From c912e57e75eddd9bd52b6d58dd5ea6d9a14d13ae Mon Sep 17 00:00:00 2001 From: Terence DENG Date: Sun, 12 Feb 2023 12:47:03 +0800 Subject: [PATCH] Update for v1.25.4 --- README.md | 11 +++-- README_en.md | 11 +++-- images.properties | 14 +++--- ingress-nginx-controller.yaml | 93 +++++++++++++++++++++++++---------- kubernetes-dashboard.yaml | 8 +-- 5 files changed, 90 insertions(+), 47 deletions(-) diff --git a/README.md b/README.md index b88cf37..6c37e35 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,7 @@ * 当前 master 分支已经在 Docker for Mac/Windows 4.13.1 (包含 Docker CE 20.10.20 和 Kubernetes 1.25.2) 版本测试通过 * 如果需要测试其他版本,请查看 Docker Desktop版本,Docker -> About Docker Desktop ![about](images/about.png) + * 如Kubernetes版本为 v1.25.4, 请使用下面命令切换 [v1.25.2 分支](https://github.com/AliyunContainerService/k8s-for-docker-desktop/tree/v1.25.4) ```git checkout v1.25.4``` * 如Kubernetes版本为 v1.25.2, 请使用下面命令切换 [v1.25.2 分支](https://github.com/AliyunContainerService/k8s-for-docker-desktop/tree/v1.25.2) ```git checkout v1.25.2``` * 如Kubernetes版本为 v1.25.0, 请使用下面命令切换 [v1.25.0 分支](https://github.com/AliyunContainerService/k8s-for-docker-desktop/tree/v1.25.0) ```git checkout v1.25.0``` * 如Kubernetes版本为 v1.24.2, 请使用下面命令切换 [v1.24.2 分支](https://github.com/AliyunContainerService/k8s-for-docker-desktop/tree/v1.24.2) ```git checkout v1.24.2``` @@ -122,7 +123,7 @@ kubectl get nodes #### 部署 Kubernetes dashboard ```shell -kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml ``` 或 @@ -201,7 +202,7 @@ Win: %UserProfile%\.kube\config 安装 ```shell -kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/cloud/deploy.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.5.1/deploy/static/provider/cloud/deploy.yaml ``` 或 @@ -313,11 +314,11 @@ helm uninstall wordpress 可以根据文档安装 Istio https://istio.io/docs/setup/getting-started/ -#### 下载 Istio 1.5.0 +#### 下载 Istio 1.16.2 ```bash -curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.5.0 sh - -cd istio-1.5.0 +curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.16.2 sh - +cd istio-1.16.2 export PATH=$PWD/bin:$PATH ``` diff --git a/README_en.md b/README_en.md index b8a15e1..2eb3323 100644 --- a/README_en.md +++ b/README_en.md @@ -7,6 +7,7 @@ NOTE: * The master branch is tested with Docker Desktop for Mac/Windows version 4.13.1 (with Docker CE 20.10.20 and Kubernetes 1.25.2). * If you want to use with other version, pls check version of Kubernetes,Docker -> About Docker Desktop ![about](images/about.png) + * For Kubernetes v1.25.2, please use the v1.25.4 branch ```git checkout v1.25.4``` * For Kubernetes v1.25.2, please use the v1.25.2 branch ```git checkout v1.25.2``` * For Kubernetes v1.25.0, please use the v1.25.0 branch ```git checkout v1.25.0``` * For Kubernetes v1.24.2, please use the v1.24.2 branch ```git checkout v1.24.2``` @@ -116,7 +117,7 @@ kubectl get nodes #### Install Kubernetes dashboard ```shell -$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml +$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml ``` or @@ -193,7 +194,7 @@ Note: If you are testing Istio, donot need to install Ingress Install ```shell -kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/cloud/deploy.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.5.1/deploy/static/provider/cloud/deploy.yaml ``` Or @@ -277,11 +278,11 @@ helm repo update More details can be found in https://istio.io/docs/setup/getting-started/ -#### Download Istio 1.5.0 and install CLI +#### Download Istio 1.6.2 and install CLI ```shell -curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.5.0 sh - -cd istio-1.5.0/ +curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.6.2 sh - +cd istio-1.6.2/ export PATH=$PWD/bin:$PATH ``` diff --git a/images.properties b/images.properties index b40232d..87619b4 100644 --- a/images.properties +++ b/images.properties @@ -1,9 +1,9 @@ k8s.gcr.io/pause:3.8=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8 -k8s.gcr.io/kube-controller-manager:v1.25.2=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.25.2 -k8s.gcr.io/kube-scheduler:v1.25.2=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.25.2 -k8s.gcr.io/kube-proxy:v1.25.2=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.25.2 -k8s.gcr.io/kube-apiserver:v1.25.2=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.25.2 -k8s.gcr.io/etcd:3.5.4-0=registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.4-0 +k8s.gcr.io/kube-controller-manager:v1.25.4=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.25.4 +k8s.gcr.io/kube-scheduler:v1.25.4=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.25.4 +k8s.gcr.io/kube-proxy:v1.25.4=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.25.4 +k8s.gcr.io/kube-apiserver:v1.25.4=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.25.4 +k8s.gcr.io/etcd:3.5.5-0=registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.5-0 k8s.gcr.io/coredns/coredns:v1.9.3=registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.9.3 -k8s.gcr.io/ingress-nginx/controller:v1.2.1=registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.2.1 -k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.2.2=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.2.2 +registry.k8s.io/ingress-nginx/controller:v1.5.1=registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.5.1 +registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v20220916-gd32f8c343 diff --git a/ingress-nginx-controller.yaml b/ingress-nginx-controller.yaml index 971ad6c..3a9844b 100644 --- a/ingress-nginx-controller.yaml +++ b/ingress-nginx-controller.yaml @@ -15,7 +15,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx namespace: ingress-nginx --- @@ -27,7 +27,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission namespace: ingress-nginx --- @@ -39,7 +39,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx namespace: ingress-nginx rules: @@ -93,7 +93,7 @@ rules: - apiGroups: - "" resourceNames: - - ingress-controller-leader + - ingress-nginx-leader resources: - configmaps verbs: @@ -105,6 +105,21 @@ rules: - configmaps verbs: - create +- apiGroups: + - coordination.k8s.io + resourceNames: + - ingress-nginx-leader + resources: + - leases + verbs: + - get + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create - apiGroups: - "" resources: @@ -112,6 +127,14 @@ rules: verbs: - create - patch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -121,7 +144,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission namespace: ingress-nginx rules: @@ -140,7 +163,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx rules: - apiGroups: @@ -155,6 +178,13 @@ rules: verbs: - list - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch - apiGroups: - "" resources: @@ -198,6 +228,14 @@ rules: - get - list - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -207,7 +245,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission rules: - apiGroups: @@ -226,7 +264,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx namespace: ingress-nginx roleRef: @@ -246,7 +284,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission namespace: ingress-nginx roleRef: @@ -265,7 +303,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx roleRef: apiGroup: rbac.authorization.k8s.io @@ -284,7 +322,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,7 +343,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-controller namespace: ingress-nginx --- @@ -317,11 +355,14 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-controller namespace: ingress-nginx spec: externalTrafficPolicy: Local + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack ports: - appProtocol: http name: http @@ -347,7 +388,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-controller-admission namespace: ingress-nginx spec: @@ -370,7 +411,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-controller namespace: ingress-nginx spec: @@ -392,7 +433,7 @@ spec: - args: - /nginx-ingress-controller - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller - - --election-id=ingress-controller-leader + - --election-id=ingress-nginx-leader - --controller-class=k8s.io/ingress-nginx - --ingress-class=nginx - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller @@ -410,7 +451,7 @@ spec: fieldPath: metadata.namespace - name: LD_PRELOAD value: /usr/local/lib/libmimalloc.so - image: k8s.gcr.io/ingress-nginx/controller:v1.2.0 + image: registry.k8s.io/ingress-nginx/controller:v1.5.1 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -482,7 +523,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission-create namespace: ingress-nginx spec: @@ -493,7 +534,7 @@ spec: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission-create spec: containers: @@ -507,7 +548,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.1.1 + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343 imagePullPolicy: IfNotPresent name: create securityContext: @@ -529,7 +570,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission-patch namespace: ingress-nginx spec: @@ -540,7 +581,7 @@ spec: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission-patch spec: containers: @@ -556,7 +597,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.1.1 + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343 imagePullPolicy: IfNotPresent name: patch securityContext: @@ -578,7 +619,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: nginx spec: controller: k8s.io/ingress-nginx @@ -591,7 +632,7 @@ metadata: app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.2.0 + app.kubernetes.io/version: 1.5.1 name: ingress-nginx-admission webhooks: - admissionReviewVersions: @@ -614,4 +655,4 @@ webhooks: - UPDATE resources: - ingresses - sideEffects: None + sideEffects: None \ No newline at end of file diff --git a/kubernetes-dashboard.yaml b/kubernetes-dashboard.yaml index 28fe223..f4a5473 100644 --- a/kubernetes-dashboard.yaml +++ b/kubernetes-dashboard.yaml @@ -190,8 +190,8 @@ spec: type: RuntimeDefault containers: - name: kubernetes-dashboard - image: kubernetesui/dashboard:v2.5.1 - imagePullPolicy: IfNotPresent + image: kubernetesui/dashboard:v2.7.0 + imagePullPolicy: Always ports: - containerPort: 8443 protocol: TCP @@ -275,7 +275,7 @@ spec: type: RuntimeDefault containers: - name: dashboard-metrics-scraper - image: kubernetesui/metrics-scraper:v1.0.7 + image: kubernetesui/metrics-scraper:v1.0.8 ports: - containerPort: 8000 protocol: TCP @@ -303,4 +303,4 @@ spec: effect: NoSchedule volumes: - name: tmp-volume - emptyDir: {} + emptyDir: {} \ No newline at end of file