diff --git a/vendor.conf b/vendor.conf index b3ae11bb..a224d73e 100644 --- a/vendor.conf +++ b/vendor.conf @@ -30,4 +30,4 @@ github.com/mattn/go-colorable efa589957cd060542a26d2dd7832fd6a6c6c3ad github.com/mattn/go-isatty 6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c github.com/rancher/norman f5744043a6fb81330ee78e4f7a0f04d0ef65c9f1 github.com/rancher/types 7aea84d5544dffdb64113928c30ec7e9289ebc4a -github.com/rancher/kontainer-driver-metadata 4e7226c262fbd7681ef4f09c99cfd8000319b7ad +github.com/rancher/kontainer-driver-metadata 61e8486d2c4ce257e43a0b884447db2d16320ea1 diff --git a/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_rke_system_images.go b/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_rke_system_images.go index c3efb6b9..ba3cb8eb 100644 --- a/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_rke_system_images.go +++ b/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_rke_system_images.go @@ -918,10 +918,10 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages { "v1.13.8-rancher1-1": { Etcd: m("quay.io/coreos/etcd:v3.2.24-rancher1"), Kubernetes: m("rancher/hyperkube:v1.13.8-rancher1"), - Alpine: m("rancher/rke-tools:v0.1.35"), - NginxProxy: m("rancher/rke-tools:v0.1.35"), - CertDownloader: m("rancher/rke-tools:v0.1.35"), - KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.35"), + Alpine: m("rancher/rke-tools:v0.1.37"), + NginxProxy: m("rancher/rke-tools:v0.1.37"), + CertDownloader: m("rancher/rke-tools:v0.1.37"), + KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.37"), KubeDNS: m("gcr.io/google_containers/k8s-dns-kube-dns:1.15.0"), DNSmasq: m("gcr.io/google_containers/k8s-dns-dnsmasq-nanny:1.15.0"), KubeDNSSidecar: m("gcr.io/google_containers/k8s-dns-sidecar:1.15.0"), @@ -1032,10 +1032,10 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages { "v1.14.4-rancher1-1": { Etcd: m("quay.io/coreos/etcd:v3.3.10-rancher1"), Kubernetes: m("rancher/hyperkube:v1.14.4-rancher1"), - Alpine: m("rancher/rke-tools:v0.1.35"), - NginxProxy: m("rancher/rke-tools:v0.1.35"), - CertDownloader: m("rancher/rke-tools:v0.1.35"), - KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.35"), + Alpine: m("rancher/rke-tools:v0.1.37"), + NginxProxy: m("rancher/rke-tools:v0.1.37"), + CertDownloader: m("rancher/rke-tools:v0.1.37"), + KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.37"), KubeDNS: m("gcr.io/google_containers/k8s-dns-kube-dns:1.15.0"), DNSmasq: m("gcr.io/google_containers/k8s-dns-dnsmasq-nanny:1.15.0"), KubeDNSSidecar: m("gcr.io/google_containers/k8s-dns-sidecar:1.15.0"), @@ -1090,10 +1090,10 @@ func loadK8sRKESystemImages() map[string]v3.RKESystemImages { "v1.15.0-rancher1-2": { Etcd: m("quay.io/coreos/etcd:v3.3.10-rancher1"), Kubernetes: m("rancher/hyperkube:v1.15.0-rancher1"), - Alpine: m("rancher/rke-tools:v0.1.35"), - NginxProxy: m("rancher/rke-tools:v0.1.35"), - CertDownloader: m("rancher/rke-tools:v0.1.35"), - KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.35"), + Alpine: m("rancher/rke-tools:v0.1.37"), + NginxProxy: m("rancher/rke-tools:v0.1.37"), + CertDownloader: m("rancher/rke-tools:v0.1.37"), + KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.37"), KubeDNS: m("gcr.io/google_containers/k8s-dns-kube-dns:1.15.0"), DNSmasq: m("gcr.io/google_containers/k8s-dns-dnsmasq-nanny:1.15.0"), KubeDNSSidecar: m("gcr.io/google_containers/k8s-dns-sidecar:1.15.0"), diff --git a/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_service_options.go b/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_service_options.go index b1d9cde3..4ae40e20 100644 --- a/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_service_options.go +++ b/vendor/github.com/rancher/kontainer-driver-metadata/rke/k8s_service_options.go @@ -2,7 +2,8 @@ package rke import ( "fmt" - "github.com/rancher/types/apis/management.cattle.io/v3" + + v3 "github.com/rancher/types/apis/management.cattle.io/v3" ) const ( @@ -12,6 +13,14 @@ const ( func loadK8sVersionServiceOptions() map[string]v3.KubernetesServicesOptions { return map[string]v3.KubernetesServicesOptions{ + + "v1.15.0-rancher1-2": { + KubeAPI: getKubeAPIOptions115WithAuthAPI(), + Kubelet: getKubeletOptions115WithAuthWebhook(), + KubeController: getKubeControllerOptions(), + Kubeproxy: getKubeProxyOptions(), + Scheduler: getSchedulerOptions(), + }, "v1.15": { KubeAPI: getKubeAPIOptions115(), Kubelet: getKubeletOptions115(), @@ -26,6 +35,13 @@ func loadK8sVersionServiceOptions() map[string]v3.KubernetesServicesOptions { Kubeproxy: getKubeProxyOptions(), Scheduler: getSchedulerOptions(), }, + "v1.14.4-rancher1-1": { + KubeAPI: getKubeAPIOptions114WithAuthAPI(), + Kubelet: getKubeletOptions114WithAuthWebhook(), + KubeController: getKubeControllerOptions(), + Kubeproxy: getKubeProxyOptions(), + Scheduler: getSchedulerOptions(), + }, "v1.13": { KubeAPI: getKubeAPIOptions(), Kubelet: getKubeletOptions(), @@ -33,6 +49,13 @@ func loadK8sVersionServiceOptions() map[string]v3.KubernetesServicesOptions { Kubeproxy: getKubeProxyOptions(), Scheduler: getSchedulerOptions(), }, + "v1.13.8-rancher1-1": { + KubeAPI: getKubeAPIOptions113WithAuthAPI(), + Kubelet: getKubeletOptions113WithAuthWebhook(), + KubeController: getKubeControllerOptions(), + Kubeproxy: getKubeProxyOptions(), + Scheduler: getSchedulerOptions(), + }, "v1.12": { KubeAPI: getKubeAPIOptions(), Kubelet: getKubeletOptions(), @@ -90,18 +113,37 @@ func getKubeAPIOptions19() map[string]string { return kubeAPIOptions } +func getKubeAPIOptions113WithAuthAPI() map[string]string { + kubeAPIOptions := getKubeAPIOptions() + kubeAPIOptions["runtime-config"] = "authorization.k8s.io/v1beta1=true" + return kubeAPIOptions +} + func getKubeAPIOptions114() map[string]string { kubeAPIOptions := getKubeAPIOptions() kubeAPIOptions["enable-admission-plugins"] = fmt.Sprintf("%s,%s", enableAdmissionPlugins, "Priority") return kubeAPIOptions } +func getKubeAPIOptions114WithAuthAPI() map[string]string { + kubeAPIOptions := getKubeAPIOptions() + kubeAPIOptions["enable-admission-plugins"] = fmt.Sprintf("%s,%s", enableAdmissionPlugins, "Priority") + kubeAPIOptions["runtime-config"] = "authorization.k8s.io/v1beta1=true" + return kubeAPIOptions +} + func getKubeAPIOptions115() map[string]string { kubeAPIOptions := getKubeAPIOptions114() kubeAPIOptions["enable-admission-plugins"] = fmt.Sprintf("%s,%s", kubeAPIOptions["enable-admission-plugins"], "TaintNodesByCondition,PersistentVolumeClaimResize") return kubeAPIOptions } +func getKubeAPIOptions115WithAuthAPI() map[string]string { + kubeAPIOptions := getKubeAPIOptions115() + kubeAPIOptions["runtime-config"] = "authorization.k8s.io/v1beta1=true" + return kubeAPIOptions +} + func getKubeletOptions() map[string]string { return map[string]string{ "tls-cipher-suites": tlsCipherSuites, @@ -130,6 +172,24 @@ func getKubeletOptions115() map[string]string { return kubeletOptions } +func getKubeletOptions115WithAuthWebhook() map[string]string { + kubeletOptions := getKubeletOptions115() + kubeletOptions["authorization-mode"] = "Webhook" + return kubeletOptions +} + +func getKubeletOptions114WithAuthWebhook() map[string]string { + kubeletOptions := getKubeletOptions() + kubeletOptions["authorization-mode"] = "Webhook" + return kubeletOptions +} + +func getKubeletOptions113WithAuthWebhook() map[string]string { + kubeletOptions := getKubeletOptions() + kubeletOptions["authorization-mode"] = "Webhook" + return kubeletOptions +} + func getKubeControllerOptions() map[string]string { return map[string]string{ "address": "0.0.0.0",