From fdfa514583abb55a676a752f60dbcc278ba37618 Mon Sep 17 00:00:00 2001 From: Serge Logvinov Date: Fri, 10 Feb 2023 17:12:55 +0200 Subject: [PATCH] update --- azure/Makefile | 2 +- .../deployments/azure-autoscaler-result.yaml | 16 +++++++------- azure/deployments/azure-csi-node.yaml | 9 ++++---- azure/deployments/azure-csi.yaml | 22 +++++++++++-------- azure/deployments/cilium-result.yaml | 10 ++++----- azure/deployments/cilium.yaml | 2 +- 6 files changed, 33 insertions(+), 28 deletions(-) diff --git a/azure/Makefile b/azure/Makefile index 65d48ba..7da145a 100644 --- a/azure/Makefile +++ b/azure/Makefile @@ -33,7 +33,7 @@ create-templates: @yq eval -o=json '{"kubernetes": .}' _cfgs/tfstate.vars > terraform.tfvars.json create-deployments: - helm template --namespace=kube-system --version=1.12.5 -f deployments/cilium.yaml cilium \ + helm template --namespace=kube-system --version=1.12.6 -f deployments/cilium.yaml cilium \ cilium/cilium > deployments/cilium-result.yaml helm template --namespace=kube-system -f deployments/azure-autoscaler.yaml cluster-autoscaler-azure \ autoscaler/cluster-autoscaler > deployments/azure-autoscaler-result.yaml diff --git a/azure/deployments/azure-autoscaler-result.yaml b/azure/deployments/azure-autoscaler-result.yaml index a923c5d..b1a13d7 100644 --- a/azure/deployments/azure-autoscaler-result.yaml +++ b/azure/deployments/azure-autoscaler-result.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system spec: @@ -26,7 +26,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system automountServiceAccountToken: true @@ -55,7 +55,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure rules: - apiGroups: @@ -196,7 +196,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure roleRef: apiGroup: rbac.authorization.k8s.io @@ -215,7 +215,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system rules: @@ -244,7 +244,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system roleRef: @@ -264,7 +264,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system spec: @@ -288,7 +288,7 @@ metadata: app.kubernetes.io/instance: "cluster-autoscaler-azure" app.kubernetes.io/name: "azure-cluster-autoscaler" app.kubernetes.io/managed-by: "Helm" - helm.sh/chart: "cluster-autoscaler-9.21.1" + helm.sh/chart: "cluster-autoscaler-9.23.0" name: cluster-autoscaler-azure namespace: kube-system spec: diff --git a/azure/deployments/azure-csi-node.yaml b/azure/deployments/azure-csi-node.yaml index 7d7c790..0769ae0 100644 --- a/azure/deployments/azure-csi-node.yaml +++ b/azure/deployments/azure-csi-node.yaml @@ -65,7 +65,7 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0 + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.8.0 args: - --csi-address=/csi/csi.sock - --probe-timeout=3s @@ -78,7 +78,7 @@ spec: cpu: 10m memory: 20Mi - name: node-driver-registrar - image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.6.2 args: - --csi-address=$(ADDRESS) - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) @@ -108,14 +108,15 @@ spec: cpu: 10m memory: 20Mi - name: azuredisk - image: mcr.microsoft.com/k8s/csi/azuredisk-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:v1.26.2 imagePullPolicy: IfNotPresent args: - - "--v=12" + - "--v=5" - "--endpoint=$(CSI_ENDPOINT)" - "--nodeid=$(KUBE_NODE_NAME)" - "--metrics-address=0.0.0.0:29605" - "--enable-perf-optimization=true" + - "--allow-empty-cloud-config=true" - "--get-node-info-from-labels=false" ports: - containerPort: 29603 diff --git a/azure/deployments/azure-csi.yaml b/azure/deployments/azure-csi.yaml index 70a22e6..5e957f5 100644 --- a/azure/deployments/azure-csi.yaml +++ b/azure/deployments/azure-csi.yaml @@ -225,17 +225,19 @@ spec: priorityClassName: system-cluster-critical containers: - name: csi-provisioner - image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v3.1.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v3.3.0 args: - "--feature-gates=Topology=true" - "--csi-address=$(ADDRESS)" - "--v=2" - - "--timeout=15s" + - "--timeout=30s" - "--leader-election" - "--leader-election-namespace=kube-system" - - "--worker-threads=40" + - "--worker-threads=100" - "--extra-create-metadata=true" - "--strict-topology=true" + - "--kube-api-qps=50" + - "--kube-api-burst=100" env: - name: ADDRESS value: /csi/csi.sock @@ -249,14 +251,16 @@ spec: cpu: 10m memory: 20Mi - name: csi-attacher - image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v3.4.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v4.0.0 args: - "-v=2" - "-csi-address=$(ADDRESS)" - - "-timeout=600s" + - "-timeout=1200s" - "-leader-election" - "--leader-election-namespace=kube-system" - "-worker-threads=500" + - "-kube-api-qps=50" + - "-kube-api-burst=100" env: - name: ADDRESS value: /csi/csi.sock @@ -289,7 +293,7 @@ spec: cpu: 10m memory: 20Mi - name: csi-resizer - image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.4.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.6.0 args: - "-csi-address=$(ADDRESS)" - "-v=2" @@ -311,7 +315,7 @@ spec: cpu: 10m memory: 20Mi - name: liveness-probe - image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0 + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.8.0 args: - --csi-address=/csi/csi.sock - --probe-timeout=3s @@ -327,10 +331,10 @@ spec: cpu: 10m memory: 20Mi - name: azuredisk - image: mcr.microsoft.com/k8s/csi/azuredisk-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:v1.26.2 imagePullPolicy: IfNotPresent args: - - "--v=4" + - "--v=5" - "--endpoint=$(CSI_ENDPOINT)" - "--metrics-address=0.0.0.0:29604" - "--user-agent-suffix=OSS-kubectl" diff --git a/azure/deployments/cilium-result.yaml b/azure/deployments/cilium-result.yaml index 8313bcb..81e1714 100644 --- a/azure/deployments/cilium-result.yaml +++ b/azure/deployments/cilium-result.yaml @@ -144,7 +144,7 @@ data: enable-host-firewall: "true" # List of devices used to attach bpf_host.o (implements BPF NodePort, # host-firewall and BPF masquerading) - devices: "eth+" + devices: "eth+ wg+" kube-proxy-replacement: "strict" kube-proxy-replacement-healthz-bind-address: "" @@ -551,7 +551,7 @@ spec: spec: containers: - name: cilium-agent - image: "quay.io/cilium/cilium:v1.12.5@sha256:06ce2b0a0a472e73334a7504ee5c5d8b2e2d7b72ef728ad94e564740dd505be5" + image: "quay.io/cilium/cilium:v1.12.6@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d" imagePullPolicy: IfNotPresent command: - cilium-agent @@ -686,7 +686,7 @@ spec: mountPath: /run/xtables.lock initContainers: - name: clean-cilium-state - image: "quay.io/cilium/cilium:v1.12.5@sha256:06ce2b0a0a472e73334a7504ee5c5d8b2e2d7b72ef728ad94e564740dd505be5" + image: "quay.io/cilium/cilium:v1.12.6@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d" imagePullPolicy: IfNotPresent command: - /init-container.sh @@ -813,14 +813,14 @@ spec: metadata: annotations: # ensure pods roll when configmap updates - cilium.io/cilium-configmap-checksum: "93ed3047796c548140dd014145d2cb313155de38c36595eb2f05f60856400ae5" + cilium.io/cilium-configmap-checksum: "5e23bd083a707099be04c9822a92e7ebf88fb85dff685037eca164fcf07a0662" labels: io.cilium/app: operator name: cilium-operator spec: containers: - name: cilium-operator - image: "quay.io/cilium/operator-generic:v1.12.5@sha256:b296eb7f0f7656a5cc19724f40a8a7121b7fd725278b7d61dc91fe0b7ffd7c0e" + image: "quay.io/cilium/operator-generic:v1.12.6@sha256:eec4430d222cb2967d42d3b404d2606e66468de47ae85e0a3ca3f58f00a5e017" imagePullPolicy: IfNotPresent command: - cilium-operator-generic diff --git a/azure/deployments/cilium.yaml b/azure/deployments/cilium.yaml index 8ffaf05..d822292 100644 --- a/azure/deployments/cilium.yaml +++ b/azure/deployments/cilium.yaml @@ -22,7 +22,7 @@ localRedirectPolicy: true tunnel: "vxlan" autoDirectNodeRoutes: false -devices: [eth+] +devices: [eth+,wg+] healthChecking: true