From afe2e4a34ce932881f5bbd20b5ef6b526d829bb3 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Fri, 14 Aug 2020 17:05:25 +0100 Subject: [PATCH] Bugfix release for Calico, README updates --- charts/kubezero-aws-ebs-csi-driver/README.md | 4 +-- charts/kubezero-aws-efs-csi-driver/README.md | 4 +-- charts/kubezero-calico/Chart.yaml | 4 +-- charts/kubezero-calico/README.md | 4 +-- charts/kubezero-calico/templates/calico.yaml | 12 +++---- .../templates/servicemonitor.yaml | 2 +- charts/kubezero-cert-manager/README.md | 4 +-- charts/kubezero-istio/README.md | 5 +-- charts/kubezero-kiam/README.md | 4 +-- .../README.md | 4 +-- charts/kubezero-logging/README.md | 32 +++++++++++++------ charts/kubezero-metrics/README.md | 3 +- charts/kubezero/README.md | 5 +-- deploy/deploy.sh | 10 +++--- deploy/templates/values.yaml | 1 - 15 files changed, 54 insertions(+), 44 deletions(-) diff --git a/charts/kubezero-aws-ebs-csi-driver/README.md b/charts/kubezero-aws-ebs-csi-driver/README.md index 0ed9f443..ea60547d 100644 --- a/charts/kubezero-aws-ebs-csi-driver/README.md +++ b/charts/kubezero-aws-ebs-csi-driver/README.md @@ -2,7 +2,7 @@ kubezero-aws-ebs-csi-driver =========================== KubeZero Umbrella Chart for aws-ebs-csi-driver -Current chart version is `0.2.0` +Current chart version is `0.3.0` Source code can be found [here](https://kubezero.com) @@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## IAM Role If you use kiam or kube2iam and restrict access on nodes running this controller please adjust: diff --git a/charts/kubezero-aws-efs-csi-driver/README.md b/charts/kubezero-aws-efs-csi-driver/README.md index 6bcab807..c506516c 100644 --- a/charts/kubezero-aws-efs-csi-driver/README.md +++ b/charts/kubezero-aws-efs-csi-driver/README.md @@ -2,7 +2,7 @@ kubezero-aws-efs-csi-driver =========================== KubeZero Umbrella Chart for aws-efs-csi-driver -Current chart version is `0.1.0` +Current chart version is `0.1.1` Source code can be found [here](https://kubezero.com) @@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## Storage Class Optionally creates the *efs-cs* storage class. diff --git a/charts/kubezero-calico/Chart.yaml b/charts/kubezero-calico/Chart.yaml index afc43846..1bd20e0b 100644 --- a/charts/kubezero-calico/Chart.yaml +++ b/charts/kubezero-calico/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubezero-calico description: KubeZero Umbrella Chart for Calico type: application -version: 0.1.8 -appVersion: 3.15 +version: 0.1.9 +appVersion: 3.15.1 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero-calico/README.md b/charts/kubezero-calico/README.md index 9d495c8e..3fea3a1e 100644 --- a/charts/kubezero-calico/README.md +++ b/charts/kubezero-calico/README.md @@ -2,7 +2,7 @@ kubezero-calico =============== KubeZero Umbrella Chart for Calico -Current chart version is `0.1.7` +Current chart version is `0.1.9` Source code can be found [here](https://kubezero.com) @@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## KubeZero default configuration diff --git a/charts/kubezero-calico/templates/calico.yaml b/charts/kubezero-calico/templates/calico.yaml index 307ba50e..63c4efcc 100644 --- a/charts/kubezero-calico/templates/calico.yaml +++ b/charts/kubezero-calico/templates/calico.yaml @@ -322,10 +322,6 @@ spec: spec: nodeSelector: kubernetes.io/os: linux - {{- if .Values.migration }} - # Only run Calico on nodes that have been migrated. - projectcalico.org/node-network-during-migration: calico - {{- end }} hostNetwork: true tolerations: # Make sure calico-node gets scheduled on all nodes. @@ -345,7 +341,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: calico/cni:v3.15.0 + image: calico/cni:v3.15.1 command: ["/install-cni.sh"] env: # Name of the CNI config file to create. @@ -381,7 +377,7 @@ spec: # Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes # to communicate with Felix over the Policy Sync API. - name: flexvol-driver - image: calico/pod2daemon-flexvol:v3.15.0 + image: calico/pod2daemon-flexvol:v3.15.1 volumeMounts: - name: flexvol-driver-host mountPath: /host/driver @@ -392,7 +388,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: calico/node:v3.15.0 + image: calico/node:v3.15.1 env: # Use Kubernetes API as the backing datastore. - name: DATASTORE_TYPE @@ -594,7 +590,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: calico/kube-controllers:v3.15.0 + image: calico/kube-controllers:v3.15.1 env: # Choose which controllers to run. - name: ENABLED_CONTROLLERS diff --git a/charts/kubezero-calico/templates/servicemonitor.yaml b/charts/kubezero-calico/templates/servicemonitor.yaml index 56c8f42c..130d1bf9 100644 --- a/charts/kubezero-calico/templates/servicemonitor.yaml +++ b/charts/kubezero-calico/templates/servicemonitor.yaml @@ -5,7 +5,7 @@ metadata: name: calico-node labels: k8s-app: calico-node - prometheus: kube-prometheus + release: metrics spec: jobLabel: k8s-app selector: diff --git a/charts/kubezero-cert-manager/README.md b/charts/kubezero-cert-manager/README.md index e341dfd6..b80cfcb8 100644 --- a/charts/kubezero-cert-manager/README.md +++ b/charts/kubezero-cert-manager/README.md @@ -2,7 +2,7 @@ kubezero-cert-manager ===================== KubeZero Umbrella Chart for cert-manager -Current chart version is `0.3.5` +Current chart version is `0.3.6` Source code can be found [here](https://kubezero.com) @@ -11,7 +11,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| | https://charts.jetstack.io | cert-manager | 0.15.1 | -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## AWS - IAM Role If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust: diff --git a/charts/kubezero-istio/README.md b/charts/kubezero-istio/README.md index 6b7ba4e7..fa4e2989 100644 --- a/charts/kubezero-istio/README.md +++ b/charts/kubezero-istio/README.md @@ -5,7 +5,7 @@ KubeZero Umbrella Chart for Istio Installs Istio Operator and KubeZero Istio profile -Current chart version is `0.2.1` +Current chart version is `0.2.3` Source code can be found [here](https://kubezero.com) @@ -24,7 +24,8 @@ Source code can be found [here](https://kubezero.com) | Key | Type | Default | Description | |-----|------|---------|-------------| | ingress.autoscaleEnabled | bool | `false` | | -| ingress.private | bool | `true` | | +| ingress.private.enabled | bool | `true` | | +| ingress.private.nodeSelector | string | `"31080_31443_30671_30672_31224"` | | | ingress.replicaCount | int | `2` | | | ingress.type | string | `"NodePort"` | | | istio-operator.hub | string | `"docker.io/istio"` | | diff --git a/charts/kubezero-kiam/README.md b/charts/kubezero-kiam/README.md index 9d4ca944..d45bbd75 100644 --- a/charts/kubezero-kiam/README.md +++ b/charts/kubezero-kiam/README.md @@ -2,7 +2,7 @@ kubezero-kiam ============= KubeZero Umbrella Chart for Kiam -Current chart version is `0.2.6` +Current chart version is `0.2.7` Source code can be found [here](https://kubezero.com) @@ -11,7 +11,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| | https://uswitch.github.io/kiam-helm-charts/charts/ | kiam | 5.8.1 | -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## KubeZero default configuration We run agents on the controllers as well, so we force eg. ebs csi controllers and others to assume roles etc. diff --git a/charts/kubezero-local-volume-provisioner/README.md b/charts/kubezero-local-volume-provisioner/README.md index b3070586..836ff856 100644 --- a/charts/kubezero-local-volume-provisioner/README.md +++ b/charts/kubezero-local-volume-provisioner/README.md @@ -4,7 +4,7 @@ KubeZero Umbrella Chart for local-static-provisioner Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles. -Current chart version is `0.0.1` +Current chart version is `0.1.0` Source code can be found [here](https://kubezero.com) @@ -12,7 +12,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## KubeZero default configuration diff --git a/charts/kubezero-logging/README.md b/charts/kubezero-logging/README.md index ad980ccd..0635ffe0 100644 --- a/charts/kubezero-logging/README.md +++ b/charts/kubezero-logging/README.md @@ -2,7 +2,7 @@ kubezero-logging ================ KubeZero Umbrella Chart for complete EFK stack -Current chart version is `0.0.1` +Current chart version is `0.0.2` Source code can be found [here](https://kubezero.com) @@ -16,30 +16,42 @@ Source code can be found [here](https://kubezero.com) ### ECK - Operator mapped to controller nodes -### ElasticSearch +### ES + +- SSL disabled ( Todo: provide cluster certs and setup Kibana/Fluentd to use https incl. client certs ) - Installed Plugins: - - repository-s3 - - elasticsearch-prometheus-exporter + - repository-s3 + - elasticsearch-prometheus-exporter - [Cross AZ Zone awareness](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-advanced-node-scheduling.html#k8s-availability-zone-awareness) is implemented via nodeSets +### Kibana + +- increased timeout to ES to 3 minutes + + ## Manual tasks ATM - Install index template - setup Kibana - create `logstash-*` Index Pattern + ## Chart Values | Key | Type | Default | Description | |-----|------|---------|-------------| -| es.replicas | int | `2` | | -| es.storage.class | string | `"local-sc-xfs"` | | -| es.storage.size | string | `"16Gi"` | | -| fullnameOverride | string | `"logging"` | | -| kibana.replicas | int | `1` | | -| version | string | `"7.6.0"` | | +| es.elastic_password | string | `""` | | +| es.nodeSets | list | `[]` | | +| es.prometheus | bool | `false` | | +| es.s3Snapshot.enabled | bool | `false` | | +| es.s3Snapshot.iamrole | string | `""` | | +| kibana.count | int | `1` | | +| kibana.istio.enabled | bool | `false` | | +| kibana.istio.gateway | string | `"istio-system/ingressgateway"` | | +| kibana.istio.url | string | `""` | | +| version | string | `"7.8.1"` | | ## Resources: diff --git a/charts/kubezero-metrics/README.md b/charts/kubezero-metrics/README.md index 62b70401..4275afb9 100644 --- a/charts/kubezero-metrics/README.md +++ b/charts/kubezero-metrics/README.md @@ -2,7 +2,7 @@ kubezero-metrics ================ KubeZero Umbrella Chart for prometheus-operator -Current chart version is `0.1.2` +Current chart version is `0.1.3` Source code can be found [here](https://kubezero.com) @@ -87,6 +87,7 @@ Source code can be found [here](https://kubezero.com) | prometheus-operator.prometheusOperator.enabled | bool | `true` | | | prometheus-operator.prometheusOperator.manageCrds | bool | `false` | | | prometheus-operator.prometheusOperator.namespaces.additional[0] | string | `"kube-system"` | | +| prometheus-operator.prometheusOperator.namespaces.additional[1] | string | `"logging"` | | | prometheus-operator.prometheusOperator.namespaces.releaseNamespace | bool | `true` | | | prometheus-operator.prometheusOperator.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | | prometheus-operator.prometheusOperator.tlsProxy.enabled | bool | `false` | | diff --git a/charts/kubezero/README.md b/charts/kubezero/README.md index 87b4b434..b41419d4 100644 --- a/charts/kubezero/README.md +++ b/charts/kubezero/README.md @@ -2,7 +2,7 @@ kubezero ======== KubeZero ArgoCD Application - Root App of Apps chart of KubeZero -Current chart version is `0.4.1` +Current chart version is `0.4.3` Source code can be found [here](https://kubezero.com) @@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| -| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## Chart Values @@ -27,5 +27,6 @@ Source code can be found [here](https://kubezero.com) | istio.enabled | bool | `false` | | | kiam.enabled | bool | `false` | | | local-volume-provisioner.enabled | bool | `false` | | +| logging.enabled | bool | `false` | | | metrics.enabled | bool | `false` | | | platform | string | `"aws"` | | diff --git a/deploy/deploy.sh b/deploy/deploy.sh index 2e8963ca..2961135b 100755 --- a/deploy/deploy.sh +++ b/deploy/deploy.sh @@ -56,7 +56,7 @@ EOF kubectl apply -f cert-manager-backup.yaml else helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml --set kiam.not_ready=true --set istio.enabled=false --set metrics.enabled=false --set logging.enabled=false > generated-values.yaml - helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd --create-namespace -f generated-values.yaml + helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd -f generated-values.yaml wait_for kubectl get Issuer -n kube-system kubezero-local-ca-issuer 2>/dev/null 1>&2 wait_for kubectl get ClusterIssuer letsencrypt-dns-prod 2>/dev/null 1>&2 kubectl wait --for=condition=Ready -n kube-system Issuer/kubezero-local-ca-issuer @@ -64,12 +64,12 @@ EOF fi # Now that we have the cert-manager webhook, get the kiam certs in place but do NOT deploy kiam yet - helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml --set kiam.not_ready=true --set kiam.enabled=false > generated-values.yaml - helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd --create-namespace -f generated-values.yaml + helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml --set kiam.not_ready=true --set kiam.enabled=false --set istio.enabled=false --set metrics.enabled=false --set logging.enabled=false > generated-values.yaml + helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd -f generated-values.yaml # Now lets make sure kiam is working - helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml --set kiam.not_ready=true > generated-values.yaml - helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd --create-namespace -f generated-values.yaml + helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml --set kiam.not_ready=true --set istio.enabled=false --set metrics.enabled=false --set logging.enabled=false > generated-values.yaml + helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd -f generated-values.yaml wait_for kubectl get daemonset -n kube-system kiam-agent 2>/dev/null 1>&2 kubectl rollout status daemonset -n kube-system kiam-agent diff --git a/deploy/templates/values.yaml b/deploy/templates/values.yaml index 47752d3f..86b47638 100644 --- a/deploy/templates/values.yaml +++ b/deploy/templates/values.yaml @@ -5,7 +5,6 @@ kubezero: {{- end }} calico: enabled: {{ .Values.calico.enabled }} - type: {{ default "kustomize" .Values.calico.type }} values: network: {{ default "vxlan" .Values.calico.network }} mtu: {{ default "8941" .Values.calico.mtu }}