-alpha.3/images/protokube-arm64.tar.gz +staticManifests: +- key: kube-apiserver-healthcheck + path: manifests/static/kube-apiserver-healthcheck.yaml __EOF_KUBE_ENV diff --git a/tests/integration/update_cluster/unmanaged/data/aws_launch_template_nodes.unmanaged.example.com_user_data b/tests/integration/update_cluster/unmanaged/data/aws_launch_template_nodes.unmanaged.example.com_user_data index 43a7ab7631..461493e26a 100644 --- a/tests/integration/update_cluster/unmanaged/data/aws_launch_template_nodes.unmanaged.example.com_user_data +++ b/tests/integration/update_cluster/unmanaged/data/aws_launch_template_nodes.unmanaged.example.com_user_data @@ -136,8 +136,12 @@ cat > conf/cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null containerRuntime: docker containerd: - skipInstall: true + configOverride: | + disabled_plugins = ["cri"] + logLevel: info docker: + execOpt: + - native.cgroupdriver=systemd ipMasq: false ipTables: false logDriver: json-file @@ -146,23 +150,22 @@ docker: - max-size=10m - max-file=5 storage: overlay2,overlay,aufs - version: 18.06.3 + version: 19.03.14 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m hostnameOverride: '@aws' - image: k8s.gcr.io/kube-proxy:v1.14.0 + image: k8s.gcr.io/kube-proxy:v1.20.0 logLevel: 2 kubelet: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 @@ -181,29 +184,28 @@ __EOF_IG_SPEC cat > conf/kube_env.yaml << '__EOF_KUBE_ENV' Assets: amd64: - - c3b736fd0f003765c12d99f2c995a8369e6241f4@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubelet - - 7e3a3ea663153f900cbd52900a39c91fa9f334be@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl - - 3ca15c0a18ee830520cf3a95408be826cbd255a1535a38e0be9608b25ad8bf64@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.7.5.tgz - - 346f9394393ee8db5f8bd1e229ee9d90e5b36931bdd754308b2ae68884dd6822@https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz + - ff2422571c4c1e9696e367f5f25466b96fb6e501f28aed29f414b1524a52dea0@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubelet + - a5895007f331f08d2e082eb12458764949559f30bcc5beae26c38f3e2724262c@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/amd64/kubectl + - 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz + - 9f1ec28e357a8f18e9561129239caf9c0807d74756e21cc63637c7fdeaafe847@https://download.docker.com/linux/static/stable/x86_64/docker-19.03.14.tgz arm64: - - df38e04576026393055ccc77c0dce73612996561@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubelet - - 01c2b6b43d36b6bfafc80a3737391c19ebfb8ad5@https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/arm64/kubectl - - 7fec91af78e9548df306f0ec43bea527c8c10cc3a9682c33e971c8522a7fcded@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-arm64-v0.7.5.tgz - - defb2ccc95c0825833216c8b9e0e15baaa51bcedb3efc1f393f5352d184dead4@https://download.docker.com/linux/static/stable/aarch64/docker-18.06.3-ce.tgz + - 47ab6c4273fc3bb0cb8ec9517271d915890c5a6b0e54b2991e7a8fbbe77b06e4@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubelet + - 25e4465870c99167e6c466623ed8f05a1d20fbcb48cab6688109389b52d87623@https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/arm64/kubectl + - ae13d7b5c05bd180ea9b5b68f44bdaa7bfb41034a2ef1d68fd8e1259797d642f@https://storage.googleapis.com/k8s-artifacts-cni/release/v0.8.7/cni-plugins-linux-arm64-v0.8.7.tgz + - 8350eaa0c0965bb8eb9d45a014f4b6728c985715f56466077dfe6feb271d9518@https://download.docker.com/linux/static/stable/aarch64/docker-19.03.14.tgz ClusterName: unmanaged.example.com ConfigBase: memfs://clusters.example.com/unmanaged.example.com InstanceGroupName: nodes InstanceGroupRole: Node KubeletConfig: anonymousAuth: false + cgroupDriver: systemd cgroupRoot: / cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% - featureGates: - ExperimentalCriticalPodAnnotation: "true" hostnameOverride: '@aws' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 diff --git a/tests/integration/update_cluster/unmanaged/in-v1alpha2.yaml b/tests/integration/update_cluster/unmanaged/in-v1alpha2.yaml index 0afbd06320..1465066bb4 100644 --- a/tests/integration/update_cluster/unmanaged/in-v1alpha2.yaml +++ b/tests/integration/update_cluster/unmanaged/in-v1alpha2.yaml @@ -21,13 +21,13 @@ spec: iam: {} kubelet: anonymousAuth: false - kubernetesVersion: v1.14.0 + kubernetesVersion: v1.20.0 masterInternalName: api.internal.unmanaged.example.com masterPublicName: api.unmanaged.example.com networkID: vpc-12345678 networkCIDR: 172.20.0.0/16 networking: - weave: {} + cni: {} nonMasqueradeCIDR: 100.64.0.0/10 sshAccess: - 0.0.0.0/0