From 27a6b971005e122d434b96420ef269f558aa2285 Mon Sep 17 00:00:00 2001 From: Ryan Phillips Date: Tue, 3 Apr 2018 10:06:07 -0500 Subject: [PATCH] bump to 1.10.0 --- hack/jenkins/scripts/tqs-down.sh | 4 ++++ hack/jenkins/scripts/tqs-up.sh | 8 ++++++++ hack/multi-node/user-data.sample | 2 +- hack/quickstart/kubelet.master | 2 +- hack/quickstart/kubelet.worker | 2 +- hack/single-node/user-data.sample | 2 +- hack/terraform-quickstart/main.tf | 18 +++++++++--------- hack/terraform-quickstart/variables.tf | 5 +++++ hack/tests/conformance-test.sh | 2 +- pkg/asset/images.go | 2 +- pkg/asset/internal/templates.go | 4 +--- 11 files changed, 33 insertions(+), 18 deletions(-) diff --git a/hack/jenkins/scripts/tqs-down.sh b/hack/jenkins/scripts/tqs-down.sh index 20944de7e..f9bce7be0 100755 --- a/hack/jenkins/scripts/tqs-down.sh +++ b/hack/jenkins/scripts/tqs-down.sh @@ -9,6 +9,7 @@ export ADDITIONAL_MASTERS=${ADDITIONAL_MASTER:-0} export REGION="${REGION:-"us-west-2"}" export CLUSTER_NAME="${CLUSTER_NAME:-"default"}" export IDENT="${IDENT:-"${HOME}/.ssh/id_rsa"}" +export KUBERNETES_IDENT=${KUBERNETES_IDENT:-"${DIR}/.kubernetes-id"} cd "${DIR}/../../terraform-quickstart" @@ -16,6 +17,7 @@ set +x export TF_VAR_access_key_id="${ACCESS_KEY_ID}" export TF_VAR_access_key="${ACCESS_KEY_SECRET}" set -x +export TF_VAR_kubernetes_id="$(cat ${KUBERNETES_IDENT})" export TF_VAR_resource_owner="${CLUSTER_NAME}" export TF_VAR_ssh_public_key="$(cat "${IDENT}.pub")" export TF_VAR_additional_masters="${ADDITIONAL_MASTERS}" @@ -46,3 +48,5 @@ if [[ ! -z "${destroyed_extra:-}" ]]; then echo "Terraform required multiple 'destroy' runs to cleanup everything!" exit -1 fi + +rm -f ${KUBERNETES_IDENT} diff --git a/hack/jenkins/scripts/tqs-up.sh b/hack/jenkins/scripts/tqs-up.sh index a027bc921..739783d76 100755 --- a/hack/jenkins/scripts/tqs-up.sh +++ b/hack/jenkins/scripts/tqs-up.sh @@ -9,6 +9,7 @@ export ADDITIONAL_MASTERS=${ADDITIONAL_MASTER:-0} export REGION="${REGION:-"us-west-2"}" export CLUSTER_NAME="${CLUSTER_NAME:-"default"}" export IDENT="${IDENT:-"${HOME}/.ssh/id_rsa"}" +export KUBERNETES_IDENT=${KUBERNETES_IDENT:-"${DIR}/.kubernetes-id"} cd "${DIR}/../../terraform-quickstart" @@ -27,12 +28,19 @@ set +x export TF_VAR_access_key_id="${ACCESS_KEY_ID}" export TF_VAR_access_key="${ACCESS_KEY_SECRET}" set -x +# terraform defaults cannot contain terraform interpolations (uuid()) so we +# generate the ID outside of terraform. +export TF_VAR_kubernetes_id="$(cat /proc/sys/kernel/random/uuid)" export TF_VAR_resource_owner="${CLUSTER_NAME}" export TF_VAR_ssh_public_key="$(cat "${IDENT}.pub")" export TF_VAR_additional_masters="${ADDITIONAL_MASTERS}" export TF_VAR_num_workers=${NUM_WORKERS} export TF_VAR_region="${REGION}" +# write out kubernetes cluster ID so we can remove it in cleanup +rm -f ${KUBERNETES_IDENT} +echo ${TF_VAR_kubernetes_id} > ${KUBERNETES_IDENT} + # bring up compute "${TERRAFORM}" init "${TERRAFORM}" apply --auto-approve diff --git a/hack/multi-node/user-data.sample b/hack/multi-node/user-data.sample index 95fe42963..6adcabcca 100644 --- a/hack/multi-node/user-data.sample +++ b/hack/multi-node/user-data.sample @@ -9,7 +9,7 @@ coreos: [Service] EnvironmentFile=/etc/environment Environment=KUBELET_IMAGE_URL=docker://gcr.io/google_containers/hyperkube - Environment=KUBELET_IMAGE_TAG=v1.9.6 + Environment=KUBELET_IMAGE_TAG=v1.10.0 Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \ --volume var-lib-cni,kind=host,source=/var/lib/cni \ --volume var-lib-kubelet,kind=host,source=/var/lib/kubelet \ diff --git a/hack/quickstart/kubelet.master b/hack/quickstart/kubelet.master index b02943b30..068aee501 100644 --- a/hack/quickstart/kubelet.master +++ b/hack/quickstart/kubelet.master @@ -1,6 +1,6 @@ [Service] Environment=KUBELET_IMAGE_URL=docker://gcr.io/google_containers/hyperkube -Environment=KUBELET_IMAGE_TAG=v1.9.6 +Environment=KUBELET_IMAGE_TAG=v1.10.0 Environment=KUBELET_MINIMUM_CONTAINER_TTL_DURATION=3m0s Environment=KUBELET_MAXIMUM_DEAD_CONTAINERS=-1 Environment=KUBELET_MAXIMUM_DEAD_CONTAINERS_PER_CONTAINER=1 diff --git a/hack/quickstart/kubelet.worker b/hack/quickstart/kubelet.worker index 3bc27fd9f..987d230bd 100644 --- a/hack/quickstart/kubelet.worker +++ b/hack/quickstart/kubelet.worker @@ -1,6 +1,6 @@ [Service] Environment=KUBELET_IMAGE_URL=docker://gcr.io/google_containers/hyperkube -Environment=KUBELET_IMAGE_TAG=v1.9.6 +Environment=KUBELET_IMAGE_TAG=v1.10.0 Environment=KUBELET_MINIMUM_CONTAINER_TTL_DURATION=3m0s Environment=KUBELET_MAXIMUM_DEAD_CONTAINERS=-1 Environment=KUBELET_MAXIMUM_DEAD_CONTAINERS_PER_CONTAINER=1 diff --git a/hack/single-node/user-data.sample b/hack/single-node/user-data.sample index e34be2d94..e973b0017 100644 --- a/hack/single-node/user-data.sample +++ b/hack/single-node/user-data.sample @@ -9,7 +9,7 @@ coreos: [Service] EnvironmentFile=/etc/environment Environment=KUBELET_IMAGE_URL=docker://gcr.io/google_containers/hyperkube - Environment=KUBELET_IMAGE_TAG=v1.9.6 + Environment=KUBELET_IMAGE_TAG=v1.10.0 Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \ --volume var-lib-cni,kind=host,source=/var/lib/cni \ --volume var-lib-kubelet,kind=host,source=/var/lib/kubelet \ diff --git a/hack/terraform-quickstart/main.tf b/hack/terraform-quickstart/main.tf index 4c6ac4219..a32cd62f9 100644 --- a/hack/terraform-quickstart/main.tf +++ b/hack/terraform-quickstart/main.tf @@ -1,3 +1,9 @@ +locals { + default_keys = ["Name", "kubernetes.io/cluster/${var.kubernetes_id}"] + default_values = ["${var.resource_owner}", true] + default_tags = "${zipmap(local.default_keys, local.default_values)}" +} + provider "aws" { access_key = "${var.access_key_id}" secret_key = "${var.access_key}" @@ -21,9 +27,7 @@ resource "aws_instance" "bootstrap_node" { associate_public_ip_address = true depends_on = ["aws_internet_gateway.main"] - tags { - Name = "${var.resource_owner}" - } + tags = "${local.default_tags}" root_block_device { volume_type = "gp2" @@ -64,9 +68,7 @@ resource "aws_instance" "worker_node" { associate_public_ip_address = true depends_on = ["aws_internet_gateway.main"] - tags { - Name = "${var.resource_owner}" - } + tags = "${local.default_tags}" root_block_device { volume_type = "gp2" @@ -107,9 +109,7 @@ resource "aws_instance" "master_node" { associate_public_ip_address = true depends_on = ["aws_internet_gateway.main"] - tags { - Name = "${var.resource_owner}" - } + tags = "${local.default_tags}" root_block_device { volume_type = "gp2" diff --git a/hack/terraform-quickstart/variables.tf b/hack/terraform-quickstart/variables.tf index 3d6800f12..4e6a03948 100644 --- a/hack/terraform-quickstart/variables.tf +++ b/hack/terraform-quickstart/variables.tf @@ -6,6 +6,11 @@ variable "access_key" { type = "string" } +variable "kubernetes_id" { + description = "ID of the kubernetes cluster" + type = "string" +} + variable "ssh_public_key" { description = "SSH Public Key" type = "string" diff --git a/hack/tests/conformance-test.sh b/hack/tests/conformance-test.sh index 802849eaf..869660eb7 100755 --- a/hack/tests/conformance-test.sh +++ b/hack/tests/conformance-test.sh @@ -2,7 +2,7 @@ set -euo pipefail CONFORMANCE_REPO=${CONFORMANCE_REPO:-github.com/kubernetes/kubernetes} -CONFORMANCE_VERSION=${CONFORMANCE_VERSION:-v1.9.6} +CONFORMANCE_VERSION=${CONFORMANCE_VERSION:-v1.10.0} usage() { echo "USAGE:" diff --git a/pkg/asset/images.go b/pkg/asset/images.go index 200ded487..1f59c6552 100644 --- a/pkg/asset/images.go +++ b/pkg/asset/images.go @@ -7,7 +7,7 @@ var DefaultImages = ImageVersions{ FlannelCNI: "quay.io/coreos/flannel-cni:v0.3.0", Calico: "quay.io/calico/node:v3.0.3", CalicoCNI: "quay.io/calico/cni:v2.0.0", - Hyperkube: "gcr.io/google_containers/hyperkube:v1.9.6", + Hyperkube: "gcr.io/google_containers/hyperkube:v1.10.0", KubeDNS: "gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.8", KubeDNSMasq: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.8", KubeDNSSidecar: "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.8", diff --git a/pkg/asset/internal/templates.go b/pkg/asset/internal/templates.go index a52f189d0..163ae3e5e 100644 --- a/pkg/asset/internal/templates.go +++ b/pkg/asset/internal/templates.go @@ -219,12 +219,12 @@ spec: command: - /hyperkube - apiserver - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ValidatingAdmissionWebhook,ResourceQuota,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook - --advertise-address=$(POD_IP) - --allow-privileged=true - --authorization-mode=Node,RBAC - --bind-address=0.0.0.0 - --client-ca-file=/etc/kubernetes/secrets/ca.crt + - --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultTolerationSeconds,DefaultStorageClass,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota - --enable-bootstrap-token-auth=true {{- if .EtcdUseTLS }} - --etcd-cafile=/etc/kubernetes/secrets/etcd-client-ca.crt @@ -232,7 +232,6 @@ spec: - --etcd-keyfile=/etc/kubernetes/secrets/etcd-client.key {{- end }} - --etcd-servers={{ range $i, $e := .EtcdServers }}{{ if $i }},{{end}}{{ $e }}{{end}} - - --insecure-port=0 - --kubelet-client-certificate=/etc/kubernetes/secrets/apiserver.crt - --kubelet-client-key=/etc/kubernetes/secrets/apiserver.key - --secure-port={{ (index .APIServers 0).Port }} @@ -240,7 +239,6 @@ spec: - --service-cluster-ip-range={{ .ServiceCIDR }} - --cloud-provider={{ .CloudProvider }} - --storage-backend=etcd3 - - --tls-ca-file=/etc/kubernetes/secrets/ca.crt - --tls-cert-file=/etc/kubernetes/secrets/apiserver.crt - --tls-private-key-file=/etc/kubernetes/secrets/apiserver.key env: