support for K8s 1.24 (#648)

* remove deprecated flags kubelet unit * remove deprecated flags kubelet unit * Bump stuff to 1.24 * [AWS] Bump `aws-node-termination-handler-app` to version `1.17.2-gs1`. * [Azure] Bump `azure-cloud-node-manager` to version `1.24.5-gs1`. * [Azure] Bump `azure-cloud-controller-manager` to version `1.24.5-gs1`. * [Azure] Bump `azure-scheduled-events` to version `0.8.0`. * Bump `nginx-ingress-controller` app to version `2.17.0`. * Bump `nginx-ingress-controller` app to version `2.17.0`. * Change default registry from quay.io to docker.io. * Change default registry from quay.io to docker.io.
giantswarm · Sep 14, 2022 · 8dada4b · 8dada4b
1 parent 159e26d
commit 8dada4b
Show file tree

Hide file tree

Showing 13 changed files with 37 additions and 25 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -18,7 +18,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 
 - Change permission of etcd key file in order to make `etcd-kubernetes-resources-count-exporter` app to run with unprivileged user.
-
+- Remove unused `ImagePullProgressDeadline` variable.
+- Remove deprecated flags from kubelet and scheduler.
+- Bump to kubernetes `1.24.4`.
+- Bump `nginx-ingress-controller` app to version `2.17.0`.
+- [AWS] Bump `aws-cloud-controller-manager-app` to version `1.24.1-gs1`.
+- [AWS] Bump `aws-node-termination-handler-app` to version `1.17.2-gs1`.
+- [Azure] Bump `azure-cloud-controller-manager` to version `1.24.5-gs1`.
+- [Azure] Bump `azure-cloud-node-manager` to version `1.24.5-gs1`.
+- [Azure] Bump `azure-scheduled-events` to version `0.8.0`.
+- Change default registry from quay.io to docker.io.
+
 ## [13.1.0] - 2022-09-06
 
 ### Changed

diff --git a/platforms/aws/giantnetes/main.tf b/platforms/aws/giantnetes/main.tf
@@ -142,7 +142,6 @@ locals {
     "ExternalVpnVultrSourceIp"     = cidrhost(var.external_ipsec_subnet_1, 1)
     "GSReleaseVersion"             = var.release_version
     "G8SVaultToken"                = var.nodes_vault_token
-    "ImagePullProgressDeadline"    = var.image_pull_progress_deadline
     "K8SAPIIP"                     = var.k8s_api_ip
     "K8SAuditWebhookPort"          = var.k8s_audit_webhook_port
     "K8SDNSIP"                     = var.k8s_dns_ip

diff --git a/platforms/aws/giantnetes/variables.tf b/platforms/aws/giantnetes/variables.tf
@@ -140,7 +140,7 @@ variable "flatcar_ami_owner" {
 
 variable "docker_registry" {
   type    = string
-  default = "quay.io"
+  default = "docker.io"
 }
 
 variable "docker_registry_mirror" {
@@ -150,7 +150,7 @@ variable "docker_registry_mirror" {
 
 variable "hyperkube_version" {
   type    = string
-  default = "1.23.10"
+  default = "1.24.4"
 }
 
 ### DNS ###
@@ -334,10 +334,6 @@ variable "external_ipsec_password" {
 }
 
 ### Kubernetes ###
-variable "image_pull_progress_deadline" {
-  default = "1m"
-}
-
 variable "pod_infra_image" {
   default = "giantswarm/pause-amd64:3.3"
 }

diff --git a/platforms/azure/giantnetes/variables.tf b/platforms/azure/giantnetes/variables.tf
@@ -158,7 +158,7 @@ variable "core_ssh_key" {
 
 variable "docker_registry" {
   type    = string
-  default = "quay.io"
+  default = "docker.io"
 }
 
 variable "docker_registry_mirror" {
@@ -168,7 +168,7 @@ variable "docker_registry_mirror" {
 
 variable "hyperkube_version" {
   type    = string
-  default = "1.23.10"
+  default = "1.24.4"
 }
 
 variable "pod_infra_image" {

diff --git a/templates/files/apps/aws/aws-cloud-controller-manager-app.yaml b/templates/files/apps/aws/aws-cloud-controller-manager-app.yaml
@@ -1,3 +1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: aws-cloud-controller-manager-app-user-values
+  namespace: giantswarm
+data:
+  values: |
+    image:
+      registry: {{.DockerRegistry}}
+---
 apiVersion: application.giantswarm.io/v1alpha1
 kind: App
 metadata:
@@ -28,9 +38,9 @@ spec:
   namespaceConfig: {}
   userConfig:
     configMap:
-      name: ""
-      namespace: ""
+      name: "aws-cloud-controller-manager-app-user-values"
+      namespace: "giantswarm"
     secret:
       name: ""
       namespace: ""
-  version: 1.23.2-gs2
+  version: 1.24.1-gs1
diff --git a/templates/files/apps/aws/aws-node-termination-handler-app.yaml b/templates/files/apps/aws/aws-node-termination-handler-app.yaml
@@ -6,7 +6,8 @@ metadata:
 data:
   configmap-values.yaml: |
     queueURL: "{{.ClusterName}}-node-termination"
-
+    image:
+      registry: {{.DockerRegistry}}
 ---
 apiVersion: application.giantswarm.io/v1alpha1
 kind: App
@@ -43,4 +44,4 @@ spec:
     secret:
       name: ""
       namespace: ""
-  version: 1.16.5-gs1
+  version: 1.17.2-gs1
diff --git a/templates/files/apps/azure/azure-cloud-controller-manager.yaml b/templates/files/apps/azure/azure-cloud-controller-manager.yaml
@@ -43,5 +43,5 @@ spec:
     secret:
       name: ""
       namespace: ""
-  version: v1.23.17-gs2
+  version: v1.24.5-gs1
 
diff --git a/templates/files/apps/azure/azure-cloud-node-manager.yaml b/templates/files/apps/azure/azure-cloud-node-manager.yaml
@@ -40,5 +40,5 @@ spec:
     secret:
       name: ""
       namespace: ""
-  version: v1.23.17-gs1
+  version: v1.24.5-gs1
 
diff --git a/templates/files/apps/azure/azure-scheduled-events.yaml b/templates/files/apps/azure/azure-scheduled-events.yaml
@@ -42,5 +42,5 @@ spec:
     secret:
       name: ""
       namespace: ""
-  version: 0.7.0
+  version: 0.8.0
 
diff --git a/templates/files/apps/common/ingress-controller-app.yaml b/templates/files/apps/common/ingress-controller-app.yaml
@@ -52,4 +52,4 @@ spec:
     secret:
       name: ""
       namespace: ""
-  version: 2.15.1
+  version: 2.17.0
diff --git a/templates/files/config/audit-policy.yaml b/templates/files/config/audit-policy.yaml
@@ -1,4 +1,4 @@
-apiVersion: audit.k8s.io/v1beta1
+apiVersion: audit.k8s.io/v1
 kind: Policy
 rules:
   # TODO: Filter safe system requests.
@@ -77,4 +77,4 @@ rules:
     # Long-running requests like watches that fall under this rule will not
     # generate an audit event in RequestReceived.
     omitStages:
-      - "RequestReceived"
+      - "RequestReceived"
diff --git a/templates/master.yaml.tmpl b/templates/master.yaml.tmpl
@@ -1124,10 +1124,8 @@ systemd:
       --logtostderr=true \
       --cloud-provider=external \
       {{if eq .Provider "aws" -}}
-      --image-pull-progress-deadline={{ .ImagePullProgressDeadline }} \
       --pod-infra-container-image={{.DockerRegistry}}/{{ .PodInfraImage }} \
       {{ end -}}
-      --network-plugin=cni \
       --register-node=true \
       --kubeconfig=/etc/kubernetes/kubeconfig/kubelet.yaml \
       --node-labels="node.kubernetes.io/master,role=master,ip=${DEFAULT_IPV4},master-id=${MASTER_ID}" \

diff --git a/templates/worker.yaml.tmpl b/templates/worker.yaml.tmpl
@@ -649,12 +649,10 @@ systemd:
       --logtostderr=true \
       {{if eq .Provider "aws" -}}
       --cloud-provider=external \
-      --image-pull-progress-deadline={{ .ImagePullProgressDeadline }} \
       --pod-infra-container-image={{.DockerRegistry}}/{{ .PodInfraImage }} \
       {{ else -}}
       --cloud-provider=external \
       {{ end -}}
-      --network-plugin=cni \
       --register-node=true \
       --kubeconfig=/etc/kubernetes/kubeconfig/kubelet.yaml \
       --node-labels="node.kubernetes.io/worker,role=worker,ip=${DEFAULT_IPV4}" \