diff --git a/bin/release b/bin/release index 8849d7257f..5afc675dff 100755 --- a/bin/release +++ b/bin/release @@ -92,6 +92,7 @@ build() { sed -i.bak -e "s/:latest/:$VERSION/" -e "/imagePullPolicy: Always/d" ./prog/weave-kube/weave-daemonset.yaml sed -i.bak -e "s/:latest/:$VERSION/" -e "/imagePullPolicy: Always/d" ./prog/weave-kube/weave-daemonset-k8s-1.6.yaml sed -i.bak -e "s/:latest/:$VERSION/" -e "/imagePullPolicy: Always/d" ./prog/weave-kube/weave-daemonset-k8s-1.7.yaml + sed -i.bak -e "s/:latest/:$VERSION/" -e "/imagePullPolicy: Always/d" ./prog/weave-kube/weave-daemonset-k8s-1.8.yaml make SUDO=$SUDO WEAVE_VERSION=$VERSION DOCKERHUB_USER=$DOCKERHUB_USER if make tests; then @@ -181,6 +182,13 @@ draft() { --name "weave-daemonset-k8s-1.7.yaml" \ --file "./prog/weave-kube/weave-daemonset-k8s-1.7.yaml" + github-release upload \ + --user $GITHUB_USER \ + --repo weave \ + --tag $LATEST_TAG \ + --name "weave-daemonset-k8s-1.8.yaml" \ + --file "./prog/weave-kube/weave-daemonset-k8s-1.8.yaml" + echo "** Draft $TYPE $RELEASE_NAME $VERSION created at" echo -e "\thttps://github.com/$GITHUB_USER/weave/releases/$LATEST_TAG" } @@ -289,6 +297,13 @@ publish() { --name "weave-daemonset-k8s-1.7.yaml" \ --file "./prog/weave-kube/weave-daemonset-k8s-1.7.yaml" + github-release upload \ + --user $GITHUB_USER \ + --repo weave \ + --tag latest_release \ + --name "weave-daemonset-k8s-1.8.yaml" \ + --file "./prog/weave-kube/weave-daemonset-k8s-1.8.yaml" + echo "** Release $RELEASE_NAME $VERSION published at" echo -e "\thttps://github.com/$GITHUB_USER/weave/releases/$LATEST_TAG" echo -e "\thttps://github.com/$GITHUB_USER/weave/releases/latest_release" diff --git a/prog/weave-kube/weave-daemonset-k8s-1.8.yaml b/prog/weave-kube/weave-daemonset-k8s-1.8.yaml new file mode 100644 index 0000000000..87da2c8a12 --- /dev/null +++ b/prog/weave-kube/weave-daemonset-k8s-1.8.yaml @@ -0,0 +1,209 @@ +apiVersion: v1 +kind: List +items: + - apiVersion: v1 + kind: ServiceAccount + metadata: + name: weave-net + labels: + name: weave-net + namespace: kube-system + - apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: ClusterRole + metadata: + name: weave-net + labels: + name: weave-net + rules: + - apiGroups: + - '' + resources: + - pods + - namespaces + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - networkpolicies + verbs: + - get + - list + - watch + - apiGroups: + - 'networking.k8s.io' + resources: + - networkpolicies + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - nodes/status + verbs: + - patch + - update + - apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: ClusterRoleBinding + metadata: + name: weave-net + labels: + name: weave-net + roleRef: + kind: ClusterRole + name: weave-net + apiGroup: rbac.authorization.k8s.io + subjects: + - kind: ServiceAccount + name: weave-net + namespace: kube-system + - apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: weave-net + namespace: kube-system + labels: + name: weave-net + rules: + - apiGroups: + - '' + resources: + - configmaps + resourceNames: + - weave-net + verbs: + - get + - update + - apiGroups: + - '' + resources: + - configmaps + verbs: + - create + - apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: RoleBinding + metadata: + name: weave-net + namespace: kube-system + labels: + name: weave-net + roleRef: + kind: Role + name: weave-net + apiGroup: rbac.authorization.k8s.io + subjects: + - kind: ServiceAccount + name: weave-net + namespace: kube-system + - apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: weave-net + labels: + name: weave-net + namespace: kube-system + spec: + # Wait 5 seconds to let pod connect before rolling next pod + minReadySeconds: 5 + template: + metadata: + labels: + name: weave-net + spec: + containers: + - name: weave + command: + - /home/weave/launch.sh + env: + - name: HOSTNAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: 'weaveworks/weave-kube:latest' + imagePullPolicy: Always + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /status + port: 6784 + initialDelaySeconds: 30 + resources: + requests: + cpu: 10m + securityContext: + privileged: true + volumeMounts: + - name: weavedb + mountPath: /weavedb + - name: cni-bin + mountPath: /host/opt + - name: cni-bin2 + mountPath: /host/home + - name: cni-conf + mountPath: /host/etc + - name: dbus + mountPath: /host/var/lib/dbus + - name: lib-modules + mountPath: /lib/modules + - name: xtables-lock + mountPath: /run/xtables.lock + readOnly: false + - name: weave-npc + env: + - name: HOSTNAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: 'weaveworks/weave-npc:latest' + imagePullPolicy: Always +#npc-args + resources: + requests: + cpu: 10m + securityContext: + privileged: true + volumeMounts: + - name: xtables-lock + mountPath: /run/xtables.lock + readOnly: false + hostNetwork: true + hostPID: true + restartPolicy: Always + securityContext: + seLinuxOptions: {} + serviceAccountName: weave-net + tolerations: + - effect: NoSchedule + operator: Exists + volumes: + - name: weavedb + hostPath: + path: /var/lib/weave + - name: cni-bin + hostPath: + path: /opt + - name: cni-bin2 + hostPath: + path: /home + - name: cni-conf + hostPath: + path: /etc + - name: dbus + hostPath: + path: /var/lib/dbus + - name: lib-modules + hostPath: + path: /lib/modules + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: FileOrCreate + updateStrategy: + type: RollingUpdate diff --git a/test/840_weave_kube_3_test.sh b/test/840_weave_kube_3_test.sh index 18f1df9fa1..7ae4222453 100755 --- a/test/840_weave_kube_3_test.sh +++ b/test/840_weave_kube_3_test.sh @@ -53,7 +53,7 @@ fi sed -e "s%imagePullPolicy: Always%imagePullPolicy: Never%" \ -e "s%env:%$WEAVE_ENV_VARS%" \ -e "s%#npc-args% args:\n - '--use-legacy-netpol'%" \ - "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.7.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" + "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.8.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" sleep 5 @@ -183,7 +183,7 @@ assert_raises "! $SSH $HOST1 $KUBECTL exec $denyPodName -- curl -s -S -f -m 2 ht $SSH $HOST1 "$KUBECTL delete ds weave-net -n=kube-system" sed -e "s%imagePullPolicy: Always%imagePullPolicy: Never%" \ -e "s%env:%$WEAVE_ENV_VARS%" \ - "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.7.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" + "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.8.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" assert_raises 'wait_for_x check_all_pods_communicate pods' @@ -278,7 +278,7 @@ WEAVE_ENV_VARS="${WEAVE_ENV_VARS}\\n - name: NO_MASQ_LOCAL\\n $SSH $HOST1 "$KUBECTL delete ds weave-net -n=kube-system" sed -e "s%imagePullPolicy: Always%imagePullPolicy: Never%" \ -e "s%env:%$WEAVE_ENV_VARS%" \ - "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.7.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" + "$(dirname "$0")/../prog/weave-kube/weave-daemonset-k8s-1.8.yaml" | run_on "$HOST1" "$KUBECTL apply -n kube-system -f -" sleep 5