nixos/kubernetes: Module and test compatibility with kubernetes 1.16

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
This commit is contained in:
Sascha Grunert 2019-11-15 05:58:35 +01:00
parent 5dad4bdd6f
commit 7f358a5f3b
No known key found for this signature in database
GPG key ID: 8CE029DD1A866E52
6 changed files with 24 additions and 9 deletions

View file

@ -71,7 +71,11 @@
<itemizedlist>
<listitem>
<para />
<para>
The kubernetes kube-proxy now supports a new hostname configuration
<literal>services.kubernetes.proxy.hostname</literal> which has to
be set if the hostname of the node should be non default.
</para>
</listitem>
</itemizedlist>

View file

@ -3,7 +3,7 @@
with lib;
let
version = "1.5.0";
version = "1.6.4";
cfg = config.services.kubernetes.addons.dns;
ports = {
dns = 10053;
@ -55,9 +55,9 @@ in {
type = types.attrs;
default = {
imageName = "coredns/coredns";
imageDigest = "sha256:e83beb5e43f8513fa735e77ffc5859640baea30a882a11cc75c4c3244a737d3c";
imageDigest = "sha256:493ee88e1a92abebac67cbd4b5658b4730e0f33512461442d8d9214ea6734a9b";
finalImageTag = version;
sha256 = "15sbmhrxjxidj0j0cccn1qxpg6al175w43m6ngspl0mc132zqc9q";
sha256 = "0fm9zdjavpf5hni8g7fkdd3csjbhd7n7py7llxjc66sbii087028";
};
};
};
@ -68,7 +68,7 @@ in {
services.kubernetes.addonManager.bootstrapAddons = {
coredns-cr = {
apiVersion = "rbac.authorization.k8s.io/v1beta1";
apiVersion = "rbac.authorization.k8s.io/v1";
kind = "ClusterRole";
metadata = {
labels = {
@ -94,7 +94,7 @@ in {
};
coredns-crb = {
apiVersion = "rbac.authorization.k8s.io/v1beta1";
apiVersion = "rbac.authorization.k8s.io/v1";
kind = "ClusterRoleBinding";
metadata = {
annotations = {
@ -170,7 +170,7 @@ in {
};
coredns-deploy = {
apiVersion = "extensions/v1beta1";
apiVersion = "apps/v1";
kind = "Deployment";
metadata = {
labels = {

View file

@ -40,6 +40,7 @@ in
cni.config = mkDefault [{
name = "mynet";
type = "flannel";
cniVersion = "0.3.1";
delegate = {
isDefaultGateway = true;
bridge = "docker0";

View file

@ -92,7 +92,7 @@ in
default = [];
example = literalExample ''
[{
"cniVersion": "0.2.0",
"cniVersion": "0.3.1",
"name": "mynet",
"type": "bridge",
"bridge": "cni0",
@ -106,7 +106,7 @@ in
]
}
} {
"cniVersion": "0.2.0",
"cniVersion": "0.3.1",
"type": "loopback"
}]
'';

View file

@ -31,6 +31,12 @@ in
type = listOf str;
};
hostname = mkOption {
description = "Kubernetes proxy hostname override.";
default = config.networking.hostName;
type = str;
};
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes proxy";
verbosity = mkOption {
@ -59,6 +65,7 @@ in
"--cluster-cidr=${top.clusterCidr}"} \
${optionalString (cfg.featureGates != [])
"--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \
--hostname-override=${cfg.hostname} \
--kubeconfig=${top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \
${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
${cfg.extraOpts}
@ -69,6 +76,8 @@ in
};
};
services.kubernetes.proxy.hostname = with config.networking; mkDefault hostName;
services.kubernetes.pki.certs = {
kubeProxyClient = top.lib.mkCert {
name = "kube-proxy-client";

View file

@ -53,6 +53,7 @@ let
services.flannel.iface = "eth1";
services.kubernetes = {
addons.dashboard.enable = true;
proxy.hostname = "${masterName}.${domain}";
easyCerts = true;
inherit (machine) roles;