First stab at 1.27

This commit is contained in:
Stefan Reimer 2023-10-18 21:23:43 +00:00
parent 7da16eff55
commit 1c1b18799a
12 changed files with 105 additions and 70 deletions

View File

@ -3,7 +3,7 @@ ARG ALPINE_VERSION=3.18
FROM docker.io/alpine:${ALPINE_VERSION} FROM docker.io/alpine:${ALPINE_VERSION}
ARG ALPINE_VERSION ARG ALPINE_VERSION
ARG KUBE_VERSION=1.26 ARG KUBE_VERSION=1.27
RUN cd /etc/apk/keys && \ RUN cd /etc/apk/keys && \
wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \ wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \

View File

@ -4,7 +4,7 @@
set -x set -x
#VERSION="latest" #VERSION="latest"
KUBE_VERSION="v1.26.8" KUBE_VERSION="v1.27.7"
WORKDIR=$(mktemp -p /tmp -d kubezero.XXX) WORKDIR=$(mktemp -p /tmp -d kubezero.XXX)
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

View File

@ -3,7 +3,7 @@ set -eE
set -o pipefail set -o pipefail
#VERSION="latest" #VERSION="latest"
VERSION="v1.26" VERSION="v1.27"
ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml} ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml}
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
@ -157,9 +157,6 @@ waitSystemPodsRunning
echo "Applying remaining KubeZero modules..." echo "Applying remaining KubeZero modules..."
# Delete fluent-bit DS being all weird
kubectl delete ds logging-fluent-bit -n logging || true
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd" control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd"
# Trigger backup of upgraded cluster state # Trigger backup of upgraded cluster state

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubeadm name: kubeadm
description: KubeZero Kubeadm cluster config description: KubeZero Kubeadm cluster config
type: application type: application
version: 1.26.8 version: 1.27.7
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -11,4 +11,4 @@ keywords:
maintainers: maintainers:
- name: Stefan Reimer - name: Stefan Reimer
email: stefan@zero-downtime.net email: stefan@zero-downtime.net
kubeVersion: ">= 1.26.0" kubeVersion: ">= 1.27.0"

View File

@ -33,3 +33,5 @@ kubeReserved:
# memory.available: "484Mi" # memory.available: "484Mi"
imageGCLowThresholdPercent: 70 imageGCLowThresholdPercent: 70
# kernelMemcgNotification: true # kernelMemcgNotification: true
serializeImagePulls: false
maxParallelImagePulls: 2

View File

@ -1,6 +1,6 @@
{{- /* Feature gates for all control plane components */ -}} {{- /* Feature gates for all control plane components */ -}}
{{- define "kubeadm.featuregates" }} {{- define "kubeadm.featuregates" }}
{{- $gates := list "CustomCPUCFSQuotaPeriod" }} {{- $gates := list "CustomCPUCFSQuotaPeriod" "MemoryQoS" "UserNamespacesSupport" }}
{{- if eq .return "csv" }} {{- if eq .return "csv" }}
{{- range $key := $gates }} {{- range $key := $gates }}
{{- $key }}=true, {{- $key }}=true,

View File

@ -1,17 +0,0 @@
apiVersion: kubelet.config.k8s.io/v1beta1
kind: CredentialProviderConfig
providers:
- name: amazon-ecr-credential-helper
matchImages:
- "*.dkr.ecr.*.amazonaws.com"
- "*.dkr.ecr.*.amazonaws.cn"
- "*.dkr.ecr-fips.*.amazonaws.com"
- "*.dkr.ecr.us-iso-east-1.c2s.ic.gov"
- "*.dkr.ecr.us-isob-east-1.sc2s.sgov.gov"
defaultCacheDuration: "12h"
apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1
args:
- get
#env:
# - name: AWS_PROFILE
# value: example_profile

View File

@ -85,8 +85,6 @@ metadata:
name: aws-iam-authenticator name: aws-iam-authenticator
labels: labels:
k8s-app: aws-iam-authenticator k8s-app: aws-iam-authenticator
annotations:
seccomp.security.alpha.kubernetes.io/pod: runtime/default
spec: spec:
selector: selector:
matchLabels: matchLabels:
@ -98,6 +96,10 @@ spec:
labels: labels:
k8s-app: aws-iam-authenticator k8s-app: aws-iam-authenticator
spec: spec:
securityContext:
seccompProfile:
type: RuntimeDefault
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
# use service account with access to # use service account with access to
@ -115,7 +117,7 @@ spec:
containers: containers:
- name: aws-iam-authenticator - name: aws-iam-authenticator
image: public.ecr.aws/zero-downtime/aws-iam-authenticator:v0.6.10 image: public.ecr.aws/zero-downtime/aws-iam-authenticator:v0.6.11
args: args:
- server - server
- --backend-mode=CRD,MountedFile - --backend-mode=CRD,MountedFile

View File

@ -8,7 +8,7 @@
"subdir": "jsonnet/kube-prometheus" "subdir": "jsonnet/kube-prometheus"
} }
}, },
"version": "release-0.9" "version": "main"
}, },
{ {
"source": { "source": {

