From 443bd5a26b56e4a92ed25c798ca2b854752a2844 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Tue, 5 Oct 2021 19:09:51 -0700 Subject: [PATCH] Add file to hold nodes on iptables-legacy * Add `/etc/fedora-coreos/iptables-legacy.stamp` to declare that `iptables-legacy` should be used instead of `iptables-nft` (until support is added in future releases) * https://github.com/coreos/fedora-coreos-tracker/issues/676 --- aws/fedora-coreos/kubernetes/fcc/controller.yaml | 1 + aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 1 + azure/fedora-coreos/kubernetes/fcc/controller.yaml | 1 + azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 1 + bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml | 1 + bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml | 1 + digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml | 2 ++ digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml | 1 + google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml | 1 + google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml | 1 + 10 files changed, 11 insertions(+) diff --git a/aws/fedora-coreos/kubernetes/fcc/controller.yaml b/aws/fedora-coreos/kubernetes/fcc/controller.yaml index 3a1ea008..b5ac1acb 100644 --- a/aws/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/aws/fedora-coreos/kubernetes/fcc/controller.yaml @@ -218,6 +218,7 @@ storage: ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_CLIENT_CERT_AUTH=true ETCD_UNSUPPORTED_ARCH=arm64 + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml index e373efdb..4b79b6d8 100644 --- a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -129,6 +129,7 @@ storage: DefaultCPUAccounting=yes DefaultMemoryAccounting=yes DefaultBlockIOAccounting=yes + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/azure/fedora-coreos/kubernetes/fcc/controller.yaml b/azure/fedora-coreos/kubernetes/fcc/controller.yaml index 658a45a3..7559d68b 100644 --- a/azure/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/azure/fedora-coreos/kubernetes/fcc/controller.yaml @@ -212,6 +212,7 @@ storage: ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_CLIENT_CERT_AUTH=true + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml index 0c0f0dce..9ec4bf36 100644 --- a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -124,6 +124,7 @@ storage: DefaultCPUAccounting=yes DefaultMemoryAccounting=yes DefaultBlockIOAccounting=yes + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml index a4b9a26c..01d7b0de 100644 --- a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml @@ -222,6 +222,7 @@ storage: ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_CLIENT_CERT_AUTH=true + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml index 0bbbf09d..f6ea5490 100644 --- a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml +++ b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml @@ -120,6 +120,7 @@ storage: DefaultCPUAccounting=yes DefaultMemoryAccounting=yes DefaultBlockIOAccounting=yes + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml index c54686ad..bb3b7702 100644 --- a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml @@ -219,3 +219,5 @@ storage: ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_CLIENT_CERT_AUTH=true + - path: /etc/fedora-coreos/iptables-legacy.stamp + diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml index fa8f0ac8..fca75041 100644 --- a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml +++ b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml @@ -126,3 +126,4 @@ storage: DefaultCPUAccounting=yes DefaultMemoryAccounting=yes DefaultBlockIOAccounting=yes + - path: /etc/fedora-coreos/iptables-legacy.stamp diff --git a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml index b74c79d0..a8059a8d 100644 --- a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml @@ -212,6 +212,7 @@ storage: ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_CLIENT_CERT_AUTH=true + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core diff --git a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml index 48f634c7..903a08e5 100644 --- a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml +++ b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml @@ -124,6 +124,7 @@ storage: DefaultCPUAccounting=yes DefaultMemoryAccounting=yes DefaultBlockIOAccounting=yes + - path: /etc/fedora-coreos/iptables-legacy.stamp passwd: users: - name: core