fix: final fixes for 1.23

This commit is contained in:
Stefan Reimer 2022-09-28 17:41:30 +02:00
parent c06da7b814
commit f66bc6bfa0
16 changed files with 66 additions and 48 deletions

View File

@ -138,7 +138,7 @@ waitSystemPodsRunning
argo_used && disable_argo
all_nodes_upgrade "nsenter -m/hostproc/1/ns/mnt mount --make-shared /sys/fs/cgroup; mount --make-shared /sys; sleep 3;"
all_nodes_upgrade "nsenter -m/hostproc/1/ns/mnt mount --make-shared /sys/fs/cgroup; nsenter -m/hostproc/1/ns/mnt mount --make-shared /sys; nsenter -r/host /usr/bin/podman image prune -a -f;"
control_plane_upgrade kubeadm_upgrade
@ -155,6 +155,9 @@ kubectl delete daemonset metrics-prometheus-node-exporter -n monitoring || true
# AWS EBS CSI driver change their fsGroupPolicy
kubectl delete CSIDriver ebs.csi.aws.com || true
# Delete external-dns deployment as upstream changed strategy to 'recreate'
kubectl delete deployment addons-external-dns -n kube-system || true
control_plane_upgrade "apply_network, apply_addons, apply_storage"
kubectl rollout restart daemonset/calico-node -n kube-system
@ -165,8 +168,17 @@ echo "Checking that all pods in kube-system are running ..."
waitSystemPodsRunning
echo "Applying remaining KubeZero modules..."
# Delete outdated cert-manager CRDs, otherwise serverside apply will fail
for c in certificaterequests.cert-manager.io certificates.cert-manager.io challenges.acme.cert-manager.io clusterissuers.cert-manager.io issuers.cert-manager.io orders.acme.cert-manager.io; do
kubectl delete crd $c
done
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd"
# delete legace ArgCD controller which is now a statefulSet
kubectl delete deployment argocd-application-controller -n argocd || true
# Final step is to commit the new argocd kubezero app
kubectl get app kubezero -n argocd -o yaml | yq 'del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..) | .spec.source.helm.values |= (from_yaml | to_yaml)' > $ARGO_APP

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-addons
description: KubeZero umbrella chart for various optional cluster addons
type: application
version: 0.6.2
version: 0.6.3
appVersion: v1.23.11
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png

View File

@ -1,6 +1,6 @@
# kubezero-addons
![Version: 0.6.2](https://img.shields.io/badge/Version-0.6.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.23.10](https://img.shields.io/badge/AppVersion-v1.23.10-informational?style=flat-square)
![Version: 0.6.3](https://img.shields.io/badge/Version-0.6.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.23.11](https://img.shields.io/badge/AppVersion-v1.23.11-informational?style=flat-square)
KubeZero umbrella chart for various optional cluster addons
@ -70,9 +70,12 @@ Device plugin for [AWS Neuron](https://aws.amazon.com/machine-learning/neuron/)
| cluster-autoscaler.autoDiscovery.clusterName | string | `""` | |
| cluster-autoscaler.awsRegion | string | `"us-west-2"` | |
| cluster-autoscaler.enabled | bool | `false` | |
| cluster-autoscaler.extraArgs.scan-interval | string | `"30s"` | |
| cluster-autoscaler.extraArgs.skip-nodes-with-local-storage | bool | `false` | |
| cluster-autoscaler.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| cluster-autoscaler.podDisruptionBudget | bool | `false` | |
| cluster-autoscaler.prometheusRule.enabled | bool | `false` | |
| cluster-autoscaler.prometheusRule.interval | string | `"30"` | |
| cluster-autoscaler.serviceMonitor.enabled | bool | `false` | |
| cluster-autoscaler.serviceMonitor.interval | string | `"30s"` | |
| cluster-autoscaler.tolerations[0].effect | string | `"NoSchedule"` | |

View File

@ -123,10 +123,15 @@ cluster-autoscaler:
prometheusRule:
enabled: false
interval: "30"
# Disable pdb for now
podDisruptionBudget: false
extraArgs:
scan-interval: 30s
skip-nodes-with-local-storage: false
#securityContext:
# runAsNonRoot: true

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-ci
description: KubeZero umbrella chart for all things CI
type: application
version: 0.5.13
version: 0.5.14
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
@ -26,11 +26,11 @@ dependencies:
repository: https://dl.gitea.io/charts/
condition: gitea.enabled
- name: jenkins
version: 4.2.1
version: 4.2.6
repository: https://charts.jenkins.io
condition: jenkins.enabled
- name: trivy
version: 0.4.16
version: 0.4.17
repository: https://aquasecurity.github.io/helm-charts/
condition: trivy.enabled

View File

@ -1,6 +1,6 @@
# kubezero-ci
![Version: 0.5.13](https://img.shields.io/badge/Version-0.5.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.5.14](https://img.shields.io/badge/Version-0.5.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things CI
@ -18,9 +18,9 @@ Kubernetes: `>= 1.20.0`
| Repository | Name | Version |
|------------|------|---------|
| https://aquasecurity.github.io/helm-charts/ | trivy | 0.4.16 |
| https://aquasecurity.github.io/helm-charts/ | trivy | 0.4.17 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.5 |
| https://charts.jenkins.io | jenkins | 4.2.1 |
| https://charts.jenkins.io | jenkins | 4.2.6 |
| https://dl.gitea.io/charts/ | gitea | 5.0.9 |
| https://gocd.github.io/helm-chart | gocd | 1.40.8 |
@ -95,13 +95,13 @@ Kubernetes: `>= 1.20.0`
| jenkins.controller.initContainerResources.limits.memory | string | `"1024Mi"` | |
| jenkins.controller.initContainerResources.requests.cpu | string | `"50m"` | |
| jenkins.controller.initContainerResources.requests.memory | string | `"256Mi"` | |
| jenkins.controller.installPlugins[0] | string | `"kubernetes:3704.va_08f0206b_95e"` | |
| jenkins.controller.installPlugins[0] | string | `"kubernetes:3706.vdfb_d599579f3"` | |
| jenkins.controller.installPlugins[1] | string | `"workflow-aggregator:581.v0c46fa_697ffd"` | |
| jenkins.controller.installPlugins[2] | string | `"git:4.11.5"` | |
| jenkins.controller.installPlugins[2] | string | `"git:4.12.1"` | |
| jenkins.controller.installPlugins[3] | string | `"configuration-as-code:1512.vb_79d418d5fc8"` | |
| jenkins.controller.installPlugins[4] | string | `"antisamy-markup-formatter:2.7"` | |
| jenkins.controller.installPlugins[5] | string | `"prometheus:2.0.11"` | |
| jenkins.controller.installPlugins[6] | string | `"htmlpublisher:1.30"` | |
| jenkins.controller.installPlugins[6] | string | `"htmlpublisher:1.31"` | |
| jenkins.controller.installPlugins[7] | string | `"build-discarder:139.v05696a_7fe240"` | |
| jenkins.controller.installPlugins[8] | string | `"dark-theme:245.vb_a_2b_b_010ea_96"` | |
| jenkins.controller.installPlugins[9] | string | `"kubernetes-credentials-provider:1.196.va_55f5e31e3c2"` | |
@ -112,7 +112,7 @@ Kubernetes: `>= 1.20.0`
| jenkins.controller.resources.limits.memory | string | `"4096Mi"` | |
| jenkins.controller.resources.requests.cpu | string | `"250m"` | |
| jenkins.controller.resources.requests.memory | string | `"1280Mi"` | |
| jenkins.controller.tag | string | `"2.362-alpine-jdk17"` | |
| jenkins.controller.tag | string | `"2.370-alpine-jdk17"` | |
| jenkins.controller.testEnabled | bool | `false` | |
| jenkins.enabled | bool | `false` | |
| jenkins.istio.agent.enabled | bool | `false` | |

View File

@ -69,7 +69,7 @@ jenkins:
enabled: false
controller:
tag: 2.362-alpine-jdk17
tag: 2.370-alpine-jdk17
#tagLabel: alpine
disableRememberMe: true
prometheus:
@ -114,13 +114,13 @@ jenkins:
numToKeepStr: "10"
installPlugins:
- kubernetes:3704.va_08f0206b_95e
- kubernetes:3706.vdfb_d599579f3
- workflow-aggregator:581.v0c46fa_697ffd
- git:4.11.5
- git:4.12.1
- configuration-as-code:1512.vb_79d418d5fc8
- antisamy-markup-formatter:2.7
- prometheus:2.0.11
- htmlpublisher:1.30
- htmlpublisher:1.31
- build-discarder:139.v05696a_7fe240
- dark-theme:245.vb_a_2b_b_010ea_96
- kubernetes-credentials-provider:1.196.va_55f5e31e3c2

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-logging
description: KubeZero Umbrella Chart for complete EFK stack
type: application
version: 0.8.2
version: 0.8.3
appVersion: 1.6.0
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png

View File

@ -1,6 +1,6 @@
# kubezero-logging
![Version: 0.8.2](https://img.shields.io/badge/Version-0.8.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.0](https://img.shields.io/badge/AppVersion-1.6.0-informational?style=flat-square)
![Version: 0.8.3](https://img.shields.io/badge/Version-0.8.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.0](https://img.shields.io/badge/AppVersion-1.6.0-informational?style=flat-square)
KubeZero Umbrella Chart for complete EFK stack
@ -96,10 +96,7 @@ Kubernetes: `>= 1.20.0`
| fluent-bit.serviceMonitor.enabled | bool | `false` | |
| fluent-bit.serviceMonitor.selector.release | string | `"metrics"` | |
| fluent-bit.tolerations[0].effect | string | `"NoSchedule"` | |
| fluent-bit.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| fluent-bit.tolerations[1].effect | string | `"NoSchedule"` | |
| fluent-bit.tolerations[1].key | string | `"kubezero-workergroup"` | |
| fluent-bit.tolerations[1].operator | string | `"Exists"` | |
| fluent-bit.tolerations[0].operator | string | `"Exists"` | |
| fluentd.dashboards.enabled | bool | `false` | |
| fluentd.enabled | bool | `false` | |
| fluentd.env[0].name | string | `"FLUENTD_CONF"` | |

View File

@ -257,10 +257,7 @@ fluent-bit:
#dnsPolicy: ClusterFirstWithHostNet
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: kubezero-workergroup
effect: NoSchedule
- effect: NoSchedule
operator: Exists
resources:

View File

@ -1,6 +1,6 @@
# kubezero-metrics
![Version: 0.8.1](https://img.shields.io/badge/Version-0.8.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.8.5](https://img.shields.io/badge/Version-0.8.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for Prometheus, Grafana and Alertmanager as well as all Kubernetes integrations.
@ -18,7 +18,7 @@ Kubernetes: `>= 1.20.0`
| Repository | Name | Version |
|------------|------|---------|
| | kube-prometheus-stack | 39.9.0 |
| | kube-prometheus-stack | 40.0.0 |
| | prometheus-pushgateway | 1.18.2 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.5 |
| https://prometheus-community.github.io/helm-charts | prometheus-adapter | 3.4.0 |

View File

@ -1,6 +1,6 @@
# kubezero-network
![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.3.4](https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things network
@ -28,16 +28,18 @@ Kubernetes: `>= 1.20.0`
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| calico.enabled | bool | `false` | |
| cilium.bpf.hostLegacyRouting | bool | `true` | |
| cilium.cgroup.autoMount.enabled | bool | `false` | |
| cilium.cgroup.hostRoot | string | `"/sys/fs/cgroup"` | |
| cilium.cluster.id | int | `1` | |
| cilium.cluster.id | int | `240` | |
| cilium.cluster.name | string | `"default"` | |
| cilium.cni.binPath | string | `"/usr/libexec/cni"` | |
| cilium.cni.chainingMode | string | `"generic-veth"` | |
| cilium.cni.exclusive | bool | `false` | |
| cilium.containerRuntime.integration | string | `"crio"` | |
| cilium.enabled | bool | `false` | |
| cilium.hubble.enabled | bool | `false` | |
| cilium.ipam.operator.clusterPoolIPv4PodCIDRList[0] | string | `"10.1.0.0/16"` | |
| cilium.ipam.operator.clusterPoolIPv4PodCIDRList[0] | string | `"10.240.0.0/16"` | |
| cilium.l2NeighDiscovery.enabled | bool | `false` | |
| cilium.l7Proxy | bool | `false` | |
| cilium.nodePort.enabled | bool | `false` | |
@ -45,7 +47,7 @@ Kubernetes: `>= 1.20.0`
| cilium.operator.replicas | int | `1` | |
| cilium.operator.tolerations[0].effect | string | `"NoSchedule"` | |
| cilium.operator.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| cilium.policyEnforcementMode | string | `"audit"` | |
| cilium.policyEnforcementMode | string | `"never"` | |
| cilium.prometheus.enabled | bool | `false` | |
| cilium.prometheus.port | int | `9091` | |
| cilium.securityContext.privileged | bool | `true` | |

View File

@ -1,6 +1,6 @@
# kubezero-storage
![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.7.1](https://img.shields.io/badge/Version-0.7.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini
@ -18,7 +18,7 @@ Kubernetes: `>= 1.20.0`
| Repository | Name | Version |
|------------|------|---------|
| | aws-ebs-csi-driver | 2.10.1 |
| | aws-ebs-csi-driver | 2.11.0 |
| | aws-efs-csi-driver | 2.2.7 |
| | gemini | 1.0.0 |
| | lvm-localpv | 1.0.0 |

View File

@ -24,12 +24,13 @@ Kubernetes: `>= 1.20.0`
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| addons.aws-node-termination-handler | object | `{}` | |
| addons.clusterBackup | object | `{}` | |
| addons.aws-node-termination-handler.enabled | bool | `false` | |
| addons.cluster-autoscaler.enabled | bool | `false` | |
| addons.clusterBackup.enabled | bool | `false` | |
| addons.enabled | bool | `true` | |
| addons.external-dns | object | `{}` | |
| addons.forseti | object | `{}` | |
| addons.targetRevision | string | `"0.6.2"` | |
| addons.external-dns.enabled | bool | `false` | |
| addons.forseti.enabled | bool | `false` | |
| addons.targetRevision | string | `"0.6.3"` | |
| argocd.enabled | bool | `false` | |
| argocd.istio.enabled | bool | `false` | |
| argocd.namespace | string | `"argocd"` | |
@ -58,7 +59,7 @@ Kubernetes: `>= 1.20.0`
| kubezero.server | string | `"https://kubernetes.default.svc"` | |
| logging.enabled | bool | `false` | |
| logging.namespace | string | `"logging"` | |
| logging.targetRevision | string | `"0.8.2"` | |
| logging.targetRevision | string | `"0.8.3"` | |
| metrics.enabled | bool | `false` | |
| metrics.istio.grafana | object | `{}` | |
| metrics.istio.prometheus | object | `{}` | |
@ -67,7 +68,7 @@ Kubernetes: `>= 1.20.0`
| network.cilium.cluster | object | `{}` | |
| network.enabled | bool | `true` | |
| network.retain | bool | `true` | |
| network.targetRevision | string | `"0.3.3"` | |
| network.targetRevision | string | `"0.3.4"` | |
| storage.aws-ebs-csi-driver.enabled | bool | `false` | |
| storage.aws-efs-csi-driver.enabled | bool | `false` | |
| storage.enabled | bool | `false` | |

View File

@ -92,8 +92,9 @@ cluster-autoscaler:
{{- with .Values.metrics }}
serviceMonitor:
enabled: {{ .enabled }}
prometheusRule:
enabled: {{ .enabled }}
# Buggy atm due to integer vs. string issue
# prometheusRule:
# enabled: {{ .enabled }}
{{- end }}
{{- if .Values.global.aws }}

View File

@ -10,7 +10,7 @@ global:
addons:
enabled: true
targetRevision: 0.6.2
targetRevision: 0.6.3
external-dns:
enabled: false
forseti:
@ -74,7 +74,7 @@ metrics:
logging:
enabled: false
namespace: logging
targetRevision: 0.8.2
targetRevision: 0.8.3
argocd:
enabled: false