From 86a79a5f8d6b838954ae22d5803940c9345555b8 Mon Sep 17 00:00:00 2001 From: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com> Date: Wed, 19 Aug 2020 19:21:01 +0000 Subject: [PATCH] Config file changes to v1.7, arm support and changelog updates fix v1.7 - v1.7.0 --- CHANGELOG.md | 29 +- config/master/aws-k8s-cni-cn.yaml | 2 + config/master/aws-k8s-cni-us-gov-east-1.yaml | 2 + config/master/aws-k8s-cni-us-gov-west-1.yaml | 2 + config/master/aws-k8s-cni.yaml | 2 + config/master/manifests.jsonnet | 2 +- config/v1.7/aws-k8s-cni-cn.yaml | 235 +++++++++++++ config/v1.7/aws-k8s-cni-us-gov-east-1.yaml | 235 +++++++++++++ config/v1.7/aws-k8s-cni-us-gov-west-1.yaml | 235 +++++++++++++ config/v1.7/aws-k8s-cni.yaml | 330 +++++++++--------- config/v1.7/cni-metrics-helper-cn.yaml | 100 ++++++ .../cni-metrics-helper-us-gov-east-1.yaml | 100 ++++++ .../cni-metrics-helper-us-gov-west-1.yaml | 100 ++++++ config/v1.7/cni-metrics-helper.yaml | 2 +- 14 files changed, 1193 insertions(+), 183 deletions(-) create mode 100644 config/v1.7/aws-k8s-cni-cn.yaml create mode 100644 config/v1.7/aws-k8s-cni-us-gov-east-1.yaml create mode 100644 config/v1.7/aws-k8s-cni-us-gov-west-1.yaml create mode 100644 config/v1.7/cni-metrics-helper-cn.yaml create mode 100644 config/v1.7/cni-metrics-helper-us-gov-east-1.yaml create mode 100644 config/v1.7/cni-metrics-helper-us-gov-west-1.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d9049f065..205f857db1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,46 +1,41 @@ # Changelog -## v1.7.0-latest +## v1.7.0 * Improvement - [Reject version skew between gRPC client and server](https://github.com/aws/amazon-vpc-cni-k8s/pull/1141) (#1141, @anguslees) * Improvement - [Write to IPAM checkpoint file immediately after reading from CRI](https://github.com/aws/amazon-vpc-cni-k8s/pull/1140) (#1140, @anguslees) * Improvement - [Fix a log message](https://github.com/aws/amazon-vpc-cni-k8s/pull/1138) (#1138, @anguslees) - -## v1.7.0-rc2 - * Improvement - [Add ipamd changes for sg support](https://github.com/aws/amazon-vpc-cni-k8s/pull/1126) (#1126, @mogren) * Improvement - [Add support to setup pod network using VLANss](https://github.com/aws/amazon-vpc-cni-k8s/pull/1125) (#1125, @SaranBalaji90) * Improvement - [Improve CRI->checkpoint logic in the face of downgrades](https://github.com/aws/amazon-vpc-cni-k8s/pull/1123) (#1123, @anguslees) -* Docs - [Changed data type for variables in README](https://github.com/aws/amazon-vpc-cni-k8s/pull/1116) (#1116, @abhinavmpandey08) * Improvement - [Slash and burn unused code](https://github.com/aws/amazon-vpc-cni-k8s/pull/1115) (#1115, @anguslees) * Improvement - [Remove references to unused metadata `owner-id`](https://github.com/aws/amazon-vpc-cni-k8s/pull/1111) (#1111, @anguslees) * Improvement - [Remove old pre-1.3 migration code](https://github.com/aws/amazon-vpc-cni-k8s/pull/1110) (#1110, @anguslees) -* Testing - [Create script to run all release tests](https://github.com/aws/amazon-vpc-cni-k8s/pull/1106) (#1106, @bnapolitan) * Improvement - [Enable log config for the metrics agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/1104) (#1104, @mogren) * Improvement - [Refactor ENI limit struct](https://github.com/aws/amazon-vpc-cni-k8s/pull/1035) (#1035, @mogren) -* Testing - [Cover bottlerocket cluster test](https://github.com/aws/amazon-vpc-cni-k8s/pull/1096) (#1096, @bnapolitan) -* Testing - [Introduce automated performance testing](https://github.com/aws/amazon-vpc-cni-k8s/pull/1068) (#1068, @bnapolitan) - -## v1.7.0-rc1 -* Bug - [Use limits from API for g4dn.16xlarge](https://github.com/aws/amazon-vpc-cni-k8s/pull/1086) (#1086, @mogren) * Improvement - [Use sed as a stream editor and redirect to file](https://github.com/aws/amazon-vpc-cni-k8s/pull/1069) (#1069, @willejs) -* Docs - [Fix docs links for cni-metrics-agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/1072) (#1072, @mogren) -* Bug - [Make metrics-helper docker logging statement multi-arch compatible](https://github.com/aws/amazon-vpc-cni-k8s/pull/1067) (#1067, @nprab428) * Improvement - [JSON output format for the entrypoint script](https://github.com/aws/amazon-vpc-cni-k8s/pull/1066) (#1066, @jayanthvn) -* Testing - [scripts/lib: bump up tester to v1.4.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/1065) (#1065, @gyuho) * Improvement - [Use install command instead of cp](https://github.com/aws/amazon-vpc-cni-k8s/pull/1061) (#1061, @mogren) * Improvement - [Updated manifest configs with default env vars](https://github.com/aws/amazon-vpc-cni-k8s/pull/1057) (#1057, @saiteja313) * Improvement - [Default to random-fully](https://github.com/aws/amazon-vpc-cni-k8s/pull/1048) (#1048, @mogren) * Improvement - [Update probe settings](https://github.com/aws/amazon-vpc-cni-k8s/pull/1028) (#1028, @mogren) * Improvement - [Added warning if delete on termination is set to false for the primary ENI](https://github.com/aws/amazon-vpc-cni-k8s/pull/1024) (#1024, @jayanthvn) -* Testing - [Add parallel testing to conformance](https://github.com/aws/amazon-vpc-cni-k8s/pull/1018) (#1018, @bnapolitan) -* Testing - [Cache go packages in CircleCI](https://github.com/aws/amazon-vpc-cni-k8s/pull/1017) (#1017, @bnapolitan) -* Testing - [Create roles by default for e2e test cluster creation](https://github.com/aws/amazon-vpc-cni-k8s/pull/994) (#994, @bnapolitan) * Improvement - [Limit scope of logs writable by ipamd container](https://github.com/aws/amazon-vpc-cni-k8s/pull/987) (#987, @anguslees) * Improvement - [Autogenerate per-region YAML manifests from a common template](https://github.com/aws/amazon-vpc-cni-k8s/pull/986) (#986, @anguslees) * Improvement - [Persist IPAM state to local file and use across restarts](https://github.com/aws/amazon-vpc-cni-k8s/pull/972) (#972, @anguslees) * Improvement - [Add init container](https://github.com/aws/amazon-vpc-cni-k8s/pull955) (#955, @mogren) * Improvement - [Refresh subnet/CIDR information periodically](https://github.com/aws/amazon-vpc-cni-k8s/pull/903) (#903, @nithu0115) +* Docs - [Changed data type for variables in README](https://github.com/aws/amazon-vpc-cni-k8s/pull/1116) (#1116, @abhinavmpandey08) +* Docs - [Fix docs links for cni-metrics-agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/1072) (#1072, @mogren) +* Testing - [Create script to run all release tests](https://github.com/aws/amazon-vpc-cni-k8s/pull/1106) (#1106, @bnapolitan) +* Testing - [Cover bottlerocket cluster test](https://github.com/aws/amazon-vpc-cni-k8s/pull/1096) (#1096, @bnapolitan) +* Testing - [Introduce automated performance testing](https://github.com/aws/amazon-vpc-cni-k8s/pull/1068) (#1068, @bnapolitan) +* Testing - [scripts/lib: bump up tester to v1.4.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/1065) (#1065, @gyuho) +* Testing - [Add parallel testing to conformance](https://github.com/aws/amazon-vpc-cni-k8s/pull/1018) (#1018, @bnapolitan) +* Testing - [Cache go packages in CircleCI](https://github.com/aws/amazon-vpc-cni-k8s/pull/1017) (#1017, @bnapolitan) +* Testing - [Create roles by default for e2e test cluster creation](https://github.com/aws/amazon-vpc-cni-k8s/pull/994) (#994, @bnapolitan) +* Bug - [Use limits from API for g4dn.16xlarge](https://github.com/aws/amazon-vpc-cni-k8s/pull/1086) (#1086, @mogren) +* Bug - [Make metrics-helper docker logging statement multi-arch compatible](https://github.com/aws/amazon-vpc-cni-k8s/pull/1067) (#1067, @nprab428) ## v1.6.3 * Bug - [Handle stale instance metadata](https://github.com/aws/amazon-vpc-cni-k8s/pull/1011) (#1011, @mogren) diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml index f4fb3c331d..738d785b9a 100644 --- a/config/master/aws-k8s-cni-cn.yaml +++ b/config/master/aws-k8s-cni-cn.yaml @@ -96,6 +96,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": @@ -109,6 +110,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml index 5d1dbb0701..067d81a262 100644 --- a/config/master/aws-k8s-cni-us-gov-east-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-east-1.yaml @@ -96,6 +96,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": @@ -109,6 +110,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": diff --git a/config/master/aws-k8s-cni-us-gov-west-1.yaml b/config/master/aws-k8s-cni-us-gov-west-1.yaml index b7796b1d46..2f077054d8 100644 --- a/config/master/aws-k8s-cni-us-gov-west-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-west-1.yaml @@ -96,6 +96,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": @@ -109,6 +110,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": diff --git a/config/master/aws-k8s-cni.yaml b/config/master/aws-k8s-cni.yaml index a71e96070f..e28fbe5589 100644 --- a/config/master/aws-k8s-cni.yaml +++ b/config/master/aws-k8s-cni.yaml @@ -96,6 +96,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": @@ -109,6 +110,7 @@ "operator": "In" "values": - "amd64" + - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": diff --git a/config/master/manifests.jsonnet b/config/master/manifests.jsonnet index 8a8d9b86d9..982c16d46c 100644 --- a/config/master/manifests.jsonnet +++ b/config/master/manifests.jsonnet @@ -125,7 +125,7 @@ local awsnode = { { key: prefix + "kubernetes.io/arch", operator: "In", - values: ["amd64"], + values: ["amd64", "arm64"], }, { key: "eks.amazonaws.com/compute-type", diff --git a/config/v1.7/aws-k8s-cni-cn.yaml b/config/v1.7/aws-k8s-cni-cn.yaml new file mode 100644 index 0000000000..ea9816814d --- /dev/null +++ b/config/v1.7/aws-k8s-cni-cn.yaml @@ -0,0 +1,235 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "aws-node" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "aws-node" +"subjects": +- "kind": "ServiceAccount" + "name": "aws-node" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "aws-node" +"rules": +- "apiGroups": + - "crd.k8s.amazonaws.com" + "resources": + - "eniconfigs" + "verbs": + - "get" + - "list" + - "watch" +- "apiGroups": + - "" + "resources": + - "pods" + - "namespaces" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "" + "resources": + - "nodes" + "verbs": + - "list" + - "watch" + - "get" + - "update" +- "apiGroups": + - "extensions" + "resources": + - "*" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apiextensions.k8s.io/v1beta1" +"kind": "CustomResourceDefinition" +"metadata": + "name": "eniconfigs.crd.k8s.amazonaws.com" +"spec": + "group": "crd.k8s.amazonaws.com" + "names": + "kind": "ENIConfig" + "plural": "eniconfigs" + "singular": "eniconfig" + "scope": "Cluster" + "versions": + - "name": "v1alpha1" + "served": true + "storage": true +--- +"apiVersion": "apps/v1" +"kind": "DaemonSet" +"metadata": + "labels": + "k8s-app": "aws-node" + "name": "aws-node" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "aws-node" + "template": + "metadata": + "labels": + "k8s-app": "aws-node" + "spec": + "affinity": + "nodeAffinity": + "requiredDuringSchedulingIgnoredDuringExecution": + "nodeSelectorTerms": + - "matchExpressions": + - "key": "beta.kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "beta.kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + - "matchExpressions": + - "key": "kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + "containers": + - "env": + - "name": "ADDITIONAL_ENI_TAGS" + "value": "{}" + - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" + "value": "true" + - "name": "AWS_VPC_ENI_MTU" + "value": "9001" + - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" + "value": "DEBUG" + - "name": "AWS_VPC_K8S_CNI_LOG_FILE" + "value": "/host/var/log/aws-routed-eni/ipamd.log" + - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" + "value": "prng" + - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" + "value": "eni" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" + "value": "/var/log/aws-routed-eni/plugin.log" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" + "value": "DEBUG" + - "name": "DISABLE_INTROSPECTION" + "value": "false" + - "name": "DISABLE_METRICS" + "value": "false" + - "name": "ENABLE_POD_ENI" + "value": "false" + - "name": "MY_NODE_NAME" + "valueFrom": + "fieldRef": + "fieldPath": "spec.nodeName" + - "name": "WARM_ENI_TARGET" + "value": "1" + "image": "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.7.0" + "imagePullPolicy": "Always" + "livenessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 60 + "name": "aws-node" + "ports": + - "containerPort": 61678 + "name": "metrics" + "readinessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 1 + "resources": + "requests": + "cpu": "10m" + "securityContext": + "capabilities": + "add": + - "NET_ADMIN" + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + - "mountPath": "/host/etc/cni/net.d" + "name": "cni-net-dir" + - "mountPath": "/host/var/log/aws-routed-eni" + "name": "log-dir" + - "mountPath": "/var/run/aws-node" + "name": "run-dir" + - "mountPath": "/var/run/dockershim.sock" + "name": "dockershim" + "hostNetwork": true + "initContainers": + - "image": "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.7.0" + "imagePullPolicy": "Always" + "name": "aws-vpc-cni-init" + "securityContext": + "privileged": true + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + "priorityClassName": "system-node-critical" + "serviceAccountName": "aws-node" + "terminationGracePeriodSeconds": 10 + "tolerations": + - "operator": "Exists" + "volumes": + - "hostPath": + "path": "/opt/cni/bin" + "name": "cni-bin-dir" + - "hostPath": + "path": "/etc/cni/net.d" + "name": "cni-net-dir" + - "hostPath": + "path": "/var/run/dockershim.sock" + "name": "dockershim" + - "hostPath": + "path": "/var/log/aws-routed-eni" + "type": "DirectoryOrCreate" + "name": "log-dir" + - "hostPath": + "path": "/var/run/aws-node" + "type": "DirectoryOrCreate" + "name": "run-dir" + "updateStrategy": + "rollingUpdate": + "maxUnavailable": "10%" + "type": "RollingUpdate" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "aws-node" + "namespace": "kube-system" +... diff --git a/config/v1.7/aws-k8s-cni-us-gov-east-1.yaml b/config/v1.7/aws-k8s-cni-us-gov-east-1.yaml new file mode 100644 index 0000000000..73411239a5 --- /dev/null +++ b/config/v1.7/aws-k8s-cni-us-gov-east-1.yaml @@ -0,0 +1,235 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "aws-node" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "aws-node" +"subjects": +- "kind": "ServiceAccount" + "name": "aws-node" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "aws-node" +"rules": +- "apiGroups": + - "crd.k8s.amazonaws.com" + "resources": + - "eniconfigs" + "verbs": + - "get" + - "list" + - "watch" +- "apiGroups": + - "" + "resources": + - "pods" + - "namespaces" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "" + "resources": + - "nodes" + "verbs": + - "list" + - "watch" + - "get" + - "update" +- "apiGroups": + - "extensions" + "resources": + - "*" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apiextensions.k8s.io/v1beta1" +"kind": "CustomResourceDefinition" +"metadata": + "name": "eniconfigs.crd.k8s.amazonaws.com" +"spec": + "group": "crd.k8s.amazonaws.com" + "names": + "kind": "ENIConfig" + "plural": "eniconfigs" + "singular": "eniconfig" + "scope": "Cluster" + "versions": + - "name": "v1alpha1" + "served": true + "storage": true +--- +"apiVersion": "apps/v1" +"kind": "DaemonSet" +"metadata": + "labels": + "k8s-app": "aws-node" + "name": "aws-node" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "aws-node" + "template": + "metadata": + "labels": + "k8s-app": "aws-node" + "spec": + "affinity": + "nodeAffinity": + "requiredDuringSchedulingIgnoredDuringExecution": + "nodeSelectorTerms": + - "matchExpressions": + - "key": "beta.kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "beta.kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + - "matchExpressions": + - "key": "kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + "containers": + - "env": + - "name": "ADDITIONAL_ENI_TAGS" + "value": "{}" + - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" + "value": "true" + - "name": "AWS_VPC_ENI_MTU" + "value": "9001" + - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" + "value": "DEBUG" + - "name": "AWS_VPC_K8S_CNI_LOG_FILE" + "value": "/host/var/log/aws-routed-eni/ipamd.log" + - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" + "value": "prng" + - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" + "value": "eni" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" + "value": "/var/log/aws-routed-eni/plugin.log" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" + "value": "DEBUG" + - "name": "DISABLE_INTROSPECTION" + "value": "false" + - "name": "DISABLE_METRICS" + "value": "false" + - "name": "ENABLE_POD_ENI" + "value": "false" + - "name": "MY_NODE_NAME" + "valueFrom": + "fieldRef": + "fieldPath": "spec.nodeName" + - "name": "WARM_ENI_TARGET" + "value": "1" + "image": "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.7.0" + "imagePullPolicy": "Always" + "livenessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 60 + "name": "aws-node" + "ports": + - "containerPort": 61678 + "name": "metrics" + "readinessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 1 + "resources": + "requests": + "cpu": "10m" + "securityContext": + "capabilities": + "add": + - "NET_ADMIN" + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + - "mountPath": "/host/etc/cni/net.d" + "name": "cni-net-dir" + - "mountPath": "/host/var/log/aws-routed-eni" + "name": "log-dir" + - "mountPath": "/var/run/aws-node" + "name": "run-dir" + - "mountPath": "/var/run/dockershim.sock" + "name": "dockershim" + "hostNetwork": true + "initContainers": + - "image": "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.7.0" + "imagePullPolicy": "Always" + "name": "aws-vpc-cni-init" + "securityContext": + "privileged": true + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + "priorityClassName": "system-node-critical" + "serviceAccountName": "aws-node" + "terminationGracePeriodSeconds": 10 + "tolerations": + - "operator": "Exists" + "volumes": + - "hostPath": + "path": "/opt/cni/bin" + "name": "cni-bin-dir" + - "hostPath": + "path": "/etc/cni/net.d" + "name": "cni-net-dir" + - "hostPath": + "path": "/var/run/dockershim.sock" + "name": "dockershim" + - "hostPath": + "path": "/var/log/aws-routed-eni" + "type": "DirectoryOrCreate" + "name": "log-dir" + - "hostPath": + "path": "/var/run/aws-node" + "type": "DirectoryOrCreate" + "name": "run-dir" + "updateStrategy": + "rollingUpdate": + "maxUnavailable": "10%" + "type": "RollingUpdate" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "aws-node" + "namespace": "kube-system" +... diff --git a/config/v1.7/aws-k8s-cni-us-gov-west-1.yaml b/config/v1.7/aws-k8s-cni-us-gov-west-1.yaml new file mode 100644 index 0000000000..3209dd476b --- /dev/null +++ b/config/v1.7/aws-k8s-cni-us-gov-west-1.yaml @@ -0,0 +1,235 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "aws-node" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "aws-node" +"subjects": +- "kind": "ServiceAccount" + "name": "aws-node" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "aws-node" +"rules": +- "apiGroups": + - "crd.k8s.amazonaws.com" + "resources": + - "eniconfigs" + "verbs": + - "get" + - "list" + - "watch" +- "apiGroups": + - "" + "resources": + - "pods" + - "namespaces" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "" + "resources": + - "nodes" + "verbs": + - "list" + - "watch" + - "get" + - "update" +- "apiGroups": + - "extensions" + "resources": + - "*" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apiextensions.k8s.io/v1beta1" +"kind": "CustomResourceDefinition" +"metadata": + "name": "eniconfigs.crd.k8s.amazonaws.com" +"spec": + "group": "crd.k8s.amazonaws.com" + "names": + "kind": "ENIConfig" + "plural": "eniconfigs" + "singular": "eniconfig" + "scope": "Cluster" + "versions": + - "name": "v1alpha1" + "served": true + "storage": true +--- +"apiVersion": "apps/v1" +"kind": "DaemonSet" +"metadata": + "labels": + "k8s-app": "aws-node" + "name": "aws-node" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "aws-node" + "template": + "metadata": + "labels": + "k8s-app": "aws-node" + "spec": + "affinity": + "nodeAffinity": + "requiredDuringSchedulingIgnoredDuringExecution": + "nodeSelectorTerms": + - "matchExpressions": + - "key": "beta.kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "beta.kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + - "matchExpressions": + - "key": "kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + "containers": + - "env": + - "name": "ADDITIONAL_ENI_TAGS" + "value": "{}" + - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" + "value": "true" + - "name": "AWS_VPC_ENI_MTU" + "value": "9001" + - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" + "value": "DEBUG" + - "name": "AWS_VPC_K8S_CNI_LOG_FILE" + "value": "/host/var/log/aws-routed-eni/ipamd.log" + - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" + "value": "prng" + - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" + "value": "eni" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" + "value": "/var/log/aws-routed-eni/plugin.log" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" + "value": "DEBUG" + - "name": "DISABLE_INTROSPECTION" + "value": "false" + - "name": "DISABLE_METRICS" + "value": "false" + - "name": "ENABLE_POD_ENI" + "value": "false" + - "name": "MY_NODE_NAME" + "valueFrom": + "fieldRef": + "fieldPath": "spec.nodeName" + - "name": "WARM_ENI_TARGET" + "value": "1" + "image": "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.7.0" + "imagePullPolicy": "Always" + "livenessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 60 + "name": "aws-node" + "ports": + - "containerPort": 61678 + "name": "metrics" + "readinessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 1 + "resources": + "requests": + "cpu": "10m" + "securityContext": + "capabilities": + "add": + - "NET_ADMIN" + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + - "mountPath": "/host/etc/cni/net.d" + "name": "cni-net-dir" + - "mountPath": "/host/var/log/aws-routed-eni" + "name": "log-dir" + - "mountPath": "/var/run/aws-node" + "name": "run-dir" + - "mountPath": "/var/run/dockershim.sock" + "name": "dockershim" + "hostNetwork": true + "initContainers": + - "image": "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.7.0" + "imagePullPolicy": "Always" + "name": "aws-vpc-cni-init" + "securityContext": + "privileged": true + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + "priorityClassName": "system-node-critical" + "serviceAccountName": "aws-node" + "terminationGracePeriodSeconds": 10 + "tolerations": + - "operator": "Exists" + "volumes": + - "hostPath": + "path": "/opt/cni/bin" + "name": "cni-bin-dir" + - "hostPath": + "path": "/etc/cni/net.d" + "name": "cni-net-dir" + - "hostPath": + "path": "/var/run/dockershim.sock" + "name": "dockershim" + - "hostPath": + "path": "/var/log/aws-routed-eni" + "type": "DirectoryOrCreate" + "name": "log-dir" + - "hostPath": + "path": "/var/run/aws-node" + "type": "DirectoryOrCreate" + "name": "run-dir" + "updateStrategy": + "rollingUpdate": + "maxUnavailable": "10%" + "type": "RollingUpdate" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "aws-node" + "namespace": "kube-system" +... diff --git a/config/v1.7/aws-k8s-cni.yaml b/config/v1.7/aws-k8s-cni.yaml index b89f878585..76ec7336b4 100644 --- a/config/v1.7/aws-k8s-cni.yaml +++ b/config/v1.7/aws-k8s-cni.yaml @@ -8,48 +8,48 @@ "kind": "ClusterRole" "name": "aws-node" "subjects": - - "kind": "ServiceAccount" - "name": "aws-node" - "namespace": "kube-system" +- "kind": "ServiceAccount" + "name": "aws-node" + "namespace": "kube-system" --- "apiVersion": "rbac.authorization.k8s.io/v1" "kind": "ClusterRole" "metadata": "name": "aws-node" "rules": - - "apiGroups": - - "crd.k8s.amazonaws.com" - "resources": - - "eniconfigs" - "verbs": - - "get" - - "list" - - "watch" - - "apiGroups": - - "" - "resources": - - "pods" - - "namespaces" - "verbs": - - "list" - - "watch" - - "get" - - "apiGroups": - - "" - "resources": - - "nodes" - "verbs": - - "list" - - "watch" - - "get" - - "update" - - "apiGroups": - - "extensions" - "resources": - - "*" - "verbs": - - "list" - - "watch" +- "apiGroups": + - "crd.k8s.amazonaws.com" + "resources": + - "eniconfigs" + "verbs": + - "get" + - "list" + - "watch" +- "apiGroups": + - "" + "resources": + - "pods" + - "namespaces" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "" + "resources": + - "nodes" + "verbs": + - "list" + - "watch" + - "get" + - "update" +- "apiGroups": + - "extensions" + "resources": + - "*" + "verbs": + - "list" + - "watch" --- "apiVersion": "apiextensions.k8s.io/v1beta1" "kind": "CustomResourceDefinition" @@ -63,9 +63,9 @@ "singular": "eniconfig" "scope": "Cluster" "versions": - - "name": "v1alpha1" - "served": true - "storage": true + - "name": "v1alpha1" + "served": true + "storage": true --- "apiVersion": "apps/v1" "kind": "DaemonSet" @@ -87,139 +87,141 @@ "nodeAffinity": "requiredDuringSchedulingIgnoredDuringExecution": "nodeSelectorTerms": - - "matchExpressions": - - "key": "beta.kubernetes.io/os" - "operator": "In" - "values": - - "linux" - - "key": "beta.kubernetes.io/arch" - "operator": "In" - "values": - - "amd64" - - "key": "eks.amazonaws.com/compute-type" - "operator": "NotIn" - "values": - - "fargate" - - "matchExpressions": - - "key": "kubernetes.io/os" - "operator": "In" - "values": - - "linux" - - "key": "kubernetes.io/arch" - "operator": "In" - "values": - - "amd64" - - "key": "eks.amazonaws.com/compute-type" - "operator": "NotIn" - "values": - - "fargate" + - "matchExpressions": + - "key": "beta.kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "beta.kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" + - "matchExpressions": + - "key": "kubernetes.io/os" + "operator": "In" + "values": + - "linux" + - "key": "kubernetes.io/arch" + "operator": "In" + "values": + - "amd64" + - "arm64" + - "key": "eks.amazonaws.com/compute-type" + "operator": "NotIn" + "values": + - "fargate" "containers": - - "env": - - "name": "ADDITIONAL_ENI_TAGS" - "value": "{}" - - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" - "value": "true" - - "name": "AWS_VPC_ENI_MTU" - "value": "9001" - - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" - "value": "DEBUG" - - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - "value": "/host/var/log/aws-routed-eni/ipamd.log" - - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - "value": "prng" - - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" - "value": "eni" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" - "value": "/var/log/aws-routed-eni/plugin.log" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - "value": "DEBUG" - - "name": "DISABLE_INTROSPECTION" - "value": "false" - - "name": "DISABLE_METRICS" - "value": "false" - - "name": "ENABLE_POD_ENI" - "value": "false" - - "name": "MY_NODE_NAME" - "valueFrom": - "fieldRef": - "fieldPath": "spec.nodeName" - - "name": "WARM_ENI_TARGET" - "value": "1" - "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.7.0-rc2" - "imagePullPolicy": "Always" - "livenessProbe": - "exec": - "command": - - "/app/grpc-health-probe" - - "-addr=:50051" - "initialDelaySeconds": 60 - "name": "aws-node" - "ports": - - "containerPort": 61678 - "name": "metrics" - "readinessProbe": - "exec": - "command": - - "/app/grpc-health-probe" - - "-addr=:50051" - "initialDelaySeconds": 1 - "resources": - "requests": - "cpu": "10m" - "securityContext": - "capabilities": - "add": - - "NET_ADMIN" - "volumeMounts": - - "mountPath": "/host/opt/cni/bin" - "name": "cni-bin-dir" - - "mountPath": "/host/etc/cni/net.d" - "name": "cni-net-dir" - - "mountPath": "/host/var/log/aws-routed-eni" - "name": "log-dir" - - "mountPath": "/var/run/aws-node" - "name": "run-dir" - - "mountPath": "/var/run/dockershim.sock" - "name": "dockershim" + - "env": + - "name": "ADDITIONAL_ENI_TAGS" + "value": "{}" + - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" + "value": "true" + - "name": "AWS_VPC_ENI_MTU" + "value": "9001" + - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" + "value": "false" + - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" + "value": "DEBUG" + - "name": "AWS_VPC_K8S_CNI_LOG_FILE" + "value": "/host/var/log/aws-routed-eni/ipamd.log" + - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" + "value": "prng" + - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" + "value": "eni" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" + "value": "/var/log/aws-routed-eni/plugin.log" + - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" + "value": "DEBUG" + - "name": "DISABLE_INTROSPECTION" + "value": "false" + - "name": "DISABLE_METRICS" + "value": "false" + - "name": "ENABLE_POD_ENI" + "value": "false" + - "name": "MY_NODE_NAME" + "valueFrom": + "fieldRef": + "fieldPath": "spec.nodeName" + - "name": "WARM_ENI_TARGET" + "value": "1" + "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.7.0" + "imagePullPolicy": "Always" + "livenessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 60 + "name": "aws-node" + "ports": + - "containerPort": 61678 + "name": "metrics" + "readinessProbe": + "exec": + "command": + - "/app/grpc-health-probe" + - "-addr=:50051" + "initialDelaySeconds": 1 + "resources": + "requests": + "cpu": "10m" + "securityContext": + "capabilities": + "add": + - "NET_ADMIN" + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" + - "mountPath": "/host/etc/cni/net.d" + "name": "cni-net-dir" + - "mountPath": "/host/var/log/aws-routed-eni" + "name": "log-dir" + - "mountPath": "/var/run/aws-node" + "name": "run-dir" + - "mountPath": "/var/run/dockershim.sock" + "name": "dockershim" "hostNetwork": true "initContainers": - - "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.7.0-rc2" - "imagePullPolicy": "Always" - "name": "aws-vpc-cni-init" - "securityContext": - "privileged": true - "volumeMounts": - - "mountPath": "/host/opt/cni/bin" - "name": "cni-bin-dir" + - "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.7.0" + "imagePullPolicy": "Always" + "name": "aws-vpc-cni-init" + "securityContext": + "privileged": true + "volumeMounts": + - "mountPath": "/host/opt/cni/bin" + "name": "cni-bin-dir" "priorityClassName": "system-node-critical" "serviceAccountName": "aws-node" "terminationGracePeriodSeconds": 10 "tolerations": - - "operator": "Exists" + - "operator": "Exists" "volumes": - - "hostPath": - "path": "/opt/cni/bin" - "name": "cni-bin-dir" - - "hostPath": - "path": "/etc/cni/net.d" - "name": "cni-net-dir" - - "hostPath": - "path": "/var/run/dockershim.sock" - "name": "dockershim" - - "hostPath": - "path": "/var/log/aws-routed-eni" - "type": "DirectoryOrCreate" - "name": "log-dir" - - "hostPath": - "path": "/var/run/aws-node" - "type": "DirectoryOrCreate" - "name": "run-dir" + - "hostPath": + "path": "/opt/cni/bin" + "name": "cni-bin-dir" + - "hostPath": + "path": "/etc/cni/net.d" + "name": "cni-net-dir" + - "hostPath": + "path": "/var/run/dockershim.sock" + "name": "dockershim" + - "hostPath": + "path": "/var/log/aws-routed-eni" + "type": "DirectoryOrCreate" + "name": "log-dir" + - "hostPath": + "path": "/var/run/aws-node" + "type": "DirectoryOrCreate" + "name": "run-dir" "updateStrategy": "rollingUpdate": "maxUnavailable": "10%" diff --git a/config/v1.7/cni-metrics-helper-cn.yaml b/config/v1.7/cni-metrics-helper-cn.yaml new file mode 100644 index 0000000000..c448ed2b23 --- /dev/null +++ b/config/v1.7/cni-metrics-helper-cn.yaml @@ -0,0 +1,100 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "cni-metrics-helper" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "cni-metrics-helper" +"subjects": +- "kind": "ServiceAccount" + "name": "cni-metrics-helper" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "cni-metrics-helper" +"rules": +- "apiGroups": + - "" + "resources": + - "nodes" + - "pods" + - "pods/proxy" + - "services" + - "resourcequotas" + - "replicationcontrollers" + - "limitranges" + - "persistentvolumeclaims" + - "persistentvolumes" + - "namespaces" + - "endpoints" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "extensions" + "resources": + - "daemonsets" + - "deployments" + - "replicasets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "apps" + "resources": + - "statefulsets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "batch" + "resources": + - "cronjobs" + - "jobs" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "autoscaling" + "resources": + - "horizontalpodautoscalers" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apps/v1" +"kind": "Deployment" +"metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "name": "cni-metrics-helper" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "cni-metrics-helper" + "template": + "metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "spec": + "containers": + - "env": + - "name": "USE_CLOUDWATCH" + "value": "true" + "image": "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/cni-metrics-helper:v1.7.0" + "imagePullPolicy": "Always" + "name": "cni-metrics-helper" + "serviceAccountName": "cni-metrics-helper" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "cni-metrics-helper" + "namespace": "kube-system" +... diff --git a/config/v1.7/cni-metrics-helper-us-gov-east-1.yaml b/config/v1.7/cni-metrics-helper-us-gov-east-1.yaml new file mode 100644 index 0000000000..f8f8403e85 --- /dev/null +++ b/config/v1.7/cni-metrics-helper-us-gov-east-1.yaml @@ -0,0 +1,100 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "cni-metrics-helper" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "cni-metrics-helper" +"subjects": +- "kind": "ServiceAccount" + "name": "cni-metrics-helper" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "cni-metrics-helper" +"rules": +- "apiGroups": + - "" + "resources": + - "nodes" + - "pods" + - "pods/proxy" + - "services" + - "resourcequotas" + - "replicationcontrollers" + - "limitranges" + - "persistentvolumeclaims" + - "persistentvolumes" + - "namespaces" + - "endpoints" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "extensions" + "resources": + - "daemonsets" + - "deployments" + - "replicasets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "apps" + "resources": + - "statefulsets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "batch" + "resources": + - "cronjobs" + - "jobs" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "autoscaling" + "resources": + - "horizontalpodautoscalers" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apps/v1" +"kind": "Deployment" +"metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "name": "cni-metrics-helper" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "cni-metrics-helper" + "template": + "metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "spec": + "containers": + - "env": + - "name": "USE_CLOUDWATCH" + "value": "true" + "image": "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/cni-metrics-helper:v1.7.0" + "imagePullPolicy": "Always" + "name": "cni-metrics-helper" + "serviceAccountName": "cni-metrics-helper" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "cni-metrics-helper" + "namespace": "kube-system" +... diff --git a/config/v1.7/cni-metrics-helper-us-gov-west-1.yaml b/config/v1.7/cni-metrics-helper-us-gov-west-1.yaml new file mode 100644 index 0000000000..fdb78fe6ca --- /dev/null +++ b/config/v1.7/cni-metrics-helper-us-gov-west-1.yaml @@ -0,0 +1,100 @@ +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRoleBinding" +"metadata": + "name": "cni-metrics-helper" +"roleRef": + "apiGroup": "rbac.authorization.k8s.io" + "kind": "ClusterRole" + "name": "cni-metrics-helper" +"subjects": +- "kind": "ServiceAccount" + "name": "cni-metrics-helper" + "namespace": "kube-system" +--- +"apiVersion": "rbac.authorization.k8s.io/v1" +"kind": "ClusterRole" +"metadata": + "name": "cni-metrics-helper" +"rules": +- "apiGroups": + - "" + "resources": + - "nodes" + - "pods" + - "pods/proxy" + - "services" + - "resourcequotas" + - "replicationcontrollers" + - "limitranges" + - "persistentvolumeclaims" + - "persistentvolumes" + - "namespaces" + - "endpoints" + "verbs": + - "list" + - "watch" + - "get" +- "apiGroups": + - "extensions" + "resources": + - "daemonsets" + - "deployments" + - "replicasets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "apps" + "resources": + - "statefulsets" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "batch" + "resources": + - "cronjobs" + - "jobs" + "verbs": + - "list" + - "watch" +- "apiGroups": + - "autoscaling" + "resources": + - "horizontalpodautoscalers" + "verbs": + - "list" + - "watch" +--- +"apiVersion": "apps/v1" +"kind": "Deployment" +"metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "name": "cni-metrics-helper" + "namespace": "kube-system" +"spec": + "selector": + "matchLabels": + "k8s-app": "cni-metrics-helper" + "template": + "metadata": + "labels": + "k8s-app": "cni-metrics-helper" + "spec": + "containers": + - "env": + - "name": "USE_CLOUDWATCH" + "value": "true" + "image": "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/cni-metrics-helper:v1.7.0" + "imagePullPolicy": "Always" + "name": "cni-metrics-helper" + "serviceAccountName": "cni-metrics-helper" +--- +"apiVersion": "v1" +"kind": "ServiceAccount" +"metadata": + "name": "cni-metrics-helper" + "namespace": "kube-system" +... diff --git a/config/v1.7/cni-metrics-helper.yaml b/config/v1.7/cni-metrics-helper.yaml index 54059db4c8..4c8384656d 100644 --- a/config/v1.7/cni-metrics-helper.yaml +++ b/config/v1.7/cni-metrics-helper.yaml @@ -87,7 +87,7 @@ - "env": - "name": "USE_CLOUDWATCH" "value": "true" - "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.7.0-rc1" + "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.7.0" "imagePullPolicy": "Always" "name": "cni-metrics-helper" "serviceAccountName": "cni-metrics-helper"