kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,710 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1122 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 8a81d94c7b
Merge pull request #9773 from victorfrancax1/7286 
Adding support for permission boundaries for AWS IAM Roles
 2020-08-19 06:51:11 -07:00
Michael Wagner df5cc6a71b feat(openstack): propagate cloud labels to machines 2020-08-19 09:05:51 +02:00
Victor Ferreira 3aaa9a7c0f feat(aws): adding support to permission boundaries for IAM Roles 2020-08-19 01:16:13 -03:00
Kubernetes Prow Robot ee366e8958
Merge pull request #9779 from johngmyers/calico-client-iam 
Don't give access to calico-client key when not needed
 2020-08-18 21:07:11 -07:00
Kubernetes Prow Robot f1a0e0312f
Merge pull request #9777 from hakman/containerd-1.4.0 
Add support for containerd v1.4.0
 2020-08-18 14:45:11 -07:00
John Gardiner Myers ba96a84926 Don't give access to calico-client key when not needed 2020-08-18 13:45:27 -07:00
Kubernetes Prow Robot af1b935ce2
Merge pull request #9778 from olemarkus/openstack-fix-noisy-env-vars 
Only add OS variables if they are needed
 2020-08-18 13:05:10 -07:00
Ole Markus With 94833faca5 Only add OS variables if they are needed 2020-08-18 20:58:54 +02:00
Ciprian Hacman 537ad60191 Add support for containerd v1.4.0 2020-08-18 10:04:18 +03:00
John Gardiner Myers 07220797b4 Issue the cilium etcd client cert out of kops-controller 2020-08-17 21:15:34 -07:00
John Gardiner Myers b6947ccaee Use kops-controller to issue kube-router cert 2020-08-16 23:40:38 -07:00
John Gardiner Myers 8e43c1d637 Use kops-controller to issue kube-proxy cert 2020-08-16 23:36:42 -07:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers c5871df319 Get kubelet certificate from kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers 00c60ddff6 Add server code to kops-controller 2020-08-15 09:46:30 -07:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
Kubernetes Prow Robot ec8b47d725
Merge pull request #9593 from johngmyers/kubectl-lifetime 
Reduce the lifetime of exported kubecfg credentials
 2020-08-14 19:24:18 -07:00
liranp 64c07b336a
feat(spot/ocean): add support for instance types in launchspec 2020-08-13 16:32:54 +03:00
Ole Markus With 25d98796e2 Add cinder plugin 2020-08-11 10:15:12 +02:00
Ciprian Hacman c51a811c21 ARM64 support - Update expected tests output 2020-08-10 13:47:07 +03:00
Ciprian Hacman 172031859d ARM64 support - Build multi-arch images 2020-08-10 13:47:07 +03:00
Ole Markus With fbcdeb2ed6 Respect Topology when assigning floating ips or not 2020-08-08 12:23:09 +02:00
Kubernetes Prow Robot d2f716ca80
Merge pull request #9703 from olemarkus/openstack-cilium 
Add support for cilium on openstack
 2020-08-07 12:51:57 -07:00
Kubernetes Prow Robot 2d3fd9c197
Merge pull request #9702 from olemarkus/openstack-application-credentials 
Adds support for using OS application credentials
 2020-08-07 06:16:19 -07:00
Ole Markus With a708a96c05 Adds support for using OS application credentials 
Application credentials allows you to export a purpose-specific set of
credentials for a user instead of exposing user login credentials.
Especially useful when using LDAP or similar for Openstack users.
Also lets you rotate credentials more easily since multiple application
credentials can be provisioned per user.

Update pkg/model/bootstrapscript.go

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2020-08-07 14:26:47 +02:00
Ole Markus With 84d2dcb624 Use SG to SG rule for cni tcp/udp rules 2020-08-07 09:39:44 +02:00
Ole Markus With c5ddd3885c Add support for cilium on openstack 2020-08-07 09:39:44 +02:00
liranp 0cfa2bb6a7
fix(spot/ocean): default instance group should be optional 2020-08-06 19:32:19 +03:00
liranp 4d8866824f
fix(spot): change `ScaleDown.MaxPercentage` from int to float64 2020-08-04 23:40:44 +03:00
Ole Markus With 6b81916a5d Fix potential npr 2020-08-04 08:22:00 +02:00
Ole Markus With 7e2366ac64 Determine fixedip for api cert directly in nodeup 2020-08-04 08:22:00 +02:00
Ole Markus With 460c0f3801 If there is no external network specified, no router is needed 2020-08-04 08:22:00 +02:00
Justin SB c64abd4301 Release 1.19.0-alpha.2 2020-07-31 07:59:05 -04:00
Peter Rifel a17581e21d
Add cloud tags to AWS SSH Keys 2020-07-28 13:35:09 -05:00
John Gardiner Myers 8258dcd395 Exempt OpenStack from the EnableExternalCloudController feature flag 2020-07-25 13:12:25 -07:00
Kubernetes Prow Robot a00268d511
Merge pull request #9554 from olemarkus/openstack-fixes 
Openstack fixes
 2020-07-23 13:06:25 -07:00
John Gardiner Myers a45b07c156 Reduce the lifetime of exported kubecfg credentials 2020-07-17 22:39:01 -07:00
Kubernetes Prow Robot 065824851b
Merge pull request #9476 from srikiz/DO-implement-validate-cluster 
[Digital Ocean] Implement KOPS validate cluster
 2020-07-15 12:12:37 -07:00
Srikanth 160a4b81c9 incorporate review comments to use instance group name for DO instance group tag 2020-07-14 13:25:01 +05:30
Ole Markus With ecca2fda82 When using bastion and expecting no floating IPs, topology should be private 2020-07-12 22:08:30 +02:00
Ole Markus With fd7490e3e2 Only add floating IPs to nodes if we have a public topology for nodes 2020-07-12 21:08:13 +02:00
Ole Markus With b508696cf2 Make Instance task depend on floating ip 
Originally, floating ips depended on instances, but this causes a dependency cycle now that bootstrap scripts require all IPs for the API cert.
This also requires using networking API for creating floating ips instead of compute so that we can name (and later tag) the floating IPs, which is necessary to know which floating IP belongs to which instance prior to association
 2020-07-12 21:08:13 +02:00
Ole Markus With 4a16223361 Create master API security group unconditionally 
Needed somewhere anyway. Failing to create this one errors with missing task
 2020-07-12 21:08:13 +02:00
Kubernetes Prow Robot 33722a9eca
Merge pull request #9534 from johngmyers/fix-multi-master 
Use a stable key for signing service account tokens
 2020-07-12 12:04:33 -07:00
John Gardiner Myers ac13557e03 Add missing lifecycle to etcd keypair tasks 2020-07-11 22:27:53 -07:00
John Gardiner Myers 70926d43fc Use a stable key for signing service account tokens 2020-07-11 13:18:50 -07:00
Ciprian Hacman 06df2cc123 Re-enable disk based evictions for Kubernetes 1.19 2020-07-09 19:36:11 +03:00
John Gardiner Myers 479b4860e8 Remove deprecated function 2020-07-06 22:48:01 -07:00
Kubernetes Prow Robot 0c62641dad
Merge pull request #9354 from johngmyers/refactor-certs-2 
Continue refactoring certs into nodeup
 2020-07-06 17:13:57 -07:00
Kubernetes Prow Robot a97fc42666
Merge pull request #9491 from johngmyers/nodeport-dns 
Default ClusterDNS appropriately when NodeLocalDNS is enabled
 2020-07-05 22:28:50 -07:00