Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

beta to stable #7791

Merged
merged 29 commits into from
Jul 3, 2024
Merged

beta to stable #7791

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
7c5e51b
skipper: add config item for default authentication filters
AlexanderYastrebov Jun 19, 2024
c93a4bc
Update to node-exporter 1.8.1
mikkeloscar Jul 1, 2024
5b9d278
Update to flannel v0.25.4
mikkeloscar Jul 1, 2024
b705d8c
Update aws-cloud-controller-manager to v1.30.2
mikkeloscar Jul 1, 2024
948b20b
Update components to Kubernetes v1.30
zaklawrencea Jul 1, 2024
9aec2b1
Update to Prometheus v2.53.0
mikkeloscar Jul 1, 2024
f71c8ea
Merge pull request #7769 from zalando-incubator/skipper/default-auth
AlexanderYastrebov Jul 1, 2024
d30efa6
Update to kube-state-metrics v2.12.0
mikkeloscar Jul 1, 2024
cc8ffcc
Merge pull request #7771 from zalando-incubator/node-exporter-1.8.1
katyanna Jul 1, 2024
a87823e
Merge pull request #7772 from zalando-incubator/flannel-v0.25.4
katyanna Jul 1, 2024
687a227
Merge dev to dev-to-alpha
zalando-teapot-robot Jul 1, 2024
d95e297
Merge pull request #7775 from zalando-incubator/1.30-components
mikkeloscar Jul 1, 2024
38be517
Merge pull request #7773 from zalando-incubator/aws-cloud-controller-…
katyanna Jul 1, 2024
1f4f1c1
Merge pull request #7774 from zalando-incubator/prometheus-v2.53.0
katyanna Jul 1, 2024
7346ece
Merge pull request #7776 from zalando-incubator/ksm-2.12.0
katyanna Jul 1, 2024
e10c4dc
Merge pull request #7778 from zalando-incubator/dev-to-alpha
AlexanderYastrebov Jul 1, 2024
69281da
Merge alpha to alpha-to-beta
zalando-teapot-robot Jul 1, 2024
aba2219
Merge dev to dev-to-alpha
zalando-teapot-robot Jul 1, 2024
3595694
Merge pull request #7781 from zalando-incubator/alpha-to-beta
gargravarr Jul 2, 2024
cbe02b4
Merge pull request #7782 from zalando-incubator/dev-to-alpha
gargravarr Jul 2, 2024
ba85195
Merge alpha to alpha-to-beta
zalando-teapot-robot Jul 2, 2024
7134e84
skipper: update canary to v0.21.139
AlexanderYastrebov Jul 2, 2024
816117b
Merge pull request #7785 from zalando-incubator/alpha-to-beta
mikkeloscar Jul 2, 2024
cc61d81
Merge pull request #7786 from zalando-incubator/skipper/update-canary…
AlexanderYastrebov Jul 2, 2024
a3fb18c
Merge dev to dev-to-alpha
zalando-teapot-robot Jul 2, 2024
d1f24a5
Merge pull request #7788 from zalando-incubator/dev-to-alpha
gargravarr Jul 2, 2024
f586c91
Merge alpha to alpha-to-beta
zalando-teapot-robot Jul 2, 2024
4165581
Merge pull request #7789 from zalando-incubator/alpha-to-beta
gargravarr Jul 2, 2024
010ee0a
Merge beta to beta-to-stable
zalando-teapot-robot Jul 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions cluster/config-defaults.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,8 @@ skipper_validate_query: "true"
skipper_validate_query_log: "false"

skipper_default_filters: 'disableAccessLog(2,3,404,429) -> fifo(2000,20,"1s")'
# skipper_default_filters_authentication defines filters that implement default request authentication
skipper_default_filters_authentication: ''
skipper_default_filters_append: 'stateBagToTag("auth-user", "client.uid")'
skipper_disabled_filters: "static,bearerinjector"
skipper_lua_sources: "file"
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/audittrail-adapter/daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ spec:
hostNetwork: true
containers:
- name: audittrail-adapter
image: container-registry.zalando.net/teapot/audittrail-adapter:master-64
image: container-registry.zalando.net/teapot/audittrail-adapter:master-65
env:
- name: AWS_REGION
value: "{{ .Cluster.Region }}"
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/aws-cloud-controller-manager/daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ spec:
- --cloud-provider=aws
- --use-service-account-credentials=true
- --configure-cloud-routes=false
image: container-registry.zalando.net/teapot/aws-cloud-controller-manager-internal:v1.30.0-master-120
image: container-registry.zalando.net/teapot/aws-cloud-controller-manager-internal:v1.30.2-master-124
name: aws-cloud-controller-manager
resources:
requests:
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/cronjob-fixer/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ spec:
serviceAccountName: cronjob-fixer
containers:
- name: cronjob-fixer
image: "container-registry.zalando.net/teapot/cronjob-fixer:master-15"
image: "container-registry.zalando.net/teapot/cronjob-fixer:master-16"
resources:
limits:
cpu: 5m
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/event-logger/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ spec:
serviceAccountName: kubernetes-event-logger
containers:
- name: logger
image: container-registry.zalando.net/teapot/event-logger:master-14
image: container-registry.zalando.net/teapot/event-logger:master-15
args:
- --snapshot-namespace=kube-system
- --snapshot-name=kubernetes-event-logger
Expand Down
4 changes: 2 additions & 2 deletions cluster/manifests/flannel/daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ spec:
memory: 50Mi
containers:
- name: delayed-install-cni
image: container-registry.zalando.net/teapot/flannel-awaiter:master-12
image: container-registry.zalando.net/teapot/flannel-awaiter:master-13
command:
- /await
stdin: true
Expand All @@ -57,7 +57,7 @@ spec:
failureThreshold: 30
periodSeconds: 10
- name: kube-flannel
image: container-registry.zalando.net/teapot/flannel:v0.25.2-master-26
image: container-registry.zalando.net/teapot/flannel:v0.25.4-master-27
command:
- /opt/bin/flanneld
args:
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kube-state-metrics/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ spec:
serviceAccountName: kube-state-metrics
containers:
- name: kube-state-metrics
image: container-registry.zalando.net/teapot/kube-state-metrics:v2.10.1-master-24
image: container-registry.zalando.net/teapot/kube-state-metrics:v2.12.0-master-26
args:
- --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments
- --metric-labels-allowlist=pods=[{{.Cluster.ConfigItems.observability_metrics_pods_labels}}],ingresses=[{{.Cluster.ConfigItems.observability_metrics_ingresses_labels}}],nodes=[topology.kubernetes.io/zone,node.kubernetes.io/instance-type,node.kubernetes.io/node-pool,node.kubernetes.io/role,node.kubernetes.io/profile,dedicated]
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kubelet-summary-metrics/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ spec:
serviceAccountName: kubelet-summary-metrics
containers:
- name: proxy
image: container-registry.zalando.net/teapot/kubelet-summary-metrics:main-5
image: container-registry.zalando.net/teapot/kubelet-summary-metrics:main-6
resources:
limits:
cpu: "{{.Cluster.ConfigItems.kubelet_summary_metrics_cpu}}"
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
serviceAccountName: kubernetes-lifecycle-metrics
containers:
- name: kubernetes-lifecycle-metrics
image: "container-registry.zalando.net/teapot/kubernetes-lifecycle-metrics:master-21"
image: "container-registry.zalando.net/teapot/kubernetes-lifecycle-metrics:master-22"
ports:
- containerPort: 9090
protocol: TCP
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/node-monitor/daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ spec:
hostPort: 9101
protocol: TCP
{{- end }}
- image: container-registry.zalando.net/teapot/prometheus-node-exporter:v1.7.0-master-20
- image: container-registry.zalando.net/teapot/prometheus-node-exporter:v1.8.1-master-21
args:
{{- if eq .Cluster.ConfigItems.node_exporter_experimental_metrics "true" }}
- --collector.ethtool
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/prometheus/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,9 @@ spec:
value: "1"
initContainers:
- name: generate-config
image: container-registry.zalando.net/library/alpine-3:3-20240325
image: container-registry.zalando.net/library/amazonlinux-2023-slim:main-810.1131-20240701
command:
- /bin/sh
- /bin/bash
args:
- -c
- sed s/'@@POD_NAME@@'/${POD_NAME}/g /etc/prometheus/prometheus.yml > /prometheus/prometheus.yaml ; cp /etc/prometheus/prometheus.rules.yml /prometheus/prometheus.rules.yaml
Expand All @@ -57,7 +57,7 @@ spec:
mountPath: /prometheus
containers:
- name: prometheus
image: container-registry.zalando.net/teapot/prometheus:v2.51.0-master-54
image: container-registry.zalando.net/teapot/prometheus:v2.53.0-master-55
args:
- "--config.file=/prometheus/prometheus.yaml"
- "--storage.tsdb.path=/prometheus/"
Expand Down
4 changes: 3 additions & 1 deletion cluster/manifests/skipper/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ $internal_version := "v0.21.124-947" }}
{{ $canary_internal_version := "v0.21.133-957" }}
{{ $canary_internal_version := "v0.21.139-963" }}

{{/* Optional canary arguments separated by "[cf724afc]" to allow whitespaces, e.g. "-foo=has a whitespace[cf724afc]-baz=qux" */}}
{{ $canary_args := "" }}
Expand Down Expand Up @@ -256,6 +256,7 @@ spec:
- "-disabled-filters={{ .Cluster.ConfigItems.skipper_disabled_filters }}"
{{ if ne .Cluster.ConfigItems.skipper_routesrv_enabled "exec" }}
- '-default-filters-prepend={{ .Cluster.ConfigItems.skipper_default_filters }}'
- '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_authentication }}'
- '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_append }}'
{{ if .Cluster.ConfigItems.skipper_edit_route_placeholders }}
{{ range $placeholder := split .Cluster.ConfigItems.skipper_edit_route_placeholders "[cf724afc]" }}
Expand Down Expand Up @@ -541,6 +542,7 @@ spec:
- "-reverse-source-predicate"
- "-default-filters-dir=/etc/config/default-filters"
- '-default-filters-prepend={{ .Cluster.ConfigItems.skipper_default_filters }}'
- '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_authentication }}'
- '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_append }}'
{{ if eq .Cluster.ConfigItems.skipper_ingress_redis_swarm_enabled "true" }}
- "-enable-swarm"
Expand Down
2 changes: 1 addition & 1 deletion cluster/manifests/spot-node-rescheduler/cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ spec:
restartPolicy: Never
containers:
- name: spot-node-rescheduler
image: container-registry.zalando.net/teapot/spot-node-rescheduler:main-8
image: container-registry.zalando.net/teapot/spot-node-rescheduler:main-9
resources:
limits:
cpu: "{{ .Cluster.ConfigItems.spot_node_rescheduler_cpu }}"
Expand Down
2 changes: 1 addition & 1 deletion cluster/node-pools/master-default/userdata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -271,7 +271,7 @@ write_files:
- mountPath: /etc/kubernetes/ssl
name: ssl-certs-kubernetes
readOnly: true
- image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/k8s-authnz-webhook:master-134
- image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/k8s-authnz-webhook:master-135
name: webhook
ports:
- containerPort: 8081
Expand Down