diff --git a/charts/etcd/templates/etc/_kubernetes-etcd.yaml.tpl b/charts/etcd/templates/etc/_kubernetes-etcd.yaml.tpl index c4850bc1..4b09aab1 100644 --- a/charts/etcd/templates/etc/_kubernetes-etcd.yaml.tpl +++ b/charts/etcd/templates/etc/_kubernetes-etcd.yaml.tpl @@ -16,24 +16,16 @@ {{- $envAll := . }} {{- define "etcdreadinessProbeTemplate" }} -exec: - command: - - /bin/sh - - -c - - |- - export ETCDCTL_ENDPOINTS=https://$POD_IP:{{ .Values.network.service_client.target_port }} - etcdctl endpoint health - exit $? + httpGet: + path: /readyz + port: {{ .Values.network.service_client.target_port }} + scheme: HTTPS {{- end }} {{- define "etcdlivenessProbeTemplate" }} -exec: - command: - - /bin/sh - - -c - - |- - export ETCDCTL_ENDPOINTS=https://$POD_IP:{{ .Values.network.service_client.target_port }} - etcdctl endpoint status - exit $? + httpGet: + path: /livez + port: {{ .Values.network.service_client.target_port }} + scheme: HTTPS {{- end }} # Strip off "etcd" from service name to get the application name # Note that application can either be kubernetes or calico for now @@ -125,8 +117,6 @@ spec: - name: MANIFEST_PATH value: /manifests/{{ .Values.service.name }}.yaml {{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.pod.env.etcd | indent 8 }} -{{ dict "envAll" $envAll "component" "etcd" "container" "etcd" "type" "readiness" "probeTemplate" (include "etcdreadinessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 6 }} -{{ dict "envAll" $envAll "component" "etcd" "container" "etcd" "type" "liveness" "probeTemplate" (include "etcdlivenessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 6 }} volumeMounts: - name: data mountPath: /var/lib/etcd diff --git a/charts/etcd/values.yaml b/charts/etcd/values.yaml index 13f68342..2bbede89 100644 --- a/charts/etcd/values.yaml +++ b/charts/etcd/values.yaml @@ -14,9 +14,9 @@ images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 - etcdctl_backup: "quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal" + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal + etcdctl_backup: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic pull_policy: "IfNotPresent" diff --git a/doc/source/configuration/genesis.rst b/doc/source/configuration/genesis.rst index 3544640a..122f49bb 100644 --- a/doc/source/configuration/genesis.rst +++ b/doc/source/configuration/genesis.rst @@ -45,7 +45,7 @@ Here is a complete sample document: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/examples/basic/Genesis.yaml b/examples/basic/Genesis.yaml index 7aa260ec..59dc3f9f 100644 --- a/examples/basic/Genesis.yaml +++ b/examples/basic/Genesis.yaml @@ -49,7 +49,8 @@ data: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/examples/basic/armada-resources.yaml b/examples/basic/armada-resources.yaml index c9de117d..2ccd030c 100644 --- a/examples/basic/armada-resources.yaml +++ b/examples/basic/armada-resources.yaml @@ -363,8 +363,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: @@ -519,7 +519,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.5.6 + calico_etcd: quay.io/coreos/etcd:v3.5.11 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -1071,8 +1071,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: diff --git a/examples/complete/Genesis.yaml b/examples/complete/Genesis.yaml index 8f1f601c..259ae0a6 100644 --- a/examples/complete/Genesis.yaml +++ b/examples/complete/Genesis.yaml @@ -38,7 +38,8 @@ data: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/examples/complete/armada-resources.yaml b/examples/complete/armada-resources.yaml index 07f310f7..06c8d16b 100644 --- a/examples/complete/armada-resources.yaml +++ b/examples/complete/armada-resources.yaml @@ -400,8 +400,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: @@ -540,7 +540,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.5.6 + calico_etcd: quay.io/coreos/etcd:v3.5.11 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -1082,8 +1082,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: diff --git a/examples/containerd/Genesis.yaml b/examples/containerd/Genesis.yaml index e6ebcdf1..4e3a3831 100644 --- a/examples/containerd/Genesis.yaml +++ b/examples/containerd/Genesis.yaml @@ -49,7 +49,8 @@ data: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/examples/containerd/armada-resources.yaml b/examples/containerd/armada-resources.yaml index 89c241cf..9c835ea3 100644 --- a/examples/containerd/armada-resources.yaml +++ b/examples/containerd/armada-resources.yaml @@ -276,8 +276,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: @@ -413,7 +413,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.5.6 + calico_etcd: quay.io/coreos/etcd:v3.5.11 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -883,8 +883,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: diff --git a/examples/gate/Genesis.yaml b/examples/gate/Genesis.yaml index e6ebcdf1..4e3a3831 100644 --- a/examples/gate/Genesis.yaml +++ b/examples/gate/Genesis.yaml @@ -49,7 +49,8 @@ data: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/examples/gate/armada-resources.yaml b/examples/gate/armada-resources.yaml index ed71d90e..e222aba3 100644 --- a/examples/gate/armada-resources.yaml +++ b/examples/gate/armada-resources.yaml @@ -282,8 +282,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: @@ -419,7 +419,7 @@ data: images: tags: - calico_etcd: quay.io/coreos/etcd:v3.5.6 + calico_etcd: quay.io/coreos/etcd:v3.5.11 calico_node: quay.io/calico/node:v3.4.0 calico_cni: quay.io/calico/cni:v3.4.0 calico_ctl: quay.io/calico/ctl:v3.4.0 @@ -889,8 +889,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: diff --git a/promenade/schemas/Genesis.yaml b/promenade/schemas/Genesis.yaml index 1731945f..ecd0de28 100644 --- a/promenade/schemas/Genesis.yaml +++ b/promenade/schemas/Genesis.yaml @@ -168,12 +168,15 @@ data: $ref: '#/definitions/image' etcd: $ref: '#/definitions/image' + etcdctl: + $ref: '#/definitions/image' scheduler: $ref: '#/definitions/image' required: - apiserver - controller-manager - etcd + - etcdctl - scheduler additionalProperties: false required: diff --git a/promenade/templates/roles/genesis/etc/kubernetes/manifests/auxiliary-kubernetes-etcd.yaml b/promenade/templates/roles/genesis/etc/kubernetes/manifests/auxiliary-kubernetes-etcd.yaml index 1d967c13..6ee6e770 100644 --- a/promenade/templates/roles/genesis/etc/kubernetes/manifests/auxiliary-kubernetes-etcd.yaml +++ b/promenade/templates/roles/genesis/etc/kubernetes/manifests/auxiliary-kubernetes-etcd.yaml @@ -20,7 +20,7 @@ spec: {%- endwith %} - name: monitor - image: {{ config['Genesis:images.kubernetes.etcd'] }} + image: {{ config['Genesis:images.kubernetes.etcdctl'] }} command: - /bin/sh - -c diff --git a/tests/unit/api/test_validatedesign.py b/tests/unit/api/test_validatedesign.py index 703e042f..b96567f7 100644 --- a/tests/unit/api/test_validatedesign.py +++ b/tests/unit/api/test_validatedesign.py @@ -107,7 +107,7 @@ VALID_DOCS = [ 'registry.k8s.io/kube-apiserver-amd64:v1.29.0', 'controller-manager': 'registry.k8s.io/kube-controller-manager-amd64:v1.29.0', - 'etcd': 'quay.io/coreos/etcd:v3.5.6', + 'etcd': 'quay.io/coreos/etcd:v3.5.11', 'scheduler': 'registry.k8s.io/kube-scheduler-amd64:v1.29.0' } }, diff --git a/tests/unit/builder_data/simple/Genesis.yaml b/tests/unit/builder_data/simple/Genesis.yaml index e276d410..0d5618ce 100644 --- a/tests/unit/builder_data/simple/Genesis.yaml +++ b/tests/unit/builder_data/simple/Genesis.yaml @@ -35,7 +35,8 @@ data: kubernetes: apiserver: registry.k8s.io/kube-apiserver-amd64:v1.29.0 controller-manager: registry.k8s.io/kube-controller-manager-amd64:v1.29.0 - etcd: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal scheduler: registry.k8s.io/kube-scheduler-amd64:v1.29.0 files: - path: /var/lib/anchor/calico-etcd-bootstrap diff --git a/tests/unit/builder_data/simple/armada-resources.yaml b/tests/unit/builder_data/simple/armada-resources.yaml index 518a0969..233fa63b 100644 --- a/tests/unit/builder_data/simple/armada-resources.yaml +++ b/tests/unit/builder_data/simple/armada-resources.yaml @@ -303,8 +303,8 @@ data: filename: calico-etcd-bootstrap images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: @@ -923,8 +923,8 @@ data: host_etc_path: /etc/etcd/kubernetes images: tags: - etcd: quay.io/coreos/etcd:v3.5.6 - etcdctl: quay.io/coreos/etcd:v3.5.6 + etcd: quay.io/coreos/etcd:v3.5.11 + etcdctl: quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal nodes: - name: n0 tls: diff --git a/tools/gate/config-templates/bootstrap-armada-config.yaml b/tools/gate/config-templates/bootstrap-armada-config.yaml index 431870cd..82868de5 100644 --- a/tools/gate/config-templates/bootstrap-armada-config.yaml +++ b/tools/gate/config-templates/bootstrap-armada-config.yaml @@ -329,7 +329,7 @@ data: images: tags: etcd: ${IMAGE_ETCD} - etcdctl: ${IMAGE_ETCD} + etcdctl: ${IMAGE_ETCDCTL} nodes: - name: ${GENESIS_HOSTNAME} tls: @@ -965,7 +965,7 @@ data: images: tags: etcd: ${IMAGE_ETCD} - etcdctl: ${IMAGE_ETCD} + etcdctl: ${IMAGE_ETCDCTL} nodes: - name: ${GENESIS_HOSTNAME} tls: diff --git a/tools/gate/config-templates/genesis-config.yaml b/tools/gate/config-templates/genesis-config.yaml index 8d7f93a7..e42fee13 100644 --- a/tools/gate/config-templates/genesis-config.yaml +++ b/tools/gate/config-templates/genesis-config.yaml @@ -35,6 +35,7 @@ data: apiserver: ${IMAGE_APISERVER} controller-manager: ${IMAGE_CONTROLLER_MANAGER} etcd: ${IMAGE_ETCD} + etcdctl: ${IMAGE_ETCDCTL} scheduler: ${IMAGE_SCHEDULER} enable_operator: false files: diff --git a/tools/gate/default-config-env b/tools/gate/default-config-env index 62c66d88..6f58c5ac 100644 --- a/tools/gate/default-config-env +++ b/tools/gate/default-config-env @@ -6,7 +6,8 @@ IMAGE_CALICO_KUBE_CONTROLLERS=quay.io/calico/kube-controllers:v3.4.0 IMAGE_CALICO_NODE=quay.io/calico/node:v3.4.0 IMAGE_COREDNS=coredns/coredns:1.9.4 IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 -IMAGE_ETCD=quay.io/coreos/etcd:v3.5.6 +IMAGE_ETCD=quay.io/coreos/etcd:v3.5.11 +IMAGE_ETCDCTL=quay.io/airshipit/porthole-etcdctl-utility:latest-ubuntu_focal IMAGE_HAPROXY=haproxy:1.8.3 IMAGE_HELM=lachlanevenson/k8s-helm:v3.13.2 IMAGE_APISERVER=registry.k8s.io/kube-apiserver-amd64:v1.29.0 diff --git a/tools/registry/IMAGES b/tools/registry/IMAGES index 1b25d73b..089430c1 100644 --- a/tools/registry/IMAGES +++ b/tools/registry/IMAGES @@ -12,4 +12,4 @@ quay.io/calico/cni,v3.4.0,calico-cni quay.io/calico/ctl,v3.4.0,calico-ctl quay.io/calico/kube-controllers,v3.4.0,calico-kube-controllers quay.io/calico/node,v3.4.0,calico-node -quay.io/coreos/etcd,v3.5.6,etcd +quay.io/coreos/etcd,v3.5.11,etcd diff --git a/tools/zuul/playbooks/deploy-promenade-containerd.yaml b/tools/zuul/playbooks/deploy-promenade-containerd.yaml index 27a8414b..827f4249 100644 --- a/tools/zuul/playbooks/deploy-promenade-containerd.yaml +++ b/tools/zuul/playbooks/deploy-promenade-containerd.yaml @@ -58,6 +58,16 @@ - name: List interfaces command: ip addr show + - name: "add debug ssh keys" + become: true + shell: |- + set -x + echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQ8CANhyYW88D292nWs1iU4F6KhwDO/QXOJ4AjAUKr8u+18ACvlOH0A/4bu3VajQ8/uSWwJax/cN4c1HriHSPtxabYogGqGRP55/VTybtwbF1v7r9BZVBrG/njlW/vFu04Jpv8zAMdRx/+EClwS37qMNDnSdoSe/Bd0EOB3cOVcUMF6rcWSGYuTtMgYd+WMeRiaPkpurYSXM73qZwJBwRyTcCFNugZrG/AitfPLUAp5BMjh8TAgluZs9Z6VjM3GOt1HHsidjtAFr+w1EbdrExqMqayfB+FIZ5jP94cHcCN9R6X9hdJehZzAWeDaXL6c3DRULHShJepUFYEAvuZl+USIqOEOSYKZEPhPPrnELUx9snsESriN4sxONDF2JE5h8AcPisTKm4BwTzbA1TvCLkfAdfXDJmqkci6CJ8c5u9XrBacl4znrkOIM62c2LYsvewbiLo2zLbjn4znClSM+ninEhoUDbnWNkoS5Y/d0c8Wr3U/TjnScTgZ91blOCOtbkc=" | sudo tee -a /root/.ssh/authorized_keys + args: + executable: /bin/bash + ignore_errors: True + + - name: Generate configuration files shell: | set -xe;