From 2eaf04c68b3d469aeded276a0dc37d377451d61b Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Fri, 22 Jun 2018 00:46:41 -0700 Subject: [PATCH] Drop hostNetwork from nginx-ingress addon * Both flannel and Calico support host port via `portmap` * Allows writing NetworkPolicies that reference ingress pods in `from` or `to`. HostNetwork pods were difficult to write network policy for since they could circumvent the CNI network to communicate with pods on the same node. --- CHANGES.md | 8 ++++++-- addons/nginx-ingress/aws/deployment.yaml | 1 - addons/nginx-ingress/digital-ocean/daemonset.yaml | 1 - addons/nginx-ingress/google-cloud/deployment.yaml | 1 - 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 36ea7cc1..bea64681 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -34,6 +34,11 @@ Notable changes between versions. #### Addons * Update CLUO from v0.6.0 to v0.7.0 ([#242](https://github.com/poseidon/typhoon/pull/242)) +* Update Prometheus from v2.3.0 to v2.3.1 +* Update Grafana from 5.1.3 to 5.1.4 +* Drop `hostNetwork` from nginx-ingress addon + * Both flannel and Calico support host port via `portmap` + * Allows writing NetworkPolicies that reference ingress pods in `from` or `to`. HostNetwork pods were difficult to write network policy for since they could circumvent the CNI network to communicate with pods on the same node. ## v1.10.4 @@ -43,9 +48,8 @@ Notable changes between versions. #### Addons -* Update Prometheus from v2.2.1 to v2.3.1 +* Update Prometheus from v2.2.1 to v2.3.0 * Add Prometheus liveness and readiness probes -* Update Grafana from 5.1.3 to 5.1.4 * Annotate Grafana service so Prometheus scrapes metrics * Label namespaces to ease writing Network Policies diff --git a/addons/nginx-ingress/aws/deployment.yaml b/addons/nginx-ingress/aws/deployment.yaml index eb3f4813..ce091d2d 100644 --- a/addons/nginx-ingress/aws/deployment.yaml +++ b/addons/nginx-ingress/aws/deployment.yaml @@ -20,7 +20,6 @@ spec: spec: nodeSelector: node-role.kubernetes.io/node: "" - hostNetwork: true containers: - name: nginx-ingress-controller image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0 diff --git a/addons/nginx-ingress/digital-ocean/daemonset.yaml b/addons/nginx-ingress/digital-ocean/daemonset.yaml index e2fed258..4ebc0688 100644 --- a/addons/nginx-ingress/digital-ocean/daemonset.yaml +++ b/addons/nginx-ingress/digital-ocean/daemonset.yaml @@ -20,7 +20,6 @@ spec: spec: nodeSelector: node-role.kubernetes.io/node: "" - hostNetwork: true containers: - name: nginx-ingress-controller image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0 diff --git a/addons/nginx-ingress/google-cloud/deployment.yaml b/addons/nginx-ingress/google-cloud/deployment.yaml index eb3f4813..ce091d2d 100644 --- a/addons/nginx-ingress/google-cloud/deployment.yaml +++ b/addons/nginx-ingress/google-cloud/deployment.yaml @@ -20,7 +20,6 @@ spec: spec: nodeSelector: node-role.kubernetes.io/node: "" - hostNetwork: true containers: - name: nginx-ingress-controller image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0