From 1b4460e7558e5ac52813408c57235dcbb6e2d445 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Mon, 19 Feb 2024 15:53:57 +0100 Subject: [PATCH 1/3] Bump metrics-server to v0.7.0 https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.7.0 Signed-off-by: Tom Wieczorek (cherry picked from commit 468c2bd0cb4ea62a689e22190edb469f3abe6297) (cherry picked from commit b65b617960bde63adc7c387da45234ce54b04dc9) (cherry picked from commit c4483e9893a8d0c87574125128e4730087524bbb) --- docs/configuration.md | 4 ++-- docs/raspberry-pi4.md | 2 +- pkg/constant/constant_shared.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index 69261fe6715c..edab21fcf370 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -473,10 +473,10 @@ images: version: v3.16.2 metricsserver: image: registry.k8s.io/metrics-server/metrics-server - version: v0.6.4 + version: v0.7.0 ``` -In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/metrics-server/metrics-server:v0.6.4`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. +In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/metrics-server/metrics-server:v0.7.0`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. ### `spec.extensions.helm` diff --git a/docs/raspberry-pi4.md b/docs/raspberry-pi4.md index f545b79d8bc7..2f05f6b5a21f 100644 --- a/docs/raspberry-pi4.md +++ b/docs/raspberry-pi4.md @@ -501,7 +501,7 @@ node/ubuntu Ready 5m1s v{{{ extra.k8s_version }}}+k0s 10.152.5 NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR kube-system deployment.apps/coredns 1/1 1 1 33m coredns registry.k8s.io/coredns/coredns:v1.7.0 k8s-app=kube-dns -kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server registry.k8s.io/metrics-server/metrics-server:v0.6.4 k8s-app=metrics-server +kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server registry.k8s.io/metrics-server/metrics-server:v0.7.0 k8s-app=metrics-server NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kube-system pod/coredns-88b745646-pkk5w 1/1 Running 0 33m 10.244.0.5 ubuntu diff --git a/pkg/constant/constant_shared.go b/pkg/constant/constant_shared.go index 2040198d063d..72d2ebc72754 100644 --- a/pkg/constant/constant_shared.go +++ b/pkg/constant/constant_shared.go @@ -83,7 +83,7 @@ const ( PushGatewayImage = "quay.io/k0sproject/pushgateway-ttl" PushGatewayImageVersion = "1.4.0-k0s.0" MetricsImage = "registry.k8s.io/metrics-server/metrics-server" - MetricsImageVersion = "v0.6.4" + MetricsImageVersion = "v0.7.0" KubeProxyImage = "quay.io/k0sproject/kube-proxy" KubeProxyImageVersion = "v1.27.16" CoreDNSImage = "quay.io/k0sproject/coredns" From 989f15350f58f9581fdae4ef2601f2b6033921c8 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Wed, 27 Mar 2024 11:57:19 +0100 Subject: [PATCH 2/3] Bump metrics-server to v0.7.1 https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.7.1 Signed-off-by: Tom Wieczorek (cherry picked from commit 7c61592ebd47ef79c2d485c5a5739da32810c5f7) (cherry picked from commit bf765e603e44fac30d4b6c9d41f1fa495d77421b) (cherry picked from commit a448b4885ac0b3d58cbb067a083cff8f31855ab6) --- docs/configuration.md | 4 ++-- docs/raspberry-pi4.md | 2 +- pkg/constant/constant_shared.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index edab21fcf370..efce78c5e5ba 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -473,10 +473,10 @@ images: version: v3.16.2 metricsserver: image: registry.k8s.io/metrics-server/metrics-server - version: v0.7.0 + version: v0.7.1 ``` -In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/metrics-server/metrics-server:v0.7.0`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. +In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/metrics-server/metrics-server:v0.7.1`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. ### `spec.extensions.helm` diff --git a/docs/raspberry-pi4.md b/docs/raspberry-pi4.md index 2f05f6b5a21f..fad6c1ce7268 100644 --- a/docs/raspberry-pi4.md +++ b/docs/raspberry-pi4.md @@ -501,7 +501,7 @@ node/ubuntu Ready 5m1s v{{{ extra.k8s_version }}}+k0s 10.152.5 NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR kube-system deployment.apps/coredns 1/1 1 1 33m coredns registry.k8s.io/coredns/coredns:v1.7.0 k8s-app=kube-dns -kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server registry.k8s.io/metrics-server/metrics-server:v0.7.0 k8s-app=metrics-server +kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server registry.k8s.io/metrics-server/metrics-server:v0.7.1 k8s-app=metrics-server NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kube-system pod/coredns-88b745646-pkk5w 1/1 Running 0 33m 10.244.0.5 ubuntu diff --git a/pkg/constant/constant_shared.go b/pkg/constant/constant_shared.go index 72d2ebc72754..3f6cbb3bf1fd 100644 --- a/pkg/constant/constant_shared.go +++ b/pkg/constant/constant_shared.go @@ -83,7 +83,7 @@ const ( PushGatewayImage = "quay.io/k0sproject/pushgateway-ttl" PushGatewayImageVersion = "1.4.0-k0s.0" MetricsImage = "registry.k8s.io/metrics-server/metrics-server" - MetricsImageVersion = "v0.7.0" + MetricsImageVersion = "v0.7.1" KubeProxyImage = "quay.io/k0sproject/kube-proxy" KubeProxyImageVersion = "v1.27.16" CoreDNSImage = "quay.io/k0sproject/coredns" From 7ad6c074b24797ac15015af24eb2b33e8fb5e2ff Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 18 Jul 2024 14:41:31 +0200 Subject: [PATCH 3/3] Use patched metrics-server image This includes 3d43e71d7a2ffa2bbd8616922f00f61d9edd8d63. Fixes CVE-2023-45288. Signed-off-by: Tom Wieczorek (cherry picked from commit d31d9d17e65b0830e8f3513a38ab42a19e1aaf9c) (cherry picked from commit ff01b6b765d98a32b14c820ae35948626804d281) (cherry picked from commit d2e9be8a61e37699423abbedf049a2974635e869) (cherry picked from commit db90340d69747049180ee3dde48d931b2056381f) --- docs/configuration.md | 6 +++--- docs/raspberry-pi4.md | 2 +- pkg/apis/k0s.k0sproject.io/v1beta1/images_test.go | 6 +++--- pkg/constant/constant_shared.go | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index efce78c5e5ba..c75f18ec4344 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -472,11 +472,11 @@ images: image: calico/kube-controllers version: v3.16.2 metricsserver: - image: registry.k8s.io/metrics-server/metrics-server - version: v0.7.1 + image: quay.io/k0sproject/metrics-server + version: v0.7.1-0 ``` -In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/metrics-server/metrics-server:v0.7.1`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. +In the runtime the image names are calculated as `my.own.repo/calico/kube-controllers:v3.16.2` and `my.own.repo/k0sproject/metrics-server:v0.7.1-0`. This only affects the the imgages pull location, and thus omitting an image specification here will not disable component deployment. ### `spec.extensions.helm` diff --git a/docs/raspberry-pi4.md b/docs/raspberry-pi4.md index fad6c1ce7268..2fb9ea6995a4 100644 --- a/docs/raspberry-pi4.md +++ b/docs/raspberry-pi4.md @@ -501,7 +501,7 @@ node/ubuntu Ready 5m1s v{{{ extra.k8s_version }}}+k0s 10.152.5 NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR kube-system deployment.apps/coredns 1/1 1 1 33m coredns registry.k8s.io/coredns/coredns:v1.7.0 k8s-app=kube-dns -kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server registry.k8s.io/metrics-server/metrics-server:v0.7.1 k8s-app=metrics-server +kube-system deployment.apps/metrics-server 1/1 1 1 33m metrics-server quay.io/k0sproject/metrics-server:v0.7.1-0 k8s-app=metrics-server NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kube-system pod/coredns-88b745646-pkk5w 1/1 Running 0 33m 10.244.0.5 ubuntu diff --git a/pkg/apis/k0s.k0sproject.io/v1beta1/images_test.go b/pkg/apis/k0s.k0sproject.io/v1beta1/images_test.go index fdb9192c26dd..f5568ee3b765 100644 --- a/pkg/apis/k0s.k0sproject.io/v1beta1/images_test.go +++ b/pkg/apis/k0s.k0sproject.io/v1beta1/images_test.go @@ -52,7 +52,7 @@ spec: assert.Equal(t, "custom-repository/my-custom-konnectivity-image:v0.0.1", a.Konnectivity.URI()) assert.Equal(t, "1.0.0", a.CoreDNS.Version) assert.Equal(t, "custom.io/coredns/coredns", a.CoreDNS.Image) - assert.Equal(t, "registry.k8s.io/metrics-server/metrics-server", a.MetricsServer.Image) + assert.Equal(t, "quay.io/k0sproject/metrics-server", a.MetricsServer.Image) } func TestImagesRepoOverrideInConfiguration(t *testing.T) { @@ -63,7 +63,7 @@ func TestImagesRepoOverrideInConfiguration(t *testing.T) { var testingConfig *ClusterConfig require.NoError(t, yaml.Unmarshal(getConfigYAML(t, cfg), &testingConfig)) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/apiserver-network-proxy-agent:%s", constant.KonnectivityImageVersion), testingConfig.Spec.Images.Konnectivity.URI()) - require.Equal(t, fmt.Sprintf("my.repo/metrics-server/metrics-server:%s", constant.MetricsImageVersion), testingConfig.Spec.Images.MetricsServer.URI()) + require.Equal(t, fmt.Sprintf("my.repo/k0sproject/metrics-server:%s", constant.MetricsImageVersion), testingConfig.Spec.Images.MetricsServer.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/kube-proxy:%s", constant.KubeProxyImageVersion), testingConfig.Spec.Images.KubeProxy.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/coredns:%s", constant.CoreDNSImageVersion), testingConfig.Spec.Images.CoreDNS.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/calico-cni:%s", constant.CalicoComponentImagesVersion), testingConfig.Spec.Images.Calico.CNI.URI()) @@ -82,7 +82,7 @@ func TestImagesRepoOverrideInConfiguration(t *testing.T) { var testingConfig *ClusterConfig require.NoError(t, yaml.Unmarshal(getConfigYAML(t, cfg), &testingConfig)) require.Equal(t, fmt.Sprintf("my.repo/my-custom-image:%s", constant.KonnectivityImageVersion), testingConfig.Spec.Images.Konnectivity.URI()) - require.Equal(t, fmt.Sprintf("my.repo/metrics-server/metrics-server:%s", constant.MetricsImageVersion), testingConfig.Spec.Images.MetricsServer.URI()) + require.Equal(t, fmt.Sprintf("my.repo/k0sproject/metrics-server:%s", constant.MetricsImageVersion), testingConfig.Spec.Images.MetricsServer.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/kube-proxy:%s", constant.KubeProxyImageVersion), testingConfig.Spec.Images.KubeProxy.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/coredns:%s", constant.CoreDNSImageVersion), testingConfig.Spec.Images.CoreDNS.URI()) require.Equal(t, fmt.Sprintf("my.repo/k0sproject/calico-cni:%s", constant.CalicoComponentImagesVersion), testingConfig.Spec.Images.Calico.CNI.URI()) diff --git a/pkg/constant/constant_shared.go b/pkg/constant/constant_shared.go index 3f6cbb3bf1fd..daf154f6dd39 100644 --- a/pkg/constant/constant_shared.go +++ b/pkg/constant/constant_shared.go @@ -82,8 +82,8 @@ const ( KonnectivityImageVersion = "0.0.33-k0s.1" PushGatewayImage = "quay.io/k0sproject/pushgateway-ttl" PushGatewayImageVersion = "1.4.0-k0s.0" - MetricsImage = "registry.k8s.io/metrics-server/metrics-server" - MetricsImageVersion = "v0.7.1" + MetricsImage = "quay.io/k0sproject/metrics-server" + MetricsImageVersion = "v0.7.1-0" KubeProxyImage = "quay.io/k0sproject/kube-proxy" KubeProxyImageVersion = "v1.27.16" CoreDNSImage = "quay.io/k0sproject/coredns"