Bump bootkube v0.4.4 & hyperkube v1.6.4_coreos.0 (#805)

* Bump bootkube v0.4.4

* Bump hyperkube v1.6.4_coreos.0

* modules/bootkube: factor template_file directives to template_dir

config.tf

@@ -16,9 +16,9 @@ variable "tectonic_container_images" {
   type        = "map"
 
   default = {
-    hyperkube                       = "quay.io/coreos/hyperkube:v1.6.2_coreos.0"
+    hyperkube                       = "quay.io/coreos/hyperkube:v1.6.4_coreos.0"
     pod_checkpointer                = "quay.io/coreos/pod-checkpointer:2cad4cac4186611a79de1969e3ea4924f02f459e"
-    bootkube                        = "quay.io/coreos/bootkube:v0.4.2"
+    bootkube                        = "quay.io/coreos/bootkube:v0.4.4"
     console                         = "quay.io/coreos/tectonic-console:v1.5.6"
     identity                        = "quay.io/coreos/dex:v2.4.1"
     container_linux_update_operator = "quay.io/coreos/container-linux-update-operator:v0.2.0"

modules/bootkube/assets.tf

@@ -13,6 +13,40 @@ data "null_data_source" "etcd" {
   }
 }
 
+resource "template_dir" "experimental" {
+  count           = "${var.experimental_enabled ? 1 : 0}"
+  source_dir      = "${path.module}/resources/experimental/manifests"
+  destination_dir = "${path.cwd}/generated/experimental"
+
+  vars {
+    etcd_operator_image = "${var.container_images["etcd_operator"]}"
+    etcd_service_ip     = "${cidrhost(var.service_cidr, 15)}"
+  }
+}
+
+resource "template_dir" "bootstrap-experimental" {
+  count           = "${var.experimental_enabled ? 1 : 0}"
+  source_dir      = "${path.module}/resources/experimental/bootstrap-manifests"
+  destination_dir = "${path.cwd}/generated/bootstrap-experimental"
+
+  vars {
+    etcd_image                = "${var.container_images["etcd"]}"
+    etcd_version              = "${var.versions["etcd"]}"
+    bootstrap_etcd_service_ip = "${cidrhost(var.service_cidr, 200)}"
+  }
+}
+
+resource "template_dir" "etcd-experimental" {
+  count           = "${var.experimental_enabled ? 1 : 0}"
+  source_dir      = "${path.module}/resources/experimental/etcd"
+  destination_dir = "${path.cwd}/generated/etcd"
+
+  vars {
+    etcd_version              = "${var.versions["etcd"]}"
+    bootstrap_etcd_service_ip = "${cidrhost(var.service_cidr, 200)}"
+  }
+}
+
 # Self-hosted manifests (resources/generated/manifests/)
 resource "template_dir" "bootkube" {
   source_dir      = "${path.module}/resources/manifests"
@@ -47,7 +81,8 @@ resource "template_dir" "bootkube" {
     etcd_cert_flag = "${data.null_data_source.etcd.outputs.cert_flag}"
     etcd_key_flag  = "${data.null_data_source.etcd.outputs.key_flag}"
 
-    etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
+    etcd_service_ip           = "${cidrhost(var.service_cidr, 15)}"
+    bootstrap_etcd_service_ip = "${cidrhost(var.service_cidr, 200)}"
 
     cloud_provider = "${var.cloud_provider}"
 
@@ -102,55 +137,6 @@ resource "template_dir" "bootkube-bootstrap" {
   }
 }
 
-# Self-hosted experimental etcd
-data "template_file" "etcd-operator" {
-  template = "${file("${path.module}/resources/experimental/manifests/etcd-operator.yaml")}"
-
-  vars {
-    etcd_operator_image = "${var.container_images["etcd_operator"]}"
-  }
-}
-
-resource "local_file" "etcd-operator" {
-  count      = "${var.experimental_enabled ? 1 : 0}"
-  depends_on = ["template_dir.bootkube"]
-
-  content  = "${data.template_file.etcd-operator.rendered}"
-  filename = "${path.cwd}/generated/experimental/etcd-operator.yaml"
-}
-
-data "template_file" "etcd-service" {
-  template = "${file("${path.module}/resources/experimental/manifests/etcd-service.yaml")}"
-
-  vars {
-    etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
-  }
-}
-
-resource "local_file" "etcd-service" {
-  count      = "${var.experimental_enabled ? 1 : 0}"
-  depends_on = ["template_dir.bootkube"]
-
-  content  = "${data.template_file.etcd-service.rendered}"
-  filename = "${path.cwd}/generated/experimental/etcd-service.yaml"
-}
-
-data "template_file" "bootstrap-etcd" {
-  template = "${file("${path.module}/resources/experimental/bootstrap-manifests/bootstrap-etcd.yaml")}"
-
-  vars {
-    etcd_image = "${var.container_images["etcd"]}"
-  }
-}
-
-resource "local_file" "bootstrap-etcd" {
-  count      = "${var.experimental_enabled ? 1 : 0}"
-  depends_on = ["template_dir.bootkube-bootstrap"]
-
-  content  = "${data.template_file.bootstrap-etcd.rendered}"
-  filename = "${path.cwd}/generated/bootstrap-experimental/bootstrap-etcd.yaml"
-}
-
 # etcd certs
 resource "local_file" "etcd_ca_crt" {
   count    = "${var.etcd_ca_cert == "" ? 0 : 1}"
@@ -188,16 +174,16 @@ resource "local_file" "kubeconfig" {
 }
 
 # bootkube.sh (resources/generated/bootkube.sh)
-data "template_file" "bootkube" {
+data "template_file" "bootkube-sh" {
   template = "${file("${path.module}/resources/bootkube.sh")}"
 
   vars {
     bootkube_image = "${var.container_images["bootkube"]}"
   }
 }
 
-resource "local_file" "bootkube" {
-  content  = "${data.template_file.bootkube.rendered}"
+resource "local_file" "bootkube-sh" {
+  content  = "${data.template_file.bootkube-sh.rendered}"
   filename = "${path.cwd}/generated/bootkube.sh"
 }
 

modules/bootkube/outputs.tf

@@ -16,7 +16,16 @@
 # combination of all the resources' IDs, it can't be guessed and can only be
 # interpolated once the assets have all been created.
 output "id" {
-  value = "${sha1("${template_dir.bootkube-bootstrap.id} ${local_file.kubeconfig.id} ${local_file.bootkube.id} ${template_dir.bootkube.id} ${join(" ",local_file.etcd-operator.*.id,local_file.etcd-service.*.id,local_file.bootstrap-etcd.*.id)}")}"
+  value = "${sha1("
+  ${local_file.kubeconfig.id}
+  ${local_file.bootkube-sh.id}
+  ${template_dir.bootkube.id} ${template_dir.bootkube-bootstrap.id}
+  ${join(" ",
+    template_dir.experimental.*.id,
+    template_dir.bootstrap-experimental.*.id,
+    template_dir.etcd-experimental.*.id,
+    )}
+  ")}"
 }
 
 output "kubeconfig" {

modules/bootkube/resources/experimental/bootstrap-manifests/bootstrap-etcd.yaml

@@ -14,16 +14,11 @@ spec:
     - --name=boot-etcd
     - --listen-client-urls=http://0.0.0.0:12379
     - --listen-peer-urls=http://0.0.0.0:12380
-    - --advertise-client-urls=http://$(MY_POD_IP):12379
-    - --initial-advertise-peer-urls=http://$(MY_POD_IP):12380
-    - --initial-cluster=boot-etcd=http://$(MY_POD_IP):12380
+    - --advertise-client-urls=http://${bootstrap_etcd_service_ip}:12379
+    - --initial-advertise-peer-urls=http://${bootstrap_etcd_service_ip}:12380
+    - --initial-cluster=boot-etcd=http://${bootstrap_etcd_service_ip}:12380
     - --initial-cluster-token=bootkube
     - --initial-cluster-state=new
     - --data-dir=/var/etcd/data
-    env:
-      - name: MY_POD_IP
-        valueFrom:
-          fieldRef:
-            fieldPath: status.podIP
   hostNetwork: true
   restartPolicy: Never

