diff --git a/90-kubeadm.conf b/90-kubeadm.conf
index d3c8e20..781f3d1 100644
--- a/90-kubeadm.conf
+++ b/90-kubeadm.conf
@@ -1,2 +1,4 @@
# The file is provided as part of the kubernetes-kubeadm package
+net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
+net.bridge.bridge-nf-call-ip6tables = 1
diff --git a/_service b/_service
index 161936d..4d61f60 100644
--- a/_service
+++ b/_service
@@ -5,7 +5,7 @@
.git
@PARENT_TAG@
v(.*)
- v1.25.12
+ v1.25.14
enable
diff --git a/_servicedata b/_servicedata
index 2ff8c8c..f0629c1 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/kubernetes/kubernetes.git
- ba490f01df1945d0567348b271c79a2aece7f623
\ No newline at end of file
+ a5967a3c4d0f33469b7e7798c9ee548f71455222
\ No newline at end of file
diff --git a/kubeadm.conf b/kubeadm.conf
index 5efd4d7..c22585f 100644
--- a/kubeadm.conf
+++ b/kubeadm.conf
@@ -1,2 +1,3 @@
# Load br_netfilter module at boot
br_netfilter
+overlay
diff --git a/kubelet.service b/kubelet.service
index 72444a0..1f9d02c 100644
--- a/kubelet.service
+++ b/kubelet.service
@@ -2,7 +2,7 @@
Description=kubelet: The Kubernetes Node Agent
Documentation=https://kubernetes.io/docs/
After=network.target network-online.target
-Wants=docker.service crio.service
+Wants=containerd.service crio.service
ConditionPathExists=/var/lib/kubelet/config.yaml
[Service]
diff --git a/kubernetes-1.25.12.tar.xz b/kubernetes-1.25.12.tar.xz
deleted file mode 100644
index 861ba9d..0000000
--- a/kubernetes-1.25.12.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a5cd3f22f5f66ee19bee4cbd0ed141e6b064767267efebee08a792deeb5cbbb7
-size 22909164
diff --git a/kubernetes-1.25.14.tar.xz b/kubernetes-1.25.14.tar.xz
new file mode 100644
index 0000000..686e134
--- /dev/null
+++ b/kubernetes-1.25.14.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e2333612618a91baadf40c2cf46c54127b11bf99ee4910e391dd9944380153aa
+size 22907932
diff --git a/kubernetes.obsinfo b/kubernetes.obsinfo
index f0b467b..051052a 100644
--- a/kubernetes.obsinfo
+++ b/kubernetes.obsinfo
@@ -1,4 +1,4 @@
name: kubernetes
-version: 1.25.12
-mtime: 1689768966
-commit: ba490f01df1945d0567348b271c79a2aece7f623
+version: 1.25.14
+mtime: 1694595773
+commit: a5967a3c4d0f33469b7e7798c9ee548f71455222
diff --git a/kubernetes1.25.changes b/kubernetes1.25.changes
index 7c206a0..dec7988 100644
--- a/kubernetes1.25.changes
+++ b/kubernetes1.25.changes
@@ -1,3 +1,74 @@
+-------------------------------------------------------------------
+Wed Sep 20 18:08:15 UTC 2023 - Priyanka Saggu
+
+- fixes for bsc#1214406
+- update `Wants` directive in [Unit] section of `kubelet.service`:
+ * add: `containerd.service`
+ * remove: `docker.service`
+- updating container runtime prerequisites:
+ (Refer: k8s.io/docs/setup/production-environment/container-runtimes/#install-and-configure-prerequisites)
+ * update `90-kubeadm.conf` to add below iptables rules:
+ - net.bridge.bridge-nf-call-iptables = 1
+ - net.bridge.bridge-nf-call-ip6tables = 1
+ * update `kubeadm.conf` to add `overlay` kernel module
+ * update .spec file to:
+ - add post-installation scriptlet for `kubeadm` package to enable iptables rules defined in `90-kubeadm.conf` using sysctl
+ - add conditional checks to load kernel modules (br_netfilter, overlay) in `kubelet-common` package post-installation scriptlet
+ - update `kubelet-common` post scriptlet to correctly update `KUBELET_VER` var in `/etc/sysconfig/kubelet` file based on fillup template
+- add below to `kubelet` subpackage to recommend installing correct version of package providing `kubernetes-kubelet-common` :
+ * `Recommends: kubernetes-kubelet-common = %{version}`
+- add below to `kubeadm` subpackage to recommend installing correct version of `kubelet` and `kubelet-common` packages:
+ * `Recommends: kubernetes%{baseversion}-kubelet`
+
+-------------------------------------------------------------------
+Wed Sep 20 09:26:00 UTC 2023 - priyanka.saggu@suse.com
+
+- Update .spec file to bump go version build requirements:
+ * `BuildRequires: go >= 1.20.8`
+- Update to version 1.25.14:
+ * Release commit for Kubernetes v1.25.14
+ * [go] Bump images, versions and deps to use Go 1.20.8
+ * Automated cherry pick of #119776: Fix a job quota related deadlock (#120322)
+ * Mark Job onPodConditions as optional in pod failure policy
+ * Update CHANGELOG/CHANGELOG-1.25.md for v1.25.13
+ * Incorporating feedback on 119341
+ * generate ReportingInstance and ReportingController in Event
+ * Pass Pinned field to kubecontainer.Image
+ * prep for go1.21: use -e in go list
+ * Skip apiserver_admission_webhook_request_total during context-canceled
+ * Ignore context canceled from validate and mutate webhook failopen metric
+ * kubeadm: fix nil pointer when etcd member is already removed
+ * update to golangci-lint v1.54.1 + go-ruleguard v0.4.0
+ * run dummy command return status 0
+ * unit test not requiring priviledge
+ * Revert "Revert #114605: its unit test requires root permission"
+ * node: devicemgr: topomgr: add logs
+ * e2e: node: add test to check device-requiring pods are cleaned up
+ * e2e: node: devices: improve the node reboot test
+ * e2e: node: devicemanager: update tests
+ * kubelet: devices: skip allocation for running pods
+
+-------------------------------------------------------------------
+Tue Sep 12 12:36:31 UTC 2023 - priyanka.saggu@suse.com
+
+- Update .spec file to bump go version build requirements:
+ * `BuildRequires: go >= 1.20.7`
+- Update to version 1.25.13:
+ * Release commit for Kubernetes v1.25.13
+ * Use environment varaibles for parameters in Powershell
+ * Use env varaibles for passing path
+ * [release-1.25] releng/go: Bump images, versions and deps to use Go 1.20.7 and bump protoc version
+ * e2e_node: move getSampleDevicePluginPod to device_plugin_test.go
+ * fix 'pod' in kubelet prober metrics
+ * priority & fairness: support dynamically configuring work estimator max seats
+ * events: fix EventSeries starting count discrepancy
+ * tools/events: fix data race when emitting series
+ * tools/events: retry on AlreadyExist for Series
+ * kubeadm: backdate generated CAs by 5 minutes
+ * client-go: allow to set NotBefore in NewSelfSignedCACert()
+ * Fix a data race in TopologyCache
+ * Fix TopologyAwareHint not working when zone label is added after Node creation
+
-------------------------------------------------------------------
Wed Jul 26 10:31:32 UTC 2023 - Priyanka Saggu
diff --git a/kubernetes1.25.spec b/kubernetes1.25.spec
index 6337258..41dfd3a 100644
--- a/kubernetes1.25.spec
+++ b/kubernetes1.25.spec
@@ -22,7 +22,7 @@
%define baseversionminus1 1.24
Name: kubernetes%{baseversion}
-Version: 1.25.12
+Version: 1.25.14
Release: 0
Summary: Container Scheduling and Management
License: Apache-2.0
@@ -51,7 +51,7 @@ Patch4: kubeadm-opensuse-flexvolume.patch
Patch5: revert-coredns-image-renaming.patch
BuildRequires: fdupes
BuildRequires: git
-BuildRequires: go >= 1.20.6
+BuildRequires: go >= 1.20.8
BuildRequires: go-go-md2man
BuildRequires: golang-packaging
BuildRequires: rsync
@@ -74,8 +74,11 @@ for management and discovery.
-# packages to build containerized control plane
+
+
+
+# packages to build containerized control plane
%package apiserver
Summary: Kubernetes apiserver for container image
Group: System/Management
@@ -121,6 +124,7 @@ Summary: Kubernetes kubelet daemon
Group: System/Management
Requires: cri-runtime
Requires: kubernetes-kubelet-common
+Recommends: kubernetes-kubelet-common = %{version}
Provides: kubernetes-kubelet%{baseversion} = %{version}
Obsoletes: kubernetes-kubelet%{baseversion} < %{version}
%{?systemd_requires}
@@ -155,6 +159,7 @@ Requires: kubernetes-kubeadm-criconfig
Requires: socat
Requires(pre): shadow
Requires: (kubernetes%{baseversion}-kubelet or kubernetes%{baseversionminus1}-kubelet)
+Recommends: kubernetes%{baseversion}-kubelet
%description kubeadm
Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops.
@@ -355,7 +360,18 @@ fi
%post kubelet-common
%fillup_only -an kubelet
+# Check if /etc/sysconfig/kubelet exists
+if [ -e "/etc/sysconfig/kubelet" ]; then
+ # Extract the value from the fillup file
+ UPDATED_KUBELET_VER=$(grep '^KUBELET_VER=' %{_fillupdir}/sysconfig.kubelet-kubernetes%{baseversion} | cut -d '=' -f2)
+ # Update the value in the sysconfig file
+ sed -i "s/^KUBELET_VER=.*/KUBELET_VER=$UPDATED_KUBELET_VER/" /etc/sysconfig/kubelet
+fi
%service_add_post kubelet.service
+if [ $1 -eq 1 ]; then
+ # Check if modprobe command is available
+ [ ! -x /sbin/modprobe ] || { /sbin/modprobe br_netfilter && /sbin/modprobe overlay; } || true
+fi
%if 0%{?suse_version} < 1500
# create some subvolumes needed by CNI
if [ ! -e %{_localstatedir}/lib/cni ]; then
@@ -372,6 +388,13 @@ fi
%postun kubelet-common
%service_del_postun kubelet.service
+%post kubeadm
+# Check if sysctl command is available
+if [ -x /usr/sbin/sysctl ]; then
+ # Run sysctl --system after the package installation
+ /usr/sbin/sysctl -p %{_sysctldir}/90-kubeadm.conf || true
+fi
+
%files kubelet-common
%doc README.md CONTRIBUTING.md CHANGELOG-%{baseversion}.md
%license LICENSE