diff --git a/CHANGES.md b/CHANGES.md
index 5c5f3523..cf0b3a02 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -4,6 +4,12 @@ Notable changes between versions.
## Latest
+## V1.23.3
+
+* Kubernetes [v1.23.3](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1233)
+
+## v1.23.2
+
* Kubernetes [v1.23.2](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1232)
* Remove Kubelet flag `--network-plugin`. Unused since `docker-shim` isn't used ([#1106](https://github.com/poseidon/typhoon/pull/1106))
diff --git a/README.md b/README.md
index 7b4cb497..ca746c18 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features 
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/flatcar-linux/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
@@ -62,7 +62,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -101,9 +101,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.23.2
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.2
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.2
+yavin-controller-0.c.example-com.internal Ready 6m v1.23.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.3
```
List the pods.
diff --git a/aws/fedora-coreos/kubernetes/README.md b/aws/fedora-coreos/kubernetes/README.md
index d1cb676c..7d843ec5 100644
--- a/aws/fedora-coreos/kubernetes/README.md
+++ b/aws/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/fedora-coreos/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/aws/fedora-coreos/kubernetes/bootstrap.tf b/aws/fedora-coreos/kubernetes/bootstrap.tf
index ebe2e9de..4152f0f2 100644
--- a/aws/fedora-coreos/kubernetes/bootstrap.tf
+++ b/aws/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/fedora-coreos/kubernetes/fcc/controller.yaml b/aws/fedora-coreos/kubernetes/fcc/controller.yaml
index 83aae554..be1fdcc1 100644
--- a/aws/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/aws/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -56,7 +56,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -126,7 +126,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.23.2
+ quay.io/poseidon/kubelet:v1.23.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
index 31036039..d7d1cc15 100644
--- a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@@ -29,7 +29,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -94,7 +94,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/aws/flatcar-linux/kubernetes/README.md b/aws/flatcar-linux/kubernetes/README.md
index b994e6b4..a802bdb2 100644
--- a/aws/flatcar-linux/kubernetes/README.md
+++ b/aws/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/flatcar-linux/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/aws/flatcar-linux/kubernetes/bootstrap.tf b/aws/flatcar-linux/kubernetes/bootstrap.tf
index ebe2e9de..4152f0f2 100644
--- a/aws/flatcar-linux/kubernetes/bootstrap.tf
+++ b/aws/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/flatcar-linux/kubernetes/cl/controller.yaml b/aws/flatcar-linux/kubernetes/cl/controller.yaml
index 93aafc6a..368c7437 100644
--- a/aws/flatcar-linux/kubernetes/cl/controller.yaml
+++ b/aws/flatcar-linux/kubernetes/cl/controller.yaml
@@ -57,7 +57,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -121,7 +121,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/aws/flatcar-linux/kubernetes/workers/cl/worker.yaml b/aws/flatcar-linux/kubernetes/workers/cl/worker.yaml
index 3e5fcbc2..b15d45e1 100644
--- a/aws/flatcar-linux/kubernetes/workers/cl/worker.yaml
+++ b/aws/flatcar-linux/kubernetes/workers/cl/worker.yaml
@@ -29,7 +29,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -96,7 +96,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/azure/fedora-coreos/kubernetes/README.md b/azure/fedora-coreos/kubernetes/README.md
index 15510c38..f8db7699 100644
--- a/azure/fedora-coreos/kubernetes/README.md
+++ b/azure/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot priority](https://typhoon.psdn.io/fedora-coreos/azure/#low-priority) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/azure/fedora-coreos/kubernetes/bootstrap.tf b/azure/fedora-coreos/kubernetes/bootstrap.tf
index 9d4c3b95..70669151 100644
--- a/azure/fedora-coreos/kubernetes/bootstrap.tf
+++ b/azure/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/azure/fedora-coreos/kubernetes/fcc/controller.yaml b/azure/fedora-coreos/kubernetes/fcc/controller.yaml
index 90078c81..aebf60ca 100644
--- a/azure/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/azure/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -53,7 +53,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -121,7 +121,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.23.2
+ quay.io/poseidon/kubelet:v1.23.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml
index e62ef5cd..86128f1b 100644
--- a/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/azure/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@@ -26,7 +26,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -89,7 +89,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/azure/flatcar-linux/kubernetes/README.md b/azure/flatcar-linux/kubernetes/README.md
index 4eab6084..613642ea 100644
--- a/azure/flatcar-linux/kubernetes/README.md
+++ b/azure/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [low-priority](https://typhoon.psdn.io/flatcar-linux/azure/#low-priority) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/azure/flatcar-linux/kubernetes/bootstrap.tf b/azure/flatcar-linux/kubernetes/bootstrap.tf
index 9d4c3b95..70669151 100644
--- a/azure/flatcar-linux/kubernetes/bootstrap.tf
+++ b/azure/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/azure/flatcar-linux/kubernetes/cl/controller.yaml b/azure/flatcar-linux/kubernetes/cl/controller.yaml
index 8cc9edaa..288661b5 100644
--- a/azure/flatcar-linux/kubernetes/cl/controller.yaml
+++ b/azure/flatcar-linux/kubernetes/cl/controller.yaml
@@ -55,7 +55,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -117,7 +117,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/azure/flatcar-linux/kubernetes/workers/cl/worker.yaml b/azure/flatcar-linux/kubernetes/workers/cl/worker.yaml
index e3c45596..cf9c2f60 100644
--- a/azure/flatcar-linux/kubernetes/workers/cl/worker.yaml
+++ b/azure/flatcar-linux/kubernetes/workers/cl/worker.yaml
@@ -27,7 +27,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -92,7 +92,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/bare-metal/fedora-coreos/kubernetes/README.md b/bare-metal/fedora-coreos/kubernetes/README.md
index 5e19d625..21dd6a29 100644
--- a/bare-metal/fedora-coreos/kubernetes/README.md
+++ b/bare-metal/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
index db28b1b3..3b8156e5 100644
--- a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
+++ b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
index 0f389952..e70e4f12 100644
--- a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -52,7 +52,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -123,7 +123,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=-/usr/bin/podman rm bootstrap
ExecStart=/usr/bin/podman run --name bootstrap \
--network host \
diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
index 1ae3b019..f1eb6733 100644
--- a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
@@ -25,7 +25,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/bare-metal/flatcar-linux/kubernetes/README.md b/bare-metal/flatcar-linux/kubernetes/README.md
index 1cc5c957..54150cd1 100644
--- a/bare-metal/flatcar-linux/kubernetes/README.md
+++ b/bare-metal/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/bare-metal/flatcar-linux/kubernetes/bootstrap.tf b/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
index 074c37f6..795dbece 100644
--- a/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
+++ b/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/flatcar-linux/kubernetes/cl/controller.yaml b/bare-metal/flatcar-linux/kubernetes/cl/controller.yaml
index e56403ed..77a685d4 100644
--- a/bare-metal/flatcar-linux/kubernetes/cl/controller.yaml
+++ b/bare-metal/flatcar-linux/kubernetes/cl/controller.yaml
@@ -63,7 +63,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -126,7 +126,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/bare-metal/flatcar-linux/kubernetes/cl/worker.yaml b/bare-metal/flatcar-linux/kubernetes/cl/worker.yaml
index 5a27071f..71be6404 100644
--- a/bare-metal/flatcar-linux/kubernetes/cl/worker.yaml
+++ b/bare-metal/flatcar-linux/kubernetes/cl/worker.yaml
@@ -35,7 +35,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/digital-ocean/fedora-coreos/kubernetes/README.md b/digital-ocean/fedora-coreos/kubernetes/README.md
index 8bb512e1..c9376e29 100644
--- a/digital-ocean/fedora-coreos/kubernetes/README.md
+++ b/digital-ocean/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf b/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
index c6a20fd2..1d45ee4a 100644
--- a/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
+++ b/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml
index 95c90a4d..10c3699c 100644
--- a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -54,7 +54,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -133,7 +133,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.23.2
+ quay.io/poseidon/kubelet:v1.23.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml
index 2662b24c..b23f69c2 100644
--- a/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml
+++ b/digital-ocean/fedora-coreos/kubernetes/fcc/worker.yaml
@@ -28,7 +28,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -96,7 +96,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/digital-ocean/flatcar-linux/kubernetes/README.md b/digital-ocean/flatcar-linux/kubernetes/README.md
index 24d66109..ac6a13b5 100644
--- a/digital-ocean/flatcar-linux/kubernetes/README.md
+++ b/digital-ocean/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf b/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
index c6a20fd2..1d45ee4a 100644
--- a/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
+++ b/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/digital-ocean/flatcar-linux/kubernetes/cl/controller.yaml b/digital-ocean/flatcar-linux/kubernetes/cl/controller.yaml
index 5fd17285..204b756d 100644
--- a/digital-ocean/flatcar-linux/kubernetes/cl/controller.yaml
+++ b/digital-ocean/flatcar-linux/kubernetes/cl/controller.yaml
@@ -65,7 +65,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -129,7 +129,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/digital-ocean/flatcar-linux/kubernetes/cl/worker.yaml b/digital-ocean/flatcar-linux/kubernetes/cl/worker.yaml
index 48f2c785..2b5b775a 100644
--- a/digital-ocean/flatcar-linux/kubernetes/cl/worker.yaml
+++ b/digital-ocean/flatcar-linux/kubernetes/cl/worker.yaml
@@ -37,7 +37,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -98,7 +98,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/docs/advanced/arm64.md b/docs/advanced/arm64.md
index 8a1c261a..70756ba0 100644
--- a/docs/advanced/arm64.md
+++ b/docs/advanced/arm64.md
@@ -13,7 +13,7 @@ Create a cluster with ARM64 controller and worker nodes. Container workloads mus
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "gravitas"
@@ -38,7 +38,7 @@ Create a cluster with ARM64 controller and worker nodes. Container workloads mus
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "gravitas"
@@ -64,9 +64,9 @@ Verify the cluster has only arm64 (`aarch64`) nodes. For Flatcar Linux, describe
```
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
-ip-10-0-21-119 Ready 77s v1.23.2 10.0.21.119 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
-ip-10-0-32-166 Ready 80s v1.23.2 10.0.32.166 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
-ip-10-0-5-79 Ready 77s v1.23.2 10.0.5.79 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-21-119 Ready 77s v1.23.3 10.0.21.119 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-32-166 Ready 80s v1.23.3 10.0.32.166 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-5-79 Ready 77s v1.23.3 10.0.5.79 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
```
## Hybrid
@@ -77,7 +77,7 @@ Create a hybrid/mixed arch cluster by defining an AWS cluster. Then define a [wo
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "gravitas"
@@ -100,7 +100,7 @@ Create a hybrid/mixed arch cluster by defining an AWS cluster. Then define a [wo
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "gravitas"
@@ -123,7 +123,7 @@ Create a hybrid/mixed arch cluster by defining an AWS cluster. Then define a [wo
```tf
module "gravitas-arm64" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# AWS
vpc_id = module.gravitas.vpc_id
@@ -147,7 +147,7 @@ Create a hybrid/mixed arch cluster by defining an AWS cluster. Then define a [wo
```tf
module "gravitas-arm64" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.23.3"
# AWS
vpc_id = module.gravitas.vpc_id
@@ -172,9 +172,9 @@ Verify amd64 (x86_64) and arm64 (aarch64) nodes are present.
