Starting from Docker 18.09.0, the Docker distribution has been split in
3 packages: the Docker daemon, the Docker CLI, and for containerd. This
adds a twist to how to upgrade Docker from the base image as the daemon
and CLI packages must be installed at the same time, otherwise dpkg/rpm
will refuse to upgrade (the new CLI is incompatible with the old package
and the daemon can't be installed without first installing the CLI and
the new containerd, so the upgrade MUST happen in a single transaction).
This code change thus adds the possibility to specify additional packages
to install in the same dpkg/yum transaction, such as the Docker CLI and
containerd in nodeup, and the ability to apply the multi-package upgrade
atomically with dpkg/rpm.
We also use this new mechanism for the SELinux policy on RHEL/CentOS.
Docker 17.x with rhel-family fails to detect overlay2 correctly, and
need us to pass overlay2.override_kernel_check=true for docker to
correctly detect overlay2 support.
Ubuntu 18.04 doesn't have a package for docker 17.03, but we can still
support it by using the tar.gz package.
This could be a nice fallback for other operating systems in future,
and it might prove to be more reliable than the OS packages.
But start with supporting ubuntu 18.04 with older docker versions!
Kubernetes doesn't officially support bionic.
Docker has only released 18.03.1 for Bionic.
Kubernetes also doesn't officially support 18.03.1
Use at your own risk.
Only clear the flag if there is a docker config file, so that we can
continue to set the storage flag on older COS images. We could be
smarter about checking if the storage driver is actually set in the
docker config, but for now we just start by logging it.
We also have to stop passing the flag on ContainerOS, because it's set
in /etc/docker/default.json and it's now an error to pass the flag.
That in turn means we move those options to code, which are the last of
those legacy config options. (We still have a few tasks declaratively
defined though)
The current implementation does not permit us to set the default ulimit on docker daemon (currently a requirement for our logstash). This PR add the DefaultUlimit option to the DockerConfig
Previously the configuration has been written after docker has been started and
was actually only applied after a reboot.
Manually reload system and restart docker to ensure the configuration has been
applied.
While the installation of docker should be skipped, docker should still be
configured to allow overriding the docker config using kops.
Fixes https://github.com/kubernetes/kops/issues/3057
* Detect CoreOS
* Move key manifests to code, to tolerate read-only mounts
* Misc refactorings so more code can be shared
* Change lots of ints to int32s in the models
* Run nodeup as a oneshot systemd service, rather than relying on
cloud-init behaviour which varies across distros
So the flow is that we recommend (or strongly recommend) a new kops
version when one is required for a new version, and then the new kops
version will recommend (or strongly recommend) a new k8s version.
We don't have a notion of multiple recommended k8s versions per kops
version - that is what channels are for.
Users are always free to disregard updates, even "required" ones by
setting a flag.
Benoit Sigoure
Kubernetes Prow Robot
Justin SB
mikesplain
JuanJo Ciarlante
Naresh Kumar Amrutham
Bruno
Ryan Bonham
Justin Santa Barbara
Cryptophobia
andrewsykim
Louis Munro
Kubernetes Submit Queue
wannabesrevenge
Blake
Divya Vavili
Mikael Knutsson
Kashif Saadat
Rodrigo Menezes
Rohith
Johannes Würbach