diff --git a/deploy/complete/helm-chart/mushop/templates/cluster-issuers.yaml b/deploy/complete/helm-chart/mushop/templates/cluster-issuers.yaml index cd48dc38d..e2f76a9de 100644 --- a/deploy/complete/helm-chart/mushop/templates/cluster-issuers.yaml +++ b/deploy/complete/helm-chart/mushop/templates/cluster-issuers.yaml @@ -18,7 +18,7 @@ spec: solvers: - http01: ingress: - class: nginx + ingressClassName: nginx --- apiVersion: cert-manager.io/v1 kind: ClusterIssuer @@ -36,7 +36,7 @@ spec: solvers: - http01: ingress: - class: nginx + ingressClassName: nginx --- apiVersion: cert-manager.io/v1 kind: ClusterIssuer diff --git a/deploy/complete/helm-chart/mushop/templates/ingress-edge.yaml b/deploy/complete/helm-chart/mushop/templates/ingress-edge.yaml index ddde39e05..58302c29f 100644 --- a/deploy/complete/helm-chart/mushop/templates/ingress-edge.yaml +++ b/deploy/complete/helm-chart/mushop/templates/ingress-edge.yaml @@ -6,14 +6,14 @@ metadata: labels: {{ include "mushop.labels" . | indent 4 }} annotations: - kubernetes.io/ingress.class: nginx {{- if .Values.ingress.tls }} nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: {{ include "mushop.fullname" . }}-{{ .Values.ingress.clusterIssuer }} cert-manager.io/acme-challenge-type: http01 {{- end }} - + spec: + ingressClassName: nginx rules: {{- if .Values.ingress.hosts }} {{- range $host := .Values.ingress.hosts }} diff --git a/deploy/complete/helm-chart/mushop/templates/ingress-grafana.yaml b/deploy/complete/helm-chart/mushop/templates/ingress-grafana.yaml index ac341515a..9d942b0ec 100644 --- a/deploy/complete/helm-chart/mushop/templates/ingress-grafana.yaml +++ b/deploy/complete/helm-chart/mushop/templates/ingress-grafana.yaml @@ -20,15 +20,15 @@ metadata: labels: {{ include "mushop.labels" . | indent 4 }} annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/rewrite-target: /$2 {{- if .Values.ingress.tls }} nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: {{ include "mushop.fullname" . }}-{{ .Values.ingress.clusterIssuer }} cert-manager.io/acme-challenge-type: http01 {{- end }} - + spec: + ingressClassName: nginx rules: {{- if .Values.ingress.hosts }} {{- range $host := .Values.ingress.hosts }} diff --git a/deploy/complete/helm-chart/setup/requirements.yaml b/deploy/complete/helm-chart/setup/requirements.yaml index baa70be24..639d37f52 100644 --- a/deploy/complete/helm-chart/setup/requirements.yaml +++ b/deploy/complete/helm-chart/setup/requirements.yaml @@ -1,31 +1,31 @@ -# Copyright (c) 2019-2021 Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2019-2024 Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. # dependencies: # Prometheus - name: prometheus - version: 25.18.0 + version: 25.27.0 condition: prometheus.enabled repository: https://prometheus-community.github.io/helm-charts # Grafana - name: grafana - version: 7.3.7 + version: 8.5.1 condition: grafana.enabled repository: https://grafana.github.io/helm-charts # HPA Metrics - name: metrics-server - version: 3.12.0 + version: 3.12.1 condition: metrics-server.enabled repository: https://kubernetes-sigs.github.io/metrics-server # Ingress Controller - name: ingress-nginx - version: 4.10.0 + version: 4.11.2 condition: ingress-nginx.enabled repository: https://kubernetes.github.io/ingress-nginx # cert-manager - name: cert-manager - version: 1.14.4 + version: 1.15.3 condition: cert-manager.enabled repository: https://charts.jetstack.io # jenkins diff --git a/deploy/complete/helm-chart/setup/values.yaml b/deploy/complete/helm-chart/setup/values.yaml index fd37d7c59..ff36989f7 100644 --- a/deploy/complete/helm-chart/setup/values.yaml +++ b/deploy/complete/helm-chart/setup/values.yaml @@ -33,12 +33,16 @@ ingress-nginx: controller: metrics: enabled: true + ingressClassResource: + default: true # https://github.com/jetstack/cert-manager/blob/master/README.md # https://artifacthub.io/packages/helm/jetstack/cert-manager cert-manager: enabled: true - installCRDs: true + crds: + enabled: true + keep: false # https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md # https://artifacthub.io/packages/helm/grafana/grafana @@ -136,10 +140,10 @@ jenkins: apiVersion: networking.k8s.io/v1 metadata: annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/rewrite-target: /$2 labels: {} spec: + ingressClassName: nginx rules: - http: paths: diff --git a/deploy/complete/kubernetes/ingress/mushop-dev.yaml b/deploy/complete/kubernetes/ingress/mushop-dev.yaml index 7360c506e..7f9cb01b6 100644 --- a/deploy/complete/kubernetes/ingress/mushop-dev.yaml +++ b/deploy/complete/kubernetes/ingress/mushop-dev.yaml @@ -2,9 +2,8 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: name: mushop-dev - annotations: - kubernetes.io/ingress.class: nginx spec: + ingressClassName: nginx rules: - http: paths: diff --git a/deploy/complete/kubernetes/ingress/mushop-grafana.yaml b/deploy/complete/kubernetes/ingress/mushop-grafana.yaml index 022420ce9..f0d905d1b 100644 --- a/deploy/complete/kubernetes/ingress/mushop-grafana.yaml +++ b/deploy/complete/kubernetes/ingress/mushop-grafana.yaml @@ -1,13 +1,13 @@ -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: grafana annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/acme-challenge-type: http01 spec: + ingressClassName: nginx tls: - secretName: mushop-grafana-tls hosts: diff --git a/deploy/complete/kubernetes/ingress/mushop-issuer.yaml b/deploy/complete/kubernetes/ingress/mushop-issuer.yaml index 6cd23ddda..cefe6afb0 100644 --- a/deploy/complete/kubernetes/ingress/mushop-issuer.yaml +++ b/deploy/complete/kubernetes/ingress/mushop-issuer.yaml @@ -1,5 +1,5 @@ --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod @@ -15,9 +15,9 @@ spec: solvers: - http01: ingress: - class: nginx + ingressClassName: nginx --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging @@ -33,9 +33,9 @@ spec: solvers: - http01: ingress: - class: nginx + ingressClassName: nginx --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: selfsigned diff --git a/deploy/complete/kubernetes/ingress/mushop-prod.yaml b/deploy/complete/kubernetes/ingress/mushop-prod.yaml index 101011d05..afc0f32cd 100644 --- a/deploy/complete/kubernetes/ingress/mushop-prod.yaml +++ b/deploy/complete/kubernetes/ingress/mushop-prod.yaml @@ -1,15 +1,15 @@ -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: mushop-prod annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/acme-challenge-type: http01 spec: + ingressClassName: nginx tls: - - secretName: mushop-prod-tls + - secretName: mushop-prod-tls hosts: - mushop.ateam.cloud - insecure.mushop.ateam.cloud diff --git a/deploy/complete/kubernetes/ingress/mushop-test.yaml b/deploy/complete/kubernetes/ingress/mushop-test.yaml index c3958dedf..f98b90ae7 100644 --- a/deploy/complete/kubernetes/ingress/mushop-test.yaml +++ b/deploy/complete/kubernetes/ingress/mushop-test.yaml @@ -1,13 +1,13 @@ -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: mushop-test annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/acme-challenge-type: http01 spec: + ingressClassName: nginx tls: - secretName: mushop-test-tls hosts: diff --git a/deploy/complete/kubernetes/mushop.yaml b/deploy/complete/kubernetes/mushop.yaml index 36ecd4c1d..9dad48070 100644 --- a/deploy/complete/kubernetes/mushop.yaml +++ b/deploy/complete/kubernetes/mushop.yaml @@ -10,9 +10,8 @@ metadata: app.kubernetes.io/instance: mushop app.kubernetes.io/version: "1.0" app.kubernetes.io/managed-by: Helm - annotations: - kubernetes.io/ingress.class: nginx spec: + ingressClassName: nginx rules: # change this for user-specific ingress - host: mushop.example.com diff --git a/deploy/complete/terraform/VERSION b/deploy/complete/terraform/VERSION index a4f52a5db..0fa4ae489 100644 --- a/deploy/complete/terraform/VERSION +++ b/deploy/complete/terraform/VERSION @@ -1 +1 @@ -3.2.0 \ No newline at end of file +3.3.0 \ No newline at end of file diff --git a/deploy/complete/terraform/mushop-utilities.tf b/deploy/complete/terraform/mushop-utilities.tf index b9c15bb5d..a2150e77b 100644 --- a/deploy/complete/terraform/mushop-utilities.tf +++ b/deploy/complete/terraform/mushop-utilities.tf @@ -18,7 +18,7 @@ resource "helm_release" "prometheus" { name = "prometheus" repository = local.helm_repository.prometheus chart = "prometheus" - version = "25.18.0" + version = "25.27.0" namespace = kubernetes_namespace.cluster_utilities_namespace.id wait = false @@ -37,7 +37,7 @@ resource "helm_release" "grafana" { name = "mushop-utils-grafana" # mushop-utils included to be backwards compatible to the docs and setup chart install repository = local.helm_repository.grafana chart = "grafana" - version = "7.3.7" + version = "8.5.1" namespace = kubernetes_namespace.cluster_utilities_namespace.id wait = false @@ -97,7 +97,7 @@ resource "helm_release" "metrics_server" { name = "metrics-server" repository = local.helm_repository.metrics_server chart = "metrics-server" - version = "3.12.0" + version = "3.12.1" namespace = kubernetes_namespace.cluster_utilities_namespace.id wait = false @@ -116,7 +116,7 @@ resource "helm_release" "ingress_nginx" { name = "mushop-utils-ingress-nginx" # mushop-utils included to be backwards compatible to the docs and setup chart install repository = local.helm_repository.ingress_nginx chart = "ingress-nginx" - version = "4.10.0" + version = "4.11.2" namespace = kubernetes_namespace.cluster_utilities_namespace.id wait = true @@ -140,6 +140,11 @@ resource "helm_release" "ingress_nginx" { type = "string" } + set { + name = "controller.ingressClassResource.default" + value = true + } + timeout = 1800 # workaround to wait the node be active for other charts depends_on = [kubernetes_deployment.cluster_autoscaler_deployment] @@ -156,15 +161,20 @@ resource "helm_release" "cert_manager" { name = "cert-manager" repository = local.helm_repository.jetstack chart = "cert-manager" - version = "1.14.4" + version = "1.15.3" namespace = kubernetes_namespace.cluster_utilities_namespace.id wait = true # wait to allow the webhook be properly configured set { - name = "installCRDs" + name = "crds.enabled" value = true } + set { + name = "crds.keep" + value = false + } + set { name = "webhook.timeoutSeconds" value = "30" diff --git a/src/docs/content/disaster-recovery/setup.md b/src/docs/content/disaster-recovery/setup.md index 6f0b414fa..46ab732c0 100644 --- a/src/docs/content/disaster-recovery/setup.md +++ b/src/docs/content/disaster-recovery/setup.md @@ -167,22 +167,21 @@ A TLS secret is used for SSL termination on the ingress controller. To generate apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: mushop - annotations: - kubernetes.io/ingress.class: "nginx" + name: mushop spec: - tls: - - secretName: tls-secret - rules: - - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: edge - port: - number: 80 + ingressClassName: nginx + tls: + - secretName: tls-secret + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: edge + port: + number: 80 EOF ``` @@ -301,22 +300,21 @@ oadbConnectionSecret: oadb-connection # Name of connection secret created earlie apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: mushop - annotations: - kubernetes.io/ingress.class: "nginx" + name: mushop spec: - tls: - - secretName: tls-secret - rules: - - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: edge - port: - number: 80 + ingressClassName: nginx + tls: + - secretName: tls-secret + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: edge + port: + number: 80 EOF ```