From fdf58f1ff6401605c85098a6148048ba0ab7ce55 Mon Sep 17 00:00:00 2001 From: Ciprian Hacman Date: Sat, 28 Sep 2024 11:29:30 +0300 Subject: [PATCH] hack/update-expected.sh --- ...nimal.example.com-addons-bootstrap_content | 2 +- ...ing.amazon-vpc-routed-eni-k8s-1.16_content | 58 ++++++++++++++++--- ...nimal.example.com-addons-bootstrap_content | 2 +- ...ing.amazon-vpc-routed-eni-k8s-1.16_content | 58 ++++++++++++++++--- ...nimal.example.com-addons-bootstrap_content | 2 +- ...ing.amazon-vpc-routed-eni-k8s-1.16_content | 58 ++++++++++++++++--- ...nimal.example.com-addons-bootstrap_content | 2 +- ...ing.amazon-vpc-routed-eni-k8s-1.16_content | 52 +++++++++++++++-- ...ddons.example.com-addons-bootstrap_content | 2 +- ...ing.amazon-vpc-routed-eni-k8s-1.16_content | 58 ++++++++++++++++--- .../amazonvpc-containerd/manifest.yaml | 2 +- ...orking.amazon-vpc-routed-eni-k8s-1.16.yaml | 58 ++++++++++++++++--- .../amazonvpc/manifest.yaml | 2 +- ...orking.amazon-vpc-routed-eni-k8s-1.16.yaml | 58 ++++++++++++++++--- 14 files changed, 354 insertions(+), 60 deletions(-) diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 94f2136c56f16..289bdb57aed81 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -178,7 +178,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: 516820e30ab3bc0817c018c36ffd1841d5e6c53b553a0ddd8ae98d7d3779c0fc + manifestHash: a60a3c1fc05a99c395f58df484510bc606cddb3b7131f71da76d2ca85c882384 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content index e66a6852df707..0d7453d2eb75a 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,10 +532,16 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -514,7 +554,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: minimal.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -561,6 +601,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -570,7 +611,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -596,7 +637,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -631,6 +672,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index a3ffc2ad40dbb..12ba2700170fb 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -185,7 +185,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: 516820e30ab3bc0817c018c36ffd1841d5e6c53b553a0ddd8ae98d7d3779c0fc + manifestHash: a60a3c1fc05a99c395f58df484510bc606cddb3b7131f71da76d2ca85c882384 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content index e66a6852df707..0d7453d2eb75a 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,10 +532,16 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -514,7 +554,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: minimal.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -561,6 +601,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -570,7 +611,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -596,7 +637,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -631,6 +672,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index d4b8a2ff5d390..5d24b867a752a 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -186,7 +186,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: 516820e30ab3bc0817c018c36ffd1841d5e6c53b553a0ddd8ae98d7d3779c0fc + manifestHash: a60a3c1fc05a99c395f58df484510bc606cddb3b7131f71da76d2ca85c882384 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content index e66a6852df707..0d7453d2eb75a 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,10 +532,16 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -514,7 +554,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: minimal.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -561,6 +601,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -570,7 +611,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -596,7 +637,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -631,6 +672,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 01f7db9f8c81d..50105f737e876 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -178,7 +178,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: 84642ad9b609d8e6ce59cbd1bd599e9410416c1619f4734112e1b338c4c4b469 + manifestHash: ee77d3d72012e12d7a6de39684564a252fcae05edc4ad0cdc5b81fdf43b5424b name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content index 8a0a7e3a6d868..f3715a231be19 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,10 +532,16 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -561,6 +601,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -631,6 +672,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content index bd1e52cc03f74..b240bea1da441 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content @@ -227,7 +227,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: 99cef59107f3517f28f5cb83b19066b9eac3a09491ba63628867298ce229cb10 + manifestHash: ee9b99f490ec4f3bca1d8dc4bb14de9549621eddeb647a33655fcdebd18ff363 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content index 360be084ebfe8..a1d3ad2811691 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-networking.amazon-vpc-routed-eni-k8s-1.16_content @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,10 +532,16 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -514,7 +554,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: many-addons.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -561,6 +601,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -570,7 +611,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -596,7 +637,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -631,6 +672,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/manifest.yaml index 9a5277d0dba14..483350d562687 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/manifest.yaml @@ -99,7 +99,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: b7529091597956c7c6cd180a395ab5e53280ce112711f7c80f56fa2d626909ee + manifestHash: 3eb56f832b8994963d7cadfba8cb580838945c943b3d7852fab2720fca9e27e8 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/networking.amazon-vpc-routed-eni-k8s-1.16.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/networking.amazon-vpc-routed-eni-k8s-1.16.yaml index 46bcfdaef2c4d..f735186745074 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/networking.amazon-vpc-routed-eni-k8s-1.16.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc-containerd/networking.amazon-vpc-routed-eni-k8s-1.16.yaml @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,12 +532,18 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_IP_TARGET value: "10" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -516,7 +556,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: minimal.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -563,6 +603,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -572,7 +613,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -598,7 +639,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -633,6 +674,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml index 9a5277d0dba14..483350d562687 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml @@ -99,7 +99,7 @@ spec: version: 9.99.0 - id: k8s-1.16 manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml - manifestHash: b7529091597956c7c6cd180a395ab5e53280ce112711f7c80f56fa2d626909ee + manifestHash: 3eb56f832b8994963d7cadfba8cb580838945c943b3d7852fab2720fca9e27e8 name: networking.amazon-vpc-routed-eni needsRollingUpdate: all selector: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/networking.amazon-vpc-routed-eni-k8s-1.16.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/networking.amazon-vpc-routed-eni-k8s-1.16.yaml index 46bcfdaef2c4d..f735186745074 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/networking.amazon-vpc-routed-eni-k8s-1.16.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/networking.amazon-vpc-routed-eni-k8s-1.16.yaml @@ -19,6 +19,40 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object type: object x-kubernetes-preserve-unknown-fields: true served: true @@ -275,7 +309,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -300,7 +334,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: amazon-vpc-cni @@ -317,7 +351,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -398,7 +432,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -422,7 +456,7 @@ metadata: app.kubernetes.io/instance: aws-vpc-cni app.kubernetes.io/managed-by: kops app.kubernetes.io/name: aws-node - app.kubernetes.io/version: v1.18.1 + app.kubernetes.io/version: v1.18.5 k8s-app: aws-node role.kubernetes.io/networking: "1" name: aws-node @@ -498,12 +532,18 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: ENABLE_SUBNET_DISCOVERY + value: "true" + - name: NETWORK_POLICY_ENFORCING_MODE + value: standard - name: WARM_ENI_TARGET value: "1" - name: WARM_IP_TARGET value: "10" - name: WARM_PREFIX_TARGET value: "1" + - name: VPC_CNI_VERSION + value: v1.18.5 - name: MY_NODE_NAME valueFrom: fieldRef: @@ -516,7 +556,7 @@ spec: fieldPath: metadata.name - name: CLUSTER_NAME value: minimal.example.com - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.5 livenessProbe: exec: command: @@ -563,6 +603,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -572,7 +613,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.3 name: aws-eks-nodeagent resources: requests: @@ -598,7 +639,7 @@ spec: value: "false" - name: ENABLE_IPv6 value: "false" - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.5 name: aws-vpc-cni-init resources: requests: @@ -633,6 +674,7 @@ spec: name: run-dir - hostPath: path: /run/xtables.lock + type: FileOrCreate name: xtables-lock updateStrategy: rollingUpdate: