From daf7830955344e1460b30bbf5ff3fa5ddd54092d Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Thu, 5 May 2022 14:37:52 +0200 Subject: [PATCH] fix: minor version bumps, EBS fix, latest upgrade docs --- charts/kubezero-ci/Chart.yaml | 4 ++-- charts/kubezero-ci/README.md | 6 +++--- charts/kubezero-ci/values.yaml | 2 +- charts/kubezero-storage/Chart.yaml | 2 +- charts/kubezero-storage/README.md | 3 ++- charts/kubezero-storage/values.yaml | 5 +++++ charts/kubezero/Chart.yaml | 2 +- charts/kubezero/README.md | 4 ++-- charts/kubezero/values.yaml | 2 +- releases/v1.22/README.md | 24 +++++++++++++++++------- releases/v1.22/kubezero.sh | 5 ++--- releases/v1.22/migrate_argo.py | 2 +- 12 files changed, 38 insertions(+), 23 deletions(-) diff --git a/charts/kubezero-ci/Chart.yaml b/charts/kubezero-ci/Chart.yaml index 23cfcd0..54409b2 100644 --- a/charts/kubezero-ci/Chart.yaml +++ b/charts/kubezero-ci/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero-ci description: KubeZero umbrella chart for all things CI type: application -version: 0.4.50 +version: 0.4.51 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: @@ -26,7 +26,7 @@ dependencies: repository: https://dl.gitea.io/charts/ condition: gitea.enabled - name: jenkins - version: 3.12.0 + version: 3.12.2 repository: https://charts.jenkins.io condition: jenkins.enabled - name: trivy diff --git a/charts/kubezero-ci/README.md b/charts/kubezero-ci/README.md index 48089af..2484dfd 100644 --- a/charts/kubezero-ci/README.md +++ b/charts/kubezero-ci/README.md @@ -1,6 +1,6 @@ # kubezero-ci -![Version: 0.4.50](https://img.shields.io/badge/Version-0.4.50-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.4.51](https://img.shields.io/badge/Version-0.4.51-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero umbrella chart for all things CI @@ -20,7 +20,7 @@ Kubernetes: `>= 1.20.0` |------------|------|---------| | https://aquasecurity.github.io/helm-charts/ | trivy | 0.4.12 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.5 | -| https://charts.jenkins.io | jenkins | 3.12.0 | +| https://charts.jenkins.io | jenkins | 3.12.2 | | https://dl.gitea.io/charts/ | gitea | 5.0.5 | | https://gocd.github.io/helm-chart | gocd | 1.40.8 | @@ -111,7 +111,7 @@ Kubernetes: `>= 1.20.0` | jenkins.controller.resources.limits.memory | string | `"4096Mi"` | | | jenkins.controller.resources.requests.cpu | string | `"250m"` | | | jenkins.controller.resources.requests.memory | string | `"1280Mi"` | | -| jenkins.controller.tag | string | `"2.332.2-lts-jdk17-preview"` | | +| jenkins.controller.tag | string | `"2.332.3-lts-jdk17-preview"` | | | jenkins.controller.testEnabled | bool | `false` | | | jenkins.enabled | bool | `false` | | | jenkins.istio.agent.enabled | bool | `false` | | diff --git a/charts/kubezero-ci/values.yaml b/charts/kubezero-ci/values.yaml index 32e9fd9..a6d23b2 100644 --- a/charts/kubezero-ci/values.yaml +++ b/charts/kubezero-ci/values.yaml @@ -69,7 +69,7 @@ jenkins: enabled: false controller: - tag: 2.332.2-lts-jdk17-preview + tag: 2.332.3-lts-jdk17-preview #tagLabel: alpine disableRememberMe: true prometheus: diff --git a/charts/kubezero-storage/Chart.yaml b/charts/kubezero-storage/Chart.yaml index f342df0..fbe43fb 100644 --- a/charts/kubezero-storage/Chart.yaml +++ b/charts/kubezero-storage/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero-storage description: KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini type: application -version: 0.6.2 +version: 0.6.3 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero-storage/README.md b/charts/kubezero-storage/README.md index 0accd2d..5dcd28f 100644 --- a/charts/kubezero-storage/README.md +++ b/charts/kubezero-storage/README.md @@ -1,6 +1,6 @@ # kubezero-storage -![Version: 0.6.2](https://img.shields.io/badge/Version-0.6.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.6.3](https://img.shields.io/badge/Version-0.6.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini @@ -38,6 +38,7 @@ Kubernetes: `>= 1.20.0` | aws-ebs-csi-driver.controller.tolerations[0].effect | string | `"NoSchedule"` | | | aws-ebs-csi-driver.controller.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | | aws-ebs-csi-driver.enabled | bool | `false` | | +| aws-ebs-csi-driver.image.tag | string | `"v1.5.3"` | | | aws-ebs-csi-driver.node.resources.limits.memory | string | `"32Mi"` | | | aws-ebs-csi-driver.node.resources.requests.cpu | string | `"10m"` | | | aws-ebs-csi-driver.node.resources.requests.memory | string | `"16Mi"` | | diff --git a/charts/kubezero-storage/values.yaml b/charts/kubezero-storage/values.yaml index 459a35f..b591a40 100644 --- a/charts/kubezero-storage/values.yaml +++ b/charts/kubezero-storage/values.yaml @@ -63,6 +63,11 @@ gemini: aws-ebs-csi-driver: enabled: false + # starting with 1.6 the ebs-plugin panics with "could not get number of attached ENIs" + # somewhere related to metadata / volumeattach limits and nitro instances ... AWS as usual + image: + tag: v1.5.3 + controller: replicaCount: 1 logLevel: 2 diff --git a/charts/kubezero/Chart.yaml b/charts/kubezero/Chart.yaml index ec2424a..f5cafbf 100644 --- a/charts/kubezero/Chart.yaml +++ b/charts/kubezero/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero description: KubeZero - Root App of Apps chart type: application -version: 1.22.8-5 +version: 1.22.8-6 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero/README.md b/charts/kubezero/README.md index b812be1..1d40aeb 100644 --- a/charts/kubezero/README.md +++ b/charts/kubezero/README.md @@ -1,6 +1,6 @@ # kubezero -![Version: 1.22.8-5](https://img.shields.io/badge/Version-1.22.8--5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 1.22.8-6](https://img.shields.io/badge/Version-1.22.8--6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero - Root App of Apps chart @@ -65,7 +65,7 @@ Kubernetes: `>= 1.20.0` | storage.aws-ebs-csi-driver.enabled | bool | `false` | | | storage.aws-efs-csi-driver.enabled | bool | `false` | | | storage.enabled | bool | `false` | | -| storage.targetRevision | string | `"0.6.2"` | | +| storage.targetRevision | string | `"0.6.3"` | | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.9.1](https://github.com/norwoodj/helm-docs/releases/v1.9.1) diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml index 025a1e8..6072f71 100644 --- a/charts/kubezero/values.yaml +++ b/charts/kubezero/values.yaml @@ -22,7 +22,7 @@ cert-manager: storage: enabled: false - targetRevision: 0.6.2 + targetRevision: 0.6.3 aws-ebs-csi-driver: enabled: false aws-efs-csi-driver: diff --git a/releases/v1.22/README.md b/releases/v1.22/README.md index 2763049..73be3d7 100644 --- a/releases/v1.22/README.md +++ b/releases/v1.22/README.md @@ -81,14 +81,23 @@ Change Kubernetes version in controller config from `1.21.9` to `1.22.8` Wait each time for controller to join and all pods running. Might take a while ... -4. Migrate ArgoCD KubeZero config for your cluster: -```cat | ./release/v1.22/migrate_agro.py``` -Adjust as needed... +4. Migrate ArgoCD KubeZero config: + `cat | ./release/v1.22/migrate_agro.py` and adjust if needed and replace the original. -- git add / commit / push -- Watch ArgoCD do its work. +5. Upgrade via boostrap.sh +As the changes around Istio are substantial in this release we need to upgrade some parts step by step to prevent service outages, especially for private-ingress. -5. Replace worker nodes +- `./bootstrap.sh crds all ` to deploy all new CRDs first +- `./bootstrap.sh apply cert-manager ` to update cert-manager, required for Istio +- `./bootstrap.sh apply istio ` to update the Istio control plane +- `./bootstrap.sh apply istio-private-ingress ` to deploy the new private-ingress gateways first +- `./bootstrap.sh apply istio-ingress ` to update the public ingress and also remove the 1.21 private-ingress gateways + +6. Finalize via ArgoCD + + git add / commit / push `` and watch ArgoCD do its work. + +7. Replace worker nodes Eg. by doubling `desired` for each worker ASG, once all new workers joined, drain old workers one by one, finally reset `desired` for each worker ASG which will terminate the old workers. @@ -100,4 +109,5 @@ finally reset `desired` for each worker ASG which will terminate the old workers on 1.21 nodes until the metrics module is upgraded, due to underlying OS changes ### Logging -- `logging-fluent-bit` will go into `CrashLoopBackoff` on 1.21 nodes, until logging module is upgraded, due to underlying OS changes \ No newline at end of file +- `elastic-operator-0` might be stuck in `CrashLoopBackoff` until all of the controllers are updated due to the CRD removals in 1.22 +- `logging-fluent-bit` will go into `CrashLoopBackoff` or stuck in `ContainerCreating` on 1.21 nodes, until logging module is upgraded, due to underlying OS changes diff --git a/releases/v1.22/kubezero.sh b/releases/v1.22/kubezero.sh index f09f4eb..6d5b7fa 100755 --- a/releases/v1.22/kubezero.sh +++ b/releases/v1.22/kubezero.sh @@ -144,8 +144,7 @@ if [ "$1" == 'upgrade' ]; then # Remove all remaining kiam helm repo add uswitch https://uswitch.github.io/kiam-helm-charts/charts/ helm repo update - helm template uswitch/kiam --name-template kiam --set server.prometheus.servicemonitor.enabled=true --set agent.prometheus.servicemonitor.enabled=true | - kubectl delete --namespace kube-system -f - || true + helm template uswitch/kiam --name-template kiam --set server.deployment.enabled=true --set server.prometheus.servicemonitor.enabled=true --set agent.prometheus.servicemonitor.enabled=true | kubectl delete --namespace kube-system -f - || true ###################### # network @@ -318,7 +317,7 @@ elif [[ "$1" =~ "^(bootstrap|restore|join)$" ]]; then fi # install / update network and addons - if [[ "$1" =~ "^(bootstrap)$" ]]; then + if [[ "$1" =~ "^(bootstrap|join)$" ]]; then # network yq eval '.network // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml helm template $CHARTS/kubezero-network --namespace kube-system --include-crds --name-template network \ diff --git a/releases/v1.22/migrate_argo.py b/releases/v1.22/migrate_argo.py index 604628d..b427ff3 100755 --- a/releases/v1.22/migrate_argo.py +++ b/releases/v1.22/migrate_argo.py @@ -15,7 +15,7 @@ parser = argparse.ArgumentParser(description="Update Route53 entries") parser.add_argument( "--version", dest="version", - default="1.22.8-5", + default="1.22.8-6", action="store", required=False, help="Update KubeZero version",