diff --git a/CHANGES.md b/CHANGES.md
index 88368209..403f382e 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,15 +30,15 @@ Notable changes between versions.
* Add `worker_node_labels` map variable for per-worker node labels ([#663](https://github.com/poseidon/typhoon/pull/663))
* Add `worker_node_taints` map variable for per-worker node taints ([#663](https://github.com/poseidon/typhoon/pull/663))
+#### DigitalOcean
+
+* Add support for Flatcar Container Linux ([#644](https://github.com/poseidon/typhoon/pull/644))
+
#### Google Cloud
* Fix `worker_node_labels` on Fedora CoreOS ([#651](https://github.com/poseidon/typhoon/pull/651))
* Fix automatic worker node delete on shutdown on Fedora CoreOS ([#657](https://github.com/poseidon/typhoon/pull/657))
-#### DigitalOcean
-
-* Add support for Flatcar Container Linux ([#644](https://github.com/poseidon/typhoon/pull/644))
-
#### Addons
* Update nginx-ingress from v0.28.0 to [v0.30.0](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.30.0)
diff --git a/README.md b/README.md
index 73bc89ca..590009a1 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features 
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/cl/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
@@ -59,7 +59,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.4"
# Google Cloud
cluster_name = "yavin"
@@ -98,9 +98,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.17.3
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.3
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.3
+yavin-controller-0.c.example-com.internal Ready 6m v1.17.4
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.4
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.4
```
List the pods.
diff --git a/aws/container-linux/kubernetes/README.md b/aws/container-linux/kubernetes/README.md
index fffa6688..fcd9f1a0 100644
--- a/aws/container-linux/kubernetes/README.md
+++ b/aws/container-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/cl/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/aws/container-linux/kubernetes/bootstrap.tf b/aws/container-linux/kubernetes/bootstrap.tf
index 36062932..f55e011d 100644
--- a/aws/container-linux/kubernetes/bootstrap.tf
+++ b/aws/container-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/container-linux/kubernetes/cl/controller.yaml b/aws/container-linux/kubernetes/cl/controller.yaml
index 41c3319c..ee96a576 100644
--- a/aws/container-linux/kubernetes/cl/controller.yaml
+++ b/aws/container-linux/kubernetes/cl/controller.yaml
@@ -91,7 +91,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -136,7 +136,7 @@ systemd:
--volume script,kind=host,source=/opt/bootstrap/apply \
--mount volume=script,target=/apply \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
--exec=/apply
diff --git a/aws/container-linux/kubernetes/workers/cl/worker.yaml b/aws/container-linux/kubernetes/workers/cl/worker.yaml
index 1eac9085..a41dc853 100644
--- a/aws/container-linux/kubernetes/workers/cl/worker.yaml
+++ b/aws/container-linux/kubernetes/workers/cl/worker.yaml
@@ -64,7 +64,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -128,7 +128,7 @@ storage:
--volume config,kind=host,source=/etc/kubernetes \
--mount volume=config,target=/etc/kubernetes \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
-- \
diff --git a/aws/fedora-coreos/kubernetes/README.md b/aws/fedora-coreos/kubernetes/README.md
index 4cd36d5d..5b29531d 100644
--- a/aws/fedora-coreos/kubernetes/README.md
+++ b/aws/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [spot](https://typhoon.psdn.io/cl/aws/#spot) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/aws/fedora-coreos/kubernetes/bootstrap.tf b/aws/fedora-coreos/kubernetes/bootstrap.tf
index 0a2f9d52..556cc760 100644
--- a/aws/fedora-coreos/kubernetes/bootstrap.tf
+++ b/aws/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/aws/fedora-coreos/kubernetes/fcc/controller.yaml b/aws/fedora-coreos/kubernetes/fcc/controller.yaml
index 9c4e272e..aeed1df6 100644
--- a/aws/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/aws/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -79,7 +79,7 @@ systemd:
--volume /var/log:/var/log \
--volume /var/run/lock:/var/run/lock:z \
--volume /opt/cni/bin:/opt/cni/bin:z \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
@@ -123,7 +123,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- k8s.gcr.io/hyperkube:v1.17.3
+ k8s.gcr.io/hyperkube:v1.17.4
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
index e2b8e036..07492c3e 100644
--- a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@@ -49,7 +49,7 @@ systemd:
--volume /var/log:/var/log \
--volume /var/run/lock:/var/run/lock:z \
--volume /opt/cni/bin:/opt/cni/bin:z \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
@@ -87,7 +87,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
- ExecStop=/bin/bash -c '/usr/bin/podman run --volume /etc/kubernetes:/etc/kubernetes:ro,z k8s.gcr.io/hyperkube:v1.17.3 kubectl --kubeconfig=/etc/kubernetes/kubeconfig delete node $HOSTNAME'
+ ExecStop=/bin/bash -c '/usr/bin/podman run --volume /etc/kubernetes:/etc/kubernetes:ro,z k8s.gcr.io/hyperkube:v1.17.4 kubectl --kubeconfig=/etc/kubernetes/kubeconfig delete node $HOSTNAME'
[Install]
WantedBy=multi-user.target
storage:
diff --git a/azure/container-linux/kubernetes/README.md b/azure/container-linux/kubernetes/README.md
index af535987..27d1002e 100644
--- a/azure/container-linux/kubernetes/README.md
+++ b/azure/container-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [low-priority](https://typhoon.psdn.io/cl/azure/#low-priority) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/azure/container-linux/kubernetes/bootstrap.tf b/azure/container-linux/kubernetes/bootstrap.tf
index 9b2254b1..d7656e2c 100644
--- a/azure/container-linux/kubernetes/bootstrap.tf
+++ b/azure/container-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/azure/container-linux/kubernetes/cl/controller.yaml b/azure/container-linux/kubernetes/cl/controller.yaml
index a9b834d0..b5035dc0 100644
--- a/azure/container-linux/kubernetes/cl/controller.yaml
+++ b/azure/container-linux/kubernetes/cl/controller.yaml
@@ -90,7 +90,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -134,7 +134,7 @@ systemd:
--volume script,kind=host,source=/opt/bootstrap/apply \
--mount volume=script,target=/apply \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
--exec=/apply
diff --git a/azure/container-linux/kubernetes/workers/cl/worker.yaml b/azure/container-linux/kubernetes/workers/cl/worker.yaml
index fe7fb84c..749cb9bc 100644
--- a/azure/container-linux/kubernetes/workers/cl/worker.yaml
+++ b/azure/container-linux/kubernetes/workers/cl/worker.yaml
@@ -63,7 +63,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -126,7 +126,7 @@ storage:
--volume config,kind=host,source=/etc/kubernetes \
--mount volume=config,target=/etc/kubernetes \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
-- \
diff --git a/bare-metal/container-linux/kubernetes/README.md b/bare-metal/container-linux/kubernetes/README.md
index a85c3aaf..1cc1b3ff 100644
--- a/bare-metal/container-linux/kubernetes/README.md
+++ b/bare-metal/container-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/bare-metal/container-linux/kubernetes/bootstrap.tf b/bare-metal/container-linux/kubernetes/bootstrap.tf
index d3c9540f..25c4f686 100644
--- a/bare-metal/container-linux/kubernetes/bootstrap.tf
+++ b/bare-metal/container-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/container-linux/kubernetes/cl/controller.yaml b/bare-metal/container-linux/kubernetes/cl/controller.yaml
index 56920550..5589f76d 100644
--- a/bare-metal/container-linux/kubernetes/cl/controller.yaml
+++ b/bare-metal/container-linux/kubernetes/cl/controller.yaml
@@ -103,7 +103,7 @@ systemd:
--mount volume=etc-iscsi,target=/etc/iscsi \
--volume usr-sbin-iscsiadm,kind=host,source=/usr/sbin/iscsiadm \
--mount volume=usr-sbin-iscsiadm,target=/sbin/iscsiadm \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -149,7 +149,7 @@ systemd:
--volume script,kind=host,source=/opt/bootstrap/apply \
--mount volume=script,target=/apply \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
--exec=/apply
diff --git a/bare-metal/container-linux/kubernetes/cl/worker.yaml b/bare-metal/container-linux/kubernetes/cl/worker.yaml
index 8ffb1d2e..f4b923d3 100644
--- a/bare-metal/container-linux/kubernetes/cl/worker.yaml
+++ b/bare-metal/container-linux/kubernetes/cl/worker.yaml
@@ -76,7 +76,7 @@ systemd:
--mount volume=etc-iscsi,target=/etc/iscsi \
--volume usr-sbin-iscsiadm,kind=host,source=/usr/sbin/iscsiadm \
--mount volume=usr-sbin-iscsiadm,target=/sbin/iscsiadm \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
diff --git a/bare-metal/fedora-coreos/kubernetes/README.md b/bare-metal/fedora-coreos/kubernetes/README.md
index 46a9ed4e..088e4e86 100644
--- a/bare-metal/fedora-coreos/kubernetes/README.md
+++ b/bare-metal/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
index bd5283ba..077df9a4 100644
--- a/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
+++ b/bare-metal/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]
diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
index 72585414..89b77800 100644
--- a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -80,7 +80,7 @@ systemd:
--volume /opt/cni/bin:/opt/cni/bin:z \
--volume /etc/iscsi:/etc/iscsi \
--volume /sbin/iscsiadm:/sbin/iscsiadm \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
@@ -134,7 +134,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- k8s.gcr.io/hyperkube:v1.17.3
+ k8s.gcr.io/hyperkube:v1.17.4
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
index d1d5e8aa..54395326 100644
--- a/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
+++ b/bare-metal/fedora-coreos/kubernetes/fcc/worker.yaml
@@ -50,7 +50,7 @@ systemd:
--volume /opt/cni/bin:/opt/cni/bin:z \
--volume /etc/iscsi:/etc/iscsi \
--volume /sbin/iscsiadm:/sbin/iscsiadm \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
diff --git a/digital-ocean/container-linux/kubernetes/README.md b/digital-ocean/container-linux/kubernetes/README.md
index b5845e62..5fd66520 100644
--- a/digital-ocean/container-linux/kubernetes/README.md
+++ b/digital-ocean/container-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/digital-ocean/container-linux/kubernetes/bootstrap.tf b/digital-ocean/container-linux/kubernetes/bootstrap.tf
index 647c6da8..bfec3b98 100644
--- a/digital-ocean/container-linux/kubernetes/bootstrap.tf
+++ b/digital-ocean/container-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml b/digital-ocean/container-linux/kubernetes/cl/controller.yaml
index 3950c7dc..40930c03 100644
--- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml
+++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml
@@ -101,7 +101,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -146,7 +146,7 @@ systemd:
--volume script,kind=host,source=/opt/bootstrap/apply \
--mount volume=script,target=/apply \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
--exec=/apply
diff --git a/digital-ocean/container-linux/kubernetes/cl/worker.yaml b/digital-ocean/container-linux/kubernetes/cl/worker.yaml
index 0a23c0cc..230e05a8 100644
--- a/digital-ocean/container-linux/kubernetes/cl/worker.yaml
+++ b/digital-ocean/container-linux/kubernetes/cl/worker.yaml
@@ -74,7 +74,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -132,7 +132,7 @@ storage:
--volume config,kind=host,source=/etc/kubernetes \
--mount volume=config,target=/etc/kubernetes \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
-- \
diff --git a/docs/advanced/worker-pools.md b/docs/advanced/worker-pools.md
index 07d022a1..2eb295bc 100644
--- a/docs/advanced/worker-pools.md
+++ b/docs/advanced/worker-pools.md
@@ -79,7 +79,7 @@ Create a cluster following the Azure [tutorial](../cl/azure.md#cluster). Define
```tf
module "ramius-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//azure/container-linux/kubernetes/workers?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//azure/container-linux/kubernetes/workers?ref=v1.17.4"
# Azure
region = module.ramius.region
@@ -145,7 +145,7 @@ Create a cluster following the Google Cloud [tutorial](../cl/google-cloud.md#clu
```tf
module "yavin-worker-pool" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes/workers?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes/workers?ref=v1.17.4"
# Google Cloud
region = "europe-west2"
@@ -176,11 +176,11 @@ Verify a managed instance group of workers joins the cluster within a few minute
```
$ kubectl get nodes
NAME STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.17.3
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.3
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.3
-yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.17.3
-yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.17.3
+yavin-controller-0.c.example-com.internal Ready 6m v1.17.4
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.4
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.4
+yavin-16x-worker-jrbf.c.example-com.internal Ready 3m v1.17.4
+yavin-16x-worker-mzdm.c.example-com.internal Ready 3m v1.17.4
```
### Variables
diff --git a/docs/cl/aws.md b/docs/cl/aws.md
index f46a76a8..a6c8b337 100644
--- a/docs/cl/aws.md
+++ b/docs/cl/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on AWS with CoreOS Container Linux or Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on AWS with CoreOS Container Linux or Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -70,7 +70,7 @@ Define a Kubernetes cluster using the module `aws/container-linux/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//aws/container-linux/kubernetes?ref=v1.17.4"
# AWS
cluster_name = "tempest"
@@ -143,9 +143,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.17.3
-ip-10-0-26-65 Ready 10m v1.17.3
-ip-10-0-41-21 Ready 10m v1.17.3
+ip-10-0-3-155 Ready 10m v1.17.4
+ip-10-0-26-65 Ready 10m v1.17.4
+ip-10-0-41-21 Ready 10m v1.17.4
```
List the pods.
diff --git a/docs/cl/azure.md b/docs/cl/azure.md
index deb4b0a1..5f985e7c 100644
--- a/docs/cl/azure.md
+++ b/docs/cl/azure.md
@@ -3,7 +3,7 @@
!!! danger
Typhoon for Azure is alpha. For production, use AWS, Google Cloud, or bare-metal. As Azure matures, check [errata](https://github.com/poseidon/typhoon/wiki/Errata) for known shortcomings.
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on Azure with CoreOS Container Linux or Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on Azure with CoreOS Container Linux or Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a resource group, virtual network, subnets, security groups, controller availability set, worker scale set, load balancer, and TLS assets.
@@ -66,7 +66,7 @@ Define a Kubernetes cluster using the module `azure/container-linux/kubernetes`.
```tf
module "ramius" {
- source = "git::https://github.com/poseidon/typhoon//azure/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//azure/container-linux/kubernetes?ref=v1.17.4"
# Azure
cluster_name = "ramius"
@@ -149,9 +149,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/ramius-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ramius-controller-0 Ready 24m v1.17.3
-ramius-worker-000001 Ready 25m v1.17.3
-ramius-worker-000002 Ready 24m v1.17.3
+ramius-controller-0 Ready 24m v1.17.4
+ramius-worker-000001 Ready 25m v1.17.4
+ramius-worker-000002 Ready 24m v1.17.4
```
List the pods.
diff --git a/docs/cl/bare-metal.md b/docs/cl/bare-metal.md
index 5cf4f777..d1288413 100644
--- a/docs/cl/bare-metal.md
+++ b/docs/cl/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.17.3 cluster on bare-metal with CoreOS Container Linux or Flatcar Linux.
+In this tutorial, we'll network boot and provision a Kubernetes v1.17.4 cluster on bare-metal with CoreOS Container Linux or Flatcar Linux.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Container Linux to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -160,7 +160,7 @@ Define a Kubernetes cluster using the module `bare-metal/container-linux/kuberne
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.17.4"
# bare-metal
cluster_name = "mercury"
@@ -299,9 +299,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.17.3
-node2.example.com Ready 10m v1.17.3
-node3.example.com Ready 10m v1.17.3
+node1.example.com Ready 10m v1.17.4
+node2.example.com Ready 10m v1.17.4
+node3.example.com Ready 10m v1.17.4
```
List the pods.
diff --git a/docs/cl/digital-ocean.md b/docs/cl/digital-ocean.md
index ead7fc7e..7b796b3b 100644
--- a/docs/cl/digital-ocean.md
+++ b/docs/cl/digital-ocean.md
@@ -1,6 +1,6 @@
# Digital Ocean
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on DigitalOcean with CoreOS Container Linux or Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on DigitalOcean with CoreOS Container Linux or Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create controller droplets, worker droplets, DNS records, tags, and TLS assets.
@@ -65,7 +65,7 @@ Define a Kubernetes cluster using the module `digital-ocean/container-linux/kube
```tf
module "nemo" {
- source = "git::https://github.com/poseidon/typhoon//digital-ocean/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//digital-ocean/container-linux/kubernetes?ref=v1.17.4"
# Digital Ocean
cluster_name = "nemo"
@@ -161,9 +161,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/nemo-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-10.132.110.130 Ready 10m v1.17.3
-10.132.115.81 Ready 10m v1.17.3
-10.132.124.107 Ready 10m v1.17.3
+10.132.110.130 Ready 10m v1.17.4
+10.132.115.81 Ready 10m v1.17.4
+10.132.124.107 Ready 10m v1.17.4
```
List the pods.
diff --git a/docs/cl/google-cloud.md b/docs/cl/google-cloud.md
index 08bed675..6c50577d 100644
--- a/docs/cl/google-cloud.md
+++ b/docs/cl/google-cloud.md
@@ -1,6 +1,6 @@
# Google Cloud
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on Google Compute Engine with CoreOS Container Linux or Flatcar Linux.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on Google Compute Engine with CoreOS Container Linux or Flatcar Linux.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -71,7 +71,7 @@ Define a Kubernetes cluster using the module `google-cloud/container-linux/kuber
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.4"
# Google Cloud
cluster_name = "yavin"
@@ -167,9 +167,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.17.3
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.3
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.3
+yavin-controller-0.c.example-com.internal Ready 6m v1.17.4
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.4
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.4
```
List the pods.
diff --git a/docs/fedora-coreos/aws.md b/docs/fedora-coreos/aws.md
index 61876769..928d4768 100644
--- a/docs/fedora-coreos/aws.md
+++ b/docs/fedora-coreos/aws.md
@@ -1,6 +1,6 @@
# AWS
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on AWS with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on AWS with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a VPC, gateway, subnets, security groups, controller instances, worker auto-scaling group, network load balancer, and TLS assets.
@@ -70,7 +70,7 @@ Define a Kubernetes cluster using the module `aws/fedora-coreos/kubernetes`.
```tf
module "tempest" {
- source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//aws/fedora-coreos/kubernetes?ref=v1.17.4"
# AWS
cluster_name = "tempest"
@@ -143,9 +143,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/tempest-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-3-155 Ready 10m v1.17.3
-ip-10-0-26-65 Ready 10m v1.17.3
-ip-10-0-41-21 Ready 10m v1.17.3
+ip-10-0-3-155 Ready 10m v1.17.4
+ip-10-0-26-65 Ready 10m v1.17.4
+ip-10-0-41-21 Ready 10m v1.17.4
```
List the pods.
diff --git a/docs/fedora-coreos/bare-metal.md b/docs/fedora-coreos/bare-metal.md
index c95fbf3d..3acd118d 100644
--- a/docs/fedora-coreos/bare-metal.md
+++ b/docs/fedora-coreos/bare-metal.md
@@ -1,6 +1,6 @@
# Bare-Metal
-In this tutorial, we'll network boot and provision a Kubernetes v1.17.3 cluster on bare-metal with Fedora CoreOS.
+In this tutorial, we'll network boot and provision a Kubernetes v1.17.4 cluster on bare-metal with Fedora CoreOS.
First, we'll deploy a [Matchbox](https://github.com/poseidon/matchbox) service and setup a network boot environment. Then, we'll declare a Kubernetes cluster using the Typhoon Terraform module and power on machines. On PXE boot, machines will install Fedora CoreOS to disk, reboot into the disk install, and provision themselves as Kubernetes controllers or workers via Ignition.
@@ -160,7 +160,7 @@ Define a Kubernetes cluster using the module `bare-metal/fedora-coreos/kubernete
```tf
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/fedora-coreos/kubernetes?ref=v1.17.4"
# bare-metal
cluster_name = "mercury"
@@ -289,9 +289,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/mercury-config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-node1.example.com Ready 10m v1.17.3
-node2.example.com Ready 10m v1.17.3
-node3.example.com Ready 10m v1.17.3
+node1.example.com Ready 10m v1.17.4
+node2.example.com Ready 10m v1.17.4
+node3.example.com Ready 10m v1.17.4
```
List the pods.
diff --git a/docs/fedora-coreos/google-cloud.md b/docs/fedora-coreos/google-cloud.md
index 80d25569..4a059d9f 100644
--- a/docs/fedora-coreos/google-cloud.md
+++ b/docs/fedora-coreos/google-cloud.md
@@ -3,7 +3,7 @@
!!! danger
Typhoon for Fedora CoreOS is an alpha. Please report Fedora CoreOS bugs to [Fedora](https://github.com/coreos/fedora-coreos-tracker/issues) and Typhoon issues to Typhoon.
-In this tutorial, we'll create a Kubernetes v1.17.3 cluster on Google Compute Engine with Fedora CoreOS.
+In this tutorial, we'll create a Kubernetes v1.17.4 cluster on Google Compute Engine with Fedora CoreOS.
We'll declare a Kubernetes cluster using the Typhoon Terraform module. Then apply the changes to create a network, firewall rules, health checks, controller instances, worker managed instance group, load balancers, and TLS assets.
@@ -168,9 +168,9 @@ List nodes in the cluster.
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.17.3
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.3
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.3
+yavin-controller-0.c.example-com.internal Ready 6m v1.17.4
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.4
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.4
```
List the pods.
diff --git a/docs/index.md b/docs/index.md
index 22ec8931..df5bf667 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](advanced/worker-pools/), [preemptible](cl/google-cloud/#preemption) workers, and [snippets](advanced/customization/#container-linux) customization
@@ -58,7 +58,7 @@ Define a Kubernetes cluster by using the Terraform module for your chosen platfo
```tf
module "yavin" {
- source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//google-cloud/container-linux/kubernetes?ref=v1.17.4"
# Google Cloud
cluster_name = "yavin"
@@ -96,9 +96,9 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
$ export KUBECONFIG=/home/user/.kube/configs/yavin-config
$ kubectl get nodes
NAME ROLES STATUS AGE VERSION
-yavin-controller-0.c.example-com.internal Ready 6m v1.17.3
-yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.3
-yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.3
+yavin-controller-0.c.example-com.internal Ready 6m v1.17.4
+yavin-worker-jrbf.c.example-com.internal Ready 5m v1.17.4
+yavin-worker-mzdm.c.example-com.internal Ready 5m v1.17.4
```
List the pods.
diff --git a/docs/topics/maintenance.md b/docs/topics/maintenance.md
index 114bfc93..2b3126a1 100644
--- a/docs/topics/maintenance.md
+++ b/docs/topics/maintenance.md
@@ -18,7 +18,7 @@ module "yavin" {
}
module "mercury" {
- source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.17.3"
+ source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.17.4"
...
}
```
@@ -279,15 +279,15 @@ Typhoon modules have been adapted for Terraform v0.12. Provider plugins requirem
| Typhoon Release | Terraform version |
|-------------------|---------------------|
-| v1.17.3 - ? | v0.12.x |
-| v1.10.3 - v1.17.3 | v0.11.x |
+| v1.17.4 - ? | v0.12.x |
+| v1.10.3 - v1.17.4 | v0.11.x |
| v1.9.2 - v1.10.2 | v0.10.4+ or v0.11.x |
| v1.7.3 - v1.9.1 | v0.10.x |
| v1.6.4 - v1.7.2 | v0.9.x |
### New users
-New users can start with Terraform v0.12.x and follow the docs for Typhoon v1.17.3+ without issue.
+New users can start with Terraform v0.12.x and follow the docs for Typhoon v1.17.4+ without issue.
### Existing users
diff --git a/google-cloud/container-linux/kubernetes/README.md b/google-cloud/container-linux/kubernetes/README.md
index fe81ec8f..ff8a08a9 100644
--- a/google-cloud/container-linux/kubernetes/README.md
+++ b/google-cloud/container-linux/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/cl/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/google-cloud/container-linux/kubernetes/bootstrap.tf b/google-cloud/container-linux/kubernetes/bootstrap.tf
index 3cad1dc5..f3244b99 100644
--- a/google-cloud/container-linux/kubernetes/bootstrap.tf
+++ b/google-cloud/container-linux/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/google-cloud/container-linux/kubernetes/cl/controller.yaml b/google-cloud/container-linux/kubernetes/cl/controller.yaml
index e57ee429..5966bff1 100644
--- a/google-cloud/container-linux/kubernetes/cl/controller.yaml
+++ b/google-cloud/container-linux/kubernetes/cl/controller.yaml
@@ -90,7 +90,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -134,7 +134,7 @@ systemd:
--volume script,kind=host,source=/opt/bootstrap/apply \
--mount volume=script,target=/apply \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
--exec=/apply
diff --git a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml
index 26dffd3e..4cf23d9b 100644
--- a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml
+++ b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml
@@ -63,7 +63,7 @@ systemd:
--mount volume=var-log,target=/var/log \
--volume opt-cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=opt-cni-bin,target=/opt/cni/bin \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--exec=/usr/local/bin/kubelet -- \
--anonymous-auth=false \
--authentication-token-webhook \
@@ -126,7 +126,7 @@ storage:
--volume config,kind=host,source=/etc/kubernetes \
--mount volume=config,target=/etc/kubernetes \
--insecure-options=image \
- docker://k8s.gcr.io/hyperkube:v1.17.3 \
+ docker://k8s.gcr.io/hyperkube:v1.17.4 \
--net=host \
--dns=host \
-- \
diff --git a/google-cloud/fedora-coreos/kubernetes/README.md b/google-cloud/fedora-coreos/kubernetes/README.md
index fe81ec8f..ff8a08a9 100644
--- a/google-cloud/fedora-coreos/kubernetes/README.md
+++ b/google-cloud/fedora-coreos/kubernetes/README.md
@@ -11,7 +11,7 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
-* Kubernetes v1.17.3 (upstream)
+* Kubernetes v1.17.4 (upstream)
* Single or multi-master, [Calico](https://www.projectcalico.org/) or [flannel](https://github.com/coreos/flannel) networking
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Advanced features like [worker pools](https://typhoon.psdn.io/advanced/worker-pools/), [preemptible](https://typhoon.psdn.io/cl/google-cloud/#preemption) workers, and [snippets](https://typhoon.psdn.io/advanced/customization/#container-linux) customization
diff --git a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
index 3ef495e9..fb05144e 100644
--- a/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
+++ b/google-cloud/fedora-coreos/kubernetes/bootstrap.tf
@@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
- source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=804029edd5a6a5cf02e0db4919e7f2bb601d0089"
+ source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=73784c1b2c791d9ba586a1478979ac34dd324dad"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
diff --git a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
index 9c4e272e..aeed1df6 100644
--- a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml
@@ -79,7 +79,7 @@ systemd:
--volume /var/log:/var/log \
--volume /var/run/lock:/var/run/lock:z \
--volume /opt/cni/bin:/opt/cni/bin:z \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
@@ -123,7 +123,7 @@ systemd:
--volume /opt/bootstrap/assets:/assets:ro,Z \
--volume /opt/bootstrap/apply:/apply:ro,Z \
--entrypoint=/apply \
- k8s.gcr.io/hyperkube:v1.17.3
+ k8s.gcr.io/hyperkube:v1.17.4
ExecStartPost=/bin/touch /opt/bootstrap/bootstrap.done
ExecStartPost=-/usr/bin/podman stop bootstrap
storage:
diff --git a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
index e2b8e036..07492c3e 100644
--- a/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/google-cloud/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@@ -49,7 +49,7 @@ systemd:
--volume /var/log:/var/log \
--volume /var/run/lock:/var/run/lock:z \
--volume /opt/cni/bin:/opt/cni/bin:z \
- k8s.gcr.io/hyperkube:v1.17.3 kubelet \
+ k8s.gcr.io/hyperkube:v1.17.4 kubelet \
--anonymous-auth=false \
--authentication-token-webhook \
--authorization-mode=Webhook \
@@ -87,7 +87,7 @@ systemd:
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
- ExecStop=/bin/bash -c '/usr/bin/podman run --volume /etc/kubernetes:/etc/kubernetes:ro,z k8s.gcr.io/hyperkube:v1.17.3 kubectl --kubeconfig=/etc/kubernetes/kubeconfig delete node $HOSTNAME'
+ ExecStop=/bin/bash -c '/usr/bin/podman run --volume /etc/kubernetes:/etc/kubernetes:ro,z k8s.gcr.io/hyperkube:v1.17.4 kubectl --kubeconfig=/etc/kubernetes/kubeconfig delete node $HOSTNAME'
[Install]
WantedBy=multi-user.target
storage: