From 5389f643a397554eca256e634406bcd7a0844642 Mon Sep 17 00:00:00 2001 From: Yifeng Xiao Date: Mon, 15 Jan 2024 16:01:36 +0800 Subject: [PATCH] Bump vsphere-cpi version to v1.29.0 --- README.md | 3 +- charts/vsphere-cpi/Chart.yaml | 4 +- charts/vsphere-cpi/README.md | 2 +- charts/vsphere-cpi/values.yaml | 2 +- .../book/tutorials/disable-node-deletion.yaml | 2 +- releases/README.md | 6 +- .../vsphere-cloud-controller-manager.yaml | 263 ++++++++++++++++++ 7 files changed, 273 insertions(+), 9 deletions(-) create mode 100644 releases/v1.29/vsphere-cloud-controller-manager.yaml diff --git a/README.md b/README.md index 85cb04aa7..4c6e032cc 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,8 @@ Version matrix: | Kubernetes Version | vSphere Cloud Provider Release Version | Cloud Provider Branch | |--------------------|----------------------------------------|-----------------------| - | v1.28.X | v1.28.X | release-1.28 | +| v1.29.X | v1.29.X | release-1.29 | +| v1.28.X | v1.28.X | release-1.28 | | v1.27.X | v1.27.X | release-1.27 | | v1.26.X | v1.26.X | release-1.26 | | v1.25.X | v1.25.X | release-1.25 | diff --git a/charts/vsphere-cpi/Chart.yaml b/charts/vsphere-cpi/Chart.yaml index f248773c2..7f7286eec 100644 --- a/charts/vsphere-cpi/Chart.yaml +++ b/charts/vsphere-cpi/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 1.28.0 +appVersion: 1.29.0 description: A Helm chart for vSphere Cloud Provider Interface Manager (CPI) name: vsphere-cpi -version: 1.28.0 +version: 1.29.0 keywords: - vsphere - vmware diff --git a/charts/vsphere-cpi/README.md b/charts/vsphere-cpi/README.md index 32401abc0..4b64c6865 100644 --- a/charts/vsphere-cpi/README.md +++ b/charts/vsphere-cpi/README.md @@ -149,7 +149,7 @@ helm repo add vsphere-cpi https://kubernetes.github.io/cloud-provider-vsphere helm repo update # Package CPI Chart -VERSION=1.28.0 +VERSION=1.29.0 cd charts helm package vsphere-cpi --version $VERSION --app-version $VERSION diff --git a/charts/vsphere-cpi/values.yaml b/charts/vsphere-cpi/values.yaml index d8bd298e8..19e6b7220 100644 --- a/charts/vsphere-cpi/values.yaml +++ b/charts/vsphere-cpi/values.yaml @@ -55,7 +55,7 @@ serviceAccount: daemonset: annotations: {} image: gcr.io/cloud-provider-vsphere/cpi/release/manager - tag: v1.28.0 + tag: v1.29.0 pullPolicy: IfNotPresent dnsPolicy: ClusterFirst cmdline: diff --git a/docs/book/tutorials/disable-node-deletion.yaml b/docs/book/tutorials/disable-node-deletion.yaml index 036c47420..efd511fac 100644 --- a/docs/book/tutorials/disable-node-deletion.yaml +++ b/docs/book/tutorials/disable-node-deletion.yaml @@ -233,7 +233,7 @@ spec: priorityClassName: system-node-critical containers: - name: vsphere-cloud-controller-manager - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.28.0 + image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.29.0 args: - --cloud-provider=vsphere - --v=2 diff --git a/releases/README.md b/releases/README.md index 04b69dd7c..b1ea8d588 100644 --- a/releases/README.md +++ b/releases/README.md @@ -8,14 +8,14 @@ Note that YAML files from [manifests/controller-manager repo](https://github.com ## Example workflow -In this tutorial, we will be installing the latest version of cloud provider vsphere(v1.28.0) freshly. If you have an older version of CPI already installed, the steps to deploy and upgrade CPI stay the same. With our `RollingUpdate` update strategy, after you update a DaemonSet template, old DaemonSet pods will be killed, and new DaemonSet pods will be created automatically. +In this tutorial, we will be installing the latest version of cloud provider vsphere(v1.29.0) freshly. If you have an older version of CPI already installed, the steps to deploy and upgrade CPI stay the same. With our `RollingUpdate` update strategy, after you update a DaemonSet template, old DaemonSet pods will be killed, and new DaemonSet pods will be created automatically. ### Step 1: find the kubernetes major version you are using -For example, the major version of '1.28.x' is '1.28', then run: +For example, the major version of '1.29.x' is '1.29', then run: ```bash -VERSION=1.28 +VERSION=1.29 wget https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/release-$VERSION/releases/v$VERSION/vsphere-cloud-controller-manager.yaml ``` diff --git a/releases/v1.29/vsphere-cloud-controller-manager.yaml b/releases/v1.29/vsphere-cloud-controller-manager.yaml new file mode 100644 index 000000000..41cb461f8 --- /dev/null +++ b/releases/v1.29/vsphere-cloud-controller-manager.yaml @@ -0,0 +1,263 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cloud-controller-manager + labels: + vsphere-cpi-infra: service-account + component: cloud-controller-manager + namespace: kube-system +--- +apiVersion: v1 +kind: Secret +metadata: + name: vsphere-cloud-secret + labels: + vsphere-cpi-infra: secret + component: cloud-controller-manager + namespace: kube-system + # NOTE: this is just an example configuration, update with real values based on your environment +stringData: + 10.0.0.1.username: "" + 10.0.0.1.password: "" + 1.2.3.4.username: "" + 1.2.3.4.password: "" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: vsphere-cloud-config + labels: + vsphere-cpi-infra: config + component: cloud-controller-manager + namespace: kube-system +data: + # NOTE: this is just an example configuration, update with real values based on your environment + vsphere.conf: | + # Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section. + global: + port: 443 + # set insecureFlag to true if the vCenter uses a self-signed cert + insecureFlag: true + # settings for using k8s secret + secretName: vsphere-cloud-secret + secretNamespace: kube-system + + # vcenter section + vcenter: + your-vcenter-name-here: + server: 10.0.0.1 + user: use-your-vcenter-user-here + password: use-your-vcenter-password-here + datacenters: + - hrwest + - hreast + could-be-a-tenant-label: + server: 1.2.3.4 + datacenters: + - mytenantdc + secretName: cpi-engineering-secret + secretNamespace: kube-system + + # labels for regions and zones + labels: + region: k8s-region + zone: k8s-zone +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: servicecatalog.k8s.io:apiserver-authentication-reader + labels: + vsphere-cpi-infra: role-binding + component: cloud-controller-manager + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: + - apiGroup: "" + kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system + - apiGroup: "" + kind: User + name: cloud-controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: system:cloud-controller-manager + labels: + vsphere-cpi-infra: cluster-role-binding + component: cloud-controller-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:cloud-controller-manager +subjects: + - kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system + - kind: User + name: cloud-controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:cloud-controller-manager + labels: + vsphere-cpi-infra: role + component: cloud-controller-manager +rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - "*" + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch + - apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - patch + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - "coordination.k8s.io" + resources: + - leases + verbs: + - create + - get + - list + - watch + - update +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: vsphere-cloud-controller-manager + labels: + component: cloud-controller-manager + tier: control-plane + namespace: kube-system +spec: + selector: + matchLabels: + name: vsphere-cloud-controller-manager + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: vsphere-cloud-controller-manager + component: cloud-controller-manager + tier: control-plane + spec: + tolerations: + - key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + effect: NoSchedule + - key: node-role.kubernetes.io/master + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node.kubernetes.io/not-ready + effect: NoSchedule + operator: Exists + securityContext: + runAsUser: 1001 + serviceAccountName: cloud-controller-manager + priorityClassName: system-node-critical + containers: + - name: vsphere-cloud-controller-manager + image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.29.0 + args: + - --cloud-provider=vsphere + - --v=2 + - --cloud-config=/etc/cloud/vsphere.conf + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + resources: + requests: + cpu: 200m + hostNetwork: true + volumes: + - name: vsphere-config-volume + configMap: + name: vsphere-cloud-config + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists