From 89be01a83ed97aeac9d2f3a23dcdbdc4ab3915fc Mon Sep 17 00:00:00 2001 From: Peter Balogh Date: Tue, 23 Jun 2020 17:37:41 +0200 Subject: [PATCH] remove deprecated k8s versions Signed-off-by: Peter Balogh --- .../kubeadm/controlplane/controlplane_test.go | 2 +- .../phases/kubeadm/controlplane/kubeadm.go | 9 +- .../controlplane/kubeadm_v1alpha3.yaml.go | 161 ------------------ .../controlplane/kubeadm_v1alpha3.yaml.tmpl | 140 --------------- cmd/pke/app/phases/kubeadm/node/kubeadm.go | 6 +- .../kubeadm/node/kubeadm_v1alpha3.yaml.go | 70 -------- .../kubeadm/node/kubeadm_v1alpha3.yaml.tmpl | 49 ------ cmd/pke/app/util/linux/yum_test.go | 2 +- 8 files changed, 4 insertions(+), 435 deletions(-) delete mode 100644 cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.go delete mode 100644 cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.tmpl delete mode 100644 cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.go delete mode 100644 cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.tmpl diff --git a/cmd/pke/app/phases/kubeadm/controlplane/controlplane_test.go b/cmd/pke/app/phases/kubeadm/controlplane/controlplane_test.go index b89de10a..08a101ea 100644 --- a/cmd/pke/app/phases/kubeadm/controlplane/controlplane_test.go +++ b/cmd/pke/app/phases/kubeadm/controlplane/controlplane_test.go @@ -35,7 +35,7 @@ func TestWriteKubeadmConfig(t *testing.T) { apiServerHostPort: "192.168.64.11:6443", kubeletCertificateAuthority: "/etc/kubernetes/pki/ca.crt", clusterName: "my-cluster", - kubernetesVersion: "1.14.0", + kubernetesVersion: "1.18.0", serviceCIDR: "10.32.0.0/24", podNetworkCIDR: "10.200.0.0/16", cloudProvider: constants.CloudProviderAmazon, diff --git a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm.go b/cmd/pke/app/phases/kubeadm/controlplane/kubeadm.go index ae61442e..8d9c33a2 100644 --- a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm.go +++ b/cmd/pke/app/phases/kubeadm/controlplane/kubeadm.go @@ -33,7 +33,6 @@ import ( "github.com/pbnjay/memory" ) -//go:generate templify -t ${GOTMPL} -p controlplane -f kubeadmConfigV1Alpha3 kubeadm_v1alpha3.yaml.tmpl //go:generate templify -t ${GOTMPL} -p controlplane -f kubeadmConfigV1Beta1 kubeadm_v1beta1.yaml.tmpl //go:generate templify -t ${GOTMPL} -p controlplane -f kubeadmConfigV1Beta2 kubeadm_v1beta2.yaml.tmpl @@ -64,16 +63,10 @@ func (c ControlPlane) WriteKubeadmConfig(out io.Writer, filename string) error { } encryptionProviderPrefix := "" - if ver.LessThan(semver.MustParse("1.13.0")) { - encryptionProviderPrefix = "experimental-" - } var conf string switch ver.Minor() { - case 12, 13: - // see https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha3 - conf = kubeadmConfigV1Alpha3Template() - case 14, 15, 16, 17: + case 15, 16, 17: // see https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1 conf = kubeadmConfigV1Beta1Template() case 18: diff --git a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.go b/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.go deleted file mode 100644 index 8a2d87c2..00000000 --- a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.go +++ /dev/null @@ -1,161 +0,0 @@ -// Copyright © 2019 Banzai Cloud -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package controlplane - -// kubeadmConfigV1Alpha3Template is a generated function returning the template as a string. -func kubeadmConfigV1Alpha3Template() string { - var tmpl = "apiVersion: kubeadm.k8s.io/v1alpha3\n" + - "kind: InitConfiguration\n" + - "{{ if .APIServerAdvertiseAddress}}\n" + - "apiEndpoint:\n" + - " advertiseAddress: \"{{ .APIServerAdvertiseAddress }}\"\n" + - " bindPort: {{ .APIServerBindPort }}{{end}}\n" + - "nodeRegistration:\n" + - " criSocket: \"{{ .CRISocket }}\"\n" + - " taints:{{ if not .Taints }} []{{end}}{{range .Taints}}\n" + - " - key: \"{{.Key}}\"\n" + - " value: \"{{.Value}}\"\n" + - " effect: \"{{.Effect}}\"{{end}}\n" + - " kubeletExtraArgs:\n" + - " {{ if .NodeLabels }}node-labels: \"{{ .NodeLabels }}\"{{end}}\n" + - " # pod-infra-container-image: {{ .ImageRepository }}/pause:3.1 # only needed by docker\n" + - " {{ if .CloudProvider }}cloud-provider: \"{{ .CloudProvider }}\"\n" + - " {{ if .KubeletCloudConfig }}cloud-config: \"/etc/kubernetes/{{ .CloudProvider }}.conf\"{{end}}{{end}}\n" + - " read-only-port: \"0\"\n" + - " anonymous-auth: \"false\"\n" + - " streaming-connection-idle-timeout: \"5m\"\n" + - " protect-kernel-defaults: \"true\"\n" + - " event-qps: \"0\"\n" + - " client-ca-file: \"/etc/kubernetes/pki/ca.crt\"\n" + - " feature-gates: \"RotateKubeletServerCertificate=true\"\n" + - " rotate-certificates: \"true\"\n" + - " tls-cipher-suites: \"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256\"\n" + - " authorization-mode: \"Webhook\"\n" + - " experimental-kernel-memcg-notification: \"true\"\n" + - "---\n" + - "apiVersion: kubeadm.k8s.io/v1alpha3\n" + - "kind: ClusterConfiguration\n" + - "clusterName: \"{{ .ClusterName }}\"\n" + - "imageRepository: {{ .ImageRepository }}\n" + - "unifiedControlPlaneImage: {{ .ImageRepository }}/hyperkube:v{{ .KubernetesVersion }}\n" + - "networking:\n" + - " serviceSubnet: \"{{ .ServiceCIDR }}\"\n" + - " podSubnet: \"{{ .PodCIDR }}\"\n" + - " dnsDomain: \"cluster.local\"\n" + - "kubernetesVersion: \"v{{ .KubernetesVersion }}\"\n" + - "{{ if .ControlPlaneEndpoint }}controlPlaneEndpoint: \"{{ .ControlPlaneEndpoint }}\"{{end}}\n" + - "certificatesDir: \"/etc/kubernetes/pki\"\n" + - "{{ if .APIServerCertSANs }}\n" + - "apiServerCertSANs:\n" + - "{{range $k, $san := .APIServerCertSANs}} - \"{{ $san }}\"\n" + - "{{end}}{{end}}\n" + - "apiServerExtraArgs:\n" + - " # anonymous-auth: \"false\"\n" + - " profiling: \"false\"\n" + - " enable-admission-plugins: \"AlwaysPullImages,{{ if not .WithoutPluginDenyEscalatingExec }}DenyEscalatingExec,{{end}}EventRateLimit,NodeRestriction,ServiceAccount{{ if .WithPluginPSP }},PodSecurityPolicy{{end}}\"\n" + - " disable-admission-plugins: \"\"\n" + - " admission-control-config-file: \"{{ .AdmissionConfig }}\"\n" + - " audit-log-path: \"{{ .AuditLogDir }}/apiserver.log\"\n" + - " audit-log-maxage: \"30\"\n" + - " audit-log-maxbackup: \"10\"\n" + - " audit-log-maxsize: \"100\"\n" + - " {{ if .WithAuditLog }}audit-policy-file: \"{{ .AuditPolicyFile }}\"{{ end }}\n" + - " {{ if .EtcdPrefix }}etcd-prefix: \"{{ .EtcdPrefix }}\"{{end}}\n" + - " service-account-lookup: \"true\"\n" + - " kubelet-certificate-authority: \"{{ .KubeletCertificateAuthority }}\"\n" + - " tls-cipher-suites: \"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256\"\n" + - " {{ .EncryptionProviderPrefix }}encryption-provider-config: \"/etc/kubernetes/admission-control/encryption-provider-config.yaml\"\n" + - " {{ if (and .OIDCIssuerURL .OIDCClientID) }}\n" + - " oidc-issuer-url: \"{{ .OIDCIssuerURL }}\"\n" + - " oidc-client-id: \"{{ .OIDCClientID }}\"\n" + - " oidc-username-claim: \"email\"\n" + - " oidc-username-prefix: \"oidc:\"\n" + - " oidc-groups-claim: \"groups\"{{end}}\n" + - " {{ if .CloudProvider }}cloud-provider: \"{{ .CloudProvider }}\"\n" + - " {{ if .CloudConfig }}cloud-config: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}}{{end}}\n" + - "schedulerExtraArgs:\n" + - " profiling: \"false\"\n" + - "apiServerExtraVolumes:\n" + - " {{ if .WithAuditLog }}\n" + - " - name: audit-log-dir\n" + - " hostPath: {{ .AuditLogDir }}\n" + - " mountPath: {{ .AuditLogDir }}\n" + - " pathType: DirectoryOrCreate\n" + - " - name: audit-policy-file\n" + - " hostPath: {{ .AuditPolicyFile }}\n" + - " mountPath: {{ .AuditPolicyFile }}\n" + - " readOnly: true\n" + - " pathType: FileOrCreate{{ end }}\n" + - " - name: admission-control-config-file\n" + - " hostPath: {{ .AdmissionConfig }}\n" + - " mountPath: {{ .AdmissionConfig }}\n" + - " writable: false\n" + - " pathType: File\n" + - " - name: admission-control-config-dir\n" + - " hostPath: /etc/kubernetes/admission-control/\n" + - " mountPath: /etc/kubernetes/admission-control/\n" + - " writable: false\n" + - " pathType: Directory\n" + - " {{ if and .CloudProvider .CloudConfig }}\n" + - " - name: cloud-config\n" + - " hostPath: /etc/kubernetes/{{ .CloudProvider }}.conf\n" + - " mountPath: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}}\n" + - "controllerManagerExtraArgs:\n" + - " cluster-name: \"{{ .ClusterName }}\"\n" + - " profiling: \"false\"\n" + - " terminated-pod-gc-threshold: \"10\"\n" + - " feature-gates: \"RotateKubeletServerCertificate=true\"\n" + - " {{ if .ControllerManagerSigningCA }}cluster-signing-cert-file: {{ .ControllerManagerSigningCA }}{{end}}\n" + - " {{ if .CloudProvider }}\n" + - " cloud-provider: \"{{ .CloudProvider }}\"\n" + - " {{ if .CloudConfig }}cloud-config: /etc/kubernetes/{{ .CloudProvider }}.conf\n" + - "controllerManagerExtraVolumes:\n" + - " - name: cloud-config\n" + - " hostPath: /etc/kubernetes/{{ .CloudProvider }}.conf\n" + - " mountPath: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}}{{end}}\n" + - "etcd:\n" + - " {{ if .EtcdEndpoints }}\n" + - " external:\n" + - " endpoints:\n" + - " {{range $k, $endpoint := .EtcdEndpoints }} - \"{{ $endpoint }}\"\n" + - " {{end}}\n" + - " caFile: {{ .EtcdCAFile }}\n" + - " certFile: {{ .EtcdCertFile }}\n" + - " keyFile: {{ .EtcdKeyFile }}\n" + - " {{else}}\n" + - " local:\n" + - " extraArgs:\n" + - " peer-auto-tls: \"false\"\n" + - " {{end}}\n" + - "---\n" + - "apiVersion: kubelet.config.k8s.io/v1beta1\n" + - "kind: KubeletConfiguration\n" + - "serverTLSBootstrap: true\n" + - "systemReserved:\n" + - " cpu: 50m\n" + - " memory: 50Mi\n" + - " ephemeral-storage: 1Gi\n" + - "kubeReserved:\n" + - " cpu: {{ .KubeReservedCPU }}\n" + - " memory: {{ .KubeReservedMemory }}\n" + - " ephemeral-storage: 1Gi\n" + - "evictionHard:\n" + - " imagefs.available: 15%\n" + - " memory.available: 100Mi\n" + - " nodefs.available: 10%\n" + - " nodefs.inodesFree: 5%\n" + - "" - return tmpl -} diff --git a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.tmpl b/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.tmpl deleted file mode 100644 index 5f8331a9..00000000 --- a/cmd/pke/app/phases/kubeadm/controlplane/kubeadm_v1alpha3.yaml.tmpl +++ /dev/null @@ -1,140 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: InitConfiguration -{{ if .APIServerAdvertiseAddress}} -apiEndpoint: - advertiseAddress: "{{ .APIServerAdvertiseAddress }}" - bindPort: {{ .APIServerBindPort }}{{end}} -nodeRegistration: - criSocket: "{{ .CRISocket }}" - taints:{{ if not .Taints }} []{{end}}{{range .Taints}} - - key: "{{.Key}}" - value: "{{.Value}}" - effect: "{{.Effect}}"{{end}} - kubeletExtraArgs: - {{ if .NodeLabels }}node-labels: "{{ .NodeLabels }}"{{end}} - # pod-infra-container-image: {{ .ImageRepository }}/pause:3.1 # only needed by docker - {{ if .CloudProvider }}cloud-provider: "{{ .CloudProvider }}" - {{ if .KubeletCloudConfig }}cloud-config: "/etc/kubernetes/{{ .CloudProvider }}.conf"{{end}}{{end}} - read-only-port: "0" - anonymous-auth: "false" - streaming-connection-idle-timeout: "5m" - protect-kernel-defaults: "true" - event-qps: "0" - client-ca-file: "/etc/kubernetes/pki/ca.crt" - feature-gates: "RotateKubeletServerCertificate=true" - rotate-certificates: "true" - tls-cipher-suites: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256" - authorization-mode: "Webhook" - experimental-kernel-memcg-notification: "true" ---- -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: ClusterConfiguration -clusterName: "{{ .ClusterName }}" -imageRepository: {{ .ImageRepository }} -unifiedControlPlaneImage: {{ .ImageRepository }}/hyperkube:v{{ .KubernetesVersion }} -networking: - serviceSubnet: "{{ .ServiceCIDR }}" - podSubnet: "{{ .PodCIDR }}" - dnsDomain: "cluster.local" -kubernetesVersion: "v{{ .KubernetesVersion }}" -{{ if .ControlPlaneEndpoint }}controlPlaneEndpoint: "{{ .ControlPlaneEndpoint }}"{{end}} -certificatesDir: "/etc/kubernetes/pki" -{{ if .APIServerCertSANs }} -apiServerCertSANs: -{{range $k, $san := .APIServerCertSANs}} - "{{ $san }}" -{{end}}{{end}} -apiServerExtraArgs: - # anonymous-auth: "false" - profiling: "false" - enable-admission-plugins: "AlwaysPullImages,{{ if not .WithoutPluginDenyEscalatingExec }}DenyEscalatingExec,{{end}}EventRateLimit,NodeRestriction,ServiceAccount{{ if .WithPluginPSP }},PodSecurityPolicy{{end}}" - disable-admission-plugins: "" - admission-control-config-file: "{{ .AdmissionConfig }}" - audit-log-path: "{{ .AuditLogDir }}/apiserver.log" - audit-log-maxage: "30" - audit-log-maxbackup: "10" - audit-log-maxsize: "100" - {{ if .WithAuditLog }}audit-policy-file: "{{ .AuditPolicyFile }}"{{ end }} - {{ if .EtcdPrefix }}etcd-prefix: "{{ .EtcdPrefix }}"{{end}} - service-account-lookup: "true" - kubelet-certificate-authority: "{{ .KubeletCertificateAuthority }}" - tls-cipher-suites: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256" - {{ .EncryptionProviderPrefix }}encryption-provider-config: "/etc/kubernetes/admission-control/encryption-provider-config.yaml" - {{ if (and .OIDCIssuerURL .OIDCClientID) }} - oidc-issuer-url: "{{ .OIDCIssuerURL }}" - oidc-client-id: "{{ .OIDCClientID }}" - oidc-username-claim: "email" - oidc-username-prefix: "oidc:" - oidc-groups-claim: "groups"{{end}} - {{ if .CloudProvider }}cloud-provider: "{{ .CloudProvider }}" - {{ if .CloudConfig }}cloud-config: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}}{{end}} -schedulerExtraArgs: - profiling: "false" -apiServerExtraVolumes: - {{ if .WithAuditLog }} - - name: audit-log-dir - hostPath: {{ .AuditLogDir }} - mountPath: {{ .AuditLogDir }} - pathType: DirectoryOrCreate - - name: audit-policy-file - hostPath: {{ .AuditPolicyFile }} - mountPath: {{ .AuditPolicyFile }} - readOnly: true - pathType: FileOrCreate{{ end }} - - name: admission-control-config-file - hostPath: {{ .AdmissionConfig }} - mountPath: {{ .AdmissionConfig }} - writable: false - pathType: File - - name: admission-control-config-dir - hostPath: /etc/kubernetes/admission-control/ - mountPath: /etc/kubernetes/admission-control/ - writable: false - pathType: Directory - {{ if and .CloudProvider .CloudConfig }} - - name: cloud-config - hostPath: /etc/kubernetes/{{ .CloudProvider }}.conf - mountPath: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}} -controllerManagerExtraArgs: - cluster-name: "{{ .ClusterName }}" - profiling: "false" - terminated-pod-gc-threshold: "10" - feature-gates: "RotateKubeletServerCertificate=true" - {{ if .ControllerManagerSigningCA }}cluster-signing-cert-file: {{ .ControllerManagerSigningCA }}{{end}} - {{ if .CloudProvider }} - cloud-provider: "{{ .CloudProvider }}" - {{ if .CloudConfig }}cloud-config: /etc/kubernetes/{{ .CloudProvider }}.conf -controllerManagerExtraVolumes: - - name: cloud-config - hostPath: /etc/kubernetes/{{ .CloudProvider }}.conf - mountPath: /etc/kubernetes/{{ .CloudProvider }}.conf{{end}}{{end}} -etcd: - {{ if .EtcdEndpoints }} - external: - endpoints: - {{range $k, $endpoint := .EtcdEndpoints }} - "{{ $endpoint }}" - {{end}} - caFile: {{ .EtcdCAFile }} - certFile: {{ .EtcdCertFile }} - keyFile: {{ .EtcdKeyFile }} - {{else}} - local: - extraArgs: - peer-auto-tls: "false" - {{end}} ---- -apiVersion: kubelet.config.k8s.io/v1beta1 -kind: KubeletConfiguration -serverTLSBootstrap: true -systemReserved: - cpu: 50m - memory: 50Mi - ephemeral-storage: 1Gi -kubeReserved: - cpu: {{ .KubeReservedCPU }} - memory: {{ .KubeReservedMemory }} - ephemeral-storage: 1Gi -evictionHard: - imagefs.available: 15% - memory.available: 100Mi - nodefs.available: 10% - nodefs.inodesFree: 5% diff --git a/cmd/pke/app/phases/kubeadm/node/kubeadm.go b/cmd/pke/app/phases/kubeadm/node/kubeadm.go index 55896853..9895315e 100644 --- a/cmd/pke/app/phases/kubeadm/node/kubeadm.go +++ b/cmd/pke/app/phases/kubeadm/node/kubeadm.go @@ -29,7 +29,6 @@ import ( "github.com/pbnjay/memory" ) -//go:generate templify -t ${GOTMPL} -p node -f kubeadmConfigV1Alpha3 kubeadm_v1alpha3.yaml.tmpl //go:generate templify -t ${GOTMPL} -p node -f kubeadmConfigV1Beta1 kubeadm_v1beta1.yaml.tmpl //go:generate templify -t ${GOTMPL} -p node -f kubeadmConfigV1Beta2 kubeadm_v1beta2.yaml.tmpl @@ -61,10 +60,7 @@ func (n Node) writeKubeadmConfig(out io.Writer, filename string) error { var conf string switch ver.Minor() { - case 12, 13: - // see https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha3 - conf = kubeadmConfigV1Alpha3Template() - case 14, 15, 16, 17: + case 15, 16, 17: // see https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1 conf = kubeadmConfigV1Beta1Template() case 18: diff --git a/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.go b/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.go deleted file mode 100644 index b5138ce0..00000000 --- a/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.go +++ /dev/null @@ -1,70 +0,0 @@ -// Copyright © 2019 Banzai Cloud -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package node - -// kubeadmConfigV1Alpha3Template is a generated function returning the template as a string. -func kubeadmConfigV1Alpha3Template() string { - var tmpl = "apiVersion: kubeadm.k8s.io/v1alpha3\n" + - "kind: JoinConfiguration\n" + - "{{ if and .APIServerAdvertiseAddress .APIServerBindPort }}controlPlane: true\n" + - "apiEndpoint:\n" + - " advertiseAddress: \"{{ .APIServerAdvertiseAddress }}\"\n" + - " bindPort: {{ .APIServerBindPort }}{{end}}\n" + - "nodeRegistration:\n" + - " criSocket: \"{{ .CRISocket }}\"\n" + - " taints:{{ if not .Taints }} []{{end}}{{range .Taints}}\n" + - " - key: \"{{.Key}}\"\n" + - " value: \"{{.Value}}\"\n" + - " effect: \"{{.Effect}}\"{{end}}\n" + - " kubeletExtraArgs:\n" + - " {{ if .NodeLabels }}node-labels: \"{{ .NodeLabels }}\"{{end}}\n" + - " {{ if .CloudProvider }}cloud-provider: \"{{ .CloudProvider }}\"{{end}}\n" + - " {{if eq .CloudProvider \"azure\" }}cloud-config: \"/etc/kubernetes/{{ .CloudProvider }}.conf\"{{end}}\n" + - " read-only-port: \"0\"\n" + - " anonymous-auth: \"false\"\n" + - " streaming-connection-idle-timeout: \"5m\"\n" + - " protect-kernel-defaults: \"true\"\n" + - " event-qps: \"0\"\n" + - " client-ca-file: \"/etc/kubernetes/pki/ca.crt\"\n" + - " feature-gates: \"RotateKubeletServerCertificate=true\"\n" + - " rotate-certificates: \"true\"\n" + - " tls-cipher-suites: \"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256\"\n" + - " authorization-mode: \"Webhook\"\n" + - " experimental-kernel-memcg-notification: \"true\"\n" + - "discoveryTokenAPIServers:\n" + - " - {{ .ControlPlaneEndpoint }}\n" + - "token: {{ .Token }}\n" + - "discoveryTokenCACertHashes:\n" + - " - {{ .CACertHash }}\n" + - "---\n" + - "apiVersion: kubelet.config.k8s.io/v1beta1\n" + - "kind: KubeletConfiguration\n" + - "serverTLSBootstrap: true\n" + - "systemReserved:\n" + - " cpu: 50m\n" + - " memory: 50Mi\n" + - " ephemeral-storage: 1Gi\n" + - "kubeReserved:\n" + - " cpu: {{ .KubeReservedCPU }}\n" + - " memory: {{ .KubeReservedMemory }}\n" + - " ephemeral-storage: 1Gi\n" + - "evictionHard:\n" + - " imagefs.available: 15%\n" + - " memory.available: 100Mi\n" + - " nodefs.available: 10%\n" + - " nodefs.inodesFree: 5%\n" + - "" - return tmpl -} diff --git a/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.tmpl b/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.tmpl deleted file mode 100644 index c4a64f15..00000000 --- a/cmd/pke/app/phases/kubeadm/node/kubeadm_v1alpha3.yaml.tmpl +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: JoinConfiguration -{{ if and .APIServerAdvertiseAddress .APIServerBindPort }}controlPlane: true -apiEndpoint: - advertiseAddress: "{{ .APIServerAdvertiseAddress }}" - bindPort: {{ .APIServerBindPort }}{{end}} -nodeRegistration: - criSocket: "{{ .CRISocket }}" - taints:{{ if not .Taints }} []{{end}}{{range .Taints}} - - key: "{{.Key}}" - value: "{{.Value}}" - effect: "{{.Effect}}"{{end}} - kubeletExtraArgs: - {{ if .NodeLabels }}node-labels: "{{ .NodeLabels }}"{{end}} - {{ if .CloudProvider }}cloud-provider: "{{ .CloudProvider }}"{{end}} - {{if eq .CloudProvider "azure" }}cloud-config: "/etc/kubernetes/{{ .CloudProvider }}.conf"{{end}} - read-only-port: "0" - anonymous-auth: "false" - streaming-connection-idle-timeout: "5m" - protect-kernel-defaults: "true" - event-qps: "0" - client-ca-file: "/etc/kubernetes/pki/ca.crt" - feature-gates: "RotateKubeletServerCertificate=true" - rotate-certificates: "true" - tls-cipher-suites: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256" - authorization-mode: "Webhook" - experimental-kernel-memcg-notification: "true" -discoveryTokenAPIServers: - - {{ .ControlPlaneEndpoint }} -token: {{ .Token }} -discoveryTokenCACertHashes: - - {{ .CACertHash }} ---- -apiVersion: kubelet.config.k8s.io/v1beta1 -kind: KubeletConfiguration -serverTLSBootstrap: true -systemReserved: - cpu: 50m - memory: 50Mi - ephemeral-storage: 1Gi -kubeReserved: - cpu: {{ .KubeReservedCPU }} - memory: {{ .KubeReservedMemory }} - ephemeral-storage: 1Gi -evictionHard: - imagefs.available: 15% - memory.available: 100Mi - nodefs.available: 10% - nodefs.inodesFree: 5% diff --git a/cmd/pke/app/util/linux/yum_test.go b/cmd/pke/app/util/linux/yum_test.go index ce0b1ac6..44ac8f48 100644 --- a/cmd/pke/app/util/linux/yum_test.go +++ b/cmd/pke/app/util/linux/yum_test.go @@ -48,7 +48,7 @@ func TestParseRpmPackageOutput(t *testing.T) { err bool }{ {"kubernetes-cni-0.7.5-0.x86_64", "kubernetes-cni", "0.7.5", "0", "x86_64", false}, - {"kubeadm-1.14.0-0.x86_64", "kubeadm", "1.14.0", "0", "x86_64", false}, + {"kubeadm-1.18.0-0.x86_64", "kubeadm", "1.18.0", "0", "x86_64", false}, {"kubeadm", "", "", "", "", true}, {"util-linux-2.23.2-59.el7.x86_64", "util-linux", "2.23.2", "59.el7", "x86_64", false}, {"systemd-219-62.el7_6.5.x86_64", "systemd", "219", "62.el7_6.5", "x86_64", false},