porkadot 0.2.0 → 0.19.0

data/lib/porkadot/cmd/render/certs.rb

@@ -40,7 +40,7 @@ module Porkadot; module Cmd; module Render; module Certs
       certs.apiserver_cert(true)
       logger.info "--> Kubelet client key and certs"
       certs.kubelet_client_key
-      certs.kubelet_client_cert
+      certs.kubelet_client_cert(true)
       # logger.info "--> Bootstrap client key and certs"
       # bootstrap_client_key = self.private_key(self.assets.k8s_bootstrap_key_path)
       # self.client_cert(self.assets.k8s_bootstrap_cert_path, '/O=porkadot:node-bootstrappers/CN=node-bootstrapper', bootstrap_client_key, ca_cert, ca_key)

data/lib/porkadot/configs/certs.rb

@@ -5,7 +5,7 @@ module Porkadot; module Configs
   module CertsUtils
 
     def certs_root_dir
-      File.join(self.config.assets_dir, 'certs')
+      File.join(self.config.secrets_root_dir, 'certs')
     end
 
     def ipaddr?(addr)

data/lib/porkadot/configs/certs/k8s.rb

@@ -33,6 +33,12 @@ module Porkadot; module Configs; class Certs
         DNS:kubernetes.default
         DNS:kubernetes.default.svc
         DNS:kubernetes.default.svc.#{self.config.k8s.networking.dns_domain}
+        DNS:porkadot-kubernetes
+        DNS:porkadot-kubernetes.kube-system
+        DNS:porkadot-kubernetes.kube-system.svc
+        DNS:porkadot-kubernetes-latest
+        DNS:porkadot-kubernetes-latest.kube-system
+        DNS:porkadot-kubernetes-latest.kube-system.svc
         DNS:localhost
         IP:#{self.config.k8s.networking.kubernetes_ip}
         IP:127.0.0.1

data/lib/porkadot/configs/kubernetes.rb

@@ -56,6 +56,7 @@ module Porkadot; module Configs
           "#{RECOMMENDED_LABEL_PREFIX}/version": self.config.k8s.kubernetes_version,
           "#{RECOMMENDED_LABEL_PREFIX}/part-of": 'kubernetes',
           "#{RECOMMENDED_LABEL_PREFIX}/managed-by": 'porkadot',
+          "k8s-app": self.component_name,
         })
       end
 

data/lib/porkadot/default.yaml

@@ -27,10 +27,11 @@ lb:
 
 etcd:
   image_repository: gcr.io/etcd-development/etcd
-  image_tag: v3.3.10
+  image_tag: v3.4.3
+  extra_env: []
 
 kubernetes:
-  kubernetes_version: v1.17.3
+  kubernetes_version: v1.19.6
   image_repository: k8s.gcr.io
 
   networking:
@@ -101,7 +102,7 @@ kubernetes:
         webhook:
           cacheAuthorizedTTL: 0s
           cacheUnauthorizedTTL: 0s
-      cgroupDriver: cgroupfs
+      cgroupDriver: systemd
       clusterDNS: []
       clusterDomain: cluster.local
       cpuManagerReconcilePeriod: 0s

data/lib/porkadot/version.rb

@@ -1,3 +1,3 @@
 module Porkadot
-  VERSION = "0.2.0"
+  VERSION = "0.19.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: porkadot
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.19.0
 platform: ruby
 authors:
 - OTSUKA, Yuanying
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-05 00:00:00.000000000 Z
+date: 2021-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -113,6 +113,8 @@ files:
 - config/porkadot.yaml
 - config/unstable.yaml
 - exe/porkadot
+- hack/gen-storage-version-migrator.sh
+- hack/storage-version-migrator/kustomization.yaml
 - lib/porkadot.rb
 - lib/porkadot/assets.rb
 - lib/porkadot/assets/bootstrap.rb
@@ -140,6 +142,8 @@ files:
 - lib/porkadot/assets/kubelet/kubelet.service.erb
 - lib/porkadot/assets/kubernetes.rb
 - lib/porkadot/assets/kubernetes/install.sh.erb
+- lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb
+- lib/porkadot/assets/kubernetes/manifests/dns-horizontal-autoscaler.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/kube-apiserver.secrets.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/kube-apiserver.yaml.erb
@@ -149,9 +153,10 @@ files:
 - lib/porkadot/assets/kubernetes/manifests/kube-scheduler.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/kubelet-rubber-stamp.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/kubelet.yaml.erb
+- lib/porkadot/assets/kubernetes/manifests/metallb.secrets.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb
-- lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb
 - lib/porkadot/assets/kubernetes/manifests/porkadot.yaml.erb
+- lib/porkadot/assets/kubernetes/manifests/storage-version-migrator.yaml.erb
 - lib/porkadot/cmd.rb
 - lib/porkadot/cmd/cli.rb
 - lib/porkadot/cmd/install.rb

data/lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb

@@ -1,130 +0,0 @@
-<% k8s = global_config.k8s -%>
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
-rules:
-- apiGroups: [""] # "" indicates the core API group
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""] # "" indicates the core API group
-  resources: ["secrets", "configmaps"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: pod-checkpointer
-subjects:
-- kind: ServiceAccount
-  name: pod-checkpointer
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pod-checkpointer
-rules:
-  - apiGroups: [""]
-    resources: ["nodes", "nodes/proxy"]
-    verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: pod-checkpointer
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: pod-checkpointer
-subjects:
-- kind: ServiceAccount
-  name: pod-checkpointer
-  namespace: kube-system
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
-  labels:
-    tier: control-plane
-    k8s-app: pod-checkpointer
-spec:
-  selector:
-    matchLabels:
-      tier: control-plane
-      k8s-app: pod-checkpointer
-  template:
-    metadata:
-      labels:
-        tier: control-plane
-        k8s-app: pod-checkpointer
-      annotations:
-        checkpointer.alpha.coreos.com/checkpoint: "true"
-    spec:
-      containers:
-      - name: pod-checkpointer
-        image: quay.io/coreos/pod-checkpointer:83e25e5968391b9eb342042c435d1b3eeddb2be1
-        command:
-        - /checkpoint
-        - --lock-file=/var/run/lock/pod-checkpointer.lock
-        - --kubeconfig=/etc/checkpointer/kubeconfig
-        - --checkpoint-grace-period=5m
-        env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-        - name: POD_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.name
-        - name: POD_NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
-        imagePullPolicy: Always
-        volumeMounts:
-        - mountPath: /etc/checkpointer
-          name: kubeconfig
-        - mountPath: /etc/kubernetes
-          name: etc-kubernetes
-        - mountPath: /var/run
-          name: var-run
-      serviceAccountName: pod-checkpointer
-      hostNetwork: true
-      nodeSelector:
-        k8s.unstable.cloud/master: ""
-      restartPolicy: Always
-      tolerations:
-      - key: node-role.kubernetes.io/master
-        operator: Exists
-        effect: NoSchedule
-      volumes:
-      - name: kubeconfig
-        configMap:
-          name: kubeconfig-in-cluster
-      - name: etc-kubernetes
-        hostPath:
-          path: /etc/kubernetes
-      - name: var-run
-        hostPath:
-          path: /var/run
-  updateStrategy:
-    rollingUpdate:
-      maxUnavailable: 1
-    type: RollingUpdate