From 8306adb10279f6d86a02ae3f13670a078b48ab7d Mon Sep 17 00:00:00 2001 From: Denis Khachyan Date: Tue, 26 Jul 2022 20:33:11 +0300 Subject: [PATCH] update cilium to v1.11.7 (#9119) --- README.md | 2 +- .../group_vars/k8s_cluster/k8s-net-cilium.yml | 2 +- roles/download/defaults/main.yml | 2 +- .../cilium/templates/cilium-operator/cr.yml.j2 | 16 ++++++++++++++++ 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 55f9fef0c..67b98d622 100644 --- a/README.md +++ b/README.md @@ -143,7 +143,7 @@ Note: Upstart/SysV init based OS types are not supported. - [cni-plugins](https://github.com/containernetworking/plugins) v1.1.1 - [calico](https://github.com/projectcalico/calico) v3.23.3 - [canal](https://github.com/projectcalico/canal) (given calico/flannel versions) - - [cilium](https://github.com/cilium/cilium) v1.11.6 + - [cilium](https://github.com/cilium/cilium) v1.11.7 - [flannel](https://github.com/flannel-io/flannel) v0.18.1 - [kube-ovn](https://github.com/alauda/kube-ovn) v1.9.7 - [kube-router](https://github.com/cloudnativelabs/kube-router) v1.5.0 diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-net-cilium.yml b/inventory/sample/group_vars/k8s_cluster/k8s-net-cilium.yml index 235f4647f..e82b76138 100644 --- a/inventory/sample/group_vars/k8s_cluster/k8s-net-cilium.yml +++ b/inventory/sample/group_vars/k8s_cluster/k8s-net-cilium.yml @@ -1,5 +1,5 @@ --- -# cilium_version: "v1.11.6" +# cilium_version: "v1.11.7" # Log-level # cilium_debug: false diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index 6ae6dc785..e234709a0 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -110,7 +110,7 @@ flannel_cni_version: "v1.1.0" cni_version: "v1.1.1" weave_version: 2.8.1 pod_infra_version: "3.6" -cilium_version: "v1.11.6" +cilium_version: "v1.11.7" kube_ovn_version: "v1.9.7" kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}" kube_router_version: "v1.5.0" diff --git a/roles/network_plugin/cilium/templates/cilium-operator/cr.yml.j2 b/roles/network_plugin/cilium/templates/cilium-operator/cr.yml.j2 index d23346caa..e49f670d4 100644 --- a/roles/network_plugin/cilium/templates/cilium-operator/cr.yml.j2 +++ b/roles/network_plugin/cilium/templates/cilium-operator/cr.yml.j2 @@ -15,6 +15,22 @@ rules: - list - watch - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + # To remove node taints + - nodes + # To set NetworkUnavailable false on startup + - nodes/status + verbs: + - patch - apiGroups: - discovery.k8s.io resources: