From 7c93e718018f2c24edae4222cffc5e2bbef3a22f Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Tue, 15 May 2018 16:00:29 +0300
Subject: [PATCH] Upgrade k8s to 1.10.2 (#2748)

* Upgrade k8s to 1.10.2

Bumped etcd version to 3.2.16 as recommended

* Add ipvs fix for v1.10

* change flannel addons test to ha
---
 README.md                                                   | 4 ++--
 inventory/sample/group_vars/k8s-cluster.yml                 | 2 +-
 roles/download/defaults/main.yml                            | 6 +++---
 roles/kubernetes/master/templates/kubeadm-config.yaml.j2    | 2 +-
 .../node/templates/manifests/kube-proxy.manifest.j2         | 2 ++
 roles/kubespray-defaults/defaults/main.yaml                 | 2 +-
 tests/files/gce_centos7-flannel-addons.yml                  | 4 ++--
 7 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 643b784fd..a63bc87f2 100644
--- a/README.md
+++ b/README.md
@@ -80,8 +80,8 @@ Note: Upstart/SysV init based OS types are not supported.
 Versions of supported components
 --------------------------------
 
--   [kubernetes](https://github.com/kubernetes/kubernetes/releases) v1.9.5
--   [etcd](https://github.com/coreos/etcd/releases) v3.2.4
+-   [kubernetes](https://github.com/kubernetes/kubernetes/releases) v1.10.2
+-   [etcd](https://github.com/coreos/etcd/releases) v3.2.16
 -   [flanneld](https://github.com/coreos/flannel/releases) v0.10.0
 -   [calico](https://docs.projectcalico.org/v2.6/releases/) v2.6.8
 -   [canal](https://github.com/projectcalico/canal) (given calico/flannel versions)
diff --git a/inventory/sample/group_vars/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster.yml
index 13a7ddff5..8f15a922e 100644
--- a/inventory/sample/group_vars/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster.yml
@@ -19,7 +19,7 @@ kube_users_dir: "{{ kube_config_dir }}/users"
 kube_api_anonymous_auth: true
 
 ## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.9.5
+kube_version: v1.10.2
 
 # Where the binaries will be downloaded.
 # Note: ensure that you've enough disk space (about 1G)
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index a68906fa9..6b7eaf842 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -24,9 +24,9 @@ download_always_pull: False
 download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube-master'][0]}}{% endif %}"
 
 # Versions
-kube_version: v1.9.5
+kube_version: v1.10.2
 kubeadm_version: "{{ kube_version }}"
-etcd_version: v3.2.4
+etcd_version: v3.2.16
 # TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
 # after migration to container download
 calico_version: "v2.6.8"
@@ -50,7 +50,7 @@ vault_download_url: "https://releases.hashicorp.com/vault/{{ vault_version }}/va
 
 # Checksums
 istioctl_checksum: fd703063c540b8c0ab943f478c05ab257d88ae27224c746a27d0526ddbf7c370
-kubeadm_checksum: 12b6e9ac1624852b7c978bde70b9bde9ca0e4fc6581d09bddfb117bb41f93c74
+kubeadm_checksum: 394d7d340214c91d669186cf4f2110d8eb840ca965399b4d8b22d0545a60e377
 vault_binary_checksum: 3c4d70ba71619a43229e65c67830e30e050eab7a81ac6b28325ff707e5914188
 
 # Containers
diff --git a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2
index 0eccb4918..9c8afa31c 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2
@@ -19,7 +19,7 @@ kubernetesVersion: {{ kube_version }}
 {% if cloud_provider is defined and cloud_provider != "gce" %}
 cloudProvider: {{ cloud_provider }}
 {% endif %}
-{% if kube_proxy_mode == 'ipvs' %}
+{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %}
 kubeProxy:
   config:
     featureGates: SupportIPVSProxyMode=true
diff --git a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
index 18e51069f..2209709b6 100644
--- a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
@@ -47,7 +47,9 @@ spec:
     - --masquerade-all
 {% elif kube_proxy_mode == 'ipvs' %}
     - --masquerade-all
+{% if kube_version | version_compare('v1.10', '<') %}
     - --feature-gates=SupportIPVSProxyMode=true
+{% endif %}
     - --ipvs-min-sync-period=5s
     - --ipvs-sync-period=5s
     - --ipvs-scheduler=rr
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index f297c007e..a276e100d 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -14,7 +14,7 @@ is_atomic: false
 
 
 ## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.9.5
+kube_version: v1.10.2
 
 ## Kube Proxy mode One of ['iptables','ipvs']
 kube_proxy_mode: iptables
diff --git a/tests/files/gce_centos7-flannel-addons.yml b/tests/files/gce_centos7-flannel-addons.yml
index 9e2e1083f..161625946 100644
--- a/tests/files/gce_centos7-flannel-addons.yml
+++ b/tests/files/gce_centos7-flannel-addons.yml
@@ -1,8 +1,8 @@
 # Instance settings
 cloud_image_family: centos-7
 cloud_region: us-central1-c
-cloud_machine_type: "n1-standard-1"
-mode: default
+cloud_machine_type: "n1-standard-2"
+mode: ha
 
 # Deployment settings
 kube_network_plugin: flannel
-- 
GitLab