diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml index cd8cd6e92b..44ed0a8f48 100644 --- a/config/master/aws-k8s-cni-cn.yaml +++ b/config/master/aws-k8s-cni-cn.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: aws-vpc-cni/templates/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -47,7 +47,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -80,7 +80,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -100,7 +100,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: updateStrategy: rollingUpdate: @@ -121,7 +121,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.10.2" + image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.22.1" env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -139,7 +139,7 @@ spec: {} containers: - name: aws-node - image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.10.2" + image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.22.1" ports: - containerPort: 61678 name: metrics diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml index 70f2b22d03..0a654ed282 100644 --- a/config/master/aws-k8s-cni-us-gov-east-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-east-1.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: aws-vpc-cni/templates/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -47,7 +47,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -80,7 +80,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -100,7 +100,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: updateStrategy: rollingUpdate: @@ -121,7 +121,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.10.2" + image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.22.1" env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -139,7 +139,7 @@ spec: {} containers: - name: aws-node - image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.10.2" + image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.22.1" ports: - containerPort: 61678 name: metrics diff --git a/config/master/aws-k8s-cni-us-gov-west-1.yaml b/config/master/aws-k8s-cni-us-gov-west-1.yaml index eb21a0e5c3..67a258c710 100644 --- a/config/master/aws-k8s-cni-us-gov-west-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-west-1.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: aws-vpc-cni/templates/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -47,7 +47,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -80,7 +80,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -100,7 +100,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: updateStrategy: rollingUpdate: @@ -121,7 +121,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.10.2" + image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni-init:v1.22.1" env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -139,7 +139,7 @@ spec: {} containers: - name: aws-node - image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.10.2" + image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:v1.22.1" ports: - containerPort: 61678 name: metrics diff --git a/config/master/aws-k8s-cni.yaml b/config/master/aws-k8s-cni.yaml index 3ee842f273..b5af46a941 100644 --- a/config/master/aws-k8s-cni.yaml +++ b/config/master/aws-k8s-cni.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: aws-vpc-cni/templates/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -47,7 +47,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" rules: - apiGroups: - crd.k8s.amazonaws.com @@ -80,7 +80,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -100,7 +100,7 @@ metadata: app.kubernetes.io/name: aws-node app.kubernetes.io/instance: aws-vpc-cni k8s-app: aws-node - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" spec: updateStrategy: rollingUpdate: @@ -121,7 +121,7 @@ spec: hostNetwork: true initContainers: - name: aws-vpc-cni-init - image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.10.2" + image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.22.1" env: - name: DISABLE_TCP_EARLY_DEMUX value: "false" @@ -139,7 +139,7 @@ spec: {} containers: - name: aws-node - image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.10.2" + image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.22.1" ports: - containerPort: 61678 name: metrics diff --git a/config/master/calico-operator.yaml b/config/master/calico-operator.yaml index e260043003..ec1bc1a709 100644 --- a/config/master/calico-operator.yaml +++ b/config/master/calico-operator.yaml @@ -4942,6 +4942,14 @@ rules: - update - delete - watch + # EndpointSlices are used for Service-based network policy rule + # enforcement. + - apiGroups: ["discovery.k8s.io"] + resources: + - endpointslices + verbs: + - watch + - list - apiGroups: - "" resources: diff --git a/config/master/cni-metrics-helper-cn.yaml b/config/master/cni-metrics-helper-cn.yaml index 06a19e5e39..f625d59de8 100644 --- a/config/master/cni-metrics-helper-cn.yaml +++ b/config/master/cni-metrics-helper-cn.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -59,11 +59,10 @@ spec: spec: containers: - env: - # Optional: Should be ClusterName/ClusterIdentifier used as the metric dimension - name: AWS_CLUSTER_ID value: "" - name: USE_CLOUDWATCH value: "true" name: cni-metrics-helper - image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/cni-metrics-helper:v1.10.2" + image: "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/cni-metrics-helper:v1.22.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper-us-gov-east-1.yaml b/config/master/cni-metrics-helper-us-gov-east-1.yaml index b8cc3d942a..9819c5ddea 100644 --- a/config/master/cni-metrics-helper-us-gov-east-1.yaml +++ b/config/master/cni-metrics-helper-us-gov-east-1.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -59,11 +59,10 @@ spec: spec: containers: - env: - # Optional: Should be ClusterName/ClusterIdentifier used as the metric dimension - name: AWS_CLUSTER_ID value: "" - name: USE_CLOUDWATCH value: "true" name: cni-metrics-helper - image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/cni-metrics-helper:v1.10.2" + image: "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/cni-metrics-helper:v1.22.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper-us-gov-west-1.yaml b/config/master/cni-metrics-helper-us-gov-west-1.yaml index 0bf1a02eff..55cac425a8 100644 --- a/config/master/cni-metrics-helper-us-gov-west-1.yaml +++ b/config/master/cni-metrics-helper-us-gov-west-1.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -59,11 +59,10 @@ spec: spec: containers: - env: - # Optional: Should be ClusterName/ClusterIdentifier used as the metric dimension - name: AWS_CLUSTER_ID value: "" - name: USE_CLOUDWATCH value: "true" name: cni-metrics-helper - image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/cni-metrics-helper:v1.10.2" + image: "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/cni-metrics-helper:v1.22.1" serviceAccountName: cni-metrics-helper diff --git a/config/master/cni-metrics-helper.yaml b/config/master/cni-metrics-helper.yaml index 1e56b14c0c..17c1336228 100644 --- a/config/master/cni-metrics-helper.yaml +++ b/config/master/cni-metrics-helper.yaml @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" --- # Source: cni-metrics-helper/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: cni-metrics-helper app.kubernetes.io/instance: cni-metrics-helper - app.kubernetes.io/version: "v1.10.2" + app.kubernetes.io/version: "v1.10.1" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -59,11 +59,10 @@ spec: spec: containers: - env: - # Optional: Should be ClusterName/ClusterIdentifier used as the metric dimension - name: AWS_CLUSTER_ID value: "" - name: USE_CLOUDWATCH value: "true" name: cni-metrics-helper - image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.10.2" + image: "602401143452.dkr.ecr.us-west-2.amazonaws.com/cni-metrics-helper:v1.22.1" serviceAccountName: cni-metrics-helper