Bump Kubernetes versions to existing +2 for clouds #1852
Conversation
thisisnotashwin
force-pushed
the
ashwin/upgrade-k8s-versions-acceptance
branch
3 times, most recently
from
57ea1b7
to
484b353
Compare
|
I assume kind will be also be bumped to 1.26? Is that in a separate PR perhaps? |
Currently, Kind does not have 1.26 support. https://github.com/kubernetes-sigs/kind/releases here lists 1.25 as the latest supported one. We will bump to the latest kind as soon as it is released. |
thisisnotashwin
force-pushed
the
ashwin/upgrade-k8s-versions-acceptance
branch
from
484b353
to
b6d1042
Compare
|
Ahh I just saw this https://twitter.com/BenTheElder/status/1601280095184117760, it looks like its possible to use 1.26.x but not sure its been used before this way for us. |
thisisnotashwin
force-pushed
the
ashwin/upgrade-k8s-versions-acceptance
branch
from
cd3284a
to
39f616c
Compare
thisisnotashwin
requested review from
ishustava,
a team,
curtbushko and
DanStough
and removed request for
a team
|
Updated kind as well to 1.26. I have disabled pod security policies for now. we need some further investigations into what it's future looks like given it isn't currently supported. that can be done in the future as another independent PR. |
| @@ -773,7 +773,7 @@ jobs: | |||
| - run: mkdir -p $TEST_RESULTS | |||
|
|
|||
| - run-acceptance-tests: | |||
| additional-flags: -kubeconfig="$primary_kubeconfig" -secondary-kubeconfig="$secondary_kubeconfig" -enable-pod-security-policies -enable-transparent-proxy -consul-image=hashicorppreview/consul-enterprise:1.15-dev-23aaa4f83845d0e2eced9ea69f731d7eedf840d1 | |||
There was a problem hiding this comment.
Does -pod-security-policies break things on the new versions?
There was a problem hiding this comment.
Kubernetes no longer supports pod security policies starting 1.25. https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/
|
Should we backport this to 0.49.x? (it doesn't matter as much because those only run against GKE) |
| pod_security_policy_config { | ||
| enabled = true | ||
| enabled = false | ||
| } |
There was a problem hiding this comment.
nit: we can just remove this config altogether since it's not enabled by default. Another thing here is that we can switch the google provider regular instead of beta.
|
@thisisnotashwin we'll also need to update readme and add it to Changelog. |
thisisnotashwin
force-pushed
the
ashwin/upgrade-k8s-versions-acceptance
branch
from
39f616c
to
fc34136
Compare
Changes proposed in this PR:
How I've tested this PR:
How I expect reviewers to test this PR:
look at them pipelines and how pretty and green they are and then hit approve 😛