Merge pull request #212 from batistein/main

✨ Support for k8s 1.24

.github/actions/e2e/action.yaml

@@ -73,7 +73,7 @@ runs:
         MANIFEST_PATH: "../../../out"
         HCLOUD_TOKEN: ${{ env.HCLOUD_TOKEN }}
         SKIP_IMAGE_BUILD: "1"
-        CAPH_LATEST_VERSION: "v1.0.0-alpha.17"
+        CAPH_LATEST_VERSION: "v1.0.0-alpha.18"
       run: make ${{ inputs.e2e_make_target }}
     - name: Upload artifact
       uses: actions/upload-artifact@v3

.github/workflows/e2e-basic-packer.yaml

@@ -0,0 +1,54 @@
+name: E2E Basic Packer
+on:
+  workflow_dispatch:
+env:
+  hcloudctl_version: 1.29.4
+  IMAGE_NAME: cluster-api-provider-hetzner
+  REGISTRY: quay.io/syself
+  metadata_flavor: latest=false
+  metadata_tags: type=sha
+
+jobs:
+  manager-image:
+    name: Build and push manager image
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: Build and push manager image
+        id: manager-image
+        uses: ./.github/actions/manager-image
+        with:
+          manager_image_quay_username: ${{ secrets.QUAY_USERNAME }}
+          manager_image_quay_password: ${{ secrets.QUAY_PASSWORD }}
+
+  test-release:
+    name: Test Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: Test Release
+        id: manager-image
+        uses: ./.github/actions/test-release
+        with:
+          test_release_quay_username: ${{ secrets.QUAY_USERNAME }}
+
+  e2e-hcloud-basic-packer:
+    name: Test Hcloud Basic Packer Image
+    concurrency: ci-${{ github.ref }}-e2e-basic-packer
+    runs-on: ubuntu-latest
+    needs:
+      - manager-image
+      - test-release
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: Run e2e Test
+        id: e2e
+        uses: ./.github/actions/e2e
+        with:
+          e2e_name: hcloud-basic-packer
+          e2e_make_target: test-e2e-feature-packer
+          e2e_quay_username: ${{ secrets.QUAY_USERNAME }}
+          e2e_tts_token: ${{ secrets.TTS_TOKEN }}

.github/workflows/e2e-periodic.yaml

@@ -72,6 +72,25 @@ jobs:
           e2e_quay_username: ${{ secrets.QUAY_USERNAME }}
           e2e_tts_token: ${{ secrets.TTS_TOKEN }}
 
+  e2e-hcloud-feature-packer:
+    name: Test Hcloud Feature Packer Image
+    concurrency: ci-${{ github.ref }}-e2e-feature-packer
+    runs-on: ubuntu-latest
+    needs:
+      - manager-image
+      - test-release
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: Run e2e Test
+        id: e2e
+        uses: ./.github/actions/e2e
+        with:
+          e2e_name: hcloud-feature-packer
+          e2e_make_target: test-e2e-feature-packer
+          e2e_quay_username: ${{ secrets.QUAY_USERNAME }}
+          e2e_tts_token: ${{ secrets.TTS_TOKEN }}
+
   e2e-hcloud-lifecycle:
     name: Test Hcloud Lifecycle
     concurrency: ci-${{ github.ref }}-e2e-lifecycle

.github/workflows/pr-verify-code.yml

@@ -1,12 +1,12 @@
-name: verify
+name: Verify PR Code
 on:
   pull_request:
     types: [opened, edited, synchronize, reopened]
     branches:
       - main
-      - 'releases/**'
+      - "releases/**"
     paths-ignore:
-      - '**.md'
+      - "**.md"
 
 jobs:
   test:
@@ -18,10 +18,10 @@ jobs:
       - name: Install go
         uses: actions/setup-go@v3
         with:
-          go-version: '^1.17'
+          go-version: "^1.17"
       - name: Verify Boilerplate
         run: make verify-boilerplate
       - name: Verify Modules
         run: make verify-modules
       - name: Verify gen
-        run: make verify-gen
+        run: make verify-gen

.github/workflows/pr-verify.yml

@@ -1,3 +1,4 @@
+name: Verify Pull Request
 on:
   pull_request_target:
     types: [opened, edited, synchronize, reopened]
@@ -7,8 +8,8 @@ jobs:
     runs-on: ubuntu-latest
     name: verify PR contents
     steps:
-    - name: Verifier action
-      id: verifier
-      uses: kubernetes-sigs/[email protected]
-      with:
-        github_token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Verifier action
+        id: verifier
+        uses: kubernetes-sigs/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}

Makefile

@@ -44,14 +44,14 @@ CI_KIND ?= true
 # Binaries.
 #
 MINIMUM_CLUSTERCTL_VERSION=1.1.4				# https://github.com/kubernetes-sigs/cluster-api/releases
-MINIMUM_CTLPTL_VERSION=0.7.8						# https://github.com/tilt-dev/ctlptl/releases
+MINIMUM_CTLPTL_VERSION=0.8.3						# https://github.com/tilt-dev/ctlptl/releases
 MINIMUM_GO_VERSION=go$(GO_VERSION)			# Check current project go version
 MINIMUM_HCLOUD_VERSION=1.29.4						# https://github.com/hetznercloud/cli/releases
 MINIMUM_HELMFILE_VERSION=v0.144.0				# https://github.com/roboll/helmfile/releases
-MINIMUM_KIND_VERSION=v0.12.0						# https://github.com/kubernetes-sigs/kind/releases
-MINIMUM_KUBECTL_VERSION=v1.23.0					# https://github.com/kubernetes/kubernetes/releases
-MINIMUM_PACKER_VERSION=1.8.0						# https://github.com/hashicorp/packer/releases
-MINIMUM_TILT_VERSION=0.27.2							# https://github.com/tilt-dev/tilt/releases
+MINIMUM_KIND_VERSION=v0.14.0						# https://github.com/kubernetes-sigs/kind/releases
+MINIMUM_KUBECTL_VERSION=v1.24.0					# https://github.com/kubernetes/kubernetes/releases
+MINIMUM_PACKER_VERSION=1.8.1						# https://github.com/hashicorp/packer/releases
+MINIMUM_TILT_VERSION=0.30.1							# https://github.com/tilt-dev/tilt/releases
 KUSTOMIZE_VERSION=4.5.4									# https://github.com/kubernetes-sigs/kustomize/releases
 
 #
@@ -448,6 +448,10 @@ test-e2e: $(E2E_CONF_FILE) $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
 test-e2e-feature: $(E2E_CONF_FILE) $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
 	GINKO_FOKUS="'\[Feature\]'" GINKO_NODES=3 ./hack/ci-e2e-capi.sh
 
+.PHONY: test-e2e-feature-packer
+test-e2e-feature-packer: $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
+	GINKO_FOKUS="'\[Feature Packer\]'" GINKO_NODES=1 PACKER_IMAGE_NAME=templates/node-image/1.24.1-ubuntu-20-04-containerd ./hack/ci-e2e-capi.sh
+
 .PHONY: test-e2e-feature-talos
 test-e2e-feature-talos: $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
 	GINKO_FOKUS="'\[Feature Talos\]'" GINKO_NODES=1 PACKER_TALOS=templates/node-image/talos-image ./hack/ci-e2e-capi.sh
@@ -462,7 +466,7 @@ test-e2e-upgrade-caph: $(E2E_CONF_FILE) $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(A
 
 .PHONY: test-e2e-upgrade-kubernetes
 test-e2e-upgrade-kubernetes: $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
-	GINKO_FOKUS="'\[Upgrade Kubernetes\]'" GINKO_NODES=2 PACKER_KUBERNETES_UPGRADE_FROM=templates/node-image/1.23.4-ubuntu-20-04-containerd PACKER_KUBERNETES_UPGRADE_TO=templates/node-image/1.23.6-ubuntu-20-04-containerd ./hack/ci-e2e-capi.sh
+	GINKO_FOKUS="'\[Upgrade Kubernetes\]'" GINKO_NODES=2 PACKER_KUBERNETES_UPGRADE_FROM=templates/node-image/1.23.6-ubuntu-20-04-containerd PACKER_KUBERNETES_UPGRADE_TO=templates/node-image/1.24.1-ubuntu-20-04-containerd ./hack/ci-e2e-capi.sh
 
 .PHONY: test-e2e-conformance
 test-e2e-conformance: $(E2E_CONF_FILE) $(if $(SKIP_IMAGE_BUILD),,e2e-image) $(ARTIFACTS)
@@ -579,12 +583,13 @@ wait-and-get-secret:
 	${TIMEOUT} 5m bash -c "while ! kubectl get secrets | grep $(CLUSTER_NAME)-kubeconfig; do sleep 1; done"
 	# Get kubeconfig and store it locally.
 	kubectl get secrets $(CLUSTER_NAME)-kubeconfig -o json | jq -r .data.value | base64 --decode > $(CAPH_WORKER_CLUSTER_KUBECONFIG)
-	${TIMEOUT} 15m bash -c "while ! kubectl --kubeconfig=$(CAPH_WORKER_CLUSTER_KUBECONFIG) get nodes | grep master; do sleep 1; done"
+	${TIMEOUT} 15m bash -c "while ! kubectl --kubeconfig=$(CAPH_WORKER_CLUSTER_KUBECONFIG) get nodes | grep control-plane; do sleep 1; done"
 
 install-manifests-cilium:
 	# Deploy cilium
 	helm repo add cilium https://helm.cilium.io/
-	KUBECONFIG=$(CAPH_WORKER_CLUSTER_KUBECONFIG) helm upgrade --install cilium cilium/cilium --version 1.10.5 \
+	helm repo update cilium
+	KUBECONFIG=$(CAPH_WORKER_CLUSTER_KUBECONFIG) helm upgrade --install cilium cilium/cilium --version 1.11.5 \
   	--namespace kube-system \
 	-f templates/cilium/cilium.yaml
 

README.md

@@ -68,6 +68,7 @@ This provider's versions can install and manage the following versions of Kubern
 |---|---|
 | Kubernetes 1.22.x | ✓ |
 | Kubernetes 1.23.x | ✓ |
+| Kubernetes 1.24.x | ✓ |
 
 Test status:
 

docs/developers/development.md

@@ -35,8 +35,8 @@ You need to create a ```tilt-settings.json``` file and specify the values you ne
       "HCLOUD_REGION": "fsn1",
       "CONTROL_PLANE_MACHINE_COUNT": "3",
       "WORKER_MACHINE_COUNT": "3",
-      "KUBERNETES_VERSION": "v1.23.4",
-      "HCLOUD_IMAGE_NAME": "1.23.4-ubuntu-20.04-containerd",
+      "KUBERNETES_VERSION": "v1.24.0",
+      "HCLOUD_IMAGE_NAME": "1.24.0-ubuntu-20.04-containerd",
       "HCLOUD_CONTROL_PLANE_MACHINE_TYPE": "cpx31",
       "HCLOUD_WORKER_MACHINE_TYPE": "cpx31",
       "CLUSTER_NAME": "testing",

docs/topics/node-image.md

@@ -7,16 +7,16 @@ In this repo is also an example packer node-image. To use it do the following:
 export HCLOUD_TOKEN=<your-token>
 
 ## Only build
-packer build templates/node-image/1.23.4-fedora-35-crio/image.json
+packer build templates/node-image/1.24.1-ubuntu-20-04-containerd/image.json
 
 ## Debug and ability to ssh into the created server
-packer build --debug --on-error=abort templates/node-image/1.23.4-fedora-35-crio/image.json
+packer build --debug --on-error=abort templates/node-image/1.24.1-ubuntu-20-04-containerd/image.json
 ```
 
 The first command is necessary so that packer is able to create a server in hcloud.
 The second one creates the server with packer. If you are developing your own packer image the third command could be helpful to check what's going wrong. 
 
 It's very important to know that if you create your own packer image you need to set a label so that CAPH is able to find the specified image name. We use for this label the following key: `caph-image-name`
-Please have a look into the image.json of the [example node-image](/templates/node-image/1.23.4-fedora-35-crio/image.json).
+Please have a look into the image.json of the [example node-image](/templates/node-image/1.24.1-ubuntu-20-04-containerd/image.json).
 
 If you use your own node image. You should also use your own cluster-template.yaml and not the default one. The default one use preKubeadm commands to install all necessary things. This is very helpful for testing but is not recommended in a production system.

docs/topics/preparation.md

@@ -67,7 +67,7 @@ export CLUSTER_NAME="my-cluster" \
 export HCLOUD_REGION="fsn1" \
 export CONTROL_PLANE_MACHINE_COUNT=3 \
 export WORKER_MACHINE_COUNT=3 \
-export KUBERNETES_VERSION=1.23.4 \
+export KUBERNETES_VERSION=1.24.0 \
 export HCLOUD_CONTROL_PLANE_MACHINE_TYPE=cpx31 \
 export HCLOUD_WORKER_MACHINE_TYPE=cpx31
 ```

docs/topics/quickstart.md

@@ -22,13 +22,13 @@ It generates a YAML file named `my-cluster.yaml` with a predefined list of Clust
 See also `clusterctl generate cluster --help`.
 
 ```shell
-clusterctl generate cluster my-cluster --kubernetes-version v1.23.4 --control-plane-machine-count=3 --worker-machine-count=3  > my-cluster.yaml
+clusterctl generate cluster my-cluster --kubernetes-version v1.24.1 --control-plane-machine-count=3 --worker-machine-count=3  > my-cluster.yaml
 ```
 
 You can also use different flavors, e.g. to create a cluster with private network:
 
 ```shell
-clusterctl generate cluster my-cluster --kubernetes-version v1.23.4 --control-plane-machine-count=3 --worker-machine-count=3  --flavor hcloud-network > my-cluster.yaml
+clusterctl generate cluster my-cluster --kubernetes-version v1.24.1 --control-plane-machine-count=3 --worker-machine-count=3  --flavor hcloud-network > my-cluster.yaml
 ```
 
 All pre-configured flavors can be found on the [release page](https://github.com/syself/cluster-api-provider-hetzner/releases). The cluster-templates start with `cluster-template-`. The flavor name is the suffix.

hack/ci-e2e-capi.sh

@@ -55,6 +55,16 @@ if [[ "${PACKER_KUBERNETES_UPGRADE_FROM:-""}" != "" ]]; then
     make e2e-conf-file
 fi
 
+if [[ "${PACKER_IMAGE_NAME:-""}" != "" ]]; then
+    (cd ${REPO_ROOT}/${PACKER_IMAGE_NAME} && packer build image.json)
+    export HCLOUD_IMAGE_NAME=$(jq -r '.builds[-1].custom_data.snapshot_label' ${REPO_ROOT}/${PACKER_IMAGE_NAME}/manifest.json)
+    trap 'remove_manifests' EXIT
+    remove_manifests() {
+        rm ${REPO_ROOT}/${PACKER_IMAGE_NAME}/manifest.json
+    }
+    make e2e-conf-file
+fi
+
 if [[ "${PACKER_TALOS:-""}" != "" ]]; then
     (cd ${REPO_ROOT}/${PACKER_TALOS} && packer build image.json)
     export HCLOUD_IMAGE_NAME=$(jq -r '.builds[-1].custom_data.snapshot_label' ${REPO_ROOT}/${PACKER_TALOS}/manifest.json)

hack/kind-dev.sh

@@ -17,7 +17,7 @@
 set -o errexit
 set -o pipefail
 
-K8S_VERSION=v1.23.5
+K8S_VERSION=v1.24.1
 
 REPO_ROOT=$(git rev-parse --show-toplevel)
 cd "${REPO_ROOT}" || exit 1

templates/cluster-templates/bases/hcloud-kcp-packer.yaml

@@ -46,7 +46,6 @@ spec:
           kubelet-preferred-address-types: ExternalIP,Hostname,InternalDNS,ExternalDNS
           profiling: "false"
           enable-bootstrap-token-auth: "true"
-          insecure-port: "0"
           default-not-ready-toleration-seconds: "45"
           default-unreachable-toleration-seconds: "45"
         extraVolumes:
@@ -68,19 +67,15 @@ spec:
           kubeconfig: /etc/kubernetes/controller-manager.conf
           authentication-kubeconfig: /etc/kubernetes/controller-manager.conf
           authorization-kubeconfig: /etc/kubernetes/controller-manager.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10257"
           allocate-node-cidrs: "true"
           pod-eviction-timeout: 2m
       scheduler:
         extraArgs:
           profiling: "false"
           kubeconfig: /etc/kubernetes/scheduler.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10259"
       etcd:
         local:

templates/cluster-templates/bases/hcloud-kcp-ubuntu.yaml

@@ -46,7 +46,6 @@ spec:
           kubelet-preferred-address-types: ExternalIP,Hostname,InternalDNS,ExternalDNS
           profiling: "false"
           enable-bootstrap-token-auth: "true"
-          insecure-port: "0"
           default-not-ready-toleration-seconds: "45"
           default-unreachable-toleration-seconds: "45"
         extraVolumes:
@@ -68,19 +67,15 @@ spec:
           kubeconfig: /etc/kubernetes/controller-manager.conf
           authentication-kubeconfig: /etc/kubernetes/controller-manager.conf
           authorization-kubeconfig: /etc/kubernetes/controller-manager.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10257"
           allocate-node-cidrs: "true"
           pod-eviction-timeout: 2m
       scheduler:
         extraArgs:
           profiling: "false"
           kubeconfig: /etc/kubernetes/scheduler.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10259"
       etcd:
         local:
@@ -210,8 +205,8 @@ spec:
           nameserver 1.0.0.1
           nameserver 2606:4700:4700::1111
     preKubeadmCommands:
-      - export CRUN=1.4.3
-      - export CONTAINERD=1.6.1
+      - export CRUN=1.4.5
+      - export CONTAINERD=1.6.5
       - export KUBERNETES_VERSION=$(echo ${KUBERNETES_VERSION} | sed 's/^v//')
       - localectl set-locale LANG=en_US.UTF-8
       - localectl set-locale LANGUAGE=en_US.UTF-8

templates/cluster-templates/bases/hetznerbaremetal-kcp-ubuntu.yaml

@@ -46,7 +46,6 @@ spec:
           kubelet-preferred-address-types: ExternalIP,Hostname,InternalDNS,ExternalDNS
           profiling: "false"
           enable-bootstrap-token-auth: "true"
-          insecure-port: "0"
           default-not-ready-toleration-seconds: "45"
           default-unreachable-toleration-seconds: "45"
         extraVolumes:
@@ -68,19 +67,15 @@ spec:
           kubeconfig: /etc/kubernetes/controller-manager.conf
           authentication-kubeconfig: /etc/kubernetes/controller-manager.conf
           authorization-kubeconfig: /etc/kubernetes/controller-manager.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10257"
           allocate-node-cidrs: "true"
           pod-eviction-timeout: 2m
       scheduler:
         extraArgs:
           profiling: "false"
           kubeconfig: /etc/kubernetes/scheduler.conf
-          address: "127.0.0.1"
           bind-address: "0.0.0.0"
-          port: "0"
           secure-port: "10259"
       etcd:
         local:
@@ -210,9 +205,9 @@ spec:
           nameserver 1.0.0.1
           nameserver 2606:4700:4700::1111
     preKubeadmCommands:
-      - export CRUN=1.4.3
-      - export CONTAINERD=1.6.1
-      - export KUBERNETES_VERSION=1.23.4
+      - export CRUN=1.4.5
+      - export CONTAINERD=1.6.5
+      - export KUBERNETES_VERSION=$(echo ${KUBERNETES_VERSION} | sed 's/^v//')
       - localectl set-locale LANG=en_US.UTF-8
       - localectl set-locale LANGUAGE=en_US.UTF-8
       - apt-get update -y