kubernetes

History

Spencer Peterson 530072a38f Addon-manager baseimage upgrade debian-base v1.0.1 The previous base image, debian-base:v1.0.0, is affected by CVE-2017-14062. This change upgrades to the most recent Debian stretch image from the following command: ``` $ gcloud container images list-tags k8s.gcr.io/debian-base-amd64 DIGEST TAGS TIMESTAMP 7e9f2f88b813 v1.0.1 2020-02-18T13:18:50 d7be39e143d4 v2.0.0 2019-11-01T13:14:18 5f25d97ece90 v1.0.0 2019-03-25T10:59:09 dddca919baec 1.0.0 2019-03-25T09:43:09 ``` This marks kube-addon-manager version 9.1.5. Change-Id: I02321a781fb19dd33c0a19671b56c0b12d9b52fd		2021-04-19 20:36:44 -07:00
..
CHANGELOG.md	Addon-manager baseimage upgrade debian-base v1.0.1	2021-04-19 20:36:44 -07:00
Dockerfile	Use ARG instead of sed to set the base image for addon-manager.	2021-02-12 03:11:56 -08:00
kube-addons-main.sh	Fix kube-addon-manager overwriting resources with EnsureExists	2020-09-24 21:26:56 +00:00
kube-addons-test.sh	Fix kube-addon-manager overwriting resources with EnsureExists	2020-09-24 21:26:56 +00:00
kube-addons.sh	Merge pull request #98806 from rikatz/remove-extension-prune	2021-03-04 14:40:47 -08:00
Makefile	Addon-manager baseimage upgrade debian-base v1.0.1	2021-04-19 20:36:44 -07:00
OWNERS	Migrate OWNERS file to apply the area/provider/gcp label	2019-12-04 17:05:43 -08:00
README.md	Removed broken link to Analytics	2020-08-13 16:03:37 -04:00

README.md

Addon-manager

addon-manager manages two classes of addons with given template files in $ADDON_PATH (default /etc/kubernetes/addons/).

Addons with label addonmanager.kubernetes.io/mode=Reconcile will be periodically reconciled. Direct manipulation to these addons through apiserver is discouraged because addon-manager will bring them back to the original state. In particular:
- Addon will be re-created if it is deleted.
- Addon will be reconfigured to the state given by the supplied fields in the template file periodically.
- Addon will be deleted when its manifest file is deleted from the $ADDON_PATH.
Addons with label addonmanager.kubernetes.io/mode=EnsureExists will be checked for existence only. Users can edit these addons as they want. In particular:
- Addon will only be created/re-created with the given template file when there is no instance of the resource with that name.
- Addon will not be deleted when the manifest file is deleted from the $ADDON_PATH.

Notes:

Label kubernetes.io/cluster-service=true is deprecated (only for Addon Manager). In future release (after one year), Addon Manager may not respect it anymore. Addons have this label but without addonmanager.kubernetes.io/mode=EnsureExists will be treated as "reconcile class addons" for now.
Resources under $ADDON_PATH need to have either one of these two labels. Otherwise it will be omitted.

Images

addon-manager images are pushed to k8s.gcr.io. As addon-manager is built for multiple architectures, there is an image per architecture in the format - k8s.gcr.io/kube-addon-manager-$(ARCH):$(VERSION).

How to release

The addon-manager is built for multiple architectures.

Change something in the source
Bump VERSION in the Makefile
Bump KUBECTL_VERSION in the Makefile if required
Build the amd64 image and test it on a cluster
Push all images

# Build for linux/amd64 (default)
$ make push ARCH=amd64
# ---> staging-k8s.gcr.io/kube-addon-manager-amd64:VERSION
# ---> staging-k8s.gcr.io/kube-addon-manager:VERSION (image with backwards-compatible naming)

$ make push ARCH=arm
# ---> staging-k8s.gcr.io/kube-addon-manager-arm:VERSION

$ make push ARCH=arm64
# ---> staging-k8s.gcr.io/kube-addon-manager-arm64:VERSION

$ make push ARCH=ppc64le
# ---> staging-k8s.gcr.io/kube-addon-manager-ppc64le:VERSION

$ make push ARCH=s390x
# ---> staging-k8s.gcr.io/kube-addon-manager-s390x:VERSION

If you don't want to push the images, run make or make build instead