From d3ffcb5fc561ad618f0354111e866e4d49214ffa Mon Sep 17 00:00:00 2001 From: dntosas Date: Sun, 16 May 2021 11:03:00 +0300 Subject: [PATCH 1/2] Bump patch version Signed-off-by: dntosas --- .../addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/upup/models/cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template b/upup/models/cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template index 16d7d264709f1..d5ec516844270 100644 --- a/upup/models/cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template +++ b/upup/models/cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template @@ -1,5 +1,4 @@ # Vendored from https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml - --- apiVersion: v1 kind: ServiceAccount @@ -140,7 +139,7 @@ spec: operator: "Exists" containers: - name: node-cache - image: k8s.gcr.io/dns/k8s-dns-node-cache:1.17.1 + image: k8s.gcr.io/dns/k8s-dns-node-cache:1.17.4 resources: requests: cpu: {{ KubeDNS.NodeLocalDNS.CPURequest }} From 4dd4d860d6b829debe8727b989e742b2c3e0e4d7 Mon Sep 17 00:00:00 2001 From: dntosas Date: Sun, 16 May 2021 10:53:31 +0300 Subject: [PATCH 2/2] Bump manifests to latest stable version 1.8.3 In this commit, we update manifest files of CoreDNS. We also do a small refactoring on yaml blocks to match the upstream source and to make updating and reviewing procedures easier on the future. Signed-off-by: dntosas --- .../k8s-1.12.yaml.template | 143 +++++++++--------- .../bootstrapchannelbuilder.go | 2 +- .../awscloudcontroller/manifest.yaml | 4 +- .../awsiamauthenticator/manifest.yaml | 4 +- .../simple/manifest.yaml | 4 +- .../weave/manifest.yaml | 4 +- 6 files changed, 80 insertions(+), 81 deletions(-) diff --git a/upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template b/upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template index a7fff82f40ebc..d523757902abd 100644 --- a/upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template +++ b/upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template @@ -1,3 +1,6 @@ +# CoreDNS +# Source: https://github.com/coredns/deployment/blob/master/kubernetes/coredns.yaml.sed +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -74,6 +77,7 @@ data: health { lameduck 5s } + ready kubernetes {{ KubeDNS.Domain }}. in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa @@ -92,54 +96,12 @@ data: --- apiVersion: apps/v1 kind: Deployment -metadata: - name: coredns-autoscaler - namespace: kube-system - labels: - k8s-addon: coredns.addons.k8s.io - k8s-app: coredns-autoscaler - kubernetes.io/cluster-service: "true" -spec: - selector: - matchLabels: - k8s-app: coredns-autoscaler - template: - metadata: - labels: - k8s-app: coredns-autoscaler - annotations: - scheduler.alpha.kubernetes.io/critical-pod: '' - spec: - containers: - - name: autoscaler - image: {{ if KubeDNS.CPAImage }}{{ KubeDNS.CPAImage }}{{ else }}k8s.gcr.io/cpa/cluster-proportional-autoscaler:1.8.3{{ end }} - resources: - requests: - cpu: "20m" - memory: "10Mi" - command: - - /cluster-proportional-autoscaler - - --namespace=kube-system - - --configmap=coredns-autoscaler - - --target=Deployment/coredns - # When cluster is using large nodes(with more cores), "coresPerReplica" should dominate. - # If using small nodes, "nodesPerReplica" should dominate. - - --default-params={"linear":{"coresPerReplica":256,"nodesPerReplica":16,"preventSinglePointFailure":true}} - - --logtostderr=true - - --v=2 - priorityClassName: system-cluster-critical - tolerations: - - key: "CriticalAddonsOnly" - operator: "Exists" - serviceAccountName: coredns-autoscaler ---- -apiVersion: apps/v1 -kind: Deployment metadata: name: coredns namespace: kube-system labels: k8s-app: kube-dns + kubernetes.io/name: "CoreDNS" k8s-addon: coredns.addons.k8s.io kubernetes.io/cluster-service: "true" spec: @@ -156,18 +118,6 @@ spec: labels: k8s-app: kube-dns spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: k8s-app - operator: In - values: - - kube-dns - topologyKey: kubernetes.io/hostname priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: @@ -175,9 +125,20 @@ spec: operator: "Exists" nodeSelector: beta.kubernetes.io/os: linux + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: k8s-app + operator: In + values: ["kube-dns"] + topologyKey: kubernetes.io/hostname containers: - name: coredns - image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}k8s.gcr.io/coredns:1.7.0{{ end }} + image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}coredns/coredns:1.8.3{{ end }} imagePullPolicy: IfNotPresent resources: limits: @@ -219,8 +180,8 @@ spec: failureThreshold: 5 readinessProbe: httpGet: - path: /health - port: 8080 + path: /ready + port: 8181 scheme: HTTP dnsPolicy: Default volumes: @@ -261,10 +222,22 @@ spec: - name: metrics port: 9153 protocol: TCP - +--- +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: kube-dns + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: kube-dns + minAvailable: 1 --- - +# CoreDNS Autoscaler +# Source: https://github.com/kubernetes-sigs/cluster-proportional-autoscaler/tree/master/ +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -272,9 +245,7 @@ metadata: namespace: kube-system labels: k8s-addon: coredns.addons.k8s.io - --- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -296,9 +267,7 @@ rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["get", "create"] - --- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -313,17 +282,47 @@ subjects: - kind: ServiceAccount name: coredns-autoscaler namespace: kube-system - --- - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget +apiVersion: apps/v1 +kind: Deployment metadata: - name: kube-dns + name: coredns-autoscaler namespace: kube-system + labels: + k8s-addon: coredns.addons.k8s.io + k8s-app: coredns-autoscaler + kubernetes.io/cluster-service: "true" spec: selector: matchLabels: - k8s-app: kube-dns - minAvailable: 1 - + k8s-app: coredns-autoscaler + template: + metadata: + labels: + k8s-app: coredns-autoscaler + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + containers: + - name: autoscaler + image: {{ if KubeDNS.CPAImage }}{{ KubeDNS.CPAImage }}{{ else }}k8s.gcr.io/cpa/cluster-proportional-autoscaler:1.8.3{{ end }} + resources: + requests: + cpu: "20m" + memory: "10Mi" + command: + - /cluster-proportional-autoscaler + - --namespace=kube-system + - --configmap=coredns-autoscaler + - --target=Deployment/coredns + # When cluster is using large nodes(with more cores), "coresPerReplica" should dominate. + # If using small nodes, "nodesPerReplica" should dominate. + - --default-params={"linear":{"coresPerReplica":256,"nodesPerReplica":16,"preventSinglePointFailure":true}} + - --logtostderr=true + - --v=2 + priorityClassName: system-cluster-critical + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + serviceAccountName: coredns-autoscaler +--- diff --git a/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go b/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go index cc064f3010039..37e339b02d559 100644 --- a/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go +++ b/upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go @@ -297,7 +297,7 @@ func (b *BootstrapChannelBuilder) buildAddons(c *fi.ModelBuilderContext) (*chann if kubeDNS.Provider == "CoreDNS" { { key := "coredns.addons.k8s.io" - version := "1.7.0-kops.3" + version := "1.8.3-kops.3" { location := key + "/k8s-1.12.yaml" diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awscloudcontroller/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awscloudcontroller/manifest.yaml index cfbe033d817a7..2904e42b2fdb9 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awscloudcontroller/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awscloudcontroller/manifest.yaml @@ -21,11 +21,11 @@ spec: version: 1.4.0 - id: k8s-1.12 manifest: coredns.addons.k8s.io/k8s-1.12.yaml - manifestHash: 90405232658fa6c7989802391ffcecf7e9df1cf1 + manifestHash: 48af055a4d74db801f75bec7d7574d6f471f1be0 name: coredns.addons.k8s.io selector: k8s-addon: coredns.addons.k8s.io - version: 1.7.0-kops.3 + version: 1.8.3-kops.3 - id: k8s-1.9 manifest: kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml manifestHash: 1dbad74e01965afc2c32ca822d16c204d015db82 diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml index 49a0f1710de72..502e1bb9f10be 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/awsiamauthenticator/manifest.yaml @@ -21,11 +21,11 @@ spec: version: 1.4.0 - id: k8s-1.12 manifest: coredns.addons.k8s.io/k8s-1.12.yaml - manifestHash: 90405232658fa6c7989802391ffcecf7e9df1cf1 + manifestHash: 48af055a4d74db801f75bec7d7574d6f471f1be0 name: coredns.addons.k8s.io selector: k8s-addon: coredns.addons.k8s.io - version: 1.7.0-kops.3 + version: 1.8.3-kops.3 - id: k8s-1.9 manifest: kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml manifestHash: 1dbad74e01965afc2c32ca822d16c204d015db82 diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml index 16fd999e50895..efc6a290a09cb 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml @@ -21,11 +21,11 @@ spec: version: 1.4.0 - id: k8s-1.12 manifest: coredns.addons.k8s.io/k8s-1.12.yaml - manifestHash: 90405232658fa6c7989802391ffcecf7e9df1cf1 + manifestHash: 48af055a4d74db801f75bec7d7574d6f471f1be0 name: coredns.addons.k8s.io selector: k8s-addon: coredns.addons.k8s.io - version: 1.7.0-kops.3 + version: 1.8.3-kops.3 - id: k8s-1.9 manifest: kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml manifestHash: 1dbad74e01965afc2c32ca822d16c204d015db82 diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml index bb7063fc218df..c68aa16670ae1 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml @@ -21,11 +21,11 @@ spec: version: 1.4.0 - id: k8s-1.12 manifest: coredns.addons.k8s.io/k8s-1.12.yaml - manifestHash: 90405232658fa6c7989802391ffcecf7e9df1cf1 + manifestHash: 48af055a4d74db801f75bec7d7574d6f471f1be0 name: coredns.addons.k8s.io selector: k8s-addon: coredns.addons.k8s.io - version: 1.7.0-kops.3 + version: 1.8.3-kops.3 - id: k8s-1.9 manifest: kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml manifestHash: 1dbad74e01965afc2c32ca822d16c204d015db82