From 525bb5f2c041ffcc89cd019724d8b9f2b34f503f Mon Sep 17 00:00:00 2001 From: eksctl-bot <53547694+eksctl-bot@users.noreply.github.com> Date: Sat, 11 Jan 2025 13:51:07 +0000 Subject: [PATCH] Update aws-node to v1.19.2 (#7899) update aws-node to v1.19.2 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> --- pkg/addons/default/assets/aws-node.yaml | 58 +++++++++++++++++++++---- pkg/addons/default/aws_node_test.go | 2 +- 2 files changed, 50 insertions(+), 10 deletions(-) diff --git a/pkg/addons/default/assets/aws-node.yaml b/pkg/addons/default/assets/aws-node.yaml index a251eb4951..e6eca3b279 100644 --- a/pkg/addons/default/assets/aws-node.yaml +++ b/pkg/addons/default/assets/aws-node.yaml @@ -16,6 +16,40 @@ spec: openAPIV3Schema: type: object x-kubernetes-preserve-unknown-fields: true + description: ENIConfig is the Schema for the eniconfigs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ENIConfigSpec defines the desired state of ENIConfig + properties: + securityGroups: + items: + type: string + type: array + subnet: + type: string + required: + - subnet + type: object + status: + description: ENIConfigStatus defines the observed state of ENIConfig + type: object names: plural: eniconfigs singular: eniconfig @@ -266,7 +300,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.18.1" + app.kubernetes.io/version: "v1.19.2" --- # Source: aws-vpc-cni/templates/configmap.yaml apiVersion: v1 @@ -278,7 +312,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.18.1" + app.kubernetes.io/version: "v1.19.2" data: enable-windows-ipam: "false" enable-network-policy-controller: "false" @@ -297,7 +331,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.18.1" + app.kubernetes.io/version: "v1.19.2" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -343,7 +377,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.18.1" + app.kubernetes.io/version: "v1.19.2" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -363,7 +397,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.18.1" + app.kubernetes.io/version: "v1.19.2" spec: updateStrategy: rollingUpdate: @@ -384,7 +418,8 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.19.2 + imagePullPolicy: Always env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -405,7 +440,7 @@ spec: {} containers: - name: aws-node - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.18.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.19.2 ports: - containerPort: 61678 name: metrics @@ -469,7 +504,7 @@ spec: - name: NETWORK_POLICY_ENFORCING_MODE value: "standard" - name: VPC_CNI_VERSION - value: "v1.18.1" + value: "v1.19.2" - name: WARM_ENI_TARGET value: "1" - name: WARM_PREFIX_TARGET @@ -504,7 +539,8 @@ spec: - mountPath: /run/xtables.lock name: xtables-lock - name: aws-eks-nodeagent - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1 + image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.6 + imagePullPolicy: Always env: - name: MY_NODE_NAME valueFrom: @@ -516,6 +552,7 @@ spec: - --enable-network-policy=false - --enable-cloudwatch-logs=false - --enable-policy-event-logs=false + - --log-file=/var/log/aws-routed-eni/network-policy-agent.log - --metrics-bind-addr=:8162 - --health-probe-bind-addr=:8163 - --conntrack-cache-cleanup-period=300 @@ -557,6 +594,7 @@ spec: - name: xtables-lock hostPath: path: /run/xtables.lock + type: FileOrCreate affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -575,3 +613,5 @@ spec: operator: NotIn values: - fargate + - hybrid + - auto diff --git a/pkg/addons/default/aws_node_test.go b/pkg/addons/default/aws_node_test.go index d7de3cd751..999d7d7a17 100644 --- a/pkg/addons/default/aws_node_test.go +++ b/pkg/addons/default/aws_node_test.go @@ -61,7 +61,7 @@ var _ = Describe("AWS Node", func() { Describe("UpdateAWSNode", func() { var preUpdateAwsNode *v1.DaemonSet - const expectedVersion = "v1.18.1" + const expectedVersion = "v1.19.2" BeforeEach(func() { loadSamples(rawClient, "testdata/sample-1.15.json")