From cd2d46a2ae4bf140c5f15a97d729090857d87dbb Mon Sep 17 00:00:00 2001
From: Sebastiaan van Steenis <mail@superseb.nl>
Date: Mon, 24 Jun 2019 22:52:22 +0200
Subject: [PATCH] Base copy for 1.15.0

---
 apis/management.cattle.io/v3/k8s_defaults.go  | 39 +++++++++++++++++++
 .../v3/k8s_windows_default.go                 | 15 +++++++
 2 files changed, 54 insertions(+)

diff --git a/apis/management.cattle.io/v3/k8s_defaults.go b/apis/management.cattle.io/v3/k8s_defaults.go
index dec238b0..58f00491 100644
--- a/apis/management.cattle.io/v3/k8s_defaults.go
+++ b/apis/management.cattle.io/v3/k8s_defaults.go
@@ -30,6 +30,7 @@ var (
 		"v1.12.9-rancher1-1",
 		"v1.13.7-rancher1-1",
 		"v1.14.3-rancher1-1",
+		"v1.15.0-rancher1-1",
 	}
 
 	// K8sVersionToRKESystemImages is dynamically populated on init() with the latest versions
@@ -37,6 +38,15 @@ var (
 
 	// K8sVersionServiceOptions - service options per k8s version
 	K8sVersionServiceOptions = map[string]KubernetesServicesOptions{
+		"v1.15": {
+			KubeAPI: map[string]string{
+				"tls-cipher-suites":        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+				"enable-admission-plugins": "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota",
+			},
+			Kubelet: map[string]string{
+				"tls-cipher-suites": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+			},
+		},
 		"v1.14": {
 			KubeAPI: map[string]string{
 				"tls-cipher-suites":        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
@@ -1229,6 +1239,35 @@ var (
 			CoreDNS:                   m("coredns/coredns:1.3.1"),
 			CoreDNSAutoscaler:         m("gcr.io/google_containers/cluster-proportional-autoscaler:1.3.0"),
 		},
+		// Experimental in Rancher v2.2.5
+		"v1.15.0-rancher1-1": {
+			Etcd:                      m("quay.io/coreos/etcd:v3.3.10-rancher1"),
+			Kubernetes:                m("rancher/hyperkube:v1.14.3-rancher1"),
+			Alpine:                    m("rancher/rke-tools:v0.1.32"),
+			NginxProxy:                m("rancher/rke-tools:v0.1.32"),
+			CertDownloader:            m("rancher/rke-tools:v0.1.32"),
+			KubernetesServicesSidecar: m("rancher/rke-tools:v0.1.32"),
+			KubeDNS:                   m("gcr.io/google_containers/k8s-dns-kube-dns:1.15.0"),
+			DNSmasq:                   m("gcr.io/google_containers/k8s-dns-dnsmasq-nanny:1.15.0"),
+			KubeDNSSidecar:            m("gcr.io/google_containers/k8s-dns-sidecar:1.15.0"),
+			KubeDNSAutoscaler:         m("gcr.io/google_containers/cluster-proportional-autoscaler:1.3.0"),
+			Flannel:                   m("quay.io/coreos/flannel:v0.10.0-rancher1"),
+			FlannelCNI:                m("rancher/flannel-cni:v0.3.0-rancher1"),
+			CalicoNode:                m("quay.io/calico/node:v3.4.0"),
+			CalicoCNI:                 m("quay.io/calico/cni:v3.4.0"),
+			CalicoCtl:                 m("quay.io/calico/ctl:v2.0.0"),
+			CanalNode:                 m("quay.io/calico/node:v3.4.0"),
+			CanalCNI:                  m("quay.io/calico/cni:v3.4.0"),
+			CanalFlannel:              m("quay.io/coreos/flannel:v0.10.0"),
+			WeaveNode:                 m("weaveworks/weave-kube:2.5.0"),
+			WeaveCNI:                  m("weaveworks/weave-npc:2.5.0"),
+			PodInfraContainer:         m("gcr.io/google_containers/pause:3.1"),
+			Ingress:                   m("rancher/nginx-ingress-controller:0.21.0-rancher3"),
+			IngressBackend:            m("k8s.gcr.io/defaultbackend:1.5-rancher1"),
+			MetricsServer:             m("gcr.io/google_containers/metrics-server:v0.3.1"),
+			CoreDNS:                   m("coredns/coredns:1.3.1"),
+			CoreDNSAutoscaler:         m("gcr.io/google_containers/cluster-proportional-autoscaler:1.3.0"),
+		},
 		// k8s version from 2.1.x release with old rke-tools to allow upgrade from 2.1.x clusters
 		// without all clusters being restarted
 		"v1.12.5-rancher1-1": {
diff --git a/apis/management.cattle.io/v3/k8s_windows_default.go b/apis/management.cattle.io/v3/k8s_windows_default.go
index d9c8d212..07619b98 100644
--- a/apis/management.cattle.io/v3/k8s_windows_default.go
+++ b/apis/management.cattle.io/v3/k8s_windows_default.go
@@ -59,6 +59,15 @@ var (
 				"resolv-conf":              "",
 			},
 		},
+		"v1.15": {
+			Kubelet: map[string]string{
+				"tls-cipher-suites":        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+				"feature-gates":            "HyperVContainer=true",
+				"cgroups-per-qos":          "false",
+				"enforce-node-allocatable": "",
+				"resolv-conf":              "",
+			},
+		},
 	}
 
 	// AllK8sWindowsVersions - images map for 2.0
@@ -354,6 +363,12 @@ var (
 			CanalCNIBinaries:   m("rancher/canal-cni:v0.0.1-nanoserver-1803"),
 			KubeletPause:       m("rancher/kubelet-pause:v0.0.1-nanoserver-1803"),
 		},
+		"v1.15.0-rancher1-1": {
+			// NginxProxy image is replaced by host running nginx, fixed rancher#16074
+			KubernetesBinaries: m("rancher/hyperkube:v1.14.3-rancher1"),
+			FlannelCNIBinaries: m("rancher/flannel-cni:v0.3.0-rancher4"),
+			KubeletPause:       m("rancher/kubelet-pause:v0.1.2"),
+		},
 	}
 )