diff --git a/CHANGES.md b/CHANGES.md
index 331203c7..adab02a9 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -4,8 +4,11 @@ Notable changes between versions.
## Latest
+## v1.32.3
+
* Allow `kube-apiserver` service account token issuer `iss` to be adjusted with the `service_account_issuer` variable
- * Allows OpenID Connect discovery to be served from an external endpoint
+ * Allow OpenID Connect discovery to be served from an external endpoint
+* Update Cilium from v1.16.5 to [v1.17.1](https://github.com/cilium/cilium/releases/tag/v1.17.1)
## v1.32.1
diff --git a/README.md b/README.md
index 51f0f197..9499b304 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features 
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/flatcar-linux/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
@@ -78,7 +78,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -118,9 +118,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.32.1
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.1
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.1
+yavin-controller-0.c.example-com.internal Ready 6m v1.32.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.3
```
List the pods.
diff --git a/aws/fedora-coreos/kubernetes/README.md b/aws/fedora-coreos/kubernetes/README.md
index 4f4df8da..47655ca3 100644
--- a/aws/fedora-coreos/kubernetes/README.md
+++ b/aws/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/fedora-coreos/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/aws/fedora-coreos/kubernetes/bootstrap.tf b/aws/fedora-coreos/kubernetes/bootstrap.tf
index 08284734..3ff44704 100644
--- a/aws/fedora-coreos/kubernetes/bootstrap.tf
+++ b/aws/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/fedora-coreos/kubernetes/butane/controller.yaml b/aws/fedora-coreos/kubernetes/butane/controller.yaml
index 35e50735..874a9bdb 100644
--- a/aws/fedora-coreos/kubernetes/butane/controller.yaml
+++ b/aws/fedora-coreos/kubernetes/butane/controller.yaml
@@ -57,7 +57,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -114,7 +114,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.32.1
+ quay.io/poseidon/kubelet:v1.32.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/aws/fedora-coreos/kubernetes/workers/butane/worker.yaml b/aws/fedora-coreos/kubernetes/workers/butane/worker.yaml
index 4efe66a0..19b9538e 100644
--- a/aws/fedora-coreos/kubernetes/workers/butane/worker.yaml
+++ b/aws/fedora-coreos/kubernetes/workers/butane/worker.yaml
@@ -29,7 +29,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
diff --git a/aws/flatcar-linux/kubernetes/README.md b/aws/flatcar-linux/kubernetes/README.md
index 8475d44e..6698f5e2 100644
--- a/aws/flatcar-linux/kubernetes/README.md
+++ b/aws/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/flatcar-linux/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/aws/flatcar-linux/kubernetes/bootstrap.tf b/aws/flatcar-linux/kubernetes/bootstrap.tf
index 08284734..3ff44704 100644
--- a/aws/flatcar-linux/kubernetes/bootstrap.tf
+++ b/aws/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/flatcar-linux/kubernetes/butane/controller.yaml b/aws/flatcar-linux/kubernetes/butane/controller.yaml
index ebed5107..df4dd739 100644
--- a/aws/flatcar-linux/kubernetes/butane/controller.yaml
+++ b/aws/flatcar-linux/kubernetes/butane/controller.yaml
@@ -58,7 +58,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -107,7 +107,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/aws/flatcar-linux/kubernetes/workers/butane/worker.yaml b/aws/flatcar-linux/kubernetes/workers/butane/worker.yaml
index 6dc650af..2db7a1ea 100644
--- a/aws/flatcar-linux/kubernetes/workers/butane/worker.yaml
+++ b/aws/flatcar-linux/kubernetes/workers/butane/worker.yaml
@@ -30,7 +30,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
diff --git a/azure/fedora-coreos/kubernetes/README.md b/azure/fedora-coreos/kubernetes/README.md
index 9b1b6162..c59dbb6f 100644
--- a/azure/fedora-coreos/kubernetes/README.md
+++ b/azure/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot priority](https://typhoon.psdn.io/fedora-coreos/azure/#low-priority) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/azure/fedora-coreos/kubernetes/bootstrap.tf b/azure/fedora-coreos/kubernetes/bootstrap.tf
index 41158532..d6a67e19 100644
--- a/azure/fedora-coreos/kubernetes/bootstrap.tf
+++ b/azure/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
etcd_servers = formatlist("%s.%s", azurerm_dns_a_record.etcds.*.name, var.dns_zone)
diff --git a/azure/fedora-coreos/kubernetes/butane/controller.yaml b/azure/fedora-coreos/kubernetes/butane/controller.yaml
index d2b82a84..a32202de 100644
--- a/azure/fedora-coreos/kubernetes/butane/controller.yaml
+++ b/azure/fedora-coreos/kubernetes/butane/controller.yaml
@@ -54,7 +54,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -109,7 +109,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.32.1
+ quay.io/poseidon/kubelet:v1.32.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/azure/fedora-coreos/kubernetes/workers/butane/worker.yaml b/azure/fedora-coreos/kubernetes/workers/butane/worker.yaml
index bb160c73..65d04e87 100644
--- a/azure/fedora-coreos/kubernetes/workers/butane/worker.yaml
+++ b/azure/fedora-coreos/kubernetes/workers/butane/worker.yaml
@@ -26,7 +26,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/azure/flatcar-linux/kubernetes/README.md b/azure/flatcar-linux/kubernetes/README.md
index 20c11575..13e3245b 100644
--- a/azure/flatcar-linux/kubernetes/README.md
+++ b/azure/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [low-priority](https://typhoon.psdn.io/flatcar-linux/azure/#low-priority) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/azure/flatcar-linux/kubernetes/bootstrap.tf b/azure/flatcar-linux/kubernetes/bootstrap.tf
index 1721d879..56bf7100 100644
--- a/azure/flatcar-linux/kubernetes/bootstrap.tf
+++ b/azure/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/azure/flatcar-linux/kubernetes/butane/controller.yaml b/azure/flatcar-linux/kubernetes/butane/controller.yaml
index 90085116..e262aa91 100644
--- a/azure/flatcar-linux/kubernetes/butane/controller.yaml
+++ b/azure/flatcar-linux/kubernetes/butane/controller.yaml
@@ -56,7 +56,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -103,7 +103,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/azure/flatcar-linux/kubernetes/workers/butane/worker.yaml b/azure/flatcar-linux/kubernetes/workers/butane/worker.yaml
index 582f34a9..8b866d27 100644
--- a/azure/flatcar-linux/kubernetes/workers/butane/worker.yaml
+++ b/azure/flatcar-linux/kubernetes/workers/butane/worker.yaml
@@ -28,7 +28,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/bare-metal/fedora-coreos/kubernetes/README.md b/bare-metal/fedora-coreos/kubernetes/README.md
index fea817b0..eedf8255 100644
--- a/bare-metal/fedora-coreos/kubernetes/README.md
+++ b/bare-metal/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
index b6a6b642..a38e3899 100644
--- a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
+++ b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/fedora-coreos/kubernetes/butane/controller.yaml b/bare-metal/fedora-coreos/kubernetes/butane/controller.yaml
index e99e95be..8c7ec7a5 100644
--- a/bare-metal/fedora-coreos/kubernetes/butane/controller.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/butane/controller.yaml
@@ -53,7 +53,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -111,7 +111,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=-/usr/bin/podman rm bootstrap
ExecStart=/usr/bin/podman run --name bootstrap \
--network host \
diff --git a/bare-metal/fedora-coreos/kubernetes/worker/butane/worker.yaml b/bare-metal/fedora-coreos/kubernetes/worker/butane/worker.yaml
index 67c44eac..cb61f84d 100644
--- a/bare-metal/fedora-coreos/kubernetes/worker/butane/worker.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/worker/butane/worker.yaml
@@ -25,7 +25,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/bare-metal/flatcar-linux/kubernetes/README.md b/bare-metal/flatcar-linux/kubernetes/README.md
index 5c672cae..f2fc8aac 100644
--- a/bare-metal/flatcar-linux/kubernetes/README.md
+++ b/bare-metal/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/bare-metal/flatcar-linux/kubernetes/bootstrap.tf b/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
index 9bda1837..9899ccb3 100644
--- a/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
+++ b/bare-metal/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/flatcar-linux/kubernetes/butane/controller.yaml b/bare-metal/flatcar-linux/kubernetes/butane/controller.yaml
index 113747d2..e24e86c9 100644
--- a/bare-metal/flatcar-linux/kubernetes/butane/controller.yaml
+++ b/bare-metal/flatcar-linux/kubernetes/butane/controller.yaml
@@ -64,7 +64,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -112,7 +112,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/bare-metal/flatcar-linux/kubernetes/worker/butane/worker.yaml b/bare-metal/flatcar-linux/kubernetes/worker/butane/worker.yaml
index 19a3e22d..d66ba653 100644
--- a/bare-metal/flatcar-linux/kubernetes/worker/butane/worker.yaml
+++ b/bare-metal/flatcar-linux/kubernetes/worker/butane/worker.yaml
@@ -36,7 +36,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/digital-ocean/fedora-coreos/kubernetes/README.md b/digital-ocean/fedora-coreos/kubernetes/README.md
index 8c60fbf1..0b7b463e 100644
--- a/digital-ocean/fedora-coreos/kubernetes/README.md
+++ b/digital-ocean/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf b/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
index 29089003..cf6e3da2 100644
--- a/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
+++ b/digital-ocean/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/digital-ocean/fedora-coreos/kubernetes/butane/controller.yaml b/digital-ocean/fedora-coreos/kubernetes/butane/controller.yaml
index cfe49545..cec5545d 100644
--- a/digital-ocean/fedora-coreos/kubernetes/butane/controller.yaml
+++ b/digital-ocean/fedora-coreos/kubernetes/butane/controller.yaml
@@ -55,7 +55,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -121,7 +121,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.32.1
+ quay.io/poseidon/kubelet:v1.32.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/digital-ocean/fedora-coreos/kubernetes/butane/worker.yaml b/digital-ocean/fedora-coreos/kubernetes/butane/worker.yaml
index 7002c126..659e6028 100644
--- a/digital-ocean/fedora-coreos/kubernetes/butane/worker.yaml
+++ b/digital-ocean/fedora-coreos/kubernetes/butane/worker.yaml
@@ -28,7 +28,7 @@ systemd:
After=afterburn.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/afterburn
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
diff --git a/digital-ocean/flatcar-linux/kubernetes/README.md b/digital-ocean/flatcar-linux/kubernetes/README.md
index a5960887..8602f466 100644
--- a/digital-ocean/flatcar-linux/kubernetes/README.md
+++ b/digital-ocean/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf b/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
index dd227d6e..bab86527 100644
--- a/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
+++ b/digital-ocean/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/digital-ocean/flatcar-linux/kubernetes/butane/controller.yaml b/digital-ocean/flatcar-linux/kubernetes/butane/controller.yaml
index a502c96f..8cc2e915 100644
--- a/digital-ocean/flatcar-linux/kubernetes/butane/controller.yaml
+++ b/digital-ocean/flatcar-linux/kubernetes/butane/controller.yaml
@@ -66,7 +66,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
@@ -115,7 +115,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/digital-ocean/flatcar-linux/kubernetes/butane/worker.yaml b/digital-ocean/flatcar-linux/kubernetes/butane/worker.yaml
index 32affc47..b61e71b2 100644
--- a/digital-ocean/flatcar-linux/kubernetes/butane/worker.yaml
+++ b/digital-ocean/flatcar-linux/kubernetes/butane/worker.yaml
@@ -38,7 +38,7 @@ systemd:
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
EnvironmentFile=/run/metadata/coreos
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
diff --git a/docs/advanced/arm64.md b/docs/advanced/arm64.md
index 838518fc..f333c82a 100644
--- a/docs/advanced/arm64.md
+++ b/docs/advanced/arm64.md
@@ -13,7 +13,7 @@ Create a cluster on AWS with ARM64 controller and worker nodes. Container worklo
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "gravitas"
@@ -37,7 +37,7 @@ Create a cluster on AWS with ARM64 controller and worker nodes. Container worklo
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "gravitas"
@@ -62,9 +62,9 @@ Verify the cluster has only arm64 (`aarch64`) nodes. For Flatcar Linux, describe
```
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
-ip-10-0-21-119 Ready 77s v1.32.1 10.0.21.119 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
-ip-10-0-32-166 Ready 80s v1.32.1 10.0.32.166 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
-ip-10-0-5-79 Ready 77s v1.32.1 10.0.5.79 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-21-119 Ready 77s v1.32.3 10.0.21.119 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-32-166 Ready 80s v1.32.3 10.0.32.166 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
+ip-10-0-5-79 Ready 77s v1.32.3 10.0.5.79 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.aarch64 containerd://1.5.8
```
## Azure
@@ -73,7 +73,7 @@ Create a cluster on Azure with ARM64 controller and worker nodes. Container work
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.32.3"
# Azure
cluster_name = "ramius"
@@ -103,7 +103,7 @@ Here's an AWS example,
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "gravitas"
@@ -127,7 +127,7 @@ Here's an AWS example,
```tf
module "gravitas" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "gravitas"
@@ -151,7 +151,7 @@ Here's an AWS example,
```tf
module "gravitas-arm64" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# AWS
vpc_id = module.gravitas.vpc_id
@@ -175,7 +175,7 @@ Here's an AWS example,
```tf
module "gravitas-arm64" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.32.3"
# AWS
vpc_id = module.gravitas.vpc_id
@@ -200,9 +200,9 @@ Verify amd64 (x86_64) and arm64 (aarch64) nodes are present.
```
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
-ip-10-0-1-73 Ready 111m v1.32.1 10.0.1.73 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
-ip-10-0-22-79... Ready 111m v1.32.1 10.0.22.79 Flatcar Container Linux by Kinvolk 3033.2.0 (Oklo) 5.10.84-flatcar containerd://1.5.8
-ip-10-0-24-130 Ready 111m v1.32.1 10.0.24.130 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
-ip-10-0-39-19 Ready 111m v1.32.1 10.0.39.19 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-1-73 Ready 111m v1.32.3 10.0.1.73 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-22-79... Ready 111m v1.32.3 10.0.22.79 Flatcar Container Linux by Kinvolk 3033.2.0 (Oklo) 5.10.84-flatcar containerd://1.5.8
+ip-10-0-24-130 Ready 111m v1.32.3 10.0.24.130 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
+ip-10-0-39-19 Ready 111m v1.32.3 10.0.39.19 Fedora CoreOS 35.20211215.3.0 5.15.7-200.fc35.x86_64 containerd://1.5.8
```
diff --git a/docs/advanced/nodes.md b/docs/advanced/nodes.md
index b156c28d..1b27b4a3 100644
--- a/docs/advanced/nodes.md
+++ b/docs/advanced/nodes.md
@@ -36,7 +36,7 @@ Add custom initial worker node labels to default workers or worker pool nodes to
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -57,7 +57,7 @@ Add custom initial worker node labels to default workers or worker pool nodes to
```tf
module "yavin-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -89,7 +89,7 @@ Add custom initial taints on worker pool nodes to indicate a node is unique and
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -110,7 +110,7 @@ Add custom initial taints on worker pool nodes to indicate a node is unique and
```tf
module "yavin-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
diff --git a/docs/advanced/worker-pools.md b/docs/advanced/worker-pools.md
index 3936fffd..2125f996 100644
--- a/docs/advanced/worker-pools.md
+++ b/docs/advanced/worker-pools.md
@@ -19,7 +19,7 @@ Create a cluster following the AWS [tutorial](../flatcar-linux/aws.md#cluster).
```tf
module "tempest-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# AWS
vpc_id = module.tempest.vpc_id
@@ -42,7 +42,7 @@ Create a cluster following the AWS [tutorial](../flatcar-linux/aws.md#cluster).
```tf
module "tempest-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes/workers?ref=v1.32.3"
# AWS
vpc_id = module.tempest.vpc_id
@@ -111,7 +111,7 @@ Create a cluster following the Azure [tutorial](../flatcar-linux/azure.md#cluste
```tf
module "ramius-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# Azure
location = module.ramius.location
@@ -137,7 +137,7 @@ Create a cluster following the Azure [tutorial](../flatcar-linux/azure.md#cluste
```tf
module "ramius-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes/workers?ref=v1.32.3"
# Azure
location = module.ramius.location
@@ -207,7 +207,7 @@ Create a cluster following the Google Cloud [tutorial](../flatcar-linux/google-c
```tf
module "yavin-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes/workers?ref=v1.32.3"
# Google Cloud
region = "europe-west2"
@@ -231,7 +231,7 @@ Create a cluster following the Google Cloud [tutorial](../flatcar-linux/google-c
```tf
module "yavin-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes/workers?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes/workers?ref=v1.32.3"
# Google Cloud
region = "europe-west2"
@@ -262,11 +262,11 @@ Verify a managed instance group of workers joins the cluster within a few minute
```
$ kubectl get nodes
NAME STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.32.1
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.1
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.1
-yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.32.1
-yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.32.1
+yavin-controller-0.c.example-com.internal Ready 6m v1.32.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.3
+yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.32.3
+yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.32.3
```
### Variables
diff --git a/docs/fedora-coreos/aws.md b/docs/fedora-coreos/aws.md
index acc79dcf..be4ff226 100644
--- a/docs/fedora-coreos/aws.md
+++ b/docs/fedora-coreos/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on AWS with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on AWS with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -72,7 +72,7 @@ Define a Kubernetes cluster using the module `aws/fedora-coreos/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "tempest"
@@ -146,9 +146,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.32.1
-ip-10-0-26-65 Ready 10m v1.32.1
-ip-10-0-41-21 Ready 10m v1.32.1
+ip-10-0-3-155 Ready 10m v1.32.3
+ip-10-0-26-65 Ready 10m v1.32.3
+ip-10-0-41-21 Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/fedora-coreos/azure.md b/docs/fedora-coreos/azure.md
index 15a52822..375f5d82 100644
--- a/docs/fedora-coreos/azure.md
+++ b/docs/fedora-coreos/azure.md
@@ -1,6 +1,6 @@
# Azure
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on Azure with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on Azure with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a resource group, virtual network, subnets, security groups, controller availability set, worker scale set, load balancer, and TLS assets.
@@ -86,7 +86,7 @@ Define a Kubernetes cluster using the module `azure/fedora-coreos/kubernetes`.
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//azure/fedora-coreos/kubernetes?ref=v1.32.3"
# Azure
cluster_name = "ramius"
@@ -164,9 +164,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/ramius-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ramius-controller-0 Ready 24m v1.32.1
-ramius-worker-000001 Ready 25m v1.32.1
-ramius-worker-000002 Ready 24m v1.32.1
+ramius-controller-0 Ready 24m v1.32.3
+ramius-worker-000001 Ready 25m v1.32.3
+ramius-worker-000002 Ready 24m v1.32.3
```
List the pods.
diff --git a/docs/fedora-coreos/bare-metal.md b/docs/fedora-coreos/bare-metal.md
index ed68973c..7cd0c118 100644
--- a/docs/fedora-coreos/bare-metal.md
+++ b/docs/fedora-coreos/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.32.1 cluster on bare-metal with Fedora CoreOS.
+In this tutorial, we'll network boot and provision a Kubernetes v1.32.3 cluster on bare-metal with Fedora CoreOS.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Fedora CoreOS to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -154,7 +154,7 @@ Define a Kubernetes cluster using the module `bare-metal/fedora-coreos/kubernete
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.32.3"
# bare-metal
cluster_name = "mercury"
@@ -191,7 +191,7 @@ Workers with similar features can be defined inline using the `workers` field as
```tf
module "mercury-node1" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes/worker?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes/worker?ref=v1.32.3"
# bare-metal
cluster_name = "mercury"
@@ -313,9 +313,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.32.1
-node2.example.com Ready 10m v1.32.1
-node3.example.com Ready 10m v1.32.1
+node1.example.com Ready 10m v1.32.3
+node2.example.com Ready 10m v1.32.3
+node3.example.com Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/fedora-coreos/digitalocean.md b/docs/fedora-coreos/digitalocean.md
index 41c0f125..781ef6c8 100644
--- a/docs/fedora-coreos/digitalocean.md
+++ b/docs/fedora-coreos/digitalocean.md
@@ -1,6 +1,6 @@
# DigitalOcean
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on DigitalOcean with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on DigitalOcean with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create controller droplets, worker droplets, DNS records, tags, and TLS assets.
@@ -81,7 +81,7 @@ Define a Kubernetes cluster using the module `digital-ocean/fedora-coreos/kubern
```tf
module "nemo" {
- source = "git::https://github.com/poseidon/typhoon//digital-ocean/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//digital-ocean/fedora-coreos/kubernetes?ref=v1.32.3"
# Digital Ocean
cluster_name = "nemo"
@@ -156,9 +156,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/nemo-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-10.132.110.130 Ready 10m v1.32.1
-10.132.115.81 Ready 10m v1.32.1
-10.132.124.107 Ready 10m v1.32.1
+10.132.110.130 Ready 10m v1.32.3
+10.132.115.81 Ready 10m v1.32.3
+10.132.124.107 Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/fedora-coreos/google-cloud.md b/docs/fedora-coreos/google-cloud.md
index 75d5010f..f54c3590 100644
--- a/docs/fedora-coreos/google-cloud.md
+++ b/docs/fedora-coreos/google-cloud.md
@@ -1,6 +1,6 @@
# Google Cloud
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on Google Compute Engine with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on Google Compute Engine with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -73,7 +73,7 @@ Define a Kubernetes cluster using the module `google-cloud/fedora-coreos/kuberne
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -148,9 +148,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.32.1
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.1
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.1
+yavin-controller-0.c.example-com.internal Ready 6m v1.32.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.3
```
List the pods.
diff --git a/docs/flatcar-linux/aws.md b/docs/flatcar-linux/aws.md
index bc92e69e..cc3bbd7c 100644
--- a/docs/flatcar-linux/aws.md
+++ b/docs/flatcar-linux/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on AWS with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on AWS with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -72,7 +72,7 @@ Define a Kubernetes cluster using the module `aws/flatcar-linux/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//aws/flatcar-linux/kubernetes?ref=v1.32.3"
# AWS
cluster_name = "tempest"
@@ -146,9 +146,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.32.1
-ip-10-0-26-65 Ready 10m v1.32.1
-ip-10-0-41-21 Ready 10m v1.32.1
+ip-10-0-3-155 Ready 10m v1.32.3
+ip-10-0-26-65 Ready 10m v1.32.3
+ip-10-0-41-21 Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/flatcar-linux/azure.md b/docs/flatcar-linux/azure.md
index 06f35c21..0a1797d8 100644
--- a/docs/flatcar-linux/azure.md
+++ b/docs/flatcar-linux/azure.md
@@ -1,6 +1,6 @@
# Azure
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on Azure with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on Azure with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a resource group, virtual network, subnets, security groups, controller availability set, worker scale set, load balancer, and TLS assets.
@@ -75,7 +75,7 @@ Define a Kubernetes cluster using the module `azure/flatcar-linux/kubernetes`.
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//azure/flatcar-linux/kubernetes?ref=v1.32.3"
# Azure
cluster_name = "ramius"
@@ -152,9 +152,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/ramius-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ramius-controller-0 Ready 24m v1.32.1
-ramius-worker-000001 Ready 25m v1.32.1
-ramius-worker-000002 Ready 24m v1.32.1
+ramius-controller-0 Ready 24m v1.32.3
+ramius-worker-000001 Ready 25m v1.32.3
+ramius-worker-000002 Ready 24m v1.32.3
```
List the pods.
diff --git a/docs/flatcar-linux/bare-metal.md b/docs/flatcar-linux/bare-metal.md
index 3af68590..51fd654d 100644
--- a/docs/flatcar-linux/bare-metal.md
+++ b/docs/flatcar-linux/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.32.1 cluster on bare-metal with Flatcar Linux.
+In this tutorial, we'll network boot and provision a Kubernetes v1.32.3 cluster on bare-metal with Flatcar Linux.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Container Linux to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -154,7 +154,7 @@ Define a Kubernetes cluster using the module `bare-metal/flatcar-linux/kubernete
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.32.3"
# bare-metal
cluster_name = "mercury"
@@ -194,7 +194,7 @@ Workers with similar features can be defined inline using the `workers` field as
```tf
module "mercury-node1" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes/worker?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes/worker?ref=v1.32.3"
# bare-metal
cluster_name = "mercury"
@@ -323,9 +323,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.32.1
-node2.example.com Ready 10m v1.32.1
-node3.example.com Ready 10m v1.32.1
+node1.example.com Ready 10m v1.32.3
+node2.example.com Ready 10m v1.32.3
+node3.example.com Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/flatcar-linux/digitalocean.md b/docs/flatcar-linux/digitalocean.md
index c83b04a3..e3a533a8 100644
--- a/docs/flatcar-linux/digitalocean.md
+++ b/docs/flatcar-linux/digitalocean.md
@@ -1,6 +1,6 @@
# DigitalOcean
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on DigitalOcean with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on DigitalOcean with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create controller droplets, worker droplets, DNS records, tags, and TLS assets.
@@ -81,7 +81,7 @@ Define a Kubernetes cluster using the module `digital-ocean/flatcar-linux/kubern
```tf
module "nemo" {
- source = "git::https://github.com/poseidon/typhoon//digital-ocean/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//digital-ocean/flatcar-linux/kubernetes?ref=v1.32.3"
# Digital Ocean
cluster_name = "nemo"
@@ -156,9 +156,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/nemo-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-10.132.110.130 Ready 10m v1.32.1
-10.132.115.81 Ready 10m v1.32.1
-10.132.124.107 Ready 10m v1.32.1
+10.132.110.130 Ready 10m v1.32.3
+10.132.115.81 Ready 10m v1.32.3
+10.132.124.107 Ready 10m v1.32.3
```
List the pods.
diff --git a/docs/flatcar-linux/google-cloud.md b/docs/flatcar-linux/google-cloud.md
index b93a5de9..0ee92486 100644
--- a/docs/flatcar-linux/google-cloud.md
+++ b/docs/flatcar-linux/google-cloud.md
@@ -1,6 +1,6 @@
# Google Cloud
-In this tutorial, we'll create a Kubernetes v1.32.1 cluster on Google Compute Engine with Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.32.3 cluster on Google Compute Engine with Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -73,7 +73,7 @@ Define a Kubernetes cluster using the module `google-cloud/flatcar-linux/kuberne
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/flatcar-linux/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -148,9 +148,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.32.1
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.1
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.1
+yavin-controller-0.c.example-com.internal Ready 6m v1.32.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.3
```
List the pods.
diff --git a/docs/index.md b/docs/index.md
index dc40d5b2..d052ede6 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](advanced/worker-pools/), [preemptible](fedora-coreos/google-cloud/#preemption) workers, and [snippets](advanced/customization/#hosts) customization
@@ -70,7 +70,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
# Google Cloud
cluster_name = "yavin"
@@ -109,9 +109,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.32.1
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.1
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.1
+yavin-controller-0.c.example-com.internal Ready 6m v1.32.3
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.32.3
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.32.3
```
List the pods.
diff --git a/docs/topics/maintenance.md b/docs/topics/maintenance.md
index 8410e535..3680469e 100644
--- a/docs/topics/maintenance.md
+++ b/docs/topics/maintenance.md
@@ -13,12 +13,12 @@ Typhoon provides tagged releases to allow clusters to be versioned using ordinar
```
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/fedora-coreos/kubernetes?ref=v1.32.3"
...
}
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.32.1"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/flatcar-linux/kubernetes?ref=v1.32.3"
...
}
```
@@ -192,7 +192,7 @@ Applying edits to most worker fields will start an instance refresh:
However, changing `os_stream`/`os_channel` or new AMIs becoming available will NOT change the launch configuration or trigger an Instance Refresh. This allows Fedora CoreOS or Flatcar Linux to auto-update themselves via reboots and avoids unexpected terraform diffs for new AMIs.
!!! note
- Before Typhoon v1.32.1, worker nodes only used new launch configurations when replaced manually (or due to failure). If you must change node configuration manually, it's still possible. Create a new [worker pool](../advanced/worker-pools.md), then scale down the old worker pool as desired.
+ Before Typhoon v1.32.3, worker nodes only used new launch configurations when replaced manually (or due to failure). If you must change node configuration manually, it's still possible. Create a new [worker pool](../advanced/worker-pools.md), then scale down the old worker pool as desired.
### Google Cloud
@@ -233,7 +233,7 @@ Applying edits to most worker fields will start an instance refresh:
However, changing `os_stream`/`os_channel` or new compute images becoming available will NOT change the launch template or update instances. This allows Fedora CoreOS or Flatcar Linux to auto-update themselves via reboots and avoids unexpected terraform diffs for new AMIs.
!!! note
- Before Typhoon v1.32.1, worker nodes only used new launch templates when replaced manually (or due to failure). If you must change node configuration manually, it's still possible. Create a new [worker pool](../advanced/worker-pools.md), then scale down the old worker pool as desired.
+ Before Typhoon v1.32.3, worker nodes only used new launch templates when replaced manually (or due to failure). If you must change node configuration manually, it's still possible. Create a new [worker pool](../advanced/worker-pools.md), then scale down the old worker pool as desired.
## Upgrade poseidon/ct
diff --git a/google-cloud/fedora-coreos/kubernetes/README.md b/google-cloud/fedora-coreos/kubernetes/README.md
index 5a804f28..3ab28b97 100644
--- a/google-cloud/fedora-coreos/kubernetes/README.md
+++ b/google-cloud/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/), SELinux enforcing
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/fedora-coreos/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
index 31206043..7fe99e0b 100644
--- a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
+++ b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
etcd_servers = [for fqdn in google_dns_record_set.etcds.*.name : trimsuffix(fqdn, ".")]
diff --git a/google-cloud/fedora-coreos/kubernetes/butane/controller.yaml b/google-cloud/fedora-coreos/kubernetes/butane/controller.yaml
index 55d04d24..994c5f86 100644
--- a/google-cloud/fedora-coreos/kubernetes/butane/controller.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/butane/controller.yaml
@@ -54,7 +54,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -109,7 +109,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- quay.io/poseidon/kubelet:v1.32.1
+ quay.io/poseidon/kubelet:v1.32.3
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/google-cloud/fedora-coreos/kubernetes/workers/butane/worker.yaml b/google-cloud/fedora-coreos/kubernetes/workers/butane/worker.yaml
index dfe43e50..c319cbf8 100644
--- a/google-cloud/fedora-coreos/kubernetes/workers/butane/worker.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/workers/butane/worker.yaml
@@ -26,7 +26,7 @@ systemd:
Description=Kubelet (System Container)
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
diff --git a/google-cloud/flatcar-linux/kubernetes/README.md b/google-cloud/flatcar-linux/kubernetes/README.md
index 2bb2ae40..c9744fee 100644
--- a/google-cloud/flatcar-linux/kubernetes/README.md
+++ b/google-cloud/flatcar-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.32.1 (upstream)
+* Kubernetes v1.32.3 (upstream)
* Single or multi-master, [Cilium](https://github.com/cilium/cilium) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/flatcar-linux/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#hosts) customization
diff --git a/google-cloud/flatcar-linux/kubernetes/bootstrap.tf b/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
index 31206043..7fe99e0b 100644
--- a/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
+++ b/google-cloud/flatcar-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=c50071487ccd9a29f25767a5fa79dca260be7b86"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=209e02b4f26fd8d0580b0ecd07759e3ae76e7550"
cluster_name = var.cluster_name
etcd_servers = [for fqdn in google_dns_record_set.etcds.*.name : trimsuffix(fqdn, ".")]
diff --git a/google-cloud/flatcar-linux/kubernetes/butane/controller.yaml b/google-cloud/flatcar-linux/kubernetes/butane/controller.yaml
index 35087b69..ad41e9d7 100644
--- a/google-cloud/flatcar-linux/kubernetes/butane/controller.yaml
+++ b/google-cloud/flatcar-linux/kubernetes/butane/controller.yaml
@@ -56,7 +56,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@@ -103,7 +103,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/bootstrap
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStart=/usr/bin/docker run \
-v /etc/kubernetes/pki:/etc/kubernetes/pki:ro \
-v /opt/bootstrap/assets:/assets:ro \
diff --git a/google-cloud/flatcar-linux/kubernetes/workers/butane/worker.yaml b/google-cloud/flatcar-linux/kubernetes/workers/butane/worker.yaml
index 1dda33d2..d695b5d3 100644
--- a/google-cloud/flatcar-linux/kubernetes/workers/butane/worker.yaml
+++ b/google-cloud/flatcar-linux/kubernetes/workers/butane/worker.yaml
@@ -28,7 +28,7 @@ systemd:
After=docker.service
Wants=rpc-statd.service
[Service]
- Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.1
+ Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.32.3
ExecStartPre=/bin/mkdir -p /etc/cni/net.d
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /opt/cni/bin