From 55606a9cb03bfc91fd61cf25b6e4f6b88def78eb Mon Sep 17 00:00:00 2001 From: Ivan Shvedunov Date: Wed, 1 May 2019 20:14:21 -0600 Subject: [PATCH] Add support for k8s 1.14, drop k8s 1.10 and 1.11 --- .circleci/config.yml | 181 ++++++++++++---------------------- .travis.yml | 3 +- README.md | 8 +- build/buildconf.sh | 82 +++++++-------- build/genfixed.sh | 2 +- build/genvars.sh | 2 +- build/update-test-matrix.sh | 29 +++--- dind-cluster.sh | 13 +-- image/Dockerfile | 2 - image/kubeadm.conf.1.10.tmpl | 34 ------- image/kubeadm.conf.1.11.tmpl | 172 -------------------------------- image/wrapkubeadm | 85 +--------------- test.sh | 57 ++++------- test/test-net-connectivity.sh | 4 +- 14 files changed, 149 insertions(+), 525 deletions(-) delete mode 100644 image/kubeadm.conf.1.10.tmpl delete mode 100644 image/kubeadm.conf.1.11.tmpl diff --git a/.circleci/config.yml b/.circleci/config.yml index c865d00..9ba88d2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -318,7 +318,7 @@ jobs: BUILD_KUBEADM: y BUILD_HYPERKUBE: y K8S_SRC: y - K8S_SRC_VERSION: release-1.11 + K8S_SRC_VERSION: release-1.14 <<: *test_src test_src_master: @@ -399,180 +399,153 @@ jobs: # Don't remove the "#cut here#" marker below. #cut here# - test_v1.10_bridge_docker: - <<: *defaults - <<: *test - environment: - <<: *env - DIND_K8S_VERSION: v1.10 - CNI_PLUGIN: bridge - DIND_CRI: docker - - test_v1.10_bridge_containerd: - <<: *defaults - <<: *test - environment: - <<: *env - DIND_K8S_VERSION: v1.10 - CNI_PLUGIN: bridge - DIND_CRI: containerd - - test_v1.11_bridge_docker: + test_v1.12_bridge_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.11 + DIND_K8S_VERSION: v1.12 CNI_PLUGIN: bridge DIND_CRI: docker - test_v1.11_bridge_containerd: + test_v1.12_bridge_containerd: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.11 + DIND_K8S_VERSION: v1.12 CNI_PLUGIN: bridge DIND_CRI: containerd - test_v1.11_kube-router_docker: - <<: *defaults - <<: *test - environment: - <<: *env - DIND_K8S_VERSION: v1.11 - CNI_PLUGIN: kube-router - DIND_CRI: docker - - test_v1.12_bridge_docker: + test_v1.13_bridge_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.12 + DIND_K8S_VERSION: v1.13 CNI_PLUGIN: bridge DIND_CRI: docker - test_v1.12_bridge_containerd: + test_v1.13_bridge_containerd: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.12 + DIND_K8S_VERSION: v1.13 CNI_PLUGIN: bridge DIND_CRI: containerd - test_v1.13_bridge_docker: + test_v1.14_bridge_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker - test_v1.13_flannel_docker: + test_v1.14_flannel_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: flannel DIND_CRI: docker - test_v1.13_calico_docker: + test_v1.14_calico_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: calico DIND_CRI: docker - test_v1.13_calico-kdd_docker: + test_v1.14_calico-kdd_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: calico-kdd DIND_CRI: docker - test_v1.13_weave_docker: + test_v1.14_weave_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: weave DIND_CRI: docker - test_v1.13_bridge_containerd: + test_v1.14_bridge_containerd: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: containerd - test_v1.13_ptp_docker: + test_v1.14_ptp_docker: <<: *defaults <<: *test environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: ptp DIND_CRI: docker - test_multiple_clusters_v1.13_bridge_docker: + test_multiple_clusters_v1.14_bridge_docker: <<: *defaults <<: *test_multiple_clusters environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker - test_ipv4_only_v1.13_bridge_docker: + test_ipv4_only_v1.14_bridge_docker: <<: *test_ipv4_only environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker - test_ipv6_only_v1.13_bridge_docker: + test_ipv6_only_v1.14_bridge_docker: <<: *test_ipv6_only environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker - test_ipv6_only_nat64_v1.13_bridge_docker: + test_ipv6_only_nat64_v1.14_bridge_docker: <<: *test_ipv6_only environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker NAT64_V4_SUBNET_PREFIX: '10.100' - test_ipv6_only_ext_aaaa_v1.13_bridge_docker: + test_ipv6_only_ext_aaaa_v1.14_bridge_docker: <<: *test_ipv6_only environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker DIND_ALLOW_AAAA_USE: 'true' - test_dual_stack_v4_svc_net_v1.13_bridge_docker: + test_dual_stack_v4_svc_net_v1.14_bridge_docker: <<: *test_dual_stack environment: <<: *env - DIND_K8S_VERSION: v1.13 + DIND_K8S_VERSION: v1.14 CNI_PLUGIN: bridge DIND_CRI: docker SERVICE_CIDR: '10.96.0.0/12' @@ -594,140 +567,119 @@ workflows: - /^v[0-9].*/ requires: - build - - test_v1.10_bridge_docker: - filters: - tags: - only: - - /^v[0-9].*/ - requires: - - build - - test_v1.10_bridge_containerd: - filters: - tags: - only: - - /^v[0-9].*/ - requires: - - build - - test_v1.11_bridge_docker: - filters: - tags: - only: - - /^v[0-9].*/ - requires: - - build - - test_v1.11_bridge_containerd: + - test_v1.12_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.11_kube-router_docker: + - test_v1.12_bridge_containerd: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.12_bridge_docker: + - test_v1.13_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.12_bridge_containerd: + - test_v1.13_bridge_containerd: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_bridge_docker: + - test_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_flannel_docker: + - test_v1.14_flannel_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_calico_docker: + - test_v1.14_calico_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_calico-kdd_docker: + - test_v1.14_calico-kdd_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_weave_docker: + - test_v1.14_weave_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_bridge_containerd: + - test_v1.14_bridge_containerd: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_v1.13_ptp_docker: + - test_v1.14_ptp_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_multiple_clusters_v1.13_bridge_docker: + - test_multiple_clusters_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_ipv4_only_v1.13_bridge_docker: + - test_ipv4_only_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_ipv6_only_v1.13_bridge_docker: + - test_ipv6_only_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_ipv6_only_nat64_v1.13_bridge_docker: + - test_ipv6_only_nat64_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_ipv6_only_ext_aaaa_v1.13_bridge_docker: + - test_ipv6_only_ext_aaaa_v1.14_bridge_docker: filters: tags: only: - /^v[0-9].*/ requires: - build - - test_dual_stack_v4_svc_net_v1.13_bridge_docker: + - test_dual_stack_v4_svc_net_v1.14_bridge_docker: filters: tags: only: @@ -757,25 +709,22 @@ workflows: - /^v[0-9].*/ requires: - push - - test_v1.10_bridge_docker - - test_v1.10_bridge_containerd - - test_v1.11_bridge_docker - - test_v1.11_bridge_containerd - - test_v1.11_kube-router_docker - test_v1.12_bridge_docker - test_v1.12_bridge_containerd - test_v1.13_bridge_docker - - test_v1.13_flannel_docker - - test_v1.13_calico_docker - - test_v1.13_calico-kdd_docker - - test_v1.13_weave_docker - test_v1.13_bridge_containerd - - test_v1.13_ptp_docker - - test_multiple_clusters_v1.13_bridge_docker - - test_ipv4_only_v1.13_bridge_docker - - test_ipv6_only_v1.13_bridge_docker - - test_ipv6_only_nat64_v1.13_bridge_docker - - test_ipv6_only_ext_aaaa_v1.13_bridge_docker - - test_dual_stack_v4_svc_net_v1.13_bridge_docker + - test_v1.14_bridge_docker + - test_v1.14_flannel_docker + - test_v1.14_calico_docker + - test_v1.14_calico-kdd_docker + - test_v1.14_weave_docker + - test_v1.14_bridge_containerd + - test_v1.14_ptp_docker + - test_multiple_clusters_v1.14_bridge_docker + - test_ipv4_only_v1.14_bridge_docker + - test_ipv6_only_v1.14_bridge_docker + - test_ipv6_only_nat64_v1.14_bridge_docker + - test_ipv6_only_ext_aaaa_v1.14_bridge_docker + - test_dual_stack_v4_svc_net_v1.14_bridge_docker - test_src_release - test_src_master diff --git a/.travis.yml b/.travis.yml index 7809253..24b9ba8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,10 +3,9 @@ services: docker language: minimal env: - - TEST_CASE=1.10 - - TEST_CASE=1.11 - TEST_CASE=1.12 - TEST_CASE=1.13 + - TEST_CASE=1.14 before_install: - sudo apt-get -qq update diff --git a/README.md b/README.md index 6ecb769..2f80e28 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ use `kubectl` 1.13.x with `hyperkube` 1.12.x). As an alternative, you can set `DOWNLOAD_KUBECTL` to a non-empty string in your config.sh so `kubeadm-dind-cluster` will download it for you. -`kubeadm-dind-cluster` supports k8s versions 1.10.x through 1.13.x. +`kubeadm-dind-cluster` supports k8s versions 1.12.x through 1.14.x. **As of now, running `kubeadm-dind-cluster` on Docker with `btrfs` storage driver is not supported.** @@ -51,7 +51,7 @@ IPv6 and thus clusters cannot be formed using IPv6 addresses. ## Using preconfigured scripts `kubeadm-dind-cluster` currently provides preconfigured scripts for -Kubernetes versions 1.10 through 1.13 published as part of GitHub +Kubernetes versions 1.12 through 1.14 published as part of GitHub releases. Each preconfigured script is pinned to the corresponding image tag and SHA256 digest, so it will not be broken by changes in kubeadm-dind-cluster master branch. @@ -88,7 +88,7 @@ $ # remove DIND containers and volumes $ ./dind-cluster-v1.13.sh clean ``` -Replace 1.13 with 1.10 .. 1.12 to use other Kubernetes versions. +Replace 1.13 with 1.12 to use older Kubernetes versions. **Important note:** you need to do `./dind-cluster....sh clean` when you switch between Kubernetes versions (but no need to do this between rebuilds if you use `BUILD_HYPERKUBE=y` like described below). @@ -543,7 +543,7 @@ that we have IPv6 available for the test cases. Note, that while internal IPv6 is configured, external IPv6 is not available. There are two slightly different kind of tests which run for all version -starting from `v1.10`: +starting from `v1.12`: #### `TEST_K8S_VER='1.x' ./test/test-ipv6-only.sh` diff --git a/build/buildconf.sh b/build/buildconf.sh index ff3e992..2d8b66d 100644 --- a/build/buildconf.sh +++ b/build/buildconf.sh @@ -1,51 +1,41 @@ -# Version 1.10.13 -KUBEADM_URL_1_10='https://storage.googleapis.com/kubernetes-release/release/v1.10.13/bin/linux/amd64/kubeadm' -KUBEADM_SHA1_1_10=a577dd72a1a4a1a82468d9ce2375c33e9a8a5adf -HYPERKUBE_URL_1_10='https://storage.googleapis.com/kubernetes-release/release/v1.10.13/bin/linux/amd64/hyperkube' -HYPERKUBE_SHA1_1_10=bb219f362e1e542fef6563c01c6556e55338c61e -KUBECTL_LINUX_URL_1_10='https://storage.googleapis.com/kubernetes-release/release/v1.10.13/bin/linux/amd64/kubectl' -KUBECTL_LINUX_SHA1_1_10=37c46a35edbe69e28a65a872e735c154402cd4a6 -KUBECTL_DARWIN_URL_1_10='https://storage.googleapis.com/kubernetes-release/release/v1.10.13/bin/darwin/amd64/kubectl' -KUBECTL_DARWIN_SHA1_1_10=220b0dc38fd7c9a5aeb412589172020b6819e1b3 +# Version 1.12.8 +KUBEADM_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.8/bin/linux/amd64/kubeadm' +KUBEADM_SHA1_1_12=c71653be73a66109b25f92322464ae7458557415 +HYPERKUBE_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.8/bin/linux/amd64/hyperkube' +HYPERKUBE_SHA1_1_12=42f34ac1137fa9447c1a8fe4386886f1febf8e03 +KUBECTL_LINUX_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.8/bin/linux/amd64/kubectl' +KUBECTL_LINUX_SHA1_1_12=7110f444d9a0e8f74d76c3d09e108f1641696149 +KUBECTL_DARWIN_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.8/bin/darwin/amd64/kubectl' +KUBECTL_DARWIN_SHA1_1_12=cdd2169e5bbbccabf5e8f01afcb87b2381df7d2f -# Version 1.11.7 -KUBEADM_URL_1_11='https://storage.googleapis.com/kubernetes-release/release/v1.11.7/bin/linux/amd64/kubeadm' -KUBEADM_SHA1_1_11=9a98fff2414f93a93115fb8b304a6bba92e28a60 -HYPERKUBE_URL_1_11='https://storage.googleapis.com/kubernetes-release/release/v1.11.7/bin/linux/amd64/hyperkube' -HYPERKUBE_SHA1_1_11=6b027bc6d0c2070ccda0e695880145e189c82f1e -KUBECTL_LINUX_URL_1_11='https://storage.googleapis.com/kubernetes-release/release/v1.11.7/bin/linux/amd64/kubectl' -KUBECTL_LINUX_SHA1_1_11=142b72418855b985b8a89e81f17df9d5fb88f1a9 -KUBECTL_DARWIN_URL_1_11='https://storage.googleapis.com/kubernetes-release/release/v1.11.7/bin/darwin/amd64/kubectl' -KUBECTL_DARWIN_SHA1_1_11=9bd37b3eda2fae9f83cc7bcd584216f85ba17304 +# Version 1.13.5 +KUBEADM_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/linux/amd64/kubeadm' +KUBEADM_SHA1_1_13=555423deada0f55b16030aecdbcbb59fac879e4a +HYPERKUBE_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/linux/amd64/hyperkube' +HYPERKUBE_SHA1_1_13=425618bce9c3291c6a65611fc2036ab522ffd48d +KUBECTL_LINUX_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/linux/amd64/kubectl' +KUBECTL_LINUX_SHA1_1_13=0e994d77be036cf9c7965f81248292dc8a11cd8c +KUBECTL_DARWIN_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/darwin/amd64/kubectl' +KUBECTL_DARWIN_SHA1_1_13=c99d60886cb6e68cb4725a930fca0421d9ee8732 -# Version 1.12.5 -KUBEADM_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/linux/amd64/kubeadm' -KUBEADM_SHA1_1_12=c62767b492bdf98bf90ead913dfad2e94dec80f4 -HYPERKUBE_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/linux/amd64/hyperkube' -HYPERKUBE_SHA1_1_12=26ca10c97011e96e5ca55deae3bce1f829e8d194 -KUBECTL_LINUX_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/linux/amd64/kubectl' -KUBECTL_LINUX_SHA1_1_12=fe8a1096c9a9167725eeb55ade4625b1fc67c270 -KUBECTL_DARWIN_URL_1_12='https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/darwin/amd64/kubectl' -KUBECTL_DARWIN_SHA1_1_12=715663dd9f2e34f2d195bc664174b17f51094740 - -# Version 1.13.3 -KUBEADM_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.3/bin/linux/amd64/kubeadm' -KUBEADM_SHA1_1_13=a89c340c5128be555d560f6cd18b450030c08f73 -HYPERKUBE_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.3/bin/linux/amd64/hyperkube' -HYPERKUBE_SHA1_1_13=ce2fdb27fc32a06d8124b7e97cf61c21c1e2f02e -KUBECTL_LINUX_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.3/bin/linux/amd64/kubectl' -KUBECTL_LINUX_SHA1_1_13=6e332647317032e5982db98f4abf80c88c8b3de2 -KUBECTL_DARWIN_URL_1_13='https://storage.googleapis.com/kubernetes-release/release/v1.13.3/bin/darwin/amd64/kubectl' -KUBECTL_DARWIN_SHA1_1_13=45a1c5037f139af53e00a0c310bf04fa158a862e +# Version 1.14.1 +KUBEADM_URL_1_14='https://storage.googleapis.com/kubernetes-release/release/v1.14.1/bin/linux/amd64/kubeadm' +KUBEADM_SHA1_1_14=886e607321b4a7bf28d97e7833dcbfbb795d4613 +HYPERKUBE_URL_1_14='https://storage.googleapis.com/kubernetes-release/release/v1.14.1/bin/linux/amd64/hyperkube' +HYPERKUBE_SHA1_1_14=0012a3c9a0259990be1e6659fc642c80e8b90e8d +KUBECTL_LINUX_URL_1_14='https://storage.googleapis.com/kubernetes-release/release/v1.14.1/bin/linux/amd64/kubectl' +KUBECTL_LINUX_SHA1_1_14=fd57c812083d5dde4745b3216453d0e1e4ee64df +KUBECTL_DARWIN_URL_1_14='https://storage.googleapis.com/kubernetes-release/release/v1.14.1/bin/darwin/amd64/kubectl' +KUBECTL_DARWIN_SHA1_1_14=fd537d239de8e0c9b5625fe87e3e15bb8649b608 # url and sha1sum of hyperkube binary -- only used for prebuilt hyperkube -KUBEADM_URL=${KUBEADM_URL:-${KUBEADM_URL_1_13}} -KUBEADM_SHA1=${KUBEADM_SHA1:-${KUBEADM_SHA1_1_13}} -HYPERKUBE_URL=${HYPERKUBE_URL:-${HYPERKUBE_URL_1_13}} -HYPERKUBE_SHA1=${HYPERKUBE_SHA1:-${HYPERKUBE_SHA1_1_13}} -KUBECTL_LINUX_URL=${KUBECTL_LINUX_URL:-${KUBECTL_LINUX_URL_1_13}} -KUBECTL_LINUX_SHA1=${KUBECTL_LINUX_SHA1:-${KUBECTL_LINUX_SHA1_1_13}} -KUBECTL_DARWIN_URL=${KUBECTL_DARWIN_URL:-${KUBECTL_DARWIN_URL_1_13}} -KUBECTL_DARWIN_SHA1=${KUBECTL_DARWIN_SHA1:-${KUBECTL_DARWIN_SHA1_1_13}} +KUBEADM_URL=${KUBEADM_URL:-${KUBEADM_URL_1_14}} +KUBEADM_SHA1=${KUBEADM_SHA1:-${KUBEADM_SHA1_1_14}} +HYPERKUBE_URL=${HYPERKUBE_URL:-${HYPERKUBE_URL_1_14}} +HYPERKUBE_SHA1=${HYPERKUBE_SHA1:-${HYPERKUBE_SHA1_1_14}} +KUBECTL_LINUX_URL=${KUBECTL_LINUX_URL:-${KUBECTL_LINUX_URL_1_14}} +KUBECTL_LINUX_SHA1=${KUBECTL_LINUX_SHA1:-${KUBECTL_LINUX_SHA1_1_14}} +KUBECTL_DARWIN_URL=${KUBECTL_DARWIN_URL:-${KUBECTL_DARWIN_URL_1_14}} +KUBECTL_DARWIN_SHA1=${KUBECTL_DARWIN_SHA1:-${KUBECTL_DARWIN_SHA1_1_14}} -K8S_VERSIONS="1.10 1.11 1.12 1.13" +K8S_VERSIONS="1.12 1.13 1.14" diff --git a/build/genfixed.sh b/build/genfixed.sh index 4020cfe..6aacac9 100755 --- a/build/genfixed.sh +++ b/build/genfixed.sh @@ -29,7 +29,7 @@ fi fixed_dir="${DIND_ROOT}/fixed" mkdir -p "${fixed_dir}" -for tag in v1.10 v1.11 v1.12 v1.13; do +for tag in v1.12 v1.13 v1.14; do dest="${fixed_dir}/dind-cluster-${tag}.sh" commit="$(cd "${DIND_ROOT}"; git rev-parse HEAD)" image="mirantis/kubeadm-dind-cluster:${commit}-${tag}" diff --git a/build/genvars.sh b/build/genvars.sh index 7fdb570..414ff03 100755 --- a/build/genvars.sh +++ b/build/genvars.sh @@ -17,7 +17,7 @@ set -o errexit set -o nounset set -o pipefail set -o errtrace -VERSIONS=(1.10.13 1.11.7 1.12.5 1.13.3) +VERSIONS=(1.12.8 1.13.5 1.14.1) first=1 for version in ${VERSIONS[@]}; do diff --git a/build/update-test-matrix.sh b/build/update-test-matrix.sh index a8c442c..cb3af41 100755 --- a/build/update-test-matrix.sh +++ b/build/update-test-matrix.sh @@ -30,26 +30,23 @@ DIND_ROOT=$(dirname "${BASH_SOURCE}")/.. test_matrix=( # "No defaults" should be set for the tests with machine executor # Test name k8s CNI CRI No defaults - "test v1.10 " - "test v1.10 bridge containerd " - "test v1.11 " - "test v1.11 bridge containerd " - "test v1.11 kube-router " "test v1.12 " "test v1.12 bridge containerd " "test v1.13 " - "test v1.13 flannel " - "test v1.13 calico " - "test v1.13 calico-kdd " - "test v1.13 weave " "test v1.13 bridge containerd " - "test v1.13 ptp " - "test_multiple_clusters v1.13 " - "test_ipv4_only v1.13 bridge docker y" - "test_ipv6_only v1.13 bridge docker y" - "test_ipv6_only_nat64 v1.13 bridge docker y" - "test_ipv6_only_ext_aaaa v1.13 bridge docker y" - "test_dual_stack_v4_svc_net v1.13 bridge docker y" + "test v1.14 " + "test v1.14 flannel " + "test v1.14 calico " + "test v1.14 calico-kdd " + "test v1.14 weave " + "test v1.14 bridge containerd " + "test v1.14 ptp " + "test_multiple_clusters v1.14 " + "test_ipv4_only v1.14 bridge docker y" + "test_ipv6_only v1.14 bridge docker y" + "test_ipv6_only_nat64 v1.14 bridge docker y" + "test_ipv6_only_ext_aaaa v1.14 bridge docker y" + "test_dual_stack_v4_svc_net v1.14 bridge docker y" "test_src_release " "test_src_master " ) diff --git a/dind-cluster.sh b/dind-cluster.sh index e19e365..6c6a562 100755 --- a/dind-cluster.sh +++ b/dind-cluster.sh @@ -591,8 +591,8 @@ function dind::retry { "$@" } -busybox_image="busybox:1.26.2" -e2e_base_image="golang:1.10.5" +busybox_image="busybox:1.30.1" +e2e_base_image="golang:1.12.4" sys_volume_args=() build_volume_args=() @@ -1263,12 +1263,6 @@ function dind::init { kubeadm_version="$(dind::kubeadm-version)" case "${kubeadm_version}" in - 1\.9\.* | 1\.10\.*) - template="1.10" - ;; - 1\.11\.*) - template="1.11" - ;; 1\.12\.*) template="1.12" ;; @@ -1332,7 +1326,8 @@ EOF if [[ ${BUILD_KUBEADM} || ${BUILD_HYPERKUBE} ]]; then docker exec "$master_name" mount --make-shared /k8s fi - kubeadm_join_flags="$(dind::kubeadm "${container_id}" init "${init_args[@]}" --ignore-preflight-errors=all "$@" | grep -A1 'kubeadm join.*--token' | sed 's/^.*kubeadm join //; s/\\$//; N; s/\n//')" + dind::kubeadm "${container_id}" init "${init_args[@]}" --ignore-preflight-errors=all "$@" + kubeadm_join_flags="$(docker exec "${container_id}" kubeadm token create --print-join-command | sed 's/^kubeadm join //')" dind::configure-kubectl dind::start-port-forwarder } diff --git a/image/Dockerfile b/image/Dockerfile index 07f9077..3bf9f46 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -118,8 +118,6 @@ COPY start_services /usr/local/bin/ COPY rundocker /usr/local/bin COPY dindnet /usr/local/bin COPY snapshot /usr/local/bin -COPY kubeadm.conf.1.10.tmpl /etc/kubeadm.conf.1.10.tmpl -COPY kubeadm.conf.1.11.tmpl /etc/kubeadm.conf.1.11.tmpl COPY kubeadm.conf.1.12.tmpl /etc/kubeadm.conf.1.12.tmpl COPY kubeadm.conf.1.13.tmpl /etc/kubeadm.conf.1.13.tmpl COPY dind-cluster-rbd /usr/bin/rbd diff --git a/image/kubeadm.conf.1.10.tmpl b/image/kubeadm.conf.1.10.tmpl deleted file mode 100644 index 4b62ac3..0000000 --- a/image/kubeadm.conf.1.10.tmpl +++ /dev/null @@ -1,34 +0,0 @@ -# Customize this, as needed, for your situation, but keep -# the variables defined herein: -# ADV_ADDR, POD_SUBNET_DISABLE, POD_NETWORK_CIDR, KUBE_MASTER_NAME -# SVC_SUBNET, BIND_ADDR, BIND_PORT, KUBEADM_VERSION -api: - advertiseAddress: "{{ADV_ADDR}}" -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -apiServerExtraArgs: - insecure-bind-address: "{{BIND_ADDR}}" - insecure-port: "{{BIND_PORT}}" - {{COMPONENT_FEATURE_GATES}} -{{APISERVER_EXTRA_ARGS}} -apiVersion: kubeadm.k8s.io/v1alpha1 -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -controllerManagerExtraArgs: - {{COMPONENT_FEATURE_GATES}} -{{CONTROLLER_MANAGER_EXTRA_ARGS}} -featureGates: {{FEATURE_GATES}} -kind: MasterConfiguration -kubernetesVersion: "{{KUBEADM_VERSION}}" -networking: - {{POD_SUBNET_DISABLE}}podSubnet: "{{POD_NETWORK_CIDR}}" - serviceSubnet: "{{SVC_SUBNET}}" -tokenTTL: 0s -nodeName: {{KUBE_MASTER_NAME}} -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -schedulerExtraArgs: - {{COMPONENT_FEATURE_GATES}} -{{SCHEDULER_EXTRA_ARGS}} -unifiedControlPlaneImage: mirantis/hypokube:final -criSocket: "{{CRI_SOCKET}}" diff --git a/image/kubeadm.conf.1.11.tmpl b/image/kubeadm.conf.1.11.tmpl deleted file mode 100644 index 5fb7663..0000000 --- a/image/kubeadm.conf.1.11.tmpl +++ /dev/null @@ -1,172 +0,0 @@ -# Customize this, as needed, for your situation, but keep -# the variables defined herein: -# ADV_ADDR, POD_SUBNET_DISABLE, POD_NETWORK_CIDR, KUBE_MASTER_NAME -# SVC_SUBNET, BIND_ADDR, BIND_PORT, KUBEADM_VERSION -api: - advertiseAddress: "{{ADV_ADDR}}" - bindPort: 6443 - controlPlaneEndpoint: "" -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -apiServerExtraArgs: - insecure-bind-address: "{{BIND_ADDR}}" - insecure-port: "{{BIND_PORT}}" - {{COMPONENT_FEATURE_GATES}} -{{APISERVER_EXTRA_ARGS}} -apiVersion: kubeadm.k8s.io/v1alpha2 -auditPolicy: - logDir: /var/log/kubernetes/audit - logMaxAge: 2 - path: "" -bootstrapTokens: -- groups: - - system:bootstrappers:kubeadm:default-node-token - # token: ... - ttl: 0s - usages: - - signing - - authentication -certificatesDir: /etc/kubernetes/pki -# clusterName: kubernetes -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -controllerManagerExtraArgs: - {{COMPONENT_FEATURE_GATES}} -{{CONTROLLER_MANAGER_EXTRA_ARGS}} -etcd: - local: - dataDir: /var/lib/etcd - image: "" -featureGates: {{FEATURE_GATES}} -kind: MasterConfiguration -kubeProxy: - config: - bindAddress: "{{BIND_ADDR}}" - clientConnection: - acceptContentTypes: "" - burst: 10 - contentType: application/vnd.kubernetes.protobuf - kubeconfig: /var/lib/kube-proxy/kubeconfig.conf - qps: 5 - # clusterCIDR: "" - configSyncPeriod: 15m0s - # conntrack: - # max: null - # maxPerCore: 32768 - # min: 131072 - # tcpCloseWaitTimeout: 1h0m0s - # tcpEstablishedTimeout: 24h0m0s - enableProfiling: false - healthzBindAddress: 0.0.0.0:10256 - hostnameOverride: "" - iptables: - masqueradeAll: false - masqueradeBit: 14 - minSyncPeriod: 0s - syncPeriod: 30s - ipvs: - excludeCIDRs: null - minSyncPeriod: 0s - scheduler: "" - syncPeriod: 30s - metricsBindAddress: 127.0.0.1:10249 - mode: "" - nodePortAddresses: null - oomScoreAdj: -999 - portRange: "" - resourceContainer: /kube-proxy - udpIdleTimeout: 250ms -kubeletConfiguration: - baseConfig: - address: 0.0.0.0 - authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: /etc/kubernetes/pki/ca.crt - authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s - cgroupDriver: cgroupfs - cgroupsPerQOS: true - clusterDNS: - - "{{DNS_SVC_IP}}" - clusterDomain: cluster.local - containerLogMaxFiles: 5 - containerLogMaxSize: 10Mi - contentType: application/vnd.kubernetes.protobuf - cpuCFSQuota: true - cpuManagerPolicy: none - cpuManagerReconcilePeriod: 10s - enableControllerAttachDetach: true - enableDebuggingHandlers: true - enforceNodeAllocatable: - - pods - eventBurst: 10 - eventRecordQPS: 5 - evictionHard: - imagefs.available: 15% - memory.available: 100Mi - nodefs.available: 10% - nodefs.inodesFree: 5% - evictionPressureTransitionPeriod: 5m0s - failSwapOn: true - fileCheckFrequency: 20s - hairpinMode: promiscuous-bridge - healthzBindAddress: 127.0.0.1 - healthzPort: 10248 - httpCheckFrequency: 20s - imageGCHighThresholdPercent: 85 - imageGCLowThresholdPercent: 80 - imageMinimumGCAge: 2m0s - iptablesDropBit: 15 - iptablesMasqueradeBit: 14 - kubeAPIBurst: 10 - kubeAPIQPS: 5 - makeIPTablesUtilChains: true - maxOpenFiles: 1000000 - maxPods: 110 - nodeStatusUpdateFrequency: 10s - oomScoreAdj: -999 - podPidsLimit: -1 - port: 10250 - registryBurst: 10 - registryPullQPS: 5 - resolvConf: /etc/resolv.conf - rotateCertificates: true - runtimeRequestTimeout: 2m0s - serializeImagePulls: true - staticPodPath: /etc/kubernetes/manifests - streamingConnectionIdleTimeout: 4h0m0s - syncFrequency: 1m0s - volumeStatsAggPeriod: 1m0s -kubernetesVersion: "{{KUBEADM_VERSION}}" -networking: - {{POD_SUBNET_DISABLE}}podSubnet: "{{POD_NETWORK_CIDR}}" - serviceSubnet: "{{SVC_SUBNET}}" -nodeRegistration: - name: {{KUBE_MASTER_NAME}} - criSocket: "{{CRI_SOCKET}}" -# The extra indent is important here because of templating issues. -# 1.13 has extra nesting level here. -schedulerExtraArgs: - {{COMPONENT_FEATURE_GATES}} -{{SCHEDULER_EXTRA_ARGS}} -unifiedControlPlaneImage: mirantis/hypokube:final -apiServerExtraVolumes: -- name: hyperkube - hostPath: /k8s/hyperkube - mountPath: /hyperkube -controllerManagerExtraVolumes: -- name: hyperkube - hostPath: /k8s/hyperkube - mountPath: /hyperkube -schedulerExtraVolumes: -- name: hyperkube - hostPath: /k8s/hyperkube - mountPath: /hyperkube diff --git a/image/wrapkubeadm b/image/wrapkubeadm index 6246f02..0f19497 100755 --- a/image/wrapkubeadm +++ b/image/wrapkubeadm @@ -190,38 +190,11 @@ function dind::replace { awk 'BEGIN{RS="";getline<"-";print>ARGV[1]}' "${path}" } -function dind::yq { - local filter="$1" - local path="$2" - # We need to use a temp file here because if you feed an object to - # 'kubectl convert' via stdin, you'll get a List object because - # multiple input objects are implied - tmp="$(mktemp tmp-XXXXXXXXXX.json)" - # We set KUBECONFIG here because as of current k8s master kubectl convert --local - # requires k8s access. This should be fixed by # https://github.com/kubernetes/kubernetes/pull/45920 - KUBECONFIG=/etc/kubernetes/admin.conf kubectl convert -f "${path}" --local -o json 2>/dev/null | - jq "${filter}" > "${tmp}" - KUBECONFIG=/etc/kubernetes/admin.conf kubectl convert -f "${tmp}" --local -o yaml 2>/dev/null >"${path}" - rm -f "${tmp}" -} - function dind::join-filters { local IFS="|" echo "$*" } -function dind::frob-file { - local path="$1" - shift - local filter="$(dind::join-filters "$@")" - local status=0 - dind::yq "${filter}" "${path}" || status=$? - if [[ ${status} -ne 0 ]]; then - echo "Failed to frob ${path}" >&2 - return 1 - fi -} - function dind::frob-proxy-configmap { # This function modifies config.conf inside kube-proxy configmap # to apply the following settings (clusterCIDR may be different): @@ -246,11 +219,8 @@ function dind::frob-proxy-configmap { # Use a simple hack described in comments for # https://github.com/kubernetes/kubernetes/issues/30558 # to replace just one key in the configmap - # In k8s 1.10, 'kubectl create configmap --dry-run' doesn't set apiVersion - # and kind for some reason (they are required for 'kubectl apply'). kubectl create configmap \ - -n kube-system --dry-run -o json --from-file=config.conf="${conffile}" kube-proxy | - jq '.apiVersion="v1"|.kind|="ConfigMap"' | + -n kube-system --dry-run -o yaml --from-file=config.conf="${conffile}" kube-proxy | kubectl apply -f - # only remove the temp dir (inside the container) if the @@ -287,57 +257,12 @@ function dind::frob-proxy { kubectl -n kube-system delete pods --now -l "k8s-app=kube-proxy" || true } -function dind::frob-apiserver { - local -a filters=("${mount_binaries}" "${apiserver_insecure_bind_address}" "${apiserver_insecure_bind_port}") - dind::frob-file "${apiserver_static_pod}" "${filters[@]}" -} - -function dind::frob-scheduler { - dind::frob-file "${scheduler_static_pod}" "${mount_binaries}" -} - -function dind::frob-controller-manager { - dind::frob-file "${controller_manager_static_pod}" "${mount_binaries}" -} - -function dind::num-apiserver-restarts { - kubectl get pod kube-apiserver-kube-master -n kube-system -o 'jsonpath={.status.containerStatuses[0].restartCount}' -} - -function dind::wait-for-apiserver { - local docker_ip="$(ip addr show docker0 | grep -w inet | awk '{ print $2; }' | sed 's@/.*@@')" - local url="http://${docker_ip}:8080/api" - local n=180 - while ! curl -s "${url}" >&/dev/null; do - if ((--n == 0)); then - echo "Error: timed out waiting for apiserver to become available" >&2 - fi - sleep 0.5 - done -} - -function dind::frob-cluster { - # with k8s 1.10, trying to mount hyperkube into the image fails - if kubeadm version -o short | grep -q '^v1\.10\.'; then - systemctl stop kubelet - docker ps -a -q --filter=label=io.kubernetes.pod.uid | while read container_id; do - docker rm -f "${container_id}" - done - dind::frob-apiserver - dind::frob-scheduler - dind::frob-controller-manager - start_services kubelet - dind::wait-for-apiserver - fi - dind::frob-proxy -} - KUBELET_FEATURE_GATES=${KUBELET_FEATURE_GATES:-none} if [ "${KUBELET_FEATURE_GATES}" != "none" ]; then kubelet_dind_args=(--fail-swap-on=false --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --feature-gates=${KUBELET_FEATURE_GATES} ) -else +else kubelet_dind_args=(--fail-swap-on=false --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf ) fi @@ -346,10 +271,6 @@ function dind::set-kubelet-dind-args { if [[ ${#kubelet_dind_args[@]} -gt 0 ]]; then sed -i "s@KUBELET_DIND_ARGS=@KUBELET_DIND_ARGS=${kubelet_dind_args[*]}@" /lib/systemd/system/kubelet.service fi - if kubeadm version -o short | grep -q '^v1\.10\.'; then - # config is not created by kubeadm 1.10 - sed -i '/KUBELET_CONFIG_ARGS=--config/d' /lib/systemd/system/kubelet.service - fi } function dind::prepare-for-kubeadm { @@ -406,7 +327,7 @@ else dind::retry dind::do-kubeadm "$@" if [[ ${is_master} ]]; then - dind::frob-cluster + dind::frob-proxy fi fi diff --git a/test.sh b/test.sh index 4bc34d5..3ad63af 100755 --- a/test.sh +++ b/test.sh @@ -100,42 +100,6 @@ function test-cluster-src { ) } -function test-case-1.10 { - ( - export KUBEADM_URL="${KUBEADM_URL_1_10}" - export KUBEADM_SHA1="${KUBEADM_SHA1_1_10}" - export HYPERKUBE_URL="${HYPERKUBE_URL_1_10}" - export HYPERKUBE_SHA1="${HYPERKUBE_SHA1_1_10}" - export KUBECTL_LINUX_URL=${KUBECTL_LINUX_URL_1_10}" - export KUBECTL_LINUX_SHA1=${KUBECTL_LINUX_SHA1_1_10}" - export KUBECTL_DARWIN_URL=${KUBECTL_DARWIN_URL_1_10}" - export KUBECTL_DARWIN_SHA1=${KUBECTL_DARWIN_SHA1_1_10}" - if [[ ${NOBUILD} ]]; then - export DIND_K8S_VERSION=v1.10 - docker pull "${DIND_IMAGE}" - fi - test-cluster - ) -} - -function test-case-1.11 { - ( - export KUBEADM_URL="${KUBEADM_URL_1_11}" - export KUBEADM_SHA1="${KUBEADM_SHA1_1_11}" - export HYPERKUBE_URL="${HYPERKUBE_URL_1_11}" - export HYPERKUBE_SHA1="${HYPERKUBE_SHA1_1_11}" - export KUBECTL_LINUX_URL=${KUBECTL_LINUX_URL_1_11}" - export KUBECTL_LINUX_SHA1=${KUBECTL_LINUX_SHA1_1_11}" - export KUBECTL_DARWIN_URL=${KUBECTL_DARWIN_URL_1_11}" - export KUBECTL_DARWIN_SHA1=${KUBECTL_DARWIN_SHA1_1_11}" - if [[ ${NOBUILD} ]]; then - export DIND_K8S_VERSION=v1.11 - docker pull "${DIND_IMAGE}" - fi - test-cluster - ) -} - function test-case-1.12 { ( export KUBEADM_URL="${KUBEADM_URL_1_12}" @@ -172,6 +136,24 @@ function test-case-1.13 { ) } +function test-case-1.14 { + ( + export KUBEADM_URL="${KUBEADM_URL_1_14}" + export KUBEADM_SHA1="${KUBEADM_SHA1_1_14}" + export HYPERKUBE_URL="${HYPERKUBE_URL_1_14}" + export HYPERKUBE_SHA1="${HYPERKUBE_SHA1_1_14}" + export KUBECTL_LINUX_URL=${KUBECTL_LINUX_URL_1_14}" + export KUBECTL_LINUX_SHA1=${KUBECTL_LINUX_SHA1_1_14}" + export KUBECTL_DARWIN_URL=${KUBECTL_DARWIN_URL_1_14}" + export KUBECTL_DARWIN_SHA1=${KUBECTL_DARWIN_SHA1_1_14}" + if [[ ${NOBUILD} ]]; then + export DIND_K8S_VERSION=v1.14 + docker pull "${DIND_IMAGE}" + fi + test-cluster + ) +} + function test-case-src-master { test-cluster-src master } @@ -203,10 +185,9 @@ function fail() { } if [[ ! ${TEST_CASE} ]]; then - test-case-1.10 - test-case-1.11 test-case-1.12 test-case-1.13 + test-case-1.14 # test-case-src-master test-case-dump-succeeds test-case-restore diff --git a/test/test-net-connectivity.sh b/test/test-net-connectivity.sh index 06361da..27fabce 100755 --- a/test/test-net-connectivity.sh +++ b/test/test-net-connectivity.sh @@ -24,8 +24,8 @@ set -o errtrace function setup-test() { export IP_MODE="${IP_MODE:-ipv6}" - # set TEST_K8S_VER to something specific, by default testing v1.11 for now - local v="${TEST_K8S_VER:-v1.13}" + # set TEST_K8S_VER to something specific, by default testing v1.14 for now + local v="${TEST_K8S_VER:-v1.14}" export LOCAL_KUBECTL_VERSION="$v" export DIND_K8S_VERSION="${v}" if [[ -z ${DIND_SKIP_PULL+x} ]]; then