diff --git a/charts/karpenter-crd/templates/karpenter.k8s.aws_ec2nodeclasses.yaml b/charts/karpenter-crd/templates/karpenter.k8s.aws_ec2nodeclasses.yaml index 4c39a3ce7146..9cd8875f0ce1 100644 --- a/charts/karpenter-crd/templates/karpenter.k8s.aws_ec2nodeclasses.yaml +++ b/charts/karpenter-crd/templates/karpenter.k8s.aws_ec2nodeclasses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ec2nodeclasses.karpenter.k8s.aws spec: group: karpenter.k8s.aws @@ -162,24 +162,18 @@ spec: gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. - The following are the supported values for each volume type: - * gp3: 3,000-16,000 IOPS - * io1: 100-64,000 IOPS - * io2: 100-64,000 IOPS - For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). Other instance families guarantee performance up to 32,000 IOPS. - This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes. format: int64 @@ -202,16 +196,12 @@ spec: a volume size. The following are the supported volumes sizes for each volume type: - * gp2 and gp3: 1-16,384 - * io1 and io2: 4-16,384 - * st1 and sc1: 125-16,384 - * standard: 1-1,024 pattern: ^((?:[1-9][0-9]{0,3}|[1-4][0-9]{4}|[5][0-8][0-9]{3}|59000)Gi|(?:[1-9][0-9]{0,3}|[1-5][0-9]{4}|[6][0-3][0-9]{3}|64000)G|([1-9]||[1-5][0-7]|58)Ti|([1-9]||[1-5][0-9]|6[0-3]|64)T)$ type: string @@ -238,6 +228,9 @@ spec: RootVolume is a flag indicating if this device is mounted as kubelet root dir. You can configure at most one root volume in BlockDeviceMappings. type: boolean + required: + - deviceName + - ebs type: object maxItems: 50 type: array @@ -390,14 +383,12 @@ spec: description: |- MetadataOptions for the generated launch template of provisioned nodes. - This specifies the exposure of the Instance Metadata Service to provisioned EC2 nodes. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the Amazon Elastic Compute Cloud User Guide. - Refer to recommended, security best practices (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node) for limiting exposure of Instance Metadata and User Data to pods. @@ -412,7 +403,6 @@ spec: nodes. If metadata options is non-nil, but this parameter is not specified, the default state is "enabled". - If you specify a value of "disabled", instance metadata will not be accessible on the node. enum: @@ -448,14 +438,12 @@ spec: requests. If metadata options is non-nil, but this parameter is not specified, the default state is "required". - If the state is optional, one can choose to retrieve instance metadata with or without a signed token header on the request. If one retrieves the IAM role credentials without a token, the version 1.0 role credentials are returned. If one retrieves the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned. - If the state is "required", one must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version @@ -691,12 +679,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -862,24 +845,18 @@ spec: gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. - The following are the supported values for each volume type: - * gp3: 3,000-16,000 IOPS - * io1: 100-64,000 IOPS - * io2: 100-64,000 IOPS - For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). Other instance families guarantee performance up to 32,000 IOPS. - This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes. format: int64 @@ -908,16 +885,12 @@ spec: a volume size. The following are the supported volumes sizes for each volume type: - * gp2 and gp3: 1-16,384 - * io1 and io2: 4-16,384 - * st1 and sc1: 125-16,384 - * standard: 1-1,024 x-kubernetes-int-or-string: true volumeType: @@ -943,6 +916,9 @@ spec: RootVolume is a flag indicating if this device is mounted as kubelet root dir. You can configure at most one root volume in BlockDeviceMappings. type: boolean + required: + - deviceName + - ebs type: object maxItems: 50 type: array @@ -981,14 +957,12 @@ spec: description: |- MetadataOptions for the generated launch template of provisioned nodes. - This specifies the exposure of the Instance Metadata Service to provisioned EC2 nodes. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the Amazon Elastic Compute Cloud User Guide. - Refer to recommended, security best practices (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node) for limiting exposure of Instance Metadata and User Data to pods. @@ -1003,7 +977,6 @@ spec: nodes. If metadata options is non-nil, but this parameter is not specified, the default state is "enabled". - If you specify a value of "disabled", instance metadata will not be accessible on the node. enum: @@ -1039,14 +1012,12 @@ spec: requests. If metadata options is non-nil, but this parameter is not specified, the default state is "required". - If the state is optional, one can choose to retrieve instance metadata with or without a signed token header on the request. If one retrieves the IAM role credentials without a token, the version 1.0 role credentials are returned. If one retrieves the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned. - If the state is "required", one must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version diff --git a/charts/karpenter-crd/templates/karpenter.sh_nodeclaims.yaml b/charts/karpenter-crd/templates/karpenter.sh_nodeclaims.yaml index 043efa130321..30e69b7b05b0 100644 --- a/charts/karpenter-crd/templates/karpenter.sh_nodeclaims.yaml +++ b/charts/karpenter-crd/templates/karpenter.sh_nodeclaims.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.16.3 name: nodeclaims.karpenter.sh spec: group: karpenter.sh diff --git a/charts/karpenter-crd/templates/karpenter.sh_nodepools.yaml b/charts/karpenter-crd/templates/karpenter.sh_nodepools.yaml index 68904dcad64d..4c0da732df93 100644 --- a/charts/karpenter-crd/templates/karpenter.sh_nodepools.yaml +++ b/charts/karpenter-crd/templates/karpenter.sh_nodepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.16.3 name: nodepools.karpenter.sh spec: group: karpenter.sh @@ -71,6 +71,8 @@ spec: from a combination of nodepool and pod scheduling constraints. properties: disruption: + default: + consolidateAfter: 0s description: Disruption contains the parameters that relate to Karpenter's disruption logic properties: budgets: diff --git a/go.mod b/go.mod index 9a8d37e12653..132865fd8418 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,7 @@ require ( k8s.io/utils v0.0.0-20240102154912-e7106e64919e knative.dev/pkg v0.0.0-20231010144348-ca8c009405dd sigs.k8s.io/controller-runtime v0.18.4 - sigs.k8s.io/karpenter v0.36.5 + sigs.k8s.io/karpenter v0.36.6-0.20240917214243-bdba3842cb5f sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 7f2f8dcd7f07..6d74ef0cfb9b 100644 --- a/go.sum +++ b/go.sum @@ -761,8 +761,8 @@ sigs.k8s.io/controller-runtime v0.18.4 h1:87+guW1zhvuPLh1PHybKdYFLU0YJp4FhJRmiHv sigs.k8s.io/controller-runtime v0.18.4/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/karpenter v0.36.5 h1:e1KvcVQdw4KmV9OBOlXzt4OBLvqntehUPfRRkv2G0/w= -sigs.k8s.io/karpenter v0.36.5/go.mod h1:vZfbuD5UQJfNdaNwiUVgCUJ/yYOVjYbKosr8b971CAM= +sigs.k8s.io/karpenter v0.36.6-0.20240917214243-bdba3842cb5f h1:9xr/4TZWXkV5E7Cf0wetY1M7cZUWzjgvvR9KdPII1GM= +sigs.k8s.io/karpenter v0.36.6-0.20240917214243-bdba3842cb5f/go.mod h1:vZfbuD5UQJfNdaNwiUVgCUJ/yYOVjYbKosr8b971CAM= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/pkg/apis/crds/karpenter.k8s.aws_ec2nodeclasses.yaml b/pkg/apis/crds/karpenter.k8s.aws_ec2nodeclasses.yaml index ca2d33ad8a41..19ff2dbcc842 100644 --- a/pkg/apis/crds/karpenter.k8s.aws_ec2nodeclasses.yaml +++ b/pkg/apis/crds/karpenter.k8s.aws_ec2nodeclasses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ec2nodeclasses.karpenter.k8s.aws spec: group: karpenter.k8s.aws @@ -162,24 +162,18 @@ spec: gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. - The following are the supported values for each volume type: - * gp3: 3,000-16,000 IOPS - * io1: 100-64,000 IOPS - * io2: 100-64,000 IOPS - For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). Other instance families guarantee performance up to 32,000 IOPS. - This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes. format: int64 @@ -202,16 +196,12 @@ spec: a volume size. The following are the supported volumes sizes for each volume type: - * gp2 and gp3: 1-16,384 - * io1 and io2: 4-16,384 - * st1 and sc1: 125-16,384 - * standard: 1-1,024 pattern: ^((?:[1-9][0-9]{0,3}|[1-4][0-9]{4}|[5][0-8][0-9]{3}|59000)Gi|(?:[1-9][0-9]{0,3}|[1-5][0-9]{4}|[6][0-3][0-9]{3}|64000)G|([1-9]||[1-5][0-7]|58)Ti|([1-9]||[1-5][0-9]|6[0-3]|64)T)$ type: string @@ -238,6 +228,9 @@ spec: RootVolume is a flag indicating if this device is mounted as kubelet root dir. You can configure at most one root volume in BlockDeviceMappings. type: boolean + required: + - deviceName + - ebs type: object maxItems: 50 type: array @@ -390,14 +383,12 @@ spec: description: |- MetadataOptions for the generated launch template of provisioned nodes. - This specifies the exposure of the Instance Metadata Service to provisioned EC2 nodes. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the Amazon Elastic Compute Cloud User Guide. - Refer to recommended, security best practices (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node) for limiting exposure of Instance Metadata and User Data to pods. @@ -412,7 +403,6 @@ spec: nodes. If metadata options is non-nil, but this parameter is not specified, the default state is "enabled". - If you specify a value of "disabled", instance metadata will not be accessible on the node. enum: @@ -448,14 +438,12 @@ spec: requests. If metadata options is non-nil, but this parameter is not specified, the default state is "required". - If the state is optional, one can choose to retrieve instance metadata with or without a signed token header on the request. If one retrieves the IAM role credentials without a token, the version 1.0 role credentials are returned. If one retrieves the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned. - If the state is "required", one must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version @@ -691,12 +679,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -862,24 +845,18 @@ spec: gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. - The following are the supported values for each volume type: - * gp3: 3,000-16,000 IOPS - * io1: 100-64,000 IOPS - * io2: 100-64,000 IOPS - For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). Other instance families guarantee performance up to 32,000 IOPS. - This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes. format: int64 @@ -908,16 +885,12 @@ spec: a volume size. The following are the supported volumes sizes for each volume type: - * gp2 and gp3: 1-16,384 - * io1 and io2: 4-16,384 - * st1 and sc1: 125-16,384 - * standard: 1-1,024 x-kubernetes-int-or-string: true volumeType: @@ -943,6 +916,9 @@ spec: RootVolume is a flag indicating if this device is mounted as kubelet root dir. You can configure at most one root volume in BlockDeviceMappings. type: boolean + required: + - deviceName + - ebs type: object maxItems: 50 type: array @@ -981,14 +957,12 @@ spec: description: |- MetadataOptions for the generated launch template of provisioned nodes. - This specifies the exposure of the Instance Metadata Service to provisioned EC2 nodes. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the Amazon Elastic Compute Cloud User Guide. - Refer to recommended, security best practices (https://aws.github.io/aws-eks-best-practices/security/docs/iam/#restrict-access-to-the-instance-profile-assigned-to-the-worker-node) for limiting exposure of Instance Metadata and User Data to pods. @@ -1003,7 +977,6 @@ spec: nodes. If metadata options is non-nil, but this parameter is not specified, the default state is "enabled". - If you specify a value of "disabled", instance metadata will not be accessible on the node. enum: @@ -1039,14 +1012,12 @@ spec: requests. If metadata options is non-nil, but this parameter is not specified, the default state is "required". - If the state is optional, one can choose to retrieve instance metadata with or without a signed token header on the request. If one retrieves the IAM role credentials without a token, the version 1.0 role credentials are returned. If one retrieves the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned. - If the state is "required", one must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version diff --git a/pkg/apis/crds/karpenter.sh_nodeclaims.yaml b/pkg/apis/crds/karpenter.sh_nodeclaims.yaml index 241bc4ea90cd..a3e1b90944d9 100644 --- a/pkg/apis/crds/karpenter.sh_nodeclaims.yaml +++ b/pkg/apis/crds/karpenter.sh_nodeclaims.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.16.3 name: nodeclaims.karpenter.sh spec: group: karpenter.sh diff --git a/pkg/apis/crds/karpenter.sh_nodepools.yaml b/pkg/apis/crds/karpenter.sh_nodepools.yaml index c847ea81043d..c7db770be6ea 100644 --- a/pkg/apis/crds/karpenter.sh_nodepools.yaml +++ b/pkg/apis/crds/karpenter.sh_nodepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.16.3 name: nodepools.karpenter.sh spec: group: karpenter.sh @@ -71,6 +71,8 @@ spec: from a combination of nodepool and pod scheduling constraints. properties: disruption: + default: + consolidateAfter: 0s description: Disruption contains the parameters that relate to Karpenter's disruption logic properties: budgets: