diff --git a/admin/migrate_argo_values.py b/admin/migrate_argo_values.py index b837dbce..35ed68d6 100755 --- a/admin/migrate_argo_values.py +++ b/admin/migrate_argo_values.py @@ -13,15 +13,27 @@ def migrate(values): values["clusterName"] = values["ClusterName"] values.pop("ClusterName") - # Create new clusterwide cloudprovider data if possible + # Remove HighAvailableControlplane try: - if values["cert-manager"]["clusterIssuer"]["solvers"][0]["dns01"]["route53"]["regions"]: + values["global"]["highAvailable"] = values["HighAvailableControlplane"] + values.pop("HighAvailableControlplane") + except KeyError: + pass + + # Create new clusterwide cloudprovider data if possible + # IamArn: arn:aws:iam:::role/..cert-manager + try: + if values["cert-manager"]["IamArn"]: + account_id = values["cert-manager"]["IamArn"].split(":")[4] + region = values["cert-manager"]["IamArn"].split(":")[5].split('.')[0].split('/')[1] if "global" not in values: values["global"] = {} if "aws" not in values["global"]: values["global"]["aws"] = {} - values["global"]["aws"]["region"] = values["cert-manager"]["clusterIssuer"]["solvers"][0]["dns01"]["route53"]["region"] + values["global"]["aws"]["region"] = region + values["global"]["aws"]["accountId"] = account_id + except KeyError: pass diff --git a/admin/upgrade_cluster.sh b/admin/upgrade_cluster.sh index b430e7d7..918894da 100755 --- a/admin/upgrade_cluster.sh +++ b/admin/upgrade_cluster.sh @@ -128,9 +128,8 @@ all_nodes_upgrade "mount --make-shared /host/sys/fs/cgroup; mount --make-shared control_plane_upgrade kubeadm_upgrade -echo "Adjust kubezero-values as needed: (eg. set cilium cluster id etc)" -echo "kubectl edit cm kubezero-values -n kube-system" -read +echo "Adjust kubezero-values as needed: (eg. set cilium cluster id etc):" +kubectl edit cm kubezero-values -n kube-system # Remove multus DS due to label changes, if this fails: # kubezero-network $ helm template . --set multus.enabled=true | kubectl apply -f - diff --git a/charts/kubezero-addons/charts/aws-node-termination-handler/templates/deployment.yaml b/charts/kubezero-addons/charts/aws-node-termination-handler/templates/deployment.yaml index 110d758d..eea2d339 100644 --- a/charts/kubezero-addons/charts/aws-node-termination-handler/templates/deployment.yaml +++ b/charts/kubezero-addons/charts/aws-node-termination-handler/templates/deployment.yaml @@ -168,9 +168,9 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} ports: - - name: liveness-probe - protocol: TCP - containerPort: {{ .Values.probes.httpGet.port }} + - name: liveness-probe + protocol: TCP + containerPort: {{ .Values.probes.httpGet.port }} {{- if .Values.enablePrometheusServer }} - name: http-metrics protocol: TCP diff --git a/charts/kubezero-addons/nth.patch b/charts/kubezero-addons/nth.patch index 65a48096..bf883b2f 100644 --- a/charts/kubezero-addons/nth.patch +++ b/charts/kubezero-addons/nth.patch @@ -1,19 +1,6 @@ diff -tuNr charts/aws-node-termination-handler.orig/templates/deployment.yaml charts/aws-node-termination-handler/templates/deployment.yaml --- charts/aws-node-termination-handler.orig/templates/deployment.yaml 2022-01-26 18:01:36.123482217 +0100 +++ charts/aws-node-termination-handler/templates/deployment.yaml 2022-01-26 18:08:21.464304621 +0100 -@@ -161,9 +161,9 @@ - {{- toYaml . | nindent 12 }} - {{- end }} - ports: -- - name: liveness-probe -- protocol: TCP -- containerPort: {{ .Values.probes.httpGet.port }} -+ - name: liveness-probe -+ protocol: TCP -+ containerPort: {{ .Values.probes.httpGet.port }} - {{- if .Values.enablePrometheusServer }} - - name: http-metrics - protocol: TCP @@ -175,13 +175,23 @@ resources: {{- toYaml . | nindent 12 }} diff --git a/charts/kubezero/README.md b/charts/kubezero/README.md index 6763f39e..4bfb0ade 100644 --- a/charts/kubezero/README.md +++ b/charts/kubezero/README.md @@ -1,6 +1,6 @@ # kubezero -![Version: 1.23.10-3](https://img.shields.io/badge/Version-1.23.10--3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 1.23.11](https://img.shields.io/badge/Version-1.23.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero - Root App of Apps chart @@ -24,8 +24,11 @@ Kubernetes: `>= 1.20.0` | Key | Type | Default | Description | |-----|------|---------|-------------| -| HighAvailableControlplane | bool | `false` | | +| addons.aws-node-termination-handler | object | `{}` | | +| addons.clusterBackup | object | `{}` | | | addons.enabled | bool | `true` | | +| addons.external-dns | object | `{}` | | +| addons.forseti | object | `{}` | | | addons.targetRevision | string | `"0.6.2"` | | | argocd.enabled | bool | `false` | | | argocd.istio.enabled | bool | `false` | | @@ -34,6 +37,8 @@ Kubernetes: `>= 1.20.0` | cert-manager.enabled | bool | `false` | | | cert-manager.namespace | string | `"cert-manager"` | | | cert-manager.targetRevision | string | `"0.9.2"` | | +| global.clusterName | string | `"zdt-trial-cluster"` | | +| global.highAvailable | bool | `false` | | | istio-ingress.chart | string | `"kubezero-istio-gateway"` | | | istio-ingress.enabled | bool | `false` | | | istio-ingress.gateway.service | object | `{}` | | @@ -58,14 +63,15 @@ Kubernetes: `>= 1.20.0` | metrics.istio.grafana | object | `{}` | | | metrics.istio.prometheus | object | `{}` | | | metrics.namespace | string | `"monitoring"` | | -| metrics.targetRevision | string | `"0.8.1"` | | +| metrics.targetRevision | string | `"0.8.5"` | | +| network.cilium.cluster | object | `{}` | | | network.enabled | bool | `true` | | | network.retain | bool | `true` | | | network.targetRevision | string | `"0.3.3"` | | | storage.aws-ebs-csi-driver.enabled | bool | `false` | | | storage.aws-efs-csi-driver.enabled | bool | `false` | | | storage.enabled | bool | `false` | | -| storage.targetRevision | string | `"0.7.0"` | | +| storage.targetRevision | string | `"0.7.1"` | | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/kubezero/templates/addons.yaml b/charts/kubezero/templates/addons.yaml index b26f91b0..2f1299e4 100644 --- a/charts/kubezero/templates/addons.yaml +++ b/charts/kubezero/templates/addons.yaml @@ -7,8 +7,8 @@ clusterBackup: {{- toYaml . | nindent 2 }} {{- end }} - # AWS {{- if .Values.global.aws }} + # AWS extraEnv: - name: AWS_DEFAULT_REGION value: {{ .Values.global.aws.region }} @@ -21,8 +21,8 @@ forseti: {{- toYaml . | nindent 2 }} {{- end }} - # AWS {{- if .Values.global.aws }} + # AWS aws: region: {{ $.Values.global.aws.region }} iamRoleArn: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.kubezeroForseti" diff --git a/charts/kubezero/templates/istio.yaml b/charts/kubezero/templates/istio.yaml index c862a3b8..39afd781 100644 --- a/charts/kubezero/templates/istio.yaml +++ b/charts/kubezero/templates/istio.yaml @@ -2,7 +2,7 @@ istiod: telemetry: enabled: {{ $.Values.metrics.enabled }} -{{- if .Values.HighAvailableControlplane }} +{{- if .Values.global.highAvailable }} pilot: replicaCount: 2 global: diff --git a/charts/kubezero/templates/network.yaml b/charts/kubezero/templates/network.yaml index 5f3c3b3c..2a258f74 100644 --- a/charts/kubezero/templates/network.yaml +++ b/charts/kubezero/templates/network.yaml @@ -15,13 +15,17 @@ cilium: enabled: true cluster: + name: {{ .Values.global.clusterName }} {{- with .Values.network.cilium.cluster.id }} id: {{ . }} + ipam: + operator: + clusterPoolIPv4PodCIDRList: + - 10.{{ . }}.0.0/16 {{- end }} - name: {{ $.Values.global.clusterName }} prometheus: - enabled: {{ $.Values.metrics.enabled }} + enabled: {{ .Values.metrics.enabled }} {{- with index .Values "network" "metallb" }} metallb: diff --git a/charts/kubezero/templates/storage.yaml b/charts/kubezero/templates/storage.yaml index fc4a9bc6..ddd79df9 100644 --- a/charts/kubezero/templates/storage.yaml +++ b/charts/kubezero/templates/storage.yaml @@ -15,7 +15,7 @@ gemini: aws-ebs-csi-driver: enabled: {{ default false (index .Values "storage" "aws-ebs-csi-driver" "enabled")}} controller: - replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }} + replicaCount: {{ ternary 2 1 .Values.global.highAvailable }} k8sTagClusterId: {{ .Values.global.clusterName }} env: - name: AWS_ROLE_ARN @@ -25,7 +25,7 @@ aws-ebs-csi-driver: - name: AWS_STS_REGIONAL_ENDPOINTS value: regional - {{- if .Values.HighAvailableControlplane }} + {{- if .Values.global.highAvailable }} affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -40,7 +40,7 @@ aws-ebs-csi-driver: aws-efs-csi-driver: enabled: {{ default false (index .Values "storage" "aws-efs-csi-driver" "enabled")}} - replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }} + replicaCount: {{ ternary 2 1 .Values.global.highAvailable }} controller: extraEnv: - name: AWS_ROLE_ARN @@ -51,7 +51,7 @@ aws-efs-csi-driver: value: regional # The EFS controller steel needs hostnetwork and cannot update on single node control planes otherwise - {{- if not .Values.HighAvailableControlplane }} + {{- if not .Values.global.highAvailable }} updateStrategy: Recreate {{- else }} affinity: diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml index d1f4854e..f00941bd 100644 --- a/charts/kubezero/values.yaml +++ b/charts/kubezero/values.yaml @@ -4,15 +4,21 @@ kubezero: defaultTargetRevision: '*' gitSync: {} -HighAvailableControlplane: false +global: + highAvailable: false + clusterName: zdt-trial-cluster addons: enabled: true targetRevision: 0.6.2 - external-dns: {} - forseti: {} - clusterBackup: {} - aws-node-termination-handler: {} + external-dns: + enabled: false + forseti: + enabled: false + clusterBackup: + enabled: false + aws-node-termination-handler: + enabled: false network: enabled: true