Fix storage tests, add taint handling to CA, first docs draft
This commit is contained in:
parent
823aa70e35
commit
2cd33786ea
3
Makefile
3
Makefile
@ -3,7 +3,8 @@ IMAGE := kubezero-admin
|
||||
REGION := us-east-1
|
||||
|
||||
# Also tag as Kubernetes major version
|
||||
EXTRA_TAGS = $(shell echo $(TAG) | awk -F '.' '{ print $$1 "." $$2 }')
|
||||
MY_TAG = $(shell git describe --tags --match v*.*.* 2>/dev/null || git rev-parse --short HEAD 2>/dev/null)
|
||||
EXTRA_TAGS = $(shell echo $(MY_TAG) | awk -F '.' '{ print $$1 "." $$2 }')
|
||||
|
||||
include .ci/podman.mk
|
||||
|
||||
|
@ -209,6 +209,8 @@ cluster-autoscaler:
|
||||
extraArgs:
|
||||
scan-interval: 30s
|
||||
skip-nodes-with-local-storage: false
|
||||
balance-similar-node-groups: true
|
||||
ignore-taint: "node.cilium.io/agent-not-ready"
|
||||
|
||||
#securityContext:
|
||||
# runAsNonRoot: true
|
||||
|
@ -30,7 +30,7 @@ cilium:
|
||||
containerRuntime:
|
||||
integration: crio
|
||||
|
||||
# Until we figured out AppArmore on Alpine and Gentoo
|
||||
# remove with 1.26
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero-storage
|
||||
description: KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini
|
||||
type: application
|
||||
version: 0.8.1
|
||||
version: 0.8.2
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
@ -40,7 +40,7 @@ cert-manager:
|
||||
|
||||
storage:
|
||||
enabled: false
|
||||
targetRevision: 0.8.1
|
||||
targetRevision: 0.8.2
|
||||
aws-ebs-csi-driver:
|
||||
enabled: false
|
||||
aws-efs-csi-driver:
|
||||
|
59
docs/v1.25.md
Normal file
59
docs/v1.25.md
Normal file
@ -0,0 +1,59 @@
|
||||
# KubeZero 1.25
|
||||
|
||||
## TODO
|
||||
|
||||
## What's new - Major themes
|
||||
- AppArmor is now available and enabled on all controller and worker nodes
|
||||
- all KubeZero AMIs and containers updated to latest Alpine 3.17
|
||||
- improved worker initialization, ensure cilium is running before any other pod
|
||||
|
||||
## Version upgrades
|
||||
- cilium 1.13
|
||||
- nvidia-device-plugin
|
||||
- aws-neuron-driver
|
||||
- aws-node-termination-handler
|
||||
- aws-ebs-csi-driver
|
||||
- aws-efs-csi-driver
|
||||
- istio 1.17
|
||||
- argocd 2.6.7
|
||||
- fluent-bit 2.0.10
|
||||
- fluentd 2.6
|
||||
- all things prometheus
|
||||
|
||||
### FeatureGates
|
||||
- CustomCPUCFSQuotaPeriod
|
||||
- NodeOutOfServiceVolumeDetach
|
||||
|
||||
# Upgrade
|
||||
`(No, really, you MUST read this before you upgrade)`
|
||||
|
||||
Ensure your Kube context points to the correct cluster !
|
||||
|
||||
1. Review CFN config for controller and workers, no mandatory changes during this release though
|
||||
|
||||
2. Upgrade CFN stacks for the control plane *ONLY* !
|
||||
Updating the workers CFN stacks would trigger rolling updates right away !
|
||||
|
||||
3. Trigger cluster upgrade:
|
||||
`./admin/upgrade_cluster.sh <path to the argocd app kubezero yaml for THIS cluster>`
|
||||
|
||||
4. Review the kubezero-config and if all looks good commit the ArgoApp resouce for Kubezero via regular git
|
||||
git add / commit / push `<cluster/env/kubezero/application.yaml>`
|
||||
*DO NOT yet re-enable ArgoCD before all pre v1.24 workers have been replaced !!!*
|
||||
|
||||
5. Reboot controller(s) one by one
|
||||
Wait each time for controller to join and all pods running.
|
||||
Might take a while ...
|
||||
|
||||
6. Upgrade CFN stacks for the workers.
|
||||
This in turn will trigger automated worker updates by evicting pods and launching new workers in a rolling fashion.
|
||||
Grab a coffee and keep an eye on the cluster to be safe ...
|
||||
Depending on your cluster size it might take a while to roll over all workers!
|
||||
|
||||
7. Re-enable ArgoCD by hitting <return> on the still waiting upgrade script
|
||||
|
||||
8. Quickly head over to ArgoCD and sync the KubeZero main module as soon as possible to reduce potential back and forth in case ArgoCD has legacy state
|
||||
|
||||
|
||||
## Known issues
|
||||
So far so good.
|
Loading…
Reference in New Issue
Block a user