update armada-helm-toolkit for k8s 1.22.5

helm-toolkit's resources need to be updated
to use the new apiVersion and changes
proposed in:
https://kubernetes.io/docs/reference/using-api/deprecation-guide

This commit addresses just the changes needed for running
the armada chart.
It was deployed successfully on k8s 1.22.5.

Story: 2009888
Task: 44649
Change-Id: If38f62d178412f8a0974ec0af8ff2475800876be
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
This commit is contained in:
Daniel Safta 2022-02-24 06:36:43 -05:00
parent acdd869a58
commit a56f50126b
3 changed files with 276 additions and 0 deletions

View File

@ -20,6 +20,8 @@ Patch01: 0001-Allow-multiple-containers-per-daemonset-pod.patch
Patch02: 0002-Add-imagePullSecrets-in-service-account.patch Patch02: 0002-Add-imagePullSecrets-in-service-account.patch
Patch04: 0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch Patch04: 0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
Patch06: 0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch Patch06: 0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
Patch07: 0007-Update-apiVersion-to-networking.k8s.io.patch
Patch08: 0008-Update-apiVersion-authorization-to-v1.patch
BuildRequires: helm BuildRequires: helm
BuildRequires: chartmuseum BuildRequires: chartmuseum
@ -33,6 +35,8 @@ Openstack Helm Infra helm-toolkit chart
%patch02 -p1 %patch02 -p1
%patch04 -p1 %patch04 -p1
%patch06 -p1 %patch06 -p1
%patch07 -p1
%patch08 -p1
%build %build

View File

@ -0,0 +1,219 @@
From 751dff849dfcd9d68ba065571dc8251dbfc16cb2 Mon Sep 17 00:00:00 2001
From: Daniel Safta <daniel.safta@windriver.com>
Date: Wed, 2 Feb 2022 12:07:18 +0000
Subject: [PATCH 1/2] Update apiVersion to networking.k8s.io/v1
These are the changes needed to upgrade
the apiVersion in the resources used by armada.
This is a subset of the upstream commit:
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
---
helm-toolkit/templates/manifests/_ingress.tpl | 75 +++++++++++++------
ingress/templates/ingress.yaml | 14 +++-
2 files changed, 62 insertions(+), 27 deletions(-)
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
index f0c37fd..5c54c34 100644
--- a/helm-toolkit/templates/manifests/_ingress.tpl
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
@@ -64,7 +64,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
return: |
---
- apiVersion: extensions/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -78,25 +78,34 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
---
- apiVersion: extensions/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican-namespace-fqdn
@@ -114,11 +123,14 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
---
- apiVersion: extensions/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican-cluster-fqdn
@@ -136,9 +148,12 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- values: |
network:
api:
@@ -184,7 +199,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
return: |
---
- apiVersion: extensions/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -204,23 +219,32 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
*/}}
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
@@ -231,9 +255,12 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: {{ $backendName }}
- servicePort: {{ $backendPort }}
+ service:
+ name: {{ $backendName }}
+ port:
+ name: {{ $backendPort }}
{{- end }}
{{- define "helm-toolkit.manifests.ingress" -}}
@@ -247,7 +274,7 @@ examples:
{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $ingressName }}
@@ -282,7 +309,7 @@ spec:
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
index 16ebaab..10ffac7 100644
--- a/ingress/templates/ingress.yaml
+++ b/ingress/templates/ingress.yaml
@@ -21,7 +21,7 @@ limitations under the License.
{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
{{- end -}}
---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Namespace }}-{{ .Release.Name }}
@@ -33,8 +33,16 @@ spec:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ service:
+ name: {{ $serviceName }}
+ port:
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
+ number: {{ $servicePort | int }}
+{{- else }}
+ name: {{ $servicePort | quote }}
+{{- end }}
+
{{- end }}
{{- end }}
--
2.31.1

View File

@ -0,0 +1,53 @@
From d5d3e40baedaba10335bc2f0ea801e9118e05d1c Mon Sep 17 00:00:00 2001
From: Daniel Safta <daniel.safta@windriver.com>
Date: Wed, 2 Feb 2022 12:07:51 +0000
Subject: [PATCH 2/2] Update apiVersion authorization to v1
These are the changes needed to upgrade
the apiVersion in the resources used by armada.
This is a subset of the upstream commit:
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
---
.../templates/snippets/_kubernetes_pod_rbac_roles.tpl | 4 ++--
podsecuritypolicy/templates/podsecuritypolicy.yaml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
index f9f48ef..44a31fd 100644
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
@@ -21,7 +21,7 @@ limitations under the License.
{{- $saNamespace := index . 3 -}}
{{- $releaseName := $envAll.Release.Name }}
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ $releaseName }}-{{ $saName }}
@@ -35,7 +35,7 @@ subjects:
name: {{ $saName }}
namespace: {{ $saNamespace }}
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
diff --git a/podsecuritypolicy/templates/podsecuritypolicy.yaml b/podsecuritypolicy/templates/podsecuritypolicy.yaml
index 741c9a8..9e22c6e 100644
--- a/podsecuritypolicy/templates/podsecuritypolicy.yaml
+++ b/podsecuritypolicy/templates/podsecuritypolicy.yaml
@@ -20,7 +20,7 @@ limitations under the License.
{{/* Create one ClusterRole and PSP per PSP definition in values */}}
{{- range $pspName, $pspDetails := .Values.data }}
---
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: {{ $pspName }}
--
2.31.1