From 010942c8ea455e0565389f405fda7225ac612175 Mon Sep 17 00:00:00 2001 From: asincu Date: Fri, 17 May 2019 09:29:47 -0700 Subject: [PATCH] Upgrade Calico to 3.7.2 --- .../k8s-1.12.yaml.template | 110 +++++++++++++++++- .../k8s-1.7-v3.yaml.template | 8 +- .../pkg/fi/cloudup/bootstrapchannelbuilder.go | 4 +- 3 files changed, 113 insertions(+), 9 deletions(-) diff --git a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template index 2f529dcb1c17a..ee4f732694e03 100644 --- a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template +++ b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template @@ -18,6 +18,65 @@ spec: singular: felixconfiguration --- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ipamblocks.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: IPAMBlock + plural: ipamblocks + singular: ipamblock + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: blockaffinities.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: BlockAffinity + plural: blockaffinities + singular: blockaffinity + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ipamhandles.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: IPAMHandle + plural: ipamhandles + singular: ipamhandle + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ipamconfigs.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: IPAMConfig + plural: ipamconfigs + singular: ipamconfig + +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -151,7 +210,20 @@ spec: kind: NetworkPolicy plural: networkpolicies singular: networkpolicy +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: networksets.crd.projectcalico.org +spec: + scope: Namespaced + group: crd.projectcalico.org + version: v1 + names: + kind: NetworkSet + plural: networksets + singular: networkset --- # This ConfigMap is used to configure a self-hosted Calico installation. @@ -283,9 +355,11 @@ rules: - globalbgpconfigs - bgpconfigurations - ippools + - ipamblocks - globalnetworkpolicies - globalnetworksets - networkpolicies + - networksets - clusterinformations - hostendpoints verbs: @@ -318,6 +392,36 @@ rules: verbs: - create - update + # These permissions are required for Calico CNI to perform IPAM allocations. + - apiGroups: ["crd.projectcalico.org"] + resources: + - blockaffinities + - ipamblocks + - ipamhandles + verbs: + - get + - list + - create + - update + - delete + - apiGroups: ["crd.projectcalico.org"] + resources: + - ipamconfigs + verbs: + - get + # Block affinities must also be watchable by confd for route aggregation. + - apiGroups: ["crd.projectcalico.org"] + resources: + - blockaffinities + verbs: + - watch + # The Calico IPAM migration needs to get daemonsets. These permissions can be + # removed if not upgrading from an installation using host-local IPAM. + - apiGroups: ["apps"] + resources: + - daemonsets + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -364,7 +468,7 @@ spec: spec: containers: - name: calico-kube-controllers - image: quay.io/calico/kube-controllers:v3.4.0 + image: quay.io/calico/kube-controllers:v3.7.2 initContainers: - name: migrate image: calico/upgrade:v1.0.5 @@ -416,7 +520,7 @@ spec: # This container installs the Calico CNI binaries # and CNI network config file on each node. - name: install-cni - image: quay.io/calico/cni:v3.4.0 + image: quay.io/calico/cni:v3.7.2 command: ["/install-cni.sh"] env: # Name of the CNI config file to create. @@ -452,7 +556,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: quay.io/calico/node:v3.4.0 + image: quay.io/calico/node:v3.7.2 env: # Use Kubernetes API as the backing datastore. - name: DATASTORE_TYPE diff --git a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template index 2b4bca3cd2e60..1d5e71b0f0f33 100644 --- a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template +++ b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template @@ -192,7 +192,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: quay.io/calico/node:v3.4.0 + image: quay.io/calico/node:v3.7.2 env: # The location of the Calico etcd cluster. - name: ETCD_ENDPOINTS @@ -301,7 +301,7 @@ spec: # This container installs the Calico CNI binaries # and CNI network config file on each node. - name: install-cni - image: quay.io/calico/cni:v3.4.0 + image: quay.io/calico/cni:v3.7.2 command: ["/install-cni.sh"] env: # Name of the CNI config file to create. @@ -439,7 +439,7 @@ spec: serviceAccountName: calico-kube-controllers containers: - name: calico-kube-controllers - image: quay.io/calico/kube-controllers:v3.4.0 + image: quay.io/calico/kube-controllers:v3.7.2 resources: requests: cpu: 10m @@ -597,7 +597,7 @@ spec: command: ['/bin/sh', '-c', '/completion-job.sh'] env: - name: EXPECTED_NODE_IMAGE - value: quay.io/calico/node:v3.4.0 + value: quay.io/calico/node:v3.7.2 # The location of the Calico etcd cluster. - name: CALICO_ETCD_ENDPOINTS valueFrom: diff --git a/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go b/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go index aaf384f96f278..13a7c6a64614b 100644 --- a/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go +++ b/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go @@ -824,8 +824,8 @@ func (b *BootstrapChannelBuilder) buildManifest() (*channelsapi.Addons, map[stri "pre-k8s-1.6": "2.4.2-kops.1", "k8s-1.6": "2.6.9-kops.1", "k8s-1.7": "2.6.12-kops.1", - "k8s-1.7-v3": "3.4.0-kops.3", - "k8s-1.12": "3.4.0-kops.4", + "k8s-1.7-v3": "3.7.2-kops.3", + "k8s-1.12": "3.7.2-kops.4", } {