porkadot 0.18.1 → 0.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/hack/gen-storage-version-migrator.sh +7 -0
- data/hack/storage-version-migrator/kustomization.yaml +13 -0
- data/lib/porkadot/assets/kubelet/config.yaml.erb +1 -0
- data/lib/porkadot/assets/kubelet/install-pkgs.sh.erb +16 -1
- data/lib/porkadot/assets/kubelet/kubelet.service.erb +3 -1
- data/lib/porkadot/assets/kubernetes.rb +0 -1
- data/lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb +8 -1
- data/lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb +52 -431
- data/lib/porkadot/assets/kubernetes/manifests/kubelet-rubber-stamp.yaml.erb +1 -1
- data/lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb +1 -1
- data/lib/porkadot/assets/kubernetes/manifests/storage-version-migrator.yaml.erb +264 -237
- data/lib/porkadot/cmd/render/certs.rb +1 -1
- data/lib/porkadot/default.yaml +2 -2
- data/lib/porkadot/version.rb +1 -1
- metadata +4 -3
- data/lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb +0 -130
@@ -40,7 +40,7 @@ module Porkadot; module Cmd; module Render; module Certs
|
|
40
40
|
certs.apiserver_cert(true)
|
41
41
|
logger.info "--> Kubelet client key and certs"
|
42
42
|
certs.kubelet_client_key
|
43
|
-
certs.kubelet_client_cert
|
43
|
+
certs.kubelet_client_cert(true)
|
44
44
|
# logger.info "--> Bootstrap client key and certs"
|
45
45
|
# bootstrap_client_key = self.private_key(self.assets.k8s_bootstrap_key_path)
|
46
46
|
# self.client_cert(self.assets.k8s_bootstrap_cert_path, '/O=porkadot:node-bootstrappers/CN=node-bootstrapper', bootstrap_client_key, ca_cert, ca_key)
|
data/lib/porkadot/default.yaml
CHANGED
@@ -31,7 +31,7 @@ etcd:
|
|
31
31
|
extra_env: []
|
32
32
|
|
33
33
|
kubernetes:
|
34
|
-
kubernetes_version: v1.
|
34
|
+
kubernetes_version: v1.19.6
|
35
35
|
image_repository: k8s.gcr.io
|
36
36
|
|
37
37
|
networking:
|
@@ -102,7 +102,7 @@ kubernetes:
|
|
102
102
|
webhook:
|
103
103
|
cacheAuthorizedTTL: 0s
|
104
104
|
cacheUnauthorizedTTL: 0s
|
105
|
-
cgroupDriver:
|
105
|
+
cgroupDriver: systemd
|
106
106
|
clusterDNS: []
|
107
107
|
clusterDomain: cluster.local
|
108
108
|
cpuManagerReconcilePeriod: 0s
|
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: porkadot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTSUKA, Yuanying
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-06-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -113,6 +113,8 @@ files:
|
|
113
113
|
- config/porkadot.yaml
|
114
114
|
- config/unstable.yaml
|
115
115
|
- exe/porkadot
|
116
|
+
- hack/gen-storage-version-migrator.sh
|
117
|
+
- hack/storage-version-migrator/kustomization.yaml
|
116
118
|
- lib/porkadot.rb
|
117
119
|
- lib/porkadot/assets.rb
|
118
120
|
- lib/porkadot/assets/bootstrap.rb
|
@@ -153,7 +155,6 @@ files:
|
|
153
155
|
- lib/porkadot/assets/kubernetes/manifests/kubelet.yaml.erb
|
154
156
|
- lib/porkadot/assets/kubernetes/manifests/metallb.secrets.yaml.erb
|
155
157
|
- lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb
|
156
|
-
- lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb
|
157
158
|
- lib/porkadot/assets/kubernetes/manifests/porkadot.yaml.erb
|
158
159
|
- lib/porkadot/assets/kubernetes/manifests/storage-version-migrator.yaml.erb
|
159
160
|
- lib/porkadot/cmd.rb
|
@@ -1,130 +0,0 @@
|
|
1
|
-
<% k8s = global_config.k8s -%>
|
2
|
-
---
|
3
|
-
apiVersion: v1
|
4
|
-
kind: ServiceAccount
|
5
|
-
metadata:
|
6
|
-
name: pod-checkpointer
|
7
|
-
namespace: kube-system
|
8
|
-
---
|
9
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
10
|
-
kind: Role
|
11
|
-
metadata:
|
12
|
-
name: pod-checkpointer
|
13
|
-
namespace: kube-system
|
14
|
-
rules:
|
15
|
-
- apiGroups: [""] # "" indicates the core API group
|
16
|
-
resources: ["pods"]
|
17
|
-
verbs: ["get", "watch", "list"]
|
18
|
-
- apiGroups: [""] # "" indicates the core API group
|
19
|
-
resources: ["secrets", "configmaps"]
|
20
|
-
verbs: ["get"]
|
21
|
-
---
|
22
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
23
|
-
kind: RoleBinding
|
24
|
-
metadata:
|
25
|
-
name: pod-checkpointer
|
26
|
-
namespace: kube-system
|
27
|
-
roleRef:
|
28
|
-
apiGroup: rbac.authorization.k8s.io
|
29
|
-
kind: Role
|
30
|
-
name: pod-checkpointer
|
31
|
-
subjects:
|
32
|
-
- kind: ServiceAccount
|
33
|
-
name: pod-checkpointer
|
34
|
-
namespace: kube-system
|
35
|
-
---
|
36
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
37
|
-
kind: ClusterRole
|
38
|
-
metadata:
|
39
|
-
name: pod-checkpointer
|
40
|
-
rules:
|
41
|
-
- apiGroups: [""]
|
42
|
-
resources: ["nodes", "nodes/proxy"]
|
43
|
-
verbs: ["get"]
|
44
|
-
---
|
45
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
46
|
-
kind: ClusterRoleBinding
|
47
|
-
metadata:
|
48
|
-
name: pod-checkpointer
|
49
|
-
roleRef:
|
50
|
-
apiGroup: rbac.authorization.k8s.io
|
51
|
-
kind: ClusterRole
|
52
|
-
name: pod-checkpointer
|
53
|
-
subjects:
|
54
|
-
- kind: ServiceAccount
|
55
|
-
name: pod-checkpointer
|
56
|
-
namespace: kube-system
|
57
|
-
---
|
58
|
-
apiVersion: apps/v1
|
59
|
-
kind: DaemonSet
|
60
|
-
metadata:
|
61
|
-
name: pod-checkpointer
|
62
|
-
namespace: kube-system
|
63
|
-
labels:
|
64
|
-
tier: control-plane
|
65
|
-
k8s-app: pod-checkpointer
|
66
|
-
spec:
|
67
|
-
selector:
|
68
|
-
matchLabels:
|
69
|
-
tier: control-plane
|
70
|
-
k8s-app: pod-checkpointer
|
71
|
-
template:
|
72
|
-
metadata:
|
73
|
-
labels:
|
74
|
-
tier: control-plane
|
75
|
-
k8s-app: pod-checkpointer
|
76
|
-
annotations:
|
77
|
-
checkpointer.alpha.coreos.com/checkpoint: "true"
|
78
|
-
spec:
|
79
|
-
containers:
|
80
|
-
- name: pod-checkpointer
|
81
|
-
image: yuanying/pod-checkpointer:v0.18.0
|
82
|
-
command:
|
83
|
-
- /checkpoint
|
84
|
-
- --lock-file=/var/run/lock/pod-checkpointer.lock
|
85
|
-
- --kubeconfig=/etc/checkpointer/kubeconfig
|
86
|
-
- --checkpoint-grace-period=5m
|
87
|
-
env:
|
88
|
-
- name: NODE_NAME
|
89
|
-
valueFrom:
|
90
|
-
fieldRef:
|
91
|
-
fieldPath: spec.nodeName
|
92
|
-
- name: POD_NAME
|
93
|
-
valueFrom:
|
94
|
-
fieldRef:
|
95
|
-
fieldPath: metadata.name
|
96
|
-
- name: POD_NAMESPACE
|
97
|
-
valueFrom:
|
98
|
-
fieldRef:
|
99
|
-
fieldPath: metadata.namespace
|
100
|
-
imagePullPolicy: Always
|
101
|
-
volumeMounts:
|
102
|
-
- mountPath: /etc/checkpointer
|
103
|
-
name: kubeconfig
|
104
|
-
- mountPath: /etc/kubernetes
|
105
|
-
name: etc-kubernetes
|
106
|
-
- mountPath: /var/run
|
107
|
-
name: var-run
|
108
|
-
serviceAccountName: pod-checkpointer
|
109
|
-
hostNetwork: true
|
110
|
-
nodeSelector:
|
111
|
-
k8s.unstable.cloud/master: ""
|
112
|
-
restartPolicy: Always
|
113
|
-
tolerations:
|
114
|
-
- key: node-role.kubernetes.io/master
|
115
|
-
operator: Exists
|
116
|
-
effect: NoSchedule
|
117
|
-
volumes:
|
118
|
-
- name: kubeconfig
|
119
|
-
configMap:
|
120
|
-
name: kubeconfig-in-cluster
|
121
|
-
- name: etc-kubernetes
|
122
|
-
hostPath:
|
123
|
-
path: /etc/kubernetes
|
124
|
-
- name: var-run
|
125
|
-
hostPath:
|
126
|
-
path: /var/run
|
127
|
-
updateStrategy:
|
128
|
-
rollingUpdate:
|
129
|
-
maxUnavailable: 1
|
130
|
-
type: RollingUpdate
|