Update assets generation for bootkube v0.7.0

Add square brackets for lists to be explicit
* Terraform's "type system" sometimes doesn't identify list types correctly so be explicit * https://github.com/hashicorp/terraform/issues/12263#issuecomment-282571256
2026-01-28 18:20:45 +00:00 · 2017-10-03 09:27:30 -07:00 · 2017-10-03 09:23:25 -07:00 · 2017-10-02 10:23:22 -07:00 · 2017-09-30 16:12:29 -07:00 · 2017-09-28 20:43:15 -07:00
11 changed files with 38 additions and 29 deletions
--- a/README.md
+++ b/README.md
@@ -12,13 +12,12 @@ Add the `bootkube-terraform` module alongside existing Terraform configs. Provid

 ```hcl
 module "bootkube" {
-  source = "git://https://github.com/dghubble/bootkube-terraform.git?ref=SHA"
+  source = "git://https://github.com/poseidon/bootkube-terraform.git?ref=SHA"

  cluster_name = "example"
  api_servers = ["node1.example.com"]
  etcd_servers = ["node1.example.com"]
  asset_dir = "/home/core/clusters/mycluster"
-  experimental_self_hosted_etcd = false
 }
 ```

@@ -34,7 +33,7 @@ terraform apply

 ### Comparison

-Render bootkube assets directly with bootkube v0.6.2.
+Render bootkube assets directly with bootkube v0.7.0.

 #### On-host etcd

--- a/resources/calico/calico-config.yaml
+++ b/resources/calico/calico-config.yaml
@@ -10,7 +10,7 @@ data:
        "name": "k8s-pod-network",
        "cniVersion": "0.3.0",
        "type": "calico",
-        "log_level": "debug",
+        "log_level": "info",
        "datastore_type": "kubernetes",
        "nodename": "__KUBERNETES_NODE_NAME__",
        "mtu": ${network_mtu},
--- a/resources/calico/calico.yaml
+++ b/resources/calico/calico.yaml
@@ -27,7 +27,7 @@ spec:
          operator: "Exists"
      containers:
        - name: calico-node
-          image: quay.io/calico/node:v2.5.1
+          image: quay.io/calico/node:v2.6.1
          env:
            # Use Kubernetes API as the backing datastore.
            - name: DATASTORE_TYPE
@@ -99,7 +99,7 @@ spec:
              readOnly: false
        # Install Calico CNI binaries and CNI network config file on nodes
        - name: install-cni
-          image: quay.io/calico/cni:v1.10.0
+          image: quay.io/calico/cni:v1.11.0
          command: ["/install-cni.sh"]
          env:
            - name: CNI_NETWORK_CONFIG
--- a/resources/experimental/manifests/kube-etcd-network-checkpointer.yaml
+++ b/resources/experimental/manifests/kube-etcd-network-checkpointer.yaml
--- a/resources/flannel/kube-flannel-cfg.yaml
+++ b/resources/flannel/kube-flannel-cfg.yaml
@@ -10,11 +10,21 @@ data:
  cni-conf.json: |
    {
      "name": "cbr0",
-      "type": "flannel",
-      "delegate": {
-        "isDefaultGateway": true,
-        "hairpinMode": true
-      }
+      "cniVersion": "0.3.1",
+      "plugins": [
+        {
+          "type": "flannel",
+          "delegate": {
+            "isDefaultGateway": true
+          }
+        },
+        {
+          "type": "portmap",
+          "capabilities": {
+            "portMappings": true
+          }
+        }
+      ]
    }
  net-conf.json: |
    {
--- a/resources/flannel/kube-flannel.yaml
+++ b/resources/flannel/kube-flannel.yaml
@@ -40,7 +40,7 @@ spec:
        - name: flannel-cfg
          mountPath: /etc/kube-flannel/
      - name: install-cni
-        image: quay.io/coreos/flannel-cni:v0.2.0
+        image: quay.io/coreos/flannel-cni:v0.3.0
        command: ["/install-cni.sh"]
        env:
        - name: CNI_NETWORK_CONFIG
--- a/resources/manifests/kube-dns-deployment.yaml
+++ b/resources/manifests/kube-dns-deployment.yaml
@@ -41,7 +41,7 @@ spec:
          optional: true
      containers:
      - name: kubedns
-        image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.4
+        image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.5
        resources:
          # TODO: Set memory limits when we've profiled the container for large
          # clusters, then set request = limit to keep this container in
@@ -92,7 +92,7 @@ spec:
        - name: kube-dns-config
          mountPath: /kube-dns-config
      - name: dnsmasq
-        image: gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.4
+        image: gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.5
        livenessProbe:
          httpGet:
            path: /healthcheck/dnsmasq
@@ -130,7 +130,7 @@ spec:
        - name: kube-dns-config
          mountPath: /etc/k8s/dns/dnsmasq-nanny
      - name: sidecar
-        image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.4
+        image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.5
        livenessProbe:
          httpGet:
            path: /metrics
--- a/resources/manifests/kube-proxy.yaml
+++ b/resources/manifests/kube-proxy.yaml
@@ -56,4 +56,4 @@ spec:
  updateStrategy:
    rollingUpdate:
      maxUnavailable: 1
-    type: RollingUpdate 
+    type: RollingUpdate
--- a/resources/manifests/pod-checkpointer.yaml
+++ b/resources/manifests/pod-checkpointer.yaml
@@ -17,7 +17,7 @@ spec:
    spec:
      containers:
      - name: pod-checkpointer
-        image: quay.io/coreos/pod-checkpointer:0cd390e0bc1dcdcc714b20eda3435c3d00669d0e
+        image: quay.io/coreos/pod-checkpointer:abdcbc46df985b832cccf805b34f4652a0ca9d56
        command:
        - /checkpoint
        - --v=4
@@ -57,6 +57,6 @@ spec:
        hostPath:
          path: /var/run
  updateStrategy:
-      rollingUpdate:
-        maxUnavailable: 1
-      type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
--- a/tls-etcd.tf
+++ b/tls-etcd.tf
@@ -100,13 +100,13 @@ resource "tls_cert_request" "client" {
    "${cidrhost(var.service_cidr, 20)}",
  ]

