diff --git a/README.md b/README.md index 6dcde46f0..5ddf6dc85 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Version matrix: | Kubernetes Version | vSphere Cloud Provider Release Version | Cloud Provider Branch | |--------------------|----------------------------------------|-----------------------| +| v1.27.X | v1.27.X | release-1.27 | | v1.26.X | v1.26.X | release-1.26 | | v1.25.X | v1.25.X | release-1.25 | | v1.24.X | v1.24.X | release-1.24 | diff --git a/charts/vsphere-cpi/Chart.yaml b/charts/vsphere-cpi/Chart.yaml index f12b7d0ad..82aed2225 100644 --- a/charts/vsphere-cpi/Chart.yaml +++ b/charts/vsphere-cpi/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 1.26.0 +appVersion: 1.27.0 description: A Helm chart for vSphere Cloud Provider Interface Manager (CPI) name: vsphere-cpi -version: 1.26.0 +version: 1.27.0 keywords: - vsphere - vmware diff --git a/charts/vsphere-cpi/README.md b/charts/vsphere-cpi/README.md index 132604bb0..c166f2b9f 100644 --- a/charts/vsphere-cpi/README.md +++ b/charts/vsphere-cpi/README.md @@ -149,7 +149,7 @@ helm repo add vsphere-cpi https://kubernetes.github.io/cloud-provider-vsphere helm repo update # Package CPI Chart -VERSION=1.26.0 +VERSION=1.27.0 cd charts helm package vsphere-cpi --version $VERSION --app-version $VERSION diff --git a/charts/vsphere-cpi/values.yaml b/charts/vsphere-cpi/values.yaml index e180cb713..37ea8381e 100644 --- a/charts/vsphere-cpi/values.yaml +++ b/charts/vsphere-cpi/values.yaml @@ -55,7 +55,7 @@ serviceAccount: daemonset: annotations: {} image: gcr.io/cloud-provider-vsphere/cpi/release/manager - tag: v1.26.0 + tag: v1.27.0 pullPolicy: IfNotPresent dnsPolicy: ClusterFirst cmdline: diff --git a/cluster/images/controller-manager/Dockerfile b/cluster/images/controller-manager/Dockerfile index de09879ac..901232b93 100644 --- a/cluster/images/controller-manager/Dockerfile +++ b/cluster/images/controller-manager/Dockerfile @@ -33,7 +33,7 @@ ARG DISTROLESS_IMAGE=gcr.io/distroless/static-debian11@sha256:a01d47d4036cae5a67 FROM ${GOLANG_IMAGE} as builder # This build arg is the version to embed in the CPI binary -ARG VERSION=1.26.0 +ARG VERSION=1.27.0 # This build arg controls the GOPROXY setting ARG GOPROXY diff --git a/docs/book/tutorials/disable-node-deletion.yaml b/docs/book/tutorials/disable-node-deletion.yaml index 8e8ac41e4..db57add83 100644 --- a/docs/book/tutorials/disable-node-deletion.yaml +++ b/docs/book/tutorials/disable-node-deletion.yaml @@ -233,7 +233,7 @@ spec: priorityClassName: system-node-critical containers: - name: vsphere-cloud-controller-manager - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.26.0 + image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0 args: - --cloud-provider=vsphere - --v=2 diff --git a/releases/README.md b/releases/README.md index d1f895afa..00b3ff11d 100644 --- a/releases/README.md +++ b/releases/README.md @@ -8,14 +8,14 @@ Note that YAML files from [manifests/controller-manager repo](https://github.com ## Example workflow -In this tutorial, we will be installing the latest version of cloud provider vsphere(v1.26.0) freshly. If you have an older version of CPI already installed, the steps to deploy and upgrade CPI stay the same. With our `RollingUpdate` update strategy, after you update a DaemonSet template, old DaemonSet pods will be killed, and new DaemonSet pods will be created automatically. +In this tutorial, we will be installing the latest version of cloud provider vsphere(v1.27.0) freshly. If you have an older version of CPI already installed, the steps to deploy and upgrade CPI stay the same. With our `RollingUpdate` update strategy, after you update a DaemonSet template, old DaemonSet pods will be killed, and new DaemonSet pods will be created automatically. ### Step 1: find the kubernetes major version you are using -For example, the major version of '1.26.x' is '1.26', then run: +For example, the major version of '1.27.x' is '1.27', then run: ```bash -VERSION=1.26 +VERSION=1.27 wget https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/release-$VERSION/releases/v$VERSION/vsphere-cloud-controller-manager.yaml ``` diff --git a/releases/v1.27/vsphere-cloud-controller-manager.yaml b/releases/v1.27/vsphere-cloud-controller-manager.yaml new file mode 100644 index 000000000..12f6d65ce --- /dev/null +++ b/releases/v1.27/vsphere-cloud-controller-manager.yaml @@ -0,0 +1,263 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cloud-controller-manager + labels: + vsphere-cpi-infra: service-account + component: cloud-controller-manager + namespace: kube-system +--- +apiVersion: v1 +kind: Secret +metadata: + name: vsphere-cloud-secret + labels: + vsphere-cpi-infra: secret + component: cloud-controller-manager + namespace: kube-system + # NOTE: this is just an example configuration, update with real values based on your environment +stringData: + 10.0.0.1.username: "" + 10.0.0.1.password: "" + 1.2.3.4.username: "" + 1.2.3.4.password: "" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: vsphere-cloud-config + labels: + vsphere-cpi-infra: config + component: cloud-controller-manager + namespace: kube-system +data: + # NOTE: this is just an example configuration, update with real values based on your environment + vsphere.conf: | + # Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section. + global: + port: 443 + # set insecureFlag to true if the vCenter uses a self-signed cert + insecureFlag: true + # settings for using k8s secret + secretName: vsphere-cloud-secret + secretNamespace: kube-system + + # vcenter section + vcenter: + your-vcenter-name-here: + server: 10.0.0.1 + user: use-your-vcenter-user-here + password: use-your-vcenter-password-here + datacenters: + - hrwest + - hreast + could-be-a-tenant-label: + server: 1.2.3.4 + datacenters: + - mytenantdc + secretName: cpi-engineering-secret + secretNamespace: kube-system + + # labels for regions and zones + labels: + region: k8s-region + zone: k8s-zone +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: servicecatalog.k8s.io:apiserver-authentication-reader + labels: + vsphere-cpi-infra: role-binding + component: cloud-controller-manager + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: + - apiGroup: "" + kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system + - apiGroup: "" + kind: User + name: cloud-controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: system:cloud-controller-manager + labels: + vsphere-cpi-infra: cluster-role-binding + component: cloud-controller-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:cloud-controller-manager +subjects: + - kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system + - kind: User + name: cloud-controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:cloud-controller-manager + labels: + vsphere-cpi-infra: role + component: cloud-controller-manager +rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - "*" + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch + - apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - patch + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - "coordination.k8s.io" + resources: + - leases + verbs: + - create + - get + - list + - watch + - update +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: vsphere-cloud-controller-manager + labels: + component: cloud-controller-manager + tier: control-plane + namespace: kube-system +spec: + selector: + matchLabels: + name: vsphere-cloud-controller-manager + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: vsphere-cloud-controller-manager + component: cloud-controller-manager + tier: control-plane + spec: + tolerations: + - key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + effect: NoSchedule + - key: node-role.kubernetes.io/master + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node.kubernetes.io/not-ready + effect: NoSchedule + operator: Exists + securityContext: + runAsUser: 1001 + serviceAccountName: cloud-controller-manager + priorityClassName: system-node-critical + containers: + - name: vsphere-cloud-controller-manager + image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0 + args: + - --cloud-provider=vsphere + - --v=2 + - --cloud-config=/etc/cloud/vsphere.conf + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + resources: + requests: + cpu: 200m + hostNetwork: true + volumes: + - name: vsphere-config-volume + configMap: + name: vsphere-cloud-config + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists