Skip to content

Commit

Permalink
upgrade hyperkube images (#470)
Browse files Browse the repository at this point in the history 
CVE-2018-1002105: proxy request handling in kube-apiserver can leave
vulnerable TCP connections

kubernetes/kubernetes#71411
  • Loading branch information
@teemow
teemow committed Dec 3, 2018
1 parent b2ded8f commit b447add
Show file tree
Hide file tree
Showing 5 changed files with 13 additions and 13 deletions.
10 changes: 5 additions & 5 deletions v_3_5_2/master_template.go
View file
Expand Up @@ -781,7 +781,7 @@ write_files:
serviceAccountName: kube-proxy
containers:
- name: kube-proxy
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11
command:
- /hyperkube
- proxy
Expand Down Expand Up @@ -1617,7 +1617,7 @@ write_files:
priorityClassName: core-pods
containers:
- name: k8s-api-server
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11
env:
- name: HOST_IP
valueFrom:
Expand Down Expand Up @@ -1739,7 +1739,7 @@ write_files:
priorityClassName: core-pods
containers:
- name: k8s-controller-manager
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11
command:
- /hyperkube
- controller-manager
Expand Down Expand Up @@ -1812,7 +1812,7 @@ write_files:
priorityClassName: core-pods
containers:
- name: k8s-scheduler
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11
command:
- /hyperkube
- scheduler
Expand Down Expand Up @@ -2104,7 +2104,7 @@ coreos:
RestartSec=0
TimeoutStopSec=10
EnvironmentFile=/etc/network-environment
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4"
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11"
Environment="NAME=%p.service"
Environment="NETWORK_CONFIG_CONTAINER="
ExecStartPre=/usr/bin/docker pull $IMAGE
Expand Down
2 changes: 1 addition & 1 deletion v_3_5_2/worker_template.go
View file
Expand Up @@ -257,7 +257,7 @@ coreos:
RestartSec=0
TimeoutStopSec=10
EnvironmentFile=/etc/network-environment
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.4"
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.10.11"
Environment="NAME=%p.service"
Environment="NETWORK_CONFIG_CONTAINER="
ExecStartPre=/usr/bin/docker pull $IMAGE
Expand Down
10 changes: 5 additions & 5 deletions v_3_6_3/master_template.go
View file
Expand Up @@ -938,7 +938,7 @@ write_files:
serviceAccountName: kube-proxy
containers:
- name: kube-proxy
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
command:
- /hyperkube
- proxy
Expand Down Expand Up @@ -1716,7 +1716,7 @@ write_files:
priorityClassName: system-node-critical
containers:
- name: k8s-api-server
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
env:
- name: HOST_IP
valueFrom:
Expand Down Expand Up @@ -1839,7 +1839,7 @@ write_files:
priorityClassName: system-node-critical
containers:
- name: k8s-controller-manager
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
command:
- /hyperkube
- controller-manager
Expand Down Expand Up @@ -1912,7 +1912,7 @@ write_files:
priorityClassName: system-node-critical
containers:
- name: k8s-scheduler
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm
image: {{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
command:
- /hyperkube
- scheduler
Expand Down Expand Up @@ -2216,7 +2216,7 @@ coreos:
RestartSec=0
TimeoutStopSec=10
EnvironmentFile=/etc/network-environment
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm"
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
Environment="NAME=%p.service"
Environment="NETWORK_CONFIG_CONTAINER="
ExecStartPre=/usr/bin/docker pull $IMAGE
Expand Down
2 changes: 1 addition & 1 deletion v_3_6_3/worker_template.go
View file
Expand Up @@ -311,7 +311,7 @@ coreos:
RestartSec=0
TimeoutStopSec=10
EnvironmentFile=/etc/network-environment
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.1-cec4fb8023db783fbf26fb056bf6c76abfcd96cf-giantswarm"
Environment="IMAGE={{ .RegistryDomain }}/giantswarm/hyperkube:v1.11.5
Environment="NAME=%p.service"
Environment="NETWORK_CONFIG_CONTAINER="
ExecStartPre=/usr/bin/docker pull $IMAGE
Expand Down
2 changes: 1 addition & 1 deletion v_3_7_3/cloudconfig.go
View file
Expand Up @@ -13,7 +13,7 @@ import (

const (
defaultRegistryDomain = "quay.io"
kubernetesImage = "giantswarm/hyperkube:v1.12.2"
kubernetesImage = "giantswarm/hyperkube:v1.12.3"
etcdImage = "giantswarm/etcd:v3.3.9"
)

Expand Down

0 comments on commit b447add

Please sign in to comment.