feat: switch kube-proxy to ipvs
This commit is contained in:
parent
86c8170655
commit
4abbf3d55a
@ -2,4 +2,4 @@ apiVersion: kubeproxy.config.k8s.io/v1alpha1
|
||||
kind: KubeProxyConfiguration
|
||||
# kube-proxy doesnt really support setting dynamic bind-address via config, replaced by cilium long-term anyways
|
||||
metricsBindAddress: "0.0.0.0:10249"
|
||||
mode: ""
|
||||
mode: "ipvs"
|
||||
|
@ -11,7 +11,7 @@ hairpinMode: hairpin-veth
|
||||
resolvConf: /run/systemd/resolve/resolv.conf
|
||||
{{- end }}
|
||||
protectKernelDefaults: {{ .Values.protectKernelDefaults }}
|
||||
eventRecordQPS: 0
|
||||
#eventRecordQPS: 0
|
||||
# Breaks kubelet at boot time
|
||||
# tlsCertFile: /var/lib/kubelet/pki/kubelet.crt
|
||||
# tlsPrivateKeyFile: /var/lib/kubelet/pki/kubelet.key
|
||||
|
@ -10,6 +10,8 @@ fi
|
||||
export WORKDIR=/tmp/kubezero
|
||||
export HOSTFS=/host
|
||||
export VERSION=v1.21
|
||||
export NETWORK_VERSION=0.1.7
|
||||
export ADDONS_VERSION=0.4.1
|
||||
|
||||
export KUBECONFIG="${HOSTFS}/root/.kube/config"
|
||||
|
||||
@ -145,13 +147,13 @@ if [ "$1" == 'upgrade' ]; then
|
||||
|
||||
# network
|
||||
yq eval '.network // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
|
||||
helm template kubezero/kubezero-network --version 0.1.3 --include-crds --namespace kube-system --name-template network \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
|
||||
helm template kubezero/kubezero-network --version $NETWORK_VERSION --namespace kube-system --include-crds --name-template network \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply --namespace kube-system -f - $LOG
|
||||
|
||||
# addons
|
||||
yq eval '.addons // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
|
||||
helm template kubezero/kubezero-addons --version 0.2.4 --include-crds --namespace kube-system --name-template addons \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
|
||||
helm template kubezero/kubezero-addons --version $ADDONS_VERSION --namespace kube-system --include-crds --name-template addons \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply --namespace kube-system -f - $LOG
|
||||
|
||||
######################
|
||||
|
||||
@ -179,6 +181,9 @@ elif [[ "$1" == 'node-upgrade' ]]; then
|
||||
echo "Migrating kubezero.yaml"
|
||||
yq -i eval '.api.etcdServers = .api.allEtcdEndpoints | .network.multus.enabled = "true"' ${HOSTFS}/etc/kubernetes/kubezero.yaml
|
||||
|
||||
# remove old aws-node-termination-handler config, first new controller will do the right thing
|
||||
yq -i eval 'del(.addons.aws-node-termination-handler)' ${HOSTFS}/etc/kubernetes/kubezero.yaml
|
||||
|
||||
# AWS
|
||||
if [ -f ${HOSTFS}/etc/cloudbender/clusterBackup.passphrase ]; then
|
||||
if [ -f ${HOSTFS}/usr/local/sbin/backup_control_plane.sh ]; then
|
||||
@ -288,13 +293,13 @@ elif [[ "$1" =~ "^(bootstrap|recover|join)$" ]]; then
|
||||
|
||||
# network
|
||||
yq eval '.network // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
|
||||
helm template kubezero/kubezero-network --version 0.1.3 --include-crds --namespace kube-system --name-template network \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
|
||||
helm template kubezero/kubezero-network --version $NETWORK_VERSION --namespace kube-system --include-crds --name-template network \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply --namespace kube-system -f - $LOG
|
||||
|
||||
# addons
|
||||
yq eval '.addons // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
|
||||
helm template kubezero/kubezero-addons --version 0.2.4 --include-crds --namespace kube-system --name-template addons \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
|
||||
helm template kubezero/kubezero-addons --version $ADDONS_VERSION --namespace kube-system --include-crds --name-template addons \
|
||||
-f _values.yaml --kube-version $KUBE_VERSION | kubectl apply --namespace kube-system -f - $LOG
|
||||
fi
|
||||
|
||||
post_kubeadm
|
||||
|
@ -1,9 +0,0 @@
|
||||
ARG SHELL_OPERATOR_VERSION
|
||||
|
||||
FROM flant/shell-operator:v${SHELL_OPERATOR_VERSION}
|
||||
|
||||
RUN apk upgrade -U -a && \
|
||||
apk --no-cache add \
|
||||
aws-cli
|
||||
|
||||
ADD hooks /hooks
|
@ -1,23 +0,0 @@
|
||||
SHELL_OPERATOR_VERSION ?= 1.0.6
|
||||
REGISTRY := public.ecr.aws/zero-downtime
|
||||
REPOSITORY := kubezero-controller
|
||||
TAG := $(REPOSITORY):v$(SHELL_OPERATOR_VERSION)-aws
|
||||
|
||||
.PHONY: build push clean scan
|
||||
|
||||
all: build push
|
||||
|
||||
build:
|
||||
podman build --rm --squash-all --build-arg SHELL_OPERATOR_VERSION=$(SHELL_OPERATOR_VERSION) -t $(TAG) .
|
||||
|
||||
push:
|
||||
aws ecr-public get-login-password --region us-east-1 | podman login --username AWS --password-stdin $(REGISTRY)
|
||||
podman tag $(TAG) $(REGISTRY)/$(TAG)
|
||||
podman push $(REGISTRY)/$(TAG)
|
||||
|
||||
clean:
|
||||
podman image prune -f
|
||||
|
||||
scan:
|
||||
podman system service&
|
||||
sleep 5; trivy $(TAG)
|
Loading…
Reference in New Issue
Block a user