diff --git a/CHANGELOG.md b/CHANGELOG.md index 036895d39f..c3ebc94bba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,20 @@ # Changelog +## v1.17.1 + +* Feature - [Send pod name/ns to nodeagent for strict mode](https://github.com/aws/amazon-vpc-cni-k8s/pull/2790) (@jayanthvn) +* Feature - [gRPC call for networkpolicy agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/2785)(@jayanthvn) +* Improvement - [Bump golang.org/x/sys from 0.16.0 to 0.17.0 in /test/agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/2822) (@dependabot) +* Improvement - [Bump google.golang.org/grpc from 1.61.0 to 1.62.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2827) (@dependabot) +* Improvement - [Bump google.golang.org/grpc from 1.61.0 to 1.62.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2827) (@dependabot) +* Improvement - [Bump github.com/aws/aws-sdk-go from 1.49.13 to 1.50.29](https://github.com/aws/amazon-vpc-cni-k8s/pull/2826) (@dependabot) +* Improvement - [Bump k8s.io/apimachinery from 0.29.0 to 0.29.2](https://github.com/aws/amazon-vpc-cni-k8s/pull/2825) (@dependabot) +* Improvement - [make generate; make generate-limits; remove soak tests](https://github.com/aws/amazon-vpc-cni-k8s/pull/2819) (@dependabot) +* Improvement - [Bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2824) (@dependabot) +* Improvement - [Make vpc cni as master CNI in multus-daemonset-thick.yml](https://github.com/aws/amazon-vpc-cni-k8s/pull/2828) (@raghs-aws) +* Improvement - [Bump github.com/prometheus/client_model from 0.5.0 to 0.6.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2829) (@dependabot) +* Improvement - [Repo controlled build go version](https://github.com/aws/amazon-vpc-cni-k8s/pull/2831) (@xdu31) + ## v1.16.4 * Bug - [Revert #2744 to prevent livelock when attempting to increase datastore pool](https://github.com/aws/amazon-vpc-cni-k8s/pull/2810) (@jdn5126 ) diff --git a/README.md b/README.md index eafe86da21..dccc7cf0fe 100644 --- a/README.md +++ b/README.md @@ -729,6 +729,15 @@ Container runtimes such as `containerd` will enable IPv6 in newly created contai Note that if you set this while using Multus, you must ensure that any chained plugins do not depend on IPv6 networking. You must also ensure that chained plugins do not also modify these sysctls. + +#### `NETWORK_POLICY_ENFORCING_MODE` (v1.17.1+) + +Type: String + +Default: `standard` + +Network Policy agent now supports two modes for Network Policy enforcement - Strict and Standard. By default, the Amazon VPC CNI plugin for Kubernetes configures network policies for pods in parallel with the pod provisioning. In the `standard` mode, until all of the policies are configured for the new pod, containers in the new pod will start with a default allow policy. A default allow policy means that all ingress and egress traffic is allowed to and from the new pods. However, in the `strict` mode, a new pod will be blocked from Egress and Ingress connections till a qualifying Network Policy is applied. In Strict Mode, you must have a network policy defined for every pod in your cluster. Host Networking pods are exempted from this requirement. + ### VPC CNI Feature Matrix diff --git a/charts/aws-vpc-cni/Chart.yaml b/charts/aws-vpc-cni/Chart.yaml index 2fc6860d52..474437984e 100644 --- a/charts/aws-vpc-cni/Chart.yaml +++ b/charts/aws-vpc-cni/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: aws-vpc-cni -version: 1.16.4 -appVersion: "v1.16.4" +version: 1.17.1 +appVersion: "v1.17.1" description: A Helm chart for the AWS VPC CNI icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png home: https://github.com/aws/amazon-vpc-cni-k8s diff --git a/charts/aws-vpc-cni/README.md b/charts/aws-vpc-cni/README.md index 52d0716356..914033da22 100644 --- a/charts/aws-vpc-cni/README.md +++ b/charts/aws-vpc-cni/README.md @@ -48,7 +48,7 @@ The following table lists the configurable parameters for this chart and their d | `minimumWindowsIPTarget`| Minimum IP target value for Windows prefix delegation | `3` | | `branchENICooldown` | Number of seconds that branch ENIs remain in cooldown | `60` | | `fullnameOverride` | Override the fullname of the chart | `aws-node` | -| `image.tag` | Image tag | `v1.16.4` | +| `image.tag` | Image tag | `v1.17.1` | | `image.domain` | ECR repository domain | `amazonaws.com` | | `image.region` | ECR repository region to use. Should match your cluster | `us-west-2` | | `image.endpoint` | ECR repository endpoint to use. | `ecr` | @@ -56,7 +56,7 @@ The following table lists the configurable parameters for this chart and their d | `image.pullPolicy` | Container pull policy | `IfNotPresent` | | `image.override` | A custom docker image to use | `nil` | | `imagePullSecrets` | Docker registry pull secret | `[]` | -| `init.image.tag` | Image tag | `v1.16.4` | +| `init.image.tag` | Image tag | `v1.17.1` | | `init.image.domain` | ECR repository domain | `amazonaws.com` | | `init.image.region` | ECR repository region to use. Should match your cluster | `us-west-2` | | `init.image.endpoint` | ECR repository endpoint to use. | `ecr` | @@ -69,7 +69,7 @@ The following table lists the configurable parameters for this chart and their d | `originalMatchLabels` | Use the original daemonset matchLabels | `false` | | `nameOverride` | Override the name of the chart | `aws-node` | | `nodeAgent.enabled` | If the Node Agent container should be created | `true` | -| `nodeAgent.image.tag` | Image tag for Node Agent | `v1.0.8` | +| `nodeAgent.image.tag` | Image tag for Node Agent | `v1.1.0` | | `nodeAgent.image.domain`| ECR repository domain | `amazonaws.com` | | `nodeAgent.image.region`| ECR repository region to use. Should match your cluster | `us-west-2` | | `nodeAgent.image.endpoint` | ECR repository endpoint to use. | `ecr` | diff --git a/charts/aws-vpc-cni/values.yaml b/charts/aws-vpc-cni/values.yaml index b490887dde..7dcfd0716d 100644 --- a/charts/aws-vpc-cni/values.yaml +++ b/charts/aws-vpc-cni/values.yaml @@ -8,7 +8,7 @@ nameOverride: aws-node init: image: - tag: v1.16.4 + tag: v1.17.1 domain: amazonaws.com region: us-west-2 endpoint: ecr @@ -27,7 +27,7 @@ init: nodeAgent: enabled: true image: - tag: v1.0.8 + tag: v1.1.0 domain: amazonaws.com region: us-west-2 endpoint: ecr @@ -50,7 +50,7 @@ nodeAgent: resources: {} image: - tag: v1.16.4 + tag: v1.17.1 domain: amazonaws.com region: us-west-2 endpoint: ecr @@ -83,8 +83,9 @@ env: DISABLE_NETWORK_RESOURCE_PROVISIONING: "false" ENABLE_IPv4: "true" ENABLE_IPv6: "false" - VPC_CNI_VERSION: "v1.16.4" ENABLE_SUBNET_DISCOVERY: "true" + VPC_CNI_VERSION: "v1.17.1" + NETWORK_POLICY_ENFORCING_MODE: "standard" # this flag enables you to use the match label that was present in the original daemonset deployed by EKS # You can then annotate and label the original aws-node resources and 'adopt' them into a helm release diff --git a/charts/cni-metrics-helper/Chart.yaml b/charts/cni-metrics-helper/Chart.yaml index eaa988790e..e0a3cf0d3e 100644 --- a/charts/cni-metrics-helper/Chart.yaml +++ b/charts/cni-metrics-helper/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: cni-metrics-helper -version: 1.16.4 -appVersion: v1.16.4 +version: 1.17.1 +appVersion: v1.17.1 description: A Helm chart for the AWS VPC CNI Metrics Helper icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png home: https://github.com/aws/amazon-vpc-cni-k8s diff --git a/charts/cni-metrics-helper/README.md b/charts/cni-metrics-helper/README.md index 4991765a7a..4bbf0f8b88 100644 --- a/charts/cni-metrics-helper/README.md +++ b/charts/cni-metrics-helper/README.md @@ -47,7 +47,7 @@ The following table lists the configurable parameters for this chart and their d |------------------------------|---------------------------------------------------------------|--------------------| | fullnameOverride | Override the fullname of the chart | cni-metrics-helper | | image.region | ECR repository region to use. Should match your cluster | us-west-2 | -| image.tag | Image tag | v1.16.4 | +| image.tag | Image tag | v1.17.1 | | image.account | ECR repository account number | 602401143452 | | image.domain | ECR repository domain | amazonaws.com | | env.USE_CLOUDWATCH | Whether to export CNI metrics to CloudWatch | true | diff --git a/charts/cni-metrics-helper/values.yaml b/charts/cni-metrics-helper/values.yaml index 470dfe8cf6..919681586f 100644 --- a/charts/cni-metrics-helper/values.yaml +++ b/charts/cni-metrics-helper/values.yaml @@ -4,7 +4,7 @@ nameOverride: cni-metrics-helper image: region: us-west-2 - tag: v1.16.4 + tag: v1.17.1 account: "602401143452" domain: "amazonaws.com" # Set to use custom image diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml index 809fb96b36..7908dba145 100644 --- a/config/master/aws-k8s-cni-cn.yaml +++ b/config/master/aws-k8s-cni-cn.yaml @@ -266,7 +266,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: aws-vpc-cni/templates/configmap.yaml apiVersion: v1 @@ -278,7 +278,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" data: enable-windows-ipam: "false" enable-network-policy-controller: "false" @@ -297,7 +297,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -343,7 +343,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -363,7 +363,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" spec: updateStrategy: rollingUpdate: @@ -384,7 +384,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.16.4 + image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.17.1 env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -405,7 +405,7 @@ spec: {} containers: - name: aws-node - image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.16.4 + image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.17.1 ports: - containerPort: 61678 name: metrics @@ -464,8 +464,10 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: NETWORK_POLICY_ENFORCING_MODE + value: "standard" - name: VPC_CNI_VERSION - value: "v1.16.4" + value: "v1.17.1" - name: ENABLE_SUBNET_DISCOVERY value: "true" - name: WARM_ENI_TARGET @@ -502,7 +504,7 @@ spec: - mountPath: /run/xtables.lock name: xtables-lock - name: aws-eks-nodeagent - image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-network-policy-agent:v1.0.8 + image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-network-policy-agent:v1.1.0 env: - name: MY_NODE_NAME valueFrom: diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml index d5038be9a0..d259779f75 100644 --- a/config/master/aws-k8s-cni-us-gov-east-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-east-1.yaml @@ -266,7 +266,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: aws-vpc-cni/templates/configmap.yaml apiVersion: v1 @@ -278,7 +278,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" data: enable-windows-ipam: "false" enable-network-policy-controller: "false" @@ -297,7 +297,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -343,7 +343,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -363,7 +363,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" spec: updateStrategy: rollingUpdate: @@ -384,7 +384,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.16.4 + image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.17.1 env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -405,7 +405,7 @@ spec: {} containers: - name: aws-node - image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.16.4 + image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.17.1 ports: - containerPort: 61678 name: metrics @@ -464,8 +464,10 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: NETWORK_POLICY_ENFORCING_MODE + value: "standard" - name: VPC_CNI_VERSION - value: "v1.16.4" + value: "v1.17.1" - name: ENABLE_SUBNET_DISCOVERY value: "true" - name: WARM_ENI_TARGET @@ -502,7 +504,7 @@ spec: - mountPath: /run/xtables.lock name: xtables-lock - name: aws-eks-nodeagent - image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-network-policy-agent:v1.0.8 + image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-network-policy-agent:v1.1.0 env: - name: MY_NODE_NAME valueFrom: diff --git a/config/master/aws-k8s-cni-us-gov-west-1.yaml b/config/master/aws-k8s-cni-us-gov-west-1.yaml index b3114c780e..c4728c6b76 100644 --- a/config/master/aws-k8s-cni-us-gov-west-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-west-1.yaml @@ -266,7 +266,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: aws-vpc-cni/templates/configmap.yaml apiVersion: v1 @@ -278,7 +278,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" data: enable-windows-ipam: "false" enable-network-policy-controller: "false" @@ -297,7 +297,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -343,7 +343,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -363,7 +363,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" spec: updateStrategy: rollingUpdate: @@ -384,7 +384,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.16.4 + image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.17.1 env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -405,7 +405,7 @@ spec: {} containers: - name: aws-node - image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.16.4 + image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.17.1 ports: - containerPort: 61678 name: metrics @@ -464,8 +464,10 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: NETWORK_POLICY_ENFORCING_MODE + value: "standard" - name: VPC_CNI_VERSION - value: "v1.16.4" + value: "v1.17.1" - name: ENABLE_SUBNET_DISCOVERY value: "true" - name: WARM_ENI_TARGET @@ -502,7 +504,7 @@ spec: - mountPath: /run/xtables.lock name: xtables-lock - name: aws-eks-nodeagent - image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-network-policy-agent:v1.0.8 + image: 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-network-policy-agent:v1.1.0 env: - name: MY_NODE_NAME valueFrom: diff --git a/config/master/aws-k8s-cni.yaml b/config/master/aws-k8s-cni.yaml index 0d23f99952..f7abbe2f06 100644 --- a/config/master/aws-k8s-cni.yaml +++ b/config/master/aws-k8s-cni.yaml @@ -266,7 +266,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: aws-vpc-cni/templates/configmap.yaml apiVersion: v1 @@ -278,7 +278,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" data: enable-windows-ipam: "false" enable-network-policy-controller: "false" @@ -297,7 +297,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -343,7 +343,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -363,7 +363,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" spec: updateStrategy: rollingUpdate: @@ -384,7 +384,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.16.4 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.17.1 env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -405,7 +405,7 @@ spec: {} containers: - name: aws-node - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.16.4 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.17.1 ports: - containerPort: 61678 name: metrics @@ -464,8 +464,10 @@ spec: value: "false" - name: ENABLE_PREFIX_DELEGATION value: "false" + - name: NETWORK_POLICY_ENFORCING_MODE + value: "standard" - name: VPC_CNI_VERSION - value: "v1.16.4" + value: "v1.17.1" - name: ENABLE_SUBNET_DISCOVERY value: "true" - name: WARM_ENI_TARGET @@ -502,7 +504,7 @@ spec: - mountPath: /run/xtables.lock name: xtables-lock - name: aws-eks-nodeagent - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.0.8 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.0 env: - name: MY_NODE_NAME valueFrom: diff --git a/config/master/cni-metrics-helper-cn.yaml b/config/master/cni-metrics-helper-cn.yaml index 87fc6ece1a..19e4fcd060 100644 --- a/config/master/cni-metrics-helper-cn.yaml +++ b/config/master/cni-metrics-helper-cn.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -69,5 +69,5 @@ spec: - name: USE_PROMETHEUS value: "false" name: cni-metrics-helper - image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/cni-metrics-helper:v1.16.4" + image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/cni-metrics-helper:v1.17.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper-us-gov-east-1.yaml b/config/master/cni-metrics-helper-us-gov-east-1.yaml index 47911ceab9..494f2d1080 100644 --- a/config/master/cni-metrics-helper-us-gov-east-1.yaml +++ b/config/master/cni-metrics-helper-us-gov-east-1.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -69,5 +69,5 @@ spec: - name: USE_PROMETHEUS value: "false" name: cni-metrics-helper - image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/cni-metrics-helper:v1.16.4" + image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/cni-metrics-helper:v1.17.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper-us-gov-west-1.yaml b/config/master/cni-metrics-helper-us-gov-west-1.yaml index 6875dc7024..85c40357a2 100644 --- a/config/master/cni-metrics-helper-us-gov-west-1.yaml +++ b/config/master/cni-metrics-helper-us-gov-west-1.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -69,5 +69,5 @@ spec: - name: USE_PROMETHEUS value: "false" name: cni-metrics-helper - image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/cni-metrics-helper:v1.16.4" + image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/cni-metrics-helper:v1.17.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper.yaml b/config/master/cni-metrics-helper.yaml index 536265e458..68a3a2f60c 100644 --- a/config/master/cni-metrics-helper.yaml +++ b/config/master/cni-metrics-helper.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.16.4" + app.kubernetes.io/version: "v1.17.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -69,5 +69,5 @@ spec: - name: USE_PROMETHEUS value: "false" name: cni-metrics-helper - image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.16.4" + image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.17.1" serviceAccountName: cni-metrics-helper diff --git a/scripts/generate-cni-yaml.sh b/scripts/generate-cni-yaml.sh index 118adb9bf7..5671b0b576 100755 --- a/scripts/generate-cni-yaml.sh +++ b/scripts/generate-cni-yaml.sh @@ -8,8 +8,8 @@ HELM_VERSION="3.14.2" NAMESPACE="kube-system" MAKEFILEPATH=$SCRIPTPATH/../Makefile -VPC_CNI_VERSION="v1.16.4" -NODE_AGENT_VERSION="v1.0.8" +VPC_CNI_VERSION="v1.17.1" +NODE_AGENT_VERSION="v1.1.0" BUILD_DIR=$SCRIPTPATH/../build/cni-rel-yamls/$VPC_CNI_VERSION REGIONS_FILE=$SCRIPTPATH/../charts/regions.json diff --git a/scripts/run-cni-release-tests.sh b/scripts/run-cni-release-tests.sh index 804683f442..599ec96279 100755 --- a/scripts/run-cni-release-tests.sh +++ b/scripts/run-cni-release-tests.sh @@ -10,7 +10,7 @@ # NG_LABEL_KEY: nodegroup label key, default "kubernetes.io/os" # NG_LABEL_VAL: nodegroup label val, default "linux" # RUN_DEVEKS_TEST: Set this variable for tests to run on a deveks cluster -# CNI_METRICS_HELPER: cni metrics helper image tag, default "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.16.4" +# CNI_METRICS_HELPER: cni metrics helper image tag, default "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.17.1" # TEST_IMAGE_REGISTRY: the registry in test-infra-* accounts where e2e test images are stored set -e @@ -37,9 +37,9 @@ function run_integration_test() { echo "cni test took $((SECONDS - START)) seconds." if [[ ! -z $PROD_IMAGE_REGISTRY ]]; then - CNI_METRICS_HELPER="$PROD_IMAGE_REGISTRY/cni-metrics-helper:v1.16.4" + CNI_METRICS_HELPER="$PROD_IMAGE_REGISTRY/cni-metrics-helper:v1.17.1" else - CNI_METRICS_HELPER="${CNI_METRICS_HELPER:=602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.16.4}" + CNI_METRICS_HELPER="${CNI_METRICS_HELPER:=602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.17.1}" fi REPO_NAME=$(echo $CNI_METRICS_HELPER | cut -d ":" -f 1)