openstack
/
magnum
Code Issues Proposed changes

fcos-k8s: Update to v1.22 

* change rbac.authorization.k8s.io/v1beta1 to v1
  * update metrics-server
* change storage.k8s.io/v1beta1 to v1
* drop kubelet-https
* update to FCOS 35

story: 2009828
task: 44416

Signed-off-by: Spyros <strigazi@gmail.com>
Change-Id: I24b89366a4a8e8bc4c90f6a85ef6de2ac77dae1d
This commit is contained in:
Spyros 2022-02-03 13:52:26 +00:00
parent 91024195a5
commit c1c9942f8b
15 changed files with 25 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devstack/plugin.sh
View File

@ -13,7 +13,7 @@ if is_service_enabled magnum-api magnum-cond; then
echo_summary "Installing magnum" echo_summary "Installing magnum"
install_magnum install_magnum
MAGNUM_GUEST_IMAGE_URL=${MAGNUM_GUEST_IMAGE_URL:-"https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/31.20200323.3.2/x86_64/fedora-coreos-31.20200323.3.2-openstack.x86_64.qcow2.xz"} MAGNUM_GUEST_IMAGE_URL=${MAGNUM_GUEST_IMAGE_URL:-"https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/35.20220116.3.0/x86_64/fedora-coreos-35.20220116.3.0-openstack.x86_64.qcow2.xz"}
IMAGE_URLS+=",${MAGNUM_GUEST_IMAGE_URL}" IMAGE_URLS+=",${MAGNUM_GUEST_IMAGE_URL}"
LIBS_FROM_GIT="${LIBS_FROM_GIT},python-magnumclient" LIBS_FROM_GIT="${LIBS_FROM_GIT},python-magnumclient"

2
doc/source/contributor/quickstart.rst
View File

@ -267,7 +267,7 @@ Fedora CoreOS
:: ::
openstack coe cluster template create k8s-cluster-template \ openstack coe cluster template create k8s-cluster-template \
--image fedora-coreos-31.20200323.3.2-openstack.x86_64 \ --image fedora-coreos-35.20220116.3.0-openstack.x86_64 \
--keypair testkey \ --keypair testkey \
--external-network public \ --external-network public \
--dns-nameserver 8.8.8.8 \ --dns-nameserver 8.8.8.8 \

1
doc/source/user/monitoring.rst
View File

@ -52,6 +52,7 @@ _`metrics_server_chart_tag`
Add metrics_server_chart_tag to select the version of the Add metrics_server_chart_tag to select the version of the
stable/metrics-server chart to install. stable/metrics-server chart to install.
Ussuri default: v2.8.8 Ussuri default: v2.8.8
Yoga default: v3.7.0
_`prometheus_operator_chart_tag` _`prometheus_operator_chart_tag`
Add prometheus_operator_chart_tag to select version of the Add prometheus_operator_chart_tag to select version of the

2
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
View File

@ -312,7 +312,7 @@ KUBE_API_ARGS="$KUBE_API_ARGS --client-ca-file=$CERT_DIR/ca.crt"
KUBE_API_ARGS="$KUBE_API_ARGS --service-account-key-file=${CERT_DIR}/service_account.key" KUBE_API_ARGS="$KUBE_API_ARGS --service-account-key-file=${CERT_DIR}/service_account.key"
KUBE_API_ARGS="$KUBE_API_ARGS --service-account-signing-key-file=${CERT_DIR}/service_account_private.key" KUBE_API_ARGS="$KUBE_API_ARGS --service-account-signing-key-file=${CERT_DIR}/service_account_private.key"
KUBE_API_ARGS="$KUBE_API_ARGS --service-account-issuer=https://kubernetes.default.svc.cluster.local" KUBE_API_ARGS="$KUBE_API_ARGS --service-account-issuer=https://kubernetes.default.svc.cluster.local"
KUBE_API_ARGS="$KUBE_API_ARGS --kubelet-certificate-authority=${CERT_DIR}/ca.crt --kubelet-client-certificate=${CERT_DIR}/server.crt --kubelet-client-key=${CERT_DIR}/server.key --kubelet-https=true" KUBE_API_ARGS="$KUBE_API_ARGS --kubelet-certificate-authority=${CERT_DIR}/ca.crt --kubelet-client-certificate=${CERT_DIR}/server.crt --kubelet-client-key=${CERT_DIR}/server.key"
# Allow for metrics-server/aggregator communication # Allow for metrics-server/aggregator communication
KUBE_API_ARGS="${KUBE_API_ARGS} \ KUBE_API_ARGS="${KUBE_API_ARGS} \
--proxy-client-cert-file=${CERT_DIR}/front-proxy/server.crt \ --proxy-client-cert-file=${CERT_DIR}/front-proxy/server.crt \

2
magnum/drivers/common/templates/kubernetes/fragments/enable-cinder-csi.sh
View File

@ -509,7 +509,7 @@ spec:
path: /etc/kubernetes/ca-bundle.crt path: /etc/kubernetes/ca-bundle.crt
type: File type: File
--- ---
apiVersion: storage.k8s.io/v1beta1 apiVersion: storage.k8s.io/v1
kind: CSIDriver kind: CSIDriver
metadata: metadata:
name: cinder.csi.openstack.org name: cinder.csi.openstack.org

4
magnum/drivers/common/templates/kubernetes/fragments/enable-ingress-traefik.sh
View File

@ -128,7 +128,7 @@ spec:
targetPort: metrics targetPort: metrics
--- ---
kind: ClusterRole kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: ingress-traefik name: ingress-traefik
rules: rules:
@ -152,7 +152,7 @@ rules:
- watch - watch
--- ---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: ingress-traefik name: ingress-traefik
roleRef: roleRef:

4
magnum/drivers/common/templates/kubernetes/fragments/enable-keystone-auth.sh
View File

@ -21,7 +21,7 @@ metadata:
name: k8s-keystone-auth name: k8s-keystone-auth
namespace: kube-system namespace: kube-system
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
@ -39,7 +39,7 @@ rules:
- list - list
- watch - watch
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
annotations: annotations:

4
magnum/drivers/common/templates/kubernetes/fragments/enable-prometheus-monitoring.sh
View File

@ -249,7 +249,7 @@ spec:
configMap: configMap:
name: prometheus name: prometheus
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
name: prometheus name: prometheus
@ -276,7 +276,7 @@ metadata:
name: prometheus name: prometheus
namespace: prometheus-monitoring namespace: prometheus-monitoring
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
name: prometheus name: prometheus

4
magnum/drivers/common/templates/kubernetes/fragments/flannel-service.sh
View File

@ -62,7 +62,7 @@ spec:
rule: 'RunAsAny' rule: 'RunAsAny'
--- ---
kind: ClusterRole kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: flannel name: flannel
rules: rules:
@ -91,7 +91,7 @@ rules:
- patch - patch
--- ---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: flannel name: flannel
roleRef: roleRef:

6
magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh
View File

@ -12,7 +12,7 @@ do
done done
cat <<EOF | kubectl apply --validate=false -f - cat <<EOF | kubectl apply --validate=false -f -
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
annotations: annotations:
@ -34,7 +34,7 @@ rules:
EOF EOF
cat <<EOF | kubectl apply --validate=false -f - cat <<EOF | kubectl apply --validate=false -f -
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
name: system:kube-apiserver name: system:kube-apiserver
@ -62,7 +62,7 @@ metadata:
name: admin name: admin
namespace: kube-system namespace: kube-system
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
name: admin name: admin

6
magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh
View File

@ -548,7 +548,7 @@ spec:
k8s-app: heapster k8s-app: heapster
--- ---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: heapster name: heapster
roleRef: roleRef:
@ -560,7 +560,7 @@ subjects:
name: heapster name: heapster
namespace: kube-system namespace: kube-system
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
annotations: annotations:
@ -580,7 +580,7 @@ rules:
verbs: verbs:
- "*" - "*"
--- ---
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
name: system:heapter-kubelet name: system:heapter-kubelet

4
magnum/drivers/common/templates/kubernetes/helm/metrics-server.sh
View File

@ -13,13 +13,13 @@ if [ "$(echo ${METRICS_SERVER_ENABLED} | tr '[:upper:]' '[:lower:]')" = "true" ]
cat << EOF >> ${HELM_CHART_DIR}/requirements.yaml cat << EOF >> ${HELM_CHART_DIR}/requirements.yaml
- name: ${CHART_NAME} - name: ${CHART_NAME}
version: ${METRICS_SERVER_CHART_TAG} version: ${METRICS_SERVER_CHART_TAG}
repository: https://charts.helm.sh/stable repository: https://kubernetes-sigs.github.io/metrics-server/
EOF EOF
cat << EOF >> ${HELM_CHART_DIR}/values.yaml cat << EOF >> ${HELM_CHART_DIR}/values.yaml
metrics-server: metrics-server:
image: image:
repository: ${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}metrics-server-${ARCH} repository: ${CONTAINER_INFRA_PREFIX:-k8s.gcr.io/metrics-server/}metrics-server
resources: resources:
requests: requests:
cpu: 100m cpu: 100m

2
magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
View File

@ -135,7 +135,7 @@ parameters:
metrics_server_chart_tag: metrics_server_chart_tag:
type: string type: string
description: tag of the stable/metrics-server chart to install description: tag of the stable/metrics-server chart to install
default: v2.8.8 default: v3.7.0
minion_flavor: minion_flavor:
type: string type: string

2
magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
View File

@ -139,7 +139,7 @@ parameters:
metrics_server_chart_tag: metrics_server_chart_tag:
type: string type: string
description: tag of the stable/metrics-server chart to install description: tag of the stable/metrics-server chart to install
default: v2.8.8 default: v3.7.0
minion_flavor: minion_flavor:
type: string type: string

4
magnum/tests/contrib/gate_hook.sh
View File

@ -86,8 +86,8 @@ elif [ "${coe}${special}" = "k8s-ironic" ]; then
export DEVSTACK_LOCAL_CONFIG+=$'\n'"IRONIC_VM_SPECS_DISK=10" export DEVSTACK_LOCAL_CONFIG+=$'\n'"IRONIC_VM_SPECS_DISK=10"
export DEVSTACK_LOCAL_CONFIG+=$'\n'"IRONIC_VM_EPHEMERAL_DISK=5" export DEVSTACK_LOCAL_CONFIG+=$'\n'"IRONIC_VM_EPHEMERAL_DISK=5"
else else
export DEVSTACK_LOCAL_CONFIG+=$'\n'"MAGNUM_GUEST_IMAGE_URL='https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/31.20200323.3.2/x86_64/fedora-coreos-31.20200323.3.2-openstack.x86_64.qcow2.xz'" export DEVSTACK_LOCAL_CONFIG+=$'\n'"MAGNUM_GUEST_IMAGE_URL='https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/35.20220116.3.0/x86_64/fedora-coreos-35.20220116.3.0-openstack.x86_64.qcow2.xz'"
export DEVSTACK_LOCAL_CONFIG+=$'\n'"MAGNUM_IMAGE_NAME='fedora-coreos-31.20200323.3.2-openstack.x86_64'" export DEVSTACK_LOCAL_CONFIG+=$'\n'"MAGNUM_IMAGE_NAME='fedora-coreos-35.20220116.3.0-openstack.x86_64'"
fi fi
# Enable magnum plugin in the last step # Enable magnum plugin in the last step