Update to Kubernetes 1.6 and Bootkube 0.4.0

[Quentin-M]

Good evening,

This PR updates bootkube (0.4.0), its manifests (Kubernetes 1.6.1), introduces liveness probes to CM/Scheduler and add tolerations/anti-affinity for the critical components to run next to each other but avoid running multiple times on the same node.

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"08e099554f3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean", BuildDate:"2017-01-12T04:57:25Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.1+coreos.0", GitCommit:"9212f77ed8c169a0afa02e58dce87913c6387b3e", GitTreeState:"clean", BuildDate:"2017-04-04T00:32:53Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}

$ kubectl get nodes
NAME                                        STATUS    AGE
ip-10-0-10-234.us-west-2.compute.internal   Ready     9m
ip-10-0-19-89.us-west-2.compute.internal    Ready     9m
ip-10-0-42-19.us-west-2.compute.internal    Ready     9m
ip-10-0-54-106.us-west-2.compute.internal   Ready     9m
ip-10-0-74-57.us-west-2.compute.internal    Ready     9m

$ kubectl get pods -n=kube-system
NAME                                                               READY     STATUS    RESTARTS   AGE
heapster-961268227-wh7mh                                           2/2       Running   0          52s
kube-apiserver-984hh                                               1/1       Running   0          9m
kube-apiserver-g909c                                               1/1       Running   0          9m
kube-apiserver-r83s1                                               1/1       Running   6          9m
kube-controller-manager-1744054037-274tf                           1/1       Running   0          9m
kube-controller-manager-1744054037-g3fc2                           1/1       Running   0          9m
kube-dns-2891576090-tqf6h                                          3/3       Running   0          9m
kube-flannel-29tqb                                                 2/2       Running   2          9m
kube-flannel-5z3hm                                                 2/2       Running   3          9m
kube-flannel-k6bqk                                                 2/2       Running   3          9m
kube-flannel-qmfpq                                                 2/2       Running   3          9m
kube-flannel-tqp2w                                                 2/2       Running   2          9m
kube-proxy-0v670                                                   1/1       Running   0          7m
kube-proxy-3clvk                                                   1/1       Running   0          7m
kube-proxy-3pxlb                                                   1/1       Running   0          7m
kube-proxy-7sv92                                                   1/1       Running   0          7m
kube-proxy-n56n9                                                   1/1       Running   0          7m
kube-scheduler-2496325411-ct3jf                                    1/1       Running   0          9m
kube-scheduler-2496325411-rrw2z                                    1/1       Running   0          9m
pod-checkpointer-hmdw4                                             1/1       Running   0          3m
pod-checkpointer-hmdw4-ip-10-0-10-234.us-west-2.compute.internal   1/1       Running   0          3m
pod-checkpointer-jjcx2                                             1/1       Running   0          3m
pod-checkpointer-jjcx2-ip-10-0-42-19.us-west-2.compute.internal    1/1       Running   0          3m
pod-checkpointer-jwzq5                                             1/1       Running   0          3m
pod-checkpointer-jwzq5-ip-10-0-19-89.us-west-2.compute.internal    1/1       Running   0          3m

[alekssaul]

Can we also bump heapster from 1.3.0-beta.0 to 1.3.0; https://github.com/kubernetes/kubernetes/blob/v1.6.1/cluster/addons/cluster-monitoring/standalone/heapster-controller.yaml

[Quentin-M]

Thanks :) Addressed.

[alekssaul]

Error Loading Jobs.

extensions/v1beta1.Job was in process of being deprecated in favor of batch/v1 [0] . I had https://github.com/coreos-inc/tectonic-issues/issues/151 open regarding this.

[0]https://kubernetes.io/docs/concepts/jobs/run-to-completion-finite-workloads/#extensionsv1beta1job-is-deprecated

[philips]

cc @squat @sym3tri

[Quentin-M]

Note: also need to take a look at kubernetes-retired/bootkube#434.

[squat]

@Quentin-M and also kubernetes-retired/bootkube#421 <- this includes anti-affinity for critical control plane components

[Quentin-M]

@squat This one should be implemented already. I used git blame on templates.go - so anything that is already merged should be there.

[squat]

this should be unnecessary since all beta API groups are enabled by default

[Quentin-M]

Smart! I didn't know that. Let me remove that line then.

[squat]

We should remove this since we are not enabling any alpha API groups and do not want to unknowingly depend on them.

[Quentin-M]

I agree. I simply copy-pasted whatever is in bootkube here without modifications but for templating purposes. Generally want to stay as close as their manifests as possible. Do you think we should still drop it?

[Quentin-M]

@aaronlevy Is there a specific reason this is here?

[squat]

Yes I think so. We had a story that explicitly asks to disable allowing all alpha features by default. If a user really wants to use alpha API features then they can always modify this daemonset.

https://github.com/coreos-inc/tectonic/blob/master/docs-internal/alpha-features.md
https://www.pivotaltracker.com/story/show/137556789

[aaronlevy]

Only exists for flexibility - but I am 100% for removing this.

[aaronlevy]

We may need to explicitly allow TPRs though -- that is still technically an alpha feature

[squat]

@aaronlevy TPR is v1beta1

[squat]

kubernetes-retired/bootkube#440

[Quentin-M]

Addressed.

[Quentin-M]

/cc @amrutac. Pinged you with credentials to a Kubernetes 1.6 deployment to witness the Console breakages. Tell me if there is anything I can do to help you!

[aaronlevy]

We should update this to the upstream recommended list: kubernetes-retired/bootkube#438

[aaronlevy]

Added issue to track this generally: #249

[Quentin-M]

Addressed.

[s-urbaniak]

Setting the "do not merge" label as long as we don't have a working console.

[alexsomesan]

@sym3tri Looks like this is causing some misbehaviour in the console? I presume we don't want to integrate it before the console has addressed those, right?

@amrutac @squat Could you please ping back here when the related console changes are in?

[Quentin-M]

Updated Console for Kubernetes 1.6 with the early bugs I noticed on Sunday.
Updated with the Bootkube PRs:

• Should use upstream recommended admission controllers #249
• templates: stop enabling alpha API groups kubernetes-retired/bootkube#440
• templates: ensure critical components dont coexist kubernetes-retired/bootkube#421
• templates: add toleration to control-plane components kubernetes-retired/bootkube#434

Re-testing. Ping me for credentials if you wish.

/cc @s-urbaniak @alexsomesan @sym3tri @squat @amrutac

[aaronlevy]

Can we just use operator: "Exists" here?

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[aaronlevy]

operator: Exists

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[aaronlevy]

operator: Exists

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[aaronlevy]

operator: Exists

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[aaronlevy]

operator: Exists

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[aaronlevy]

operator: Exists

[Quentin-M]

Was just using what you guys have in https://github.com/kubernetes-incubator/bootkube/blob/85036e7/pkg/asset/internal/templates.go. Fixed.

[Quentin-M]

Have to wait for flannel-io/flannel#681.

[aaronlevy]

I opened kubernetes-retired/bootkube#451 to track changing to operator: Exists in bootkube too

[s-urbaniak]

Tentatively setting this as do-not-merge, as long as it is in WIP state.

[Quentin-M]

Just bumped flannel and fixed a bunch of other stuff. Tested quite a bit by a few people on AWS - other platforms are left untested. Can we still merge and then have @squat test/follow-up later as necessary please? We need all platforms and everybody to start using it actively. We can't afford waiting until release day.

[alexsomesan]

Did a build of this branch myself.
Works nicely, didn't notice any anomalies on a quick glance.
Let's get this in and keep testing around it.

[Quentin-M]

THANK YOU! 💯

[s-urbaniak]

Also tested this myself and it is looking great, thanks!!! I also quickly tested this on openstack/neutron and openstack/nova which worked fine with a minor fix on the nova-side, that I'll file as a separate PR.