View File

@ -8,8 +8,8 @@
"subdir": "grafana" "subdir": "grafana"
} }
}, },
"version": "90f38916f1f8a310a715d18e36f787f84df4ddf5", "version": "5698c8940b6dadca3f42107b7839557bc041761f",
"sum": "0kZ1pnuIirDtbg6F9at5+NQOwKNONIGEPq0eECzvRkI=" "sum": "l6fPvh3tW6fWot308w71QY/amrYsFPeitvz1IgJxqQA="
}, },
{ {
"source": { "source": {
@ -18,8 +18,18 @@
"subdir": "contrib/mixin" "subdir": "contrib/mixin"
} }
}, },
"version": "6186538c0cbd2b9c5e3139b78924addd43b066c0", "version": "262a3a1208a74e7dc0719c2c75096e934242546b",
"sum": "W/Azptf1PoqjyMwJON96UY69MFugDA4IAYiKURscryc=" "sum": "xuUBd2vqF7asyVDe5CE08uPT/RxAdy8O75EjFJoMXXU="
},
{
"source": {
"git": {
"remote": "https://github.com/grafana/grafana.git",
"subdir": "grafana-mixin"
}
},
"version": "1120f9e255760a3c104b57871fcb91801e934382",
"sum": "MkjR7zCgq6MUZgjDzop574tFKoTX2OBr7DTwm1K+Ofs="
}, },
{ {
"source": { "source": {
@ -31,6 +41,26 @@
"version": "a1d61cce1da59c71409b99b5c7568511fec661ea", "version": "a1d61cce1da59c71409b99b5c7568511fec661ea",
"sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc=" "sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc="
}, },
{
"source": {
"git": {
"remote": "https://github.com/grafana/grafonnet-lib.git",
"subdir": "grafonnet-7.0"
}
},
"version": "a1d61cce1da59c71409b99b5c7568511fec661ea",
"sum": "gCtR9s/4D5fxU9aKXg0Bru+/njZhA0YjLjPiASc61FM="
},
{
"source": {
"git": {
"remote": "https://github.com/grafana/grafonnet.git",
"subdir": "gen/grafonnet-v10.0.0"
}
},
"version": "9409bc38be3633a888509f271fb249d7657fa87f",
"sum": "gj/20VIGucG2vDGjG7YdHLC4yUUfrpuaneUYaRmymOM="
},
{ {
"source": { "source": {
"git": { "git": {
@ -38,9 +68,29 @@
"subdir": "grafana-builder" "subdir": "grafana-builder"
} }
}, },
"version": "62aec8403a5c38d5dc97ba596703753289b1c33b", "version": "d2347c7f9d22b7745a39dd521f00dbbfb9bd9944",
"sum": "xEFMv4+ObwP5L1Wu0XK5agWci4AJzNApys6iKAQxLlQ=" "sum": "xEFMv4+ObwP5L1Wu0XK5agWci4AJzNApys6iKAQxLlQ="
}, },
{
"source": {
"git": {
"remote": "https://github.com/jsonnet-libs/docsonnet.git",
"subdir": "doc-util"
}
},
"version": "fd8de9039b3c06da77d635a3a8289809a5bfb542",
"sum": "mFebrE9fhyAKW4zbnidcjVFupziN5LPA/Z7ii94uCzs="
},
{
"source": {
"git": {
"remote": "https://github.com/jsonnet-libs/xtd.git",
"subdir": ""
}
},
"version": "0256a910ac71f0f842696d7bca0bf01ea77eb654",
"sum": "zBOpb1oTNvXdq9RF6yzTHill5r1YTJLBBoqyx4JYtAg="
},
{ {
"source": { "source": {
"git": { "git": {
@ -48,18 +98,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "ba16d78ef81ca3d183472c2e3d1d7d3549e18ecb", "version": "31169fd115654ca023c03cd7b45b9c96704a87e2",
"sum": "ntQv86Jd9HR4YQlb2yzjYVCAQHMUnAaQVIdhR2QaNNg=" "sum": "KJZ5QCtsPm3NofFURHO315rd4pnKc5+trU6ihuE64P8="
},
{
"source": {
"git": {
"remote": "https://github.com/kubernetes-monitoring/kubernetes-mixin.git",
"subdir": "lib/promgrafonnet"
}
},
"version": "a10227e04218679b5e0e1d50784a4251bf3bdaf3",
"sum": "zv7hXGui6BfHzE9wPatHI/AGZa4A2WKo6pq7ZdqBsps="
}, },
{ {
"source": { "source": {
@ -68,8 +108,8 @@
"subdir": "jsonnet/kube-state-metrics" "subdir": "jsonnet/kube-state-metrics"
} }
}, },
"version": "f170cc73f11c1580d7f38af746be0f2fa79c6a1e", "version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20",
"sum": "S5qI+PJUdNeYOv76jH5nxwYS9N6U7CRxvyuB1wI4cTE=" "sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g="
}, },
{ {
"source": { "source": {
@ -78,8 +118,8 @@
"subdir": "jsonnet/kube-state-metrics-mixin" "subdir": "jsonnet/kube-state-metrics-mixin"
} }
}, },
"version": "f170cc73f11c1580d7f38af746be0f2fa79c6a1e", "version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20",
"sum": "u8gaydJoxEjzizQ8jY8xSjYgWooPmxw+wIWdDxifMAk=" "sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
}, },
{ {
"source": { "source": {
@ -88,8 +128,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "87b902c85429eedce78033049de9280f39e81372", "version": "60914307fa8fd0249e22c1d1c17a5bb854eaf7bd",
"sum": "TyL/PPFwpRRzAOwYVlvgBsSHS6/+Z6TgRGFe8beJcpE=" "sum": "2qFibfAMWJ+1XhjmKxR5QA/+Ff4hHw2pFwDkyB4aWJA="
}, },
{ {
"source": { "source": {
@ -98,8 +138,8 @@
"subdir": "jsonnet/kube-prometheus" "subdir": "jsonnet/kube-prometheus"
} }
}, },
"version": "408f3863905f0f9ba1679592fd65a4d7793e7021", "version": "ec217b8cb643d95309e09636ff65eb31ce05b073",
"sum": "pupXEvlRbhLdEO9b8LfFZB66+Z7fEqvRZ9m3MyEvsv4=" "sum": "XtoFUJuXsse3V2V2rXUl6nl6DWeAMwDh3u18akyEz6I="
}, },
{ {
"source": { "source": {
@ -108,8 +148,8 @@
"subdir": "jsonnet/mixin" "subdir": "jsonnet/mixin"
} }
}, },
"version": "83fe36566f4e0894eb5ffcd2638a0f039a17bdeb", "version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd",
"sum": "6reUygVmQrLEWQzTKcH8ceDbvM+2ztK3z2VBR2K2l+U=", "sum": "n3flMIzlADeyygb0uipZ4KPp2uNSjdtkrwgHjTC7Ca4=",
"name": "prometheus-operator-mixin" "name": "prometheus-operator-mixin"
}, },
{ {
@ -119,8 +159,8 @@
"subdir": "jsonnet/prometheus-operator" "subdir": "jsonnet/prometheus-operator"
} }
}, },
"version": "83fe36566f4e0894eb5ffcd2638a0f039a17bdeb", "version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd",
"sum": "J1G++A8hrtr3+OZQMmcNeb1w/C30bXqqwpwHL/Xhsd4=" "sum": "gl4yvv+WLjt+CaTW4/urKAMx8fs9I4K8PgZ4PyOMD58="
}, },
{ {
"source": { "source": {
@ -129,8 +169,8 @@
"subdir": "doc/alertmanager-mixin" "subdir": "doc/alertmanager-mixin"
} }
}, },
"version": "b408b522bc653d014e53035e59fa394cc1edd762", "version": "412f06255a1c09b16eed91d22edbc6464c606008",
"sum": "pep+dHzfIjh2SU5pEkwilMCAT/NoL6YYflV4x8cr7vU=", "sum": "1d7ZKYArJKacAWXLUz0bRC1uOkozee/PPw97/W5zGhc=",
"name": "alertmanager" "name": "alertmanager"
}, },
{ {
@ -140,8 +180,8 @@
"subdir": "docs/node-mixin" "subdir": "docs/node-mixin"
} }
}, },
"version": "832909dd257eb368cf83363ffcae3ab84cb4bcb1", "version": "86ed8cdc6b1ba328e7ac4a9b1680129e9ab3d309",
"sum": "MmxGhE2PJ1a52mk2x7vDpMT2at4Jglbud/rK74CB5i0=" "sum": "By6n6U10hYDogUsyhsaKZehbhzxBZZobJloiKyKadgM="
}, },
{ {
"source": { "source": {
@ -150,10 +190,21 @@
"subdir": "documentation/prometheus-mixin" "subdir": "documentation/prometheus-mixin"
} }
}, },
"version": "751ca03faddc9c64089c41d0da370a3a0b477742", "version": "ef8e6ae78040613fdc1ceb25f22b76f87dd2c80a",
"sum": "AS8WYFi/z10BZSF6DFkKBscjB32XDMM7iIso7CO/FyI=", "sum": "8OngT76gVXOUROOOeP9yTe6E/dn+2D2J34Dn690QCG0=",
"name": "prometheus" "name": "prometheus"
}, },
{
"source": {
"git": {
"remote": "https://github.com/pyrra-dev/pyrra.git",
"subdir": "config/crd/bases"
}
},
"version": "551856d42dff02ec38c5b0ea6a2d99c4cb127e82",
"sum": "bY/Pcrrbynguq8/HaI88cQ3B2hLv/xc+76QILY7IL+g=",
"name": "pyrra"
},
{ {
"source": { "source": {
"git": { "git": {
@ -161,8 +212,8 @@
"subdir": "mixin" "subdir": "mixin"
} }
}, },
"version": "ff363498fc95cfe17de894d7237bcf38bdd0bc36", "version": "2b982d5c4114a8eae1cf1b9df1682c407b1931b1",
"sum": "cajthvLKDjYgYHCKQU2g/pTMRkxcbuJEvTnCyJOihl8=", "sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=",
"name": "thanos-mixin" "name": "thanos-mixin"
} }
], ],

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero name: kubezero
description: KubeZero - Root App of Apps chart description: KubeZero - Root App of Apps chart
type: application type: application
version: 1.26.8 version: 1.27.7
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -15,4 +15,4 @@ dependencies:
- name: kubezero-lib - name: kubezero-lib
version: ">= 0.1.6" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts repository: https://cdn.zero-downtime.net/charts
kubeVersion: ">= 1.26.0" kubeVersion: ">= 1.27.0"

View File

@ -10,7 +10,7 @@ global:
addons: addons:
enabled: true enabled: true
targetRevision: 0.8.1 targetRevision: 0.8.2
external-dns: external-dns:
enabled: false enabled: false
forseti: forseti: