From a43e0d3f95d3e3b1eaf66b125b1f5603f896606b Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Wed, 2 Oct 2019 12:21:07 +0300 Subject: [PATCH] Switch to Kubernetes v1.16.0 (#5189) * Switch to Kubernetes v1.16.0 Change-Id: I5d6a9528b2d443750fc5e031aff15ad3ffead158 * Fix download localhost cached file path Change-Id: I65e79b70e3d1b37265ebc60f41b460cf4b0a0d47 * fix kubeadm etcd for v1.16 Change-Id: I6888a00fd48b530a38b0b31c4095492476af42d2 * disable tf packet jobs Change-Id: I075c4666547fdea4c50ec04864f38e2cfaa79154 * Disable contiv packet jobs. Fix kube-router Change-Id: I3170e8789e60711d4cee8faf65f2094480b79b8d * bump sonobuoy version Change-Id: Ib946905629c7c53ed88f08fb2f41c454457a0097 --- .ansible-lint | 1 + .gitlab-ci/packet.yml | 9 +-- .gitlab-ci/terraform.yml | 54 ++++++++-------- README.md | 2 +- .../group_vars/k8s-cluster/k8s-cluster.yml | 2 +- roles/download/defaults/main.yml | 64 ++++--------------- roles/download/tasks/download_file.yml | 2 +- roles/download/tasks/sync_file.yml | 2 +- roles/kubernetes/client/tasks/main.yml | 16 ----- .../kubeadm/tasks/kubeadm_etcd_node.yml | 11 +--- roles/kubernetes/kubeadm/tasks/main.yml | 1 - .../tasks/kubeadm-secondary-experimental.yml | 10 --- .../kubernetes/master/tasks/kubeadm-setup.yml | 10 --- .../master/tasks/kubeadm-version.yml | 5 -- .../templates/kubeadm-config.v1beta1.yaml.j2 | 2 - .../templates/kubeadm-config.v1beta2.yaml.j2 | 2 - roles/kubernetes/node/tasks/kubelet.yml | 2 +- .../preinstall/tasks/0020-verify-settings.yml | 6 -- roles/kubespray-defaults/defaults/main.yaml | 4 +- .../kube-router/templates/kube-router.yml.j2 | 1 + tests/testcases/100_check-k8s-conformance.yml | 2 +- 21 files changed, 55 insertions(+), 153 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 355e79e0c..edf8b7904 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -5,6 +5,7 @@ skip_list: # The following rules throw errors. # These either still need to be corrected in the repository and the rules re-enabled or documented why they are skipped on purpose. - '301' + - '302' - '305' - '306' - '404' diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/packet.yml index a7a361327..b7586d55e 100644 --- a/.gitlab-ci/packet.yml +++ b/.gitlab-ci/packet.yml @@ -61,10 +61,11 @@ packet_ubuntu-flannel-ha: <<: *packet when: manual -packet_ubuntu-contiv-sep: - stage: deploy-part2 - <<: *packet - when: on_success +# Contiv does not work in k8s v1.16 +# packet_ubuntu-contiv-sep: +# stage: deploy-part2 +# <<: *packet +# when: on_success packet_ubuntu18-cilium-sep: stage: deploy-special diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml index 3a34bc048..5bdb33ef7 100644 --- a/.gitlab-ci/terraform.yml +++ b/.gitlab-ci/terraform.yml @@ -66,33 +66,33 @@ tf-validate-aws: PROVIDER: aws CLUSTER: $CI_COMMIT_REF_NAME -tf-packet-ubuntu16-default: - extends: .terraform_apply - variables: - TF_VERSION: 0.11.11 - PROVIDER: packet - CLUSTER: $CI_COMMIT_REF_NAME - TF_VAR_number_of_k8s_masters: "1" - TF_VAR_number_of_k8s_nodes: "1" - TF_VAR_plan_k8s_masters: t1.small.x86 - TF_VAR_plan_k8s_nodes: t1.small.x86 - TF_VAR_facility: ewr1 - TF_VAR_public_key_path: "" - TF_VAR_operating_system: ubuntu_16_04 - -tf-packet-ubuntu18-default: - extends: .terraform_apply - variables: - TF_VERSION: 0.11.11 - PROVIDER: packet - CLUSTER: $CI_COMMIT_REF_NAME - TF_VAR_number_of_k8s_masters: "1" - TF_VAR_number_of_k8s_nodes: "1" - TF_VAR_plan_k8s_masters: t1.small.x86 - TF_VAR_plan_k8s_nodes: t1.small.x86 - TF_VAR_facility: ams1 - TF_VAR_public_key_path: "" - TF_VAR_operating_system: ubuntu_18_04 +# tf-packet-ubuntu16-default: +# extends: .terraform_apply +# variables: +# TF_VERSION: 0.11.11 +# PROVIDER: packet +# CLUSTER: $CI_COMMIT_REF_NAME +# TF_VAR_number_of_k8s_masters: "1" +# TF_VAR_number_of_k8s_nodes: "1" +# TF_VAR_plan_k8s_masters: t1.small.x86 +# TF_VAR_plan_k8s_nodes: t1.small.x86 +# TF_VAR_facility: ewr1 +# TF_VAR_public_key_path: "" +# TF_VAR_operating_system: ubuntu_16_04 +# +# tf-packet-ubuntu18-default: +# extends: .terraform_apply +# variables: +# TF_VERSION: 0.11.11 +# PROVIDER: packet +# CLUSTER: $CI_COMMIT_REF_NAME +# TF_VAR_number_of_k8s_masters: "1" +# TF_VAR_number_of_k8s_nodes: "1" +# TF_VAR_plan_k8s_masters: t1.small.x86 +# TF_VAR_plan_k8s_nodes: t1.small.x86 +# TF_VAR_facility: ams1 +# TF_VAR_public_key_path: "" +# TF_VAR_operating_system: ubuntu_18_04 .ovh_variables: &ovh_variables OS_AUTH_URL: https://auth.cloud.ovh.net/v3 diff --git a/README.md b/README.md index 80b31c853..cce62222a 100644 --- a/README.md +++ b/README.md @@ -109,7 +109,7 @@ Supported Components -------------------- - Core - - [kubernetes](https://github.com/kubernetes/kubernetes) v1.15.3 + - [kubernetes](https://github.com/kubernetes/kubernetes) v1.16.0 - [etcd](https://github.com/coreos/etcd) v3.3.10 - [docker](https://www.docker.com/) v18.06 (see note) - [cri-o](http://cri-o.io/) v1.14.0 (experimental: see [CRI-O Note](docs/cri-o.md). Only on centos based OS) diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml index 09a378bf1..2913b845a 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml @@ -20,7 +20,7 @@ kube_users_dir: "{{ kube_config_dir }}/users" kube_api_anonymous_auth: true ## Change this to use another Kubernetes version, e.g. a current beta release -kube_version: v1.15.3 +kube_version: v1.16.0 # kubernetes image repo define kube_image_repo: "gcr.io/google-containers" diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index cf5754d6d..cf10a88b2 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -49,7 +49,7 @@ download_delegate: "{% if download_localhost %}localhost{% else %}{{ groups['kub image_arch: "{{host_architecture | default('amd64')}}" # Versions -kube_version: v1.15.3 +kube_version: v1.16.0 kubeadm_version: "{{ kube_version }}" etcd_version: v3.3.10 @@ -85,7 +85,7 @@ kube_ovn_version: "v0.6.0" kube_router_version: "v0.2.5" multus_version: "v3.2.1" -crictl_version: "v1.15.0" +crictl_version: "v1.16.0" # Download URLs kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/{{ image_arch }}/kubeadm" @@ -97,99 +97,57 @@ crictl_download_url: "https://github.com/kubernetes-sigs/cri-tools/releases/down crictl_checksums: arm: + v1.16.0: 331c49bd9196009b8230f7a36ec272924a7bcf4c1614ecddf0eb9598c787da0e v1.15.0: f31f8c3b4791608a48d030d1aa1a694a73849ae057b23a90ce4ef17e5afde9e8 v1.14.0: 9910cecfd6558239ba015323066c7233d8371af359b9ddd0b2a35d5223bcf945 - v1.13.0: 2e478ebed85f9d70d49fd8f1d1089c8fba6e37d3461aeef91813f1ab0f0df586 arm64: + v1.16.0: aa118c31d6f6fd2d24bb2de4a33598a14a5952e1d01f93d5c3267c2b5334743b v1.15.0: 785c3da7e058f6fd00b0a48de24b9199eb6bae940d13f509c44ea6dd7ad9ffcd v1.14.0: f76b3d00a272c8d210e9a45f77d07d3770bee310d99c4fd9a72d6f55278882e5 - v1.13.0: 68949c0cb5a37e7604c145d189cf1e109c08c93d9c710ba663db026b9c6f2746 amd64: + v1.16.0: a3eefa10a483c643ad85aee3d7832a720976ef7e80dde46b212eaaacd7d09512 v1.15.0: c3b71be1f363e16078b51334967348aab4f72f46ef64a61fe7754e029779d45a v1.14.0: 483c90a9fe679590df4332ba807991c49232e8cd326c307c575ecef7fe22327b - v1.13.0: 9bdbea7a2b382494aff2ff014da328a042c5aba9096a7772e57fdf487e5a1d51 # Checksums hyperkube_checksums: arm: - v1.16.0-beta.2: 2b64ef9e8e2f92b72352cc7ab95b416407f4fca9ed1a5020aeeb6a3777bd16ed + v1.16.0: 4f2e4ffcf7b7f40c70c637c7be9dd51cd1ee29763696011149f315e90339330b v1.15.3: 100d8bddb29e77397b90e6dfbcf0af2d901a90ea4bde90b83b5a39f394c3900b v1.15.2: eeaa8e071541c7bcaa186ff1d2919d076b27ef70c9e9df70f910756eba55dc99 v1.15.1: fc5af96fd9341776d84c38675be7b8045dee20af327af9331972c422a4109918 v1.15.0: d923c781031bfd97d0fbe50311e4d7c3616aa5b6d466b99049931f09d73d07b9 - v1.14.6: 93d35b16785e71f6a38e9a54ddf1aca08c924b0f49e5f99ea8ccaff59bd9721b - v1.14.5: 860b84dd32611a6008fe20fb998a2fc0a25ff44067eae556224827d05429c91e - v1.14.4: 429a10369b2ef35a9c2d662347277339d53fa66ef55ffeabcc7d9b850e31056d - v1.14.3: 3fac785261bcf79f7a80b12c4a1dda893ce8c0879caf57b36d4701730671b574 - v1.14.2: 6929a59850c8702c04d62cd343d1143b17456da040f32317e09f8c25a08d2346 - v1.14.1: 839a4abfeafbd5f5ab057ad0e8a0b0b488b3cde14a646eba040a7f579875f565 - v1.14.0: d090b1da23564a7e9bb8f1f4264f2116536c52611ae203fe2ca13eaad0a8003e arm64: - v1.16.0-beta.2: 0f1e694db5c75cff526c6c066e618c43e83384c36d4e38cf1ac6e9baf71b38d4 + v1.16.0: 0431fff5b32042369a3f233afb7b3adcda7ae5446f31700819ed986f3624bc69 v1.15.3: 1e3e70b8d1e8ebc642f2801d9c7938a27764dfb2f5aea432ab4326d43c04a1f5 v1.15.2: c4cf69f52c7013faee9d54e0f376e0732a4a7b0f7ffc7241e9b7e28bad0ac77f v1.15.1: 80ed372c5f6c5178df88616175310057c06bdc9d0905953814a1927eb3aaa657 v1.15.0: 824af7d925b87a5ade63575b98b59ee81005fc76eac1dc399602308d7a60bc3c - v1.14.6: 97646bffe61e54a0c6f61d68b5625ec2e98d8b9d04cec2c8382266e437835e93 - v1.14.5: 90c77847d64eb857c8e686e8593fe7a9e505bcbf960b0407217255827a9da59a - v1.14.4: 9e0b4fde88a07c705e0937cd3161392684e3ca08535d14a99ae3b86bbf4c56b3 - v1.14.3: f29211d668cbcf1aa415dfa64aad95ffc53b5410482a23cddb680caec4e907a3 - v1.14.2: 959fb7d9c17fc8f7cb1a69920aaf08aefd62c0fbf6b5bdc46250f147ea6a5cd4 - v1.14.1: d5236efc2547fd07c7cc2ed9345dfbcd1204385847ca686cf1c62d15056de399 - v1.14.0: 708e00a41f6516d525dee00c91ebe3c3bf2feaf9b7f0af7689487e3e17e356c2 amd64: - v1.16.0-beta.2: 2f05aba15c163883a610681a563d89fd7adf10cb70b90cdb6760f00f8d023a4b + v1.16.0: 00b54ca779db1749ed714b19bb2b9a0333b39048af134f9199e4a5441c1b8324 v1.15.3: 3685c65b4fb85d552f77346900affc2e9a1bc997b4cd3dde0e705fd8c1d9be7a v1.15.2: ab885606438748eb89a7738e219f5353d94c40c63a4935a539ce89760280f065 v1.15.1: 22b7b1e7f5f2a452d62e0ca4c2cba67119c51e04219aaeaf8452825f9177069e v1.15.0: 3cc72cc58517b97c608c7a59a20255675bc70f07217c9e11e58cac7746139283 - v1.14.6: 4f9a8984985786797fa3353961ba2b58f50235581c9b5978130fbb4199005538 - v1.14.5: 2c3410518980b8705ba9b7b708076a206f2bde37cb8bf5ba8f15c32c697f4d97 - v1.14.4: 5f31434f3a884257a7b0e3178fc869720a7526c8637af5713d23433ddf2592dd - v1.14.3: 6c6cb5c118b2129ba4e56697f42567be3587eb636a477cd342b69f87b3b049d1 - v1.14.2: 05546057f2053e085fa8387ab82581c95fe4195cd783408ccbb4fc3487c50176 - v1.14.1: fb34b98da9325feca8daa09bb934dbe6a533aad69c2a5599bbed81b99bb9c267 - v1.14.0: af8b04504365dbe4ce6a1772f42eb390d4221a21149b522fc8a0c4b1cd3d97aa kubeadm_checksums: arm: - v1.16.0-beta.2: 6cf8b364b40aba09e1aaa4ed873d90df2b17725dafa78252470777df9404a736 + v1.16.0: 6c666958e11b7d4513adecb3107c885c98bdc79f38d369c9f80eaaeae4ddfe66 v1.15.3: 6c6fa56810908b5be83882094ea199844edc94b7e969160623c86512d9251c06 v1.15.2: 4b35ad0031c08a83de7c8d9f9bbed6a30d93a5c74e16ea9e6211ad2e0e12bdd1 v1.15.1: 855abd520291dcef0577a1a2ef87a70f522fd2b22603a12abcd86c2f7ec9c022 v1.15.0: 9464030a1d4e101de5f47348f3514d5a9eb95cbce2e5e31f53ada1ca485cf75e - v1.14.6: 6283ac962d02714e962e4f206c6bc8d6be58f5c9a12d2918aaa2fac7f73add09 - v1.14.5: 0bb551f7468de2fa6f98ce60653495327be052364ac9f9e8917a4d1ad864412b - v1.14.4: 36835488d7187406690ee6aa4b3c9c54855cb5c55d786d0574a508b955fe3a46 - v1.14.3: 270b8c346aeaa309d11d65695c4a90f6bff5b1ea14bdec3c417ca2dfb3de0db3 - v1.14.2: d2a59269aa68a4bace2a80b247b6f9a82f0542ec3004185fb0ba86e181fdfb29 - v1.14.1: 4bd111411208f1270ed3af8780b87d24a3c17c9fdbe4b0f8c7a9a21cd765543e - v1.14.0: 11f2cfa8bf7ee177dbac8073ab0f039dc265536baaa8dc0c4dea699f981f6fd1 arm64: - v1.16.0-beta.2: 0e3ae66f2f57a18eb363af1d49a22b35a24e32bf36af5ef630aa5ceeedc9feed + v1.16.0: 9a1d21bfb6bd15697ac010665e5917a5364b340d5b60f2f0302c179d75da0f3f v1.15.3: 6f472bc8ab1ba3d76448bd45b200edef96741e5affde8dc1429300af3a4904d8 v1.15.2: d3b6ee2048b366726ca366d2db4c46b2cacc38e8ec09cc35781d16593753d930 v1.15.1: 44fbfad0f1026d249fc4f365f1e9562cd52d75360d4d1032731122ba5a4d57dc v1.15.0: fe3c79070814fe847a23209b1027672fe5c5e7e5c9611e329225058926836f96 - v1.14.6: d935de033e7442ce5f8a35294fa890b884454d0482a9cf136c4abacd8c6ec165 - v1.14.5: 7dd1195d16980c4c888d13e49d97c3513f668e192bf2778bc0f0516e0f7fe2ac - v1.14.4: 60745b3ac761d3aa55ab9a24677ecf4e7f48b5abed34c725047a174456e5a79b - v1.14.3: 8edcc07c65f81eea3fc47cd237dd6560c6907c5e0ca52d71eab53ca1164e7d01 - v1.14.2: bff0712b87796509129aa802ad3ac25b8cc83af01762b22b4dcca8dbdb26b520 - v1.14.1: 5cf05464168e45ee4719264a267c65f9319fae1ceb9923fedab97a9d6a629e0b - v1.14.0: 7ed9d706e50cd6d3fc618a7af3d19b691b8a5343ddedaeccb4ea09af3ecfae2c amd64: - v1.16.0-beta.2: bba224360cfb4e6471f84523fcc954951c05c0fef0a4311a07e76f306cadebf1 + v1.16.0: 18f30d65fb05148c73cc07c77a83f4a2427379af493ca9f60eda42239409e7ef v1.15.3: ec56a00bc8d9ec4ac2b081a3b2127d8593daf3b2c86560cf9e6cba5ada2d5a80 v1.15.2: fe2a13a1dea73249560ea44ab54c0359a9722e9c66832f6bcad86798438cba2f v1.15.1: 3d42441ae177826f1181e559cd2a729464ca8efadef196cfa0e8053a615333b5 v1.15.0: fc4aa44b96dc143d7c3062124e25fed671cab884ebb8b2446edd10abb45e88c2 - v1.14.6: 4ef6030ab059ed434702c003975273dc855c370c4fcdae1109a3bb137c16ecb9 - v1.14.5: b3e840f7816f64e071d25f8a90b984eecd6251b68e568b420d85ef0a4dd514bb - v1.14.4: 291790a1cef82c4de28cc3338a199ca8356838ca26f775f2c2acba165b633d9f - v1.14.3: 026700dfff3c78be1295417e96d882136e5e1f095eb843e6575e57ef9930b5d3 - v1.14.2: 77510f61352bb6e537e70730b670627963f2c314fbd36a644b0c435b97e9705a - v1.14.1: c4fc478572b5623857f5d820e1c107ae02049ca02cf2993e512a091a0196957b - v1.14.0: 03678f49ee4737f8b8c4f59ace0d140a36ffbc4f6035c59561f59f45b57d0c93 etcd_binary_checksums: # Etcd does not have arm32 builds at the moment, having some dummy value is diff --git a/roles/download/tasks/download_file.yml b/roles/download/tasks/download_file.yml index 45fc43dcb..2b2290855 100644 --- a/roles/download/tasks/download_file.yml +++ b/roles/download/tasks/download_file.yml @@ -7,7 +7,7 @@ - name: download_file | Set pathname of cached file set_fact: - file_path_cached: "{{ download_cache_dir }}/{{ download.dest | regex_replace('^\\/', '') }}" + file_path_cached: "{{ download_cache_dir }}/{{ download.dest | basename }}" tags: - facts diff --git a/roles/download/tasks/sync_file.yml b/roles/download/tasks/sync_file.yml index da28f92d2..2e6bc5189 100644 --- a/roles/download/tasks/sync_file.yml +++ b/roles/download/tasks/sync_file.yml @@ -6,7 +6,7 @@ - name: download_file | Set pathname of cached file set_fact: - file_path_cached: "{{ download_cache_dir }}/{{ download.dest | regex_replace('^\\/', '') }}" + file_path_cached: "{{ download_cache_dir }}/{{ download.dest | basename }}" tags: - facts diff --git a/roles/kubernetes/client/tasks/main.yml b/roles/kubernetes/client/tasks/main.yml index ee2a48053..833b05a02 100644 --- a/roles/kubernetes/client/tasks/main.yml +++ b/roles/kubernetes/client/tasks/main.yml @@ -49,32 +49,16 @@ # NOTE(mattymo): Please forgive this workaround - name: Generate admin kubeconfig with external api endpoint shell: >- - {% if kubeadm_version is version('v1.14.0', '>=') %} mkdir -p {{ kube_config_dir }}/external_kubeconfig && - {% endif %} {{ bin_dir }}/kubeadm - {% if kubeadm_version is version('v1.14.0', '>=') %} init phase - {% elif kubeadm_version is version('v1.13.0', '>=') %} - alpha - {% else %} - alpha phase - {% endif %} - {% if kubeadm_version is version('v1.14.0', '>=') %} kubeconfig admin --kubeconfig-dir {{ kube_config_dir }}/external_kubeconfig - {% else %} - kubeconfig user - --client-name kubernetes-admin - --org system:masters - {% endif %} --cert-dir {{ kube_cert_dir }} --apiserver-advertise-address {{ external_apiserver_address }} --apiserver-bind-port {{ external_apiserver_port }} - {% if kubeadm_version is version('v1.14.0', '>=') %} >/dev/null && cat {{ kube_config_dir }}/external_kubeconfig/admin.conf && rm -rf {{ kube_config_dir }}/external_kubeconfig - {% endif %} environment: "{{ proxy_env }}" run_once: yes register: admin_kubeconfig diff --git a/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml b/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml index ff959274d..322a34a17 100644 --- a/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml +++ b/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml @@ -4,14 +4,7 @@ {{ bin_dir }}/kubeadm init phase --config {{ kube_config_dir }}/kubeadm-config.yaml upload-certs - {% if kubeadm_version is version('v1.15.0', '<') %} - --experimental-upload-certs - {% else %} --upload-certs - {% endif %} - {% if kubeadm_certificate_key is defined and kubeadm_version is version('v1.15.0', '<') %} - --certificate-key={{ kubeadm_certificate_key }} - {% endif %} register: kubeadm_upload_cert delegate_to: "{{ groups['kube-master'][0] }}" when: kubeadm_etcd_refresh_cert_key @@ -27,14 +20,14 @@ {{ bin_dir }}/kubeadm join phase control-plane-prepare download-certs --certificate-key {{ kubeadm_certificate_key }} - --experimental-control-plane + --control-plane --token {{ kubeadm_token }} --discovery-token-unsafe-skip-ca-verification {{ kubeadm_discovery_address }} && {{ bin_dir }}/kubeadm join phase control-plane-prepare certs - --experimental-control-plane + --control-plane --token {{ kubeadm_token }} --discovery-token-unsafe-skip-ca-verification {{ kubeadm_discovery_address }} diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml index d749e7956..96b635a8f 100644 --- a/roles/kubernetes/kubeadm/tasks/main.yml +++ b/roles/kubernetes/kubeadm/tasks/main.yml @@ -42,7 +42,6 @@ kubeadm_token: "{{ temp_token.stdout }}" when: kubeadm_token is not defined - - name: gets the kubeadm version command: "{{ bin_dir }}/kubeadm version -o short" register: kubeadm_output diff --git a/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml b/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml index def03249e..add7d7e4f 100644 --- a/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml +++ b/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml @@ -15,14 +15,7 @@ {{ bin_dir }}/kubeadm init phase --config {{ kube_config_dir }}/kubeadm-config.yaml upload-certs - {% if kubeadm_version is version('v1.15.0', '<') %} - --experimental-upload-certs - {% else %} --upload-certs - {% endif %} - {% if kubeadm_certificate_key is defined and kubeadm_version is version('v1.15.0', '<') %} - --certificate-key={{ kubeadm_certificate_key }} - {% endif %} register: kubeadm_upload_cert when: - inventory_hostname == groups['kube-master']|first @@ -60,9 +53,6 @@ {{ bin_dir }}/kubeadm join --config {{ kube_config_dir }}/kubeadm-controlplane.yaml --ignore-preflight-errors=all - {% if kubeadm_certificate_key is defined and kubeadm_version is version('v1.15.0', '<') %} - --certificate-key={{ kubeadm_certificate_key }} - {% endif %} register: kubeadm_join_control_plane retries: 3 until: kubeadm_join_control_plane is succeeded diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml index 3cbd2feb8..b5bc2882b 100644 --- a/roles/kubernetes/master/tasks/kubeadm-setup.yml +++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml @@ -110,16 +110,7 @@ --config={{ kube_config_dir }}/kubeadm-config.yaml --ignore-preflight-errors=all --skip-phases=addon/coredns - {% if kubeadm_version is version('v1.14.0', '>=') %} - {% if kubeadm_version is version('v1.15.0', '<') %} - --experimental-upload-certs - {% if kubeadm_certificate_key is defined and kubeadm_version is version('v1.15.0', '<') %} - --certificate-key={{ kubeadm_certificate_key }} - {% endif %} - {% else %} --upload-certs - {% endif %} - {% endif %} register: kubeadm_init # Retry is because upload config sometimes fails retries: 3 @@ -135,7 +126,6 @@ kubeadm_certificate_key: "{{ item | regex_search('--certificate-key ([^ ]+)','\\1') | first }}" with_items: "{{ hostvars[groups['kube-master'][0]]['kubeadm_init'].stdout_lines | default([]) }}" when: - - kubeadm_version is version('v1.14.0', '>=') - kubeadm_certificate_key is not defined - item | trim | match('.*--certificate-key .*') diff --git a/roles/kubernetes/master/tasks/kubeadm-version.yml b/roles/kubernetes/master/tasks/kubeadm-version.yml index 4947a85d8..9da44b9ad 100644 --- a/roles/kubernetes/master/tasks/kubeadm-version.yml +++ b/roles/kubernetes/master/tasks/kubeadm-version.yml @@ -3,11 +3,6 @@ command: "{{ bin_dir }}/kubeadm version -o short" register: kubeadm_output -- name: sets kubeadm api version to v1beta1 - set_fact: - kubeadmConfig_api_version: v1beta1 - when: kubeadm_output.stdout is version('v1.13.0', '>=') - - name: sets kubeadm api version to v1beta2 set_fact: kubeadmConfig_api_version: v1beta2 diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 index 961ab5b88..46f47799b 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 @@ -322,9 +322,7 @@ ipvs: minSyncPeriod: {{ kube_proxy_min_sync_period }} scheduler: {{ kube_proxy_scheduler }} syncPeriod: {{ kube_proxy_sync_period }} -{% if kube_version is version('v1.14.2', '>=') %} strictARP: {{ kube_proxy_strict_arp }} -{% endif %} metricsBindAddress: {{ kube_proxy_metrics_bind_address }} mode: {{ kube_proxy_mode }} nodePortAddresses: {{ kube_proxy_nodeport_addresses }} diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 index 1f3031430..dea57826b 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 @@ -324,9 +324,7 @@ ipvs: minSyncPeriod: {{ kube_proxy_min_sync_period }} scheduler: {{ kube_proxy_scheduler }} syncPeriod: {{ kube_proxy_sync_period }} -{% if kube_version is version('v1.14.2', '>=') %} strictARP: {{ kube_proxy_strict_arp }} -{% endif %} metricsBindAddress: {{ kube_proxy_metrics_bind_address }} mode: {{ kube_proxy_mode }} nodePortAddresses: {{ kube_proxy_nodeport_addresses }} diff --git a/roles/kubernetes/node/tasks/kubelet.yml b/roles/kubernetes/node/tasks/kubelet.yml index fe785a6d6..2ba359fea 100644 --- a/roles/kubernetes/node/tasks/kubelet.yml +++ b/roles/kubernetes/node/tasks/kubelet.yml @@ -57,4 +57,4 @@ enabled: yes state: started tags: - - kubelet \ No newline at end of file + - kubelet diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml index 829061602..6ff736622 100644 --- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml +++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml @@ -241,12 +241,6 @@ when: resolvconf_mode is defined run_once: true -- name: Stop if k8s version is too low for kubeadm etcd mode - assert: - that: kube_version is version('v1.14.0', '>=') - msg: "kubeadm etcd mode requires k8s version >= v1.14.0" - when: etcd_kubeadm_enabled - - name: Stop if kubeadm etcd mode is enabled but experimental control plane is not assert: that: kubeadm_control_plane diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index 5bc285a7f..720473030 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -12,10 +12,10 @@ is_atomic: false disable_swap: true ## Change this to use another Kubernetes version, e.g. a current beta release -kube_version: v1.15.3 +kube_version: v1.16.0 ## The minimum version working -kube_version_min_required: v1.14.0 +kube_version_min_required: v1.15.0 # use HyperKube image to control plane containers kubeadm_use_hyperkube_image: False diff --git a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 b/roles/network_plugin/kube-router/templates/kube-router.yml.j2 index 5bf07ea58..687af0fb9 100644 --- a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 +++ b/roles/network_plugin/kube-router/templates/kube-router.yml.j2 @@ -10,6 +10,7 @@ data: cni-conf.json: | { "name":"kubernetes", + "cniVersion": "0.2.0", "type":"bridge", "bridge":"kube-bridge", "isDefaultGateway":true, diff --git a/tests/testcases/100_check-k8s-conformance.yml b/tests/testcases/100_check-k8s-conformance.yml index 72bcfb2f0..f1b372f9e 100644 --- a/tests/testcases/100_check-k8s-conformance.yml +++ b/tests/testcases/100_check-k8s-conformance.yml @@ -1,7 +1,7 @@ --- - hosts: kube-master[0] vars: - sonobuoy_version: 0.15.0 + sonobuoy_version: 0.16.0 sonobuoy_arch: amd64 sonobuoy_parallel: 30 sonobuoy_path: /usr/local/bin/sonobuoy