From bdfc15460831f997d26dc6521a38544c69d13704 Mon Sep 17 00:00:00 2001 From: Guillermo Gaston Date: Mon, 20 Nov 2023 17:43:32 -0600 Subject: [PATCH] Bump capi v1.5.3 and cert-manager v1.13.1 (#2679) --- UPSTREAM_PROJECTS.yaml | 4 +- .../CERT_MANAGER_ACMESOLVER_ATTRIBUTION.txt | 2 +- .../CERT_MANAGER_CAINJECTOR_ATTRIBUTION.txt | 4 +- .../CERT_MANAGER_CONTROLLER_ATTRIBUTION.txt | 4 +- .../CERT_MANAGER_CTL_ATTRIBUTION.txt | 6 +- .../CERT_MANAGER_WEBHOOK_ATTRIBUTION.txt | 4 +- projects/cert-manager/cert-manager/CHECKSUMS | 20 +- projects/cert-manager/cert-manager/GIT_TAG | 2 +- projects/cert-manager/cert-manager/README.md | 2 +- .../cert-manager/manifests/cert-manager.yaml | 108 ++++----- .../cluster-api/ATTRIBUTION.txt | 12 +- .../cluster-api/CAPD_ATTRIBUTION.txt | 14 +- .../kubernetes-sigs/cluster-api/CHECKSUMS | 20 +- projects/kubernetes-sigs/cluster-api/GIT_TAG | 2 +- .../kubernetes-sigs/cluster-api/README.md | 2 +- ...Adding-capi-support-for-Bottlerocket.patch | 216 ++++++++++++++---- .../0002-Add-unstacked-etcd-support.patch | 20 +- ...tacked-etcd-and-controlplane-upgrade.patch | 6 +- ...h-in-kubevip-manifest-for-kubeadm-co.patch | 4 +- ...ottlerocket-bootstrap-images-updatab.patch | 4 +- ...for-registry-mirror-for-bottlerocket.patch | 14 +- ...-template-for-bottlerocket-bootstrap.patch | 10 +- ...pdate-core-conversion-spoke-versions.patch | 6 +- ...rocket-changes-to-capbk-v1alpha4-api.patch | 4 +- ...pdate-capbk-converions-spoke-version.patch | 4 +- ...on-to-list-of-fields-to-ignore-for-u.patch | 4 +- ...node-labels-support-for-bottlerocket.patch | 29 +-- .../0013-Support-worker-node-taints.patch | 28 +-- ...t-bottle-rocket-control-plane-taints.patch | 4 +- ...ing-bottlerocket-control-container-u.patch | 8 +- ...mat-for-storing-etcd-machine-address.patch | 4 +- ...-provider-id-from-kubelet-extra-args.patch | 6 +- ...-control-image-on-nodes-joining-a-ne.patch | 4 +- ...pecifiy-additional-host-containers-i.patch | 6 +- ...-custom-bootstrap-containers-config-.patch | 6 +- ...ing-bottlerocket-admin-container-ima.patch | 6 +- ...t-admin-control-custom-bootstrap-con.patch | 4 +- ...e-status-to-running-after-etcd-contr.patch | 4 +- ...add-support-for-registry-credentials.patch | 6 +- ...configuring-NTP-servers-on-bottleroc.patch | 6 +- .../0026-set-hostname-for-BR-nodes.patch | 6 +- ...dd-bottlerocket-k8s-settings-support.patch | 44 ++-- .../0028-add-br-kernel.sysctl-settings.patch | 14 +- ...0029-add-boot-kernel-settings-for-BR.patch | 14 +- ...-maxconn-value-to-avoid-ulimit-issue.patch | 4 +- ...ort-for-custom-cert-bundles-in-BR-21.patch | 14 +- .../0032-CAPI-Move-Cluster-Filter.patch | 4 +- ...h-force-move-label-and-no-cluster-te.patch | 4 +- ...irror-configurations-to-be-mutable-f.patch | 4 +- ...external-etcd-machines-in-Kind-mappe.patch | 4 +- ...-disable-cgroupns-private-to-fix-AL2.patch | 4 +- 51 files changed, 407 insertions(+), 328 deletions(-) diff --git a/UPSTREAM_PROJECTS.yaml b/UPSTREAM_PROJECTS.yaml index d6cbb93eff..705313375a 100644 --- a/UPSTREAM_PROJECTS.yaml +++ b/UPSTREAM_PROJECTS.yaml @@ -61,7 +61,7 @@ projects: repos: - name: cert-manager versions: - - tag: v1.13.0 + - tag: v1.13.1 go_version: "1.20" - org: cilium repos: @@ -181,7 +181,7 @@ projects: repos: - name: cluster-api versions: - - tag: v1.5.2 + - tag: v1.5.3 go_version: "1.20" - name: cluster-api-provider-cloudstack versions: diff --git a/projects/cert-manager/cert-manager/CERT_MANAGER_ACMESOLVER_ATTRIBUTION.txt b/projects/cert-manager/cert-manager/CERT_MANAGER_ACMESOLVER_ATTRIBUTION.txt index 052549d163..4047188088 100644 --- a/projects/cert-manager/cert-manager/CERT_MANAGER_ACMESOLVER_ATTRIBUTION.txt +++ b/projects/cert-manager/cert-manager/CERT_MANAGER_ACMESOLVER_ATTRIBUTION.txt @@ -2,7 +2,7 @@ ** github.com/cert-manager/cert-manager; version v0.0.0-00010101000000-000000000000 -- https://github.com/cert-manager/cert-manager -** github.com/cert-manager/cert-manager/acmesolver-binary; version v1.13.0 -- +** github.com/cert-manager/cert-manager/acmesolver-binary; version v1.13.1 -- https://github.com/cert-manager/cert-manager/acmesolver-binary ** github.com/go-logr/logr; version v1.2.4 -- diff --git a/projects/cert-manager/cert-manager/CERT_MANAGER_CAINJECTOR_ATTRIBUTION.txt b/projects/cert-manager/cert-manager/CERT_MANAGER_CAINJECTOR_ATTRIBUTION.txt index 1b7273973c..b5d3e850ca 100644 --- a/projects/cert-manager/cert-manager/CERT_MANAGER_CAINJECTOR_ATTRIBUTION.txt +++ b/projects/cert-manager/cert-manager/CERT_MANAGER_CAINJECTOR_ATTRIBUTION.txt @@ -2,7 +2,7 @@ ** github.com/cert-manager/cert-manager; version v0.0.0-00010101000000-000000000000 -- https://github.com/cert-manager/cert-manager -** github.com/cert-manager/cert-manager/cainjector-binary; version v1.13.0 -- +** github.com/cert-manager/cert-manager/cainjector-binary; version v1.13.1 -- https://github.com/cert-manager/cert-manager/cainjector-binary ** github.com/go-logr/logr; version v1.2.4 -- @@ -977,7 +977,7 @@ Copyright (c) 2014 Benedikt Lang https://github.com/cespare/xxhash/v2 Copyright (c) 2016 Caleb Spare -** github.com/emicklei/go-restful/v3; version v3.10.2 -- +** github.com/emicklei/go-restful/v3; version v3.11.0 -- https://github.com/emicklei/go-restful/v3 Copyright (c) 2012,2013 Ernest Micklei diff --git a/projects/cert-manager/cert-manager/CERT_MANAGER_CONTROLLER_ATTRIBUTION.txt b/projects/cert-manager/cert-manager/CERT_MANAGER_CONTROLLER_ATTRIBUTION.txt index 5f133b7c63..a3609626be 100644 --- a/projects/cert-manager/cert-manager/CERT_MANAGER_CONTROLLER_ATTRIBUTION.txt +++ b/projects/cert-manager/cert-manager/CERT_MANAGER_CONTROLLER_ATTRIBUTION.txt @@ -32,7 +32,7 @@ https://github.com/Azure/go-autorest/tracing ** github.com/cert-manager/cert-manager; version v0.0.0-00010101000000-000000000000 -- https://github.com/cert-manager/cert-manager -** github.com/cert-manager/cert-manager/controller-binary; version v1.13.0 -- +** github.com/cert-manager/cert-manager/controller-binary; version v1.13.1 -- https://github.com/cert-manager/cert-manager/controller-binary ** github.com/coreos/go-semver/semver; version v0.3.1 -- @@ -1398,7 +1398,7 @@ Copyright (c) 2016 Caleb Spare https://github.com/cpu/goacmedns Copyright (c) 2018 Daniel McCarney -** github.com/emicklei/go-restful/v3; version v3.10.2 -- +** github.com/emicklei/go-restful/v3; version v3.11.0 -- https://github.com/emicklei/go-restful/v3 Copyright (c) 2012,2013 Ernest Micklei diff --git a/projects/cert-manager/cert-manager/CERT_MANAGER_CTL_ATTRIBUTION.txt b/projects/cert-manager/cert-manager/CERT_MANAGER_CTL_ATTRIBUTION.txt index 2b9b6c2190..b562b5e5ab 100644 --- a/projects/cert-manager/cert-manager/CERT_MANAGER_CTL_ATTRIBUTION.txt +++ b/projects/cert-manager/cert-manager/CERT_MANAGER_CTL_ATTRIBUTION.txt @@ -1,8 +1,8 @@ -** github.com/cert-manager/cert-manager; version v1.13.0-beta.0.0.20230912141016-a7a7fabaf551 -- +** github.com/cert-manager/cert-manager; version v1.13.1-0.20230926135348-f64cbc05f510 -- https://github.com/cert-manager/cert-manager -** github.com/cert-manager/cert-manager/cmd/ctl; version v1.13.0 -- +** github.com/cert-manager/cert-manager/cmd/ctl; version v1.13.1 -- https://github.com/cert-manager/cert-manager/cmd/ctl ** github.com/containerd/containerd; version v1.7.1 -- @@ -1354,7 +1354,7 @@ Copyright (c) 2016 Caleb Spare https://github.com/docker/docker-credential-helpers Copyright (c) 2016 David Calavera -** github.com/emicklei/go-restful/v3; version v3.10.2 -- +** github.com/emicklei/go-restful/v3; version v3.11.0 -- https://github.com/emicklei/go-restful/v3 Copyright (c) 2012,2013 Ernest Micklei diff --git a/projects/cert-manager/cert-manager/CERT_MANAGER_WEBHOOK_ATTRIBUTION.txt b/projects/cert-manager/cert-manager/CERT_MANAGER_WEBHOOK_ATTRIBUTION.txt index f4a48e3ca1..754e82c0c0 100644 --- a/projects/cert-manager/cert-manager/CERT_MANAGER_WEBHOOK_ATTRIBUTION.txt +++ b/projects/cert-manager/cert-manager/CERT_MANAGER_WEBHOOK_ATTRIBUTION.txt @@ -2,7 +2,7 @@ ** github.com/cert-manager/cert-manager; version v0.0.0-00010101000000-000000000000 -- https://github.com/cert-manager/cert-manager -** github.com/cert-manager/cert-manager/webhook-binary; version v1.13.0 -- +** github.com/cert-manager/cert-manager/webhook-binary; version v1.13.1 -- https://github.com/cert-manager/cert-manager/webhook-binary ** github.com/go-logr/logr; version v1.2.4 -- @@ -972,7 +972,7 @@ Copyright (c) 2014 Cenk Altı https://github.com/cespare/xxhash/v2 Copyright (c) 2016 Caleb Spare -** github.com/emicklei/go-restful/v3; version v3.10.2 -- +** github.com/emicklei/go-restful/v3; version v3.11.0 -- https://github.com/emicklei/go-restful/v3 Copyright (c) 2012,2013 Ernest Micklei diff --git a/projects/cert-manager/cert-manager/CHECKSUMS b/projects/cert-manager/cert-manager/CHECKSUMS index 37e9f93d7b..ed72c1c9cb 100644 --- a/projects/cert-manager/cert-manager/CHECKSUMS +++ b/projects/cert-manager/cert-manager/CHECKSUMS @@ -1,10 +1,10 @@ -0aa982ff0ea5f03cc756e41ed34fd7ec5bfe2128661200d9f256785d1674726f _output/bin/cert-manager/linux-amd64/cert-manager-acmesolver -08b741469ba31e3fe772eb1510aab68b86d42bb9ba94bfe2988e3eafa9887da0 _output/bin/cert-manager/linux-amd64/cert-manager-cainjector -42171baf2350f2c94a6687bb4ed566e9a8bd6ee5407c53188173da432663411c _output/bin/cert-manager/linux-amd64/cert-manager-controller -20e3626e1ace3257d4d101a947fe3b02a24376a748aa05417641852b84ca1549 _output/bin/cert-manager/linux-amd64/cert-manager-ctl -522c244fda2fb3fa1804dbfe03e8808356a89adf6b74b3f4736d6c1f2aa7ea1b _output/bin/cert-manager/linux-amd64/cert-manager-webhook -d1c6cdaf625118729bcfa8771a460290e86eeb9af289af806d0eca7584ebaee2 _output/bin/cert-manager/linux-arm64/cert-manager-acmesolver -b5e33343ebc0083636aacc222f802cde2b4a61d76549b2f10a022861262794e5 _output/bin/cert-manager/linux-arm64/cert-manager-cainjector -4ccc9b7f06d0e3eaa223ec40bb919cd2ab43fedb10b0b388131ed12ea9221d91 _output/bin/cert-manager/linux-arm64/cert-manager-controller -ec984ccc28d07ba0a88d51939cce6b7f477afbe21a77be707ba3aa9566feb88f _output/bin/cert-manager/linux-arm64/cert-manager-ctl -90c445902b9aa47029a8f90a2532f12ee3e694d4c65695d36033ecac240ac35c _output/bin/cert-manager/linux-arm64/cert-manager-webhook +885f2f3a5d4307112ba8b2dd78cbf92819f500d85344bd5dff26513a42aa4f65 _output/bin/cert-manager/linux-amd64/cert-manager-acmesolver +0e28365452b781f73748314e175a9a3b63ac451309bbd590646a2450d4ee0a6c _output/bin/cert-manager/linux-amd64/cert-manager-cainjector +4d2dcead46aae15cabc17919c1f851ef5249924529eb32c444396f06d2ae7185 _output/bin/cert-manager/linux-amd64/cert-manager-controller +0319bd0be2e1b01b882a9a8693667f22ea521c1d31472bb5d7bdd43e14852c13 _output/bin/cert-manager/linux-amd64/cert-manager-ctl +edd82a99aebb5c868700c15b9d08bb0efb6b4d9fb25f3bd43db2912e29fda74f _output/bin/cert-manager/linux-amd64/cert-manager-webhook +a32b8b597293ea99e5be52c3aa3f5f946a9e5fb3bff17b1fbd81e28db8d746a4 _output/bin/cert-manager/linux-arm64/cert-manager-acmesolver +0ead6cbc6b6e09aefb85c361123e4a2c9d8eaeaf0acd9ac9d894717d7b8dba84 _output/bin/cert-manager/linux-arm64/cert-manager-cainjector +344bce68b0ec6186bf71c16b4f8cc2512ab30479c56e157f11d328cf5c6f6322 _output/bin/cert-manager/linux-arm64/cert-manager-controller +2e51e65e6634469ddde80a4e18b6dfc0d59497e9dfd75c3c2feedbc298d3f18d _output/bin/cert-manager/linux-arm64/cert-manager-ctl +59f493e5f8d25aa161b2076db50e55c5c41595ee16a916744d4b32e82c4c024a _output/bin/cert-manager/linux-arm64/cert-manager-webhook diff --git a/projects/cert-manager/cert-manager/GIT_TAG b/projects/cert-manager/cert-manager/GIT_TAG index b281204620..8cc47ae430 100644 --- a/projects/cert-manager/cert-manager/GIT_TAG +++ b/projects/cert-manager/cert-manager/GIT_TAG @@ -1 +1 @@ -v1.13.0 +v1.13.1 diff --git a/projects/cert-manager/cert-manager/README.md b/projects/cert-manager/cert-manager/README.md index 90c658b1dd..27e683bb1f 100644 --- a/projects/cert-manager/cert-manager/README.md +++ b/projects/cert-manager/cert-manager/README.md @@ -1,5 +1,5 @@ ## **cert-manager** -![Version](https://img.shields.io/badge/version-v1.13.0-blue) +![Version](https://img.shields.io/badge/version-v1.13.1-blue) ![Build Status](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiUkphQkhWTUpOOVE1OFVLU0dHQmVFUXZJV0dJaGVLYmtEZHp0aGtDRnJBQUxtaHVqOWp3S0l6d0NlTytqNWpwc2tNTmF6RnNhMTZ3d1J1RXErR0lWcldZPSIsIml2UGFyYW1ldGVyU3BlYyI6IlQyU2lIcVVtU3ozZVZSVTgiLCJtYXRlcmlhbFNldFNlcmlhbCI6MX0%3D&branch=main) [cert-manager](https://github.com/cert-manager/cert-manager) is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources, such as [Let’s Encrypt](https://letsencrypt.org), [HashiCorp Vault](https://www.vaultproject.io), [Venafi](https://www.venafi.com/), a simple signing key pair, or self signed. It periodically ensures that certificates are valid and up-to-date, and attempts to renew certificates at an appropriate time before expiry. diff --git a/projects/cert-manager/cert-manager/manifests/cert-manager.yaml b/projects/cert-manager/cert-manager/manifests/cert-manager.yaml index 40ab7e8c67..3ebf667b35 100644 --- a/projects/cert-manager/cert-manager/manifests/cert-manager.yaml +++ b/projects/cert-manager/cert-manager/manifests/cert-manager.yaml @@ -27,7 +27,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: cert-manager.io names: @@ -225,7 +225,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: cert-manager.io names: @@ -596,7 +596,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: acme.cert-manager.io names: @@ -1674,7 +1674,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: cert-manager.io names: @@ -2994,7 +2994,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: cert-manager.io names: @@ -4314,7 +4314,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: group: acme.cert-manager.io names: @@ -4498,7 +4498,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" --- # Source: cert-manager/templates/serviceaccount.yaml apiVersion: v1 @@ -4512,7 +4512,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" --- # Source: cert-manager/templates/webhook-serviceaccount.yaml apiVersion: v1 @@ -4526,7 +4526,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" --- # Source: cert-manager/templates/controller-config.yaml apiVersion: v1 @@ -4539,7 +4539,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" data: --- # Source: cert-manager/templates/webhook-config.yaml @@ -4553,7 +4553,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" data: --- # Source: cert-manager/templates/cainjector-rbac.yaml @@ -4566,7 +4566,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates"] @@ -4598,7 +4598,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] @@ -4624,7 +4624,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] @@ -4650,7 +4650,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] @@ -4685,7 +4685,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] @@ -4723,7 +4723,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: # Use to update challenge resource status - apiGroups: ["acme.cert-manager.io"] @@ -4783,7 +4783,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests"] @@ -4820,7 +4820,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" rules: - apiGroups: ["cert-manager.io"] @@ -4837,7 +4837,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -4860,7 +4860,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: @@ -4885,7 +4885,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["cert-manager.io"] resources: ["signers"] @@ -4905,7 +4905,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["certificates.k8s.io"] resources: ["certificatesigningrequests"] @@ -4931,7 +4931,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["authorization.k8s.io"] resources: ["subjectaccessreviews"] @@ -4947,7 +4947,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -4967,7 +4967,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -4987,7 +4987,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5007,7 +5007,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5027,7 +5027,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5047,7 +5047,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5067,7 +5067,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5087,7 +5087,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5107,7 +5107,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5127,7 +5127,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5150,7 +5150,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: # Used for leader election by the controller # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller @@ -5176,7 +5176,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: ["coordination.k8s.io"] resources: ["leases"] @@ -5197,7 +5197,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" rules: - apiGroups: [""] resources: ["secrets"] @@ -5222,7 +5222,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5245,7 +5245,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5267,7 +5267,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5289,7 +5289,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: type: ClusterIP ports: @@ -5313,7 +5313,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: type: ClusterIP ports: @@ -5337,7 +5337,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: replicas: 1 selector: @@ -5352,7 +5352,7 @@ spec: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: serviceAccountName: cert-manager-cainjector enableServiceLinks: false @@ -5362,7 +5362,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-cainjector - image: "quay.io/jetstack/cert-manager-cainjector:v1.13.0" + image: "quay.io/jetstack/cert-manager-cainjector:v1.13.1" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5391,7 +5391,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: replicas: 1 selector: @@ -5406,7 +5406,7 @@ spec: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" annotations: prometheus.io/path: "/metrics" prometheus.io/scrape: 'true' @@ -5420,13 +5420,13 @@ spec: type: RuntimeDefault containers: - name: cert-manager-controller - image: "quay.io/jetstack/cert-manager-controller:v1.13.0" + image: "quay.io/jetstack/cert-manager-controller:v1.13.1" imagePullPolicy: IfNotPresent args: - --v=2 - --cluster-resource-namespace=$(POD_NAMESPACE) - --leader-election-namespace=kube-system - - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.13.0 + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.13.1 - --max-concurrent-challenges=60 ports: - containerPort: 9402 @@ -5459,7 +5459,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: replicas: 1 selector: @@ -5474,7 +5474,7 @@ spec: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" spec: serviceAccountName: cert-manager-webhook enableServiceLinks: false @@ -5484,7 +5484,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-webhook - image: "quay.io/jetstack/cert-manager-webhook:v1.13.0" + image: "quay.io/jetstack/cert-manager-webhook:v1.13.1" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5545,7 +5545,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: @@ -5586,7 +5586,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.0" + app.kubernetes.io/version: "v1.13.1" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: diff --git a/projects/kubernetes-sigs/cluster-api/ATTRIBUTION.txt b/projects/kubernetes-sigs/cluster-api/ATTRIBUTION.txt index ff5a23c865..b70c73d9fb 100644 --- a/projects/kubernetes-sigs/cluster-api/ATTRIBUTION.txt +++ b/projects/kubernetes-sigs/cluster-api/ATTRIBUTION.txt @@ -179,7 +179,7 @@ https://github.com/kubernetes/metrics ** k8s.io/utils; version v0.0.0-20230209194617-a36077c30491 -- https://github.com/kubernetes/utils -** sigs.k8s.io/cluster-api; version v1.5.2 -- +** sigs.k8s.io/cluster-api; version v1.5.3 -- https://github.com/kubernetes-sigs/cluster-api ** sigs.k8s.io/controller-runtime; version v0.15.1 -- @@ -1032,22 +1032,22 @@ https://github.com/liggitt/tabwriter ** golang.org/go; version go1.20.11 -- https://github.com/golang/go -** golang.org/x/crypto; version v0.11.0 -- +** golang.org/x/crypto; version v0.14.0 -- https://golang.org/x/crypto -** golang.org/x/net; version v0.13.0 -- +** golang.org/x/net; version v0.17.0 -- https://golang.org/x/net ** golang.org/x/oauth2; version v0.10.0 -- https://golang.org/x/oauth2 -** golang.org/x/sys/unix; version v0.10.0 -- +** golang.org/x/sys/unix; version v0.13.0 -- https://golang.org/x/sys -** golang.org/x/term; version v0.10.0 -- +** golang.org/x/term; version v0.13.0 -- https://golang.org/x/term -** golang.org/x/text; version v0.11.0 -- +** golang.org/x/text; version v0.13.0 -- https://golang.org/x/text ** golang.org/x/time/rate; version v0.3.0 -- diff --git a/projects/kubernetes-sigs/cluster-api/CAPD_ATTRIBUTION.txt b/projects/kubernetes-sigs/cluster-api/CAPD_ATTRIBUTION.txt index f5ae8860c1..0c21442afe 100644 --- a/projects/kubernetes-sigs/cluster-api/CAPD_ATTRIBUTION.txt +++ b/projects/kubernetes-sigs/cluster-api/CAPD_ATTRIBUTION.txt @@ -113,13 +113,13 @@ https://github.com/kubernetes/utils ** sigs.k8s.io/cluster-api; version v0.0.0-00010101000000-000000000000 -- https://github.com/kubernetes-sigs/cluster-api -** sigs.k8s.io/cluster-api/test/infrastructure/container; version v1.5.2 -- +** sigs.k8s.io/cluster-api/test/infrastructure/container; version v1.5.3 -- https://github.com/kubernetes-sigs/cluster-api -** sigs.k8s.io/cluster-api/test/infrastructure/docker; version v1.5.2 -- +** sigs.k8s.io/cluster-api/test/infrastructure/docker; version v1.5.3 -- https://github.com/kubernetes-sigs/cluster-api -** sigs.k8s.io/cluster-api/test/infrastructure/kind; version v1.5.2 -- +** sigs.k8s.io/cluster-api/test/infrastructure/kind; version v1.5.3 -- https://github.com/kubernetes-sigs/cluster-api ** sigs.k8s.io/controller-runtime; version v0.15.1 -- @@ -833,19 +833,19 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ** golang.org/go; version go1.20.11 -- https://github.com/golang/go -** golang.org/x/net; version v0.13.0 -- +** golang.org/x/net; version v0.17.0 -- https://golang.org/x/net ** golang.org/x/oauth2; version v0.10.0 -- https://golang.org/x/oauth2 -** golang.org/x/sys/unix; version v0.10.0 -- +** golang.org/x/sys/unix; version v0.13.0 -- https://golang.org/x/sys -** golang.org/x/term; version v0.10.0 -- +** golang.org/x/term; version v0.13.0 -- https://golang.org/x/term -** golang.org/x/text; version v0.11.0 -- +** golang.org/x/text; version v0.13.0 -- https://golang.org/x/text ** golang.org/x/time/rate; version v0.3.0 -- diff --git a/projects/kubernetes-sigs/cluster-api/CHECKSUMS b/projects/kubernetes-sigs/cluster-api/CHECKSUMS index e108f9bcd7..ad8248ac19 100644 --- a/projects/kubernetes-sigs/cluster-api/CHECKSUMS +++ b/projects/kubernetes-sigs/cluster-api/CHECKSUMS @@ -1,10 +1,10 @@ -aa8be2457998243ba0fbda183ba25100dfbe878a1bff6fb21d5bd8a668b14b5a _output/bin/cluster-api/linux-amd64/cluster-api-provider-docker-manager -bc63d9454e29b9432c53a44e9e6add85164230ae6763a1e3db33711a4706bb5d _output/bin/cluster-api/linux-amd64/clusterctl -159a5261708db972239eca27ba51cb784cafaeed65d4b6f765d63dd04848c48b _output/bin/cluster-api/linux-amd64/kubeadm-bootstrap-manager -756c0deb59522f7f0870b31f3520407634ed6636ad1bc469002691d493d45126 _output/bin/cluster-api/linux-amd64/kubeadm-control-plane-manager -659503895dc795d8cf7f60b6b1d7f720a6ec8dabb0184e081bdac379e622b5c0 _output/bin/cluster-api/linux-amd64/manager -a9532831d8edb3127ed216430a124ff5b613a67e3a26d63a84c869a782ea3601 _output/bin/cluster-api/linux-arm64/cluster-api-provider-docker-manager -4cf2899df969f1250d9af71727c613533ed50d939f9c433e0b80860c473a1d36 _output/bin/cluster-api/linux-arm64/clusterctl -e0583ec85630a8a1674e0b4743fb02955f6fb38d3d652b14e4d917ed961f4e0b _output/bin/cluster-api/linux-arm64/kubeadm-bootstrap-manager -4fd4edcbe2a732c85084d2593f089fa434eb7463829713cd7387ba7f285eabcd _output/bin/cluster-api/linux-arm64/kubeadm-control-plane-manager -30db71d40fec146e8587bdd2804641850982cffef9a8d919390818bc11d322d5 _output/bin/cluster-api/linux-arm64/manager +fd118a503b5559f565370d5f02c8ef2fa1a832a69078459928dabebb2c53aeb9 _output/bin/cluster-api/linux-amd64/cluster-api-provider-docker-manager +d1a4b86b5443e9ca0b4cf87dda1866e332d4edd5388949a2e866edb521b6b474 _output/bin/cluster-api/linux-amd64/clusterctl +9723711843f0417c7bb6e2dd145c24c6ffb8043b0fe2b8095f55315dcb05b096 _output/bin/cluster-api/linux-amd64/kubeadm-bootstrap-manager +d28139aa040690eccbd8f68318913c731dd383c97977a12bba83215aa63a2314 _output/bin/cluster-api/linux-amd64/kubeadm-control-plane-manager +f9681ea4682e57a86a677170599a43f9164ef5cf0e6d188ef666f97ac376a74e _output/bin/cluster-api/linux-amd64/manager +37ebc975f191d7144c214fc601f6c19facecd63af289b68fd924ac0809481adf _output/bin/cluster-api/linux-arm64/cluster-api-provider-docker-manager +8f4b157034bd1eafc8f59212ac501d99ad0ed59755a075df40eb6f3f91bee16c _output/bin/cluster-api/linux-arm64/clusterctl +7f7f4773e87464541c462dc263045d4383239a179d72ead0fbfc19f5b79f9cff _output/bin/cluster-api/linux-arm64/kubeadm-bootstrap-manager +1e78300d9fd35b9a52bbb127b033554446bb2bc954d629027565b4a383c0eff5 _output/bin/cluster-api/linux-arm64/kubeadm-control-plane-manager +40ed52602aad4fac5347a1e94d4dc016bf4fd5781d0c8cf8c586d4626ee9bf59 _output/bin/cluster-api/linux-arm64/manager diff --git a/projects/kubernetes-sigs/cluster-api/GIT_TAG b/projects/kubernetes-sigs/cluster-api/GIT_TAG index a503124bd9..f1a2e631da 100644 --- a/projects/kubernetes-sigs/cluster-api/GIT_TAG +++ b/projects/kubernetes-sigs/cluster-api/GIT_TAG @@ -1 +1 @@ -v1.5.2 +v1.5.3 diff --git a/projects/kubernetes-sigs/cluster-api/README.md b/projects/kubernetes-sigs/cluster-api/README.md index 7361590376..05c2bdc0e6 100644 --- a/projects/kubernetes-sigs/cluster-api/README.md +++ b/projects/kubernetes-sigs/cluster-api/README.md @@ -1,5 +1,5 @@ ## **Cluster API** -![Version](https://img.shields.io/badge/version-v1.5.2-blue) +![Version](https://img.shields.io/badge/version-v1.5.3-blue) ![Build Status](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiQVZ3TDBZZVVXZUZiVmtqLzVoOVcrV2FaMmxRRzJXRmJCRlZtQkNodXdWZ0FrNm0zQ3l5UzNqTkdsQXgwdzc0bTBZc1RIcjBhMUVFbEhIK3d2VDVPek1rPSIsIml2UGFyYW1ldGVyU3BlYyI6IkVuOGJxNXBPZEtDek81Q3giLCJtYXRlcmlhbFNldFNlcmlhbCI6MX0%3D&branch=main) [Cluster API](https://github.com/kubernetes-sigs/cluster-api) is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. It uses Kubernetes-style APIs and patterns to automate cluster lifecycle management for platform operators. The supporting infrastructure, like virtual machines, networks, load balancers, and VPCs, as well as the Kubernetes cluster configuration are all defined in the same way that application developers operate deploying and managing their workloads. This enables consistent and repeatable cluster deployments across a wide variety of infrastructure environments. Cluster API can be extended to support any infrastructure provider (AWS, Azure, vSphere, etc.) or bootstrap provider (kubeadm is default) as required by the customer. diff --git a/projects/kubernetes-sigs/cluster-api/patches/0001-Adding-capi-support-for-Bottlerocket.patch b/projects/kubernetes-sigs/cluster-api/patches/0001-Adding-capi-support-for-Bottlerocket.patch index a9ffacfe36..1745b6a4e9 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0001-Adding-capi-support-for-Bottlerocket.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0001-Adding-capi-support-for-Bottlerocket.patch @@ -1,4 +1,4 @@ -From f711603e87012e0101ca86a70942477fd3fea11a Mon Sep 17 00:00:00 2001 +From d5da19a186ba53f8b0537a3947c3db99ab52c30c Mon Sep 17 00:00:00 2001 From: Vignesh Goutham Ganesh Date: Fri, 11 Jun 2021 10:43:09 -0700 Subject: [PATCH 01/36] Adding capi support for Bottlerocket @@ -36,8 +36,9 @@ Remove userdata logging for bottlerocket ...strap.cluster.x-k8s.io_kubeadmconfigs.yaml | 174 ++++++++++++++++ ...uster.x-k8s.io_kubeadmconfigtemplates.yaml | 186 ++++++++++++++++++ .../internal/bottlerocket/bootstrap.go | 45 +++++ - .../internal/bottlerocket/bottlerocket.go | 179 +++++++++++++++++ - .../bottlerocket/controlplane_init.go | 49 +++++ + .../internal/bottlerocket/bottlerocket.go | 177 +++++++++++++++++ + .../bottlerocket/bottlerocket_test.go | 141 +++++++++++++ + .../bottlerocket/controlplane_init.go | 47 +++++ .../bottlerocket/controlplane_join.go | 30 +++ .../kubeadm/internal/bottlerocket/files.go | 18 ++ .../kubeadm/internal/bottlerocket/node.go | 32 +++ @@ -49,10 +50,10 @@ Remove userdata logging for bottlerocket .../upstreamv1beta1/zz_generated.deepcopy.go | 58 ++++++ ...cluster.x-k8s.io_kubeadmcontrolplanes.yaml | 186 ++++++++++++++++++ ...x-k8s.io_kubeadmcontrolplanetemplates.yaml | 99 ++++++++++ - go.mod | 2 +- - 21 files changed, 1281 insertions(+), 5 deletions(-) + 21 files changed, 1417 insertions(+), 4 deletions(-) create mode 100644 bootstrap/kubeadm/internal/bottlerocket/bootstrap.go create mode 100644 bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go + create mode 100644 bootstrap/kubeadm/internal/bottlerocket/bottlerocket_test.go create mode 100644 bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go create mode 100644 bootstrap/kubeadm/internal/bottlerocket/controlplane_join.go create mode 100644 bootstrap/kubeadm/internal/bottlerocket/files.go @@ -759,10 +760,10 @@ index 000000000..e4be8d945 +) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go new file mode 100644 -index 000000000..d35016276 +index 000000000..350965204 --- /dev/null +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -0,0 +1,179 @@ +@@ -0,0 +1,177 @@ +package bottlerocket + +import ( @@ -772,10 +773,11 @@ index 000000000..d35016276 + "strings" + "text/template" + -+ bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" -+ + "github.com/pkg/errors" -+ yaml "gopkg.in/yaml.v2" ++ corev1 "k8s.io/api/core/v1" ++ "sigs.k8s.io/yaml" ++ ++ bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" +) + +const ( @@ -917,24 +919,21 @@ index 000000000..d35016276 + for _, file := range writeFiles { + if file.Path == "/etc/kubernetes/manifests/kube-vip.yaml" { + // unmarshal the yaml file from contents -+ var yamlData map[string]interface{} -+ err := yaml.Unmarshal([]byte(file.Content), &yamlData) ++ pod := &corev1.Pod{} ++ err := yaml.Unmarshal([]byte(file.Content), pod) + if err != nil { -+ return nil, errors.Wrap(err, "Error unmarshalling yaml content from kube-vip") ++ return nil, errors.Wrap(err, "unmarshalling yaml content from kube-vip") + } + + // Patch the spec.Volume mount path -+ spec := yamlData["spec"].(map[interface{}]interface{}) -+ volumes := spec["volumes"].([]interface{}) -+ currentVol := volumes[0].(map[interface{}]interface{}) -+ hostPath := currentVol["hostPath"].(map[interface{}]interface{}) -+ hostPath["type"] = "File" -+ hostPath["path"] = "/var/lib/kubeadm/admin.conf" ++ f := corev1.HostPathFile ++ pod.Spec.Volumes[0].HostPath.Type = &f ++ pod.Spec.Volumes[0].HostPath.Path = "/var/lib/kubeadm/admin.conf" + + // Marshall back into yaml and override -+ patchedYaml, err := yaml.Marshal(&yamlData) ++ patchedYaml, err := yaml.Marshal(pod) + if err != nil { -+ return nil, errors.Wrap(err, "Error marshalling patched kube-vip yaml") ++ return nil, errors.Wrap(err, "marshalling patched kube-vip yaml") + } + file.Content = string(patchedYaml) + } @@ -942,12 +941,159 @@ index 000000000..d35016276 + } + return patchedFiles, nil +} +diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket_test.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket_test.go +new file mode 100644 +index 000000000..71768969b +--- /dev/null ++++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket_test.go +@@ -0,0 +1,141 @@ ++package bottlerocket ++ ++import ( ++ "testing" ++ ++ . "github.com/onsi/gomega" ++ ++ bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" ++) ++ ++func Test_patchKubeVipFile(t *testing.T) { ++ tests := []struct { ++ name string ++ writeFiles []bootstrapv1.File ++ want []bootstrapv1.File ++ }{ ++ { ++ name: "one kube-vip file", ++ writeFiles: []bootstrapv1.File{ ++ { ++ Path: "/etc/kubernetes/manifests/kube-vip.yaml", ++ Content: `apiVersion: v1 ++kind: Pod ++metadata: ++ creationTimestamp: null ++ name: kube-vip ++ namespace: kube-system ++spec: ++ containers: ++ - args: ++ - manager ++ env: ++ - name: vip_arp ++ value: "true" ++ - name: port ++ value: "6443" ++ - name: vip_cidr ++ value: "32" ++ - name: cp_enable ++ value: "true" ++ - name: cp_namespace ++ value: kube-system ++ - name: vip_ddns ++ value: "false" ++ - name: vip_leaderelection ++ value: "true" ++ - name: vip_leaseduration ++ value: "15" ++ - name: vip_renewdeadline ++ value: "10" ++ - name: vip_retryperiod ++ value: "2" ++ - name: address ++ value: 192.168.1.1 ++ image: kube-vip:v1.0 ++ imagePullPolicy: IfNotPresent ++ name: kube-vip ++ resources: {} ++ securityContext: ++ capabilities: ++ add: ++ - NET_ADMIN ++ - NET_RAW ++ volumeMounts: ++ - mountPath: /etc/kubernetes/admin.conf ++ name: kubeconfig ++ hostNetwork: true ++ volumes: ++ - hostPath: ++ path: /etc/kubernetes/admin.conf ++ name: kubeconfig ++status: {}`, ++ }, ++ }, ++ want: []bootstrapv1.File{ ++ { ++ Path: "/etc/kubernetes/manifests/kube-vip.yaml", ++ Content: `apiVersion: v1 ++kind: Pod ++metadata: ++ creationTimestamp: null ++ name: kube-vip ++ namespace: kube-system ++spec: ++ containers: ++ - args: ++ - manager ++ env: ++ - name: vip_arp ++ value: "true" ++ - name: port ++ value: "6443" ++ - name: vip_cidr ++ value: "32" ++ - name: cp_enable ++ value: "true" ++ - name: cp_namespace ++ value: kube-system ++ - name: vip_ddns ++ value: "false" ++ - name: vip_leaderelection ++ value: "true" ++ - name: vip_leaseduration ++ value: "15" ++ - name: vip_renewdeadline ++ value: "10" ++ - name: vip_retryperiod ++ value: "2" ++ - name: address ++ value: 192.168.1.1 ++ image: kube-vip:v1.0 ++ imagePullPolicy: IfNotPresent ++ name: kube-vip ++ resources: {} ++ securityContext: ++ capabilities: ++ add: ++ - NET_ADMIN ++ - NET_RAW ++ volumeMounts: ++ - mountPath: /etc/kubernetes/admin.conf ++ name: kubeconfig ++ hostNetwork: true ++ volumes: ++ - hostPath: ++ path: /var/lib/kubeadm/admin.conf ++ type: File ++ name: kubeconfig ++status: {} ++`, ++ }, ++ }, ++ }, ++ } ++ for _, tt := range tests { ++ t.Run(tt.name, func(t *testing.T) { ++ g := NewWithT(t) ++ g.Expect(patchKubeVipFile(tt.writeFiles)).To(BeComparableTo(tt.want)) ++ }) ++ } ++} diff --git a/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go b/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go new file mode 100644 -index 000000000..edf555b8c +index 000000000..8f9b6e12e --- /dev/null +++ b/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go -@@ -0,0 +1,49 @@ +@@ -0,0 +1,47 @@ +// TODO: make bottlerocket(init) more agnostic. In addition to other changes to make things +// less hacky, also move calling cloudinit from controller and passing it to +// bottlerocket bootstrap, to all control to bottlerocket bootstrap itself. @@ -956,8 +1102,6 @@ index 000000000..edf555b8c +package bottlerocket + +import ( -+ "fmt" -+ + "github.com/pkg/errors" + "sigs.k8s.io/cluster-api/bootstrap/kubeadm/internal/cloudinit" +) @@ -1825,26 +1969,6 @@ index 1a6d560e9..68484236f 100644 skipPhases: description: SkipPhases is a list of phases to skip during command execution. The list of phases can -diff --git a/go.mod b/go.mod -index 347b9c697..4c653ad98 100644 ---- a/go.mod -+++ b/go.mod -@@ -33,6 +33,7 @@ require ( - golang.org/x/net v0.13.0 // indirect - golang.org/x/oauth2 v0.10.0 - google.golang.org/grpc v1.55.0 -+ gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.27.2 - k8s.io/apiextensions-apiserver v0.27.2 - k8s.io/apimachinery v0.27.2 -@@ -133,7 +134,6 @@ require ( - google.golang.org/protobuf v1.31.0 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/ini.v1 v1.67.0 // indirect -- gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/cli-runtime v0.27.2 // indirect - k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0002-Add-unstacked-etcd-support.patch b/projects/kubernetes-sigs/cluster-api/patches/0002-Add-unstacked-etcd-support.patch index 15fceaf267..8162c932e9 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0002-Add-unstacked-etcd-support.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0002-Add-unstacked-etcd-support.patch @@ -1,4 +1,4 @@ -From 8198a765670646a0e95c759620cacc04d32c2c1b Mon Sep 17 00:00:00 2001 +From 6e26e76ff6826003ce9eb9e4c8945cc612c073de Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Mon, 28 Jun 2021 13:44:50 -0700 Subject: [PATCH 02/36] Add unstacked etcd support @@ -73,7 +73,6 @@ commits on the new 1.0.1 branch. This commit adds back the permission. api/v1beta1/cluster_types.go | 14 ++ api/v1beta1/condition_consts.go | 16 ++ api/v1beta1/machine_types.go | 3 + - .../bottlerocket/controlplane_init.go | 2 - cmd/clusterctl/client/cluster/mover.go | 3 +- .../crd/bases/cluster.x-k8s.io_clusters.yaml | 144 ++++++++++++++++++ config/rbac/role.yaml | 15 ++ @@ -92,7 +91,7 @@ commits on the new 1.0.1 branch. This commit adds back the permission. util/secret/certificates.go | 3 + util/secret/consts.go | 2 + util/util.go | 6 + - 26 files changed, 862 insertions(+), 26 deletions(-) + 25 files changed, 862 insertions(+), 24 deletions(-) diff --git a/api/v1alpha3/cluster_types.go b/api/v1alpha3/cluster_types.go index 2421a2796..88f945742 100644 @@ -279,19 +278,6 @@ index ee9597306..2da343ae2 100644 // ExcludeNodeDrainingAnnotation annotation explicitly skips node draining if set. ExcludeNodeDrainingAnnotation = "machine.cluster.x-k8s.io/exclude-node-draining" -diff --git a/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go b/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go -index edf555b8c..8f9b6e12e 100644 ---- a/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go -+++ b/bootstrap/kubeadm/internal/bottlerocket/controlplane_init.go -@@ -6,8 +6,6 @@ - package bottlerocket - - import ( -- "fmt" -- - "github.com/pkg/errors" - "sigs.k8s.io/cluster-api/bootstrap/kubeadm/internal/cloudinit" - ) diff --git a/cmd/clusterctl/client/cluster/mover.go b/cmd/clusterctl/client/cluster/mover.go index 433651d7d..3ea19a800 100644 --- a/cmd/clusterctl/client/cluster/mover.go @@ -1507,5 +1493,5 @@ index 93267f160..a85a7a11d 100644 func GetClusterFromMetadata(ctx context.Context, c client.Client, obj metav1.ObjectMeta) (*clusterv1.Cluster, error) { if obj.Labels[clusterv1.ClusterNameLabel] == "" { -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0003-Unstacked-etcd-and-controlplane-upgrade.patch b/projects/kubernetes-sigs/cluster-api/patches/0003-Unstacked-etcd-and-controlplane-upgrade.patch index 02041b7226..61e4525889 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0003-Unstacked-etcd-and-controlplane-upgrade.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0003-Unstacked-etcd-and-controlplane-upgrade.patch @@ -1,4 +1,4 @@ -From e7930eb837a1897ee48ce19a353557110204370d Mon Sep 17 00:00:00 2001 +From 7fe5c86e395e0df7059ee4392e633ae5c4c82365 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Fri, 6 Aug 2021 17:16:39 -0700 Subject: [PATCH 03/36] Unstacked etcd and controlplane upgrade @@ -1121,7 +1121,7 @@ index f3586efa5..465b837a3 100644 }) } diff --git a/internal/test/builder/builders.go b/internal/test/builder/builders.go -index 49f1b3ea3..a215d515b 100644 +index 10c7500b7..a874ed9a0 100644 --- a/internal/test/builder/builders.go +++ b/internal/test/builder/builders.go @@ -42,6 +42,7 @@ type ClusterBuilder struct { @@ -1258,5 +1258,5 @@ index 47dc7fc6b..e611502ae 100644 func hasAnnotation(o metav1.Object, annotation string) bool { annotations := o.GetAnnotations() -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0004-Patch-config-path-in-kubevip-manifest-for-kubeadm-co.patch b/projects/kubernetes-sigs/cluster-api/patches/0004-Patch-config-path-in-kubevip-manifest-for-kubeadm-co.patch index 431b36729d..ba266894b3 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0004-Patch-config-path-in-kubevip-manifest-for-kubeadm-co.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0004-Patch-config-path-in-kubevip-manifest-for-kubeadm-co.patch @@ -1,4 +1,4 @@ -From 7900e8cb1a292163e6e5754fd6f49d24807e8d4a Mon Sep 17 00:00:00 2001 +From 3ad75e8370f8f176cc1776918023f2ebdd4f22e0 Mon Sep 17 00:00:00 2001 From: Guillermo Gaston Date: Thu, 19 Aug 2021 21:52:52 +0000 Subject: [PATCH 04/36] Patch config path in kubevip manifest for kubeadm @@ -27,5 +27,5 @@ index b93e1164b..aecbda8f4 100644 if err != nil { return nil, errors.Wrapf(err, "failed to generate user data for machine joining control plane") -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0005-Make-pause-and-bottlerocket-bootstrap-images-updatab.patch b/projects/kubernetes-sigs/cluster-api/patches/0005-Make-pause-and-bottlerocket-bootstrap-images-updatab.patch index b395aba1ad..6c1552a17f 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0005-Make-pause-and-bottlerocket-bootstrap-images-updatab.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0005-Make-pause-and-bottlerocket-bootstrap-images-updatab.patch @@ -1,4 +1,4 @@ -From afd881d229118fda4eb3062d7fee89ac71336ca8 Mon Sep 17 00:00:00 2001 +From 70c42974b22492227400e3d54494b2225a308249 Mon Sep 17 00:00:00 2001 From: Guillermo Gaston Date: Tue, 31 Aug 2021 15:56:28 +0000 Subject: [PATCH 05/36] Make pause and bottlerocket bootstrap images updatable @@ -95,5 +95,5 @@ index b5d678d89..38946192d 100644 before := &KubeadmControlPlane{ ObjectMeta: metav1.ObjectMeta{ -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0006-add-support-for-registry-mirror-for-bottlerocket.patch b/projects/kubernetes-sigs/cluster-api/patches/0006-add-support-for-registry-mirror-for-bottlerocket.patch index 2c098cd3de..fd242173ed 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0006-add-support-for-registry-mirror-for-bottlerocket.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0006-add-support-for-registry-mirror-for-bottlerocket.patch @@ -1,4 +1,4 @@ -From ad4e5c5ffdfbb68d7d13f01393920efe4d388b13 Mon Sep 17 00:00:00 2001 +From 69715e629e7b14a6f92a0bd5fe2e1b491c7bad72 Mon Sep 17 00:00:00 2001 From: Abhinav Pandey Date: Tue, 21 Sep 2021 08:57:56 -0700 Subject: [PATCH 06/36] add support for registry mirror for bottlerocket @@ -1276,10 +1276,10 @@ index e4be8d945..886af6d87 100644 ` ) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index d35016276..f127ec4f1 100644 +index 350965204..61a84e621 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -21,9 +21,10 @@ const ( +@@ -22,9 +22,10 @@ const ( ) type BottlerocketConfig struct { @@ -1293,7 +1293,7 @@ index d35016276..f127ec4f1 100644 } type BottlerocketSettingsInput struct { -@@ -33,6 +34,8 @@ type BottlerocketSettingsInput struct { +@@ -34,6 +35,8 @@ type BottlerocketSettingsInput struct { PauseContainerSource string HTTPSProxyEndpoint string NoProxyEndpoints []string @@ -1302,7 +1302,7 @@ index d35016276..f127ec4f1 100644 } type HostPath struct { -@@ -89,7 +92,12 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -90,7 +93,12 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(networkInitTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse networks %s template", kind) } @@ -1316,7 +1316,7 @@ index d35016276..f127ec4f1 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -124,6 +132,10 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -125,6 +133,10 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot PauseContainerSource: fmt.Sprintf("%s:%s", config.Pause.ImageRepository, config.Pause.ImageTag), HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, NoProxyEndpoints: config.ProxyConfiguration.NoProxy, @@ -1573,5 +1573,5 @@ index 68484236f..f53cb9179 100644 description: SkipPhases is a list of phases to skip during command execution. The list of phases can -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0007-Fix-proxy-template-for-bottlerocket-bootstrap.patch b/projects/kubernetes-sigs/cluster-api/patches/0007-Fix-proxy-template-for-bottlerocket-bootstrap.patch index 6b642eba76..500537381f 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0007-Fix-proxy-template-for-bottlerocket-bootstrap.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0007-Fix-proxy-template-for-bottlerocket-bootstrap.patch @@ -1,4 +1,4 @@ -From 3be419efd31f202fabfd7b6039135655dac5bb0f Mon Sep 17 00:00:00 2001 +From a82c706b272cf1816506f9830352e1a4a73a8252 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Thu, 30 Sep 2021 14:04:36 -0700 Subject: [PATCH 07/36] Fix proxy template for bottlerocket bootstrap @@ -31,7 +31,7 @@ index 886af6d87..4e1de77db 100644 ` registryMirrorTemplate = `{{ define "registryMirrorSettings" -}} diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index f127ec4f1..9e4f8d4a5 100644 +index 61a84e621..331e37202 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -4,6 +4,7 @@ import ( @@ -42,7 +42,7 @@ index f127ec4f1..9e4f8d4a5 100644 "strings" "text/template" -@@ -79,7 +80,7 @@ func generateAdminContainerUserData(kind string, tpl string, data interface{}) ( +@@ -80,7 +81,7 @@ func generateAdminContainerUserData(kind string, tpl string, data interface{}) ( } func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, error) { @@ -51,7 +51,7 @@ index f127ec4f1..9e4f8d4a5 100644 if _, err := tm.Parse(bootstrapHostContainerTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse hostContainer %s template", kind) } -@@ -131,9 +132,13 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -132,9 +133,13 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot BootstrapContainerSource: fmt.Sprintf("%s:%s", config.BottlerocketBootstrap.ImageRepository, config.BottlerocketBootstrap.ImageTag), PauseContainerSource: fmt.Sprintf("%s:%s", config.Pause.ImageRepository, config.Pause.ImageTag), HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, @@ -67,5 +67,5 @@ index f127ec4f1..9e4f8d4a5 100644 bottlerocketInput.RegistryMirrorCACert = base64.StdEncoding.EncodeToString([]byte(config.RegistryMirrorConfiguration.CACert)) } -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0008-Update-core-conversion-spoke-versions.patch b/projects/kubernetes-sigs/cluster-api/patches/0008-Update-core-conversion-spoke-versions.patch index 16bbf6d0ae..03ccddbdc2 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0008-Update-core-conversion-spoke-versions.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0008-Update-core-conversion-spoke-versions.patch @@ -1,4 +1,4 @@ -From 4b719a7b4f04f539012d8ad77b8f671588a12ace Mon Sep 17 00:00:00 2001 +From 1bfedd22902f455c18e39fe7a328d6e191bf9698 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Sun, 21 Nov 2021 01:16:11 -0800 Subject: [PATCH 08/36] Update core conversion spoke versions @@ -78,7 +78,7 @@ index c7ea14ba3..30a689e8e 100644 } diff --git a/api/v1alpha4/zz_generated.conversion.go b/api/v1alpha4/zz_generated.conversion.go -index 1f0c12a79..0abe06592 100644 +index b9f4bc8e3..5416292b4 100644 --- a/api/v1alpha4/zz_generated.conversion.go +++ b/api/v1alpha4/zz_generated.conversion.go @@ -731,6 +731,7 @@ func autoConvert_v1alpha4_ClusterSpec_To_v1beta1_ClusterSpec(in *ClusterSpec, ou @@ -116,5 +116,5 @@ index 1f0c12a79..0abe06592 100644 } -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0009-Add-bottlerocket-changes-to-capbk-v1alpha4-api.patch b/projects/kubernetes-sigs/cluster-api/patches/0009-Add-bottlerocket-changes-to-capbk-v1alpha4-api.patch index d22537bc54..3dafe6be79 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0009-Add-bottlerocket-changes-to-capbk-v1alpha4-api.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0009-Add-bottlerocket-changes-to-capbk-v1alpha4-api.patch @@ -1,4 +1,4 @@ -From 034aa02ab5bfd7a5abddcdf3a662070357903d50 Mon Sep 17 00:00:00 2001 +From 907854def93da08201483729d2750ffe0fdb9d13 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Sun, 21 Nov 2021 20:59:58 -0800 Subject: [PATCH 09/36] Add bottlerocket changes to capbk v1alpha4 api @@ -1113,5 +1113,5 @@ index f53cb9179..178656dee 100644 mounts: description: Mounts specifies a list of mount points to -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0010-Update-capbk-converions-spoke-version.patch b/projects/kubernetes-sigs/cluster-api/patches/0010-Update-capbk-converions-spoke-version.patch index 2c40eb6917..ee8d35c7b3 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0010-Update-capbk-converions-spoke-version.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0010-Update-capbk-converions-spoke-version.patch @@ -1,4 +1,4 @@ -From ec12ef73b361562bb202c6be2a5876b7a6812282 Mon Sep 17 00:00:00 2001 +From f600727608c2595ffccf7ae0f01b0d85fd13a282 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Sun, 21 Nov 2021 21:00:31 -0800 Subject: [PATCH 10/36] Update capbk converions spoke version @@ -938,5 +938,5 @@ index d849616cb..9b0c13356 100644 + return autoConvert_v1beta1_RegistryMirrorConfiguration_To_upstreamv1beta3_RegistryMirrorConfiguration(in, out, s) +} -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0011-Add-status.version-to-list-of-fields-to-ignore-for-u.patch b/projects/kubernetes-sigs/cluster-api/patches/0011-Add-status.version-to-list-of-fields-to-ignore-for-u.patch index 677c6a889b..fc2eb49491 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0011-Add-status.version-to-list-of-fields-to-ignore-for-u.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0011-Add-status.version-to-list-of-fields-to-ignore-for-u.patch @@ -1,4 +1,4 @@ -From 6fce290a42e60fd813e33f4ffd7f591378d6fa67 Mon Sep 17 00:00:00 2001 +From da76ee3c8122e13cfddc1714f7d55b03d44a2ff3 Mon Sep 17 00:00:00 2001 From: Vivek Koppuru Date: Wed, 12 Jan 2022 19:04:15 -0800 Subject: [PATCH 11/36] Add status.version to list of fields to ignore for @@ -29,5 +29,5 @@ index 3d2e056ea..bd79f2322 100644 allErrs := validateKubeadmControlPlaneSpec(in.Spec, in.Namespace, field.NewPath("spec")) -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0012-Add-node-labels-support-for-bottlerocket.patch b/projects/kubernetes-sigs/cluster-api/patches/0012-Add-node-labels-support-for-bottlerocket.patch index 06c4704078..587149dc1c 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0012-Add-node-labels-support-for-bottlerocket.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0012-Add-node-labels-support-for-bottlerocket.patch @@ -1,13 +1,13 @@ -From 932af8c90d4a27ecf66cd7b8289d4f1f6b5382f9 Mon Sep 17 00:00:00 2001 +From 8baddfb1bf2a1625d62e2d73659d7f796a398e3b Mon Sep 17 00:00:00 2001 From: Vivek Koppuru Date: Mon, 24 Jan 2022 00:46:44 -0800 Subject: [PATCH 12/36] Add node labels support for bottlerocket --- .../internal/bottlerocket/bootstrap.go | 9 ++++++++ - .../internal/bottlerocket/bottlerocket.go | 23 ++++++++++++++++++- + .../internal/bottlerocket/bottlerocket.go | 21 +++++++++++++++++++ .../controllers/kubeadmconfig_controller.go | 9 ++++++++ - 3 files changed, 40 insertions(+), 1 deletion(-) + 3 files changed, 39 insertions(+) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go b/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go index 4e1de77db..3ebb9240a 100644 @@ -36,19 +36,10 @@ index 4e1de77db..3ebb9240a 100644 ` ) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 9e4f8d4a5..0ba4318c5 100644 +index 331e37202..bc04054d7 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -11,7 +11,7 @@ import ( - bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" - - "github.com/pkg/errors" -- yaml "gopkg.in/yaml.v2" -+ "gopkg.in/yaml.v2" - ) - - const ( -@@ -26,6 +26,7 @@ type BottlerocketConfig struct { +@@ -27,6 +27,7 @@ type BottlerocketConfig struct { BottlerocketBootstrap bootstrapv1.BottlerocketBootstrap ProxyConfiguration bootstrapv1.ProxyConfiguration RegistryMirrorConfiguration bootstrapv1.RegistryMirrorConfiguration @@ -56,7 +47,7 @@ index 9e4f8d4a5..0ba4318c5 100644 } type BottlerocketSettingsInput struct { -@@ -37,6 +38,7 @@ type BottlerocketSettingsInput struct { +@@ -38,6 +39,7 @@ type BottlerocketSettingsInput struct { NoProxyEndpoints []string RegistryMirrorEndpoint string RegistryMirrorCACert string @@ -64,7 +55,7 @@ index 9e4f8d4a5..0ba4318c5 100644 } type HostPath struct { -@@ -99,6 +101,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -100,6 +102,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(registryMirrorCACertTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse registry mirror ca cert %s template", kind) } @@ -74,7 +65,7 @@ index 9e4f8d4a5..0ba4318c5 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -133,6 +138,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -134,6 +139,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot PauseContainerSource: fmt.Sprintf("%s:%s", config.Pause.ImageRepository, config.Pause.ImageTag), HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, RegistryMirrorEndpoint: config.RegistryMirrorConfiguration.Endpoint, @@ -82,7 +73,7 @@ index 9e4f8d4a5..0ba4318c5 100644 } if len(config.ProxyConfiguration.NoProxy) > 0 { for _, noProxy := range config.ProxyConfiguration.NoProxy { -@@ -150,6 +156,21 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -151,6 +157,21 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot return bottlerocketNodeUserData, nil } @@ -139,5 +130,5 @@ index e9bdf5205..66f4501a8 100644 if err != nil { scope.Error(err, "Failed to generate cloud init for bottlerocket bootstrap control plane") -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0013-Support-worker-node-taints.patch b/projects/kubernetes-sigs/cluster-api/patches/0013-Support-worker-node-taints.patch index 17fa78f480..51e9de4689 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0013-Support-worker-node-taints.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0013-Support-worker-node-taints.patch @@ -1,4 +1,4 @@ -From 44cf6270b1dd9d58f078a9037fe76085688ec0a0 Mon Sep 17 00:00:00 2001 +From d0773f397ac7d136ea9991bc9c4a1d9b13171258 Mon Sep 17 00:00:00 2001 From: Daniel Budris Date: Fri, 17 Dec 2021 13:38:39 -0800 Subject: [PATCH 13/36] Support worker node taints @@ -14,9 +14,9 @@ add template parsing to node userdata generation account for multiple value:effect mappings in each taint key --- .../internal/bottlerocket/bootstrap.go | 11 ++++++ - .../internal/bottlerocket/bottlerocket.go | 37 +++++++++++++++++++ + .../internal/bottlerocket/bottlerocket.go | 36 +++++++++++++++++++ .../controllers/kubeadmconfig_controller.go | 3 ++ - 3 files changed, 51 insertions(+) + 3 files changed, 50 insertions(+) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go b/bootstrap/kubeadm/internal/bottlerocket/bootstrap.go index 3ebb9240a..dd769a78d 100644 @@ -54,18 +54,10 @@ index 3ebb9240a..dd769a78d 100644 ` ) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 0ba4318c5..36c3f67a7 100644 +index bc04054d7..4a1b16fe7 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -8,6 +8,7 @@ import ( - "strings" - "text/template" - -+ corev1 "k8s.io/api/core/v1" - bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" - - "github.com/pkg/errors" -@@ -27,6 +28,7 @@ type BottlerocketConfig struct { +@@ -28,6 +28,7 @@ type BottlerocketConfig struct { ProxyConfiguration bootstrapv1.ProxyConfiguration RegistryMirrorConfiguration bootstrapv1.RegistryMirrorConfiguration KubeletExtraArgs map[string]string @@ -73,7 +65,7 @@ index 0ba4318c5..36c3f67a7 100644 } type BottlerocketSettingsInput struct { -@@ -39,6 +41,7 @@ type BottlerocketSettingsInput struct { +@@ -40,6 +41,7 @@ type BottlerocketSettingsInput struct { RegistryMirrorEndpoint string RegistryMirrorCACert string NodeLabels string @@ -81,7 +73,7 @@ index 0ba4318c5..36c3f67a7 100644 } type HostPath struct { -@@ -104,6 +107,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -105,6 +107,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(nodeLabelsTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse node labels %s template", kind) } @@ -91,7 +83,7 @@ index 0ba4318c5..36c3f67a7 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -139,6 +145,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -140,6 +145,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot HTTPSProxyEndpoint: config.ProxyConfiguration.HTTPSProxy, RegistryMirrorEndpoint: config.RegistryMirrorConfiguration.Endpoint, NodeLabels: parseNodeLabels(config.KubeletExtraArgs["node-labels"]), // empty string if it does not exist @@ -99,7 +91,7 @@ index 0ba4318c5..36c3f67a7 100644 } if len(config.ProxyConfiguration.NoProxy) > 0 { for _, noProxy := range config.ProxyConfiguration.NoProxy { -@@ -156,6 +163,36 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -157,6 +163,36 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot return bottlerocketNodeUserData, nil } @@ -151,5 +143,5 @@ index 66f4501a8..bd7f5a26c 100644 if err != nil { scope.Error(err, "Failed to create a worker bottlerocket join configuration") -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0014-support-bottle-rocket-control-plane-taints.patch b/projects/kubernetes-sigs/cluster-api/patches/0014-support-bottle-rocket-control-plane-taints.patch index 6bc2554495..c832880d0d 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0014-support-bottle-rocket-control-plane-taints.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0014-support-bottle-rocket-control-plane-taints.patch @@ -1,4 +1,4 @@ -From 8ab8f0ee0f12c74767a30b84449d7f0312a1cd0a Mon Sep 17 00:00:00 2001 +From 3bdf4ca86af0938273eeaa30729a7aab0f2cf03a Mon Sep 17 00:00:00 2001 From: danbudris Date: Fri, 18 Feb 2022 09:24:32 -0500 Subject: [PATCH 14/36] support bottle rocket control plane taints @@ -32,5 +32,5 @@ index bd7f5a26c..694bbbd5c 100644 if err != nil { scope.Error(err, "Failed to generate cloud init for bottlerocket bootstrap control plane") -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0015-Support-configuring-bottlerocket-control-container-u.patch b/projects/kubernetes-sigs/cluster-api/patches/0015-Support-configuring-bottlerocket-control-container-u.patch index 2336efc4c5..d5f327c25a 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0015-Support-configuring-bottlerocket-control-container-u.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0015-Support-configuring-bottlerocket-control-container-u.patch @@ -1,4 +1,4 @@ -From 5ae87ff29d90971d7ea9728fd4e56a78eef8ef09 Mon Sep 17 00:00:00 2001 +From 72391e98a3abdc410d0bdaceb466aa54abcc981f Mon Sep 17 00:00:00 2001 From: Michael Chu Date: Mon, 28 Feb 2022 09:51:25 -0800 Subject: [PATCH 15/36] Support configuring bottlerocket control container uri @@ -52,7 +52,7 @@ index 125f9356b..90d8a612b 100644 in, out := &in.InfrastructureRef, &out.InfrastructureRef *out = new(v1.ObjectReference) diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go -index 49ee41659..5b1f28c0c 100644 +index cc8fd8d59..624a85b5c 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -379,6 +379,11 @@ func (in *ClusterSpec) DeepCopyInto(out *ClusterSpec) { @@ -635,7 +635,7 @@ index dd769a78d..f8f1b97cb 100644 ` ) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 36c3f67a7..e635308ea 100644 +index 4a1b16fe7..575b9c7f3 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -25,6 +25,7 @@ const ( @@ -1963,5 +1963,5 @@ index f1540168a..a492095d5 100644 extraArgs: bar: baz -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0016-Change-format-for-storing-etcd-machine-address.patch b/projects/kubernetes-sigs/cluster-api/patches/0016-Change-format-for-storing-etcd-machine-address.patch index 64e746b404..96e4927b3e 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0016-Change-format-for-storing-etcd-machine-address.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0016-Change-format-for-storing-etcd-machine-address.patch @@ -1,4 +1,4 @@ -From 19f450847c2dcfa02a65ae7bfa6ff1dc2bb1ce59 Mon Sep 17 00:00:00 2001 +From 69449ec440a14c6e29828c5bcde3e73c76e1f806 Mon Sep 17 00:00:00 2001 From: Rajashree Mandaogane Date: Thu, 3 Mar 2022 15:01:35 -0800 Subject: [PATCH 16/36] Change format for storing etcd machine address @@ -39,5 +39,5 @@ index 8eae496e0..9b251469e 100644 Type: clusterv1.ClusterSecretType, } -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0017-Parse-provider-id-from-kubelet-extra-args.patch b/projects/kubernetes-sigs/cluster-api/patches/0017-Parse-provider-id-from-kubelet-extra-args.patch index 852b018342..3bfe7826ff 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0017-Parse-provider-id-from-kubelet-extra-args.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0017-Parse-provider-id-from-kubelet-extra-args.patch @@ -1,4 +1,4 @@ -From c770571e1e73ee671a1f21c542268530c486e7ec Mon Sep 17 00:00:00 2001 +From 4f0cbe92f2c4be5a3217b7dc7c7e11636b8716d5 Mon Sep 17 00:00:00 2001 From: Vignesh Goutham Ganesh Date: Wed, 8 Jun 2022 10:27:26 -0700 Subject: [PATCH 17/36] Parse provider-id from kubelet extra args @@ -24,7 +24,7 @@ index f8f1b97cb..efdb51fef 100644 ` diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index e635308ea..3a760d51a 100644 +index 575b9c7f3..cd06e97d3 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -44,6 +44,7 @@ type BottlerocketSettingsInput struct { @@ -44,5 +44,5 @@ index e635308ea..3a760d51a 100644 if config.BottlerocketControl.ImageRepository != "" && config.BottlerocketControl.ImageTag != "" { bottlerocketInput.ControlContainerSource = fmt.Sprintf("%s:%s", config.BottlerocketControl.ImageRepository, config.BottlerocketControl.ImageTag) -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0018-Add-bottlerocket-control-image-on-nodes-joining-a-ne.patch b/projects/kubernetes-sigs/cluster-api/patches/0018-Add-bottlerocket-control-image-on-nodes-joining-a-ne.patch index 8efd6d34e0..f1edc9b684 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0018-Add-bottlerocket-control-image-on-nodes-joining-a-ne.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0018-Add-bottlerocket-control-image-on-nodes-joining-a-ne.patch @@ -1,4 +1,4 @@ -From a90a779345a75465d35a1247fcc28615bdcae7b0 Mon Sep 17 00:00:00 2001 +From da77d61e955a180c6e724384d9a1c80af832ca19 Mon Sep 17 00:00:00 2001 From: Victor Pineda Date: Sun, 19 Jun 2022 10:39:50 -0700 Subject: [PATCH 18/36] Add bottlerocket control image on nodes joining a new @@ -21,5 +21,5 @@ index 6e74f3c5a..320a224b0 100644 if scope.Config.Spec.JoinConfiguration.Proxy.HTTPSProxy != "" { bottlerocketConfig.ProxyConfiguration = scope.Config.Spec.JoinConfiguration.Proxy -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0019-Add-feature-to-specifiy-additional-host-containers-i.patch b/projects/kubernetes-sigs/cluster-api/patches/0019-Add-feature-to-specifiy-additional-host-containers-i.patch index 6c278bddb2..1fadfb2fa4 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0019-Add-feature-to-specifiy-additional-host-containers-i.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0019-Add-feature-to-specifiy-additional-host-containers-i.patch @@ -1,4 +1,4 @@ -From 707d70c7d7bfdcf81a4dfb21b57062b5cd5e58f1 Mon Sep 17 00:00:00 2001 +From 06bdef27b05add10060e2bf6aec2199b586d57f2 Mon Sep 17 00:00:00 2001 From: Victor Pineda Date: Tue, 21 Jun 2022 07:50:19 -0700 Subject: [PATCH 19/36] Add feature to specifiy additional host containers in @@ -518,7 +518,7 @@ index efdb51fef..bc5094eb1 100644 ` ) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 3a760d51a..73d35963e 100644 +index cd06e97d3..6eda5f15f 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -23,28 +23,26 @@ const ( @@ -1149,5 +1149,5 @@ index 42e376b34..a13059793 100644 description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0020-Add-bottlerocket-custom-bootstrap-containers-config-.patch b/projects/kubernetes-sigs/cluster-api/patches/0020-Add-bottlerocket-custom-bootstrap-containers-config-.patch index 0bcfe98234..76b8d53071 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0020-Add-bottlerocket-custom-bootstrap-containers-config-.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0020-Add-bottlerocket-custom-bootstrap-containers-config-.patch @@ -1,4 +1,4 @@ -From e28eba23046990bcaac7f5876f1059ef45e85145 Mon Sep 17 00:00:00 2001 +From 0e52d23c20f74850e12ef182dcffc5f64c5129ac Mon Sep 17 00:00:00 2001 From: Jiayi Wang Date: Mon, 21 Nov 2022 17:31:22 -0500 Subject: [PATCH 20/36] Add bottlerocket custom bootstrap containers config @@ -548,7 +548,7 @@ index 000000000..9065a7c58 + } +} diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 73d35963e..caea3a597 100644 +index 6eda5f15f..5e1c6ea68 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -23,14 +23,15 @@ const ( @@ -949,5 +949,5 @@ index a13059793..da60ec648 100644 description: BottlerocketCustomHostContainers contains the information of any additional images that we -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0021-Support-configuring-bottlerocket-admin-container-ima.patch b/projects/kubernetes-sigs/cluster-api/patches/0021-Support-configuring-bottlerocket-admin-container-ima.patch index 2390742221..b4989c055e 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0021-Support-configuring-bottlerocket-admin-container-ima.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0021-Support-configuring-bottlerocket-admin-container-ima.patch @@ -1,4 +1,4 @@ -From 1759ca38f3d5ab7b0bda9153bf97a169c610998c Mon Sep 17 00:00:00 2001 +From 28bd5a6780bd8d773e08f00dc6516275cfb0e3ed Mon Sep 17 00:00:00 2001 From: Jiayi Wang Date: Wed, 23 Nov 2022 09:26:28 -0500 Subject: [PATCH 21/36] Support configuring bottlerocket admin container image @@ -330,7 +330,7 @@ index 9065a7c58..5ee1b0d45 100644 } for _, testcase := range testcases { diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index caea3a597..1859a4816 100644 +index 5e1c6ea68..f917fdfc9 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -25,6 +25,7 @@ const ( @@ -540,5 +540,5 @@ index da60ec648..0091bd97a 100644 description: BottlerocketBootstrap holds the image source for kubeadm bootstrap container This is only -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0022-Make-bottlerocket-admin-control-custom-bootstrap-con.patch b/projects/kubernetes-sigs/cluster-api/patches/0022-Make-bottlerocket-admin-control-custom-bootstrap-con.patch index ed1efe9715..566a3517e5 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0022-Make-bottlerocket-admin-control-custom-bootstrap-con.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0022-Make-bottlerocket-admin-control-custom-bootstrap-con.patch @@ -1,4 +1,4 @@ -From 7cef47a73f5bea9bb798a1b14c3da1c5cb03def7 Mon Sep 17 00:00:00 2001 +From f34e5fec1a98c28228d70c64b10b3a3e6d25152b Mon Sep 17 00:00:00 2001 From: Jiayi Wang Date: Thu, 5 Jan 2023 14:56:09 -0500 Subject: [PATCH 22/36] Make bottlerocket admin, control, custom bootstrap @@ -113,5 +113,5 @@ index 38946192d..deac82cba 100644 for _, tt := range tests { -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0023-Mark-etcd-machine-status-to-running-after-etcd-contr.patch b/projects/kubernetes-sigs/cluster-api/patches/0023-Mark-etcd-machine-status-to-running-after-etcd-contr.patch index 563ba201c6..92b51739dc 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0023-Mark-etcd-machine-status-to-running-after-etcd-contr.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0023-Mark-etcd-machine-status-to-running-after-etcd-contr.patch @@ -1,4 +1,4 @@ -From 74f2e32b907c35d94bb1369283037aa785f42aae Mon Sep 17 00:00:00 2001 +From 53856e5442c8fa69c72f6cf5c29218547cf56f2b Mon Sep 17 00:00:00 2001 From: Jiayi Wang Date: Mon, 9 Jan 2023 15:41:05 -0500 Subject: [PATCH 23/36] Mark etcd machine status to running after etcd @@ -42,5 +42,5 @@ index 9b251469e..e17031c99 100644 } } -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0024-add-support-for-registry-credentials.patch b/projects/kubernetes-sigs/cluster-api/patches/0024-add-support-for-registry-credentials.patch index 3114d7e6b1..e0f63483b8 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0024-add-support-for-registry-credentials.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0024-add-support-for-registry-credentials.patch @@ -1,4 +1,4 @@ -From bb343e0a4cc449fb012054f852f798fc1d52c4cc Mon Sep 17 00:00:00 2001 +From edbc128b37245193b277e876c48cef0e9e852dd0 Mon Sep 17 00:00:00 2001 From: Ahree Hong Date: Wed, 14 Dec 2022 12:47:42 -0800 Subject: [PATCH 24/36] add support for registry credentials @@ -50,7 +50,7 @@ index fe280e091..58f38ca34 100644 {{template "nodeLabelSettings" .}} {{- end -}} diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 1859a4816..c37713406 100644 +index f917fdfc9..04aa074a6 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -33,6 +33,7 @@ type BottlerocketConfig struct { @@ -235,5 +235,5 @@ index 043764325..17abd5d70 100644 // Purpose is the name to append to the secret generated for a cluster. -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0025-Add-support-for-configuring-NTP-servers-on-bottleroc.patch b/projects/kubernetes-sigs/cluster-api/patches/0025-Add-support-for-configuring-NTP-servers-on-bottleroc.patch index 87f2db7a45..488447d7af 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0025-Add-support-for-configuring-NTP-servers-on-bottleroc.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0025-Add-support-for-configuring-NTP-servers-on-bottleroc.patch @@ -1,4 +1,4 @@ -From 427ca3e03758953fe9199187286d177fc7cbfbd4 Mon Sep 17 00:00:00 2001 +From 07b4e2350343c33e3c62fe4fa0350a75aff6e003 Mon Sep 17 00:00:00 2001 From: Abhinav Date: Wed, 1 Feb 2023 16:34:23 -0800 Subject: [PATCH 25/36] Add support for configuring NTP servers on bottlerocket @@ -80,7 +80,7 @@ index 5ee1b0d45..223f49e5a 100644 { Name: "admin", diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index c37713406..05e441723 100644 +index 04aa074a6..70fb0f221 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -33,6 +33,7 @@ type BottlerocketConfig struct { @@ -172,5 +172,5 @@ index e0373ead5..b4474d27f 100644 if err != nil { scope.Error(err, "Failed to generate cloud init for bottlerocket bootstrap control plane") -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0026-set-hostname-for-BR-nodes.patch b/projects/kubernetes-sigs/cluster-api/patches/0026-set-hostname-for-BR-nodes.patch index 3ad062df99..bcbfb9baa0 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0026-set-hostname-for-BR-nodes.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0026-set-hostname-for-BR-nodes.patch @@ -1,4 +1,4 @@ -From 621fa443c8136b5f8836524a6367927e422aef5e Mon Sep 17 00:00:00 2001 +From 605806de6bc59ea6d5ea5c4cee953cf2cca86ec4 Mon Sep 17 00:00:00 2001 From: Ahree Hong Date: Tue, 7 Feb 2023 14:26:36 -0800 Subject: [PATCH 26/36] set hostname for BR nodes @@ -174,7 +174,7 @@ index 223f49e5a..dd0422007 100644 for _, testcase := range testcases { t.Run(testcase.name, func(t *testing.T) { diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index 05e441723..e2611c1ca 100644 +index 70fb0f221..943a3ed81 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go @@ -34,6 +34,7 @@ type BottlerocketConfig struct { @@ -254,5 +254,5 @@ index b4474d27f..351150d32 100644 if scope.Config.Spec.JoinConfiguration.Proxy.HTTPSProxy != "" { bottlerocketConfig.ProxyConfiguration = scope.Config.Spec.JoinConfiguration.Proxy -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0027-Add-bottlerocket-k8s-settings-support.patch b/projects/kubernetes-sigs/cluster-api/patches/0027-Add-bottlerocket-k8s-settings-support.patch index 776127ea35..878d656b57 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0027-Add-bottlerocket-k8s-settings-support.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0027-Add-bottlerocket-k8s-settings-support.patch @@ -1,4 +1,4 @@ -From 973bdb11665402451e8109b66aacbc4efbff1237 Mon Sep 17 00:00:00 2001 +From 0f29c7c981ccf4bcd29d641e7cdd1492e0da0bc9 Mon Sep 17 00:00:00 2001 From: Abhinav Pandey Date: Thu, 2 Mar 2023 10:18:07 -0800 Subject: [PATCH 27/36] Add bottlerocket k8s settings support @@ -13,7 +13,7 @@ Signed-off-by: Abhinav Pandey ...uster.x-k8s.io_kubeadmconfigtemplates.yaml | 54 ++ .../internal/bottlerocket/bootstrap.go | 21 +- .../internal/bottlerocket/bootstrap_test.go | 534 ++++++++++++------ - .../internal/bottlerocket/bottlerocket.go | 36 +- + .../internal/bottlerocket/bottlerocket.go | 31 +- .../controllers/kubeadmconfig_controller.go | 4 +- .../zz_generated.conversion.go | 2 + .../zz_generated.conversion.go | 2 + @@ -23,13 +23,13 @@ Signed-off-by: Abhinav Pandey .../v1beta1/kubeadm_control_plane_webhook.go | 2 + ...cluster.x-k8s.io_kubeadmcontrolplanes.yaml | 52 ++ ...x-k8s.io_kubeadmcontrolplanetemplates.yaml | 56 ++ - 18 files changed, 741 insertions(+), 189 deletions(-) + 18 files changed, 739 insertions(+), 186 deletions(-) diff --git a/api/v1beta1/zz_generated.openapi.go b/api/v1beta1/zz_generated.openapi.go -index 71ea0311f..53ab5f4e1 100644 +index a54ed0937..31f4aa009 100644 --- a/api/v1beta1/zz_generated.openapi.go +++ b/api/v1beta1/zz_generated.openapi.go -@@ -716,6 +716,12 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_ClusterSpec(ref common.ReferenceCa +@@ -718,6 +718,12 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_ClusterSpec(ref common.ReferenceCa Ref: ref("k8s.io/api/core/v1.ObjectReference"), }, }, @@ -42,7 +42,7 @@ index 71ea0311f..53ab5f4e1 100644 "infrastructureRef": { SchemaProps: spec.SchemaProps{ Description: "InfrastructureRef is a reference to a provider-specific resource that holds the details for provisioning infrastructure for a cluster in said provider.", -@@ -816,6 +822,22 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_ClusterStatus(ref common.Reference +@@ -818,6 +824,22 @@ func schema_sigsk8sio_cluster_api_api_v1beta1_ClusterStatus(ref common.Reference Format: "int64", }, }, @@ -1046,24 +1046,10 @@ index dd0422007..3463a2769 100644 g.Expect(string(b)).To(Equal(testcase.output)) }) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index e2611c1ca..f21247061 100644 +index 943a3ed81..7a9e08eec 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -8,11 +8,10 @@ import ( - "strings" - "text/template" - -- corev1 "k8s.io/api/core/v1" -- bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" -- - "github.com/pkg/errors" - "gopkg.in/yaml.v2" -+ corev1 "k8s.io/api/core/v1" -+ bootstrapv1 "sigs.k8s.io/cluster-api/bootstrap/kubeadm/api/v1beta1" - ) - - const ( -@@ -22,11 +21,13 @@ const ( +@@ -22,11 +22,13 @@ const ( ` ) @@ -1077,7 +1063,7 @@ index e2611c1ca..f21247061 100644 ProxyConfiguration bootstrapv1.ProxyConfiguration RegistryMirrorConfiguration bootstrapv1.RegistryMirrorConfiguration KubeletExtraArgs map[string]string -@@ -38,6 +39,7 @@ type BottlerocketConfig struct { +@@ -38,6 +40,7 @@ type BottlerocketConfig struct { RegistryMirrorCredentials } @@ -1085,7 +1071,7 @@ index e2611c1ca..f21247061 100644 type BottlerocketSettingsInput struct { PauseContainerSource string HTTPSProxyEndpoint string -@@ -49,17 +51,22 @@ type BottlerocketSettingsInput struct { +@@ -49,17 +52,22 @@ type BottlerocketSettingsInput struct { NodeLabels string NTPServers []string Taints string @@ -1109,7 +1095,7 @@ index e2611c1ca..f21247061 100644 type RegistryMirrorCredentials struct { Username string Password string -@@ -100,7 +107,7 @@ func generateAdminContainerUserData(kind string, tpl string, data interface{}) ( +@@ -100,7 +108,7 @@ func generateAdminContainerUserData(kind string, tpl string, data interface{}) ( return out.Bytes(), nil } @@ -1118,7 +1104,7 @@ index e2611c1ca..f21247061 100644 if containerLocation.ImageRepository != "" && containerLocation.ImageTag != "" { return fmt.Sprintf("%s:%s", containerLocation.ImageRepository, containerLocation.ImageTag) } -@@ -110,7 +117,7 @@ func imageUrl(containerLocation bootstrapv1.ImageMeta) string { +@@ -110,7 +118,7 @@ func imageUrl(containerLocation bootstrapv1.ImageMeta) string { func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, error) { tm := template.New(kind).Funcs(template.FuncMap{ "stringsJoin": strings.Join, @@ -1127,7 +1113,7 @@ index e2611c1ca..f21247061 100644 }) if _, err := tm.Parse(hostContainerTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse hostContainerSettings %s template", kind) -@@ -208,7 +215,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -208,7 +216,7 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot RegistryMirrorEndpoint: config.RegistryMirrorConfiguration.Endpoint, NodeLabels: parseNodeLabels(config.KubeletExtraArgs["node-labels"]), // empty string if it does not exist Taints: parseTaints(config.Taints), // empty string if it does not exist @@ -1136,7 +1122,7 @@ index e2611c1ca..f21247061 100644 Hostname: config.Hostname, HostContainers: hostContainers, BootstrapContainers: config.BottlerocketCustomBootstrapContainers, -@@ -231,12 +238,17 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -231,12 +239,17 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot bottlerocketInput.NTPServers = append(bottlerocketInput.NTPServers, strconv.Quote(ntp)) } } @@ -1446,5 +1432,5 @@ index 0091bd97a..1f25a4320 100644 description: BottlerocketAdmin holds the image source for admin container This is only for bottlerocket -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0028-add-br-kernel.sysctl-settings.patch b/projects/kubernetes-sigs/cluster-api/patches/0028-add-br-kernel.sysctl-settings.patch index d48bd1f3de..12ac37df63 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0028-add-br-kernel.sysctl-settings.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0028-add-br-kernel.sysctl-settings.patch @@ -1,4 +1,4 @@ -From dde5c5e64c68f851801fd0f7d778445873e8967e Mon Sep 17 00:00:00 2001 +From 825a20608f7761b5eb278c2ef249fc0f7c865163 Mon Sep 17 00:00:00 2001 From: Ahree Hong Date: Tue, 7 Mar 2023 14:01:39 -0800 Subject: [PATCH 28/36] add br kernel.sysctl settings @@ -265,10 +265,10 @@ index 3463a2769..fdc60204d 100644 for _, testcase := range testcases { t.Run(testcase.name, func(t *testing.T) { diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index f21247061..fb6a771f6 100644 +index 7a9e08eec..17b1174e8 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -54,10 +54,11 @@ type BottlerocketSettingsInput struct { +@@ -55,10 +55,11 @@ type BottlerocketSettingsInput struct { ProviderID string Hostname string AllowedUnsafeSysctls []string @@ -281,7 +281,7 @@ index f21247061..fb6a771f6 100644 } // HostPath holds the path and type of a host path volume. -@@ -155,6 +156,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -156,6 +157,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(ntpTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse NTP %s template", kind) } @@ -291,7 +291,7 @@ index f21247061..fb6a771f6 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -238,14 +242,20 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -239,14 +243,20 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot bottlerocketInput.NTPServers = append(bottlerocketInput.NTPServers, strconv.Quote(ntp)) } } @@ -318,7 +318,7 @@ index f21247061..fb6a771f6 100644 } return generateNodeUserData("InitBottlerocketNode", bottlerocketNodeInitSettingsTemplate, bottlerocketInput) -@@ -296,6 +306,14 @@ func parseNodeLabels(nodeLabels string) string { +@@ -297,6 +307,14 @@ func parseNodeLabels(nodeLabels string) string { return nodeLabelsToml } @@ -442,5 +442,5 @@ index 1f25a4320..1ac579b26 100644 description: Kubernetes holds the kubernetes settings for bottlerocket nodes. -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0029-add-boot-kernel-settings-for-BR.patch b/projects/kubernetes-sigs/cluster-api/patches/0029-add-boot-kernel-settings-for-BR.patch index fc384e937d..1d1405d51d 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0029-add-boot-kernel-settings-for-BR.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0029-add-boot-kernel-settings-for-BR.patch @@ -1,4 +1,4 @@ -From b765b247439f117a142bf3c5081fc3555c5938e3 Mon Sep 17 00:00:00 2001 +From c266e2221d928567cb9ba90b101fdd1d30bf07a6 Mon Sep 17 00:00:00 2001 From: Ahree Hong Date: Thu, 23 Mar 2023 01:51:16 -0700 Subject: [PATCH 29/36] add boot kernel settings for BR @@ -286,10 +286,10 @@ index fdc60204d..5846524be 100644 g.Expect(string(b)).To(Equal(testcase.output)) }) diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index fb6a771f6..b588f943e 100644 +index 17b1174e8..87e764833 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -56,6 +56,7 @@ type BottlerocketSettingsInput struct { +@@ -57,6 +57,7 @@ type BottlerocketSettingsInput struct { AllowedUnsafeSysctls []string ClusterDNSIPs []string MaxPods int @@ -297,7 +297,7 @@ index fb6a771f6..b588f943e 100644 HostContainers []bootstrapv1.BottlerocketHostContainer BootstrapContainers []bootstrapv1.BottlerocketBootstrapContainer SysctlSettings string -@@ -159,6 +160,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -160,6 +161,9 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(sysctlSettingsTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse sysctl settings %s template", kind) } @@ -307,7 +307,7 @@ index fb6a771f6..b588f943e 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -256,6 +260,10 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -257,6 +261,10 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot bottlerocketInput.SysctlSettings = parseSysctlSettings(config.BottlerocketSettings.Kernel.SysctlSettings) } @@ -318,7 +318,7 @@ index fb6a771f6..b588f943e 100644 } return generateNodeUserData("InitBottlerocketNode", bottlerocketNodeInitSettingsTemplate, bottlerocketInput) -@@ -314,6 +322,22 @@ func parseSysctlSettings(sysctlSettings map[string]string) string { +@@ -315,6 +323,22 @@ func parseSysctlSettings(sysctlSettings map[string]string) string { return sysctlSettingsToml } @@ -447,5 +447,5 @@ index e17031c99..4ad429a45 100644 }, Type: clusterv1.ClusterSecretType, -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0030-Patch-haproxy-maxconn-value-to-avoid-ulimit-issue.patch b/projects/kubernetes-sigs/cluster-api/patches/0030-Patch-haproxy-maxconn-value-to-avoid-ulimit-issue.patch index 1bb168d67c..a1181698ec 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0030-Patch-haproxy-maxconn-value-to-avoid-ulimit-issue.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0030-Patch-haproxy-maxconn-value-to-avoid-ulimit-issue.patch @@ -1,4 +1,4 @@ -From 8944b25b69094343d2972a7e5f466596145d95f1 Mon Sep 17 00:00:00 2001 +From 1143cb2a22b964d7e38dbc2ed4e4f453eb5eb3e5 Mon Sep 17 00:00:00 2001 From: Jackson West Date: Sat, 6 May 2023 14:08:17 -0500 Subject: [PATCH 30/36] Patch haproxy maxconn value to avoid ulimit issue @@ -29,5 +29,5 @@ index 8d2f70a02..1c6e7a68e 100644 resolvers docker nameserver dns 127.0.0.11:53 -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0031-Add-support-for-custom-cert-bundles-in-BR-21.patch b/projects/kubernetes-sigs/cluster-api/patches/0031-Add-support-for-custom-cert-bundles-in-BR-21.patch index 121e34fbb4..a684ddceb2 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0031-Add-support-for-custom-cert-bundles-in-BR-21.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0031-Add-support-for-custom-cert-bundles-in-BR-21.patch @@ -1,4 +1,4 @@ -From 08e39d1e5a505e55dac4a782590d3f85a44b9da4 Mon Sep 17 00:00:00 2001 +From b8a497fb28ee0d12f43efeaaaa31cdcde48dba54 Mon Sep 17 00:00:00 2001 From: ahreehong <46465244+ahreehong@users.noreply.github.com> Date: Fri, 19 May 2023 16:29:08 -0400 Subject: [PATCH 31/36] Add support for custom cert bundles in BR (#21) @@ -344,10 +344,10 @@ index 5846524be..2ee2d942b 100644 for _, testcase := range testcases { t.Run(testcase.name, func(t *testing.T) { diff --git a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -index b588f943e..13eb02007 100644 +index 87e764833..6e3aaaa95 100644 --- a/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go +++ b/bootstrap/kubeadm/internal/bottlerocket/bottlerocket.go -@@ -36,6 +36,7 @@ type BottlerocketConfig struct { +@@ -37,6 +37,7 @@ type BottlerocketConfig struct { BottlerocketCustomBootstrapContainers []bootstrapv1.BottlerocketBootstrapContainer NTPServers []string Hostname string @@ -355,7 +355,7 @@ index b588f943e..13eb02007 100644 RegistryMirrorCredentials } -@@ -60,6 +61,7 @@ type BottlerocketSettingsInput struct { +@@ -61,6 +62,7 @@ type BottlerocketSettingsInput struct { HostContainers []bootstrapv1.BottlerocketHostContainer BootstrapContainers []bootstrapv1.BottlerocketBootstrapContainer SysctlSettings string @@ -363,7 +363,7 @@ index b588f943e..13eb02007 100644 } // HostPath holds the path and type of a host path volume. -@@ -163,6 +165,12 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er +@@ -164,6 +166,12 @@ func generateNodeUserData(kind string, tpl string, data interface{}) ([]byte, er if _, err := tm.Parse(bootSettingsTemplate); err != nil { return nil, errors.Wrapf(err, "failed to parse boot settings %s template", kind) } @@ -376,7 +376,7 @@ index b588f943e..13eb02007 100644 t, err := tm.Parse(tpl) if err != nil { return nil, errors.Wrapf(err, "failed to parse %s template", kind) -@@ -265,6 +273,12 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot +@@ -266,6 +274,12 @@ func getBottlerocketNodeUserData(bootstrapContainerUserData []byte, users []boot } } @@ -586,5 +586,5 @@ index ce3f8afd0..89e09758b 100644 description: ControlPlane defines the additional control plane instance to be deployed on the joining node. -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0032-CAPI-Move-Cluster-Filter.patch b/projects/kubernetes-sigs/cluster-api/patches/0032-CAPI-Move-Cluster-Filter.patch index 2890f9691e..c065f1f8de 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0032-CAPI-Move-Cluster-Filter.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0032-CAPI-Move-Cluster-Filter.patch @@ -1,4 +1,4 @@ -From 860740678154be68925764f8f8a1eb89f6133cf0 Mon Sep 17 00:00:00 2001 +From 31930d7cca9a14b076945acd2e6d52adc05a04d6 Mon Sep 17 00:00:00 2001 From: Vignesh Goutham Ganesh Date: Tue, 16 May 2023 11:03:09 -0500 Subject: [PATCH 32/36] CAPI Move Cluster Filter @@ -503,5 +503,5 @@ index c75557e0a..04b1ef8fe 100644 }) } -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0033-Move-objects-with-force-move-label-and-no-cluster-te.patch b/projects/kubernetes-sigs/cluster-api/patches/0033-Move-objects-with-force-move-label-and-no-cluster-te.patch index 3768a85efd..c73f240690 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0033-Move-objects-with-force-move-label-and-no-cluster-te.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0033-Move-objects-with-force-move-label-and-no-cluster-te.patch @@ -1,4 +1,4 @@ -From f1f5c36be9d28a02958a0633878ca3d8f3251349 Mon Sep 17 00:00:00 2001 +From 5d17e089eb5d80323fb43406d949c0bdbdd81009 Mon Sep 17 00:00:00 2001 From: Vignesh Goutham Ganesh Date: Tue, 30 May 2023 10:14:31 -0500 Subject: [PATCH 33/36] Move objects with force move label and no cluster @@ -84,5 +84,5 @@ index 04ef6721b..ffd6439e8 100644 for _, tt := range tests { -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0034-allow-registry-mirror-configurations-to-be-mutable-f.patch b/projects/kubernetes-sigs/cluster-api/patches/0034-allow-registry-mirror-configurations-to-be-mutable-f.patch index cb366991f3..34583efa15 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0034-allow-registry-mirror-configurations-to-be-mutable-f.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0034-allow-registry-mirror-configurations-to-be-mutable-f.patch @@ -1,4 +1,4 @@ -From 9b0025e7f2d75f8928a24c8391824acb41c32d67 Mon Sep 17 00:00:00 2001 +From 6ec196f13921e2ce0d7712001d49122314870107 Mon Sep 17 00:00:00 2001 From: Cavaughn Browne Date: Thu, 20 Jul 2023 11:05:49 -0500 Subject: [PATCH 34/36] allow registry mirror configurations to be mutable for @@ -107,5 +107,5 @@ index deac82cba..d0d07ffa8 100644 for _, tt := range tests { -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0035-Add-support-for-external-etcd-machines-in-Kind-mappe.patch b/projects/kubernetes-sigs/cluster-api/patches/0035-Add-support-for-external-etcd-machines-in-Kind-mappe.patch index acb8b1fdda..4edc2b7cda 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0035-Add-support-for-external-etcd-machines-in-Kind-mappe.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0035-Add-support-for-external-etcd-machines-in-Kind-mappe.patch @@ -1,4 +1,4 @@ -From 63e2c2082b3fe6940de33ed610f248b602813e00 Mon Sep 17 00:00:00 2001 +From 4e8c7c900424e1744a6b0a7d9acc9077a10f4f26 Mon Sep 17 00:00:00 2001 From: Prow Bot Date: Wed, 16 Aug 2023 19:58:01 -0700 Subject: [PATCH 35/36] Add support for external etcd machines in Kind mapper @@ -199,5 +199,5 @@ index c65c9a882..f37071c2d 100644 kindMapping := kind.GetMapping(semVer, image) -- -2.42.0 +2.34.1 diff --git a/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch b/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch index 036899671d..9d77f590f5 100644 --- a/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch +++ b/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch @@ -1,4 +1,4 @@ -From f1d39fd62ce2d5c9b10b4b6832a8bb78558a7d64 Mon Sep 17 00:00:00 2001 +From 4b9bee156d21dcc14788557ca317c15709fe4d85 Mon Sep 17 00:00:00 2001 From: Jackson West Date: Sat, 19 Aug 2023 09:35:39 -0500 Subject: [PATCH 36/36] disable cgroupns=private to fix AL2 @@ -35,5 +35,5 @@ index f2de71416..e06e2f3fb 100644 if runConfig.IPFamily == clusterv1.IPv6IPFamily || runConfig.IPFamily == clusterv1.DualStackIPFamily { hostConfig.Sysctls = map[string]string{ -- -2.42.0 +2.34.1