-  dns_names = "${concat(
+  dns_names = ["${concat(
    var.etcd_servers,
    list(
      "localhost",
      "*.kube-etcd.kube-system.svc.cluster.local",
      "kube-etcd-client.kube-system.svc.cluster.local",
-    ))}"
+    ))}"]
 }

 resource "tls_locally_signed_cert" "client" {
@@ -146,13 +146,13 @@ resource "tls_cert_request" "server" {
    "${cidrhost(var.service_cidr, 20)}",
  ]

-  dns_names = "${concat(
+  dns_names = ["${concat(
    var.etcd_servers,
    list(
      "localhost",
      "*.kube-etcd.kube-system.svc.cluster.local",
      "kube-etcd-client.kube-system.svc.cluster.local",
-    ))}"
+    ))}"]
 }

 resource "tls_locally_signed_cert" "server" {
@@ -190,12 +190,12 @@ resource "tls_cert_request" "peer" {
    "${cidrhost(var.service_cidr, 20)}",
  ]

-  dns_names = "${concat(
+  dns_names = ["${concat(
    var.etcd_servers,
    list(
      "*.kube-etcd.kube-system.svc.cluster.local",
      "kube-etcd-client.kube-system.svc.cluster.local",
-    ))}"
+    ))}"]
 }

 resource "tls_locally_signed_cert" "peer" {
--- a/variables.tf
+++ b/variables.tf
@@ -4,12 +4,12 @@ variable "cluster_name" {
 }

 variable "api_servers" {
-  description = "URL used to reach kube-apiserver"
+  description = "List of URLs used to reach kube-apiserver"
  type        = "list"
 }

 variable "etcd_servers" {
-  description = "List of etcd server URLs including protocol, host, and port. Ignored if experimental self-hosted etcd is enabled."
+  description = "List of URLs used to reach etcd servers. Ignored if experimental self-hosted etcd is enabled."
  type        = "list"
 }

@@ -62,7 +62,7 @@ variable "container_images" {
  type        = "map"

  default = {
-    hyperkube = "quay.io/coreos/hyperkube:v1.7.5_coreos.0"
+    hyperkube = "quay.io/coreos/hyperkube:v1.7.7_coreos.0"
    etcd      = "quay.io/coreos/etcd:v3.1.8"
  }
 }
Author	SHA1	Message	Date
Dalton Hubble	aded06a0a7	Update assets generation for bootkube v0.7.0	2017-10-03 09:27:30 -07:00
Dalton Hubble	cc2b45780a	Add square brackets for lists to be explicit * Terraform's "type system" sometimes doesn't identify list types correctly so be explicit * https://github.com/hashicorp/terraform/issues/12263#issuecomment-282571256	2017-10-03 09:23:25 -07:00
Dalton Hubble	d93b7e4dc8	Update kube-dns image to address dnsmasq vulnerability * https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	2017-10-02 10:23:22 -07:00
Dalton Hubble	48b33db1f1	Update Calico from v2.6.0 to v2.6.1	2017-09-30 16:12:29 -07:00
Dalton Hubble	8a9b6f1270	Update Calico from v2.5.1 to v2.6.0 * Update cni sidecar image from v1.10.0 to v1.11.0 * Lower log level in CNI config from debug to info	2017-09-28 20:43:15 -07:00
Dalton Hubble	3b8d762081	Merge pull request #16 from poseidon/etcd-network-checkpointer Add kube-etcd-network-checkpointer for self-hosted etcd only	2017-09-27 18:06:19 -07:00
Dalton Hubble	9c144e6522	Add kube-etcd-network-checkpointer for self-hosted etcd only	2017-09-26 00:39:42 -07:00
Dalton Hubble	c0d4f56a4c	Merge pull request #12 from cloudnativelabs/doc-fix-etcd_servers Update etcd_servers variable description	2017-09-26 00:12:34 -07:00
bzub	62c887f41b	Update etcd_servers variable description.	2017-09-16 16:12:40 -05:00