Dalton Hubble
e97c1cc9e5
Enable Kubernetes aggregation by default
...
* Change `enable_aggregation` default from false to true
* These days, Kubernetes control plane components emit annoying
messages related to assumptions baked into the Kubernetes API
Aggregation Layer if you don't enable it. Further the conformance
tests force you to remember to enable it if you care about passing
those
* This change is motivated by eliminating annoyances, rather than
any enthusiasm for Kubernetes' aggregation features
Rel: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
2021-12-09 17:30:35 -08:00
Dalton Hubble
41f739891b
Normalize CA certs mounts in static Pods and kube-proxy
...
* Mount both /etc/ssl/certs and /etc/pki into control plane static
pods and kube-proxy, rather than choosing one based a variable
(set based on Flatcar Linux or Fedora CoreOS)
* Remove deprecated `--port` from `kube-scheduler` static Pod
2021-12-09 09:56:37 -08:00
Dalton Hubble
861021ee98
Update Kubernetes from v1.22.4 to v1.23.0
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230
* With Calico, add missing caliconodestatuses CRD added in v3.21.0
https://github.com/poseidon/terraform-render-bootstrap/pull/289
2021-12-09 09:28:41 -08:00
Dalton Hubble
a8fd21d250
Update minimum Terraform provider versions
...
* Update `null` provider to allow use of v3.1.x releases,
instead of being stuck on v2.1.2
* Update min versions in terraform-render-boostrap
https://github.com/poseidon/terraform-render-bootstrap/pull/287
* Document the recommended versions of Terraform cloud providers
2021-12-07 16:26:34 -08:00
Dalton Hubble
93594292eb
Update Kubernetes from v1.22.3 to v1.22.4
...
* Update flannel from v0.15.0 to v0.15.1
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1224
2021-11-17 19:53:32 -08:00
Dalton Hubble
94b2793e40
Update CoreDNS from v1.8.4 to v1.8.6
...
* https://coredns.io/2021/10/07/coredns-1.8.6-release/
2021-11-12 21:09:04 -08:00
Dalton Hubble
4fd43b39ad
Fix Flatcar Linux docker driver and add cgroups v2
...
* Remove `/sys/fs/cgroup/systemd` mount since Flatcar Linux
uses cgroups v2
* Flatcar Linux's `docker` switched from the `cgroupfs` to
`systemd` driver without notice
2021-11-12 21:07:20 -08:00
Dalton Hubble
65083aca7d
Update Calico and Flannel CNI providers
...
* Update Calico from v3.20.2 to v3.21.0
* Update Flannel from v0.14.0 to v0.15.0
2021-11-12 11:03:39 -08:00
Dalton Hubble
dd4a5a4e7e
Update Kubernetes from v1.22.2 to v1.22.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1223
2021-10-28 10:11:06 -07:00
Dalton Hubble
af835f976f
Update flannel from v0.13.0 to v0.14.0
...
* https://github.com/flannel-io/flannel/releases/tag/v0.14.0
2021-10-28 10:09:06 -07:00
Dalton Hubble
17dce49982
Update etcd from v3.5.0 to v3.5.1
...
* https://github.com/etcd-io/etcd/releases/tag/v3.5.1
2021-10-17 11:28:27 -07:00
Dalton Hubble
5744e10329
Update Cilium from v1.0.4 to v1.0.5
...
* https://github.com/cilium/cilium/releases/tag/v1.10.5
2021-10-17 11:26:59 -07:00
Dalton Hubble
f8162b9be3
Update Calico from v3.20.1 to v3.20.2
...
* Use Calico's iptables legacy vs nft auto-detection
2021-10-11 20:28:48 -07:00
Dalton Hubble
cb72b261c7
Update Terraform provider poseidon/matchbox to v0.5+
...
* Relax version constraint to allow future minor version
releases to be used without a corresponding Typhoon change
2021-09-29 23:41:44 -07:00
Dalton Hubble
b30de949b8
Update Calico and Cilium CNI
...
* Update Calico from v3.20.0 to v3.20.1
* Update Cilium from v1.10.3 to v1.10.4
2021-09-22 22:18:16 -07:00
Dalton Hubble
bb7f31822e
Update Kubernetes from v1.22.1 to v1.22.2
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1222
2021-09-15 19:56:24 -07:00
Dalton Hubble
fcbdb50d93
Update Kubernetes from v1.22.0 to v1.22.1
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1221
2021-08-19 21:12:02 -07:00
Dalton Hubble
cbef202eec
Update Prometheus discovery of kube components
...
* Kubernetes v1.22.0 disabled kube-controller-manager insecure
port, which was used internally for Prometheus metrics scraping
* Configure Prometheus to discover and scrape endpoints for
kube-scheduler and kube-controller-manager via the authenticated
https ports, via bearer token
* Change firewall ports to allow Prometheus (on worker nodes)
to scrape kube-scheduler and kube-controller-manager targets
that run on controller(s) with hostNetwork
* Disable the insecure port on kube-scheduler
2021-08-10 21:25:19 -07:00
Dalton Hubble
1a5949824c
Update etcd from v3.4.16 to v3.5.0
...
* Use multi-arch container image instead of a special
"-arm64" suffix on arm64
* https://github.com/etcd-io/etcd/releases/tag/v3.5.0
2021-08-04 22:10:07 -07:00
Dalton Hubble
9bac641511
Update Kubernetes from v1.21.3 to v1.22.0
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1220
2021-08-04 22:09:19 -07:00
Dalton Hubble
f03045f0dc
Update Cilium for cgroups v2 support
...
* On Fedora CoreOS, Cilium cross-node service IP load balancing
stopped working for a time (first observable as CoreDNS pods
located on worker nodes not being able to reach the kubernetes
API service 10.3.0.1). This turned out to have two parts:
* Fedora CoreOS switched to cgroups v2 by default. In our early
testing with cgroups v2, Calico (default) was used. With the
cgroups v2 change, SELinux policy denied some eBPF operations.
Since fixed in all Fedora CoreOS channels
* Cilium requires new mounts to support cgroups v2, which are
added here
* https://github.com/coreos/fedora-coreos-tracker/issues/292
* https://github.com/coreos/fedora-coreos-tracker/issues/881
* https://github.com/cilium/cilium/pull/16259
2021-07-24 10:36:47 -07:00
Dalton Hubble
fdade5b40c
Update poseidon/ct provider from v0.8.0 to v0.9.0
...
* Continue targeting Ignition v3.2.0 for some time
2021-07-18 09:05:02 -07:00
Dalton Hubble
171fd2c998
Update Kubernetes from v1.21.2 to v1.21.3
...
* https://github.com/kubernetes/kubernetes/releases/tag/v1.21.3
2021-07-17 18:22:24 -07:00
Dalton Hubble
3a71b2ccb1
Update Cilium from v1.10.1 to v1.10.2
...
* https://github.com/cilium/cilium/releases/tag/v1.10.2
2021-07-04 10:11:21 -07:00
Dalton Hubble
d0e73b8174
Bump terraform-render-bootstrap
2021-06-27 18:11:43 -07:00
Dalton Hubble
485feb82c4
Update CoreDNS from v1.8.0 to v1.8.4
...
* https://coredns.io/2021/01/20/coredns-1.8.1-release/
* https://coredns.io/2021/02/23/coredns-1.8.2-release/
* https://coredns.io/2021/02/24/coredns-1.8.3-release/
* https://coredns.io/2021/05/28/coredns-1.8.4-release/
2021-06-23 23:31:25 -07:00
Dalton Hubble
0b276b6b7e
Update Kubernetes from v1.21.1 to v1.21.2
...
* https://github.com/kubernetes/kubernetes/releases/tag/v1.21.2
2021-06-17 16:15:20 -07:00
Dalton Hubble
e8513e58bb
Add support for Terraform v1.0.0
...
* https://github.com/hashicorp/terraform/releases/tag/v1.0.0
2021-06-17 13:32:56 -07:00
Dalton Hubble
996bdd9112
Update Calico from v3.19.0 to v3.19.1
...
* https://docs.projectcalico.org/archive/v3.19/release-notes/
2021-06-02 14:51:15 -07:00
Dalton Hubble
966fd280b0
Update Cilium from v0.10.0-rc1 to v0.10.0
...
* https://github.com/cilium/cilium/releases/tag/v1.10.0
2021-05-24 11:16:51 -07:00
Dalton Hubble
e4e074c894
Update Cilium from v1.9.6 to v1.10.0-rc1
...
* Add multi-arch container images and arm64 support
* https://github.com/cilium/cilium/releases/tag/v1.10.0-rc1
2021-05-14 14:24:52 -07:00
Dalton Hubble
d51da49925
Update docs for Kubernetes v1.21.1 and Terraform v0.15.x
2021-05-13 11:34:01 -07:00
Dalton Hubble
2076a779a3
Update Kubernetes from v1.21.0 to v1.21.1
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.21.md#v1211
2021-05-13 11:23:26 -07:00
Dalton Hubble
048094b256
Update etcd from v3.4.15 to v3.4.16
...
* https://github.com/etcd-io/etcd/blob/main/CHANGELOG-3.4.md
2021-05-13 10:53:04 -07:00
Dalton Hubble
9c842395a8
Update Cilium from v1.9.5 to v1.9.6
...
* https://github.com/cilium/cilium/releases/tag/v1.9.6
2021-04-26 10:55:23 -07:00
Dalton Hubble
67047ead08
Update Terraform version to allow v0.15.0
...
* Require Terraform version v0.13 <= x < v0.16
2021-04-16 09:46:01 -07:00
Dalton Hubble
ebd9570ede
Update Fedora CoreOS Config version from v1.1.0 to v1.2.0
...
* Require [poseidon/ct](https://github.com/poseidon/terraform-provider-ct )
Terraform provider v0.8+
* Require any [snippets](https://typhoon.psdn.io/advanced/customization/#hosts )
customizations to update to v1.2.0
See upgrade [notes](https://typhoon.psdn.io/topics/maintenance/#upgrade-terraform-provider-ct )
2021-04-11 15:26:54 -07:00
Dalton Hubble
34e8db7aae
Update static Pod manifests for Kubernetes v1.21.0
...
* https://github.com/poseidon/terraform-render-bootstrap/pull/257
2021-04-11 15:05:46 -07:00
Dalton Hubble
d73621c838
Update Kubernetes from v1.20.5 to v1.21.0
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.21.md#v1210
2021-04-08 21:44:31 -07:00
Dalton Hubble
798ec9a92f
Change CNI config directory to /etc/cni/net.d
...
* Change CNI config directory from `/etc/kubernetes/cni/net.d`
to `/etc/cni/net.d` (Kubelet default)
* https://github.com/poseidon/terraform-render-bootstrap/pull/255
2021-04-02 00:03:48 -07:00
Dalton Hubble
597ca4acce
Update CoreDNS from v1.7.0 to v1.8.0
...
* https://github.com/poseidon/terraform-render-bootstrap/pull/254
2021-03-20 16:47:25 -07:00
Dalton Hubble
796149d122
Update Kubernetes from v1.20.4 to v1.20.5
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1205
2021-03-19 11:27:31 -07:00
Dalton Hubble
a66bccd590
Update Cilium from v1.9.4 to v1.9.5
...
* https://github.com/cilium/cilium/releases/tag/v1.9.5
2021-03-14 11:48:22 -07:00
Dalton Hubble
30b1edfcc6
Mark bootstrap token as sensitive in plan/apply
...
* Mark the bootstrap token as sensitive, which is useful when
Terraform is run in automated CI/CD systems to avoid showing
the token
* https://github.com/poseidon/terraform-render-bootstrap/pull/251
2021-03-14 11:32:35 -07:00
Dalton Hubble
a4afe06b64
Update Calico from v3.17.3 to v3.18.1
...
* https://docs.projectcalico.org/archive/v3.18/release-notes/
2021-03-14 10:35:24 -07:00
Dalton Hubble
a5c1a96df1
Update etcd from v3.4.14 to v3.4.15
...
* https://github.com/etcd-io/etcd/releases/tag/v3.4.15
2021-03-05 17:02:57 -08:00
Dalton Hubble
6a091e245e
Remove Flatcar Linux Edge `os_image` option
...
* Flatcar Linux has not published an Edge channel image since
April 2020 and recently removed mention of the channel from
their documentation https://github.com/kinvolk/Flatcar/pull/345
* Users of Flatcar Linux Edge should move to the stable, beta, or
alpha channel, barring any alternate advice from upstream Flatcar
Linux
2021-02-20 16:09:54 -08:00
Dalton Hubble
e76fe80b45
Update Kubernetes from v1.20.3 to v1.20.4
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1204
2021-02-19 00:02:07 -08:00
Dalton Hubble
32853aaa7b
Update Kubernetes from v1.20.2 to v1.20.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1203
2021-02-17 22:29:33 -08:00
Dalton Hubble
9671b1c734
Update flannel-cni from v0.4.1 to v0.4.2
...
* https://github.com/poseidon/flannel-cni/releases/tag/v0.4.2
2021-02-14 12:04:59 -08:00