Skip to content

Update aws-node to v1.21.1 #8541

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
eksctl-bot wants to merge 1 commit into
base: main
Choose a base branch
from
+68 −48
Open

Update aws-node to v1.21.1 #8541

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 67 additions & 47 deletions pkg/addons/default/assets/aws-node.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,14 +78,19 @@ spec:
description: PolicyEndpoint is the Schema for the policyendpoints API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -102,6 +107,12 @@ spec:
cidr:
description: CIDR is the network address(s) of the endpoint
type: string
domainName:
description: |-
DomainName is the FQDN for the endpoint (mutually exclusive with CIDR, egress-only)
Note: This field should only be used in egress rules, not ingress
pattern: ^(\*\.)?([a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.)+[a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.?$
type: string
except:
description: Except is the exceptions to the CIDR ranges mentioned
above.
Expand All @@ -115,9 +126,9 @@ spec:
port/protocol
properties:
endPort:
description: Endport specifies the port range port to
endPort port must be defined and an integer, endPort
> port
description: |-
Endport specifies the port range port to endPort
port must be defined and an integer, endPort > port
format: int32
type: integer
port:
Expand All @@ -132,8 +143,6 @@ spec:
type: string
type: object
type: array
required:
- cidr
type: object
type: array
ingress:
Expand All @@ -146,6 +155,12 @@ spec:
cidr:
description: CIDR is the network address(s) of the endpoint
type: string
domainName:
description: |-
DomainName is the FQDN for the endpoint (mutually exclusive with CIDR, egress-only)
Note: This field should only be used in egress rules, not ingress
pattern: ^(\*\.)?([a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.)+[a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.?$
type: string
except:
description: Except is the exceptions to the CIDR ranges mentioned
above.
Expand All @@ -159,9 +174,9 @@ spec:
port/protocol
properties:
endPort:
description: Endport specifies the port range port to
endPort port must be defined and an integer, endPort
> port
description: |-
Endport specifies the port range port to endPort
port must be defined and an integer, endPort > port
format: int32
type: integer
port:
Expand All @@ -176,18 +191,17 @@ spec:
type: string
type: object
type: array
required:
- cidr
type: object
type: array
podIsolation:
description: PodIsolation specifies whether the pod needs to be isolated
for a particular traffic direction Ingress or Egress, or both. If
default isolation is not specified, and there are no ingress/egress
rules, then the pod is not isolated from the point of view of this
policy. This follows the NetworkPolicy spec.PolicyTypes.
description: |-
PodIsolation specifies whether the pod needs to be isolated for a
particular traffic direction Ingress or Egress, or both. If default isolation is not
specified, and there are no ingress/egress rules, then the pod is not isolated
from the point of view of this policy. This follows the NetworkPolicy spec.PolicyTypes.
items:
description: PolicyType string describes the NetworkPolicy type
description: |-
PolicyType string describes the NetworkPolicy type
This type is beta-level in 1.8
type: string
type: array
Expand All @@ -198,46 +212,48 @@ spec:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
podSelectorEndpoints:
description: PodSelectorEndpoints contains information about the pods
description: |-
PodSelectorEndpoints contains information about the pods
matching the podSelector
items:
description: PodEndpoint defines the summary information for the
Expand Down Expand Up @@ -300,7 +316,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.20.3"
app.kubernetes.io/version: "v1.21.1"
---
# Source: aws-vpc-cni/templates/configmap.yaml
apiVersion: v1
Expand All @@ -312,7 +328,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.20.3"
app.kubernetes.io/version: "v1.21.1"
data:
enable-windows-ipam: "false"
enable-network-policy-controller: "false"
Expand All @@ -331,7 +347,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.20.3"
app.kubernetes.io/version: "v1.21.1"
rules:
- apiGroups:
- crd.k8s.amazonaws.com
Expand All @@ -357,16 +373,20 @@ rules:
- apiGroups: ["networking.k8s.aws"]
resources:
- policyendpoints
- clusterpolicyendpoints
verbs: ["get", "list", "watch"]
- apiGroups: ["networking.k8s.aws"]
resources:
- policyendpoints/status
- clusterpolicyendpoints/status
verbs: ["get"]
- apiGroups:
- vpcresources.k8s.aws
resources:
- cninodes
verbs: ["get", "list", "watch", "patch"]
- nonResourceURLs: ["/apis/networking.k8s.aws", "/apis/networking.k8s.aws/*"]
verbs: ["get"]
---
# Source: aws-vpc-cni/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
Expand All @@ -377,7 +397,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.20.3"
app.kubernetes.io/version: "v1.21.1"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand All @@ -397,7 +417,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/instance: aws-vpc-cni
k8s-app: aws-node
app.kubernetes.io/version: "v1.20.3"
app.kubernetes.io/version: "v1.21.1"
spec:
updateStrategy:
rollingUpdate:
Expand All @@ -418,7 +438,7 @@ spec:
hostNetwork: true
initContainers:
- name: aws-vpc-cni-init
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.20.3
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.21.1
imagePullPolicy: Always
env:
- name: DISABLE_TCP_EARLY_DEMUX
Expand All @@ -440,7 +460,7 @@ spec:
{}
containers:
- name: aws-node
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.20.3
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.21.1
ports:
- containerPort: 61678
name: metrics
Expand Down Expand Up @@ -508,7 +528,7 @@ spec:
- name: NETWORK_POLICY_ENFORCING_MODE
value: "standard"
- name: VPC_CNI_VERSION
value: "v1.20.3"
value: "v1.21.1"
- name: WARM_ENI_TARGET
value: "1"
- name: WARM_PREFIX_TARGET
Expand Down Expand Up @@ -543,7 +563,7 @@ spec:
- mountPath: /run/xtables.lock
name: xtables-lock
- name: aws-eks-nodeagent
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.2.6
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.3.1
imagePullPolicy: Always
ports:
- containerPort: 8162
Expand Down
2 changes: 1 addition & 1 deletion pkg/addons/default/aws_node_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ var _ = Describe("AWS Node", func() {

Describe("UpdateAWSNode", func() {
var preUpdateAwsNode *v1.DaemonSet
const expectedVersion = "v1.20.3"
const expectedVersion = "v1.21.1"
BeforeEach(func() {
loadSamples(rawClient, "testdata/sample-1.15.json")

Expand Down