modules/bootkube/resources/experimental/etcd/bootstrap-etcd-service.json

@@ -0,0 +1,26 @@
+{
+  "apiVersion": "v1",
+  "kind": "Service",
+  "metadata": {
+    "name": "bootstrap-etcd-service",
+    "namespace": "kube-system"
+  },
+  "spec": {
+    "selector": {
+      "k8s-app": "boot-etcd"
+    },
+    "clusterIP": "${bootstrap_etcd_service_ip}",
+    "ports": [
+      {
+        "name": "client",
+        "port": 12379,
+        "protocol": "TCP"
+      },
+      {
+        "name": "peers",
+        "port": 12380,
+        "protocol": "TCP"
+      }
+    ]
+  }
+}

modules/bootkube/resources/experimental/etcd/migrate-etcd-cluster.json

@@ -0,0 +1,27 @@
+{
+  "apiVersion": "etcd.coreos.com/v1beta1",
+  "kind": "Cluster",
+  "metadata": {
+    "name": "kube-etcd",
+    "namespace": "kube-system"
+  },
+  "spec": {
+    "size": 1,
+    "version": "v${etcd_version}",
+    "pod": {
+      "nodeSelector": {
+        "node-role.kubernetes.io/master": ""
+      },
+      "tolerations": [
+        {
+          "key": "node-role.kubernetes.io/master",
+          "operator": "Exists",
+          "effect": "NoSchedule"
+        }
+      ]
+    },
+    "selfHosted": {
+      "bootMemberClientEndpoint": "http://${bootstrap_etcd_service_ip}:12379"
+    }
+  }
+}

modules/bootkube/variables.tf

@@ -3,6 +3,11 @@ variable "container_images" {
   type        = "map"
 }
 
+variable "versions" {
+  description = "Container versions to use"
+  type        = "map"
+}
+
 variable "kube_apiserver_url" {
   description = "URL used to reach kube-apiserver"
   type        = "string"

platforms/aws/tectonic.tf

@@ -7,6 +7,7 @@ module "bootkube" {
 
   # Platform-independent variables wiring, do not modify.
   container_images = "${var.tectonic_container_images}"
+  versions         = "${var.tectonic_versions}"
 
   ca_cert    = "${var.tectonic_ca_cert}"
   ca_key     = "${var.tectonic_ca_key}"

platforms/azure/tectonic.tf

@@ -7,6 +7,7 @@ module "bootkube" {
 
   # Platform-independent variables wiring, do not modify.
   container_images = "${var.tectonic_container_images}"
+  versions         = "${var.tectonic_versions}"
 
   ca_cert    = "${var.tectonic_ca_cert}"
   ca_key     = "${var.tectonic_ca_key}"

platforms/metal/tectonic.tf

@@ -10,6 +10,7 @@ module "bootkube" {
 
   # platform-independent defaults
   container_images = "${var.tectonic_container_images}"
+  versions         = "${var.tectonic_versions}"
 
   ca_cert    = "${var.tectonic_ca_cert}"
   ca_key     = "${var.tectonic_ca_key}"

platforms/openstack/neutron/main.tf

@@ -7,6 +7,7 @@ module "bootkube" {
 
   # Platform-independent variables wiring, do not modify.
   container_images = "${var.tectonic_container_images}"
+  versions         = "${var.tectonic_versions}"
 
   ca_cert    = "${var.tectonic_ca_cert}"
   ca_key     = "${var.tectonic_ca_key}"

platforms/openstack/nova/main.tf

@@ -7,6 +7,7 @@ module "bootkube" {
 
   # Platform-independent variables wiring, do not modify.
   container_images = "${var.tectonic_container_images}"
+  versions         = "${var.tectonic_versions}"
 
   ca_cert    = "${var.tectonic_ca_cert}"
   ca_key     = "${var.tectonic_ca_key}"