Skip to content

Commit

Permalink
Merge pull request #7163 from zalando-incubator/beta-to-stable
Browse files Browse the repository at this point in the history 
beta to stable
  • Loading branch information
@mikkeloscar
mikkeloscar authored Mar 13, 2024
2 parents f691add + af888c7 commit 0b9cf04
Show file tree
Hide file tree
Showing 14 changed files with 81 additions and 123 deletions.
9 changes: 2 additions & 7 deletions cluster/config-defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,14 +76,13 @@ skipper_ingress_hpa_scale_up_max_perc: "100"
{{if eq .Cluster.Environment "production"}}
skipper_ingress_min_replicas: "3"
skipper_ingress_max_replicas: "300"
skipper_ingress_passive_health_check_options: ""
{{else}}
skipper_ingress_min_replicas: "2"
skipper_ingress_max_replicas: "50"
skipper_ingress_passive_health_check_options: "period=10s,min-requests=10,max-drop-probability=0.9"
{{end}}
skipper_ingress_cpu: "1000m"
skipper_ingress_memory: "1500Mi"
skipper_ingress_health_check_options: "period=10s,min-requests=10,max-drop-probability=0.9"

# Enables deployment of canary version
skipper_ingress_canary_enabled: "true"
Expand Down Expand Up @@ -335,7 +334,7 @@ skipper_open_policy_agent_styra_token: ""
# - production: runs the controller
#
fabric_gateway_controller_mode: "disabled"
fabric_gateway_controller_version: "master-240"
fabric_gateway_controller_version: "master-243"
fabric_gateway_controller_cpu: "50m"
fabric_gateway_controller_memory: "150Mi"
fabric_gateway_crd_v1_enabled: "false"
Expand Down Expand Up @@ -925,10 +924,6 @@ stackset_routegroup_support_enabled: "true"
# E.g. switching from RouteGroup to Ingress or vice versa.
stackset_ingress_source_switch_ttl: "5m"

# enable/disable versioned configuration resources support for stackset
stackset_configmap_support_enabled: "true"
stackset_secret_support_enabled: "true"

# enable/disable traffic segment support for stackset
stackset_enable_traffic_segments: "false"
{{if eq .Cluster.Environment "e2e"}}
Expand Down
128 changes: 69 additions & 59 deletions cluster/manifests/01-routegroup/routegroup-crd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.14.0
name: routegroups.zalando.org
spec:
group: zalando.org
Expand Down Expand Up @@ -35,14 +34,19 @@ spec:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -56,19 +60,12 @@ spec:
description: Address is required for type `network`
type: string
algorithm:
description: Algorithm is required for type `lb`. `roundRobin`
- backend is chosen by the round robin algorithm, starting
with a random selected backend to spread across all backends
from the beginning. `random` - backend is chosen at random.
`consistentHash` - backend is chosen by [consistent hashing](https://en.wikipedia.org/wiki/Consistent_hashing)
algorithm based on the request key. The request key is derived
from `X-Forwarded-For` header or request remote IP address
as the fallback. Use [`consistentHashKey`](filters.md#consistenthashkey)
filter to set the request key. Use [`consistentHashBalanceFactor`](filters.md#consistenthashbalancefactor)
to prevent popular keys from overloading a single backend
endpoint. `powerOfRandomNChoices` - backend is chosen by selecting
N random endpoints and picking the one with least outstanding
requests from them (see http://www.eecs.harvard.edu/~michaelm/postscripts/handbook2001.pdf).
description: |-
Algorithm is required for type `lb`.
`roundRobin` - backend is chosen by the round robin algorithm, starting with a random selected backend to spread across all backends from the beginning.
`random` - backend is chosen at random.
`consistentHash` - backend is chosen by [consistent hashing](https://en.wikipedia.org/wiki/Consistent_hashing) algorithm based on the request key. The request key is derived from `X-Forwarded-For` header or request remote IP address as the fallback. Use [`consistentHashKey`](filters.md#consistenthashkey) filter to set the request key. Use [`consistentHashBalanceFactor`](filters.md#consistenthashbalancefactor) to prevent popular keys from overloading a single backend endpoint.
`powerOfRandomNChoices` - backend is chosen by selecting N random endpoints and picking the one with least outstanding requests from them (see http://www.eecs.harvard.edu/~michaelm/postscripts/handbook2001.pdf).
enum:
- roundRobin
- random
Expand All @@ -92,23 +89,14 @@ spec:
description: ServicePort is required for type `service`
type: integer
type:
description: Type of the backend. `service`- resolve Kubernetes
service to the available Endpoints belonging to the Service,
and generate load balanced routes using them. `shunt` - reply
directly from the proxy itself. This can be used to shortcut,
for example have a default that replies with 404 or use skipper
as a backend serving static content in demos. `loopback` -
lookup again the routing table to a better matching route
after processing the current route. Like this you can add
some headers or change the request path for some specific
matching requests. `dynamic` - use the backend provided by
filters. This allows skipper as library users to do proxy
calls to a certain target from their own implementation dynamically
looked up by their filters. `lb` - balance the load across
multiple network endpoints using specified algorithm. If algorithm
is not specified it will use the default algorithm set by
Skipper at start. `network` - use arbitrary HTTP or HTTPS
URL.
description: |-
Type of the backend.
`service`- resolve Kubernetes service to the available Endpoints belonging to the Service, and generate load balanced routes using them.
`shunt` - reply directly from the proxy itself. This can be used to shortcut, for example have a default that replies with 404 or use skipper as a backend serving static content in demos.
`loopback` - lookup again the routing table to a better matching route after processing the current route. Like this you can add some headers or change the request path for some specific matching requests.
`dynamic` - use the backend provided by filters. This allows skipper as library users to do proxy calls to a certain target from their own implementation dynamically looked up by their filters.
`lb` - balance the load across multiple network endpoints using specified algorithm. If algorithm is not specified it will use the default algorithm set by Skipper at start.
`network` - use arbitrary HTTP or HTTPS URL.
enum:
- service
- shunt
Expand All @@ -123,18 +111,19 @@ spec:
type: object
type: array
defaultBackends:
description: DefaultBackends is a list of default backends defined
if no explicit backend is defined for a route
description: |-
DefaultBackends is a list of default backends defined if no explicit
backend is defined for a route
items:
properties:
backendName:
description: BackendName references backend by name
type: string
weight:
description: Weight defines a portion of traffic for the referenced
backend. It equals to weight divided by the sum of all backend
weights. When all references have zero (or unspecified) weight
then traffic is split equally between them.
description: |-
Weight defines a portion of traffic for the referenced backend.
It equals to weight divided by the sum of all backend weights.
When all references have zero (or unspecified) weight then traffic is split equally between them.
minimum: 0
type: integer
required:
Expand All @@ -146,27 +135,27 @@ spec:
items:
pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?([.][a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
type: string
type: array
minItems: 1
type: array
routes:
description: Routes describe how a matching HTTP request is handled
and where it is forwarded to
items:
properties:
backends:
description: RouteGroupBackendReference specifies the list of
backendReference that should be applied to override the defaultBackends
description: |-
RouteGroupBackendReference specifies the list of backendReference that should
be applied to override the defaultBackends
items:
properties:
backendName:
description: BackendName references backend by name
type: string
weight:
description: Weight defines a portion of traffic for the
referenced backend. It equals to weight divided by the
sum of all backend weights. When all references have
zero (or unspecified) weight then traffic is split equally
between them.
description: |-
Weight defines a portion of traffic for the referenced backend.
It equals to weight divided by the sum of all backend weights.
When all references have zero (or unspecified) weight then traffic is split equally between them.
minimum: 0
type: integer
required:
Expand Down Expand Up @@ -216,6 +205,32 @@ spec:
type: object
minItems: 1
type: array
tls:
description: |-
TLS defines which Kubernetes secret will be used to terminate the connection
based on the matching hostnames
items:
properties:
hosts:
description: |-
TLS hosts specify the list of hosts included in the TLS secret.
The values in this list must match the host name(s) used for
the RouteGroup in order to terminate TLS for the host(s).
items:
pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?([.][a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
type: string
minItems: 1
type: array
secretName:
description: |-
SecretName is the name of the secret used to terminate TLS traffic.
Secret should reside in the same namespace as the RouteGroup.
type: string
required:
- hosts
- secretName
type: object
type: array
required:
- backends
# {{ if eq .Cluster.ConfigItems.skipper_ingress_routegroup_crd_require_hosts "true" }}
Expand All @@ -225,7 +240,8 @@ spec:
status:
properties:
loadBalancer:
description: LoadBalancer is similar to ingress status, such that
description: |-
LoadBalancer is similar to ingress status, such that
external-dns has the same style as in ingress
properties:
routegroup:
Expand Down Expand Up @@ -255,9 +271,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
2 changes: 1 addition & 1 deletion cluster/manifests/cluster-lifecycle-controller/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ spec:
operator: Exists
containers:
- name: cluster-lifecycle-controller
image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-35
image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-36
args:
- --drain-grace-period={{.Cluster.ConfigItems.drain_grace_period}}
- --drain-min-pod-lifetime={{.Cluster.ConfigItems.drain_min_pod_lifetime}}
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/coredns-local/daemonset-coredns.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ spec:
containers:
{{ if eq .Cluster.ConfigItems.dns_cache "unbound" }}
- name: unbound
image: container-registry.zalando.net/teapot/unbound:1.19.1-master-8
image: container-registry.zalando.net/teapot/unbound:1.19.2-master-9
args:
- -d
- -c
Expand Down
29 changes: 1 addition & 28 deletions cluster/manifests/deletions.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,35 +1,8 @@
# everything defined under here will be deleted before applying the manifests
pre_apply:
- name: cronjob-monitor
namespace: kube-system
kind: Deployment

# TODO: remove after rollout
- kind: CronJob
name: secret-combiner
namespace: kube-system
- kind: RoleBinding
name: secret-combiner
namespace: kube-system
- kind: Role
name: secret-combiner
namespace: kube-system
- kind: ServiceAccount
name: secret-combiner
namespace: kube-system
pre_apply: []

# everything defined under here will be deleted after applying the manifests
post_apply:
- name: cronjob-monitor
namespace: kube-system
kind: VerticalPodAutoscaler
- name: cronjob-monitor
kind: ClusterRole
- name: cronjob-monitor
kind: ClusterRoleBinding
- name: cronjob-monitor
namespace: kube-system
kind: ServiceAccount
{{ if eq .Cluster.ConfigItems.teapot_admission_controller_process_resources "true" }}
- name: limits
namespace: default
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/flannel/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ spec:
failureThreshold: 30
periodSeconds: 10
- name: kube-flannel
image: container-registry.zalando.net/teapot/flannel:v0.24.1-master-20
image: container-registry.zalando.net/teapot/flannel:v0.24.3-master-21
command:
- /opt/bin/flanneld
args:
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kube-node-ready-controller/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ spec:
effect: NoSchedule
containers:
- name: controller
image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-21
image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-22
resources:
requests:
cpu: {{.Cluster.ConfigItems.kube_node_ready_controller_cpu}}
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kube-node-ready/daemonset.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ $version := "master-29" }}
{{ $version := "master-30" }}

apiVersion: apps/v1
kind: DaemonSet
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/skipper/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ $internal_version := "v0.21.4-831" }}
{{ $internal_version := "v0.21.19-847" }}
{{ $canary_internal_version := "v0.21.19-847" }}

{{/* Optional canary arguments separated by "[cf724afc]" to allow whitespaces, e.g. "-foo=has a whitespace[cf724afc]-baz=qux" */}}
Expand Down Expand Up @@ -301,8 +301,8 @@ spec:
{{ if .Cluster.ConfigItems.skipper_ingress_inline_routes }}
- "-inline-routes={{ .Cluster.ConfigItems.skipper_ingress_inline_routes }}"
{{ end }}
{{ if and (.Cluster.ConfigItems.skipper_ingress_passive_health_check_options) (eq .name "skipper-ingress-canary") }}
- "-passive-health-check={{ .Cluster.ConfigItems.skipper_ingress_passive_health_check_options }}"
{{ if and (.Cluster.ConfigItems.skipper_ingress_health_check_options) (eq .name "skipper-ingress-canary") }}
- "-passive-health-check={{ .Cluster.ConfigItems.skipper_ingress_health_check_options }}"
{{ end }}
{{ if .Cluster.ConfigItems.skipper_ingress_refuse_payload }}
{{ range $pattern := split .Cluster.ConfigItems.skipper_ingress_refuse_payload "[cf724afc]" }}
Expand Down
6 changes: 0 additions & 6 deletions cluster/manifests/stackset-controller/01-stack-crd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -349,7 +349,6 @@ spec:
- maxReplicas
- metrics
type: object
{{- if or (eq .Cluster.ConfigItems.stackset_configmap_support_enabled "true") (eq .Cluster.ConfigItems.stackset_secret_support_enabled "true") }}
configurationResources:
description: ConfigurationResources describes the ConfigMaps that
will be created. Later Secrets and PlatformCredentialSets will also
Expand All @@ -358,7 +357,6 @@ spec:
description: ConfigurationResourcesSpec makes it possible to defined
the config resources to be created
properties:
{{- if eq .Cluster.ConfigItems.stackset_configmap_support_enabled "true" }}
configMapRef:
description: ConfigMap to be owned by Stack
properties:
Expand All @@ -367,8 +365,6 @@ spec:
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
{{ end }}
{{- if eq .Cluster.ConfigItems.stackset_secret_support_enabled "true" }}
secretRef:
description: Secret to be owned by Stack
properties:
Expand All @@ -377,10 +373,8 @@ spec:
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
{{ end }}
type: object
type: array
{{ end }}
externalIngress:
description: Stack specific ExternalIngress, based on the parent StackSet
at creation time.
Expand Down
Loading

0 comments on commit 0b9cf04

Please sign in to comment.