Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

beta to stable #7163

Merged
merged 30 commits into from
Mar 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
b7eed9c
Cleanup deletions
AlexanderYastrebov Mar 5, 2024
c42d78f
Update skipper version, step 2/2
Mar 6, 2024
9059507
drop config items for configuration resources
linki Mar 7, 2024
2f785ee
routegroup: update CRD
AlexanderYastrebov Mar 11, 2024
bb7d001
Update to flannel v0.24.3
mikkeloscar Mar 11, 2024
b3fcd69
Update admission-controller to Kubernetes v1.26.14
mikkeloscar Mar 11, 2024
d3f89e8
Update kube-node-ready dependencies
mikkeloscar Mar 11, 2024
c79fd7a
Update CLC to kubernetes v1.26.14
mikkeloscar Mar 11, 2024
c42c1a5
Update kube-node-ready-controller to Kubernetes v1.26.14
mikkeloscar Mar 11, 2024
8164f35
Update unbound to v1.19.2
mikkeloscar Mar 11, 2024
8d38661
fabric: update version to master-243
AlexanderYastrebov Mar 11, 2024
ec79ba6
Merge pull request #7144 from zalando-incubator/routegroup/update-crd
AlexanderYastrebov Mar 11, 2024
d1694ad
Merge dev to dev-to-alpha
zalando-teapot-robot Mar 11, 2024
802e356
Merge pull request #7123 from zalando-incubator/cleanup-deletions
AlexanderYastrebov Mar 12, 2024
a97fc0a
Merge dev to dev-to-alpha
zalando-teapot-robot Mar 12, 2024
dda83ef
Merge pull request #7146 from zalando-incubator/fabric/update-master-242
AlexanderYastrebov Mar 12, 2024
8238386
Merge pull request #7128 from zalando-incubator/skipper/update-main-f…
RomanZavodskikh Mar 12, 2024
d2cc359
Rename config items for skipper health check
Mar 12, 2024
3ae1d34
Merge pull request #7151 from zalando-incubator/unbound-1.19.2
katyanna Mar 12, 2024
a68852f
Merge pull request #7150 from zalando-incubator/update-components-v1.26
katyanna Mar 12, 2024
5f49b13
Merge pull request #7149 from zalando-incubator/flannel-v0.24.3
katyanna Mar 12, 2024
4a59493
Merge pull request #7140 from zalando-incubator/default-configuration…
mikkeloscar Mar 12, 2024
384b4e3
Merge pull request #7155 from zalando-incubator/renamePHCConfigItem
szuecs Mar 12, 2024
afff354
Merge pull request #7152 from zalando-incubator/dev-to-alpha
mikkeloscar Mar 13, 2024
5a2d4d7
Merge alpha to alpha-to-beta
zalando-teapot-robot Mar 13, 2024
550143f
Merge dev to dev-to-alpha
zalando-teapot-robot Mar 13, 2024
dd55931
Merge pull request #7159 from zalando-incubator/dev-to-alpha
mikkeloscar Mar 13, 2024
010198b
Merge alpha to alpha-to-beta
zalando-teapot-robot Mar 13, 2024
c47a50d
Merge pull request #7158 from zalando-incubator/alpha-to-beta
szuecs Mar 13, 2024
af888c7
Merge beta to beta-to-stable
zalando-teapot-robot Mar 13, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 2 additions & 7 deletions cluster/config-defaults.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -76,14 +76,13 @@ skipper_ingress_hpa_scale_up_max_perc: "100"
{{if eq .Cluster.Environment "production"}}
skipper_ingress_min_replicas: "3"
skipper_ingress_max_replicas: "300"
skipper_ingress_passive_health_check_options: ""
{{else}}
skipper_ingress_min_replicas: "2"
skipper_ingress_max_replicas: "50"
skipper_ingress_passive_health_check_options: "period=10s,min-requests=10,max-drop-probability=0.9"
{{end}}
skipper_ingress_cpu: "1000m"
skipper_ingress_memory: "1500Mi"
skipper_ingress_health_check_options: "period=10s,min-requests=10,max-drop-probability=0.9"

# Enables deployment of canary version
skipper_ingress_canary_enabled: "true"
Expand Down Expand Up @@ -335,7 +334,7 @@ skipper_open_policy_agent_styra_token: ""
# - production: runs the controller
#
fabric_gateway_controller_mode: "disabled"
fabric_gateway_controller_version: "master-240"
fabric_gateway_controller_version: "master-243"
fabric_gateway_controller_cpu: "50m"
fabric_gateway_controller_memory: "150Mi"
fabric_gateway_crd_v1_enabled: "false"
Expand Down Expand Up @@ -925,10 +924,6 @@ stackset_routegroup_support_enabled: "true"
# E.g. switching from RouteGroup to Ingress or vice versa.
stackset_ingress_source_switch_ttl: "5m"

# enable/disable versioned configuration resources support for stackset
stackset_configmap_support_enabled: "true"
stackset_secret_support_enabled: "true"

# enable/disable traffic segment support for stackset
stackset_enable_traffic_segments: "false"
{{if eq .Cluster.Environment "e2e"}}
Expand Down
128 changes: 69 additions & 59 deletions cluster/manifests/01-routegroup/routegroup-crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.14.0
name: routegroups.zalando.org
spec:
group: zalando.org
Expand Down Expand Up @@ -35,14 +34,19 @@ spec:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -56,19 +60,12 @@ spec:
description: Address is required for type `network`
type: string
algorithm:
description: Algorithm is required for type `lb`. `roundRobin`
- backend is chosen by the round robin algorithm, starting
with a random selected backend to spread across all backends
from the beginning. `random` - backend is chosen at random.
`consistentHash` - backend is chosen by [consistent hashing](https://en.wikipedia.org/wiki/Consistent_hashing)
algorithm based on the request key. The request key is derived
from `X-Forwarded-For` header or request remote IP address
as the fallback. Use [`consistentHashKey`](filters.md#consistenthashkey)
filter to set the request key. Use [`consistentHashBalanceFactor`](filters.md#consistenthashbalancefactor)
to prevent popular keys from overloading a single backend
endpoint. `powerOfRandomNChoices` - backend is chosen by selecting
N random endpoints and picking the one with least outstanding
requests from them (see http://www.eecs.harvard.edu/~michaelm/postscripts/handbook2001.pdf).
description: |-
Algorithm is required for type `lb`.
`roundRobin` - backend is chosen by the round robin algorithm, starting with a random selected backend to spread across all backends from the beginning.
`random` - backend is chosen at random.
`consistentHash` - backend is chosen by [consistent hashing](https://en.wikipedia.org/wiki/Consistent_hashing) algorithm based on the request key. The request key is derived from `X-Forwarded-For` header or request remote IP address as the fallback. Use [`consistentHashKey`](filters.md#consistenthashkey) filter to set the request key. Use [`consistentHashBalanceFactor`](filters.md#consistenthashbalancefactor) to prevent popular keys from overloading a single backend endpoint.
`powerOfRandomNChoices` - backend is chosen by selecting N random endpoints and picking the one with least outstanding requests from them (see http://www.eecs.harvard.edu/~michaelm/postscripts/handbook2001.pdf).
enum:
- roundRobin
- random
Expand All @@ -92,23 +89,14 @@ spec:
description: ServicePort is required for type `service`
type: integer
type:
description: Type of the backend. `service`- resolve Kubernetes
service to the available Endpoints belonging to the Service,
and generate load balanced routes using them. `shunt` - reply
directly from the proxy itself. This can be used to shortcut,
for example have a default that replies with 404 or use skipper
as a backend serving static content in demos. `loopback` -
lookup again the routing table to a better matching route
after processing the current route. Like this you can add
some headers or change the request path for some specific
matching requests. `dynamic` - use the backend provided by
filters. This allows skipper as library users to do proxy
calls to a certain target from their own implementation dynamically
looked up by their filters. `lb` - balance the load across
multiple network endpoints using specified algorithm. If algorithm
is not specified it will use the default algorithm set by
Skipper at start. `network` - use arbitrary HTTP or HTTPS
URL.
description: |-
Type of the backend.
`service`- resolve Kubernetes service to the available Endpoints belonging to the Service, and generate load balanced routes using them.
`shunt` - reply directly from the proxy itself. This can be used to shortcut, for example have a default that replies with 404 or use skipper as a backend serving static content in demos.
`loopback` - lookup again the routing table to a better matching route after processing the current route. Like this you can add some headers or change the request path for some specific matching requests.
`dynamic` - use the backend provided by filters. This allows skipper as library users to do proxy calls to a certain target from their own implementation dynamically looked up by their filters.
`lb` - balance the load across multiple network endpoints using specified algorithm. If algorithm is not specified it will use the default algorithm set by Skipper at start.
`network` - use arbitrary HTTP or HTTPS URL.
enum:
- service
- shunt
Expand All @@ -123,18 +111,19 @@ spec:
type: object
type: array
defaultBackends:
description: DefaultBackends is a list of default backends defined
if no explicit backend is defined for a route
description: |-
DefaultBackends is a list of default backends defined if no explicit
backend is defined for a route
items:
properties:
backendName:
description: BackendName references backend by name
type: string
weight:
description: Weight defines a portion of traffic for the referenced
backend. It equals to weight divided by the sum of all backend
weights. When all references have zero (or unspecified) weight
then traffic is split equally between them.
description: |-
Weight defines a portion of traffic for the referenced backend.
It equals to weight divided by the sum of all backend weights.
When all references have zero (or unspecified) weight then traffic is split equally between them.
minimum: 0
type: integer
required:
Expand All @@ -146,27 +135,27 @@ spec:
items:
pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?([.][a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
type: string
type: array
minItems: 1
type: array
routes:
description: Routes describe how a matching HTTP request is handled
and where it is forwarded to
items:
properties:
backends:
description: RouteGroupBackendReference specifies the list of
backendReference that should be applied to override the defaultBackends
description: |-
RouteGroupBackendReference specifies the list of backendReference that should
be applied to override the defaultBackends
items:
properties:
backendName:
description: BackendName references backend by name
type: string
weight:
description: Weight defines a portion of traffic for the
referenced backend. It equals to weight divided by the
sum of all backend weights. When all references have
zero (or unspecified) weight then traffic is split equally
between them.
description: |-
Weight defines a portion of traffic for the referenced backend.
It equals to weight divided by the sum of all backend weights.
When all references have zero (or unspecified) weight then traffic is split equally between them.
minimum: 0
type: integer
required:
Expand Down Expand Up @@ -216,6 +205,32 @@ spec:
type: object
minItems: 1
type: array
tls:
description: |-
TLS defines which Kubernetes secret will be used to terminate the connection
based on the matching hostnames
items:
properties:
hosts:
description: |-
TLS hosts specify the list of hosts included in the TLS secret.
The values in this list must match the host name(s) used for
the RouteGroup in order to terminate TLS for the host(s).
items:
pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?([.][a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
type: string
minItems: 1
type: array
secretName:
description: |-
SecretName is the name of the secret used to terminate TLS traffic.
Secret should reside in the same namespace as the RouteGroup.
type: string
required:
- hosts
- secretName
type: object
type: array
required:
- backends
# {{ if eq .Cluster.ConfigItems.skipper_ingress_routegroup_crd_require_hosts "true" }}
Expand All @@ -225,7 +240,8 @@ spec:
status:
properties:
loadBalancer:
description: LoadBalancer is similar to ingress status, such that
description: |-
LoadBalancer is similar to ingress status, such that
external-dns has the same style as in ingress
properties:
routegroup:
Expand Down Expand Up @@ -255,9 +271,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ spec:
operator: Exists
containers:
- name: cluster-lifecycle-controller
image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-35
image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-36
args:
- --drain-grace-period={{.Cluster.ConfigItems.drain_grace_period}}
- --drain-min-pod-lifetime={{.Cluster.ConfigItems.drain_min_pod_lifetime}}
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/coredns-local/daemonset-coredns.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ spec:
containers:
{{ if eq .Cluster.ConfigItems.dns_cache "unbound" }}
- name: unbound
image: container-registry.zalando.net/teapot/unbound:1.19.1-master-8
image: container-registry.zalando.net/teapot/unbound:1.19.2-master-9
args:
- -d
- -c
Expand Down
29 changes: 1 addition & 28 deletions cluster/manifests/deletions.yaml
Original file line number Diff line number Diff line change
@@ -1,35 +1,8 @@
# everything defined under here will be deleted before applying the manifests
pre_apply:
- name: cronjob-monitor
namespace: kube-system
kind: Deployment

# TODO: remove after rollout
- kind: CronJob
name: secret-combiner
namespace: kube-system
- kind: RoleBinding
name: secret-combiner
namespace: kube-system
- kind: Role
name: secret-combiner
namespace: kube-system
- kind: ServiceAccount
name: secret-combiner
namespace: kube-system
pre_apply: []

# everything defined under here will be deleted after applying the manifests
post_apply:
- name: cronjob-monitor
namespace: kube-system
kind: VerticalPodAutoscaler
- name: cronjob-monitor
kind: ClusterRole
- name: cronjob-monitor
kind: ClusterRoleBinding
- name: cronjob-monitor
namespace: kube-system
kind: ServiceAccount
{{ if eq .Cluster.ConfigItems.teapot_admission_controller_process_resources "true" }}
- name: limits
namespace: default
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/flannel/daemonset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ spec:
failureThreshold: 30
periodSeconds: 10
- name: kube-flannel
image: container-registry.zalando.net/teapot/flannel:v0.24.1-master-20
image: container-registry.zalando.net/teapot/flannel:v0.24.3-master-21
command:
- /opt/bin/flanneld
args:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ spec:
effect: NoSchedule
containers:
- name: controller
image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-21
image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-22
resources:
requests:
cpu: {{.Cluster.ConfigItems.kube_node_ready_controller_cpu}}
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kube-node-ready/daemonset.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ $version := "master-29" }}
{{ $version := "master-30" }}

apiVersion: apps/v1
kind: DaemonSet
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/skipper/deployment.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ $internal_version := "v0.21.4-831" }}
{{ $internal_version := "v0.21.19-847" }}
{{ $canary_internal_version := "v0.21.19-847" }}

{{/* Optional canary arguments separated by "[cf724afc]" to allow whitespaces, e.g. "-foo=has a whitespace[cf724afc]-baz=qux" */}}
Expand Down Expand Up @@ -301,8 +301,8 @@ spec:
{{ if .Cluster.ConfigItems.skipper_ingress_inline_routes }}
- "-inline-routes={{ .Cluster.ConfigItems.skipper_ingress_inline_routes }}"
{{ end }}
{{ if and (.Cluster.ConfigItems.skipper_ingress_passive_health_check_options) (eq .name "skipper-ingress-canary") }}
- "-passive-health-check={{ .Cluster.ConfigItems.skipper_ingress_passive_health_check_options }}"
{{ if and (.Cluster.ConfigItems.skipper_ingress_health_check_options) (eq .name "skipper-ingress-canary") }}
- "-passive-health-check={{ .Cluster.ConfigItems.skipper_ingress_health_check_options }}"
{{ end }}
{{ if .Cluster.ConfigItems.skipper_ingress_refuse_payload }}
{{ range $pattern := split .Cluster.ConfigItems.skipper_ingress_refuse_payload "[cf724afc]" }}
Expand Down
6 changes: 0 additions & 6 deletions cluster/manifests/stackset-controller/01-stack-crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -349,7 +349,6 @@ spec:
- maxReplicas
- metrics
type: object
{{- if or (eq .Cluster.ConfigItems.stackset_configmap_support_enabled "true") (eq .Cluster.ConfigItems.stackset_secret_support_enabled "true") }}
configurationResources:
description: ConfigurationResources describes the ConfigMaps that
will be created. Later Secrets and PlatformCredentialSets will also
Expand All @@ -358,7 +357,6 @@ spec:
description: ConfigurationResourcesSpec makes it possible to defined
the config resources to be created
properties:
{{- if eq .Cluster.ConfigItems.stackset_configmap_support_enabled "true" }}
configMapRef:
description: ConfigMap to be owned by Stack
properties:
Expand All @@ -367,8 +365,6 @@ spec:
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
{{ end }}
{{- if eq .Cluster.ConfigItems.stackset_secret_support_enabled "true" }}
secretRef:
description: Secret to be owned by Stack
properties:
Expand All @@ -377,10 +373,8 @@ spec:
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
{{ end }}
type: object
type: array
{{ end }}
externalIngress:
description: Stack specific ExternalIngress, based on the parent StackSet
at creation time.
Expand Down
Loading