CadolesKube
/
typhoon
mirror of https://github.com/puppetmaster/typhoon.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,352 Commits 3 Branches 113 Tags 8.7 MiB
Commit Graph

1352 Commits

Author SHA1 Message Date
Dalton Hubble c230cdec46 Update Grafana and kube-state-metrics addons 2022-02-21 19:36:16 -08:00
Dalton Hubble cabf5b2c34 Update recommended Terraform provider versions 
* Update poseidon/ct version from v0.9.1 to v0.10.0
* Update aws provider to v4.x series
 2022-02-21 19:27:54 -08:00
dependabot[bot] ba8a951863 Bump mkdocs-material from 8.1.11 to 8.2.1 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.11 to 8.2.1.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.11...8.2.1)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-21 09:53:27 -08:00
Dalton Hubble 9aa99f1996 Allow upgrading AWS Terraform provider to v4.x 
* https://github.com/hashicorp/terraform-provider-aws/releases/tag/v4.0.0
 2022-02-17 09:35:15 -08:00
Dalton Hubble fc38ba45b1 Update Kubernetes from v1.23.3 to v1.23.4 
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1234
 2022-02-17 09:00:31 -08:00
Dalton Hubble 28a42238c4 Update nginx-ingress, Prometheus, and Grafana addons 
* Align `nginx-ingress` `--controller-class` with `IngressClass`
to provide a better example (e.g. if extended to multiple ingress
controllers)
 2022-02-17 08:58:29 -08:00
dependabot[bot] de9b30a587 Bump mkdocs-material from 8.1.10 to 8.1.11 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.10 to 8.1.11.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.10...8.1.11)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-14 11:11:06 -08:00
dependabot[bot] affb40d59b Bump pymdown-extensions from 9.1 to 9.2 
Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) from 9.1 to 9.2.
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases)
- [Commits](https://github.com/facelessuser/pymdown-extensions/compare/9.1...9.2)

---
updated-dependencies:
- dependency-name: pymdown-extensions
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-14 11:10:56 -08:00
dependabot[bot] 15ac49b34d Bump mkdocs-material from 8.1.9 to 8.1.10 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.9 to 8.1.10.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.9...8.1.10)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-07 09:49:24 -08:00
Dalton Hubble 6c70d06937 Update etcd from v3.5.1 to v3.5.2 
* https://github.com/etcd-io/etcd/releases/tag/v3.5.2
 2022-02-07 08:10:17 -08:00
Dalton Hubble cf4beeba34 Change default CNI provider from Calico to Cilium 
* Cilium (v1.8) was added to Typhoon in v1.18.5 in June 2020
and its become more impressive since then. Its currently the
leading CNI provider choice.
* Calico has grown complex, has lots of CRDs, masks its
management complexity with an operator (which we won't use),
doesn't provide multi-arch images, and hasn't been compatible
with Kubernetes v1.23 (with ipvs) for several releases.
* Both have CNCF conformance quirks (flannel used for conformance),
but that's not the main factor in choosing the default
 2022-02-07 08:07:00 -08:00
dependabot[bot] 10b4ba14b6 Bump mkdocs-material from 8.1.8 to 8.1.9 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.8 to 8.1.9.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.8...8.1.9)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-01 10:26:39 -08:00
Dalton Hubble e06ee042ee Switch to using Flatcar Linux images on Google Cloud 
* Use the official Kinvolk Flatcar Linux image on Google Cloud
* Change `os_image` from a custom image name to `flatcar-stable`
(default), `flatcar-beta`, or `flatcar-alpha` (**action required**)
* Change `os_image` from a required to an optional variable
* Promote Typhoon on Flatcar Linux / Google Cloud to stable
* Remove docs about needing to upload a Flatcar Linux image
manually on Google Cloud and drop support for custom images
 2022-01-28 21:04:10 -08:00
Dalton Hubble a527f73f5a Update Kubernetes from v1.23.2 to v1.23.3 
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1233
 2022-01-27 09:23:37 -08:00
dependabot[bot] c21a0479c0 Bump mkdocs-material from 8.1.7 to 8.1.8 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.7 to 8.1.8.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.7...8.1.8)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-27 09:02:30 -08:00
Dalton Hubble f614c538cf Update Terraform provider recommendations in docs 2022-01-19 21:16:37 -08:00
Dalton Hubble 3da8c1575c Update nginx-ingress and Grafana addons 2022-01-19 21:09:21 -08:00
Dalton Hubble dedd17d085 Upgrade to DigitalOcean Terraform provider v2.x 
* Remove deprecated `private_networking` parameter
 2022-01-19 18:32:17 -08:00
Dalton Hubble e274a451ff Update Kubernetes from v1.23.1 to v1.23.2 
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1232
 2022-01-19 17:59:49 -08:00
dependabot[bot] b2e36947ab Bump mkdocs-material from 8.1.5 to 8.1.7 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.5 to 8.1.7.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.5...8.1.7)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-19 16:42:21 -08:00
Dalton Hubble 5af0a5c5b9 Add Flatcar Linux ARM64 examples 
* Fix content tabs format for switching between example
code blocks
 2022-01-14 12:52:45 -08:00
Dalton Hubble 2265ab5375 Remove Kubelet `--network-plugin=cni` flag 
* Now that `docker-shim` is no longer used, the Kubelet flag
is no longer needed and will be removed in v1.24
 2022-01-14 10:43:07 -08:00
Dalton Hubble 08ea9776f3 Mask docker.service to prevent socket activation 
* Kubelet now uses `containerd` as the container runtime, but
`docker.service` still starts when `docker.sock` is probed bc
the service is socket activated. Prevent this by masking the
`docker.service` unit
 2022-01-14 10:31:47 -08:00
Dalton Hubble 2e8bc99164 Remove `template` provider usage from terraform-render-bootstrap 2022-01-14 10:27:24 -08:00
Dalton Hubble b18b0a9f3d Remove unused ETCD_UNSUPPORTED_ARCH variable 
* etcd used to require a special variable to use the arm64
container image, but this is no longer required
 2022-01-14 10:25:45 -08:00
Dalton Hubble beb9f1477a Add experimental Flatcar Linux arm64 support on AWS 
* Add `arch` variable to Flatcar Linux AWS `kubernetes` and
`workers` modules. Accept `amd64` (default) or `arm64` to support
native arm64/aarch64 clusters or mixed/hybrid clusters with arm64
workers
* Requires `flannel` or `cilium` CNI

Similar to https://github.com/poseidon/typhoon/pull/875
 2022-01-14 10:24:48 -08:00
Dalton Hubble f544a9c71f Switch Fedora CoreOS from docker-shim to containerd 
* Migrate from `docker-shim` to `containerd` in preparation
for Kubernetes v1.24.0 dropping `docker-shim` support
* Much consideration was given to the container runtime
choice. https://github.com/poseidon/typhoon/issues/899
provides relevant rationales
 2022-01-13 09:17:29 -08:00
dependabot[bot] 415b7fa19a Bump pygments from 2.11.1 to 2.11.2 
Bumps [pygments](https://github.com/pygments/pygments) from 2.11.1 to 2.11.2.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.11.1...2.11.2)

---
updated-dependencies:
- dependency-name: pygments
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-13 09:03:25 -08:00
dependabot[bot] d0c29099ba Bump mkdocs-material from 8.1.4 to 8.1.5 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.4 to 8.1.5.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.4...8.1.5)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-11 20:42:31 -08:00
dependabot[bot] 30e4070474 Bump mkdocs-material from 8.1.3 to 8.1.4 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.3 to 8.1.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.3...8.1.4)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-03 10:53:23 -08:00
dependabot[bot] 43f6a19060 Bump pygments from 2.10.0 to 2.11.1 
Bumps [pygments](https://github.com/pygments/pygments) from 2.10.0 to 2.11.1.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.10.0...2.11.1)

---
updated-dependencies:
- dependency-name: pygments
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-03 10:48:25 -08:00
Dalton Hubble 50215e373b Add Prometheus config for monitoring Kubernetes Ingress 
* Allow Kubernetes Ingress resources to be probed via Blackbox
Exporter (if present) if annotated `prometheus.io/probe: "true"`
* Fix probes of Services via Blackbox Exporter. Require Blackbox
Exporter to be deployed in the same `monitoring` namespace, be
named `blackbox-exporter`, and use port 8080
 2021-12-29 11:57:50 -08:00
Dalton Hubble a9f9c59b91 Configure Prometheus to allow a custom scrape query param 
* Set `prometheus.io/param` on a Kubernetes Service to scrape
the service endpoints and pass a custom query parameter
* For example, scrape Consul with `?format=prometheus`

```yaml
kind: Service
metadata:
  annotations:
    prometheus.io/scrape: 'true'
    prometheus.io/port: '8500'
    prometheus.io/path: /v1/agent/metrics
    prometheus.io/param: format=prometheus
```
 2021-12-29 11:47:10 -08:00
Dalton Hubble 6ed048eb65 Workaround Terraform v1.1 file provisioner regression 
* Terraform v1.1 changed the behavior of provisioners and
`remote-exec` in a way that breaks support for expansions
in commands (including file provisioner, where `destination`
is part of an `scp` command)
* Terraform will likely revert the change eventually, but I
suspect it will take a while
* Instead, we can stop relying on Terraform's expansion
behavior. `/home/core` is a suitable choice for `$HOME` on
both Flatcar Linux and Fedora CoreOS (harldink `/var/home/core`)

Rel: https://github.com/hashicorp/terraform/issues/30243
 2021-12-28 13:25:23 -08:00
dependabot[bot] ce7b2fa21f Bump mkdocs-material from 8.1.1 to 8.1.3 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.1.1 to 8.1.3.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.1...8.1.3)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-12-23 14:33:26 -08:00
Dalton Hubble 9e3807798f Update Kubernetes from v1.23.0 to v1.23.1 
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1231
 2021-12-20 08:36:19 -08:00
Dalton Hubble ef9c6aa423 Switch Flatcar Linux to using containerd CRI 
* Use containerd as the Kubernetes Container Runtime
 2021-12-15 08:42:13 -08:00
Dalton Hubble bb5e5811ec Update Prometheus and Grafana addons 2021-12-15 08:16:46 -08:00
Dalton Hubble 16aa997604 Fix Azure `backend_address_pool_id` deprecation warning 
* Change to `backend_address_pool_ids` list
 2021-12-14 10:26:08 -08:00
dependabot[bot] fb6650b06b Bump mkdocs-material from 8.0.4 to 8.1.1 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 8.0.4 to 8.1.1.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.0.4...8.1.1)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-12-13 17:44:02 -08:00
Dalton Hubble 43c6558aaf Update nginx-ingress and monitoring addons 2021-12-10 11:29:49 -08:00
Dalton Hubble 125008fbb3 Update Cilium from v1.10.5 to v1.11.0 
* https://github.com/cilium/cilium/releases/tag/v1.11.0
 2021-12-10 11:26:05 -08:00
Dalton Hubble 136107b448 Set Kubelet resolver config to /run/systemd/resolve/resolv.conf 
* Both Flatcar Linux and Fedora CoreOS use systemd-resolved,
but they setup /etc/resolv.conf symlinks differently
* Prefer using /run/systemd/resolve/resolv.conf directly, which
also updates to reflect runtime changes (e.g. resolvectl)
 2021-12-10 08:22:30 -08:00
Dalton Hubble e97c1cc9e5 Enable Kubernetes aggregation by default 
* Change `enable_aggregation` default from false to true
* These days, Kubernetes control plane components emit annoying
messages related to assumptions baked into the Kubernetes API
Aggregation Layer if you don't enable it. Further the conformance
tests force you to remember to enable it if you care about passing
those
* This change is motivated by eliminating annoyances, rather than
any enthusiasm for Kubernetes' aggregation features

Rel: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
 2021-12-09 17:30:35 -08:00
Dalton Hubble 39da5b53f5 Update operating system notes in architecture docs 2021-12-09 17:21:24 -08:00
Dalton Hubble 41f739891b Normalize CA certs mounts in static Pods and kube-proxy 
* Mount both /etc/ssl/certs and /etc/pki into control plane static
pods and kube-proxy, rather than choosing one based a variable
(set based on Flatcar Linux or Fedora CoreOS)
* Remove deprecated `--port` from `kube-scheduler` static Pod
 2021-12-09 09:56:37 -08:00
Dalton Hubble 861021ee98 Update Kubernetes from v1.22.4 to v1.23.0 
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230
* With Calico, add missing caliconodestatuses CRD added in v3.21.0
https://github.com/poseidon/terraform-render-bootstrap/pull/289
 2021-12-09 09:28:41 -08:00
Dalton Hubble 9d583ab377 Fix null provider version constraint on Google Cloud 
* Part of https://github.com/poseidon/typhoon/pull/1074
 2021-12-08 14:06:38 -08:00
Dalton Hubble c1d28e6f61 Change default disk_iops on Flatcar Linux 
* Same as #1073, but for Flatcar Linux on AWS as well
 2021-12-07 16:52:55 -08:00
Dalton Hubble a8fd21d250 Update minimum Terraform provider versions 
* Update `null` provider to allow use of v3.1.x releases,
instead of being stuck on v2.1.2
* Update min versions in terraform-render-boostrap
https://github.com/poseidon/terraform-render-bootstrap/pull/287
* Document the recommended versions of Terraform cloud providers
 2021-12-07 16:26:34 -08:00