Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.12 Helm chart changes and release manifests #2122

Merged
merged 3 commits into from
Oct 27, 2022
Merged

v1.12 Helm chart changes and release manifests #2122

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9a2b308
v1.12 Helm chart changes and release manifests
M00nF1sh Oct 27, 2022
8036dbe
update readme for container runtime
M00nF1sh Oct 27, 2022
0bd2484
update readme for container runtime
M00nF1sh Oct 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -622,16 +622,17 @@ and the kubelet respectively if you are making use of this tag.

### Container Runtime

Currently, IPAMD uses dockershim socket to pull pod sandboxes information upon its starting. The runtime can be set to others.
The mountPath should be changed to `/var/run/cri.sock` and hostPath should be pointed to the wanted socket, such as
`/var/run/containerd/containerd.sock` for containerd. If using helm chart, the flag `--set cri.hostPath.path=/var/run/containerd/containerd.sock`
can set the paths for you.

*Note*:

* When using a different container runtime instead of dockershim in VPC CNI, make sure kubelet is also configured to use the same CRI.
* If you want to enable containerd runtime with the support provided by Amazon AMI, please follow the instructions in our documentation, [Enable the containerd runtime bootstrap flag](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html#containerd-bootstrap)

For VPC CNI >=v1.12.0, IPAMD have switched to use an on-disk file `/var/run/aws-node/ipam.json` to track IP allocations, thus became container runtime agnostic and no longer requires access to Container Runtime Interface(CRI) socket.
* **Note**:
* Helm chart >=v1.2.0 is released with VPC CNI v1.12.0, thus no longer supports the `cri.hostPath.path`. If you need to install a VPC CNI <v1.12.0 with helm chart, a Helm chart version that <v1.2.0 should be used.

For VPC CNI <v1.12.0, IPAMD still depends on CRI to track IP allocations using pod sandboxes information upon its starting.
* By default the dockershim CRI socket was mounted but can be customized to use other CRI:
* The mountPath should be changed to `/var/run/cri.sock` and hostPath should be pointed to CRI used by kubelet, such as `/var/run/containerd/containerd.sock` for containerd.
* With Helm chart <v1.2.0, the flag `--set cri.hostPath.path=/var/run/containerd/containerd.sock` can set above for you.
* **Note**:
* When using a different container runtime instead of the default dockershim in VPC CNI, make sure kubelet is also configured to use the same CRI.
* If you want to enable containerd runtime with the support provided by Amazon AMI, please follow the instructions in our documentation, [Enable the containerd runtime bootstrap flag](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html#containerd-bootstrap)
### Notes

`L-IPAMD`(aws-node daemonSet) running on every worker node requires access to the Kubernetes API server. If it can **not** reach
Expand Down
4 changes: 2 additions & 2 deletions charts/aws-vpc-cni/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
name: aws-vpc-cni
version: 1.1.21
appVersion: "v1.11.4"
version: 1.2.0
appVersion: "v1.12.0"
description: A Helm chart for the AWS VPC CNI
icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
home: https://github.com/aws/amazon-vpc-cni-k8s
Expand Down
1 change: 0 additions & 1 deletion charts/aws-vpc-cni/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,6 @@ The following table lists the configurable parameters for this chart and their d
| `crd.create` | Specifies whether to create the VPC-CNI CRD | `true` |
| `tolerations` | Optional deployment tolerations | `[]` |
| `updateStrategy` | Optional update strategy | `type: RollingUpdate` |
| `cri.hostPath` | Optional use alternative container runtime | `nil` |

Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` or provide a YAML file containing the values for the above parameters:

Expand Down
16 changes: 0 additions & 16 deletions charts/aws-vpc-cni/templates/daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,13 +99,6 @@ spec:
{{- end }}
- mountPath: /host/var/log/aws-routed-eni
name: log-dir
{{- if .Values.cri.hostPath }}
- mountPath: /var/run/cri.sock
name: cri
{{- else }}
- mountPath: /var/run/dockershim.sock
name: dockershim
{{- end }}
- mountPath: /var/run/aws-node
name: run-dir
- mountPath: /run/xtables.lock
Expand All @@ -124,15 +117,6 @@ spec:
- name: cni-config
configMap:
name: {{ include "aws-vpc-cni.fullname" . }}
{{- end }}
{{- with .Values.cri.hostPath }}
- name: cri
hostPath:
{{- toYaml . | nindent 10 }}
{{- else }}
- name: dockershim
hostPath:
path: /var/run/dockershim.sock
{{- end }}
- name: log-dir
hostPath:
Expand Down
8 changes: 2 additions & 6 deletions charts/aws-vpc-cni/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ nameOverride: aws-node

init:
image:
tag: v1.11.4
tag: v1.12.0
region: us-west-2
account: "602401143452"
pullPolicy: Always
Expand All @@ -23,7 +23,7 @@ init:

image:
region: us-west-2
tag: v1.11.4
tag: v1.12.0
account: "602401143452"
domain: "amazonaws.com"
pullPolicy: Always
Expand Down Expand Up @@ -166,7 +166,3 @@ eniConfig:
# id: subnet-789
# securityGroups:
# - sg-789

cri:
hostPath:
# path: /var/run/containerd/containerd.sock
19 changes: 7 additions & 12 deletions config/master/aws-k8s-cni-cn.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
---
# Source: aws-vpc-cni/templates/customresourcedefinition.yaml
apiVersion: apiextensions.k8s.io/v1
Expand All @@ -20,7 +20,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
scope: Cluster
group: crd.k8s.amazonaws.com
Expand All @@ -47,7 +47,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
rules:
- apiGroups:
- crd.k8s.amazonaws.com
Expand Down Expand Up @@ -84,7 +84,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand All @@ -104,7 +104,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
updateStrategy:
rollingUpdate:
Expand All @@ -125,7 +125,7 @@ spec:
hostNetwork: true
initContainers:
- name: aws-vpc-cni-init
image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.11.4"
image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.12.0"
env:
- name: DISABLE_TCP_EARLY_DEMUX
value: "false"
Expand All @@ -143,7 +143,7 @@ spec:
{}
containers:
- name: aws-node
image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.11.4"
image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.12.0"
ports:
- containerPort: 61678
name: metrics
Expand Down Expand Up @@ -227,8 +227,6 @@ spec:
name: cni-net-dir
- mountPath: /host/var/log/aws-routed-eni
name: log-dir
- mountPath: /var/run/dockershim.sock
name: dockershim
- mountPath: /var/run/aws-node
name: run-dir
- mountPath: /run/xtables.lock
Expand All @@ -240,9 +238,6 @@ spec:
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
- name: dockershim
hostPath:
path: /var/run/dockershim.sock
- name: log-dir
hostPath:
path: /var/log/aws-routed-eni
Expand Down
19 changes: 7 additions & 12 deletions config/master/aws-k8s-cni-us-gov-east-1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
---
# Source: aws-vpc-cni/templates/customresourcedefinition.yaml
apiVersion: apiextensions.k8s.io/v1
Expand All @@ -20,7 +20,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
scope: Cluster
group: crd.k8s.amazonaws.com
Expand All @@ -47,7 +47,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
rules:
- apiGroups:
- crd.k8s.amazonaws.com
Expand Down Expand Up @@ -84,7 +84,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand All @@ -104,7 +104,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
updateStrategy:
rollingUpdate:
Expand All @@ -125,7 +125,7 @@ spec:
hostNetwork: true
initContainers:
- name: aws-vpc-cni-init
image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.11.4"
image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.12.0"
env:
- name: DISABLE_TCP_EARLY_DEMUX
value: "false"
Expand All @@ -143,7 +143,7 @@ spec:
{}
containers:
- name: aws-node
image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.11.4"
image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.12.0"
ports:
- containerPort: 61678
name: metrics
Expand Down Expand Up @@ -227,8 +227,6 @@ spec:
name: cni-net-dir
- mountPath: /host/var/log/aws-routed-eni
name: log-dir
- mountPath: /var/run/dockershim.sock
name: dockershim
- mountPath: /var/run/aws-node
name: run-dir
- mountPath: /run/xtables.lock
Expand All @@ -240,9 +238,6 @@ spec:
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
- name: dockershim
hostPath:
path: /var/run/dockershim.sock
- name: log-dir
hostPath:
path: /var/log/aws-routed-eni
Expand Down
19 changes: 7 additions & 12 deletions config/master/aws-k8s-cni-us-gov-west-1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
---
# Source: aws-vpc-cni/templates/customresourcedefinition.yaml
apiVersion: apiextensions.k8s.io/v1
Expand All @@ -20,7 +20,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
scope: Cluster
group: crd.k8s.amazonaws.com
Expand All @@ -47,7 +47,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
rules:
- apiGroups:
- crd.k8s.amazonaws.com
Expand Down Expand Up @@ -84,7 +84,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand All @@ -104,7 +104,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.11.4"
app.kubernetes.io/version: "v1.12.0"
spec:
updateStrategy:
rollingUpdate:
Expand All @@ -125,7 +125,7 @@ spec:
hostNetwork: true
initContainers:
- name: aws-vpc-cni-init
image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.11.4"
image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.12.0"
env:
- name: DISABLE_TCP_EARLY_DEMUX
value: "false"
Expand All @@ -143,7 +143,7 @@ spec:
{}
containers:
- name: aws-node
image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.11.4"
image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.12.0"
ports:
- containerPort: 61678
name: metrics
Expand Down Expand Up @@ -227,8 +227,6 @@ spec:
name: cni-net-dir
- mountPath: /host/var/log/aws-routed-eni
name: log-dir
- mountPath: /var/run/dockershim.sock
name: dockershim
- mountPath: /var/run/aws-node
name: run-dir
- mountPath: /run/xtables.lock
Expand All @@ -240,9 +238,6 @@ spec:
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
- name: dockershim
hostPath:
path: /var/run/dockershim.sock
- name: log-dir
hostPath:
path: /var/log/aws-routed-eni
Expand Down
Loading