From 7f358a5f3b1404464529b383960ec572c603f2af Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Fri, 15 Nov 2019 05:58:35 +0100 Subject: nixos/kubernetes: Module and test compatibility with kubernetes 1.16 Signed-off-by: Sascha Grunert --- nixos/doc/manual/release-notes/rl-2003.xml | 6 +++++- nixos/modules/services/cluster/kubernetes/addons/dns.nix | 12 ++++++------ nixos/modules/services/cluster/kubernetes/flannel.nix | 1 + nixos/modules/services/cluster/kubernetes/kubelet.nix | 4 ++-- nixos/modules/services/cluster/kubernetes/proxy.nix | 9 +++++++++ nixos/tests/kubernetes/base.nix | 1 + 6 files changed, 24 insertions(+), 9 deletions(-) (limited to 'nixos') diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index 72766f16eb9f..7370614b70a9 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -71,7 +71,11 @@ - + + The kubernetes kube-proxy now supports a new hostname configuration + services.kubernetes.proxy.hostname which has to + be set if the hostname of the node should be non default. + diff --git a/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/nixos/modules/services/cluster/kubernetes/addons/dns.nix index 47e588de3c93..f12e866930da 100644 --- a/nixos/modules/services/cluster/kubernetes/addons/dns.nix +++ b/nixos/modules/services/cluster/kubernetes/addons/dns.nix @@ -3,7 +3,7 @@ with lib; let - version = "1.5.0"; + version = "1.6.4"; cfg = config.services.kubernetes.addons.dns; ports = { dns = 10053; @@ -55,9 +55,9 @@ in { type = types.attrs; default = { imageName = "coredns/coredns"; - imageDigest = "sha256:e83beb5e43f8513fa735e77ffc5859640baea30a882a11cc75c4c3244a737d3c"; + imageDigest = "sha256:493ee88e1a92abebac67cbd4b5658b4730e0f33512461442d8d9214ea6734a9b"; finalImageTag = version; - sha256 = "15sbmhrxjxidj0j0cccn1qxpg6al175w43m6ngspl0mc132zqc9q"; + sha256 = "0fm9zdjavpf5hni8g7fkdd3csjbhd7n7py7llxjc66sbii087028"; }; }; }; @@ -68,7 +68,7 @@ in { services.kubernetes.addonManager.bootstrapAddons = { coredns-cr = { - apiVersion = "rbac.authorization.k8s.io/v1beta1"; + apiVersion = "rbac.authorization.k8s.io/v1"; kind = "ClusterRole"; metadata = { labels = { @@ -94,7 +94,7 @@ in { }; coredns-crb = { - apiVersion = "rbac.authorization.k8s.io/v1beta1"; + apiVersion = "rbac.authorization.k8s.io/v1"; kind = "ClusterRoleBinding"; metadata = { annotations = { @@ -170,7 +170,7 @@ in { }; coredns-deploy = { - apiVersion = "extensions/v1beta1"; + apiVersion = "apps/v1"; kind = "Deployment"; metadata = { labels = { diff --git a/nixos/modules/services/cluster/kubernetes/flannel.nix b/nixos/modules/services/cluster/kubernetes/flannel.nix index d799e638fc94..548ffed1ddb5 100644 --- a/nixos/modules/services/cluster/kubernetes/flannel.nix +++ b/nixos/modules/services/cluster/kubernetes/flannel.nix @@ -40,6 +40,7 @@ in cni.config = mkDefault [{ name = "mynet"; type = "flannel"; + cniVersion = "0.3.1"; delegate = { isDefaultGateway = true; bridge = "docker0"; diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index 250da4c807ec..62d893dfefc6 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -92,7 +92,7 @@ in default = []; example = literalExample '' [{ - "cniVersion": "0.2.0", + "cniVersion": "0.3.1", "name": "mynet", "type": "bridge", "bridge": "cni0", @@ -106,7 +106,7 @@ in ] } } { - "cniVersion": "0.2.0", + "cniVersion": "0.3.1", "type": "loopback" }] ''; diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix index bd4bf04ea833..3943c908840c 100644 --- a/nixos/modules/services/cluster/kubernetes/proxy.nix +++ b/nixos/modules/services/cluster/kubernetes/proxy.nix @@ -31,6 +31,12 @@ in type = listOf str; }; + hostname = mkOption { + description = "Kubernetes proxy hostname override."; + default = config.networking.hostName; + type = str; + }; + kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes proxy"; verbosity = mkOption { @@ -59,6 +65,7 @@ in "--cluster-cidr=${top.clusterCidr}"} \ ${optionalString (cfg.featureGates != []) "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \ + --hostname-override=${cfg.hostname} \ --kubeconfig=${top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ ${cfg.extraOpts} @@ -69,6 +76,8 @@ in }; }; + services.kubernetes.proxy.hostname = with config.networking; mkDefault hostName; + services.kubernetes.pki.certs = { kubeProxyClient = top.lib.mkCert { name = "kube-proxy-client"; diff --git a/nixos/tests/kubernetes/base.nix b/nixos/tests/kubernetes/base.nix index f21634c4ffbf..adb736506895 100644 --- a/nixos/tests/kubernetes/base.nix +++ b/nixos/tests/kubernetes/base.nix @@ -53,6 +53,7 @@ let services.flannel.iface = "eth1"; services.kubernetes = { addons.dashboard.enable = true; + proxy.hostname = "${masterName}.${domain}"; easyCerts = true; inherit (machine) roles; -- cgit 1.4.1