Commit 16a1a5e2 authored by orangedeng's avatar orangedeng Committed by Alena Prokharchyk
Browse files

Update vendor for driver metadata

Update ingress nginx version
parent 85c21bc9
Showing with 373 additions and 26 deletions
+373 -26
......@@ -32,7 +32,7 @@ require (
github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
github.com/opencontainers/image-spec v0.0.0-20170929214853-7c889fafd04a // indirect
github.com/pkg/errors v0.8.1
github.com/rancher/kontainer-driver-metadata v0.0.0-20190823210613-624182a785ce
github.com/rancher/kontainer-driver-metadata v0.0.0-20190826223322-3e1df77e6153
github.com/rancher/norman v0.0.0-20190821234528-20a936b685b0
github.com/rancher/types v0.0.0-20190823205914-444dc01b3d86
github.com/sirupsen/logrus v1.4.2
......
......@@ -183,6 +183,8 @@ github.com/prometheus/procfs v0.0.3 h1:CTwfnzjQ+8dS6MhHHu4YswVAD99sL2wjPqP+VkURm
github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
github.com/rancher/kontainer-driver-metadata v0.0.0-20190823210613-624182a785ce h1:4onzkfpjfusENeAFn7NhUSCdmBkFez3dRAaqDQGV8ng=
github.com/rancher/kontainer-driver-metadata v0.0.0-20190823210613-624182a785ce/go.mod h1:dHvhyuoiwrjqQCFD586g0cZ9NJJXEKeAtQi8RX96U8E=
github.com/rancher/kontainer-driver-metadata v0.0.0-20190826223322-3e1df77e6153 h1:MzkL/BHjjoCYmTyP5GfJW0Bn1bsGKOF70//wDoNwPiI=
github.com/rancher/kontainer-driver-metadata v0.0.0-20190826223322-3e1df77e6153/go.mod h1:dHvhyuoiwrjqQCFD586g0cZ9NJJXEKeAtQi8RX96U8E=
github.com/rancher/norman v0.0.0-20190821234528-20a936b685b0 h1:bNG4b0CTTBE8yEamIz8RYcfz+7kfK9N8YTvyiykRCS8=
github.com/rancher/norman v0.0.0-20190821234528-20a936b685b0/go.mod h1:KwP6RD4rVMdK8XK0wqZaptrhTn/TO4kXU3doh4iatQU=
github.com/rancher/types v0.0.0-20190822170951-b99efa820bc3 h1:4mz/J0iEtW/VDtjN3zI9B4g49MKeoLHkHZKJGqRN7xg=
......
......@@ -90,7 +90,7 @@ func validateDefaultPresent(versions map[string]string) {
func validateTemplateMatch() {
TemplateData = map[string]map[string]string{}
for k8sVersion := range DriverData.K8sVersionRKESystemImages {
toMatch, err := semver.Make(strings.Split(k8sVersion[1:], "-rancher")[0])
toMatch, err := semver.Make(k8sVersion[1:])
if err != nil {
panic(fmt.Sprintf("k8sVersion not sem-ver %s %v", k8sVersion, err))
}
......
......@@ -1057,7 +1057,7 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages {
WeaveNode: m("weaveworks/weave-kube:2.5.0"),
WeaveCNI: m("weaveworks/weave-npc:2.5.0"),
PodInfraContainer: m("gcr.io/google_containers/pause:3.1"),
Ingress: m("rancher/nginx-ingress-controller:0.21.0-rancher3"),
Ingress: m("rancher/nginx-ingress-controller:nginx-0.25.1-rancher1"),
IngressBackend: m("k8s.gcr.io/defaultbackend:1.4-rancher1"),
MetricsServer: m("gcr.io/google_containers/metrics-server:v0.3.1"),
CoreDNS: m("coredns/coredns:1.2.6"),
......@@ -1231,7 +1231,7 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages {
WeaveNode: m("weaveworks/weave-kube:2.5.0"),
WeaveCNI: m("weaveworks/weave-npc:2.5.0"),
PodInfraContainer: m("gcr.io/google_containers/pause:3.1"),
Ingress: m("rancher/nginx-ingress-controller:0.21.0-rancher3"),
Ingress: m("rancher/nginx-ingress-controller:nginx-0.25.1-rancher1"),
IngressBackend: m("k8s.gcr.io/defaultbackend:1.5-rancher1"),
MetricsServer: m("gcr.io/google_containers/metrics-server:v0.3.1"),
CoreDNS: m("coredns/coredns:1.3.1"),
......@@ -1351,7 +1351,7 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages {
WeaveNode: m("weaveworks/weave-kube:2.5.2"),
WeaveCNI: m("weaveworks/weave-npc:2.5.2"),
PodInfraContainer: m("gcr.io/google_containers/pause:3.1"),
Ingress: m("rancher/nginx-ingress-controller:0.21.0-rancher3"),
Ingress: m("rancher/nginx-ingress-controller:nginx-0.25.1-rancher1"),
IngressBackend: m("k8s.gcr.io/defaultbackend:1.5-rancher1"),
MetricsServer: m("gcr.io/google_containers/metrics-server:v0.3.3"),
CoreDNS: m("coredns/coredns:1.3.1"),
......@@ -1663,7 +1663,7 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages {
WeaveNode: m("weaveworks/weave-kube:2.5.2"),
WeaveCNI: m("weaveworks/weave-npc:2.5.2"),
PodInfraContainer: m("gcr.io/google_containers/pause:3.1"),
Ingress: m("rancher/nginx-ingress-controller:0.21.0-rancher3"),
Ingress: m("rancher/nginx-ingress-controller:nginx-0.25.1-rancher1"),
IngressBackend: m("k8s.gcr.io/defaultbackend:1.5-rancher1"),
MetricsServer: m("gcr.io/google_containers/metrics-server:v0.3.3"),
CoreDNS: m("coredns/coredns:1.3.1"),
......
......@@ -161,6 +161,344 @@ subjects:
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
spec:
selector:
matchLabels:
app: ingress-nginx
template:
metadata:
labels:
app: ingress-nginx
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/os
operator: NotIn
values:
- windows
hostNetwork: true
nodeSelector:
{{ range $k, $v := .NodeSelector }}
{{ $k }}: "{{ $v }}"
{{ end }}
{{if eq .RBACConfig "rbac"}}
serviceAccountName: nginx-ingress-serviceaccount
{{ end }}
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
{{- if ne .AlpineImage ""}}
initContainers:
- command:
- sh
- -c
- sysctl -w net.core.somaxconn=32768; sysctl -w net.ipv4.ip_local_port_range="1024 65535"
image: {{.AlpineImage}}
imagePullPolicy: IfNotPresent
name: sysctl
securityContext:
privileged: true
{{- end }}
containers:
- name: nginx-ingress-controller
image: {{.IngressImage}}
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --annotations-prefix=nginx.ingress.kubernetes.io
{{ range $k, $v := .ExtraArgs }}
- --{{ $k }}{{if ne $v "" }}={{ $v }}{{end}}
{{ end }}
{{- if eq .AlpineImage ""}}
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
runAsUser: 33
{{- end }}
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: default-http-backend
labels:
app: default-http-backend
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: default-http-backend
template:
metadata:
labels:
app: default-http-backend
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/os
operator: NotIn
values:
- windows
terminationGracePeriodSeconds: 60
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: {{.IngressBackend}}
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: ingress-nginx
labels:
app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
app: default-http-backend
`
const NginxIngressTemplateV0251Rancher1 = `
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app: ingress-nginx
data:
{{ range $k,$v := .Options }}
{{ $k }}: "{{ $v }}"
{{ end }}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
{{if eq .RBACConfig "rbac"}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses
- daemonsets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
{{ end }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
......
......@@ -36,43 +36,49 @@ const (
metricsServerv18 = "metricsserver-v1.8"
weavev18 = "weave-v1.8"
nginxIngressv18 = "nginxingress-v1.8"
weavev18 = "weave-v1.8"
nginxIngressv18 = "nginxingress-v1.8"
nginxIngressV115 = "nginxingress-v1.15"
)
func LoadK8sVersionedTemplates() map[string]map[string]string {
return map[string]map[string]string{
Calico: {
">=1.16.0-alpha": calicov116,
">=1.15.0 <1.16.0-alpha": calicov115,
">=1.13.0 <1.15.0": calicov113,
">=1.8.0 <1.13.0": calicov18,
">=1.16.0-alpha": calicov116,
">=1.15.0-rancher0 <1.16.0-alpha": calicov115,
">=1.13.0-rancher0 <1.15.0-rancher0": calicov113,
">=1.8.0-rancher0 <1.13.0-rancher0": calicov18,
},
Canal: {
">=1.16.0-alpha": canalv116,
">=1.15.0 <1.16.0-alpha": canalv115,
">=1.13.0 <1.15.0": canalv113,
">=1.8.0 <1.13.0": canalv18,
">=1.16.0-alpha": canalv116,
">=1.15.0-rancher0 <1.16.0-alpha": canalv115,
">=1.13.0-rancher0 <1.15.0-rancher0": canalv113,
">=1.8.0-rancher0 <1.13.0-rancher0": canalv18,
},
Flannel: {
">=1.16.0-alpha": flannelv116,
">=1.15.0 <1.16.0-alpha": flannelv115,
">=1.8.0 <1.15.0": flannelv18,
">=1.16.0-alpha": flannelv116,
">=1.15.0-rancher0 <1.16.0-alpha": flannelv115,
">=1.8.0-rancher0 <1.15.0-rancher0": flannelv18,
},
CoreDNS: {
">=1.8.0 <1.16.0": coreDnsv18,
">=1.8.0-rancher0 <1.16.0": coreDnsv18,
},
KubeDNS: {
">=1.8.0 <1.16.0": kubeDnsv18,
">=1.8.0-rancher0 <1.16.0": kubeDnsv18,
},
MetricsServer: {
">=1.8.0 <1.16.0": metricsServerv18,
">=1.8.0-rancher0 <1.16.0": metricsServerv18,
},
Weave: {
">=1.8.0 <1.16.0": weavev18,
">=1.8.0-rancher0 <1.16.0": weavev18,
},
NginxIngress: {
">=1.8.0 <1.16.0": nginxIngressv18,
">=1.8.0-rancher0 <1.13.10-rancher1-3": nginxIngressv18,
">=1.13.10-rancher1-3 <1.14.0-rancher0": nginxIngressV115,
">=1.14.0-rancher0 <=1.14.6-rancher1-1": nginxIngressv18,
">=1.14.6-rancher2 <1.15.0-rancher0": nginxIngressV115,
">=1.15.0-rancher0 <=1.15.3-rancher1-1": nginxIngressv18,
">=1.15.3-rancher2": nginxIngressV115,
},
TemplateKeys: getTemplates(),
}
......@@ -101,6 +107,7 @@ func getTemplates() map[string]string {
weavev18: WeaveTemplate,
nginxIngressv18: NginxIngressTemplate,
nginxIngressv18: NginxIngressTemplate,
nginxIngressV115: NginxIngressTemplateV0251Rancher1,
}
}
......@@ -105,7 +105,7 @@ github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
# github.com/prometheus/procfs v0.0.3
github.com/prometheus/procfs
github.com/prometheus/procfs/internal/fs
# github.com/rancher/kontainer-driver-metadata v0.0.0-20190823210613-624182a785ce
# github.com/rancher/kontainer-driver-metadata v0.0.0-20190826223322-3e1df77e6153
github.com/rancher/kontainer-driver-metadata/rke/templates
github.com/rancher/kontainer-driver-metadata/rke
# github.com/rancher/norman v0.0.0-20190821234528-20a936b685b0
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment