From a6672c310ea2fc89859fd49df3f5ddd16035b9c5 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 11 Aug 2021 18:07:50 +0200 Subject: [PATCH] bump versions --- README.md | 2 +- build/tools/Dockerfile | 2 +- deploy/helm/kubernetes/Chart.yaml | 4 ++-- .../manifests/konnectivity-agent-deployment.yaml | 3 +++ .../helm/kubernetes/scripts/configure-cluster.sh | 2 -- .../kubernetes/templates/admin-deployment.yaml | 3 +++ .../kubernetes/templates/apiserver-deployment.yaml | 3 +++ .../templates/controller-manager-deployment.yaml | 3 +++ .../kubernetes/templates/etcd-backup-cronjob.yaml | 3 +++ .../kubernetes/templates/etcd-statefulset.yaml | 3 +++ .../templates/konnectivity-server-deployment.yaml | 3 +++ .../kubernetes/templates/scheduler-deployment.yaml | 3 +++ deploy/helm/kubernetes/values.yaml | 14 +++++++------- 13 files changed, 35 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 5820240..a6797ac 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Deploy Kubernetes in Kubernetes using Helm ```bash helm repo add kvaps https://kvaps.github.io/charts -helm install foo kvaps/kubernetes --version 0.12.0 \ +helm install foo kvaps/kubernetes --version 0.13.0 \ --namespace foo \ --create-namespace \ --set persistence.storageClassName=local-path diff --git a/build/tools/Dockerfile b/build/tools/Dockerfile index d5a4a38..fc9cc5b 100644 --- a/build/tools/Dockerfile +++ b/build/tools/Dockerfile @@ -1,7 +1,7 @@ FROM docker.io/library/alpine:3.12 RUN apk add --no-cache openssl -ARG VERSION=v1.21.3 +ARG VERSION=v1.22.0 RUN wget "https://storage.googleapis.com/kubernetes-release/release/${VERSION}/bin/linux/amd64/kubectl" \ -O /usr/local/bin/kubectl \ && chmod +x /usr/local/bin/kubectl diff --git a/deploy/helm/kubernetes/Chart.yaml b/deploy/helm/kubernetes/Chart.yaml index 53e68e1..c0b7140 100644 --- a/deploy/helm/kubernetes/Chart.yaml +++ b/deploy/helm/kubernetes/Chart.yaml @@ -1,7 +1,7 @@ name: kubernetes description: Production-Grade Container Scheduling and Management -version: 0.12.0 -appVersion: 1.21.3 +version: 0.13.0 +appVersion: 1.22.0 icon: https://upload.wikimedia.org/wikipedia/commons/thumb/3/39/Kubernetes_logo_without_workmark.svg/723px-Kubernetes_logo_without_workmark.svg.png keywords: - kubernetes diff --git a/deploy/helm/kubernetes/manifests/konnectivity-agent-deployment.yaml b/deploy/helm/kubernetes/manifests/konnectivity-agent-deployment.yaml index 8e7556f..3a638d9 100644 --- a/deploy/helm/kubernetes/manifests/konnectivity-agent-deployment.yaml +++ b/deploy/helm/kubernetes/manifests/konnectivity-agent-deployment.yaml @@ -40,6 +40,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} hostNetwork: {{ .Values.konnectivityAgent.hostNetwork }} + securityContext: + seccompProfile: + type: RuntimeDefault priorityClassName: system-cluster-critical tolerations: - key: "CriticalAddonsOnly" diff --git a/deploy/helm/kubernetes/scripts/configure-cluster.sh b/deploy/helm/kubernetes/scripts/configure-cluster.sh index 01dfe5c..036c01e 100644 --- a/deploy/helm/kubernetes/scripts/configure-cluster.sh +++ b/deploy/helm/kubernetes/scripts/configure-cluster.sh @@ -21,8 +21,6 @@ export KUBECONFIG=/etc/kubernetes/admin.conf # upload configuration # TODO: https://github.com/kvaps/kubernetes-in-kubernetes/issues/6 kubeadm init phase upload-config kubeadm --config /config/kubeadmcfg.yaml -kubectl patch configmap -n kube-system kubeadm-config \ - -p '{"data":{"ClusterStatus":"apiEndpoints: {}\napiVersion: kubeadm.k8s.io/v1beta2\nkind: ClusterStatus"}}' # upload configuration # TODO: https://github.com/kvaps/kubernetes-in-kubernetes/issues/5 diff --git a/deploy/helm/kubernetes/templates/admin-deployment.yaml b/deploy/helm/kubernetes/templates/admin-deployment.yaml index cdad342..c5d0ff7 100644 --- a/deploy/helm/kubernetes/templates/admin-deployment.yaml +++ b/deploy/helm/kubernetes/templates/admin-deployment.yaml @@ -113,6 +113,9 @@ spec: {{- with .Values.admin.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - configMap: name: "{{ $fullName }}-admin-conf" diff --git a/deploy/helm/kubernetes/templates/apiserver-deployment.yaml b/deploy/helm/kubernetes/templates/apiserver-deployment.yaml index 5e2245f..5b42f3e 100644 --- a/deploy/helm/kubernetes/templates/apiserver-deployment.yaml +++ b/deploy/helm/kubernetes/templates/apiserver-deployment.yaml @@ -164,6 +164,9 @@ spec: {{- with .Values.apiServer.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - configMap: name: "{{ $fullName }}-apiserver-config" diff --git a/deploy/helm/kubernetes/templates/controller-manager-deployment.yaml b/deploy/helm/kubernetes/templates/controller-manager-deployment.yaml index 5d42b87..a4aa34d 100644 --- a/deploy/helm/kubernetes/templates/controller-manager-deployment.yaml +++ b/deploy/helm/kubernetes/templates/controller-manager-deployment.yaml @@ -129,6 +129,9 @@ spec: {{- with .Values.controllerManager.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - configMap: name: "{{ $fullName }}-controller-manager-conf" diff --git a/deploy/helm/kubernetes/templates/etcd-backup-cronjob.yaml b/deploy/helm/kubernetes/templates/etcd-backup-cronjob.yaml index 3f9bf30..60f87d5 100644 --- a/deploy/helm/kubernetes/templates/etcd-backup-cronjob.yaml +++ b/deploy/helm/kubernetes/templates/etcd-backup-cronjob.yaml @@ -127,6 +127,9 @@ spec: {{- with .Values.etcd.backup.sidecars }} {{- toYaml . | nindent 10 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - secret: secretName: {{ $fullName }}-pki-etcd-ca diff --git a/deploy/helm/kubernetes/templates/etcd-statefulset.yaml b/deploy/helm/kubernetes/templates/etcd-statefulset.yaml index dba1c8f..43d2ad2 100644 --- a/deploy/helm/kubernetes/templates/etcd-statefulset.yaml +++ b/deploy/helm/kubernetes/templates/etcd-statefulset.yaml @@ -150,6 +150,9 @@ spec: {{- with .Values.etcd.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - secret: secretName: {{ $fullName }}-pki-etcd-ca diff --git a/deploy/helm/kubernetes/templates/konnectivity-server-deployment.yaml b/deploy/helm/kubernetes/templates/konnectivity-server-deployment.yaml index 0d7e86c..7c3e102 100644 --- a/deploy/helm/kubernetes/templates/konnectivity-server-deployment.yaml +++ b/deploy/helm/kubernetes/templates/konnectivity-server-deployment.yaml @@ -72,5 +72,8 @@ spec: {{- with .Values.konnectivityServer.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault {{ template "kubernetes.konnectivityServer.volumes" . }} {{- end }} diff --git a/deploy/helm/kubernetes/templates/scheduler-deployment.yaml b/deploy/helm/kubernetes/templates/scheduler-deployment.yaml index 97d3a23..6b0c1dd 100644 --- a/deploy/helm/kubernetes/templates/scheduler-deployment.yaml +++ b/deploy/helm/kubernetes/templates/scheduler-deployment.yaml @@ -114,6 +114,9 @@ spec: {{- with .Values.scheduler.sidecars }} {{- toYaml . | nindent 6 }} {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - configMap: name: "{{ $fullName }}-scheduler-conf" diff --git a/deploy/helm/kubernetes/values.yaml b/deploy/helm/kubernetes/values.yaml index e46a45d..c13f9ac 100644 --- a/deploy/helm/kubernetes/values.yaml +++ b/deploy/helm/kubernetes/values.yaml @@ -25,7 +25,7 @@ etcd: enabled: true image: repository: k8s.gcr.io/etcd - tag: 3.4.13-3 + tag: 3.5.0-0 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 3 @@ -106,7 +106,7 @@ apiServer: enabled: true image: repository: k8s.gcr.io/kube-apiserver - tag: v1.21.3 + tag: v1.22.0 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 2 @@ -155,7 +155,7 @@ controllerManager: enabled: true image: repository: k8s.gcr.io/kube-controller-manager - tag: v1.21.3 + tag: v1.22.0 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 2 @@ -195,7 +195,7 @@ scheduler: enabled: true image: repository: k8s.gcr.io/kube-scheduler - tag: v1.21.3 + tag: v1.22.0 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 2 @@ -235,7 +235,7 @@ admin: enabled: true image: repository: ghcr.io/kvaps/kubernetes-tools - tag: v0.12.0 + tag: v0.13.0 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 1 @@ -294,7 +294,7 @@ konnectivityServer: mode: GRPC image: repository: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-server - tag: v0.0.21 + tag: v0.0.22 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 2 @@ -345,7 +345,7 @@ konnectivityAgent: enabled: false image: repository: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent - tag: v0.0.21 + tag: v0.0.22 pullPolicy: IfNotPresent pullSecrets: [] replicaCount: 2