kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12141 from olemarkus/cilium-bump-211 

Bump cilium to 1.10.3
This commit is contained in:
Kubernetes Prow Robot 2021-08-12 13:11:50 -07:00 committed by GitHub
parent 1dae5cda13 133eb1f7ba
commit b1e6064501
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 76 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/model/components/cilium.go
View File

@ -39,7 +39,7 @@ func (b *CiliumOptionsBuilder) BuildOptions(o interface{}) error {
}
if c.Version == "" {
c.Version = "v1.10.0"
c.Version = "v1.10.3"
}
if c.EnableEndpointHealthChecking == nil {

2
tests/integration/update_cluster/minimal-warmpool/data/aws_launch_template_nodes.minimal-warmpool.example.com_user_data
View File

@ -166,7 +166,7 @@ CloudProvider: aws
ConfigBase: memfs://clusters.example.com/minimal-warmpool.example.com
InstanceGroupName: nodes
InstanceGroupRole: Node
NodeupConfigHash: /Cv/aRkmeP1YxLc3sSyt9tEbsVyTpP/vHg6GyERbg8I=
NodeupConfigHash: YOSnpGX96KVy/pdH+luCHwXQ+Ocl2AyShQHqARSwBww=
__EOF_KUBE_ENV

2
tests/integration/update_cluster/minimal-warmpool/data/aws_s3_bucket_object_cluster-completed.spec_content
View File

@ -203,7 +203,7 @@ spec:
sidecarIstioProxyImage: cilium/istio_proxy
toFqdnsDnsRejectResponseCode: refused
tunnel: vxlan
version: v1.10.0
version: v1.10.3
nonMasqueradeCIDR: 100.64.0.0/10
podCIDR: 100.96.0.0/11
secretStore: memfs://clusters.example.com/minimal-warmpool.example.com/secrets

2
tests/integration/update_cluster/minimal-warmpool/data/aws_s3_bucket_object_minimal-warmpool.example.com-addons-bootstrap_content
View File

@ -47,7 +47,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 04fd75ba7cc8558332aa3239b430e119ea66f21d7c269afb077c6a5e17dfcf8f
manifestHash: ac127b0c7f9f41936920c0c3c2d60953ea3ad893d4d363514579a46a4360997c
name: networking.cilium.io
needsRollingUpdate: all
selector:

16
tests/integration/update_cluster/minimal-warmpool/data/aws_s3_bucket_object_minimal-warmpool.example.com-addons-networking.cilium.io-k8s-1.16_content
View File

@ -35,6 +35,7 @@ data:
bpf-nat-global-max: "524288"
bpf-neigh-global-max: "524288"
bpf-policy-map-max: "16384"
cgroup-root: /sys/fs/cgroup/unified
cluster-name: default
container-runtime: none
debug: "false"
@ -383,7 +384,7 @@ spec:
value: api.internal.minimal-warmpool.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
@ -434,7 +435,7 @@ spec:
- SYS_MODULE
privileged: true
startupProbe:
failureThreshold: 24
failureThreshold: 105
httpGet:
host: 127.0.0.1
httpHeaders:
@ -488,7 +489,7 @@ spec:
key: wait-bpf-mount
name: cilium-config
optional: true
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
name: clean-cilium-state
resources:
@ -506,6 +507,9 @@ spec:
- mountPath: /sys/fs/bpf
mountPropagation: HostToContainer
name: bpf-maps
- mountPath: /sys/fs/cgroup/unified
mountPropagation: HostToContainer
name: cilium-cgroup
- mountPath: /var/run/cilium
name: cilium-run
priorityClassName: system-node-critical
@ -528,6 +532,10 @@ spec:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
- hostPath:
path: /sys/fs/cgroup/unified
type: DirectoryOrCreate
name: cilium-cgroup
- hostPath:
path: /etc/cni/net.d
type: DirectoryOrCreate
@ -609,7 +617,7 @@ spec:
value: api.internal.minimal-warmpool.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/operator:v1.10.0
image: quay.io/cilium/operator:v1.10.3
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:

4
tests/integration/update_cluster/minimal-warmpool/data/aws_s3_bucket_object_nodeupconfig-nodes_content
View File

@ -69,5 +69,5 @@ warmPoolImages:
- k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.1.0
- k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.1.0
- k8s.gcr.io/sig-storage/livenessprobe:v2.2.0
- quay.io/cilium/cilium:v1.10.0
- quay.io/cilium/operator:v1.10.0
- quay.io/cilium/cilium:v1.10.3
- quay.io/cilium/operator:v1.10.3

2
tests/integration/update_cluster/privatecilium/data/aws_s3_bucket_object_cluster-completed.spec_content
View File

@ -196,7 +196,7 @@ spec:
sidecarIstioProxyImage: cilium/istio_proxy
toFqdnsDnsRejectResponseCode: refused
tunnel: vxlan
version: v1.10.0
version: v1.10.3
nonMasqueradeCIDR: 100.64.0.0/10
podCIDR: 100.96.0.0/11
secretStore: memfs://clusters.example.com/privatecilium.example.com/secrets

