mirror of https://github.com/kubernetes/kops.git
Merge pull request #15903 from hakman/aws_list_eni_by_vpc
aws: Filter ENI list by VPC
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
97c89f49b0
|
|
@ -220,9 +220,9 @@ const (
|
|||
metricsServerAddon = "metrics-server.addons.k8s.io-k8s-1.11"
|
||||
)
|
||||
|
||||
// TestMinimal runs the test on a minimum configuration, similar to kops create cluster minimal.example.com --zones us-west-1a
|
||||
func TestMinimal(t *testing.T) {
|
||||
newIntegrationTest("minimal.example.com", "minimal").
|
||||
// TestMinimalAWS runs the test on a minimum configuration, similar to kops create cluster minimal.example.com --zones us-west-1a
|
||||
func TestMinimalAWS(t *testing.T) {
|
||||
newIntegrationTest("minimal-aws.example.com", "minimal-aws").
|
||||
withAddons(
|
||||
awsEBSCSIAddon,
|
||||
dnsControllerAddon,
|
||||
|
|
@ -805,7 +805,7 @@ func TestAWSLBController(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestManyAddons(t *testing.T) {
|
||||
newIntegrationTest("minimal.example.com", "many-addons").
|
||||
newIntegrationTest("many-addons.example.com", "many-addons").
|
||||
withAddons(
|
||||
"aws-load-balancer-controller.addons.k8s.io-k8s-1.19",
|
||||
"certmanager.io-k8s-1.16",
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ func (o *LifecycleTestOptions) AddDefaults() {
|
|||
func TestLifecycleMinimalAWS(t *testing.T) {
|
||||
runLifecycleTestAWS(&LifecycleTestOptions{
|
||||
t: t,
|
||||
SrcDir: "minimal",
|
||||
SrcDir: "minimal-aws",
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -175,7 +175,6 @@ func TestLifecycleManyAddons(t *testing.T) {
|
|||
runLifecycleTestAWS(&LifecycleTestOptions{
|
||||
t: t,
|
||||
SrcDir: "many-addons",
|
||||
ClusterName: "minimal.example.com",
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ const (
|
|||
TypeTargetGroup = "target-group"
|
||||
)
|
||||
|
||||
type listFn func(fi.Cloud, string) ([]*resources.Resource, error)
|
||||
type listFn func(fi.Cloud, string, string) ([]*resources.Resource, error)
|
||||
|
||||
func ListResourcesAWS(cloud awsup.AWSCloud, clusterInfo resources.ClusterInfo) (map[string]*resources.Resource, error) {
|
||||
clusterName := clusterInfo.Name
|
||||
|
|
@ -72,18 +72,15 @@ func ListResourcesAWS(cloud awsup.AWSCloud, clusterInfo resources.ClusterInfo) (
|
|||
ListEgressOnlyInternetGateways,
|
||||
ListRouteTables,
|
||||
ListSubnets,
|
||||
ListVPCs,
|
||||
ListENIs,
|
||||
// ELBs
|
||||
ListELBs,
|
||||
ListELBV2s,
|
||||
ListTargetGroups,
|
||||
|
||||
// IAM
|
||||
ListIAMInstanceProfiles,
|
||||
ListIAMRoles,
|
||||
ListIAMOIDCProviders,
|
||||
|
||||
// SQS
|
||||
ListSQSQueues,
|
||||
// EventBridge
|
||||
|
|
@ -100,8 +97,21 @@ func ListResourcesAWS(cloud awsup.AWSCloud, clusterInfo resources.ClusterInfo) (
|
|||
listFunctions = append(listFunctions, ListSpotinstResources)
|
||||
}
|
||||
|
||||
var vpcID string
|
||||
{
|
||||
r, err := ListVPCs(cloud, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if len(r) > 0 {
|
||||
vpcID = r[0].ID
|
||||
resourceTrackers[r[0].Type+":"+r[0].ID] = r[0]
|
||||
}
|
||||
}
|
||||
|
||||
for _, fn := range listFunctions {
|
||||
rt, err := fn(cloud, clusterName)
|
||||
rt, err := fn(cloud, vpcID, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -328,7 +338,7 @@ func DeleteInstance(cloud fi.Cloud, t *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListInstances(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListInstances(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
klog.V(2).Infof("Querying EC2 instances")
|
||||
|
|
@ -548,7 +558,7 @@ func DeleteVolume(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListVolumes(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListVolumes(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
volumes, err := DescribeVolumes(cloud)
|
||||
|
|
@ -659,7 +669,7 @@ func DeleteKeypair(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListKeypairs(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListKeypairs(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
if !strings.Contains(clusterName, ".") {
|
||||
klog.Infof("cluster %q is legacy (kube-up) cluster; won't delete keypairs", clusterName)
|
||||
return nil, nil
|
||||
|
|
@ -722,7 +732,7 @@ func DeleteSubnet(cloud fi.Cloud, tracker *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListSubnets(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListSubnets(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
subnets, err := DescribeSubnets(cloud)
|
||||
if err != nil {
|
||||
|
|
@ -916,7 +926,7 @@ func DeleteDhcpOptions(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListDhcpOptions(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListDhcpOptions(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
dhcpOptions, err := DescribeDhcpOptions(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1022,7 +1032,7 @@ func DeleteInternetGateway(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListInternetGateways(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListInternetGateways(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
gateways, err := DescribeInternetGateways(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1117,7 +1127,7 @@ func DeleteEgressOnlyInternetGateway(cloud fi.Cloud, r *resources.Resource) erro
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListEgressOnlyInternetGateways(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListEgressOnlyInternetGateways(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
gateways, err := DescribeEgressOnlyInternetGateways(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1186,7 +1196,7 @@ func DeleteAutoScalingGroup(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListAutoScalingGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListAutoScalingGroups(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
tags := c.Tags()
|
||||
|
|
@ -1443,7 +1453,7 @@ func DumpELB(op *resources.DumpOperation, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListELBs(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListELBs(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
elbs, elbTags, err := DescribeELBs(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1538,7 +1548,7 @@ func DescribeELBs(cloud fi.Cloud) ([]*elb.LoadBalancerDescription, map[string][]
|
|||
}
|
||||
|
||||
// For NLBs and ALBs
|
||||
func ListELBV2s(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListELBV2s(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
elbv2s, _, err := DescribeELBV2s(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1630,7 +1640,7 @@ func DescribeELBV2s(cloud fi.Cloud) ([]*elbv2.LoadBalancer, map[string][]*elbv2.
|
|||
return elbv2s, elbv2Tags, nil
|
||||
}
|
||||
|
||||
func ListTargetGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListTargetGroups(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
targetgroups, _, err := DescribeTargetGroups(cloud)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -1783,7 +1793,7 @@ func deleteRoute53Records(cloud fi.Cloud, zone *route53.HostedZone, resourceTrac
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListRoute53Records(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListRoute53Records(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
var resourceTrackers []*resources.Resource
|
||||
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
|
@ -1966,7 +1976,7 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListIAMRoles(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListIAMRoles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
var resourceTrackers []*resources.Resource
|
||||
|
|
@ -2056,7 +2066,7 @@ func DeleteIAMInstanceProfile(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListIAMInstanceProfiles(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListIAMInstanceProfiles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
var getProfileErr error
|
||||
|
|
@ -2114,7 +2124,7 @@ func ListIAMInstanceProfiles(cloud fi.Cloud, clusterName string) ([]*resources.R
|
|||
return resourceTrackers, nil
|
||||
}
|
||||
|
||||
func ListIAMOIDCProviders(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListIAMOIDCProviders(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
tags := c.Tags()
|
||||
|
||||
|
|
@ -2180,7 +2190,7 @@ func DeleteIAMOIDCProvider(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListSpotinstResources(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListSpotinstResources(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
return spotinst.ListResources(cloud.(awsup.AWSCloud).Spotinst(), clusterName)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -158,7 +158,7 @@ func TestListIAMInstanceProfiles(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
resourceTrackers, err := ListIAMInstanceProfiles(cloud, clusterName)
|
||||
resourceTrackers, err := ListIAMInstanceProfiles(cloud, "", clusterName)
|
||||
if err != nil {
|
||||
t.Fatalf("error listing IAM roles: %v", err)
|
||||
}
|
||||
|
|
@ -224,7 +224,7 @@ func TestListIAMRoles(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
resourceTrackers, err := ListIAMRoles(cloud, clusterName)
|
||||
resourceTrackers, err := ListIAMRoles(cloud, "", clusterName)
|
||||
if err != nil {
|
||||
t.Fatalf("error listing IAM roles: %v", err)
|
||||
}
|
||||
|
|
@ -272,7 +272,7 @@ func TestListRouteTables(t *testing.T) {
|
|||
},
|
||||
})
|
||||
|
||||
resourceTrackers, err := ListRouteTables(cloud, clusterName)
|
||||
resourceTrackers, err := ListRouteTables(cloud, "", clusterName)
|
||||
if err != nil {
|
||||
t.Fatalf("error listing route tables: %v", err)
|
||||
}
|
||||
|
|
@ -327,7 +327,7 @@ func TestSharedVolume(t *testing.T) {
|
|||
t.Fatalf("error creating volume: %v", err)
|
||||
}
|
||||
|
||||
resourceTrackers, err := ListVolumes(cloud, clusterName)
|
||||
resourceTrackers, err := ListVolumes(cloud, "", clusterName)
|
||||
if err != nil {
|
||||
t.Fatalf("error listing volumes: %v", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -63,21 +63,20 @@ func DumpENI(op *resources.DumpOperation, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func DescribeENIs(cloud fi.Cloud, clusterName string) (map[string]*ec2.NetworkInterface, error) {
|
||||
func DescribeENIs(cloud fi.Cloud, vpcID, clusterName string) (map[string]*ec2.NetworkInterface, error) {
|
||||
if vpcID == "" {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
statusFilter := &ec2.Filter{
|
||||
Name: aws.String("status"),
|
||||
Values: []*string{
|
||||
aws.String(ec2.NetworkInterfaceStatusDetaching),
|
||||
aws.String(ec2.NetworkInterfaceStatusAvailable),
|
||||
},
|
||||
}
|
||||
vpcFilter := awsup.NewEC2Filter("vpc-id", vpcID)
|
||||
statusFilter := awsup.NewEC2Filter("status", ec2.NetworkInterfaceStatusAvailable)
|
||||
enis := make(map[string]*ec2.NetworkInterface)
|
||||
klog.V(2).Info("Listing ENIs")
|
||||
for _, filters := range buildEC2FiltersForCluster(clusterName) {
|
||||
request := &ec2.DescribeNetworkInterfacesInput{
|
||||
Filters: append(filters, statusFilter),
|
||||
Filters: append(filters, vpcFilter, statusFilter),
|
||||
}
|
||||
err := c.EC2().DescribeNetworkInterfacesPages(request, func(dnio *ec2.DescribeNetworkInterfacesOutput, b bool) bool {
|
||||
for _, eni := range dnio.NetworkInterfaces {
|
||||
|
|
@ -93,8 +92,8 @@ func DescribeENIs(cloud fi.Cloud, clusterName string) (map[string]*ec2.NetworkIn
|
|||
return enis, nil
|
||||
}
|
||||
|
||||
func ListENIs(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
enis, err := DescribeENIs(cloud, clusterName)
|
||||
func ListENIs(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
enis, err := DescribeENIs(cloud, vpcID, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ func DeleteEventBridgeRule(cloud fi.Cloud, ruleName string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListEventBridgeRules(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListEventBridgeRules(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
klog.V(2).Infof("Listing EventBridge rules")
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ func DescribeRouteTables(cloud fi.Cloud, clusterName string) (map[string]*ec2.Ro
|
|||
return routeTables, nil
|
||||
}
|
||||
|
||||
func ListRouteTables(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListRouteTables(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
routeTables, err := DescribeRouteTables(cloud, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func DumpSecurityGroup(op *resources.DumpOperation, r *resources.Resource) error
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListSecurityGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListSecurityGroups(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
groups, err := DescribeSecurityGroups(cloud, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ func DeleteSQSQueue(cloud fi.Cloud, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func ListSQSQueues(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
func ListSQSQueues(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
klog.V(2).Infof("Listing SQS queues")
|
||||
|
|
|
|||
|
|
@ -22,10 +22,10 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/service/ec2"
|
||||
"k8s.io/klog/v2"
|
||||
|
||||
"k8s.io/kops/pkg/resources"
|
||||
"k8s.io/kops/upup/pkg/fi"
|
||||
"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
|
||||
"k8s.io/kops/util/pkg/maps"
|
||||
)
|
||||
|
||||
func DeleteVPC(cloud fi.Cloud, r *resources.Resource) error {
|
||||
|
|
@ -68,7 +68,7 @@ func DumpVPC(op *resources.DumpOperation, r *resources.Resource) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func DescribeVPCs(cloud fi.Cloud, clusterName string) (map[string]*ec2.Vpc, error) {
|
||||
func DescribeVPC(cloud fi.Cloud, clusterName string) (*ec2.Vpc, error) {
