[kubernetes] Support Kubernetes v1.32.0 with RHEL8 (#11885)

* [kubernetes] Support Kubernetes v1.32.0 * add workaround for RHEL8 Signed-off-by: Kay Yan <[email protected]> --------- Signed-off-by: Kay Yan <[email protected]> Co-authored-by: Mohamed Zaian <[email protected]>
kubernetes-sigs · Jan 15, 2025 · b104bb7 · b104bb7
1 parent c84336b
commit b104bb7
Show file tree

Hide file tree

Showing 12 changed files with 110 additions and 193 deletions.
diff --git a/README.md b/README.md
@@ -77,24 +77,27 @@ vagrant up
 - **Flatcar Container Linux by Kinvolk**
 - **Debian** Bookworm, Bullseye
 - **Ubuntu** 20.04, 22.04, 24.04
-- **CentOS/RHEL** [8, 9](docs/operating_systems/centos.md#centos-8)
+- **CentOS/RHEL** [8, 9](docs/operating_systems/rhel.md#rhel-8)
 - **Fedora** 39, 40
 - **Fedora CoreOS** (see [fcos Note](docs/operating_systems/fcos.md))
 - **openSUSE** Leap 15.x/Tumbleweed
-- **Oracle Linux** [8, 9](docs/operating_systems/centos.md#centos-8)
-- **Alma Linux** [8, 9](docs/operating_systems/centos.md#centos-8)
-- **Rocky Linux** [8, 9](docs/operating_systems/centos.md#centos-8)
+- **Oracle Linux** [8, 9](docs/operating_systems/rhel.md#rhel-8)
+- **Alma Linux** [8, 9](docs/operating_systems/rhel.md#rhel-8)
+- **Rocky Linux** [8, 9](docs/operating_systems/rhel.md#rhel-8)
 - **Kylin Linux Advanced Server V10** (experimental: see [kylin linux notes](docs/operating_systems/kylinlinux.md))
 - **Amazon Linux 2** (experimental: see [amazon linux notes](docs/operating_systems/amazonlinux.md))
 - **UOS Linux** (experimental: see [uos linux notes](docs/operating_systems/uoslinux.md))
 - **openEuler** (experimental: see [openEuler notes](docs/operating_systems/openeuler.md))
 
-Note: Upstart/SysV init based OS types are not supported.
+Note:
+
+- Upstart/SysV init based OS types are not supported.
+- [Kernel requirements](docs/operations/kernel-requirements.md) (please read if the OS kernel version is < 4.19).
 
 ## Supported Components
 
 - Core
-  - [kubernetes](https://github.com/kubernetes/kubernetes) v1.31.4
+  - [kubernetes](https://github.com/kubernetes/kubernetes) v1.32.0
   - [etcd](https://github.com/etcd-io/etcd) v3.5.16
   - [docker](https://www.docker.com/) v26.1
   - [containerd](https://containerd.io/) v1.7.24
@@ -135,7 +138,7 @@ Note: Upstart/SysV init based OS types are not supported.
 
 ## Requirements
 
-- **Minimum required version of Kubernetes is v1.29**
+- **Minimum required version of Kubernetes is v1.30**
 - **Ansible v2.14+, Jinja 2.11+ and python-netaddr is installed on the machine that will run Ansible commands**
 - The target servers must have **access to the Internet** in order to pull docker images. Otherwise, additional configuration is required (See [Offline Environment](docs/operations/offline-environment.md))
 - The target servers are configured to allow **IPv4 forwarding**.

diff --git a/docs/_sidebar.md b/docs/_sidebar.md
diff --git a/docs/operating_systems/centos.md b/docs/operating_systems/centos.md
diff --git a/docs/operating_systems/rhel.md b/docs/operating_systems/rhel.md
@@ -1,7 +1,11 @@
 # Red Hat Enterprise Linux (RHEL)
 
+The documentation also applies to Red Hat derivatives, including Alma Linux, Rocky Linux, Oracle Linux, and CentOS.
+
 ## RHEL Support Subscription Registration
 
+The content of this section does not apply to open-source derivatives.
+
 In order to install packages via yum or dnf, RHEL 7/8 hosts are required to be registered for a valid Red Hat support subscription.
 
 You can apply for a 1-year Development support subscription by creating a [Red Hat Developers](https://developers.redhat.com/) account. Be aware though that as the Red Hat Developers subscription is limited to only 1 year, it should not be used to register RHEL 7/8 hosts provisioned in Production environments.
@@ -25,10 +29,12 @@ rh_subscription_role: "Red Hat Enterprise Server"
 rh_subscription_sla: "Self-Support"
 ```
 
-If the RHEL 7/8 hosts are already registered to a valid Red Hat support subscription via an alternative configuration management approach prior to the deployment of Kubespray, the successful RHEL `subscription-manager` status check will simply result in the RHEL subscription registration tasks being skipped.
+If the RHEL 8/9 hosts are already registered to a valid Red Hat support subscription via an alternative configuration management approach prior to the deployment of Kubespray, the successful RHEL `subscription-manager` status check will simply result in the RHEL subscription registration tasks being skipped.
 
 ## RHEL 8
 
 If you have containers that are using iptables in the host network namespace (`hostNetwork=true`),
 you need to ensure they are using iptables-nft.
 An example how k8s do the autodetection can be found [in this PR](https://github.com/kubernetes/kubernetes/pull/82966)
+
+The kernel version is lower than the kubenretes 1.32 system validation, please refer to the [kernel requirements](../operations/kernel-requirements.md).
diff --git a/docs/operations/kernel-requirements.md b/docs/operations/kernel-requirements.md
@@ -0,0 +1,35 @@
+# Kernel Requirements
+
+For Kubernetes >=1.32.0, the recommended kernel LTS version from the 4.x series is 4.19. Any 5.x or 6.x versions are also supported. For cgroups v2 support, the minimum version is 4.15 and the recommended version is 5.8+. Refer to [this link](https://github.com/kubernetes/kubernetes/blob/v1.32.0/vendor/k8s.io/system-validators/validators/types_unix.go#L33). For more information, see [kernel version requirements](https://kubernetes.io/docs/reference/node/kernel-version-requirements).
+
+If the OS kernel version is lower than required, add the following configuration to ignore the kubeadm preflight errors:
+
+```yaml
+kubeadm_ignore_preflight_errors:
+  - SystemVerification
+```
+
+The Kernel Version Matrixs:
+
+| OS Verion          | Kernel Verion  | Kernel >=4.19      |
+|---                 | ---            | ---                |
+| RHEL 9             | 5.14           | :white_check_mark: |
+| RHEL 8             | 4.18           | :x:                |
+| Alma Linux 9       | 5.14           | :white_check_mark: |
+| Alma Linux 8       | 4.18           | :x:                |
+| Rocky Linux 9      | 5.14           | :white_check_mark: |
+| Rocky Linux 8      | 4.18           | :x:                |
+| Oracle Linux 9     | 5.14           | :white_check_mark: |
+| Oracle Linux 8     | 4.18           | :x:                |
+| Ubuntu 24.04       | 6.6            | :white_check_mark: |
+| Ubuntu 22.04       | 5.15           | :white_check_mark: |
+| Ubuntu 20.04       | 5.4            | :white_check_mark: |
+| Debian 12          | 6.1            | :white_check_mark: |
+| Debian 11          | 5.10           | :white_check_mark: |
+| Fedora 40          | 6.8            | :white_check_mark: |
+| Fedora 39          | 6.5            | :white_check_mark: |
+| openSUSE Leap 15.5 | 5.14           | :white_check_mark: |
+| Amazon Linux 2     | 4.14           | :x:                |
+| openEuler 24.03    | 6.6            | :white_check_mark: |
+| openEuler 22.03    | 5.10           | :white_check_mark: |
+| openEuler 20.03    | 4.19           | :white_check_mark: |
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -17,7 +17,7 @@ kube_token_dir: "{{ kube_config_dir }}/tokens"
 kube_api_anonymous_auth: true
 
 ## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.31.4
+kube_version: v1.32.0
 
 # Where the binaries will be downloaded.
 # Note: ensure that you've enough disk space (about 1G)