```
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
-ip-10-0-1-73 Ready 111m v1.23.2 10.0.1.73 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
-ip-10-0-22-79... Ready 111m v1.23.2 10.0.22.79 Flatcar Container Linux by Kinvolk 3033.2.0 (Oklo) 5.10.84-flatcar containerd://1.5.8
-ip-10-0-24-130 Ready 111m v1.23.2 10.0.24.130 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
-ip-10-0-39-19 Ready 111m v1.23.2 10.0.39.19 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-1-73 Ready 111m v1.23.3 10.0.1.73 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-22-79... Ready 111m v1.23.3 10.0.22.79 Flatcar Container Linux by Kinvolk 3033.2.0 (Oklo) 5.10.84-flatcar containerd://1.5.8
+ip-10-0-24-130 Ready 111m v1.23.3 10.0.24.130 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-39-19 Ready 111m v1.23.3 10.0.39.19 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
```
diff --git a/docs/advanced/nodes.md b/docs/advanced/nodes.md
index 84a48282..78e8c57d 100644
--- a/docs/advanced/nodes.md
+++ b/docs/advanced/nodes.md
@@ -36,7 +36,7 @@ Add custom initial worker node labels to default workers or worker pool nodes to
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -57,7 +57,7 @@ Add custom initial worker node labels to default workers or worker pool nodes to
```tf
module "yavin-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -89,7 +89,7 @@ Add custom initial taints on worker pool nodes to indicate a node is unique and
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -110,7 +110,7 @@ Add custom initial taints on worker pool nodes to indicate a node is unique and
```tf
module "yavin-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
diff --git a/docs/advanced/worker-pools.md b/docs/advanced/worker-pools.md
index 174594d4..33b985d0 100644
--- a/docs/advanced/worker-pools.md
+++ b/docs/advanced/worker-pools.md
@@ -19,7 +19,7 @@ Create a cluster following the AWS [tutorial](../flatcar-linux/aws.md#cluster).
```tf
module "tempest-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# AWS
vpc_id = module.tempest.vpc_id
@@ -42,7 +42,7 @@ Create a cluster following the AWS [tutorial](../flatcar-linux/aws.md#cluster).
```tf
module "tempest-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.23.3"
# AWS
vpc_id = module.tempest.vpc_id
@@ -111,7 +111,7 @@ Create a cluster following the Azure [tutorial](../flatcar-linux/azure.md#cluste
```tf
module "ramius-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# Azure
region = module.ramius.region
@@ -137,7 +137,7 @@ Create a cluster following the Azure [tutorial](../flatcar-linux/azure.md#cluste
```tf
module "ramius-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes/workers?ref=v1.23.3"
# Azure
region = module.ramius.region
@@ -207,7 +207,7 @@ Create a cluster following the Google Cloud [tutorial](../flatcar-linux/google-c
```tf
module "yavin-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.23.3"
# Google Cloud
region = "europe-west2"
@@ -231,7 +231,7 @@ Create a cluster following the Google Cloud [tutorial](../flatcar-linux/google-c
```tf
module "yavin-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes/workers?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes/workers?ref=v1.23.3"
# Google Cloud
region = "europe-west2"
@@ -262,11 +262,11 @@ Verify a managed instance group of workers joins the cluster within a few minute
```
$ kubectl get nodes
NAME STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.23.2
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.2
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.2
-yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.23.2
-yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.23.2
+yavin-controller-0.c.example-com.internal Ready 6m v1.23.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.3
+yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.23.3
+yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.23.3
```
### Variables
diff --git a/docs/architecture/operating-systems.md b/docs/architecture/operating-systems.md
index f420379f..a7aa8825 100644
--- a/docs/architecture/operating-systems.md
+++ b/docs/architecture/operating-systems.md
@@ -34,7 +34,7 @@ Together, they diversify Typhoon to support a range of container technologies.
| single-master | all platforms | all platforms |
| multi-master | all platforms | all platforms |
| control plane | static pods | static pods |
-| Container Runtime | docker 20.10 | docker 20.10 |
+| Container Runtime | containerd 1.5.8 | containerd 1.5.8 |
| kubelet image | kubelet [image](https://github.com/poseidon/kubelet) with upstream binary | kubelet [image](https://github.com/poseidon/kubelet) with upstream binary |
| control plane images | upstream images | upstream images |
| on-host etcd | docker | podman |
diff --git a/docs/fedora-coreos/aws.md b/docs/fedora-coreos/aws.md
index 781fff9c..bb6f13b2 100644
--- a/docs/fedora-coreos/aws.md
+++ b/docs/fedora-coreos/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on AWS with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on AWS with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -72,7 +72,7 @@ Define a Kubernetes cluster using the module `aws/fedora-coreos/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "tempest"
@@ -145,9 +145,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.23.2
-ip-10-0-26-65 Ready 10m v1.23.2
-ip-10-0-41-21 Ready 10m v1.23.2
+ip-10-0-3-155 Ready 10m v1.23.3
+ip-10-0-26-65 Ready 10m v1.23.3
+ip-10-0-41-21 Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/fedora-coreos/azure.md b/docs/fedora-coreos/azure.md
index 5f5be69f..06ebe72c 100644
--- a/docs/fedora-coreos/azure.md
+++ b/docs/fedora-coreos/azure.md
@@ -1,6 +1,6 @@
# Azure
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on Azure with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on Azure with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a resource group, virtual network, subnets, security groups, controller availability set, worker scale set, load balancer, and TLS assets.
@@ -86,7 +86,7 @@ Define a Kubernetes cluster using the module `azure/fedora-coreos/kubernetes`.
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes?ref=v1.23.3"
# Azure
cluster_name = "ramius"
@@ -161,9 +161,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/ramius-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ramius-controller-0 Ready 24m v1.23.2
-ramius-worker-000001 Ready 25m v1.23.2
-ramius-worker-000002 Ready 24m v1.23.2
+ramius-controller-0 Ready 24m v1.23.3
+ramius-worker-000001 Ready 25m v1.23.3
+ramius-worker-000002 Ready 24m v1.23.3
```
List the pods.
diff --git a/docs/fedora-coreos/bare-metal.md b/docs/fedora-coreos/bare-metal.md
index dbd14ffa..8e53fb45 100644
--- a/docs/fedora-coreos/bare-metal.md
+++ b/docs/fedora-coreos/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.23.2 cluster on bare-metal with Fedora CoreOS.
+In this tutorial, we'll network boot and provision a Kubernetes v1.23.3 cluster on bare-metal with Fedora CoreOS.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Fedora CoreOS to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -154,7 +154,7 @@ Define a Kubernetes cluster using the module `bare-metal/fedora-coreos/kubernete
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.23.3"
# bare-metal
cluster_name = "mercury"
@@ -283,9 +283,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.23.2
-node2.example.com Ready 10m v1.23.2
-node3.example.com Ready 10m v1.23.2
+node1.example.com Ready 10m v1.23.3
+node2.example.com Ready 10m v1.23.3
+node3.example.com Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/fedora-coreos/digitalocean.md b/docs/fedora-coreos/digitalocean.md
index e3036fb1..efbcd36a 100644
--- a/docs/fedora-coreos/digitalocean.md
+++ b/docs/fedora-coreos/digitalocean.md
@@ -1,6 +1,6 @@
# DigitalOcean
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on DigitalOcean with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on DigitalOcean with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create controller droplets, worker droplets, DNS records, tags, and TLS assets.
@@ -81,7 +81,7 @@ Define a Kubernetes cluster using the module `digital-ocean/fedora-coreos/kubern
```tf
module "nemo" {
- source = "git::https://github.com/poseidon/typhoon//digital-ocean/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//digital-ocean/fedora-coreos/kubernetes?ref=v1.23.3"
# Digital Ocean
cluster_name = "nemo"
@@ -155,9 +155,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/nemo-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-10.132.110.130 Ready 10m v1.23.2
-10.132.115.81 Ready 10m v1.23.2
-10.132.124.107 Ready 10m v1.23.2
+10.132.110.130 Ready 10m v1.23.3
+10.132.115.81 Ready 10m v1.23.3
+10.132.124.107 Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/fedora-coreos/google-cloud.md b/docs/fedora-coreos/google-cloud.md
index 7fec0c9b..542d1d06 100644
--- a/docs/fedora-coreos/google-cloud.md
+++ b/docs/fedora-coreos/google-cloud.md
@@ -1,6 +1,6 @@
# Google Cloud
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on Google Compute Engine with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on Google Compute Engine with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -147,9 +147,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.23.2
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.2
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.2
+yavin-controller-0.c.example-com.internal Ready 6m v1.23.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.3
```
List the pods.
diff --git a/docs/flatcar-linux/aws.md b/docs/flatcar-linux/aws.md
index 1f6dc143..f4e0b07f 100644
--- a/docs/flatcar-linux/aws.md
+++ b/docs/flatcar-linux/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on AWS with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on AWS with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -72,7 +72,7 @@ Define a Kubernetes cluster using the module `aws/flatcar-linux/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.23.3"
# AWS
cluster_name = "tempest"
@@ -145,9 +145,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.23.2
-ip-10-0-26-65 Ready 10m v1.23.2
-ip-10-0-41-21 Ready 10m v1.23.2
+ip-10-0-3-155 Ready 10m v1.23.3
+ip-10-0-26-65 Ready 10m v1.23.3
+ip-10-0-41-21 Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/flatcar-linux/azure.md b/docs/flatcar-linux/azure.md
index 006385a1..7a6854d8 100644
--- a/docs/flatcar-linux/azure.md
+++ b/docs/flatcar-linux/azure.md
@@ -1,6 +1,6 @@
# Azure
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on Azure with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on Azure with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a resource group, virtual network, subnets, security groups, controller availability set, worker scale set, load balancer, and TLS assets.
@@ -75,7 +75,7 @@ Define a Kubernetes cluster using the module `azure/flatcar-linux/kubernetes`.
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.23.3"
# Azure
cluster_name = "ramius"
@@ -149,9 +149,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/ramius-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ramius-controller-0 Ready 24m v1.23.2
-ramius-worker-000001 Ready 25m v1.23.2
-ramius-worker-000002 Ready 24m v1.23.2
+ramius-controller-0 Ready 24m v1.23.3
+ramius-worker-000001 Ready 25m v1.23.3
+ramius-worker-000002 Ready 24m v1.23.3
```
List the pods.
diff --git a/docs/flatcar-linux/bare-metal.md b/docs/flatcar-linux/bare-metal.md
index f4099e25..b8891036 100644
--- a/docs/flatcar-linux/bare-metal.md
+++ b/docs/flatcar-linux/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.23.2 cluster on bare-metal with Flatcar Linux.
+In this tutorial, we'll network boot and provision a Kubernetes v1.23.3 cluster on bare-metal with Flatcar Linux.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Container Linux to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -154,7 +154,7 @@ Define a Kubernetes cluster using the module `bare-metal/flatcar-linux/kubernete
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.23.3"
# bare-metal
cluster_name = "mercury"
@@ -293,9 +293,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.23.2
-node2.example.com Ready 10m v1.23.2
-node3.example.com Ready 10m v1.23.2
+node1.example.com Ready 10m v1.23.3
+node2.example.com Ready 10m v1.23.3
+node3.example.com Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/flatcar-linux/digitalocean.md b/docs/flatcar-linux/digitalocean.md
index 91ad97c2..60e70461 100644
--- a/docs/flatcar-linux/digitalocean.md
+++ b/docs/flatcar-linux/digitalocean.md
@@ -1,6 +1,6 @@
# DigitalOcean
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on DigitalOcean with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on DigitalOcean with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create controller droplets, worker droplets, DNS records, tags, and TLS assets.
@@ -81,7 +81,7 @@ Define a Kubernetes cluster using the module `digital-ocean/flatcar-linux/kubern
```tf
module "nemo" {
- source = "git::https://github.com/poseidon/typhoon//digital-ocean/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//digital-ocean/flatcar-linux/kubernetes?ref=v1.23.3"
# Digital Ocean
cluster_name = "nemo"
@@ -155,9 +155,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/nemo-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-10.132.110.130 Ready 10m v1.23.2
-10.132.115.81 Ready 10m v1.23.2
-10.132.124.107 Ready 10m v1.23.2
+10.132.110.130 Ready 10m v1.23.3
+10.132.115.81 Ready 10m v1.23.3
+10.132.124.107 Ready 10m v1.23.3
```
List the pods.
diff --git a/docs/flatcar-linux/google-cloud.md b/docs/flatcar-linux/google-cloud.md
index 607057af..273699b6 100644
--- a/docs/flatcar-linux/google-cloud.md
+++ b/docs/flatcar-linux/google-cloud.md
@@ -1,6 +1,6 @@
# Google Cloud
-In this tutorial, we'll create a Kubernetes v1.23.2 cluster on Google Compute Engine with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.23.3 cluster on Google Compute Engine with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -92,7 +92,7 @@ Define a Kubernetes cluster using the module `google-cloud/flatcar-linux/kuberne
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -167,9 +167,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.23.2
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.2
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.2
+yavin-controller-0.c.example-com.internal Ready 6m v1.23.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.3
```
List the pods.
diff --git a/docs/index.md b/docs/index.md
index a926c5a4..c0c3d552 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](advanced/worker-pools/), [preemptible](fedora-coreos/google-cloud/#preemption) workers, and [snippets](advanced/customization/#hosts) customization
@@ -61,7 +61,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.3"
# Google Cloud
cluster_name = "yavin"
@@ -99,9 +99,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.23.2
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.2
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.2
+yavin-controller-0.c.example-com.internal Ready 6m v1.23.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.23.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.23.3
```
List the pods.
diff --git a/docs/topics/maintenance.md b/docs/topics/maintenance.md
index 87a431eb..8255dc52 100644
--- a/docs/topics/maintenance.md
+++ b/docs/topics/maintenance.md
@@ -13,12 +13,12 @@ Typhoon provides tagged releases to allow clusters to be versioned using ordinar
```
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.23.3"
...
}
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.23.2"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.23.3"
...
}
```
diff --git a/google-cloud/fedora-coreos/kubernetes/README.md b/google-cloud/fedora-coreos/kubernetes/README.md
index bae35755..d4d85430 100644
--- a/google-cloud/fedora-coreos/kubernetes/README.md
+++ b/google-cloud/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/fedora-coreos/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
index f8f81ae2..ff3360fb 100644
--- a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
+++ b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
index 5198c2f6..c704db1c 100644
--- a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -53,7 +53,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -121,7 +121,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.23.2
+ quay.io/poseidon/kubelet:v1.23.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
index e62ef5cd..86128f1b 100644
--- a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@@ -26,7 +26,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -89,7 +89,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
diff --git a/google-cloud/flatcar-linux/kubernetes/README.md b/google-cloud/flatcar-linux/kubernetes/README.md
index 2bfb1804..2f3b3d18 100644
--- a/google-cloud/flatcar-linux/kubernetes/README.md
+++ b/google-cloud/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.23.2 (upstream)
+* Kubernetes v1.23.3 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/flatcar-linux/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/google-cloud/flatcar-linux/kubernetes/bootstrap.tf b/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
index f8f81ae2..ff3360fb 100644
--- a/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
+++ b/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f45deec67e2fea4f06b5a3edad628b0fe0e9ec60"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=26bea83b957d18b99e16435405983181c4a6e159"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/google-cloud/flatcar-linux/kubernetes/cl/controller.yaml b/google-cloud/flatcar-linux/kubernetes/cl/controller.yaml
index 6ba36687..f097d2c7 100644
--- a/google-cloud/flatcar-linux/kubernetes/cl/controller.yaml
+++ b/google-cloud/flatcar-linux/kubernetes/cl/controller.yaml
@@ -55,7 +55,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -117,7 +117,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/google-cloud/flatcar-linux/kubernetes/workers/cl/worker.yaml b/google-cloud/flatcar-linux/kubernetes/workers/cl/worker.yaml
index e3c45596..cf9c2f60 100644
--- a/google-cloud/flatcar-linux/kubernetes/workers/cl/worker.yaml
+++ b/google-cloud/flatcar-linux/kubernetes/workers/cl/worker.yaml
@@ -27,7 +27,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -92,7 +92,7 @@ systemd:
[Unit]
Description=Delete Kubernetes node on shutdown
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.2
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.23.3
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true