|
||||
c := cloud.(awsup.AWSCloud)
|
||||
|
||||
vpcs := make(map[string]*ec2.Vpc)
|
||||
|
|
@ -87,31 +87,38 @@ func DescribeVPCs(cloud fi.Cloud, clusterName string) (map[string]*ec2.Vpc, erro
|
|||
}
|
||||
}
|
||||
|
||||
return vpcs, nil
|
||||
switch len(vpcs) {
|
||||
case 0:
|
||||
return nil, nil
|
||||
case 1:
|
||||
return vpcs[maps.Keys(vpcs)[0]], nil
|
||||
default:
|
||||
return nil, fmt.Errorf("found multiple VPCs for cluster %q: %v", clusterName, maps.Keys(vpcs))
|
||||
}
|
||||
}
|
||||
|
||||
func ListVPCs(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
|
||||
vpcs, err := DescribeVPCs(cloud, clusterName)
|
||||
vpc, err := DescribeVPC(cloud, clusterName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var resourceTrackers []*resources.Resource
|
||||
for _, v := range vpcs {
|
||||
vpcID := aws.StringValue(v.VpcId)
|
||||
if vpc != nil {
|
||||
vpcID := aws.StringValue(vpc.VpcId)
|
||||
|
||||
resourceTracker := &resources.Resource{
|
||||
Name: FindName(v.Tags),
|
||||
Name: FindName(vpc.Tags),
|
||||
ID: vpcID,
|
||||
Type: ec2.ResourceTypeVpc,
|
||||
Deleter: DeleteVPC,
|
||||
Dumper: DumpVPC,
|
||||
Obj: v,
|
||||
Shared: !HasOwnedTag(ec2.ResourceTypeVpc+":"+vpcID, v.Tags, clusterName),
|
||||
Obj: vpc,
|
||||
Shared: !HasOwnedTag(ec2.ResourceTypeVpc+":"+vpcID, vpc.Tags, clusterName),
|
||||
}
|
||||
|
||||
var blocks []string
|
||||
blocks = append(blocks, "dhcp-options:"+aws.StringValue(v.DhcpOptionsId))
|
||||
blocks = append(blocks, "dhcp-options:"+aws.StringValue(vpc.DhcpOptionsId))
|
||||
|
||||
resourceTracker.Blocks = blocks
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
"Action": "ec2:AttachVolume",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:ResourceTag/KubernetesCluster": "many-addons.example.com",
|
||||
"aws:ResourceTag/k8s.io/role/master": "1"
|
||||
}
|
||||
},
|
||||
|
|
@ -18,7 +18,7 @@
|
|||
"s3:Get*"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-read-bucket/clusters.example.com/minimal.example.com/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-read-bucket/tests/many-addons.example.com/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -28,7 +28,7 @@
|
|||
"s3:PutObject"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal.example.com/backups/etcd/main/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/tests/many-addons.example.com/backups/etcd/main/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -38,7 +38,7 @@
|
|||
"s3:PutObject"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal.example.com/backups/etcd/events/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/tests/many-addons.example.com/backups/etcd/events/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -98,7 +98,7 @@
|
|||
"Action": "ec2:CreateTags",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:RequestTag/KubernetesCluster": "many-addons.example.com",
|
||||
"ec2:CreateAction": [
|
||||
"CreateVolume",
|
||||
"CreateSnapshot"
|
||||
|
|
@ -121,7 +121,7 @@
|
|||
"aws:RequestTag/KubernetesCluster": "true"
|
||||
},
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "many-addons.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -134,7 +134,7 @@
|
|||
"Action": "ec2:CreateTags",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:RequestTag/KubernetesCluster": "many-addons.example.com",
|
||||
"ec2:CreateAction": [
|
||||
"CreateSecurityGroup"
|
||||
]
|
||||
|
|
@ -155,7 +155,7 @@
|
|||
"aws:RequestTag/KubernetesCluster": "true"
|
||||
},
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "many-addons.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -167,7 +167,7 @@
|
|||
"Action": "ec2:CreateTags",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:RequestTag/KubernetesCluster": "many-addons.example.com",
|
||||
"ec2:CreateAction": [
|
||||
"CreateSecurityGroup"
|
||||
]
|
||||
|
|
@ -188,7 +188,7 @@
|
|||
"aws:RequestTag/KubernetesCluster": "true"
|
||||
},
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "many-addons.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -306,7 +306,7 @@
|
|||
],
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "many-addons.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -324,7 +324,7 @@
|
|||
],
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:RequestTag/KubernetesCluster": "many-addons.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -124,11 +124,11 @@ ensure-install-dir
|
|||
|
||||
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
||||
CloudProvider: aws
|
||||
ClusterName: minimal.example.com
|
||||
ConfigBase: memfs://clusters.example.com/minimal.example.com
|
||||
ClusterName: many-addons.example.com
|
||||
ConfigBase: memfs://tests/many-addons.example.com
|
||||
InstanceGroupName: master-us-test-1a
|
||||
InstanceGroupRole: ControlPlane
|
||||
NodeupConfigHash: QagSzGJDRHMhvxCLRpxXO4c5OA7jFPrkYDsQXuX5rcA=
|
||||
NodeupConfigHash: ZYVYRk0Hjd3cBeBc7JkJY0rjF4hoZJJ0RpVTCSroQgo=
|
||||
|
||||
__EOF_KUBE_ENV
|
||||
|
||||
|
|
@ -124,7 +124,7 @@ ensure-install-dir
|
|||
|
||||
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
||||
CloudProvider: aws
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: many-addons.example.com
|
||||
ConfigServer:
|
||||
CACertificates: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
|
|
@ -148,10 +148,10 @@ ConfigServer:
|
|||
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
||||
-----END CERTIFICATE-----
|
||||
servers:
|
||||
- https://kops-controller.internal.minimal.example.com:3988/
|
||||
- https://kops-controller.internal.many-addons.example.com:3988/
|
||||
InstanceGroupName: nodes
|
||||
InstanceGroupRole: Node
|
||||
NodeupConfigHash: P1X6Xy+8U6wxivg3gwhwDhfAwULBvUYFrcUE20bA/wE=
|
||||
NodeupConfigHash: XUCTela0KbyEi8FisfgSoLs9G42zHNr/SUd00OG309w=
|
||||
|
||||
__EOF_KUBE_ENV
|
||||
|
||||
|
|
@ -2,7 +2,7 @@ apiVersion: kops.k8s.io/v1alpha2
|
|||
kind: Cluster
|
||||
metadata:
|
||||
creationTimestamp: "2016-12-10T22:42:27Z"
|
||||
name: minimal.example.com
|
||||
name: many-addons.example.com
|
||||
spec:
|
||||
api:
|
||||
dns: {}
|
||||
|
|
@ -20,7 +20,7 @@ spec:
|
|||
cloudControllerManager:
|
||||
allocateNodeCIDRs: true
|
||||
clusterCIDR: 172.20.128.0/17
|
||||
clusterName: minimal.example.com
|
||||
clusterName: many-addons.example.com
|
||||
configureCloudRoutes: false
|
||||
image: registry.k8s.io/provider-aws/cloud-controller-manager:v1.26.6
|
||||
leaderElection:
|
||||
|
|
@ -44,7 +44,7 @@ spec:
|
|||
skipNodesWithLocalStorage: true
|
||||
skipNodesWithSystemPods: true
|
||||
clusterDNSDomain: cluster.local
|
||||
configBase: memfs://clusters.example.com/minimal.example.com
|
||||
configBase: memfs://tests/many-addons.example.com
|
||||
containerd:
|
||||
logLevel: info
|
||||
runc:
|
||||
|
|
@ -53,7 +53,7 @@ spec:
|
|||
dnsZone: Z1AFAKE1ZON3YO
|
||||
etcdClusters:
|
||||
- backups:
|
||||
backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd/main
|
||||
backupStore: memfs://tests/many-addons.example.com/backups/etcd/main
|
||||
etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
name: us-test-1a
|
||||
|
|
@ -62,7 +62,7 @@ spec:
|
|||
name: main
|
||||
version: 3.5.9
|
||||
- backups:
|
||||
backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd/events
|
||||
backupStore: memfs://tests/many-addons.example.com/backups/etcd/events
|
||||
etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
name: us-test-1a
|
||||
|
|
@ -74,7 +74,7 @@ spec:
|
|||
provider: dns-controller
|
||||
iam:
|
||||
legacy: false
|
||||
keyStore: memfs://clusters.example.com/minimal.example.com/pki
|
||||
keyStore: memfs://tests/many-addons.example.com/pki
|
||||
kubeAPIServer:
|
||||
allowPrivileged: true
|
||||
anonymousAuth: false
|
||||
|
|
@ -117,8 +117,8 @@ spec:
|
|||
requestheaderUsernameHeaders:
|
||||
- X-Remote-User
|
||||
securePort: 443
|
||||
serviceAccountIssuer: https://api.internal.minimal.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal.example.com/openid/v1/jwks
|
||||
serviceAccountIssuer: https://api.internal.many-addons.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.many-addons.example.com/openid/v1/jwks
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
storageBackend: etcd3
|
||||
kubeControllerManager:
|
||||
|
|
@ -126,7 +126,7 @@ spec:
|
|||
attachDetachReconcileSyncPeriod: 1m0s
|
||||
cloudProvider: external
|
||||
clusterCIDR: 172.20.128.0/17
|
||||
clusterName: minimal.example.com
|
||||
clusterName: many-addons.example.com
|
||||
configureCloudRoutes: false
|
||||
featureGates:
|
||||
CSIMigrationAWS: "true"
|
||||
|
|
@ -205,7 +205,7 @@ spec:
|
|||
registerSchedulable: true
|
||||
shutdownGracePeriod: 0s
|
||||
shutdownGracePeriodCriticalPods: 0s
|
||||
masterPublicName: api.minimal.example.com
|
||||
masterPublicName: api.many-addons.example.com
|
||||
metricsServer:
|
||||
enabled: true
|
||||
networkCIDR: 172.20.0.0/16
|
||||
|
|
@ -225,7 +225,7 @@ spec:
|
|||
version: v1.18.3
|
||||
nonMasqueradeCIDR: 172.20.0.0/16
|
||||
podCIDR: 172.20.128.0/17
|
||||
secretStore: memfs://clusters.example.com/minimal.example.com/secrets
|
||||
secretStore: memfs://tests/many-addons.example.com/secrets
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
snapshotController:
|
||||
enabled: true
|
||||
|
|
|
|||
|
|
@ -12,12 +12,12 @@ spec:
|
|||
- /bin/sh
|
||||
- -c
|
||||
- mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
|
||||
--backup-store=memfs://clusters.example.com/minimal.example.com/backups/etcd/events
|
||||
--client-urls=https://__name__:4002 --cluster-name=etcd-events --containerized=true
|
||||
--dns-suffix=.internal.minimal.example.com --grpc-port=3997 --peer-urls=https://__name__:2381
|
||||
--quarantine-client-urls=https://__name__:3995 --v=6 --volume-name-tag=k8s.io/etcd/events
|
||||
--volume-provider=aws --volume-tag=k8s.io/etcd/events --volume-tag=k8s.io/role/control-plane=1
|
||||
--volume-tag=kubernetes.io/cluster/minimal.example.com=owned > /tmp/pipe 2>&1
|
||||
--backup-store=memfs://tests/many-addons.example.com/backups/etcd/events --client-urls=https://__name__:4002
|
||||
--cluster-name=etcd-events --containerized=true --dns-suffix=.internal.many-addons.example.com
|
||||
--grpc-port=3997 --peer-urls=https://__name__:2381 --quarantine-client-urls=https://__name__:3995
|
||||
--v=6 --volume-name-tag=k8s.io/etcd/events --volume-provider=aws --volume-tag=k8s.io/etcd/events
|
||||
--volume-tag=k8s.io/role/control-plane=1 --volume-tag=kubernetes.io/cluster/many-addons.example.com=owned
|
||||
> /tmp/pipe 2>&1
|
||||
env:
|
||||
- name: ETCD_MANAGER_DAILY_BACKUPS_RETENTION
|
||||
value: 90d
|
||||
|
|
|
|||
|
|
@ -12,12 +12,12 @@ spec:
|
|||
- /bin/sh
|
||||
- -c
|
||||
- mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
|
||||
--backup-store=memfs://clusters.example.com/minimal.example.com/backups/etcd/main
|
||||
--client-urls=https://__name__:4001 --cluster-name=etcd --containerized=true
|
||||
--dns-suffix=.internal.minimal.example.com --grpc-port=3996 --peer-urls=https://__name__:2380
|
||||
--quarantine-client-urls=https://__name__:3994 --v=6 --volume-name-tag=k8s.io/etcd/main
|
||||
--volume-provider=aws --volume-tag=k8s.io/etcd/main --volume-tag=k8s.io/role/control-plane=1
|
||||
--volume-tag=kubernetes.io/cluster/minimal.example.com=owned > /tmp/pipe 2>&1
|
||||
--backup-store=memfs://tests/many-addons.example.com/backups/etcd/main --client-urls=https://__name__:4001
|
||||
--cluster-name=etcd --containerized=true --dns-suffix=.internal.many-addons.example.com
|
||||
--grpc-port=3996 --peer-urls=https://__name__:2380 --quarantine-client-urls=https://__name__:3994
|
||||
--v=6 --volume-name-tag=k8s.io/etcd/main --volume-provider=aws --volume-tag=k8s.io/etcd/main
|
||||
--volume-tag=k8s.io/role/control-plane=1 --volume-tag=kubernetes.io/cluster/many-addons.example.com=owned
|
||||
> /tmp/pipe 2>&1
|
||||
env:
|
||||
- name: ETCD_MANAGER_DAILY_BACKUPS_RETENTION
|
||||
value: 90d
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ spec:
|
|||
- args:
|
||||
- --allocate-node-cidrs=true
|
||||
- --cluster-cidr=172.20.128.0/17
|
||||
- --cluster-name=minimal.example.com
|
||||
- --cluster-name=many-addons.example.com
|
||||
- --configure-cloud-routes=false
|
||||
- --leader-elect=true
|
||||
- --v=2
|
||||
|
|
@ -632,8 +632,8 @@ spec:
|
|||
- controller
|
||||
- --endpoint=$(CSI_ENDPOINT)
|
||||
- --logtostderr
|
||||
- --k8s-tag-cluster-id=minimal.example.com
|
||||
- --extra-tags=KubernetesCluster=minimal.example.com
|
||||
- --k8s-tag-cluster-id=many-addons.example.com
|
||||
- --extra-tags=KubernetesCluster=many-addons.example.com
|
||||
- --http-endpoint=0.0.0.0:3301
|
||||
- --v=5
|
||||
env:
|
||||
|
|
@ -876,12 +876,12 @@ spec:
|
|||
containers:
|
||||
- args:
|
||||
- --metrics-bind-addr=:9442
|
||||
- --cluster-name=minimal.example.com
|
||||
- --cluster-name=many-addons.example.com
|
||||
- --enable-waf=false
|
||||
- --enable-wafv2=false
|
||||
- --enable-shield=false
|
||||
- --ingress-class=alb
|
||||
- --default-tags=KubernetesCluster=minimal.example.com
|
||||
- --default-tags=KubernetesCluster=many-addons.example.com
|
||||
- --aws-region=us-test-1
|
||||
env:
|
||||
- name: NODENAME
|
||||
|
|
@ -6,7 +6,7 @@ spec:
|
|||
addons:
|
||||
- id: k8s-1.16
|
||||
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
|
||||
manifestHash: abc34b75927182307d11de4729eecc8071d300b6ef1da5b378d9d7a635673214
|
||||
manifestHash: d3b18a4b6093071ca94fd9091bce7093e4d85f90b80295ee88db809ee546aead
|
||||
name: kops-controller.addons.k8s.io
|
||||
needsRollingUpdate: control-plane
|
||||
selector:
|
||||
|
|
@ -41,7 +41,7 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.15
|
||||
manifest: cluster-autoscaler.addons.k8s.io/k8s-1.15.yaml
|
||||
manifestHash: 6a987393768f7dd76735ec5451417a7f868120bcc9a05781f9cf033ea8c50904
|
||||
manifestHash: fc8433872165deaab925ad80da33f4406c601ad3c006282f916a48bf3adda901
|
||||
name: cluster-autoscaler.addons.k8s.io
|
||||
selector:
|
||||
k8s-addon: cluster-autoscaler.addons.k8s.io
|
||||
|
|
@ -112,7 +112,7 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.11
|
||||
manifest: node-termination-handler.aws/k8s-1.11.yaml
|
||||
manifestHash: bd6955162f93335d20e8f1215411cb1e8388371f2f4a1ff6e29529175db262f9
|
||||
manifestHash: 31545eb9bf6086d7f5dd39503fcbf3b01a5f337b18b95f4ed9094a06312cbce8
|
||||
name: node-termination-handler.aws
|
||||
prune:
|
||||
kinds:
|
||||
|
|
@ -163,7 +163,7 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.19
|
||||
manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml
|
||||
manifestHash: d656ecff1afebab268a7efb26250535878d3219f705b892cc8ec528eee00965e
|
||||
manifestHash: 786e41ba87c3c845cc14ce2b04ecb2040fc461e7112d82298d8573d8f8674615
|
||||
name: aws-load-balancer-controller.addons.k8s.io
|
||||
needsPKI: true
|
||||
selector:
|
||||
|
|
@ -178,7 +178,7 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.16
|
||||
manifest: networking.amazon-vpc-routed-eni/k8s-1.16.yaml
|
||||
manifestHash: 7783f69ff595f86c5bab56d6ca740493e77ef2dc4124182232d69df934fb4581
|
||||
manifestHash: 3b388375350b777e1408e31851682b3bddf09db872cfed97f19e3ea58e16bdc8
|
||||
name: networking.amazon-vpc-routed-eni
|
||||
needsRollingUpdate: all
|
||||
selector:
|
||||
|
|
@ -186,21 +186,21 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.18
|
||||
manifest: aws-cloud-controller.addons.k8s.io/k8s-1.18.yaml
|
||||
manifestHash: 55d45ed42fb1eddc545dd5e64ba4d38f138a64689d04f19c8a247eef64f41ccb
|
||||
manifestHash: ee6f87fe612793384351cdf60836c0bc7dcc039064dafc7c8708024642a562af
|
||||
name: aws-cloud-controller.addons.k8s.io
|
||||
selector:
|
||||
k8s-addon: aws-cloud-controller.addons.k8s.io
|
||||
version: 9.99.0
|
||||
- id: k8s-1.17
|
||||
manifest: aws-ebs-csi-driver.addons.k8s.io/k8s-1.17.yaml
|
||||
manifestHash: 7ef7d5abe268bd42dcd36fb068f87e927362071d65b611ec2ce2c2efb32d153f
|
||||
manifestHash: 1b2f5991e29f7053d6e1d120e74d5ca84cd2fca7d120993ae77c6d33c8ebcffc
|
||||
name: aws-ebs-csi-driver.addons.k8s.io
|
||||
selector:
|
||||
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
|
||||
version: 9.99.0
|
||||
- id: k8s-1.20
|
||||
manifest: snapshot-controller.addons.k8s.io/k8s-1.20.yaml
|
||||
manifestHash: 06a1cffd153dc7f8cf75853da3683d3a68b55411883d84b9bebf049fc746b980
|
||||
manifestHash: a52f39f0320ab2785f0d26373791a2e851acd9a0839aa7fbd4187e7b8a20d546
|
||||
name: snapshot-controller.addons.k8s.io
|
||||
needsPKI: true
|
||||
selector:
|
||||
|
|
@ -331,7 +331,7 @@ spec:
|
|||
- --cloud-provider=aws
|
||||
- --aws-use-static-instance-list=false
|
||||
- --expander=random
|
||||
- --nodes=2:2:nodes.minimal.example.com
|
||||
- --nodes=2:2:nodes.many-addons.example.com
|
||||
- --ignore-daemonsets-utilization=false
|
||||
- --scale-down-utilization-threshold=0.5
|
||||
- --skip-nodes-with-local-storage=true
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v1
|
||||
data:
|
||||
config.yaml: |
|
||||
{"clusterName":"minimal.example.com","cloud":"aws","configBase":"memfs://clusters.example.com/minimal.example.com","secretStore":"memfs://clusters.example.com/minimal.example.com/secrets","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.minimal.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
|
||||
{"clusterName":"many-addons.example.com","cloud":"aws","configBase":"memfs://tests/many-addons.example.com","secretStore":"memfs://tests/many-addons.example.com/secrets","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.many-addons.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
|
|
@ -33,7 +33,7 @@ spec:
|
|||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal.example.com
|
||||
dns.alpha.kubernetes.io/internal: kops-controller.internal.many-addons.example.com
|
||||
creationTimestamp: null
|
||||
labels:
|
||||
k8s-addon: kops-controller.addons.k8s.io
|
||||
|
|
@ -174,7 +174,7 @@ spec:
|
|||
containers:
|
||||
- env:
|
||||
- name: ADDITIONAL_ENI_TAGS
|
||||
value: '{"KubernetesCluster":"minimal.example.com","kubernetes.io/cluster/minimal.example.com":"owned"}'
|
||||
value: '{"KubernetesCluster":"many-addons.example.com","kubernetes.io/cluster/many-addons.example.com":"owned"}'
|
||||
- name: AWS_VPC_CNI_NODE_PORT_SUPPORT
|
||||
value: "true"
|
||||
- name: AWS_VPC_ENI_MTU
|
||||
|
|
@ -226,7 +226,7 @@ spec:
|
|||
apiVersion: v1
|
||||
fieldPath: metadata.name
|
||||
- name: CLUSTER_NAME
|
||||
value: minimal.example.com
|
||||
value: many-addons.example.com
|
||||
image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.13.4
|
||||
livenessProbe:
|
||||
exec:
|
||||
|
|
@ -202,7 +202,7 @@ spec:
|
|||
- name: ENABLE_SQS_TERMINATION_DRAINING
|
||||
value: "true"
|
||||
- name: QUEUE_URL
|
||||
value: https://sqs.us-test-1.amazonaws.com/123456789012/minimal-example-com-nth
|
||||
value: https://sqs.us-test-1.amazonaws.com/123456789012/many-addons-example-com-nth
|
||||
- name: WORKERS
|
||||
value: "10"
|
||||
image: public.ecr.aws/aws-ec2/aws-node-termination-handler:v1.18.3
|
||||
|
|
@ -1365,7 +1365,7 @@ metadata:
|
|||
spec:
|
||||
dnsNames:
|
||||
- snapshot-validation-service.kube-system.svc
|
||||
- snapshot-validation-service.kube-system.svc.minimal.example.com
|
||||
- snapshot-validation-service.kube-system.svc.many-addons.example.com
|
||||
issuerRef:
|
||||
kind: Issuer
|
||||
name: snapshot-controller.addons.k8s.io
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
APIServerConfig:
|
||||
API:
|
||||
dns: {}
|
||||
publicName: api.minimal.example.com
|
||||
publicName: api.many-addons.example.com
|
||||
ClusterDNSDomain: cluster.local
|
||||
KubeAPIServer:
|
||||
allowPrivileged: true
|
||||
|
|
@ -45,8 +45,8 @@ APIServerConfig:
|
|||
requestheaderUsernameHeaders:
|
||||
- X-Remote-User
|
||||
securePort: 443
|
||||
serviceAccountIssuer: https://api.internal.minimal.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal.example.com/openid/v1/jwks
|
||||
serviceAccountIssuer: https://api.internal.many-addons.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.many-addons.example.com/openid/v1/jwks
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
storageBackend: etcd3
|
||||
ServiceAccountPublicKeys: |
|
||||
|
|
@ -227,14 +227,14 @@ CAs:
|
|||
MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
|
||||
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
||||
-----END CERTIFICATE-----
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: many-addons.example.com
|
||||
ControlPlaneConfig:
|
||||
KubeControllerManager:
|
||||
allocateNodeCIDRs: true
|
||||
attachDetachReconcileSyncPeriod: 1m0s
|
||||
cloudProvider: external
|
||||
clusterCIDR: 172.20.128.0/17
|
||||
clusterName: minimal.example.com
|
||||
clusterName: many-addons.example.com
|
||||
configureCloudRoutes: false
|
||||
featureGates:
|
||||
CSIMigrationAWS: "true"
|
||||
|
|
@ -313,18 +313,18 @@ Networking:
|
|||
serviceClusterIPRange: 100.64.0.0/13
|
||||
UpdatePolicy: automatic
|
||||
channels:
|
||||
- memfs://clusters.example.com/minimal.example.com/addons/bootstrap-channel.yaml
|
||||
- memfs://tests/many-addons.example.com/addons/bootstrap-channel.yaml
|
||||
configStore:
|
||||
keypairs: memfs://clusters.example.com/minimal.example.com/pki
|
||||
secrets: memfs://clusters.example.com/minimal.example.com/secrets
|
||||
keypairs: memfs://tests/many-addons.example.com/pki
|
||||
secrets: memfs://tests/many-addons.example.com/secrets
|
||||
containerdConfig:
|
||||
logLevel: info
|
||||
runc:
|
||||
version: 1.1.5
|
||||
version: 1.6.20
|
||||
etcdManifests:
|
||||
- memfs://clusters.example.com/minimal.example.com/manifests/etcd/main-master-us-test-1a.yaml
|
||||
- memfs://clusters.example.com/minimal.example.com/manifests/etcd/events-master-us-test-1a.yaml
|
||||
- memfs://tests/many-addons.example.com/manifests/etcd/main-master-us-test-1a.yaml
|
||||
- memfs://tests/many-addons.example.com/manifests/etcd/events-master-us-test-1a.yaml
|
||||
staticManifests:
|
||||
- key: kube-apiserver-healthcheck
|
||||
path: manifests/static/kube-apiserver-healthcheck.yaml
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ Assets:
|
|||
- c3e6a054b18b20fce06c7c3ed53f0989bb4b255c849bede446ebca955f07a9ce@https://github.com/containerd/containerd/releases/download/v1.6.20/containerd-1.6.20-linux-arm64.tar.gz
|
||||
- 54e79e4d48b9e191767e4abc08be1a8476a1c757e9a9f8c45c6ded001226867f@https://github.com/opencontainers/runc/releases/download/v1.1.5/runc.arm64
|
||||
CAs: {}
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: many-addons.example.com
|
||||
DefaultMachineType: t2.medium
|
||||
Hooks:
|
||||
- null
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [{
|
||||
"Effect": "Allow",
|
||||
"Principal": {
|
||||
"Service": ["events.amazonaws.com", "sqs.amazonaws.com"]
|
||||
},
|
||||
"Action": "sqs:SendMessage",
|
||||
"Resource": "arn:aws-test:sqs:us-test-1:123456789012:many-addons-example-com-nth"
|
||||
}]
|
||||
}
|
||||
|
|
@ -2,7 +2,7 @@ apiVersion: kops.k8s.io/v1alpha2
|
|||
kind: Cluster
|
||||
metadata:
|
||||
creationTimestamp: "2016-12-10T22:42:27Z"
|
||||
name: minimal.example.com
|
||||
name: many-addons.example.com
|
||||
spec:
|
||||
awsLoadBalancerController:
|
||||
enabled: true
|
||||
|
|
@ -21,7 +21,7 @@ spec:
|
|||
awsEBSCSIDriver:
|
||||
enabled: true
|
||||
cloudProvider: aws
|
||||
configBase: memfs://clusters.example.com/minimal.example.com
|
||||
configBase: memfs://tests/many-addons.example.com
|
||||
etcdClusters:
|
||||
- etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
|
|
@ -35,7 +35,7 @@ spec:
|
|||
kubelet:
|
||||
anonymousAuth: false
|
||||
kubernetesVersion: v1.26.0
|
||||
masterPublicName: api.minimal.example.com
|
||||
masterPublicName: api.many-addons.example.com
|
||||
networkCIDR: 172.20.0.0/16
|
||||
networking:
|
||||
amazonvpc: {}
|
||||
|
|
@ -60,7 +60,7 @@ metadata:
|
|||
creationTimestamp: "2016-12-10T22:42:28Z"
|
||||
name: nodes
|
||||
labels:
|
||||
kops.k8s.io/cluster: minimal.example.com
|
||||
kops.k8s.io/cluster: many-addons.example.com
|
||||
spec:
|
||||
associatePublicIp: true
|
||||
image: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220404
|
||||
|
|
@ -79,7 +79,7 @@ metadata:
|
|||
creationTimestamp: "2016-12-10T22:42:28Z"
|
||||
name: master-us-test-1a
|
||||
labels:
|
||||
kops.k8s.io/cluster: minimal.example.com
|
||||
kops.k8s.io/cluster: many-addons.example.com
|
||||
spec:
|
||||
associatePublicIp: true
|
||||
image: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220404
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -4,7 +4,7 @@
|
|||
"Action": "ec2:AttachVolume",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal-aws.example.com",
|
||||
"aws:ResourceTag/k8s.io/role/master": "1"
|
||||
}
|
||||
},
|
||||
|
|
@ -18,7 +18,7 @@
|
|||
"s3:Get*"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-read-bucket/clusters.example.com/minimal.example.com/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-read-bucket/clusters.example.com/minimal-aws.example.com/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -28,7 +28,7 @@
|
|||
"s3:PutObject"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal.example.com/backups/etcd/main/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal-aws.example.com/backups/etcd/main/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -38,7 +38,7 @@
|
|||
"s3:PutObject"
|
||||
],
|
||||
"Effect": "Allow",
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal.example.com/backups/etcd/events/*"
|
||||
"Resource": "arn:aws-test:s3:::placeholder-write-bucket/clusters.example.com/minimal-aws.example.com/backups/etcd/events/*"
|
||||
},
|
||||
{
|
||||
"Action": [
|
||||
|
|
@ -98,7 +98,7 @@
|
|||
"Action": "ec2:CreateTags",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:RequestTag/KubernetesCluster": "minimal-aws.example.com",
|
||||
"ec2:CreateAction": [
|
||||
"CreateVolume",
|
||||
"CreateSnapshot"
|
||||
|
|
@ -121,7 +121,7 @@
|
|||
"aws:RequestTag/KubernetesCluster": "true"
|
||||
},
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal-aws.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -134,7 +134,7 @@
|
|||
"Action": "ec2:CreateTags",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com",
|
||||
"aws:RequestTag/KubernetesCluster": "minimal-aws.example.com",
|
||||
"ec2:CreateAction": [
|
||||
"CreateSecurityGroup"
|
||||
]
|
||||
|
|
@ -155,7 +155,7 @@
|
|||
"aws:RequestTag/KubernetesCluster": "true"
|
||||
},
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal-aws.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -235,7 +235,7 @@
|
|||
],
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:ResourceTag/KubernetesCluster": "minimal-aws.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -252,7 +252,7 @@
|
|||
],
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"aws:RequestTag/KubernetesCluster": "minimal.example.com"
|
||||
"aws:RequestTag/KubernetesCluster": "minimal-aws.example.com"
|
||||
}
|
||||
},
|
||||
"Effect": "Allow",
|
||||
|
|
@ -124,11 +124,11 @@ ensure-install-dir
|
|||
|
||||
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
||||
CloudProvider: aws
|
||||
ClusterName: minimal.example.com
|
||||
ConfigBase: memfs://clusters.example.com/minimal.example.com
|
||||
ClusterName: minimal-aws.example.com
|
||||
ConfigBase: memfs://clusters.example.com/minimal-aws.example.com
|
||||
InstanceGroupName: master-us-test-1a
|
||||
InstanceGroupRole: ControlPlane
|
||||
NodeupConfigHash: o5t5SOPaDzxKQLNBemzI/+0uZbL29aTtQMxgjc6bngM=
|
||||
NodeupConfigHash: L8c5WKC0Pf8LGzpZgOrimSQZM2Fn+T7XOElf2FvcaFc=
|
||||
|
||||
__EOF_KUBE_ENV
|
||||
|
||||
|
|
@ -124,7 +124,7 @@ ensure-install-dir
|
|||
|
||||
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
||||
CloudProvider: aws
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: minimal-aws.example.com
|
||||
ConfigServer:
|
||||
CACertificates: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
|
|
@ -148,10 +148,10 @@ ConfigServer:
|
|||
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
||||
-----END CERTIFICATE-----
|
||||
servers:
|
||||
- https://kops-controller.internal.minimal.example.com:3988/
|
||||
- https://kops-controller.internal.minimal-aws.example.com:3988/
|
||||
InstanceGroupName: nodes
|
||||
InstanceGroupRole: Node
|
||||
NodeupConfigHash: UBbsPilnsB+d3omFZyCe7V9SkoyT5i2GG2RQrrvGhYc=
|
||||
NodeupConfigHash: PYloQzR6uutSWKqrBxDmO3BjOzLeVfe405geH1mk5Pw=
|
||||
|
||||
__EOF_KUBE_ENV
|
||||
|
||||
|
|
@ -2,7 +2,7 @@ apiVersion: kops.k8s.io/v1alpha2
|
|||
kind: Cluster
|
||||
metadata:
|
||||
creationTimestamp: "2016-12-10T22:42:27Z"
|
||||
name: minimal.example.com
|
||||
name: minimal-aws.example.com
|
||||
spec:
|
||||
api:
|
||||
dns: {}
|
||||
|
|
@ -16,14 +16,14 @@ spec:
|
|||
cloudControllerManager:
|
||||
allocateNodeCIDRs: true
|
||||
clusterCIDR: 100.96.0.0/11
|
||||
clusterName: minimal.example.com
|
||||
clusterName: minimal-aws.example.com
|
||||
configureCloudRoutes: false
|
||||
image: registry.k8s.io/provider-aws/cloud-controller-manager:v1.27.2
|
||||
leaderElection:
|
||||
leaderElect: true
|
||||
cloudProvider: aws
|
||||
clusterDNSDomain: cluster.local
|
||||
configBase: memfs://clusters.example.com/minimal.example.com
|
||||
configBase: memfs://clusters.example.com/minimal-aws.example.com
|
||||
containerd:
|
||||
logLevel: info
|
||||
runc:
|
||||
|
|
@ -32,7 +32,7 @@ spec:
|
|||
dnsZone: Z1AFAKE1ZON3YO
|
||||
etcdClusters:
|
||||
- backups:
|
||||
backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd/main
|
||||
backupStore: memfs://clusters.example.com/minimal-aws.example.com/backups/etcd/main
|
||||
etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
name: us-test-1a
|
||||
|
|
@ -41,7 +41,7 @@ spec:
|
|||
name: main
|
||||
version: 3.5.9
|
||||
- backups:
|
||||
backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd/events
|
||||
backupStore: memfs://clusters.example.com/minimal-aws.example.com/backups/etcd/events
|
||||
etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
name: us-test-1a
|
||||
|
|
@ -51,7 +51,7 @@ spec:
|
|||
version: 3.5.9
|
||||
externalDns:
|
||||
provider: dns-controller
|
||||
keyStore: memfs://clusters.example.com/minimal.example.com/pki
|
||||
keyStore: memfs://clusters.example.com/minimal-aws.example.com/pki
|
||||
kubeAPIServer:
|
||||
allowPrivileged: true
|
||||
anonymousAuth: false
|
||||
|
|
@ -92,8 +92,8 @@ spec:
|
|||
requestheaderUsernameHeaders:
|
||||
- X-Remote-User
|
||||
securePort: 443
|
||||
serviceAccountIssuer: https://api.internal.minimal.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal.example.com/openid/v1/jwks
|
||||
serviceAccountIssuer: https://api.internal.minimal-aws.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal-aws.example.com/openid/v1/jwks
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
storageBackend: etcd3
|
||||
kubeControllerManager:
|
||||
|
|
@ -101,7 +101,7 @@ spec:
|
|||
attachDetachReconcileSyncPeriod: 1m0s
|
||||
cloudProvider: external
|
||||
clusterCIDR: 100.96.0.0/11
|
||||
clusterName: minimal.example.com
|
||||
clusterName: minimal-aws.example.com
|
||||
configureCloudRoutes: false
|
||||
featureGates:
|
||||
InTreePluginAWSUnregister: "true"
|
||||
|
|
@ -175,7 +175,7 @@ spec:
|
|||
registerSchedulable: true
|
||||
shutdownGracePeriod: 30s
|
||||
shutdownGracePeriodCriticalPods: 10s
|
||||
masterPublicName: api.minimal.example.com
|
||||
masterPublicName: api.minimal-aws.example.com
|
||||
networkCIDR: 172.20.0.0/16
|
||||
networking:
|
||||
cni: {}
|
||||
|
|
@ -193,7 +193,7 @@ spec:
|
|||
version: v1.18.3
|
||||
nonMasqueradeCIDR: 100.64.0.0/10
|
||||
podCIDR: 100.96.0.0/11
|
||||
secretStore: memfs://clusters.example.com/minimal.example.com/secrets
|
||||
secretStore: memfs://clusters.example.com/minimal-aws.example.com/secrets
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
sshAccess:
|
||||
- 0.0.0.0/0
|
||||
|
|
@ -12,12 +12,13 @@ spec:
|
|||
- /bin/sh
|
||||
- -c
|
||||
- mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
|
||||
--backup-store=memfs://clusters.example.com/minimal.example.com/backups/etcd/events
|
||||
--backup-store=memfs://clusters.example.com/minimal-aws.example.com/backups/etcd/events
|
||||
--client-urls=https://__name__:4002 --cluster-name=etcd-events --containerized=true
|
||||
--dns-suffix=.internal.minimal.example.com --grpc-port=3997 --peer-urls=https://__name__:2381
|
||||
--dns-suffix=.internal.minimal-aws.example.com --grpc-port=3997 --peer-urls=https://__name__:2381
|
||||
--quarantine-client-urls=https://__name__:3995 --v=6 --volume-name-tag=k8s.io/etcd/events
|
||||
--volume-provider=aws --volume-tag=k8s.io/etcd/events --volume-tag=k8s.io/role/control-plane=1
|
||||
--volume-tag=kubernetes.io/cluster/minimal.example.com=owned > /tmp/pipe 2>&1
|
||||
--volume-tag=kubernetes.io/cluster/minimal-aws.example.com=owned > /tmp/pipe
|
||||
2>&1
|
||||
env:
|
||||
- name: ETCD_MANAGER_DAILY_BACKUPS_RETENTION
|
||||
value: 90d
|
||||
|
|
@ -12,12 +12,13 @@ spec:
|
|||
- /bin/sh
|
||||
- -c
|
||||
- mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
|
||||
--backup-store=memfs://clusters.example.com/minimal.example.com/backups/etcd/main
|
||||
--backup-store=memfs://clusters.example.com/minimal-aws.example.com/backups/etcd/main
|
||||
--client-urls=https://__name__:4001 --cluster-name=etcd --containerized=true
|
||||
--dns-suffix=.internal.minimal.example.com --grpc-port=3996 --peer-urls=https://__name__:2380
|
||||
--dns-suffix=.internal.minimal-aws.example.com --grpc-port=3996 --peer-urls=https://__name__:2380
|
||||
--quarantine-client-urls=https://__name__:3994 --v=6 --volume-name-tag=k8s.io/etcd/main
|
||||
--volume-provider=aws --volume-tag=k8s.io/etcd/main --volume-tag=k8s.io/role/control-plane=1
|
||||
--volume-tag=kubernetes.io/cluster/minimal.example.com=owned > /tmp/pipe 2>&1
|
||||
--volume-tag=kubernetes.io/cluster/minimal-aws.example.com=owned > /tmp/pipe
|
||||
2>&1
|
||||
env:
|
||||
- name: ETCD_MANAGER_DAILY_BACKUPS_RETENTION
|
||||
value: 90d
|
||||
|
|
@ -34,7 +34,7 @@ spec:
|
|||
- args:
|
||||
- --allocate-node-cidrs=true
|
||||
- --cluster-cidr=100.96.0.0/11
|
||||
- --cluster-name=minimal.example.com
|
||||
- --cluster-name=minimal-aws.example.com
|
||||
- --configure-cloud-routes=false
|
||||
- --leader-elect=true
|
||||
- --v=2
|
||||
|
|
@ -632,8 +632,8 @@ spec:
|
|||
- controller
|
||||
- --endpoint=$(CSI_ENDPOINT)
|
||||
- --logtostderr
|
||||
- --k8s-tag-cluster-id=minimal.example.com
|
||||
- --extra-tags=KubernetesCluster=minimal.example.com
|
||||
- --k8s-tag-cluster-id=minimal-aws.example.com
|
||||
- --extra-tags=KubernetesCluster=minimal-aws.example.com
|
||||
- --http-endpoint=0.0.0.0:3301
|
||||
- --v=5
|
||||
env:
|
||||
|
|
@ -6,7 +6,7 @@ spec:
|
|||
addons:
|
||||
- id: k8s-1.16
|
||||
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
|
||||
manifestHash: abc34b75927182307d11de4729eecc8071d300b6ef1da5b378d9d7a635673214
|
||||
manifestHash: c93e5418cbb9501af984b952911d4bcb2e39d8366660f2d3bb76a59568d70b43
|
||||
name: kops-controller.addons.k8s.io
|
||||
needsRollingUpdate: control-plane
|
||||
selector:
|
||||
|
|
@ -41,7 +41,7 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.11
|
||||
manifest: node-termination-handler.aws/k8s-1.11.yaml
|
||||
manifestHash: bd6955162f93335d20e8f1215411cb1e8388371f2f4a1ff6e29529175db262f9
|
||||
manifestHash: 1e66f34d3315646be987b84940bf5d42dc394d01a08e6aef618613307d18efe3
|
||||
name: node-termination-handler.aws
|
||||
prune:
|
||||
kinds:
|
||||
|
|
@ -99,14 +99,14 @@ spec:
|
|||
version: 9.99.0
|
||||
- id: k8s-1.18
|
||||
manifest: aws-cloud-controller.addons.k8s.io/k8s-1.18.yaml
|
||||
manifestHash: 0ff974e13ec519948db39a69d054f65ce4404b17b19206e7e7fcf28de958d80c
|
||||
manifestHash: feb3f9e7a365e0f739f7ef50554bab048781561c5a9849c592ade8ec2b20a5be
|
||||
name: aws-cloud-controller.addons.k8s.io
|
||||
selector:
|
||||
k8s-addon: aws-cloud-controller.addons.k8s.io
|
||||
version: 9.99.0
|
||||
- id: k8s-1.17
|
||||
manifest: aws-ebs-csi-driver.addons.k8s.io/k8s-1.17.yaml
|
||||
manifestHash: 9ebe176a18822b64f30849e1b29a147a73e49bb0c445c78cba85703ea3a3221f
|
||||
manifestHash: 15bbaf6741c5f0d69023ddcc78d7846659c9ea5822580aa02ebe126c26b68c95
|
||||
name: aws-ebs-csi-driver.addons.k8s.io
|
||||
selector:
|
||||
k8s-addon: aws-ebs-csi-driver.addons.k8s.io
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v1
|
||||
data:
|
||||
config.yaml: |
|
||||
{"clusterName":"minimal.example.com","cloud":"aws","configBase":"memfs://clusters.example.com/minimal.example.com","secretStore":"memfs://clusters.example.com/minimal.example.com/secrets","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.minimal.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
|
||||
{"clusterName":"minimal-aws.example.com","cloud":"aws","configBase":"memfs://clusters.example.com/minimal-aws.example.com","secretStore":"memfs://clusters.example.com/minimal-aws.example.com/secrets","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.minimal-aws.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
|
|
@ -33,7 +33,7 @@ spec:
|
|||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal.example.com
|
||||
dns.alpha.kubernetes.io/internal: kops-controller.internal.minimal-aws.example.com
|
||||
creationTimestamp: null
|
||||
labels:
|
||||
k8s-addon: kops-controller.addons.k8s.io
|
||||
|
|
@ -202,7 +202,7 @@ spec:
|
|||
- name: ENABLE_SQS_TERMINATION_DRAINING
|
||||
value: "true"
|
||||
- name: QUEUE_URL
|
||||
value: https://sqs.us-test-1.amazonaws.com/123456789012/minimal-example-com-nth
|
||||
value: https://sqs.us-test-1.amazonaws.com/123456789012/minimal-aws-example-com-nth
|
||||
- name: WORKERS
|
||||
value: "10"
|
||||
image: public.ecr.aws/aws-ec2/aws-node-termination-handler:v1.18.3
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
APIServerConfig:
|
||||
API:
|
||||
dns: {}
|
||||
publicName: api.minimal.example.com
|
||||
publicName: api.minimal-aws.example.com
|
||||
ClusterDNSDomain: cluster.local
|
||||
KubeAPIServer:
|
||||
allowPrivileged: true
|
||||
|
|
@ -43,8 +43,8 @@ APIServerConfig:
|
|||
requestheaderUsernameHeaders:
|
||||
- X-Remote-User
|
||||
securePort: 443
|
||||
serviceAccountIssuer: https://api.internal.minimal.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal.example.com/openid/v1/jwks
|
||||
serviceAccountIssuer: https://api.internal.minimal-aws.example.com
|
||||
serviceAccountJWKSURI: https://api.internal.minimal-aws.example.com/openid/v1/jwks
|
||||
serviceClusterIPRange: 100.64.0.0/13
|
||||
storageBackend: etcd3
|
||||
ServiceAccountPublicKeys: |
|
||||
|
|
@ -227,14 +227,14 @@ CAs:
|
|||
MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
|
||||
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
||||
-----END CERTIFICATE-----
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: minimal-aws.example.com
|
||||
ControlPlaneConfig:
|
||||
KubeControllerManager:
|
||||
allocateNodeCIDRs: true
|
||||
attachDetachReconcileSyncPeriod: 1m0s
|
||||
cloudProvider: external
|
||||
clusterCIDR: 100.96.0.0/11
|
||||
clusterName: minimal.example.com
|
||||
clusterName: minimal-aws.example.com
|
||||
configureCloudRoutes: false
|
||||
featureGates:
|
||||
InTreePluginAWSUnregister: "true"
|
||||
|
|
@ -308,18 +308,18 @@ Networking:
|
|||
serviceClusterIPRange: 100.64.0.0/13
|
||||
UpdatePolicy: automatic
|
||||
channels:
|
||||
- memfs://clusters.example.com/minimal.example.com/addons/bootstrap-channel.yaml
|
||||
- memfs://clusters.example.com/minimal-aws.example.com/addons/bootstrap-channel.yaml
|
||||
configStore:
|
||||
keypairs: memfs://clusters.example.com/minimal.example.com/pki
|
||||
secrets: memfs://clusters.example.com/minimal.example.com/secrets
|
||||
keypairs: memfs://clusters.example.com/minimal-aws.example.com/pki
|
||||
secrets: memfs://clusters.example.com/minimal-aws.example.com/secrets
|
||||
containerdConfig:
|
||||
logLevel: info
|
||||
runc:
|
||||
version: 1.1.5
|
||||
version: 1.6.20
|
||||
etcdManifests:
|
||||
- memfs://clusters.example.com/minimal.example.com/manifests/etcd/main-master-us-test-1a.yaml
|
||||
- memfs://clusters.example.com/minimal.example.com/manifests/etcd/events-master-us-test-1a.yaml
|
||||
- memfs://clusters.example.com/minimal-aws.example.com/manifests/etcd/main-master-us-test-1a.yaml
|
||||
- memfs://clusters.example.com/minimal-aws.example.com/manifests/etcd/events-master-us-test-1a.yaml
|
||||
staticManifests:
|
||||
- key: kube-apiserver-healthcheck
|
||||
path: manifests/static/kube-apiserver-healthcheck.yaml
|
||||
|
|
@ -14,7 +14,7 @@ Assets:
|
|||
- c3e6a054b18b20fce06c7c3ed53f0989bb4b255c849bede446ebca955f07a9ce@https://github.com/containerd/containerd/releases/download/v1.6.20/containerd-1.6.20-linux-arm64.tar.gz
|
||||
- 54e79e4d48b9e191767e4abc08be1a8476a1c757e9a9f8c45c6ded001226867f@https://github.com/opencontainers/runc/releases/download/v1.1.5/runc.arm64
|
||||
CAs: {}
|
||||
ClusterName: minimal.example.com
|
||||
ClusterName: minimal-aws.example.com
|
||||
Hooks:
|
||||
- null
|
||||
- null
|
||||
|
|
@ -6,6 +6,6 @@
|
|||
"Service": ["events.amazonaws.com", "sqs.amazonaws.com"]
|
||||
},
|
||||
"Action": "sqs:SendMessage",
|
||||
"Resource": "arn:aws-test:sqs:us-test-1:123456789012:minimal-example-com-nth"
|
||||
"Resource": "arn:aws-test:sqs:us-test-1:123456789012:minimal-aws-example-com-nth"
|
||||
}]
|
||||
}
|
||||
|
|
@ -2,13 +2,13 @@ apiVersion: kops.k8s.io/v1alpha2
|
|||
kind: Cluster
|
||||
metadata:
|
||||
creationTimestamp: "2016-12-10T22:42:27Z"
|
||||
name: minimal.example.com
|
||||
name: minimal-aws.example.com
|
||||
spec:
|
||||
kubernetesApiAccess:
|
||||
- 0.0.0.0/0
|
||||
channel: stable
|
||||
cloudProvider: aws
|
||||
configBase: memfs://clusters.example.com/minimal.example.com
|
||||
configBase: memfs://clusters.example.com/minimal-aws.example.com
|
||||
etcdClusters:
|
||||
- etcdMembers:
|
||||
- instanceGroup: master-us-test-1a
|
||||
|
|
@ -19,7 +19,7 @@ spec:
|
|||
name: us-test-1a
|
||||
name: events
|
||||
kubernetesVersion: v1.27.0
|
||||
masterPublicName: api.minimal.example.com
|
||||
masterPublicName: api.minimal-aws.example.com
|
||||
networkCIDR: 172.20.0.0/16
|
||||
networking:
|
||||
cni: {}
|
||||
|
|
@ -40,7 +40,7 @@ metadata:
|
|||
creationTimestamp: "2016-12-10T22:42:28Z"
|
||||
name: nodes
|
||||
labels:
|
||||
kops.k8s.io/cluster: minimal.example.com
|
||||
kops.k8s.io/cluster: minimal-aws.example.com
|
||||
spec:
|
||||
associatePublicIp: true
|
||||
image: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220404
|
||||
|
|
@ -60,7 +60,7 @@ metadata:
|
|||
creationTimestamp: "2016-12-10T22:42:28Z"
|
||||
name: master-us-test-1a
|
||||
labels:
|
||||
kops.k8s.io/cluster: minimal.example.com
|
||||
kops.k8s.io/cluster: minimal-aws.example.com
|
||||
spec:
|
||||
associatePublicIp: true
|
||||
image: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220404
|
||||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue