Skip to content

Commit 1b19804

Browse files
eksctl-botmichaelbeaumont
eksctl-bot
and
michaelbeaumont
authored
Update aws-node to v1.21.1 (#8541)
update aws-node to v1.21.1 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com>
1 parent 1299424 commit 1b19804

2 files changed

Lines changed: 68 additions & 48 deletions

File tree

pkg/addons/default/assets/aws-node.yaml

Lines changed: 67 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -78,14 +78,19 @@ spec:
7878
description: PolicyEndpoint is the Schema for the policyendpoints API
7979
properties:
8080
apiVersion:
81-
description: 'APIVersion defines the versioned schema of this representation
82-
of an object. Servers should convert recognized schemas to the latest
83-
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
81+
description: |-
82+
APIVersion defines the versioned schema of this representation of an object.
83+
Servers should convert recognized schemas to the latest internal value, and
84+
may reject unrecognized values.
85+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
8486
type: string
8587
kind:
86-
description: 'Kind is a string value representing the REST resource this
87-
object represents. Servers may infer this from the endpoint the client
88-
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
88+
description: |-
89+
Kind is a string value representing the REST resource this object represents.
90+
Servers may infer this from the endpoint the client submits requests to.
91+
Cannot be updated.
92+
In CamelCase.
93+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
8994
type: string
9095
metadata:
9196
type: object
@@ -102,6 +107,12 @@ spec:
102107
cidr:
103108
description: CIDR is the network address(s) of the endpoint
104109
type: string
110+
domainName:
111+
description: |-
112+
DomainName is the FQDN for the endpoint (mutually exclusive with CIDR, egress-only)
113+
Note: This field should only be used in egress rules, not ingress
114+
pattern: ^(\*\.)?([a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.)+[a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.?$
115+
type: string
105116
except:
106117
description: Except is the exceptions to the CIDR ranges mentioned
107118
above.
@@ -115,9 +126,9 @@ spec:
115126
port/protocol
116127
properties:
117128
endPort:
118-
description: Endport specifies the port range port to
119-
endPort port must be defined and an integer, endPort
120-
> port
129+
description: |-
130+
Endport specifies the port range port to endPort
131+
port must be defined and an integer, endPort > port
121132
format: int32
122133
type: integer
123134
port:
@@ -132,8 +143,6 @@ spec:
132143
type: string
133144
type: object
134145
type: array
135-
required:
136-
- cidr
137146
type: object
138147
type: array
139148
ingress:
@@ -146,6 +155,12 @@ spec:
146155
cidr:
147156
description: CIDR is the network address(s) of the endpoint
148157
type: string
158+
domainName:
159+
description: |-
160+
DomainName is the FQDN for the endpoint (mutually exclusive with CIDR, egress-only)
161+
Note: This field should only be used in egress rules, not ingress
162+
pattern: ^(\*\.)?([a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.)+[a-zA-z0-9]([-a-zA-Z0-9_]*[a-zA-Z0-9])?\.?$
163+
type: string
149164
except:
150165
description: Except is the exceptions to the CIDR ranges mentioned
151166
above.
@@ -159,9 +174,9 @@ spec:
159174
port/protocol
160175
properties:
161176
endPort:
162-
description: Endport specifies the port range port to
163-
endPort port must be defined and an integer, endPort
164-
> port
177+
description: |-
178+
Endport specifies the port range port to endPort
179+
port must be defined and an integer, endPort > port
165180
format: int32
166181
type: integer
167182
port:
@@ -176,18 +191,17 @@ spec:
176191
type: string
177192
type: object
178193
type: array
179-
required:
180-
- cidr
181194
type: object
182195
type: array
183196
podIsolation:
184-
description: PodIsolation specifies whether the pod needs to be isolated
185-
for a particular traffic direction Ingress or Egress, or both. If
186-
default isolation is not specified, and there are no ingress/egress
187-
rules, then the pod is not isolated from the point of view of this
188-
policy. This follows the NetworkPolicy spec.PolicyTypes.
197+
description: |-
198+
PodIsolation specifies whether the pod needs to be isolated for a
199+
particular traffic direction Ingress or Egress, or both. If default isolation is not
200+
specified, and there are no ingress/egress rules, then the pod is not isolated
201+
from the point of view of this policy. This follows the NetworkPolicy spec.PolicyTypes.
189202
items:
190-
description: PolicyType string describes the NetworkPolicy type
203+
description: |-
204+
PolicyType string describes the NetworkPolicy type
191205
This type is beta-level in 1.8
192206
type: string
193207
type: array
@@ -198,46 +212,48 @@ spec:
198212
description: matchExpressions is a list of label selector requirements.
199213
The requirements are ANDed.
200214
items:
201-
description: A label selector requirement is a selector that
202-
contains values, a key, and an operator that relates the key
203-
and values.
215+
description: |-
216+
A label selector requirement is a selector that contains values, a key, and an operator that
217+
relates the key and values.
204218
properties:
205219
key:
206220
description: key is the label key that the selector applies
207221
to.
208222
type: string
209223
operator:
210-
description: operator represents a key's relationship to
211-
a set of values. Valid operators are In, NotIn, Exists
212-
and DoesNotExist.
224+
description: |-
225+
operator represents a key's relationship to a set of values.
226+
Valid operators are In, NotIn, Exists and DoesNotExist.
213227
type: string
214228
values:
215-
description: values is an array of string values. If the
216-
operator is In or NotIn, the values array must be non-empty.
217-
If the operator is Exists or DoesNotExist, the values
218-
array must be empty. This array is replaced during a strategic
229+
description: |-
230+
values is an array of string values. If the operator is In or NotIn,
231+
the values array must be non-empty. If the operator is Exists or DoesNotExist,
232+
the values array must be empty. This array is replaced during a strategic
219233
merge patch.
220234
items:
221235
type: string
222236
type: array
237+
x-kubernetes-list-type: atomic
223238
required:
224239
- key
225240
- operator
226241
type: object
227242
type: array
243+
x-kubernetes-list-type: atomic
228244
matchLabels:
229245
additionalProperties:
230246
type: string
231-
description: matchLabels is a map of {key,value} pairs. A single
232-
{key,value} in the matchLabels map is equivalent to an element
233-
of matchExpressions, whose key field is "key", the operator
234-
is "In", and the values array contains only "value". The requirements
235-
are ANDed.
247+
description: |-
248+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
249+
map is equivalent to an element of matchExpressions, whose key field is "key", the
250+
operator is "In", and the values array contains only "value". The requirements are ANDed.
236251
type: object
237252
type: object
238253
x-kubernetes-map-type: atomic
239254
podSelectorEndpoints:
240-
description: PodSelectorEndpoints contains information about the pods
255+
description: |-
256+
PodSelectorEndpoints contains information about the pods
241257
matching the podSelector
242258
items:
243259
description: PodEndpoint defines the summary information for the
@@ -300,7 +316,7 @@ metadata:
300316
app.kubernetes.io/name: aws-node
301317
app.kubernetes.io/instance: aws-vpc-cni
302318
k8s-app: aws-node
303-
app.kubernetes.io/version: "v1.20.3"
319+
app.kubernetes.io/version: "v1.21.1"
304320
---
305321
# Source: aws-vpc-cni/templates/configmap.yaml
306322
apiVersion: v1
@@ -312,7 +328,7 @@ metadata:
312328
app.kubernetes.io/name: aws-node
313329
app.kubernetes.io/instance: aws-vpc-cni
314330
k8s-app: aws-node
315-
app.kubernetes.io/version: "v1.20.3"
331+
app.kubernetes.io/version: "v1.21.1"
316332
data:
317333
enable-windows-ipam: "false"
318334
enable-network-policy-controller: "false"
@@ -331,7 +347,7 @@ metadata:
331347
app.kubernetes.io/name: aws-node
332348
app.kubernetes.io/instance: aws-vpc-cni
333349
k8s-app: aws-node
334-
app.kubernetes.io/version: "v1.20.3"
350+
app.kubernetes.io/version: "v1.21.1"
335351
rules:
336352
- apiGroups:
337353
- crd.k8s.amazonaws.com
@@ -357,16 +373,20 @@ rules:
357373
- apiGroups: ["networking.k8s.aws"]
358374
resources:
359375
- policyendpoints
376+
- clusterpolicyendpoints
360377
verbs: ["get", "list", "watch"]
361378
- apiGroups: ["networking.k8s.aws"]
362379
resources:
363380
- policyendpoints/status
381+
- clusterpolicyendpoints/status
364382
verbs: ["get"]
365383
- apiGroups:
366384
- vpcresources.k8s.aws
367385
resources:
368386
- cninodes
369387
verbs: ["get", "list", "watch", "patch"]
388+
- nonResourceURLs: ["/apis/networking.k8s.aws", "/apis/networking.k8s.aws/*"]
389+
verbs: ["get"]
370390
---
371391
# Source: aws-vpc-cni/templates/clusterrolebinding.yaml
372392
apiVersion: rbac.authorization.k8s.io/v1
@@ -377,7 +397,7 @@ metadata:
377397
app.kubernetes.io/name: aws-node
378398
app.kubernetes.io/instance: aws-vpc-cni
379399
k8s-app: aws-node
380-
app.kubernetes.io/version: "v1.20.3"
400+
app.kubernetes.io/version: "v1.21.1"
381401
roleRef:
382402
apiGroup: rbac.authorization.k8s.io
383403
kind: ClusterRole
@@ -397,7 +417,7 @@ metadata:
397417
app.kubernetes.io/name: aws-node
398418
app.kubernetes.io/instance: aws-vpc-cni
399419
k8s-app: aws-node
400-
app.kubernetes.io/version: "v1.20.3"
420+
app.kubernetes.io/version: "v1.21.1"
401421
spec:
402422
updateStrategy:
403423
rollingUpdate:
@@ -418,7 +438,7 @@ spec:
418438
hostNetwork: true
419439
initContainers:
420440
- name: aws-vpc-cni-init
421-
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.20.3
441+
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.21.1
422442
imagePullPolicy: Always
423443
env:
424444
- name: DISABLE_TCP_EARLY_DEMUX
@@ -440,7 +460,7 @@ spec:
440460
{}
441461
containers:
442462
- name: aws-node
443-
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.20.3
463+
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.21.1
444464
ports:
445465
- containerPort: 61678
446466
name: metrics
@@ -508,7 +528,7 @@ spec:
508528
- name: NETWORK_POLICY_ENFORCING_MODE
509529
value: "standard"
510530
- name: VPC_CNI_VERSION
511-
value: "v1.20.3"
531+
value: "v1.21.1"
512532
- name: WARM_ENI_TARGET
513533
value: "1"
514534
- name: WARM_PREFIX_TARGET
@@ -543,7 +563,7 @@ spec:
543563
- mountPath: /run/xtables.lock
544564
name: xtables-lock
545565
- name: aws-eks-nodeagent
546-
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.2.6
566+
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.3.1
547567
imagePullPolicy: Always
548568
ports:
549569
- containerPort: 8162

pkg/addons/default/aws_node_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ var _ = Describe("AWS Node", func() {
6161

6262
Describe("UpdateAWSNode", func() {
6363
var preUpdateAwsNode *v1.DaemonSet
64-
const expectedVersion = "v1.20.3"
64+
const expectedVersion = "v1.21.1"
6565
BeforeEach(func() {
6666
loadSamples(rawClient, "testdata/sample-1.15.json")
6767

0 commit comments

Comments
 (0)