From 08bf54f8962bc6ab30f1177c56460072c29a270c Mon Sep 17 00:00:00 2001 From: outductor Date: Thu, 14 Dec 2023 17:34:53 +0900 Subject: [PATCH] update config --- .github/workflows/pluto.yaml | 4 ++-- seichi-onp-k8s/cluster-boot-up/README.md | 2 +- .../cluster-boot-up/scripts/nodes/k8s-node-setup.sh | 12 +++++++----- .../cluster-wide-apps/app-of-other-apps/cilium.yaml | 1 + 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/pluto.yaml b/.github/workflows/pluto.yaml index 216bf5242..ecabbc53b 100644 --- a/.github/workflows/pluto.yaml +++ b/.github/workflows/pluto.yaml @@ -18,8 +18,8 @@ jobs: - name: Use pluto run: | - pluto detect-files -d seichi-onp-k8s/manifests/seichi-kubernetes/apps --target-versions k8s=v1.27.6 + pluto detect-files -d seichi-onp-k8s/manifests/seichi-kubernetes/apps --target-versions k8s=v1.27.8 - name: Use pluto run: | - pluto detect-files -d seichi-onp-k8s/manifests/seichi-kubernetes/app-templates --target-versions k8s=v1.27.6 + pluto detect-files -d seichi-onp-k8s/manifests/seichi-kubernetes/app-templates --target-versions k8s=v1.27.8 diff --git a/seichi-onp-k8s/cluster-boot-up/README.md b/seichi-onp-k8s/cluster-boot-up/README.md index 064c409fa..b102ff31d 100644 --- a/seichi-onp-k8s/cluster-boot-up/README.md +++ b/seichi-onp-k8s/cluster-boot-up/README.md @@ -66,7 +66,7 @@ KubernetesノードのVMは cloudinit イメージで作成されています。 2022/05/23現在、クラスタは (3 control plane nodes + 3 worker nodes) の構成で[作成されています](https://github.com/GiganticMinecraft/seichi_infra/blob/9b6a9346371b8f2add3a786b6badbe4e13d4464c/seichi-onp-k8s/cluster-boot-scripts/deploy-vm.sh#L14-L19)。 クラスタの作成は以下のツール群で行っています。 - - kubeadm, kubectl, kubelet v1.27.6 + - kubeadm, kubectl, kubelet v1.27.8 CNI には Cilium を利用しています。 diff --git a/seichi-onp-k8s/cluster-boot-up/scripts/nodes/k8s-node-setup.sh b/seichi-onp-k8s/cluster-boot-up/scripts/nodes/k8s-node-setup.sh index 455f6b21a..d08ad2d71 100644 --- a/seichi-onp-k8s/cluster-boot-up/scripts/nodes/k8s-node-setup.sh +++ b/seichi-onp-k8s/cluster-boot-up/scripts/nodes/k8s-node-setup.sh @@ -115,10 +115,10 @@ EOF sysctl --system # Install kubeadm -curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg -echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list +curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.27/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg +echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.27/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list apt-get update -apt-get install -y kubeadm kubelet=1.27.6-00 kubectl=1.27.6-00 +apt-get install -y kubeadm kubelet=1.27.8-1.1 kubectl=1.27.8-1.1 apt-mark hold kubelet kubectl # Disable swap @@ -297,7 +297,7 @@ etcd: local: extraArgs: listen-metrics-urls: http://0.0.0.0:2381 -kubernetesVersion: "v1.27.6" +kubernetesVersion: "v1.27.8" controlPlaneEndpoint: "${KUBE_API_SERVER_VIP}:8443" apiServer: certSANs: @@ -345,7 +345,9 @@ helm install cilium cilium/cilium \ --set kubeProxyReplacement=strict \ --set k8sServiceHost=${KUBE_API_SERVER_VIP} \ --set k8sServicePort=8443 \ - --set bgpControlPlane.enabled=true + --set bgpControlPlane.enabled=true \ + --set ipam.mode=cluster-pool \ + --set ipam.operator.clusterPoolIPv4PodCIDRList=["10.96.128.0/18"] # Generate control plane certificate KUBEADM_UPLOADED_CERTS=$(kubeadm init phase upload-certs --upload-certs | tail -n 1) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml index 26ae0ca3f..fe073d4fb 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml @@ -28,6 +28,7 @@ spec: ipv6: enabled: false ipam: + mode: cluster-pool operator: # -- IPv4 CIDR list range to delegate to individual nodes for IPAM. clusterPoolIPv4PodCIDRList: ["10.96.128.0/18"]