2
tests/integration/update_cluster/privatecilium/data/aws_s3_bucket_object_privatecilium.example.com-addons-bootstrap_content
View File

@ -47,7 +47,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: aac64a032ef26caf615abc009b87d039a70737428e35410d9de57b95507bf891
manifestHash: c8a1d4c8d5ad96d82aae88279990a5d74897c830551eeb14aa44beac1f5d983a
name: networking.cilium.io
needsRollingUpdate: all
selector:

16
tests/integration/update_cluster/privatecilium/data/aws_s3_bucket_object_privatecilium.example.com-addons-networking.cilium.io-k8s-1.16_content
View File

@ -35,6 +35,7 @@ data:
bpf-nat-global-max: "524288"
bpf-neigh-global-max: "524288"
bpf-policy-map-max: "16384"
cgroup-root: /sys/fs/cgroup/unified
cluster-name: default
container-runtime: none
debug: "false"
@ -383,7 +384,7 @@ spec:
value: api.internal.privatecilium.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
@ -434,7 +435,7 @@ spec:
- SYS_MODULE
privileged: true
startupProbe:
failureThreshold: 24
failureThreshold: 105
httpGet:
host: 127.0.0.1
httpHeaders:
@ -488,7 +489,7 @@ spec:
key: wait-bpf-mount
name: cilium-config
optional: true
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
name: clean-cilium-state
resources:
@ -506,6 +507,9 @@ spec:
- mountPath: /sys/fs/bpf
mountPropagation: HostToContainer
name: bpf-maps
- mountPath: /sys/fs/cgroup/unified
mountPropagation: HostToContainer
name: cilium-cgroup
- mountPath: /var/run/cilium
name: cilium-run
priorityClassName: system-node-critical
@ -528,6 +532,10 @@ spec:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
- hostPath:
path: /sys/fs/cgroup/unified
type: DirectoryOrCreate
name: cilium-cgroup
- hostPath:
path: /etc/cni/net.d
type: DirectoryOrCreate
@ -609,7 +617,7 @@ spec:
value: api.internal.privatecilium.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/operator:v1.10.0
image: quay.io/cilium/operator:v1.10.3
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:

2
tests/integration/update_cluster/privateciliumadvanced/data/aws_s3_bucket_object_cluster-completed.spec_content
View File

@ -209,7 +209,7 @@ spec:
sidecarIstioProxyImage: cilium/istio_proxy
toFqdnsDnsRejectResponseCode: refused
tunnel: disabled
version: v1.10.0
version: v1.10.3
nonMasqueradeCIDR: 100.64.0.0/10
podCIDR: 100.96.0.0/11
secretStore: memfs://clusters.example.com/privateciliumadvanced.example.com/secrets

2
tests/integration/update_cluster/privateciliumadvanced/data/aws_s3_bucket_object_privateciliumadvanced.example.com-addons-bootstrap_content
View File

@ -47,7 +47,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 5e5bd5f13fedc1a8b9edfd0f7e81d1c411452442151896cb8e8f9ef49a932b23
manifestHash: 0a788246369c559b83e9081ff293dcd241dcace0fcd695793ab7d898fdd554ca
name: networking.cilium.io
needsRollingUpdate: all
selector:

16
tests/integration/update_cluster/privateciliumadvanced/data/aws_s3_bucket_object_privateciliumadvanced.example.com-addons-networking.cilium.io-k8s-1.16_content
View File

@ -37,6 +37,7 @@ data:
bpf-nat-global-max: "524288"
bpf-neigh-global-max: "524288"
bpf-policy-map-max: "16384"
cgroup-root: /sys/fs/cgroup/unified
cluster-name: default
container-runtime: none
debug: "false"
@ -397,7 +398,7 @@ spec:
value: api.internal.privateciliumadvanced.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
@ -448,7 +449,7 @@ spec:
- SYS_MODULE
privileged: true
startupProbe:
failureThreshold: 24
failureThreshold: 105
httpGet:
host: 127.0.0.1
httpHeaders:
@ -508,7 +509,7 @@ spec:
key: wait-bpf-mount
name: cilium-config
optional: true
image: quay.io/cilium/cilium:v1.10.0
image: quay.io/cilium/cilium:v1.10.3
imagePullPolicy: IfNotPresent
name: clean-cilium-state
resources:
@ -526,6 +527,9 @@ spec:
- mountPath: /sys/fs/bpf
mountPropagation: HostToContainer
name: bpf-maps
- mountPath: /sys/fs/cgroup/unified
mountPropagation: HostToContainer
name: cilium-cgroup
- mountPath: /var/run/cilium
name: cilium-run
priorityClassName: system-node-critical
@ -548,6 +552,10 @@ spec:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
- hostPath:
path: /sys/fs/cgroup/unified
type: DirectoryOrCreate
name: cilium-cgroup
- hostPath:
path: /etc/cni/net.d
type: DirectoryOrCreate
@ -640,7 +648,7 @@ spec:
value: api.internal.privateciliumadvanced.example.com
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: quay.io/cilium/operator:v1.10.0
image: quay.io/cilium/operator:v1.10.3
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:

13
upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.12-v1.9.yaml.template
View File

@ -228,6 +228,8 @@ data:
# enable-l7-proxy enables L7 proxy for L7 policy enforcement. (default true)
enable-l7-proxy: "{{ .EnableL7Proxy }}"
cgroup-root: /sys/fs/cgroup/unified
{{ if WithDefaultBool .Hubble.Enabled false }}
# Enable Hubble gRPC service.
enable-hubble: "true"
@ -754,6 +756,10 @@ spec:
- mountPath: /sys/fs/bpf
name: bpf-maps
mountPropagation: HostToContainer
# Required to mount cgroup filesystem from the host to cilium agent pod
- mountPath: /sys/fs/cgroup/unified
name: cilium-cgroup
mountPropagation: HostToContainer
- mountPath: /var/run/cilium
name: cilium-run
resources:
@ -785,7 +791,12 @@ spec:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
# To install cilium cni configuration in the host
# To keep state between restarts / upgrades for cgroup2 filesystem
- hostPath:
path: /sys/fs/cgroup/unified
type: DirectoryOrCreate
name: cilium-cgroup
# To install cilium cni configuration in the host
- hostPath:
path: /etc/cni/net.d
type: DirectoryOrCreate

15
upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.16-v1.10.yaml.template
View File

@ -234,6 +234,8 @@ data:
# enable-l7-proxy enables L7 proxy for L7 policy enforcement. (default true)
enable-l7-proxy: "{{ .EnableL7Proxy }}"
cgroup-root: /sys/fs/cgroup/unified
{{ if WithDefaultBool .Hubble.Enabled false }}
# Enable Hubble gRPC service.
enable-hubble: "true"
@ -607,7 +609,7 @@ spec:
httpHeaders:
- name: "brief"
value: "true"
failureThreshold: 24
failureThreshold: 105
periodSeconds: 2
successThreshold:
livenessProbe:
@ -781,6 +783,10 @@ spec:
- mountPath: /sys/fs/bpf
name: bpf-maps
mountPropagation: HostToContainer
# Required to mount cgroup filesystem from the host to cilium agent pod
- mountPath: /sys/fs/cgroup/unified
name: cilium-cgroup
mountPropagation: HostToContainer
- mountPath: /var/run/cilium
name: cilium-run
resources:
@ -802,7 +808,7 @@ spec:
path: /var/run/cilium
type: DirectoryOrCreate
name: cilium-run
# To keep state between restarts / upgrades for bpf maps
# To keep state between restarts / upgrades for bpf maps
- hostPath:
path: /sys/fs/bpf
type: DirectoryOrCreate
@ -812,6 +818,11 @@ spec:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
# To keep state between restarts / upgrades for cgroup2 filesystem
- hostPath:
path: /sys/fs/cgroup/unified
type: DirectoryOrCreate
name: cilium-cgroup
# To install cilium cni configuration in the host
- hostPath:
path: /etc/cni/net.d

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml
View File

@ -53,7 +53,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 60da1ee7e51ce39ddedcf7db008205c0b466e41d1b9d6ac865d9aeabbbf0ee81
manifestHash: 61385128a1f6969a576cc0111565c3d6d054580a3ae228d901355e47112e1cc2
name: networking.cilium.io
needsRollingUpdate: all
selector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.18/manifest.yaml
View File

@ -59,7 +59,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 60da1ee7e51ce39ddedcf7db008205c0b466e41d1b9d6ac865d9aeabbbf0ee81
manifestHash: 61385128a1f6969a576cc0111565c3d6d054580a3ae228d901355e47112e1cc2
name: networking.cilium.io
needsRollingUpdate: all
selector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/manifest.yaml
View File

@ -53,7 +53,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 60da1ee7e51ce39ddedcf7db008205c0b466e41d1b9d6ac865d9aeabbbf0ee81
manifestHash: 61385128a1f6969a576cc0111565c3d6d054580a3ae228d901355e47112e1cc2
name: networking.cilium.io
needsRollingUpdate: all
selector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.18/manifest.yaml
View File

@ -65,7 +65,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 60da1ee7e51ce39ddedcf7db008205c0b466e41d1b9d6ac865d9aeabbbf0ee81
manifestHash: 61385128a1f6969a576cc0111565c3d6d054580a3ae228d901355e47112e1cc2
name: networking.cilium.io
needsRollingUpdate: all
selector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/manifest.yaml
View File

@ -59,7 +59,7 @@ spec:
k8s-addon: storage-aws.addons.k8s.io
- id: k8s-1.16
manifest: networking.cilium.io/k8s-1.16-v1.10.yaml
manifestHash: 60da1ee7e51ce39ddedcf7db008205c0b466e41d1b9d6ac865d9aeabbbf0ee81
manifestHash: 61385128a1f6969a576cc0111565c3d6d054580a3ae228d901355e47112e1cc2
name: networking.cilium.io
needsRollingUpdate: all
selector: