Skip to content
This repository has been archived by the owner on Jan 5, 2022. It is now read-only.

Migrate to Fedora CoreOS #50

Merged
merged 525 commits into from
Aug 21, 2020
Merged

Migrate to Fedora CoreOS #50

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
525 commits
Select commit Hold shift + click to select a range
030a4ce
Update Grafana from v6.4.4 to v6.5.0
dghubble Nov 26, 2019
2667408
Update Grafana from v6.5.0 to v6.5.1
dghubble Nov 28, 2019
aa27579
Fix DigitalOcean controller and worker ipv4/ipv6 outputs (#594)
aknuds1 Dec 3, 2019
5fa002f
Update mkdocs-material from v4.5.0 to v4.5.1
dghubble Dec 3, 2019
2837275
Introduce cluster creation without local writes to asset_dir
dghubble Dec 5, 2019
d9c7a9e
Add/update docs for asset_dir and kubeconfig usage
dghubble Dec 6, 2019
178afe4
Reduce apiserver metrics cardinality and extraneous labels
dghubble Dec 9, 2019
4fce948
Reduce kube-controller-manager pod eviction timeout from 5m to 1m
dghubble Dec 9, 2019
de36d99
Update Kubernetes from v1.16.3 to v1.17.0
dghubble Dec 10, 2019
ed3550d
Update systemd services for the v0.17.x hyperkube
dghubble Nov 22, 2019
c0ce04e
Update Calico from v3.10.1 to v3.10.2
dghubble Dec 10, 2019
f69dc2e
Update CHANGES and tutorial notes for release
dghubble Dec 11, 2019
c3e22f3
Fix minor example typo in README
dghubble Dec 11, 2019
2d8e367
Update mkdocs-material from v4.5.1 to v4.6.0
dghubble Dec 14, 2019
1b9fa2e
Update Grafana from v6.5.1 to v6.5.2
dghubble Dec 14, 2019
0ecb995
Update kube-state-metrics from v1.8.0 to v1.9.0-rc.1
dghubble Dec 15, 2019
00c431a
Add Kubelet kubeconfig output for DigitalOcean
dghubble Dec 19, 2019
52d1109
Update kube-state-metrics from v1.9.0-rc.1 to v1.9.0
dghubble Dec 20, 2019
daa8d9d
Update CoreDNS from v1.6.5 to v1.6.6
dghubble Dec 22, 2019
f48e43c
Update Prometheus from v2.14.0 to v2.15.0
dghubble Dec 24, 2019
a4e8436
Update Prometheus from v2.15.0 to v2.15.1
dghubble Dec 26, 2019
11565ff
Update Calico from v3.10.2 to v3.11.1
dghubble Dec 28, 2019
50db3d0
Rename CLC files and favor Terraform list index syntax
dghubble Dec 28, 2019
f1f4cd6
Inline Container Linux kubelet.service, deprecate kubelet-wrapper
dghubble Dec 29, 2019
b2eb3e0
Disable Kubelet 127.0.0.1.10248 healthz endpoint
dghubble Dec 29, 2019
43e05b9
Enable kube-proxy metrics and allow Prometheus scrapes
dghubble Dec 29, 2019
bb586b6
Reduce Prometheus addon's node-exporter tolerations
dghubble Jan 7, 2020
0223b31
Ensure /etc/kubernetes exists following Kubelet inlining
dghubble Jan 7, 2020
73588cf
Update Prometheus from v2.15.1 to v2.15.2
dghubble Jan 7, 2020
b1f521f
Allow terraform-provider-google v3.x plugin versions
dghubble Jan 11, 2020
0e2fc89
Update kube-state-metrics from v1.9.0 to v1.9.1
dghubble Jan 11, 2020
ce0569e
Remove unneeded Kubelet /var/run mount on Fedora CoreOS
dghubble Jan 11, 2020
073fcb7
Fix bare-metal instruction for watching install to disk
dghubble Jan 12, 2020
ac786a2
Update AWS Fedora CoreOS AMI filter for fedora-coreos-31
dghubble Jan 12, 2020
b642e3b
Update Kubernetes from v1.17.0 to v1.17.1
dghubble Jan 15, 2020
7daabd2
Update Calico from v3.11.1 to v3.11.2
dghubble Jan 18, 2020
7ddd3d0
Fix link in maintenance docs
dghubble Jan 18, 2020
48703f9
Update Grafana from v6.5.2 to v6.5.3
dghubble Jan 18, 2020
03ff3a9
Update kube-state-metrics from v1.9.1 to v1.9.2
dghubble Jan 18, 2020
dd930a2
Update bare-metal Fedora CoreOS image location
dghubble Jan 14, 2020
bda7326
Update nginx-ingress from v0.26.1 to v0.27.1
dghubble Jan 20, 2020
1cda5bc
Update Kubernetes from v1.17.1 to v1.17.2
dghubble Jan 22, 2020
d5b7ce8
Update kube-state-metrics from v1.9.2 to v1.9.3
dghubble Jan 23, 2020
5643ad5
Promote Fedora CoreOS from preview to alpha in docs
dghubble Jan 23, 2020
02a470d
Fix minor typo in announcement date
dghubble Jan 23, 2020
d127a73
Update Grafana from v6.5.3 to v6.6.0
dghubble Jan 28, 2020
b19ba16
Update nginx-ingress from v0.27.1 to v0.28.0
dghubble Jan 31, 2020
8cc303c
Add module for Fedora CoreOS on Google Cloud
dghubble Feb 1, 2020
e339fbd
Update kube-state-metrics from v1.9.3 to v1.9.4
dghubble Feb 5, 2020
ca96a13
Update Calico from v3.11.2 to v3.12.0
dghubble Feb 6, 2020
34c3d7c
Update Grafana from v6.6.0 to v6.6.1
dghubble Feb 8, 2020
b49a1d7
Update docs generation packages
dghubble Feb 8, 2020
ba84f86
Add guide for Typhoon with Flatcar Linux on Google Cloud
dghubble Feb 11, 2020
846f110
Update Fedora CoreOS kernel arguments to align with upstream
dghubble Feb 12, 2020
1243f39
Update Kubernetes from v1.17.2 to v1.17.3
dghubble Feb 12, 2020
49d3b9e
Set docker log driver to json-file on Fedora CoreOS
dghubble Feb 12, 2020
008817b
Promote Fedora CoreOS AWS/bare-metal to beta
dghubble Feb 13, 2020
0c53ad5
Update recommended Terraform versions and providers
dghubble Feb 13, 2020
32db59b
Update CHANGELOG sections and links
dghubble Feb 14, 2020
362b3fa
Add guide for Typhoon with Flatcar Linux on DigitalOcean
dghubble Feb 13, 2020
7ca03e5
Update Prometheus from v1.15.2 to v1.16.0
dghubble Feb 14, 2020
c4e64a9
Change Kubelet /var/lib/calico mount to read-only (#643)
surajssd Feb 19, 2020
4a38fb5
Update CoreDNS from v1.6.6 to v1.6.7
dghubble Feb 19, 2020
947c2c1
Update mkdocs-material from v4.6.2 to v4.6.3
dghubble Feb 19, 2020
e4d977b
Fix worker_node_labels for initial Fedora CoreOS
dghubble Feb 22, 2020
1fbd683
Update Grafana from v6.6.1 to v6.6.2
dghubble Feb 22, 2020
4c964b5
Update kube-state-metrics from v1.9.4 to v1.9.5
dghubble Feb 22, 2020
60c7eb8
Update nginx-ingress from v0.28.0 to v0.29.0
dghubble Feb 22, 2020
d9219a6
Update nginx-ingress from v0.29.0 to v0.30.0
dghubble Feb 26, 2020
f4d2606
Update node-exporter from v0.18.1 to v1.0.0-rc.0
dghubble Feb 26, 2020
3250994
Use a route table with separate (rather than inline) routes
dghubble Feb 26, 2020
6de5cf5
Update etcd from v3.4.3 to v3.4.4
dghubble Feb 26, 2020
87f9a2f
Add automatic worker deletion on Fedora CoreOS clouds
dghubble Mar 1, 2020
51cee6d
Change Container Linux etcd-member to fetch with docker://
dghubble Mar 2, 2020
c4683c5
Refresh Prometheus alerts and Grafana dashboards
dghubble Mar 2, 2020
7b0ea23
Upgrade terraform-provider-azurerm to v2.0+
dghubble Mar 8, 2020
ab7913a
Accept initial worker node labels and taints map on bare-metal
dghubble Mar 9, 2020
4e1b8f2
Add support for Flatcar Linux on Azure
dghubble Mar 11, 2020
70bf39b
Update Calico from v3.12.0 to v3.13.1
dghubble Mar 13, 2020
bc7902f
Update Kubernetes from v1.17.3 to v1.17.4
dghubble Mar 13, 2020
1a139ef
Update recommended Terraform versions and providers
dghubble Mar 17, 2020
75fb4e5
Remove Container Linux Update Operator (CLUO) addon
dghubble Mar 17, 2020
2a5ddde
Promote Fedora CoreOS AWS and Google Cloud
dghubble Mar 17, 2020
c3ef21d
Update etcd from v3.4.4 to v3.4.5
dghubble Mar 19, 2020
61557e8
Update Prometheus from v2.16.0 to v2.17.0-rc.3
dghubble Mar 20, 2020
ddc1ff5
Update Grafana from v6.6.2 to v6.7.1
dghubble Mar 20, 2020
590d941
Switch from upstream hyperkube image to individual images
dghubble Mar 17, 2020
1bf4f3b
Fix image tag for Container Linux AWS workers
dghubble Mar 21, 2020
e556bc2
Update Prometheus from v2.17.0-rc.3 to v2.17.0
dghubble Mar 25, 2020
9f702c7
Rename DigitalOcean image variable to os_image
dghubble Mar 25, 2020
5d1e4ad
Deprecate asset_dir variable and remove docs
dghubble Mar 25, 2020
c3bf8bc
Add Fedora CoreOS to issue template and docs
dghubble Mar 25, 2020
f100a90
Update Kubernetes from v1.17.4 to v1.18.0
dghubble Mar 22, 2020
d25f23e
Update docs from Kubernetes v1.17.4 to v1.18.0
dghubble Mar 26, 2020
ef5f953
Set docker log driver to journald on Fedora CoreOS
dghubble Mar 26, 2020
076b8e3
Update Prometheus from v2.17.0 to v2.17.1
dghubble Mar 27, 2020
a1a5da6
Add CoreOS Container Linux EOL recommendation to CHANGES
dghubble Mar 27, 2020
fc686c8
Fix delete-node.service kubectl service exec's
dghubble Mar 28, 2020
5fca080
Fix Fedora CoreOS AMI to filter for stable images
dghubble Mar 28, 2020
144bb94
Add support for Fedora CoreOS snippets
dghubble Mar 28, 2020
70bdc9e
Allow bootstrap re-apply for Fedora CoreOS GCP
dghubble Mar 29, 2020
bac5acb
Change default kube-system DaemonSet tolerations
dghubble Mar 27, 2020
9960972
Fix bootstrap regression when networking="flannel"
dghubble Apr 1, 2020
c53dc66
Rename Container Linux snippets variable for consistency
dghubble Mar 29, 2020
135c618
Update flannel from v0.11.0 to v0.12.0
dghubble Apr 1, 2020
bbbaf94
Fix UDP outbound and clock sync timeouts on Azure workers
dghubble Apr 1, 2020
3c1be7b
Fix terraform fmt
dghubble Apr 1, 2020
d47d40b
Refresh Prometheus rules/alerts and Grafana dashboards
dghubble Mar 31, 2020
2b5dfec
Update Grafana from v6.7.1 to v6.7.2
dghubble Apr 4, 2020
17ea547
Update etcd from v3.4.5 to v3.4.7
dghubble Apr 7, 2020
73af2f3
Update Kubernetes from v1.18.0 to v1.18.1
dghubble Apr 9, 2020
80538e2
Add support for Fedora CoreOS on DigitalOcean
dghubble Apr 10, 2020
1420700
Update CHANGES for v1.18.1 release
dghubble Apr 11, 2020
1627eca
Fix docs TOC to include Fedora CoreOS DigitalOcean
dghubble Apr 11, 2020
76ab4c4
Change `container-linux` module preference to Flatcar Linux
dghubble Apr 11, 2020
5c4a3f7
Add support for Fedora CoreOS on Azure
dghubble Apr 12, 2020
e2d4af4
Fix Fedora CoreOS Azure MTU with Calico
dghubble Apr 13, 2020
671eacb
Update Kubernetes from v1.18.1 to v1.18.2
dghubble Apr 17, 2020
bf22222
Remove temporary workaround for v1.18.0 apply issue
dghubble Apr 17, 2020
2b1b918
Revert Flatcar Linux Azure to manual upload images
dghubble Apr 18, 2020
feac946
Fix bootstrap mount to use shared volume SELinux label
dghubble Apr 19, 2020
fcbee12
Fix race condition creating DigitalOcean firewall rules
dghubble Apr 19, 2020
84ed0a3
Update Prometheus from v2.17.1 to v2.17.2
dghubble Apr 21, 2020
d8966af
Remove extraneous sudo from layout asset unpacking
dghubble Apr 23, 2020
38a6bdd
Update Calico from v3.13.1 to v3.13.3
dghubble Apr 23, 2020
fd044ee
Enable Kubelet TLS bootstrap and NodeRestriction
dghubble Apr 25, 2020
4ac2d94
Add Fedora CoreOS Azure docs to site navigation
dghubble Apr 29, 2020
2c1af91
Update recommended Terraform provider versions
dghubble Apr 29, 2020
317416b
Use Terraform element wrap-around for AWS controllers subnet_id (#714)
bendrucker Apr 30, 2020
6403500
Update Grafana from v6.7.2 to v7.0.0-beta1
dghubble Apr 30, 2020
e71e27e
Update Prometheus from v2.17.2 to v2.18.0-rc.1
dghubble Apr 29, 2020
6afc164
Update nginx-ingress from v0.30.0 to v0.32.0
dghubble May 4, 2020
70f30d9
Update Prometheus from v2.18.0-rc.1 to v2.18.0
dghubble May 6, 2020
33173c0
Update Prometheus from v2.18.0 to v2.18.1
dghubble May 8, 2020
3f0a5d2
Update Grafana from v7.0.0-beta1 to v7.0.0-beta2
dghubble May 8, 2020
b5dabce
Use Fedora CoreOS image streams on Google Cloud
dghubble May 8, 2020
358854e
Fix Calico install-cni crash loop on Pod restarts
dghubble May 9, 2020
a2db4fa
Update Calico from v3.13.3 to v3.14.0
dghubble May 9, 2020
f4194cd
Update Grafana from v7.0.0-beta2 to v7.0.0-beta.3
dghubble May 10, 2020
01905b0
Support Fedora CoreOS OS image streams on AWS
dghubble May 14, 2020
a18bd0a
Highlight SELinux enforcing mode in features
dghubble May 14, 2020
70e389f
Restore use of Flatcar Linux Azure Marketplace image
dghubble May 10, 2020
d952576
Update Grafana from v7.0.0-beta3 to v7.0.0
dghubble May 16, 2020
a927c7c
Update kube-state-metrics from v1.9.5 to v1.9.6
dghubble May 16, 2020
90edcd3
Update node-exporter from v1.0.0-rc.0 to v1.0.0-rc.1
dghubble May 16, 2020
2578be1
Rollback Grafana to v7.0.0-beta3, v7.0.0 image is missing
dghubble May 16, 2020
ff4187a
Use new Azure subnet to set address_prefixes list
dghubble May 19, 2020
3bdddc4
Update Grafana from v7.0.0-beta2 to v7.0.0
dghubble May 19, 2020
8d024d2
Update etcd from v3.4.7 to v3.4.8
dghubble May 19, 2020
09eb208
Fix Fedora CoreOS on GCP proposing controller recreate
dghubble May 20, 2020
4760543
Set Kubelet image via kubelet.service KUBELET_IMAGE
dghubble May 20, 2020
ecae667
Update Kubernetes from v1.18.2 to v1.18.3
dghubble May 21, 2020
c52f9f8
Upgrade docs packages and refresh content
dghubble May 21, 2020
e72f916
Update etcd from v3.4.8 to v3.4.9
dghubble May 22, 2020
283e14f
Update recommended Terraform provider versions
dghubble May 22, 2020
abc31c3
Update node-exporter from v1.0.0-rc.1 to v1.0.0
dghubble May 28, 2020
187bb17
Update Grafana from v7.0.0 to v7.0.1
dghubble May 28, 2020
907a969
Update mkdocs-material from v5.2.0 to v5.2.2
dghubble May 28, 2020
d45804b
Update Github issue template to use drop-downs (#747)
dghubble May 28, 2020
455175d
Update the fallback issue template
dghubble May 28, 2020
ba44408
Update Calico from v3.14.0 to v3.14.1
dghubble May 31, 2020
20bfd69
Change Kubelet container image publishing
dghubble May 28, 2020
99dbce6
Tweak minor style elements of issue templates
dghubble May 31, 2020
16c0b91
Update kube-state-metrics from v1.9.6 to v1.9.7
dghubble Jun 3, 2020
8f875f8
Update Grafana from v7.0.1 to v7.0.3
dghubble Jun 3, 2020
31d02b0
Update Prometheus from v2.18.1 to v2.19.0-rc.0
dghubble Jun 5, 2020
aed1a5f
Fix Fedora CoreOS docs for selecting a stream
dghubble Jun 8, 2020
8dc170b
Update security disclosure contact email
dghubble Jun 8, 2020
a287920
Use strict mode for Container Linux Configs
dghubble Jun 10, 2020
c9059d3
Update Prometheus from v2.19.0-rc.0 to v2.19.0
dghubble Jun 10, 2020
96711d7
Remove unused Kubelet cert / key Terraform state
dghubble Jun 12, 2020
4135856
Remove unused Kubelet lock-file and exit-on-lock-contention
dghubble Jun 12, 2020
04520e4
Update node-exporter from v1.0.0 to v1.0.1
dghubble Jun 17, 2020
331566e
Update mkdocs packages for website
dghubble Jun 17, 2020
4b0203f
Fix typo in DigitalOcean docs title
dghubble Jun 17, 2020
bc9b808
Update nginx-ingress from v0.32.0 to v0.33.0
dghubble Jun 17, 2020
c25c590
Update Kubernetes from v1.18.3 to v1.18.4
dghubble Jun 18, 2020
6234147
Update recommended Terraform provider versions
dghubble Jun 18, 2020
90e23f5
Rename controller node label and NoSchedule taint
dghubble Jun 18, 2020
4cfafea
Fix Kubelet starting before hostname set on FCOS AWS
dghubble Jun 19, 2020
37f00a3
Reduce Calcio MTU on Fedora CoreOS Azure
dghubble Jun 19, 2020
e9c8520
Add experimental Cilium CNI provider
dghubble Jun 16, 2020
d27f367
Update Cilium from v1.8.0-rc4 to v1.8.0
dghubble Jun 23, 2020
99a1144
Update Prometheus from v2.19.0 to v2.19.1
dghubble Jun 26, 2020
a79ad34
Update Grafana from v7.0.3 to v7.0.4
dghubble Jun 26, 2020
a10a1ce
Update mkdocs-material from v5.3.0 to v5.3.3
dghubble Jun 26, 2020
1f83ae7
Update Calico from v3.14.1 to v3.15.0
dghubble Jun 26, 2020
7bce159
Update Kubernetes from v1.18.4 to v1.18.5
dghubble Jun 27, 2020
81b6f54
Update Prometheus from v2.19.1 to v2.19.2
dghubble Jun 27, 2020
9dcf35e
Update recommended Terraform provider versions
dghubble Jun 27, 2020
2117886
Revert "Update Prometheus from v2.19.1 to v2.19.2"
dghubble Jun 27, 2020
7c6ab21
Isolate each DigitalOcean cluster in its own VPC
dghubble Jun 29, 2020
430d139
Remove os_image variable on Google Cloud Fedora CoreOS
dghubble Jun 30, 2020
0ba2c1a
Fix terraform fmt in firewall rules
dghubble Jun 30, 2020
32886cf
Promote Fedora CoreOS on Google Cloud to stable status
dghubble Jun 30, 2020
df3f40b
Allow using Flatcar Linux edge on Azure
dghubble Jun 30, 2020
257a49c
Remove CoreOS Container Linux image names from docs
dghubble Jun 30, 2020
74e025c
Update Grafana from v7.0.4 to v7.0.5
dghubble Jul 4, 2020
4905032
Update Cilium from v1.8.0 to v1.8.1
dghubble Jul 5, 2020
e3bf7d8
Update Prometheus from v2.19.1 to v2.19.2
dghubble Jul 10, 2020
dfd2a0e
Update Grafana from v7.0.5 to v7.0.6
dghubble Jul 10, 2020
507aac9
Update mkdocs-material from v5.3.3 to v5.4.0
dghubble Jul 12, 2020
9ea6d2c
Update Kubernetes from v1.18.5 to v1.18.6
dghubble Jul 16, 2020
a8d3d3b
Update ingress-nginx from v0.33.0 to v0.34.1
dghubble Jul 16, 2020
5fba20d
Update recommended Terraform provider versions
dghubble Jul 18, 2020
6df6bf9
Show Cilium as a CNI provider option in docs
dghubble Jul 18, 2020
efd4a03
Update Grafana from v7.0.6 to v7.1.0
dghubble Jul 18, 2020
f96e91f
Update etcd from v3.4.9 to v3.4.10
dghubble Jul 18, 2020
264d23a
Declare etcd data directory permissions
dghubble Jul 25, 2020
618f8b3
Update CoreDNS from v1.6.7 to v1.7.0
dghubble Jul 25, 2020
cd0a289
Update Cilium from v1.8.1 to v1.8.2
dghubble Jul 25, 2020
26f5d2d
Fix some links in docs (#788)
eldondev Jul 25, 2020
b7d6775
Update Grafana from v7.1.0 to v7.1.1
dghubble Jul 25, 2020
2aef42d
Update Prometheus from v2.19.2 to v2.20.0
dghubble Jul 25, 2020
bcf6f57
Migrate to Fedora CoreOS
beyondbill Jul 31, 2020
2984f3e
bastion only needs base fcos config
beyondbill Jul 31, 2020
4ab09a0
Revert "bastion only needs base fcos config"
beyondbill Jul 31, 2020
652196a
support custom bastion snippet as a variable
beyondbill Jul 31, 2020
78e6409
Fix flannel support on Fedora CoreOS
dghubble Aug 2, 2020
8aefd4f
Relex terraform-provider-matchbox version constraint
dghubble Aug 2, 2020
ccee5d3
Update from coreos/flannel-cni to poseidon/flannel-cni
dghubble Aug 2, 2020
8b3d41d
Update mkdocs-material from v5.4.0 to v5.5.1
dghubble Aug 2, 2020
b5e7173
use scoop's fork of terraform-render-bootstrap
beyondbill Aug 4, 2020
4579af8
policy arn
beyondbill Aug 4, 2020
8ae4f65
Revert "policy arn"
beyondbill Aug 4, 2020
1097bc7
workers and controllers need to stay private
beyondbill Aug 5, 2020
1411f5d
fedora coreos 32
beyondbill Aug 5, 2020
e79f7ef
fedora coreos 32
beyondbill Aug 5, 2020
14b54e5
Support Fedora CoreOS OS image streams on AWS
beyondbill Aug 5, 2020
09faa19
Merge branch 'master' of https://github.com/poseidon/typhoon into fed…
beyondbill Aug 7, 2020
7bc8066
fix mistakes in resolving merging conflicts
beyondbill Aug 7, 2020
79fe856
add new security components
beyondbill Aug 7, 2020
d326a67
fix json format
beyondbill Aug 8, 2020
e1d6ab2
Update Grafana from v7.1.1 to v7.1.3
dghubble Aug 9, 2020
f6ce127
Allow terraform-provider-aws v3.0+ plugin
dghubble Aug 9, 2020
aab0713
Update recommended Terraform provider versions
dghubble Aug 9, 2020
6fa4135
fix ssl cert mounts
beyondbill Aug 10, 2020
5e70d7e
Migrate from Terraform v0.12.x to v0.13.x
dghubble Aug 11, 2020
9b7e268
apiserver nlb should be internal
beyondbill Aug 12, 2020
0dea2b3
update terraform-render-bootstrap with latest upstream
beyondbill Aug 13, 2020
342380c
Update Terraform migration guide SHA
dghubble Aug 13, 2020
c87db3e
Update Kubernetes from v1.18.6 to v1.18.8
dghubble Aug 14, 2020
9a07f1d
Update recommended Terraform provider versions
dghubble Aug 14, 2020
e39ffcd
try relabeling /etc/kubernetes/bootstrap-secrets by explicitly mounti…
beyondbill Aug 18, 2020
4b478f4
relabeling does not need explicitly mounting to kubelet
beyondbill Aug 18, 2020
41ba846
Merge branch 'master' of https://github.com/poseidon/typhoon into fed…
beyondbill Aug 19, 2020
b91b993
need to update the type label of bootstrap-secret in the newest typhoon
beyondbill Aug 20, 2020
00244cc
update terraform-render-bootstrap with latest upstream
beyondbill Aug 20, 2020
62b91be
rm unnecessary volume mounts on etcd
beyondbill Aug 20, 2020
bfc03e1
rm output/
beyondbill Aug 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 0 additions & 33 deletions .github/ISSUE_TEMPLATE.md
View file
Open in desktop

This file was deleted.

39 changes: 39 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
---
name: Bug report
about: Report a bug to improve the project
title: ''
labels: ''
assignees: ''

---

<!-- READ: Issues are used to receive focused bug reports from users and to track planned future enhancements by the authors. Topics like cluster operation, support, debugging help, advice, and Kubernetes concepts are out of scope and should not use issues-->

**Description**

A clear and concise description of what the bug is.

**Steps to Reproduce**

Provide clear steps to reproduce the bug.

- [ ] Relevant error messages if appropriate (concise, not a dump of everything).
- [ ] Explored using a vanilla cluster from the [tutorials](https://typhoon.psdn.io/#documentation). Ruled out [customizations](https://typhoon.psdn.io/advanced/customization/).

**Expected behavior**

A clear and concise description of what you expected to happen.

**Environment**

* Platform: aws, azure, bare-metal, google-cloud, digital-ocean
* OS: fedora-coreos, flatcar-linux (include release version)
* Release: Typhoon version or Git SHA (reporting latest is **not** helpful)
* Terraform: `terraform version` (reporting latest is **not** helpful)
* Plugins: Provider plugin versions (reporting latest is **not** helpful)

**Possible Solution**

<!-- Most bug reports should have some inkling about solutions. Otherwise, your report may be less of a bug and more of a support request (see top).-->

Link to a PR or description.
5 changes: 5 additions & 0 deletions .github/ISSUE_TEMPLATE/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
blank_issues_enabled: true
contact_links:
- name: Security
url: https://typhoon.psdn.io/topics/security/
about: Report security vulnerabilities
218 changes: 212 additions & 6 deletions CHANGES.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,39 +4,245 @@ Notable changes between versions.

## Latest

### v1.18.8

* Kubernetes [v1.18.8](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1188)
* Migrate from Terraform v0.12.x to v0.13.x ([#804](https://github.com/poseidon/typhoon/pull/804)) (**action required**)
* Recommend Terraform v0.13.x ([migration guide](https://typhoon.psdn.io/topics/maintenance/#terraform-versions))
* Support automatic install of poseidon's provider plugins ([poseidon/ct](https://registry.terraform.io/providers/poseidon/ct/latest), [poseidon/matchbox](https://registry.terraform.io/providers/poseidon/matchbox/latest))
* Require Terraform v0.12.26+ (migration compatibility)
* Require `terraform-provider-ct` v0.6.1
* Require `terraform-provider-matchbox` v0.4.1
* Update etcd from v3.4.9 to [v3.4.10](https://github.com/etcd-io/etcd/releases/tag/v3.4.10)
* Update CoreDNS from v1.6.7 to [v1.7.0](https://coredns.io/2020/06/15/coredns-1.7.0-release/)
* Update Cilium from v1.8.1 to [v1.8.2](https://github.com/cilium/cilium/releases/tag/v1.8.2)
* Update [coreos/flannel-cni](https://github.com/coreos/flannel-cni) to [poseidon/flannel-cni](https://github.com/poseidon/flannel-cni) ([#798](https://github.com/poseidon/typhoon/pull/798))
* Update CNI plugins and fix CVEs with Flannel CNI (non-default)
* Transition to a poseidon maintained container image

### AWS

* Allow `terraform-provider-aws` v3.0+ ([#803](https://github.com/poseidon/typhoon/pull/803))
* Recommend updating `terraform-provider-aws` to v3.0+
* Continue to allow v2.23+, no v3.x specific features are used

### DigitalOcean

* Require `terraform-provider-digitalocean` v1.21+ for Terraform v0.13.x (unenforced)
* Require `terraform-provider-digitalocean` v1.20+ for Terraform v0.12.x

### Fedora CoreOS

* Fix support for Flannel with Fedora CoreOS ([#795](https://github.com/poseidon/typhoon/pull/795))
* Configure `flannel.1` link to select its own MAC address to solve flannel
pod-to-pod traffic drops starting with default link changes in Fedora CoreOS
32.20200629.3.0 ([details](https://github.com/coreos/fedora-coreos-tracker/issues/574#issuecomment-665487296))

#### Addons

* Update Prometheus from v2.19.2 to [v2.20.0](https://github.com/prometheus/prometheus/releases/tag/v2.20.0)
* Update Grafana from v7.0.6 to [v7.1.3](https://github.com/grafana/grafana/releases/tag/v7.1.3)

## v1.18.6

* Kubernetes [v1.18.6](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1186)
* Update Calico from v3.15.0 to [v3.15.1](https://docs.projectcalico.org/v3.15/release-notes/)
* Update Cilium from v1.8.0 to [v1.8.1](https://github.com/cilium/cilium/releases/tag/v1.8.1)

#### Addons

* Update nginx-ingress from v0.33.0 to [v0.34.1](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.34.1)
* [ingress-nginx](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.34.0) will publish images only to gcr.io
* Update Prometheus from v2.19.1 to [v2.19.2](https://github.com/prometheus/prometheus/releases/tag/v2.19.2)
* Update Grafana from v7.0.4 to [v7.0.6](https://github.com/grafana/grafana/releases/tag/v7.0.6)

## v1.18.5

* Kubernetes [v1.18.5](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1185)
* Add Cilium v1.8.0 as a (experimental) CNI provider option ([#760](https://github.com/poseidon/typhoon/pull/760))
* Set `networking` to "cilium" to enable
* Update Calico from v3.14.1 to [v3.15.0](https://docs.projectcalico.org/v3.15/release-notes/)

#### DigitalOcean

* Isolate each cluster in an independent DigitalOcean VPC ([#776](https://github.com/poseidon/typhoon/pull/776))
* Create droplets in a VPC per cluster (matches Typhoon AWS, Azure, and GCP)
* Require `terraform-provider-digitalocean` v1.16.0+ (action required)
* Output `vpc_id` for use with an attached DigitalOcean [loadbalancer](https://github.com/poseidon/typhoon/blob/v1.18.5/docs/architecture/digitalocean.md#custom-load-balancer)

### Fedora CoreOS

#### Google Cloud

* Promote Fedora CoreOS to stable
* Remove `os_image` variable deprecated in v1.18.3 ([#777](https://github.com/poseidon/typhoon/pull/777))
* Use `os_stream` to select a Fedora CoreOS image stream

### Flatcar Linux

#### Azure

* Allow using Flatcar Linux Edge by setting `os_image` to "flatcar-edge" ([#778](https://github.com/poseidon/typhoon/pull/778))

#### Addons

* Update Prometheus from v2.19.0 to [v2.19.1](https://github.com/prometheus/prometheus/releases/tag/v2.19.1)
* Update Grafana from v7.0.3 to [v7.0.4](https://github.com/grafana/grafana/releases/tag/v7.0.4)

## v1.18.4

* Kubernetes [v1.18.4](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1184)
* Update Kubelet image publishing ([#749](https://github.com/poseidon/typhoon/pull/749))
* Build Kubelet images internally and publish to Quay and Dockerhub
* [quay.io/poseidon/kubelet](https://quay.io/repository/poseidon/kubelet) (official)
* [docker.io/psdn/kubelet](https://hub.docker.com/r/psdn/kubelet) (fallback)
* Continue offering automated image builds with an alternate tag strategy (see [docs](https://typhoon.psdn.io/topics/security/#container-images))
* [Document](https://typhoon.psdn.io/advanced/customization/#kubelet) use of alternate Kubelet images during registry incidents
* Update Calico from v3.14.0 to [v3.14.1](https://docs.projectcalico.org/v3.14/release-notes/)
* Fix [CVE-2020-13597](https://github.com/kubernetes/kubernetes/issues/91507)
* Rename controller NoSchedule taint from `node-role.kubernetes.io/master` to `node-role.kubernetes.io/controller` ([#764](https://github.com/poseidon/typhoon/pull/764))
* Tolerate the new taint name for workloads that may run on controller nodes
* Remove node label `node.kubernetes.io/master` from controller nodes ([#764](https://github.com/poseidon/typhoon/pull/764))
* Use `node.kubernetes.io/controller` (present since v1.9.5, [#160](https://github.com/poseidon/typhoon/pull/160)) to node select controllers
* Remove unused Kubelet `-lock-file` and `-exit-on-lock-contention` ([#758](https://github.com/poseidon/typhoon/pull/758))

### Fedora CoreOS

#### Azure

* Use `strict` Fedora CoreOS Config (FCC) snippet parsing ([#755](https://github.com/poseidon/typhoon/pull/755))
* Reduce Calico vxlan interface MTU to maintain performance ([#767](https://github.com/poseidon/typhoon/pull/766))

#### AWS

* Fix Kubelet service race with hostname update ([#766](https://github.com/poseidon/typhoon/pull/766))
* Wait for a hostname to avoid Kubelet trying to register as `localhost`

### Flatcar Linux

* Use `strict` Container Linux Config (CLC) snippet parsing ([#755](https://github.com/poseidon/typhoon/pull/755))
* Require `terraform-provider-ct` v0.4+, recommend v0.5+ (**action required**)

### Addons

* Update nginx-ingress from v0.32.0 to [v0.33.0](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.33.0)
* Update Prometheus from v2.18.1 to [v2.19.0](https://github.com/prometheus/prometheus/releases/tag/v2.19.0)
* Update node-exporter from v1.0.0-rc.1 to [v1.0.1](https://github.com/prometheus/node_exporter/releases/tag/v1.0.1)
* Update kube-state-metrics from v1.9.6 to v1.9.7
* Update Grafana from v7.0.0 to v7.0.3

## v1.18.3

* Kubernetes [v1.18.3](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1183)
* Use Kubelet [TLS bootstrap](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/) with bootstrap token authentication ([#713](https://github.com/poseidon/typhoon/pull/713))
* Enable Node [Authorization](https://kubernetes.io/docs/reference/access-authn-authz/node/) and [NodeRestriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) to reduce authorization scope
* Renew Kubelet certificates every 72 hours
* Update etcd from v3.4.7 to [v3.4.9](https://github.com/etcd-io/etcd/releases/tag/v3.4.9)
* Update Calico from v3.13.1 to [v3.14.0](https://docs.projectcalico.org/v3.14/release-notes/)
* Add CoreDNS node affinity preference for controller nodes ([#188](https://github.com/poseidon/terraform-render-bootstrap/pull/188))
* Deprecate CoreOS Container Linux support (no OS [updates](https://coreos.com/os/eol/) after May 2020)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module for Flatcar Linux

### AWS

* Fix Terraform plan error when `controller_count` exceeds AWS zones (e.g. 5 controllers) ([#714](https://github.com/poseidon/typhoon/pull/714))
* Regressed in v1.17.1 ([#605](https://github.com/poseidon/typhoon/pull/605))

### Azure

* Update Azure subnets to set `address_prefixes` list ([#730](https://github.com/poseidon/typhoon/pull/730))
* Fix warning that `address_prefix` is deprecated
* Require `terraform-provider-azurerm` v2.8.0+ (action required)

### DigitalOcean

* Promote DigitalOcean to beta on both Fedora CoreOS and Flatcar Linux

### Fedora CoreOS

* Fix Calico `install-cni` crashloop on Pod restarts ([#724](https://github.com/poseidon/typhoon/pull/724))
* SELinux enforcement requires consistent file context MCS level
* Restarting a node resolved the issue as a previous workaround

#### AWS

* Support Fedora CoreOS [image streams](https://docs.fedoraproject.org/en-US/fedora-coreos/update-streams/) ([#727](https://github.com/poseidon/typhoon/pull/727))
* Add `os_stream` variable to set the stream to `stable` (default), `testing`, or `next`
* Remove unused `os_image` variable

#### Google

* Support Fedora CoreOS [image streams](https://docs.fedoraproject.org/en-US/fedora-coreos/update-streams/) ([#723](https://github.com/poseidon/typhoon/pull/723))
* Add `os_stream` variable to set the stream to `stable` (default), `testing`, or `next`
* Deprecate `os_image` variable. Manual image uploads are no longer needed

### Flatcar Linux

#### Azure

* Use the Flatcar Linux Azure Marketplace image
* Restore [#664](https://github.com/poseidon/typhoon/pull/664) (reverted in [#707](https://github.com/poseidon/typhoon/pull/707)) but use Flatcar Linux new free offer (not byol)
* Change `os_image` to use a `flatcar-stable` default

#### Google

* Promote Flatcar Linux to beta

### Addons

* Update nginx-ingress from v0.30.0 to [v0.32.0](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.32.0)
* Add support for [IngressClass](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)
* Update Prometheus from v2.17.1 to v2.18.1
* Update kube-state-metrics from v1.9.5 to [v1.9.6](https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.9.6)
* Update node-exporter from v1.0.0-rc.0 to [v1.0.0-rc.1](https://github.com/prometheus/node_exporter/releases/tag/v1.0.0-rc.1)
* Update Grafana from v6.7.2 to [v7.0.0](https://grafana.com/docs/grafana/latest/guides/whats-new-in-v7-0/)

## v1.18.2

* Kubernetes [v1.18.2](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1182)
* Choose Fedora CoreOS or Flatcar Linux (**action required**)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module for Flatcar Linux
* Change Container Linux modules' defaults from CoreOS Container Linux to [Flatcar Container Linux](https://typhoon.psdn.io/architecture/operating-systems/) ([#702](https://github.com/poseidon/typhoon/pull/702))
* CoreOS Container Linux [won't receive updates](https://coreos.com/os/eol/) after May 2020

### Fedora CoreOS

* Fix bootstrap race condition from SELinux unshared content label ([#708](https://github.com/poseidon/typhoon/pull/708))

#### Azure

* Add support for Fedora CoreOS ([#704](https://github.com/poseidon/typhoon/pull/704))

### Flatcar Linux / Container Linux
#### DigitalOcean

* Fix race condition creating firewall allow rules ([#709](https://github.com/poseidon/typhoon/pull/709))

### Flatcar Linux

#### AWS

* Change Container Linux `os_image` default from `coreos-stable` to `flatcar-stable` ([#702](https://github.com/poseidon/typhoon/pull/702))
* Change `os_image` default from `coreos-stable` to `flatcar-stable` ([#702](https://github.com/poseidon/typhoon/pull/702))

#### Azure

* Change Container Linux `os_image` default from `coreos-stable` to `flatcar-stable` ([#702](https://github.com/poseidon/typhoon/pull/702))
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
* Disable Flatcar Linux Azure Marketplace image [support](https://github.com/poseidon/typhoon/pull/664) (**breaking**, [#707](https://github.com/poseidon/typhoon/pull/707))
* Revert to manual uploading until marketplace issue is closed ([#703](https://github.com/poseidon/typhoon/issues/703))

#### Bare-Metal

* Container Linux users should change [os_channel](https://typhoon.psdn.io/cl/bare-metal/#required) from a CoreOS channel to a Flatcar channel
* Recommend changing [os_channel](https://typhoon.psdn.io/cl/bare-metal/#required) from `coreos-stable` to `flatcar-stable`

#### Google

* Change Container Linux `os_image` to be required. Container Linux users should upload a Flatcar Linux image and set it (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))

#### DigitalOcean

* Change Container Linux `os_image` to be required. Container Linux users should upload a Flatcar Linux image and set it (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
* Fix race condition creating firewall allow rules ([#709](https://github.com/poseidon/typhoon/pull/709))

## v1.18.1

Expand Down
Loading