Merge "Enable gpg renderer by default"

commit: 21cf6b7eb9c225d88db7e8c815fcbdfd292a0f40 [log] [tgz]
author: mcp-jenkins <mcp-jenkins@mirantis.com> Fri Dec 14 17:01:53 2018 +0000
committer: Gerrit Code Review <mail@domain.com> Fri Dec 14 17:01:53 2018 +0000
tree: 0831172c354bda76f678e52d6fa2fa36a46e6f65
parent: 3e338871d4d9ed955d1cdd8482d9739950a13295 [diff]
parent: bed084584e35647e6deb4e2581e82dd21b134cc6 [diff]
diff --git a/docker/swarm/stack/monitoring/sf_notifier.yml b/docker/swarm/stack/monitoring/sf_notifier.yml
index a66286a..a171ce8 100644
--- a/docker/swarm/stack/monitoring/sf_notifier.yml
+++ b/docker/swarm/stack/monitoring/sf_notifier.yml

@@ -41,4 +41,4 @@
                 SFDC_PASSWORD: "${_param:sf_notifier_sfdc_password}"
                 SFDC_ORGANIZATION_ID: "${_param:sf_notifier_sfdc_organization_id}"
                 SFDC_ENVIRONMENT_ID: "${_param:sf_notifier_sfdc_environment_id}"
-                SFDC_SANDBOX_ENABLED: ${_param:sf_notifier_sfdc_sandbox_enabled}
+                SFDC_SANDBOX_ENABLED: "${_param:sf_notifier_sfdc_sandbox_enabled}"

diff --git a/jenkins/client/job/deploy/update/kubernetes_update.yml b/jenkins/client/job/deploy/update/kubernetes_update.yml
index 4e511b1..6b94dc3 100644
--- a/jenkins/client/job/deploy/update/kubernetes_update.yml
+++ b/jenkins/client/job/deploy/update/kubernetes_update.yml

@@ -27,11 +27,11 @@
           param:
             KUBERNETES_HYPERKUBE_IMAGE:
               type: string
-              default: "${_param:kubernetes_hyperkube_repo}/hyperkube-amd64:v1.11.3-2"
+              default: "${_param:kubernetes_hyperkube_repo}/hyperkube-amd64:v1.12.3-2"
               description: "Versioned image to update control plane from. Should be null if update rolling via reclass-system level"
             KUBERNETES_PAUSE_IMAGE:
               type: string
-              default: "${_param:kubernetes_hyperkube_repo}/pause-amd64:v1.11.3-2"
+              default: "${_param:kubernetes_hyperkube_repo}/pause-amd64:v1.12.3-2"
               description: "Versioned pause image to use in deployments. Should be null if update rolling via reclass-system level"
             SALT_MASTER_URL:
               type: string

diff --git a/kubernetes/common/init.yml b/kubernetes/common/init.yml
index d015a80..e9d1a98 100644
--- a/kubernetes/common/init.yml
+++ b/kubernetes/common/init.yml

@@ -22,6 +22,7 @@
     kubernetes_ingressnginx_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes-ingress-nginx
     kubernetes_corends_etcd_operator_repo: quay.io/coreos
     kubernetes_containerd_repo: https://github.com/kubernetes-sigs/cri-tools/releases/download
+    kubernetes_openstack_provider_repo: ${_param:mcp_binary_registry}/mirantis/kubernetes/cloud-provider-openstack
 
     # component images/binaries
     kubernetes_calico_image: ${_param:kubernetes_calico_repo}/node:v3.1.3
@@ -34,9 +35,9 @@
     kubernetes_calico_cni_source_hash: md5=2f79e8f3ecb4c7d2e357333a01f781d1
     kubernetes_calico_cni_ipam_source: ${_param:kubernetes_calico_cni_repo}/calico-ipam-v3.1.3-15-20181105142706
     kubernetes_calico_cni_ipam_source_hash: md5=f70bea0c60724f56ddb9447fd8862bac
-    kubernetes_hyperkube_source: ${_param:kubernetes_hyperkube_repo}/hyperkube_v1.11.3-2_1536938897511
-    kubernetes_hyperkube_source_hash: md5=159910d99c3ccf77d1e0f7b346edaf40
-    kubernetes_pause_image: ${_param:mcp_docker_registry}/mirantis/kubernetes/pause-amd64:v1.11.3-2
+    kubernetes_hyperkube_source: ${_param:kubernetes_hyperkube_repo}/hyperkube_v1.12.3-2_1544133573591
+    kubernetes_hyperkube_source_hash: md5=fc23eaf3ba63d9ed9d141f465f584012
+    kubernetes_pause_image: ${_param:mcp_docker_registry}/mirantis/kubernetes/pause-amd64:v1.12.3-2
     kubernetes_virtlet_image: ${_param:kubernetes_virtlet_repo}/virtlet:v1.4.1
     kubernetes_criproxy_version: v0.12.0
     kubernetes_criproxy_checksum: md5=371cacd3d8568eb88425498b48a649dd
@@ -46,25 +47,25 @@
     kubernetes_dnsmasq_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-dnsmasq-amd64:1.14.5
     kubernetes_sidecar_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-sidecar-amd64:1.14.5
     kubernetes_dns_autoscaler_image: ${_param:kubernetes_kubedns_repo}/cluster-proportional-autoscaler-amd64:1.0.0
-    kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.6-2
-    kubernetes_genie_source: ${_param:kubernetes_genie_repo}/genie_v1.0-191-g9902422
-    kubernetes_genie_source_hash: md5=1f0b0434e9ba2bc3b6c7945b3dce4294
+    kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.9-3
+    kubernetes_genie_source: ${_param:kubernetes_genie_repo}/genie_v2.0-1-g209d3c4
+    kubernetes_genie_source_hash: md5=fa7a27ecbb9f800c1b705f87c64f6226
     kubernetes_flannel_image: ${_param:kubernetes_flannel_repo}/flannel:v0.10.0-amd64
     kubernetes_metallb_controller_image: ${_param:kubernetes_metallb_repo}/controller:v0.7.3-2
     kubernetes_metallb_speaker_image: ${_param:kubernetes_metallb_repo}/speaker:v0.7.3-2
     kubernetes_sriov_source: ${_param:kubernetes_sriov_repo}/sriov_v0.3-9-g3b31f1a
     kubernetes_sriov_source_hash: md5=cd9ea01e80d260218260314447c23b30
-    kubernetes_cniplugins_source: ${_param:kubernetes_cniplugins_repo}/containernetworking-plugins_v0.7.2-96-g8bc4cc0.tar.gz
-    kubernetes_cniplugins_source_hash: md5=1beef018ea8988f53356314ed020fefa
+    kubernetes_cniplugins_source: ${_param:kubernetes_cniplugins_repo}/containernetworking-plugins_v0.7.2-151-g1d23302.tar.gz
+    kubernetes_cniplugins_source_hash: md5=bb42444166a89ef6832529e9e39d000d
     kubernetes_dashboard_image: ${_param:kubernetes_dashboard_repo}/kubernetes-dashboard-amd64:v1.10.0-4
     kubernetes_telegraf_image: ${_param:mcp_docker_registry}/openstack-docker/telegraf:2018.8.0
-    kubernetes_coredns_image: ${_param:kubernetes_coredns_repo}/coredns:v1.2.2-12
-    kubernetes_ingressnginx_controller_image: ${_param:kubernetes_ingressnginx_repo}/nginx-ingress-controller-amd64:nginx-0.19.0-1
-    kubernetes_corends_etcd_operator_image: ${_param:kubernetes_corends_etcd_operator_repo}/etcd-operator:v0.9.2
+    kubernetes_coredns_image: ${_param:kubernetes_coredns_repo}/coredns:v1.2.6-4
+    kubernetes_ingressnginx_controller_image: ${_param:kubernetes_ingressnginx_repo}/nginx-ingress-controller-amd64:nginx-0.21.0-3
+    kubernetes_corends_etcd_operator_image: ${_param:kubernetes_corends_etcd_operator_repo}/etcd-operator:v0.9.3
     kubernetes_containerd_source: ${_param:kubernetes_containerd_repo}/v1.12.0/crictl-v1.12.0-linux-amd64.tar.gz
     kubernetes_containerd_source_hash: md5=ff60b9ddfa5617f7ed14b3f3b6a60056
     # images for formula compatibility
-    kubernetes_hyperkube_image: ${_param:mcp_docker_registry}/mirantis/kubernetes/hyperkube-amd64:v1.11.3-2
+    kubernetes_hyperkube_image: ${_param:mcp_docker_registry}/mirantis/kubernetes/hyperkube-amd64:v1.12.3-2
     kubernetes_calico_cni_image: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico/cni:v3.1.3
     kubernetes_calico_calicoctl_image: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico/ctl:v3.1.3
     kubernetes_containerd_package: containerd.io=1.2.0-1
@@ -111,6 +112,25 @@
     kubernetes_telegraf_agent_quiet: false
     kubernetes_telegraf_agent_omit_hostname: false
 
+    # Cloud providers parameters
+
+    kubernetes_cloudprovider_enabled: false
+    kubernetes_cloudprovider_type: openstack
+
+    # OpenStack cloud provider
+
+    kubernetes_openstack_provider_binary: ${_param:kubernetes_openstack_provider_repo}/openstack-cloud-controller-manager_v0.3.0-1_1543239267245
+    kubernetes_openstack_provider_binary_hash: md5=0d85b5877e9872690390f5b87e45efba
+    kubernetes_openstack_provider_cloud_user: admin
+    kubernetes_openstack_provider_cloud_password: secret
+    kubernetes_openstack_provider_cloud_auth_url: http://127.0.0.1:5000/v3
+    kubernetes_openstack_provider_cloud_tenant_id: tenant_id
+    kubernetes_openstack_provider_cloud_domain_id: default
+    kubernetes_openstack_provider_cloud_region: RegionOne
+    kubernetes_openstack_provider_lbaas_subnet_id: subnet_id
+    kubernetes_openstack_provider_floating_net_id: floating_net_id
+
+
   linux:
     system:
       kernel:
@@ -134,6 +154,20 @@
         plugins:
           source: ${_param:kubernetes_cniplugins_source}
           hash: ${_param:kubernetes_cniplugins_source_hash}
+      cloudprovider:
+        enabled: ${_param:kubernetes_cloudprovider_enabled}
+        provider: ${_param:kubernetes_cloudprovider_type}
+        params:
+          binary: ${_param:kubernetes_openstack_provider_binary}
+          binary_hash: ${_param:kubernetes_openstack_provider_binary_hash}
+          username: ${_param:kubernetes_openstack_provider_cloud_user}
+          password: ${_param:kubernetes_openstack_provider_cloud_password}
+          auth_url: ${_param:kubernetes_openstack_provider_cloud_auth_url}
+          tenant_id: ${_param:kubernetes_openstack_provider_cloud_tenant_id}
+          domain_id: ${_param:kubernetes_openstack_provider_cloud_domain_id}
+          region: ${_param:kubernetes_openstack_provider_cloud_region}
+          subnet_id: ${_param:kubernetes_openstack_provider_lbaas_subnet_id}
+          floating_net_id: ${_param:kubernetes_openstack_provider_floating_net_id}
       addons:
         dashboard:
           enabled: ${_param:kubernetes_dashboard_enabled}

diff --git a/salt/minion/cert/k8s_client.yml b/salt/minion/cert/k8s_client.yml
index 5f065d5..ff7dabf 100644
--- a/salt/minion/cert/k8s_client.yml
+++ b/salt/minion/cert/k8s_client.yml

@@ -12,6 +12,16 @@
           organization_name: system:nodes
           signing_policy: cert_client
           alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_control_node01_address},IP:${_param:kubernetes_control_node02_address},IP:${_param:kubernetes_control_node03_address},IP:${_param:kubernetes_internal_api_address}
+        k8s_client_fqdn:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          key_file: /etc/kubernetes/ssl/kubelet-client-fqdn.key
+          cert_file: /etc/kubernetes/ssl/kubelet-client-fqdn.crt
+          ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+          common_name: system:node:${linux:system:name}.${_param:cluster_domain}
+          organization_name: system:nodes
+          signing_policy: cert_client
+          alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_control_node01_address},IP:${_param:kubernetes_control_node02_address},IP:${_param:kubernetes_control_node03_address},IP:${_param:kubernetes_internal_api_address}
         k8s_proxy:
           host: ${_param:salt_minion_ca_host}
           authority: ${_param:salt_minion_ca_authority}

diff --git a/salt/minion/cert/k8s_client_single.yml b/salt/minion/cert/k8s_client_single.yml
index a4302a3..a2f3d89 100644
--- a/salt/minion/cert/k8s_client_single.yml
+++ b/salt/minion/cert/k8s_client_single.yml

@@ -12,6 +12,16 @@
           organization_name: system:nodes
           signing_policy: cert_client
           alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_internal_api_address}
+        k8s_client_fqdn:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          key_file: /etc/kubernetes/ssl/kubelet-client-fqdn.key
+          cert_file: /etc/kubernetes/ssl/kubelet-client-fqdn.crt
+          ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+          common_name: system:node:${linux:system:name}.${_param:cluster_domain}
+          organization_name: system:nodes
+          signing_policy: cert_client
+          alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_internal_api_address}
         k8s_proxy:
           host: ${_param:salt_minion_ca_host}
           authority: ${_param:salt_minion_ca_authority}
commit	21cf6b7eb9c225d88db7e8c815fcbdfd292a0f40	[log] [tgz]
author	mcp-jenkins <mcp-jenkins@mirantis.com>	Fri Dec 14 17:01:53 2018 +0000
committer	Gerrit Code Review <mail@domain.com>	Fri Dec 14 17:01:53 2018 +0000
tree	0831172c354bda76f678e52d6fa2fa36a46e6f65
parent	3e338871d4d9ed955d1cdd8482d9739950a13295 [diff]
parent	bed084584e35647e6deb4e2581e82dd21b134cc6 [diff]