Merge "Update coredns from upstream manifest and to 1.3.1"

This commit is contained in:
Zuul 2019-04-23 08:08:02 +00:00 committed by Gerrit Code Review
commit 2362f32c08
11 changed files with 106 additions and 18 deletions

View File

@ -326,6 +326,8 @@ the table are linked to more details elsewhere in the user guide.
+---------------------------------------+--------------------+---------------+
| `etcd_tag`_ | see below | see below |
+---------------------------------------+--------------------+---------------+
| `coredns_tag`_ | see below | see below |
+---------------------------------------+--------------------+---------------+
| `flannel_tag`_ | see below | see below |
+---------------------------------------+--------------------+---------------+
| `flannel_cni_tag`_ | see below | see below |
@ -1119,7 +1121,7 @@ _`container_infra_prefix`
Images that must be mirrored:
* docker.io/coredns/coredns:1.3.0
* docker.io/coredns/coredns:1.3.1
* docker.io/openstackmagnum/etcd
* docker.io/openstackmagnum/flannel
* docker.io/openstackmagnum/kubernetes-apiserver
@ -1172,6 +1174,13 @@ _`etcd_tag`
If unset, the current Magnum version's a default etcd version.
For queens, v3.2.7
_`coredns_tag`
This label allows users to select `a specific coredns version,
based on its container tag
<https://hub.docker.com/r/coredns/coredns/tags/>`_.
If unset, the current Magnum version's a default etcd version.
For stein, 1.3.1
_`flannel_tag`
This label allows users to select `a specific flannel version,
based on its container tag:

View File

@ -19,7 +19,7 @@ metadata:
name: coredns
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
@ -36,8 +36,14 @@ rules:
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
@ -67,44 +73,64 @@ data:
health
kubernetes ${DNS_CLUSTER_DOMAIN} ${PORTAL_NETWORK_CIDR} ${PODS_NETWORK_CIDR} {
pods verified
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
---
apiVersion: extensions/v1beta1
apiVersion: apps/v1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
k8s-app: kube-dns
kubernetes.io/name: "CoreDNS"
spec:
replicas: 1
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
k8s-app: coredns
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: coredns
k8s-app: kube-dns
spec:
priorityClassName: system-cluster-critical
serviceAccountName: coredns
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
nodeSelector:
beta.kubernetes.io/os: linux
containers:
- name: coredns
image: ${_dns_prefix}coredns:1.3.0
image: ${_dns_prefix}coredns:${COREDNS_TAG}
imagePullPolicy: IfNotPresent
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
readOnly: true
- name: tmp
mountPath: /tmp
ports:
- containerPort: 53
name: dns
@ -115,6 +141,14 @@ spec:
- containerPort: 9153
name: metrics
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
livenessProbe:
httpGet:
path: /health
@ -124,8 +158,15 @@ spec:
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
dnsPolicy: Default
volumes:
- name: tmp
emptyDir: {}
- name: config-volume
configMap:
name: coredns
@ -138,13 +179,16 @@ kind: Service
metadata:
name: kube-dns
namespace: kube-system
annotations:
prometheus.io/port: "9153"
prometheus.io/scrape: "true"
labels:
k8s-app: coredns
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: coredns
k8s-app: kube-dns
clusterIP: ${DNS_SERVICE_IP}
ports:
- name: dns

View File

@ -47,6 +47,7 @@ write_files:
CLOUD_PROVIDER_TAG="$CLOUD_PROVIDER_TAG"
CLOUD_PROVIDER_ENABLED="$CLOUD_PROVIDER_ENABLED"
ETCD_TAG="$ETCD_TAG"
COREDNS_TAG="$COREDNS_TAG"
FLANNEL_TAG="$FLANNEL_TAG"
FLANNEL_CNI_TAG="$FLANNEL_CNI_TAG"
KUBE_VERSION="$KUBE_VERSION"

View File

@ -126,7 +126,8 @@ class CoreOSK8sTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
extra_params["pods_network_cidr"] = \
cluster.labels.get('calico_ipv4pool', '192.168.0.0/16')
label_list = ['kube_tag', 'container_infra_prefix',
label_list = ['coredns_tag',
'kube_tag', 'container_infra_prefix',
'availability_zone',
'calico_tag', 'calico_cni_tag',
'calico_kube_controllers_tag', 'calico_ipv4pool',

View File

@ -115,8 +115,10 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
'"cinder" volume driver needs "cloud_provider_enabled" label '
'to be true or unset.'))
label_list = ['kube_tag', 'container_infra_prefix',
'availability_zone', 'cgroup_driver',
label_list = ['coredns_tag',
'kube_tag', 'container_infra_prefix',
'availability_zone',
'cgroup_driver',
'calico_tag', 'calico_cni_tag',
'calico_kube_controllers_tag', 'calico_ipv4pool',
'etcd_tag', 'flannel_tag', 'flannel_cni_tag',

View File

@ -330,6 +330,11 @@ parameters:
description: tag of the etcd system container
default: v3.2.7
coredns_tag:
type: string
description: tag for coredns
default: 1.3.1
flannel_tag:
type: string
description: tag of the flannel system containers
@ -681,6 +686,7 @@ resources:
kube_tag: {get_param: kube_tag}
kube_version: {get_param: kube_version}
etcd_tag: {get_param: etcd_tag}
coredns_tag: {get_param: coredns_tag}
kube_dashboard_version: {get_param: kube_dashboard_version}
trustee_user_id: {get_param: trustee_user_id}
trustee_password: {get_param: trustee_password}

View File

@ -219,6 +219,10 @@ parameters:
type: string
description: tag of the etcd system container
coredns_tag:
type: string
description: tag for coredns
kube_version:
type: string
description: version of kubernetes used for kubernetes cluster

View File

@ -351,6 +351,11 @@ parameters:
description: tag of the etcd system container
default: v3.2.7
coredns_tag:
type: string
description: tag for coredns
default: 1.3.1
flannel_tag:
type: string
description: tag of the flannel container
@ -850,6 +855,7 @@ resources:
cloud_provider_enabled: {get_param: cloud_provider_enabled}
kube_version: {get_param: kube_version}
etcd_tag: {get_param: etcd_tag}
coredns_tag: {get_param: coredns_tag}
flannel_tag: {get_param: flannel_tag}
flannel_cni_tag: {get_param: flannel_cni_tag}
kube_dashboard_version: {get_param: kube_dashboard_version}

View File

@ -239,6 +239,10 @@ parameters:
type: string
description: tag of the etcd system container
coredns_tag:
type: string
description: tag of the coredns container
flannel_tag:
type: string
description: tag of the flannel system containers
@ -551,6 +555,7 @@ resources:
"$CLOUD_PROVIDER_TAG": {get_param: cloud_provider_tag}
"$CLOUD_PROVIDER_ENABLED": {get_param: cloud_provider_enabled}
"$ETCD_TAG": {get_param: etcd_tag}
"$COREDNS_TAG": {get_param: coredns_tag}
"$FLANNEL_TAG": {get_param: flannel_tag}
"$FLANNEL_CNI_TAG": {get_param: flannel_cni_tag}
"$KUBE_VERSION": {get_param: kube_version}

View File

@ -452,6 +452,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
'etcd_volume_size')
kube_tag = mock_cluster.labels.get('kube_tag')
etcd_tag = mock_cluster.labels.get('etcd_tag')
coredns_tag = mock_cluster.labels.get('coredns_tag')
flannel_tag = mock_cluster.labels.get('flannel_tag')
flannel_cni_tag = mock_cluster.labels.get('flannel_cni_tag')
container_infra_prefix = mock_cluster.labels.get(
@ -559,6 +560,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
'region_name': mock_osc.cinder_region_name.return_value,
'kube_tag': kube_tag,
'etcd_tag': etcd_tag,
'coredns_tag': coredns_tag,
'flannel_tag': flannel_tag,
'flannel_cni_tag': flannel_cni_tag,
'container_infra_prefix': container_infra_prefix,
@ -845,6 +847,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
'etcd_volume_size')
kube_tag = mock_cluster.labels.get('kube_tag')
etcd_tag = mock_cluster.labels.get('etcd_tag')
coredns_tag = mock_cluster.labels.get('coredns_tag')
flannel_tag = mock_cluster.labels.get('flannel_tag')
flannel_cni_tag = mock_cluster.labels.get('flannel_cni_tag')
container_infra_prefix = mock_cluster.labels.get(
@ -954,6 +957,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
'kubernetes_port': 8080,
'kube_tag': kube_tag,
'etcd_tag': etcd_tag,
'coredns_tag': coredns_tag,
'flannel_tag': flannel_tag,
'flannel_cni_tag': flannel_cni_tag,
'container_infra_prefix': container_infra_prefix,

View File

@ -0,0 +1,6 @@
---
features:
- |
Add coredns_tag label to control the tag of the coredns container in
k8s_fedora_atomic. Taken from https://hub.docker.com/r/coredns/coredns/tags/
Since stein default to 1.3.1