From d9424ee07488523ce22a8724ad6efd57b67337a1 Mon Sep 17 00:00:00 2001 From: Noor Malik Date: Mon, 23 Sep 2024 14:35:10 +0200 Subject: [PATCH 01/18] clean up minor k8s 1.30 references --- cluster/config-defaults.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/cluster/config-defaults.yaml b/cluster/config-defaults.yaml index d22f56b88d..0f2640c5e5 100644 --- a/cluster/config-defaults.yaml +++ b/cluster/config-defaults.yaml @@ -724,9 +724,6 @@ tracing_coredns_local_zone_traces_endpoint: "" # AMI id given the image name and the Image AWS account owner. # # [0]: https://github.com/zalando-incubator/cluster-lifecycle-manager/blob/8a9bd1cb2d094038a9e23e646421f8146b48886a/provisioner/template.go#L116 -kuberuntu_image_v1_30_jammy_amd64: {{ amiID "zalando-ubuntu-jammy-22.04-kubernetes-production-v1.30.2-amd64-master-341" "861068367966" }} -kuberuntu_image_v1_30_jammy_arm64: {{ amiID "zalando-ubuntu-jammy-22.04-kubernetes-production-v1.30.2-arm64-master-341" "861068367966" }} - kuberuntu_image_v1_31_jammy_amd64: {{ amiID "zalando-ubuntu-jammy-22.04-kubernetes-production-v1.31.0-amd64-master-347" "861068367966" }} kuberuntu_image_v1_31_jammy_arm64: {{ amiID "zalando-ubuntu-jammy-22.04-kubernetes-production-v1.31.0-arm64-master-347" "861068367966" }} @@ -799,7 +796,7 @@ ebs_csi_controller_sidecar_cpu: "10m" serialize_image_pulls: "false" # rate of image pull in the kubelet, see -# see https://github.com/kubernetes/kubernetes/blob/v1.30.0/staging/src/k8s.io/kubelet/config/v1beta1/types.go#L200-L212 +# see https://github.com/kubernetes/kubernetes/blob/v1.31.0/staging/src/k8s.io/kubelet/config/v1beta1/types.go#L200-L212 # # registryPullQPS is the limit of registry pulls per second. # The value must not be a negative number. From b8cc1fa93e5c1b8453c28e706ad72cba91dc1bc4 Mon Sep 17 00:00:00 2001 From: Alexander Yastrebov Date: Mon, 23 Sep 2024 14:40:06 +0200 Subject: [PATCH 02/18] skipper,fabric-gateway: enable image-updater-bot Define `$image` template variable so it is detected and updated by image-updater-bot Signed-off-by: Alexander Yastrebov --- cluster/manifests/fabric-gateway/deployment.yaml | 5 +++-- .../manifests/skipper/hostname-credentials-controller.yaml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/cluster/manifests/fabric-gateway/deployment.yaml b/cluster/manifests/fabric-gateway/deployment.yaml index d6a96e4b34..bb1936d9e8 100644 --- a/cluster/manifests/fabric-gateway/deployment.yaml +++ b/cluster/manifests/fabric-gateway/deployment.yaml @@ -1,4 +1,5 @@ -# {{ $version := "master-289" }} +# {{ $image := "container-registry.zalando.net/gwproxy/fabric-gateway:master-289" }} +# {{ $version := index (split $image ":") 1 }} apiVersion: apps/v1 kind: Deployment metadata: @@ -38,7 +39,7 @@ spec: serviceAccountName: fabric-gateway-controller containers: - name: controller - image: container-registry.zalando.net/gwproxy/fabric-gateway:{{ $version }} + image: "{{ $image }}" args: - -update-fabric-gateway-status=true - -versioned-hosts-base-domain={{ .Values.hosted_zone }} diff --git a/cluster/manifests/skipper/hostname-credentials-controller.yaml b/cluster/manifests/skipper/hostname-credentials-controller.yaml index 501b620760..05df6b48dc 100644 --- a/cluster/manifests/skipper/hostname-credentials-controller.yaml +++ b/cluster/manifests/skipper/hostname-credentials-controller.yaml @@ -1,5 +1,6 @@ # {{ if eq .Cluster.ConfigItems.skipper_oauth2_ui_login "true" }} -# {{ $version := "main-13" }} +# {{ $image := "container-registry.zalando.net/gwproxy/hostname-credentials-controller:main-13" }} +# {{ $version := index (split $image ":") 1 }} apiVersion: v1 kind: ServiceAccount metadata: @@ -124,7 +125,7 @@ spec: restartPolicy: Never containers: - name: controller - image: "container-registry.zalando.net/gwproxy/hostname-credentials-controller:{{ $version }}" + image: "{{ $image }}" terminationMessagePolicy: FallbackToLogsOnError args: - -ingress-selector=application From 08a19aa19c5459a883710b5096aba2e3df1ec447 Mon Sep 17 00:00:00 2001 From: Noor Malik Date: Mon, 23 Sep 2024 14:47:07 +0200 Subject: [PATCH 03/18] put leftover dashboard rbac behind the toggle to clean it up from clusters --- cluster/manifests/deletions.yaml | 28 ++----------------- cluster/manifests/roles/readonly-binding.yaml | 2 ++ .../manifests/roles/readonly-dashboard.yaml | 2 ++ 3 files changed, 6 insertions(+), 26 deletions(-) diff --git a/cluster/manifests/deletions.yaml b/cluster/manifests/deletions.yaml index 60e9e44e9f..2a224a70fd 100644 --- a/cluster/manifests/deletions.yaml +++ b/cluster/manifests/deletions.yaml @@ -297,34 +297,10 @@ post_apply: namespace: kube-system {{ if ne .Cluster.ConfigItems.k8s_dashboard_enabled "true" }} -- name: kubernetes-dashboard - namespace: kube-system - kind: Deployment -- name: kubernetes-dashboard - namespace: kube-system - kind: Service -- name: dashboard-metrics-scraper - namespace: kube-system - kind: Service -- name: dashboard-metrics-scraper - namespace: kube-system - kind: Deployment -- name: kubernetes-dashboard - namespace: kube-system +- name: readonly-dashboard kind: Role -- name: kubernetes-dashboard namespace: kube-system +- name: readonly-dashboard kind: RoleBinding -- name: kubernetes-dashboard - kind: ClusterRole -- name: kubernetes-dashboard-internal - kind: ClusterRoleBinding -- name: kubernetes-dashboard-readonly - kind: ClusterRoleBinding -- name: dashboard-metrics-scraper-vpa namespace: kube-system - kind: VerticalPodAutoscaler -- name: kubernetes-dashboard - namespace: kube-system - kind: ServiceAccount {{ end }} diff --git a/cluster/manifests/roles/readonly-binding.yaml b/cluster/manifests/roles/readonly-binding.yaml index 708fcf8c93..4000a6b5ba 100644 --- a/cluster/manifests/roles/readonly-binding.yaml +++ b/cluster/manifests/roles/readonly-binding.yaml @@ -19,6 +19,7 @@ subjects: - kind: Group name: "okta:common/read-only" apiGroup: rbac.authorization.k8s.io +{{ if ne .Cluster.ConfigItems.k8s_dashboard_enabled "true" }} --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -42,6 +43,7 @@ subjects: - kind: Group name: "okta:common/read-only" apiGroup: rbac.authorization.k8s.io +{{ end }} --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/cluster/manifests/roles/readonly-dashboard.yaml b/cluster/manifests/roles/readonly-dashboard.yaml index ddd9fc2604..c85576295d 100644 --- a/cluster/manifests/roles/readonly-dashboard.yaml +++ b/cluster/manifests/roles/readonly-dashboard.yaml @@ -1,3 +1,4 @@ +{{ if ne .Cluster.ConfigItems.k8s_dashboard_enabled "true" }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -8,3 +9,4 @@ rules: resources: [ "services/proxy" ] verbs: [ "get" ] resourceNames: [ "kubernetes-dashboard" ] +{{ end }} From 67d50e0b273ba0eb49329a0ba0bf04356ad7a241 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 16:33:21 +0200 Subject: [PATCH 04/18] prometheus: Update to version v2.53.1-master-57 Update container-registry.zalando.net/teapot/prometheus to version v2.53.1-master-57 --- cluster/manifests/prometheus/statefulset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/prometheus/statefulset.yaml b/cluster/manifests/prometheus/statefulset.yaml index 41d67727d9..50927eb999 100644 --- a/cluster/manifests/prometheus/statefulset.yaml +++ b/cluster/manifests/prometheus/statefulset.yaml @@ -57,7 +57,7 @@ spec: mountPath: /prometheus containers: - name: prometheus - image: container-registry.zalando.net/teapot/prometheus:v2.53.1-master-56 + image: container-registry.zalando.net/teapot/prometheus:v2.53.1-master-57 args: - "--config.file=/prometheus/prometheus.yaml" - "--storage.tsdb.path=/prometheus/" From 194b22fa702df1608a0e53316c243f21a42c1565 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 16:33:28 +0200 Subject: [PATCH 05/18] skipper-canary-controller: Update to version main-21 Update container-registry.zalando.net/gwproxy/skipper-canary-controller to version main-21 --- cluster/manifests/skipper-canary-controller/canary-cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml index 8ec1de64b5..07ca862f4a 100644 --- a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml +++ b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml @@ -26,7 +26,7 @@ spec: containers: - name: skipper-canary-controller terminationMessagePolicy: FallbackToLogsOnError - image: container-registry.zalando.net/gwproxy/skipper-canary-controller:main-20 + image: container-registry.zalando.net/gwproxy/skipper-canary-controller:main-21 env: - name: _PLATFORM_OBSERVABILITY_ACCESS_TOKEN valueFrom: From 901e09e0168e57bf48475b9c4ef9f1468586f321 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 16:33:35 +0200 Subject: [PATCH 06/18] hostname-credentials-controller: Update to version main-14 Update container-registry.zalando.net/gwproxy/hostname-credentials-controller to version main-14 --- cluster/manifests/skipper/hostname-credentials-controller.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/skipper/hostname-credentials-controller.yaml b/cluster/manifests/skipper/hostname-credentials-controller.yaml index 05df6b48dc..d25227150e 100644 --- a/cluster/manifests/skipper/hostname-credentials-controller.yaml +++ b/cluster/manifests/skipper/hostname-credentials-controller.yaml @@ -1,5 +1,5 @@ # {{ if eq .Cluster.ConfigItems.skipper_oauth2_ui_login "true" }} -# {{ $image := "container-registry.zalando.net/gwproxy/hostname-credentials-controller:main-13" }} +# {{ $image := "container-registry.zalando.net/gwproxy/hostname-credentials-controller:main-14" }} # {{ $version := index (split $image ":") 1 }} apiVersion: v1 kind: ServiceAccount From c3e0e96a7180ea738d6fc4a272603352764e733a Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 16:33:45 +0200 Subject: [PATCH 07/18] admission-controller: Update to version master-214 Update 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller to version master-214 --- cluster/node-pools/master-default/userdata.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/node-pools/master-default/userdata.yaml b/cluster/node-pools/master-default/userdata.yaml index 3b87c4144a..9d140a1ca4 100644 --- a/cluster/node-pools/master-default/userdata.yaml +++ b/cluster/node-pools/master-default/userdata.yaml @@ -206,7 +206,7 @@ write_files: limits: memory: {{ .Values.InstanceInfo.MemoryFraction (parseInt64 .Cluster.ConfigItems.apiserver_memory_limit_percent)}} {{- end }} - - image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller:master-211 + - image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller:master-214 name: admission-controller lifecycle: preStop: From 296e72a024be445350005fc99cdbedaa7ce5f22e Mon Sep 17 00:00:00 2001 From: Mustafa Abdelrahman Date: Mon, 23 Sep 2024 16:46:10 +0200 Subject: [PATCH 08/18] canary-controller: fix cronjob validation Signed-off-by: Mustafa Abdelrahman --- .../manifests/skipper-canary-controller/canary-cronjob.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml index 8ec1de64b5..20fb36b0b6 100644 --- a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml +++ b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml @@ -12,6 +12,7 @@ spec: schedule: "*/30 * * * *" jobTemplate: spec: + backoffLimit: 0 template: metadata: labels: @@ -21,8 +22,6 @@ spec: serviceAccountName: skipper-canary-controller # Make sure the job run only once restartPolicy: Never - concurrencyPolicy: Forbid - backoffLimit: 0 containers: - name: skipper-canary-controller terminationMessagePolicy: FallbackToLogsOnError From 14b5e0c49e5e28d0e0fda1aef44237cf677f4bd1 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:32:34 +0200 Subject: [PATCH 09/18] metrics-server: Update to version v0.7.2-master-18 Update container-registry.zalando.net/teapot/metrics-server to version v0.7.2-master-18 --- cluster/manifests/metrics-server/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/metrics-server/deployment.yaml b/cluster/manifests/metrics-server/deployment.yaml index 32ec62d962..cd8d98c944 100644 --- a/cluster/manifests/metrics-server/deployment.yaml +++ b/cluster/manifests/metrics-server/deployment.yaml @@ -28,7 +28,7 @@ spec: serviceAccountName: metrics-server containers: - name: metrics-server - image: container-registry.zalando.net/teapot/metrics-server:v0.7.0-master-16 + image: container-registry.zalando.net/teapot/metrics-server:v0.7.2-master-18 args: - --cert-dir=/tmp - --secure-port=4443 From e644863780aa4e1f672be52a7938c80dd1c1d985 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:32:45 +0200 Subject: [PATCH 10/18] nvidia-gpu-device-plugin: Update to version v0.16.2-master-14 Update container-registry.zalando.net/teapot/nvidia-gpu-device-plugin to version v0.16.2-master-14 --- cluster/manifests/nvidia/nvidia-gpu-device-plugin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/nvidia/nvidia-gpu-device-plugin.yaml b/cluster/manifests/nvidia/nvidia-gpu-device-plugin.yaml index 0450d3e774..b230577454 100644 --- a/cluster/manifests/nvidia/nvidia-gpu-device-plugin.yaml +++ b/cluster/manifests/nvidia/nvidia-gpu-device-plugin.yaml @@ -60,7 +60,7 @@ spec: {{- end}} containers: - name: nvidia-gpu-device-plugin - image: container-registry.zalando.net/teapot/nvidia-gpu-device-plugin:v0.16.0-master-13 + image: container-registry.zalando.net/teapot/nvidia-gpu-device-plugin:v0.16.2-master-14 args: - --fail-on-init-error=false - --pass-device-specs From fbcc050a076c3b8c08c4bdb6459140a40270d4aa Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:33:10 +0200 Subject: [PATCH 11/18] admission-controller: Update to version master-216 Update 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller to version master-216 --- cluster/node-pools/master-default/userdata.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/node-pools/master-default/userdata.yaml b/cluster/node-pools/master-default/userdata.yaml index 9d140a1ca4..b87b22b19e 100644 --- a/cluster/node-pools/master-default/userdata.yaml +++ b/cluster/node-pools/master-default/userdata.yaml @@ -206,7 +206,7 @@ write_files: limits: memory: {{ .Values.InstanceInfo.MemoryFraction (parseInt64 .Cluster.ConfigItems.apiserver_memory_limit_percent)}} {{- end }} - - image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller:master-214 + - image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/admission-controller:master-216 name: admission-controller lifecycle: preStop: From d9687f26fc01affd912c243b55e1468a3eeebb9a Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:41:15 +0200 Subject: [PATCH 12/18] kube-aws-iam-controller: Update to version v0.3.0-35-gdd6d128 Update container-registry.zalando.net/teapot/kube-aws-iam-controller to version v0.3.0-35-gdd6d128 --- cluster/manifests/02-kube-aws-iam-controller/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/02-kube-aws-iam-controller/deployment.yaml b/cluster/manifests/02-kube-aws-iam-controller/deployment.yaml index 8fdb542f20..d56f79e270 100644 --- a/cluster/manifests/02-kube-aws-iam-controller/deployment.yaml +++ b/cluster/manifests/02-kube-aws-iam-controller/deployment.yaml @@ -27,7 +27,7 @@ spec: hostNetwork: true containers: - name: kube-aws-iam-controller - image: container-registry.zalando.net/teapot/kube-aws-iam-controller:v0.3.0-33-g6df0443 + image: container-registry.zalando.net/teapot/kube-aws-iam-controller:v0.3.0-35-gdd6d128 env: - name: AWS_DEFAULT_REGION value: "{{.Cluster.Region}}" From 56067094b7d53ec514b7262c31c66f6ab340c5dc Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:41:42 +0200 Subject: [PATCH 13/18] cluster-lifecycle-controller: Update to version master-43 Update container-registry.zalando.net/teapot/cluster-lifecycle-controller to version master-43 --- cluster/manifests/cluster-lifecycle-controller/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/cluster-lifecycle-controller/deployment.yaml b/cluster/manifests/cluster-lifecycle-controller/deployment.yaml index e94d5db8ea..a953386f26 100644 --- a/cluster/manifests/cluster-lifecycle-controller/deployment.yaml +++ b/cluster/manifests/cluster-lifecycle-controller/deployment.yaml @@ -35,7 +35,7 @@ spec: operator: Exists containers: - name: cluster-lifecycle-controller - image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-42 + image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-43 args: - --drain-grace-period={{.Cluster.ConfigItems.drain_grace_period}} - --drain-min-pod-lifetime={{.Cluster.ConfigItems.drain_min_pod_lifetime}} From 0592fbf3fb0f60a0ef0ef83e224fe5cdd748d873 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:42:08 +0200 Subject: [PATCH 14/18] emergency-access-service: Update to version master-95 Update container-registry.zalando.net/teapot/emergency-access-service to version master-95 --- cluster/manifests/emergency-access-service/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/emergency-access-service/deployment.yaml b/cluster/manifests/emergency-access-service/deployment.yaml index 6ea61e8131..02025861f0 100644 --- a/cluster/manifests/emergency-access-service/deployment.yaml +++ b/cluster/manifests/emergency-access-service/deployment.yaml @@ -41,7 +41,7 @@ spec: cpu: 25m memory: 25Mi - name: emergency-access-service - image: "container-registry.zalando.net/teapot/emergency-access-service:master-94" + image: "container-registry.zalando.net/teapot/emergency-access-service:master-95" args: - --insecure-http - --community={{ .Cluster.Owner }} From af8402d5354c39277502549d82979de3a101fcb1 Mon Sep 17 00:00:00 2001 From: 418 I'm a teapot Date: Mon, 23 Sep 2024 19:42:40 +0200 Subject: [PATCH 15/18] kube-node-ready-controller: Update to version master-29 Update container-registry.zalando.net/teapot/kube-node-ready-controller to version master-29 --- cluster/manifests/kube-node-ready-controller/daemonset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/kube-node-ready-controller/daemonset.yaml b/cluster/manifests/kube-node-ready-controller/daemonset.yaml index 05f50c49f3..d335c645a5 100644 --- a/cluster/manifests/kube-node-ready-controller/daemonset.yaml +++ b/cluster/manifests/kube-node-ready-controller/daemonset.yaml @@ -36,7 +36,7 @@ spec: effect: NoSchedule containers: - name: controller - image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-28 + image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-29 resources: requests: cpu: {{.Cluster.ConfigItems.kube_node_ready_controller_cpu}} From ce8f1c0f96654f7f0370462cc1dbc3f5d74e7bbb Mon Sep 17 00:00:00 2001 From: Mustafa Abdelrahman Date: Mon, 23 Sep 2024 18:29:55 +0200 Subject: [PATCH 16/18] canary-controller: inject rest of Otel vars Signed-off-by: Mustafa Abdelrahman --- .../skipper-canary-controller/canary-cronjob.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml index a470685a15..497074766d 100644 --- a/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml +++ b/cluster/manifests/skipper-canary-controller/canary-cronjob.yaml @@ -32,6 +32,20 @@ spec: secretKeyRef: name: skipper-ingress key: lightstep-token + - name: _PLATFORM_OBSERVABILITY_COLLECTOR_SCHEME + value: "{{ .Cluster.ConfigItems.observability_collector_scheme }}" + - name: _PLATFORM_OBSERVABILITY_COLLECTOR_PORT + value: "{{ .Cluster.ConfigItems.observability_collector_port }}" + - name: _PLATFORM_OBSERVABILITY_COLLECTOR_ENDPOINT + value: "{{ .Cluster.ConfigItems.observability_collector_endpoint }}" + - name: _PLATFORM_OBSERVABILITY_METRICS_ENDPOINT + value: "{{ .Cluster.ConfigItems.observability_metrics_endpoint }}" + - name: _PLATFORM_OBSERVABILITY_METRICS_PORT + value: "{{ .Cluster.ConfigItems.observability_metrics_port }}" + - name: _PLATFORM_ACCOUNT + value: "{{ .Cluster.Alias }}" + - name: _PLATFORM_OBSERVABILITY_COMMON_ATTRIBUTE_CLOUD__ACCOUNT__ID + value: "{{ .Cluster.Alias }}" - name: LIGHTSTEP_DEBUG value: "true" args: From f801c76fec74ffac0915b4e9fcbb85530da33bd6 Mon Sep 17 00:00:00 2001 From: Mikkel Oscar Lyderik Larsen Date: Tue, 24 Sep 2024 10:13:52 +0200 Subject: [PATCH 17/18] Update VPA components to v1.2.1 https://github.com/kubernetes/autoscaler/releases/tag/vertical-pod-autoscaler-1.2.0 https://github.com/kubernetes/autoscaler/releases/tag/vertical-pod-autoscaler-1.2.1) Signed-off-by: Mikkel Oscar Lyderik Larsen --- .../admission-controller-deployment.yaml | 4 ++-- .../01-vertical-pod-autoscaler/recommender-deployment.yaml | 4 ++-- .../01-vertical-pod-autoscaler/updater-deployment.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cluster/manifests/01-vertical-pod-autoscaler/admission-controller-deployment.yaml b/cluster/manifests/01-vertical-pod-autoscaler/admission-controller-deployment.yaml index c6156f051a..d62576b433 100644 --- a/cluster/manifests/01-vertical-pod-autoscaler/admission-controller-deployment.yaml +++ b/cluster/manifests/01-vertical-pod-autoscaler/admission-controller-deployment.yaml @@ -26,9 +26,9 @@ spec: containers: - name: admission-controller {{if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "current"}} - image: container-registry.zalando.net/teapot/vpa-admission-controller:v1.1.2-main-5-custom + image: container-registry.zalando.net/teapot/vpa-admission-controller:v1.2.1-main-6-custom {{else if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "legacy"}} - image: container-registry.zalando.net/teapot/vpa-admission-controller:v1.1.2-main-2-custom + image: container-registry.zalando.net/teapot/vpa-admission-controller:v1.1.2-main-5-custom {{end}} command: - /admission-controller diff --git a/cluster/manifests/01-vertical-pod-autoscaler/recommender-deployment.yaml b/cluster/manifests/01-vertical-pod-autoscaler/recommender-deployment.yaml index a0c59ff187..371ad37ee8 100644 --- a/cluster/manifests/01-vertical-pod-autoscaler/recommender-deployment.yaml +++ b/cluster/manifests/01-vertical-pod-autoscaler/recommender-deployment.yaml @@ -24,9 +24,9 @@ spec: containers: - name: recommender {{if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "current"}} - image: container-registry.zalando.net/teapot/vpa-recommender:v1.1.2-main-5-custom + image: container-registry.zalando.net/teapot/vpa-recommender:v1.2.1-main-6-custom {{else if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "legacy"}} - image: container-registry.zalando.net/teapot/vpa-recommender:v1.1.2-main-2-custom + image: container-registry.zalando.net/teapot/vpa-recommender:v1.1.2-main-5-custom {{end}} args: - --logtostderr diff --git a/cluster/manifests/01-vertical-pod-autoscaler/updater-deployment.yaml b/cluster/manifests/01-vertical-pod-autoscaler/updater-deployment.yaml index d10b7b066b..d8ce0db434 100644 --- a/cluster/manifests/01-vertical-pod-autoscaler/updater-deployment.yaml +++ b/cluster/manifests/01-vertical-pod-autoscaler/updater-deployment.yaml @@ -24,9 +24,9 @@ spec: containers: - name: updater {{if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "current"}} - image: container-registry.zalando.net/teapot/vpa-updater:v1.1.2-main-5-custom + image: container-registry.zalando.net/teapot/vpa-updater:v1.2.1-main-6-custom {{else if eq .Cluster.ConfigItems.vertical_pod_autoscaler_version "legacy"}} - image: container-registry.zalando.net/teapot/vpa-updater:v1.1.2-main-2-custom + image: container-registry.zalando.net/teapot/vpa-updater:v1.1.2-main-5-custom {{end}} command: - ./updater From 93b8b1f884214d35221129ef67ba44d9fedfae09 Mon Sep 17 00:00:00 2001 From: Roman Zavodskikh Date: Tue, 24 Sep 2024 10:21:39 +0200 Subject: [PATCH 18/18] update: skipper OPA URL query policy, step 2/2 - update: skipper OPA URL query policy - update dependencies https://github.com/zalando/skipper/compare/v0.21.195...v0.21.198 FYI Step 1 https://github.com/zalando-incubator/kubernetes-on-aws/pull/8112 Signed-off-by: Roman Zavodskikh --- cluster/manifests/skipper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/skipper/deployment.yaml b/cluster/manifests/skipper/deployment.yaml index a54b6cac6a..b3643c0ad9 100644 --- a/cluster/manifests/skipper/deployment.yaml +++ b/cluster/manifests/skipper/deployment.yaml @@ -1,4 +1,4 @@ -{{ $internal_version := "v0.21.195-1014" }} +{{ $internal_version := "v0.21.198-1017" }} {{ $canary_internal_version := "v0.21.198-1017" }} {{/* Optional canary arguments separated by "[cf724afc]" to allow whitespaces, e.g. "-foo=has a whitespace[cf724afc]-baz=qux" */}}