porkadot 0.26.0 → 0.27.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/hack/gen-storage-version-migrator.sh +1 -1
- data/hack/metallb/crds/kustomization.yaml +1 -1
- data/hack/metallb/kustomization.yaml +3 -3
- data/hack/storage-version-migrator/kustomization.yaml +4 -8
- data/lib/porkadot/assets/kubernetes/manifests/addons/metallb/crds.yaml +401 -475
- data/lib/porkadot/assets/kubernetes/manifests/addons/metallb/metallb.yaml.erb +34 -42
- data/lib/porkadot/assets/kubernetes/manifests/addons/storage-version-migrator/storage-version-migrator.yaml.erb +16 -2
- data/lib/porkadot/assets/kubernetes.rb +2 -0
- data/lib/porkadot/default.yaml +4 -4
- data/lib/porkadot/version.rb +1 -1
- metadata +2 -2
@@ -57,14 +57,6 @@ rules:
|
|
57
57
|
verbs:
|
58
58
|
- get
|
59
59
|
- list
|
60
|
-
- apiGroups:
|
61
|
-
- metallb.io
|
62
|
-
resources:
|
63
|
-
- addresspools
|
64
|
-
verbs:
|
65
|
-
- get
|
66
|
-
- list
|
67
|
-
- watch
|
68
60
|
- apiGroups:
|
69
61
|
- metallb.io
|
70
62
|
resources:
|
@@ -129,9 +121,9 @@ rules:
|
|
129
121
|
- list
|
130
122
|
- watch
|
131
123
|
- apiGroups:
|
132
|
-
-
|
124
|
+
- ""
|
133
125
|
resources:
|
134
|
-
-
|
126
|
+
- configmaps
|
135
127
|
verbs:
|
136
128
|
- get
|
137
129
|
- list
|
@@ -201,6 +193,12 @@ rules:
|
|
201
193
|
- get
|
202
194
|
- list
|
203
195
|
- watch
|
196
|
+
- apiGroups:
|
197
|
+
- ""
|
198
|
+
resources:
|
199
|
+
- nodes
|
200
|
+
verbs:
|
201
|
+
- list
|
204
202
|
- apiGroups:
|
205
203
|
- ""
|
206
204
|
resources:
|
@@ -248,7 +246,6 @@ rules:
|
|
248
246
|
- apiGroups:
|
249
247
|
- apiextensions.k8s.io
|
250
248
|
resourceNames:
|
251
|
-
- addresspools.metallb.io
|
252
249
|
- bfdprofiles.metallb.io
|
253
250
|
- bgpadvertisements.metallb.io
|
254
251
|
- bgppeers.metallb.io
|
@@ -280,6 +277,13 @@ metadata:
|
|
280
277
|
app: metallb
|
281
278
|
name: metallb-system:speaker
|
282
279
|
rules:
|
280
|
+
- apiGroups:
|
281
|
+
- metallb.io
|
282
|
+
resources:
|
283
|
+
- servicel2statuses
|
284
|
+
- servicel2statuses/status
|
285
|
+
verbs:
|
286
|
+
- '*'
|
283
287
|
- apiGroups:
|
284
288
|
- ""
|
285
289
|
resources:
|
@@ -389,13 +393,13 @@ metadata:
|
|
389
393
|
apiVersion: v1
|
390
394
|
kind: Secret
|
391
395
|
metadata:
|
392
|
-
name: webhook-
|
396
|
+
name: metallb-webhook-cert
|
393
397
|
namespace: metallb-system
|
394
398
|
---
|
395
399
|
apiVersion: v1
|
396
400
|
kind: Service
|
397
401
|
metadata:
|
398
|
-
name: webhook-service
|
402
|
+
name: metallb-webhook-service
|
399
403
|
namespace: metallb-system
|
400
404
|
spec:
|
401
405
|
ports:
|
@@ -431,12 +435,13 @@ spec:
|
|
431
435
|
- args:
|
432
436
|
- --port=7472
|
433
437
|
- --log-level=info
|
438
|
+
- --tls-min-version=VersionTLS12
|
434
439
|
env:
|
435
440
|
- name: METALLB_ML_SECRET_NAME
|
436
441
|
value: memberlist
|
437
442
|
- name: METALLB_DEPLOYMENT
|
438
443
|
value: controller
|
439
|
-
image: quay.io/metallb/controller:v0.
|
444
|
+
image: quay.io/metallb/controller:v0.14.5
|
440
445
|
livenessProbe:
|
441
446
|
failureThreshold: 3
|
442
447
|
httpGet:
|
@@ -484,7 +489,7 @@ spec:
|
|
484
489
|
- name: cert
|
485
490
|
secret:
|
486
491
|
defaultMode: 420
|
487
|
-
secretName: webhook-
|
492
|
+
secretName: metallb-webhook-cert
|
488
493
|
---
|
489
494
|
apiVersion: apps/v1
|
490
495
|
kind: DaemonSet
|
@@ -529,7 +534,7 @@ spec:
|
|
529
534
|
value: app=metallb,component=speaker
|
530
535
|
- name: METALLB_ML_SECRET_KEY_PATH
|
531
536
|
value: /etc/ml_secret_key
|
532
|
-
image: quay.io/metallb/speaker:v0.
|
537
|
+
image: quay.io/metallb/speaker:v0.14.5
|
533
538
|
livenessProbe:
|
534
539
|
failureThreshold: 3
|
535
540
|
httpGet:
|
@@ -569,6 +574,9 @@ spec:
|
|
569
574
|
- mountPath: /etc/ml_secret_key
|
570
575
|
name: memberlist
|
571
576
|
readOnly: true
|
577
|
+
- mountPath: /etc/metallb
|
578
|
+
name: metallb-excludel2
|
579
|
+
readOnly: true
|
572
580
|
hostNetwork: true
|
573
581
|
nodeSelector:
|
574
582
|
kubernetes.io/os: linux
|
@@ -586,6 +594,10 @@ spec:
|
|
586
594
|
secret:
|
587
595
|
defaultMode: 420
|
588
596
|
secretName: memberlist
|
597
|
+
- configMap:
|
598
|
+
defaultMode: 256
|
599
|
+
name: metallb-excludel2
|
600
|
+
name: metallb-excludel2
|
589
601
|
---
|
590
602
|
apiVersion: admissionregistration.k8s.io/v1
|
591
603
|
kind: ValidatingWebhookConfiguration
|
@@ -597,7 +609,7 @@ webhooks:
|
|
597
609
|
- v1
|
598
610
|
clientConfig:
|
599
611
|
service:
|
600
|
-
name: webhook-service
|
612
|
+
name: metallb-webhook-service
|
601
613
|
namespace: metallb-system
|
602
614
|
path: /validate-metallb-io-v1beta2-bgppeer
|
603
615
|
failurePolicy: Fail
|
@@ -617,27 +629,7 @@ webhooks:
|
|
617
629
|
- v1
|
618
630
|
clientConfig:
|
619
631
|
service:
|
620
|
-
name: webhook-service
|
621
|
-
namespace: metallb-system
|
622
|
-
path: /validate-metallb-io-v1beta1-addresspool
|
623
|
-
failurePolicy: Fail
|
624
|
-
name: addresspoolvalidationwebhook.metallb.io
|
625
|
-
rules:
|
626
|
-
- apiGroups:
|
627
|
-
- metallb.io
|
628
|
-
apiVersions:
|
629
|
-
- v1beta1
|
630
|
-
operations:
|
631
|
-
- CREATE
|
632
|
-
- UPDATE
|
633
|
-
resources:
|
634
|
-
- addresspools
|
635
|
-
sideEffects: None
|
636
|
-
- admissionReviewVersions:
|
637
|
-
- v1
|
638
|
-
clientConfig:
|
639
|
-
service:
|
640
|
-
name: webhook-service
|
632
|
+
name: metallb-webhook-service
|
641
633
|
namespace: metallb-system
|
642
634
|
path: /validate-metallb-io-v1beta1-bfdprofile
|
643
635
|
failurePolicy: Fail
|
@@ -657,7 +649,7 @@ webhooks:
|
|
657
649
|
- v1
|
658
650
|
clientConfig:
|
659
651
|
service:
|
660
|
-
name: webhook-service
|
652
|
+
name: metallb-webhook-service
|
661
653
|
namespace: metallb-system
|
662
654
|
path: /validate-metallb-io-v1beta1-bgpadvertisement
|
663
655
|
failurePolicy: Fail
|
@@ -677,7 +669,7 @@ webhooks:
|
|
677
669
|
- v1
|
678
670
|
clientConfig:
|
679
671
|
service:
|
680
|
-
name: webhook-service
|
672
|
+
name: metallb-webhook-service
|
681
673
|
namespace: metallb-system
|
682
674
|
path: /validate-metallb-io-v1beta1-community
|
683
675
|
failurePolicy: Fail
|
@@ -697,7 +689,7 @@ webhooks:
|
|
697
689
|
- v1
|
698
690
|
clientConfig:
|
699
691
|
service:
|
700
|
-
name: webhook-service
|
692
|
+
name: metallb-webhook-service
|
701
693
|
namespace: metallb-system
|
702
694
|
path: /validate-metallb-io-v1beta1-ipaddresspool
|
703
695
|
failurePolicy: Fail
|
@@ -717,7 +709,7 @@ webhooks:
|
|
717
709
|
- v1
|
718
710
|
clientConfig:
|
719
711
|
service:
|
720
|
-
name: webhook-service
|
712
|
+
name: metallb-webhook-service
|
721
713
|
namespace: metallb-system
|
722
714
|
path: /validate-metallb-io-v1beta1-l2advertisement
|
723
715
|
failurePolicy: Fail
|
@@ -316,7 +316,14 @@ spec:
|
|
316
316
|
- --kube-api-qps=40
|
317
317
|
- --kube-api-burst=1000
|
318
318
|
- --kubeconfig=/etc/migrator/kubeconfig
|
319
|
-
image: asia.gcr.io/k8s-artifacts-prod/storage-migrator/storage-version-migration-migrator:v0.0.
|
319
|
+
image: asia.gcr.io/k8s-artifacts-prod/storage-migrator/storage-version-migration-migrator:v0.0.5
|
320
|
+
livenessProbe:
|
321
|
+
httpGet:
|
322
|
+
path: /healthz
|
323
|
+
port: 2112
|
324
|
+
scheme: HTTP
|
325
|
+
initialDelaySeconds: 10
|
326
|
+
timeoutSeconds: 60
|
320
327
|
name: migrator
|
321
328
|
volumeMounts:
|
322
329
|
- mountPath: /etc/migrator
|
@@ -346,7 +353,14 @@ spec:
|
|
346
353
|
containers:
|
347
354
|
- args:
|
348
355
|
- --kubeconfig=/etc/migrator/kubeconfig
|
349
|
-
image: asia.gcr.io/k8s-artifacts-prod/storage-migrator/storage-version-migration-trigger:v0.0.
|
356
|
+
image: asia.gcr.io/k8s-artifacts-prod/storage-migrator/storage-version-migration-trigger:v0.0.5
|
357
|
+
livenessProbe:
|
358
|
+
httpGet:
|
359
|
+
path: /healthz
|
360
|
+
port: 2113
|
361
|
+
scheme: HTTP
|
362
|
+
initialDelaySeconds: 10
|
363
|
+
timeoutSeconds: 60
|
350
364
|
name: trigger
|
351
365
|
volumeMounts:
|
352
366
|
- mountPath: /etc/migrator
|
@@ -43,12 +43,14 @@ module Porkadot; module Assets
|
|
43
43
|
core/v1/configmap
|
44
44
|
core/v1/namespace
|
45
45
|
core/v1/service
|
46
|
+
core/v1/secret
|
46
47
|
core/v1/serviceaccount
|
47
48
|
policy/v1/poddisruptionbudget
|
48
49
|
rbac.authorization.k8s.io/v1/clusterrole
|
49
50
|
rbac.authorization.k8s.io/v1/clusterrolebinding
|
50
51
|
rbac.authorization.k8s.io/v1/role
|
51
52
|
rbac.authorization.k8s.io/v1/rolebinding
|
53
|
+
admissionregistration.k8s.io/v1/validatingwebhookconfiguration
|
52
54
|
]
|
53
55
|
end
|
54
56
|
end
|
data/lib/porkadot/default.yaml
CHANGED
@@ -45,16 +45,16 @@ addons:
|
|
45
45
|
|
46
46
|
etcd:
|
47
47
|
image_repository: registry.k8s.io/etcd
|
48
|
-
image_tag: 3.5.
|
48
|
+
image_tag: 3.5.12-0
|
49
49
|
extra_env: []
|
50
50
|
|
51
51
|
kubernetes:
|
52
|
-
kubernetes_version: v1.
|
53
|
-
crictl_version: v1.
|
52
|
+
kubernetes_version: v1.27.14
|
53
|
+
crictl_version: v1.27.1
|
54
54
|
image_repository: registry.k8s.io
|
55
55
|
|
56
56
|
networking:
|
57
|
-
cni_version: v1.
|
57
|
+
cni_version: v1.4.1
|
58
58
|
service_subnet: '10.254.0.0/24'
|
59
59
|
pod_subnet: '10.244.0.0/16'
|
60
60
|
dns_domain: 'cluster.local'
|
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: porkadot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.27.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTSUKA, Yuanying
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-05-
|
11
|
+
date: 2024-05-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|