Automatic merge from submit-queue.
work on using files assets
Basic MVP for file assests.
- using file assest builder
- able to upload files
- using URL structs instead of strings everywhere
Automatic merge from submit-queue.
Adds permissions for ELB and NLB req'd by 1.9
Adds appropriate IAM permissions to Masters (in restrictive mode) for ELB and NLB.
Closes https://github.com/kubernetes/kops/issues/3883
File assets and the SHA files are uploaded to the new location. Files
when are users uses s3 are upload public read only. The copyfile task
uses only the existing SHA value.
This PR include major refactoring of the use of URLs. Strings are no
longer categnated, but converted into a URL struct and path.Join is
utlilized.
A new values.go file is included so that we can start refactoring more
code out of the "fi" package.
A
Automatic merge from submit-queue.
add imagePullProgressDeadline to kubelet config
Support the kubelet runtime flag `--image-pull-progress-deadline` by mapping the config key `imagePullProgressDeadline`
This supports extending the deadline to pull new images, as detailed in [this issue](https://github.com/openshift/origin/issues/13122)
Automatic merge from submit-queue.
Support for hostPort when using canal
Similar to: https://github.com/kubernetes/kops/pull/3206
Without this, we are unable to get `hostPort` working with `canal`. The same is true for `flannel`, but this does add support for plain flannel.
While the admin account is created on stock debian images, it isn't on
all of them. Check admin first, then check root, and don't treat it as
an error if neither is found - this is only a convenience.
Fix up the local IP address discovery logic, to recognize new
en-interfaces, and to better log what it is doing. Plug it in for
baremetal installations.
Automatic merge from submit-queue.
Gazelle updates
We missed one
/assign @justinsb @KashifSaadat
- applying 4065 this should drop out b29e1c5bd2
- just review the second commit
Automatic merge from submit-queue.
Fix node counts
When running `kops validate`, and the cluster size is greater than the minimum configuration, the display message is
<img width="153" alt="screen shot 2017-12-07 at 1 10 14 pm" src="https://user-images.githubusercontent.com/11003242/33738958-1571943e-db50-11e7-9156-f034c9af7d9c.png">
This PR sets the NodeCount value to the length of the nodes array instead of the configuration.
Automatic merge from submit-queue.
Bump weave version in bootstrapchannelbuilder
2.1.3 upstream becomes 2.1.3-kops.1, so if we need to make our own
"packaging" changes, we can do 2.1.3-kops.2 etc.
Automatic merge from submit-queue.
add kube-ingress-aws-controller + skipper addons
Adds an addon that needs some more requirements, because it has to have the rights to create/update/delete ALBs, find certificates, ..
I hope this is ok to have here a more long page to explain requirements and show some features that are not common in ingress implementations.
Automatic merge from submit-queue.
[Add-on][kube-state-metrics] Bump version
## Why?
- Bump kube-state-metrics version 1.1.0
- Bump addon-resizer version to 1.8.1
- Adjust `addon-resizer` scaling threshold
Automatic merge from submit-queue.
Allow additional SGs to be added to API loadbalancer
Allow adding precreated additional security groups to the API loadbalancer using cluster spec:
```yaml
spec:
api:
loadBalancer:
type: Public
additionalSecurityGroups:
- sg-exampleid3
- sg-exampleid4
```
- [x] Adding additionalSecurityGroups cluster spec
- [x] Adding validation for repeated security groups
- [x] Adding validation for API loadbalancer security groups
- [x] Integration test for API loadbalancer and its security groups
- [x] Update API docs and cluster.spec docs
Automatic merge from submit-queue.
Remove world read permissions on sensitive key files.
The key files pulled from S3 had world read permissions by default (644). This PR sets the permissions to 600 on `.key` and `.pem` files.
Marcin Maciaszczyk
