Update to Kubernetes 1.25.0

Signed-off-by: Jakub Scholz <www@scholzj.com>
scholzj · Aug 26, 2022 · 46a6426 · 46a6426
1 parent cab6bf9
commit 46a6426
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 34 deletions.
diff --git a/README.md b/README.md
@@ -8,30 +8,31 @@ AWS Kubernetes is a Kubernetes cluster deployed using [Kubeadm](https://kubernet
     - [Updates](#updates)
     - [Prerequisites and dependencies](#prerequisites-and-dependencies)
     - [Including the module](#including-the-module)
-    - [Addons](#addons)
-    - [Custom addons](#custom-addons)
+    - [Add-ons](#addons)
+    - [Custom add-ons](#custom-addons)
     - [Tagging](#tagging)
 
 <!-- /TOC -->
 
 ## Updates
 
+* *26.8.2022* Update to Kubernetes 1.25.0 + Calico upgrade
 * *22.8.2022* Update to Kubernetes 1.24.4
 * *16.7.2022* Update to Kubernetes 1.24.3
 * *27.6.2022* Update to Kubernetes 1.24.2
-* *11.6.2022* Update to Kubernetes 1.24.1 + update addons + remove dependency on the template provider
+* *11.6.2022* Update to Kubernetes 1.24.1 + update add-ons + remove dependency on the template provider
 * *8.5.2022* Update to Kubernetes 1.24.0 + update add-ons
-* *23.3.2022* Update to Kubernetes 1.23.5 + update addons
+* *23.3.2022* Update to Kubernetes 1.23.5 + update add-ons
 * *19.2.2022* Update to Kubernetes 1.23.4
 * *12.2.2022* Update to Kubernetes 1.23.2
 * *29.12.2021* Update to Kubernetes 1.23.1
 * *11.12.2021* Update to Kubernetes 1.23.0
 
 ## Prerequisites and dependencies
 
-* AWS Kubernetes deployes into existing VPC / public subnet. If you don't have your VPC / subnet yet, you can use [this](https://github.com/scholzj/terraform-aws-vpc) module to create one.
+* AWS Kubernetes deploys into existing VPC / public subnet. If you don't have your VPC / subnet yet, you can use [this](https://github.com/scholzj/terraform-aws-vpc) module to create one.
   * The VPC / subnet should be properly linked with Internet Gateway (IGW) and should have DNS and DHCP enabled.
-  * Hosted DNS zone configured in Route53 (in case the zone is private you have to use IP address to copy kubeconfig and access the cluster).
+  * Hosted DNS zone configured in Route53 (in case the zone is private you have to use IP address to copy `kubeconfig` and access the cluster).
 * To deploy AWS Kubernetes there are no other dependencies apart from [Terraform](https://www.terraform.io). Kubeadm is used only on the EC2 hosts and doesn't have to be installed locally.
 
 ## Including the module
@@ -87,21 +88,21 @@ module "kubernetes" {
 
 An example of how to include this can be found in the [examples](examples/) dir.
 
-## Addons
+## Add-ons
 
-Currently, following addons are supported:
+Currently, following add-ons are supported:
 * Kubernetes dashboard
 * Heapster for resource monitoring
 * Storage class and CSI driver for automatic provisioning of persistent volumes
 * External DNS (Replaces Route53 mapper)
 * Ingress
 * Autoscaler
 
-The addons will be installed automatically based on the Terraform variables. 
+The add-ons will be installed automatically based on the Terraform variables. 
 
-## Custom addons
+## Custom add-ons
 
-Custom addons can be added if needed. For every URL in the `addons` list, the initialization scripts will automatically call `kubectl -f apply <Addon URL>` to deploy it. The cluster is using RBAC. So the custom addons have to be *RBAC ready*.
+Custom add-ons can be added if needed. For every URL in the `addons` list, the initialization scripts will automatically call `kubectl -f apply <Addon URL>` to deploy it. The cluster is using RBAC. So the custom add-ons have to be *RBAC ready*.
 
 ## Tagging
 

diff --git a/scripts/init-aws-kubernetes-master.sh b/scripts/init-aws-kubernetes-master.sh
@@ -16,7 +16,7 @@ export ASG_MAX_NODES="${asg_max_nodes}"
 export AWS_REGION=${aws_region}
 export AWS_SUBNETS="${aws_subnets}"
 export ADDONS="${addons}"
-export KUBERNETES_VERSION="1.24.4"
+export KUBERNETES_VERSION="1.25.0"
 
 # Set this only after setting the defaults
 set -o nounset
@@ -125,34 +125,39 @@ fi
 # Initialize the master
 cat >/tmp/kubeadm.yaml <<EOF
 ---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: InitConfiguration
 bootstrapTokens:
-- groups:
-  - system:bootstrappers:kubeadm:default-node-token
-  token: $KUBEADM_TOKEN
-  ttl: 0s
-  usages:
-  - signing
-  - authentication
+  - groups:
+      - system:bootstrappers:kubeadm:default-node-token
+    token: $KUBEADM_TOKEN
+    ttl: 0s
+    usages:
+      - signing
+      - authentication
 nodeRegistration:
+  criSocket: unix:///var/run/containerd/containerd.sock
+  imagePullPolicy: IfNotPresent
   kubeletExtraArgs:
+    cgroup-driver: systemd
     cloud-provider: aws
     read-only-port: "10255"
-    cgroup-driver: systemd
   name: $FULL_HOSTNAME
   taints:
-  - effect: NoSchedule
-    key: node-role.kubernetes.io/master
+    - effect: NoSchedule
+      key: node-role.kubernetes.io/master
+localAPIEndpoint:
+  advertiseAddress: $LOCAL_IP_ADDRESS
+  bindPort: 6443
 ---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 apiServer:
   certSANs:
-  - $DNS_NAME
-  - $IP_ADDRESS
-  - $LOCAL_IP_ADDRESS
-  - $FULL_HOSTNAME
+    - $DNS_NAME
+    - $IP_ADDRESS
+    - $LOCAL_IP_ADDRESS
+    - $FULL_HOSTNAME
   extraArgs:
     cloud-provider: aws
   timeoutForControlPlane: 5m0s
@@ -161,12 +166,10 @@ clusterName: kubernetes
 controllerManager:
   extraArgs:
     cloud-provider: aws
-dns:
-  type: CoreDNS
+dns: {}
 etcd:
   local:
     dataDir: /var/lib/etcd
-imageRepository: k8s.gcr.io
 kubernetesVersion: v$KUBERNETES_VERSION
 networking:
   dnsDomain: cluster.local
@@ -183,7 +186,8 @@ kubeadm init --config /tmp/kubeadm.yaml
 export KUBECONFIG=/etc/kubernetes/admin.conf
 
 # Install calico
-kubectl apply -f https://raw.githubusercontent.com/scholzj/terraform-aws-kubernetes/master/calico/calico.yaml
+kubectl create -f https://raw.githubusercontent.com/scholzj/terraform-aws-minikube/master/calico/calico-operator.yaml
+kubectl create -f https://raw.githubusercontent.com/scholzj/terraform-aws-minikube/master/calico/calico-cr.yaml
 
 ########################################
 ########################################

diff --git a/scripts/init-aws-kubernetes-node.sh b/scripts/init-aws-kubernetes-node.sh
@@ -9,7 +9,7 @@ set -o pipefail
 export KUBEADM_TOKEN=${kubeadm_token}
 export MASTER_IP=${master_private_ip}
 export DNS_NAME=${dns_name}
-export KUBERNETES_VERSION="1.24.4"
+export KUBERNETES_VERSION="1.25.0"
 
 # Set this only after setting the defaults
 set -o nounset
@@ -118,7 +118,7 @@ fi
 ########################################
 cat >/tmp/kubeadm.yaml <<EOF
 ---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: JoinConfiguration
 discovery:
   bootstrapToken: