Dalton Hubble
beb9f1477a
Add experimental Flatcar Linux arm64 support on AWS
...
* Add `arch` variable to Flatcar Linux AWS `kubernetes` and
`workers` modules. Accept `amd64` (default) or `arm64` to support
native arm64/aarch64 clusters or mixed/hybrid clusters with arm64
workers
* Requires `flannel` or `cilium` CNI
Similar to https://github.com/poseidon/typhoon/pull/875
2022-01-14 10:24:48 -08:00
Dalton Hubble
f544a9c71f
Switch Fedora CoreOS from docker-shim to containerd
...
* Migrate from `docker-shim` to `containerd` in preparation
for Kubernetes v1.24.0 dropping `docker-shim` support
* Much consideration was given to the container runtime
choice. https://github.com/poseidon/typhoon/issues/899
provides relevant rationales
2022-01-13 09:17:29 -08:00
dependabot[bot]
415b7fa19a
Bump pygments from 2.11.1 to 2.11.2
...
Bumps [pygments](https://github.com/pygments/pygments ) from 2.11.1 to 2.11.2.
- [Release notes](https://github.com/pygments/pygments/releases )
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES )
- [Commits](https://github.com/pygments/pygments/compare/2.11.1...2.11.2 )
---
updated-dependencies:
- dependency-name: pygments
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 09:03:25 -08:00
dependabot[bot]
d0c29099ba
Bump mkdocs-material from 8.1.4 to 8.1.5
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 8.1.4 to 8.1.5.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.4...8.1.5 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 20:42:31 -08:00
dependabot[bot]
30e4070474
Bump mkdocs-material from 8.1.3 to 8.1.4
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 8.1.3 to 8.1.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.3...8.1.4 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-03 10:53:23 -08:00
dependabot[bot]
43f6a19060
Bump pygments from 2.10.0 to 2.11.1
...
Bumps [pygments](https://github.com/pygments/pygments ) from 2.10.0 to 2.11.1.
- [Release notes](https://github.com/pygments/pygments/releases )
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES )
- [Commits](https://github.com/pygments/pygments/compare/2.10.0...2.11.1 )
---
updated-dependencies:
- dependency-name: pygments
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-03 10:48:25 -08:00
Dalton Hubble
50215e373b
Add Prometheus config for monitoring Kubernetes Ingress
...
* Allow Kubernetes Ingress resources to be probed via Blackbox
Exporter (if present) if annotated `prometheus.io/probe: "true"`
* Fix probes of Services via Blackbox Exporter. Require Blackbox
Exporter to be deployed in the same `monitoring` namespace, be
named `blackbox-exporter`, and use port 8080
2021-12-29 11:57:50 -08:00
Dalton Hubble
a9f9c59b91
Configure Prometheus to allow a custom scrape query param
...
* Set `prometheus.io/param` on a Kubernetes Service to scrape
the service endpoints and pass a custom query parameter
* For example, scrape Consul with `?format=prometheus`
```yaml
kind: Service
metadata:
annotations:
prometheus.io/scrape: 'true'
prometheus.io/port: '8500'
prometheus.io/path: /v1/agent/metrics
prometheus.io/param: format=prometheus
```
2021-12-29 11:47:10 -08:00
Dalton Hubble
6ed048eb65
Workaround Terraform v1.1 file provisioner regression
...
* Terraform v1.1 changed the behavior of provisioners and
`remote-exec` in a way that breaks support for expansions
in commands (including file provisioner, where `destination`
is part of an `scp` command)
* Terraform will likely revert the change eventually, but I
suspect it will take a while
* Instead, we can stop relying on Terraform's expansion
behavior. `/home/core` is a suitable choice for `$HOME` on
both Flatcar Linux and Fedora CoreOS (harldink `/var/home/core`)
Rel: https://github.com/hashicorp/terraform/issues/30243
2021-12-28 13:25:23 -08:00
dependabot[bot]
ce7b2fa21f
Bump mkdocs-material from 8.1.1 to 8.1.3
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 8.1.1 to 8.1.3.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.1.1...8.1.3 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-23 14:33:26 -08:00
Dalton Hubble
9e3807798f
Update Kubernetes from v1.23.0 to v1.23.1
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1231
2021-12-20 08:36:19 -08:00
Dalton Hubble
ef9c6aa423
Switch Flatcar Linux to using containerd CRI
...
* Use containerd as the Kubernetes Container Runtime
2021-12-15 08:42:13 -08:00
Dalton Hubble
bb5e5811ec
Update Prometheus and Grafana addons
2021-12-15 08:16:46 -08:00
Dalton Hubble
16aa997604
Fix Azure `backend_address_pool_id` deprecation warning
...
* Change to `backend_address_pool_ids` list
2021-12-14 10:26:08 -08:00
dependabot[bot]
fb6650b06b
Bump mkdocs-material from 8.0.4 to 8.1.1
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 8.0.4 to 8.1.1.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.0.4...8.1.1 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-13 17:44:02 -08:00
Dalton Hubble
43c6558aaf
Update nginx-ingress and monitoring addons
2021-12-10 11:29:49 -08:00
Dalton Hubble
125008fbb3
Update Cilium from v1.10.5 to v1.11.0
...
* https://github.com/cilium/cilium/releases/tag/v1.11.0
2021-12-10 11:26:05 -08:00
Dalton Hubble
136107b448
Set Kubelet resolver config to /run/systemd/resolve/resolv.conf
...
* Both Flatcar Linux and Fedora CoreOS use systemd-resolved,
but they setup /etc/resolv.conf symlinks differently
* Prefer using /run/systemd/resolve/resolv.conf directly, which
also updates to reflect runtime changes (e.g. resolvectl)
2021-12-10 08:22:30 -08:00
Dalton Hubble
e97c1cc9e5
Enable Kubernetes aggregation by default
...
* Change `enable_aggregation` default from false to true
* These days, Kubernetes control plane components emit annoying
messages related to assumptions baked into the Kubernetes API
Aggregation Layer if you don't enable it. Further the conformance
tests force you to remember to enable it if you care about passing
those
* This change is motivated by eliminating annoyances, rather than
any enthusiasm for Kubernetes' aggregation features
Rel: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
2021-12-09 17:30:35 -08:00
Dalton Hubble
39da5b53f5
Update operating system notes in architecture docs
2021-12-09 17:21:24 -08:00
Dalton Hubble
41f739891b
Normalize CA certs mounts in static Pods and kube-proxy
...
* Mount both /etc/ssl/certs and /etc/pki into control plane static
pods and kube-proxy, rather than choosing one based a variable
(set based on Flatcar Linux or Fedora CoreOS)
* Remove deprecated `--port` from `kube-scheduler` static Pod
2021-12-09 09:56:37 -08:00
Dalton Hubble
861021ee98
Update Kubernetes from v1.22.4 to v1.23.0
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230
* With Calico, add missing caliconodestatuses CRD added in v3.21.0
https://github.com/poseidon/terraform-render-bootstrap/pull/289
2021-12-09 09:28:41 -08:00
Dalton Hubble
9d583ab377
Fix null provider version constraint on Google Cloud
...
* Part of https://github.com/poseidon/typhoon/pull/1074
2021-12-08 14:06:38 -08:00
Dalton Hubble
c1d28e6f61
Change default disk_iops on Flatcar Linux
...
* Same as #1073 , but for Flatcar Linux on AWS as well
2021-12-07 16:52:55 -08:00
Dalton Hubble
a8fd21d250
Update minimum Terraform provider versions
...
* Update `null` provider to allow use of v3.1.x releases,
instead of being stuck on v2.1.2
* Update min versions in terraform-render-boostrap
https://github.com/poseidon/terraform-render-bootstrap/pull/287
* Document the recommended versions of Terraform cloud providers
2021-12-07 16:26:34 -08:00
Dalton Hubble
9c626c9dbd
Change default `disk_iops` from unset to 3000
...
* Since v1.21.3 switched controllers default disk type from
`gp2` to `gp3`, an iops diff has been shown (harmless, but
annoying)
* Controller nodes default to a 30GB `gp3` disk. `gp3` disks
do respect `iops` and the corresponding default is 3000
2021-12-07 15:44:09 -08:00
Dalton Hubble
85252dec6e
Switch FCOS workers to official Fedora CoreOS AMIs
...
* Fix worker nodes to use official Fedora CoreOS AMIs,
instead of the older Poseidon built AMIs (now removed).
This should have been part of #1038 , but was missed in
code review
* Poseidon build AMIs have been deleted (so I don't have
to keep paying to host them for people)
2021-12-07 15:31:47 -08:00
dependabot[bot]
298ea65d3e
Bump mkdocs-material from 8.0.3 to 8.0.4
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 8.0.3 to 8.0.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/8.0.3...8.0.4 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-07 15:29:00 -08:00
dependabot[bot]
c0ab15ba22
Bump mkdocs-material from 7.3.6 to 8.0.3
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 7.3.6 to 8.0.3.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Upgrade guide](https://github.com/squidfunk/mkdocs-material/blob/master/docs/upgrade.md )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/7.3.6...8.0.3 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-02 15:25:40 -08:00
Dalton Hubble
5d7b6f611e
Update nginx-ingess and Prometheus exporter addons
2021-11-21 09:28:17 -08:00
Dalton Hubble
93594292eb
Update Kubernetes from v1.22.3 to v1.22.4
...
* Update flannel from v0.15.0 to v0.15.1
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1224
2021-11-17 19:53:32 -08:00
dependabot[bot]
0546608e77
Bump pymdown-extensions from 9.0 to 9.1
...
Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions ) from 9.0 to 9.1.
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases )
- [Commits](https://github.com/facelessuser/pymdown-extensions/compare/9.0...9.1 )
---
updated-dependencies:
- dependency-name: pymdown-extensions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-17 18:41:22 -08:00
Dalton Hubble
94b2793e40
Update CoreDNS from v1.8.4 to v1.8.6
...
* https://coredns.io/2021/10/07/coredns-1.8.6-release/
2021-11-12 21:09:04 -08:00
Dalton Hubble
4fd43b39ad
Fix Flatcar Linux docker driver and add cgroups v2
...
* Remove `/sys/fs/cgroup/systemd` mount since Flatcar Linux
uses cgroups v2
* Flatcar Linux's `docker` switched from the `cgroupfs` to
`systemd` driver without notice
2021-11-12 21:07:20 -08:00
Dalton Hubble
65083aca7d
Update Calico and Flannel CNI providers
...
* Update Calico from v3.20.2 to v3.21.0
* Update Flannel from v0.14.0 to v0.15.0
2021-11-12 11:03:39 -08:00
Dalton Hubble
07db4c1143
Allow use of google Terraform provider v4.0+
...
* https://github.com/hashicorp/terraform-provider-google/releases/tag/v4.0.0
2021-11-11 10:17:58 -08:00
dependabot[bot]
e5d0ce5fd7
Bump mkdocs-material from 7.3.4 to 7.3.6
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 7.3.4 to 7.3.6.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/7.3.4...7.3.6 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-07 17:01:41 -08:00
Dalton Hubble
b934a13605
Update Prometheus and Grafana addons
2021-11-07 17:00:40 -08:00
Dalton Hubble
cd005a0b27
Prepare for v1.22.3 release
2021-10-28 11:58:55 -07:00
Dalton Hubble
dd4a5a4e7e
Update Kubernetes from v1.22.2 to v1.22.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1223
2021-10-28 10:11:06 -07:00
Dalton Hubble
af835f976f
Update flannel from v0.13.0 to v0.14.0
...
* https://github.com/flannel-io/flannel/releases/tag/v0.14.0
2021-10-28 10:09:06 -07:00
dependabot[bot]
9e4a369f76
Bump mkdocs-material from 7.3.3 to 7.3.4
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 7.3.3 to 7.3.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/7.3.3...7.3.4 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-23 10:45:49 -07:00
dependabot[bot]
831d897533
Bump mkdocs from 1.2.2 to 1.2.3
...
Bumps [mkdocs](https://github.com/mkdocs/mkdocs ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/mkdocs/mkdocs/releases )
- [Commits](https://github.com/mkdocs/mkdocs/compare/1.2.2...1.2.3 )
---
updated-dependencies:
- dependency-name: mkdocs
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-23 10:31:55 -07:00
Dalton Hubble
17dce49982
Update etcd from v3.5.0 to v3.5.1
...
* https://github.com/etcd-io/etcd/releases/tag/v3.5.1
2021-10-17 11:28:27 -07:00
Dalton Hubble
5744e10329
Update Cilium from v1.0.4 to v1.0.5
...
* https://github.com/cilium/cilium/releases/tag/v1.10.5
2021-10-17 11:26:59 -07:00
Dalton Hubble
20748536df
Update nginx-ingress from v1.0.2 to v1.0.4
...
* https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.0.4
2021-10-17 11:17:43 -07:00
Dalton Hubble
f2e6256dd9
Update Prometheus, kube-state-metrics, and Grafana
...
* Update monitoring addons
2021-10-17 11:15:39 -07:00
Dalton Hubble
443bd5a26b
Add file to hold nodes on iptables-legacy
...
* Add `/etc/fedora-coreos/iptables-legacy.stamp` to declare
that `iptables-legacy` should be used instead of `iptables-nft`
(until support is added in future releases)
* https://github.com/coreos/fedora-coreos-tracker/issues/676
2021-10-11 20:30:49 -07:00
Dalton Hubble
f8162b9be3
Update Calico from v3.20.1 to v3.20.2
...
* Use Calico's iptables legacy vs nft auto-detection
2021-10-11 20:28:48 -07:00
dependabot[bot]
20ffbba4bf
Bump mkdocs-material from 7.3.1 to 7.3.3
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 7.3.1 to 7.3.3.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/7.3.1...7.3.3 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-11 19:31:10 -07:00