kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,522 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

153 Commits

Author SHA1 Message Date
Ole Markus With 5d82e52c48 Use external ECR credential provider as of Kubernetes 1.27 2023-04-29 10:21:57 +02:00
John Gardiner Myers 0c323445fb Move UsesKubenet to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers cc49461849 Move several CNI tests to nodeup.Config 2023-01-15 23:11:58 -08:00
John Gardiner Myers da881fb320 Move NonMasqueradeCIDR to nodeup.Config 2023-01-15 17:19:18 -08:00
justinsb b7d9319fff EnsureTask should panic on error 
This means that we automatically check the error code.  A linter could
detect errors here (maybe), but in practice we can't recover from
errors here anyway.
 2023-01-04 08:29:20 -05:00
John Gardiner Myers 447220ef4e Use NodeupConfig for NTP-managed setting 2023-01-03 22:16:20 -08:00
John Gardiner Myers 125866792d Use NodeupConfig for ContainerdConfig 2023-01-02 13:42:11 -08:00
John Gardiner Myers 25a897b691 Use NodeupConfig for ContainerRuntime 2023-01-02 12:50:23 -08:00
John Gardiner Myers b38c55a2b9 Simplify nodeup references to CloudProvider 2022-12-20 19:44:32 -08:00
John Gardiner Myers 40f0d35373 cloudConfig is never nil in a completed cluster spec 2022-12-18 22:46:22 -08:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
John Gardiner Myers 6536c0b301 v1alpha3: use new terminology for kubelet config 2022-11-25 16:53:23 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Ole Markus With cd378bff72 Move setting role taints to cloudup 2022-10-18 13:42:00 +02:00
Ole Markus With 950a69857d Remove usage of cluster kubelet config from nodeup 2022-10-16 21:04:20 +02:00
Ole Markus With 24d6b8f5fc Return error if podManifestPath has not been set 2022-08-20 15:34:22 +02:00
Ole Markus With d4ea445f24 Remove redundant buildKubeletConfig function 2022-08-20 15:34:22 +02:00
Ciprian Hacman b5f14b589b Add initial support for Hetzner Cloud 2022-05-09 06:12:15 +03:00
Ole Markus With 8423d49bf3 Add control-plane taint and remove master node-role label 2022-04-18 13:56:13 +02:00
Ole Markus With 19bce47653 Fix nilpointer when graceful shutdown is not configured 2022-02-13 21:11:07 +01:00
Ole Markus With 2625264fe5 Add support for graceful node shutdown 
Update docs/cluster_spec.md

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2022-02-11 20:51:02 +01:00
Ciprian Hacman 68b4611066 Clean up kubelet networking flags for dockershim 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-01-19 17:36:18 +02:00
Ole Markus With 166860b668 Create cgroups for kube and runtime if configured 2021-12-20 13:36:45 +01:00
John Gardiner Myers c5e1dea184 Remove code for no-longer-supported k8s version 2021-12-11 16:30:51 -08:00
justinsb 8220211655 nodeup: store the CloudProvider in the context 
This is a bit simpler than fetching it from the cluster every time,
and also can allow things like mixed-cloud clusters (in future).
 2021-12-11 09:16:03 -05:00
Kubernetes Prow Robot f7e66049d6
Merge pull request #12862 from johngmyers/instanceid-nodename 
Use instance ID as node name when AWS CCM supports it
 2021-12-05 14:58:32 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers 73f164e229 Use instance ID as node name when AWS CCM supports it 2021-11-30 17:54:54 -08:00
Ciprian Hacman 2f4bdde429 Respect any MaxPods value the user sets explicitly 
even for AWS VPC CNI.
 2021-10-25 06:39:34 +03:00
John Gardiner Myers 7963b9b9ec Remove some unused fields from v1alpha3 componentconfig 2021-10-07 23:29:53 -07:00
Peter Rifel 7ce1cdc065
Set kubelet's --no-ip on IPv6-only clusters 2021-09-30 09:20:33 -05:00
Peter Rifel 88ddff3baf
Use separate cloud.config files for in-tree vs out-of-tree components 2021-09-30 09:20:33 -05:00
Ole Markus With ad16042a1f Add IPs to kubelet server cert 
Since AWS does not resolve instance hostnames to ipv6, ipv6-only pods that talk to kubelet API has to use node IP, not hostname. Thus we need to add IPs to kubelet server cert.
 2021-08-26 20:54:02 +02:00
John Gardiner Myers 3282549577 Issue kubelet cert on apiserver nodes for k8s before 1.19 2021-07-16 10:13:20 -07:00
John Gardiner Myers 191df58267 Verify CA keypair IDs for kops-controller-issued certs 2021-07-14 08:15:28 -07:00
John Gardiner Myers 68041a4f73 Issue certs using CA KeypairID in NodeupConfig 2021-07-10 23:23:12 -07:00
John Gardiner Myers 1752f0f4db Move most of nodeup.Config out of userdata 2021-06-25 22:25:49 -07:00
John Gardiner Myers b45c0b4489 Remove InstanceGroup from NodeupModelContext 2021-06-03 21:27:01 -07:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Ole Markus With df2f66e1e5 Make API servers provision themselves. 
API servers also have access to secret store, so there is no need to go through kops-controller.
This lets API server only depend on etcd from the CP nodes, which should make it easier to scale out API servers under pressure
 2021-04-23 06:59:15 +02:00
Ole Markus With 769c6e584f Add install section to kubelet unit 2021-04-19 19:19:46 +02:00
Ole Markus With af92896dc7 Don't start kubelet if we are warming 2021-04-14 11:05:50 +02:00
Ole Markus With bd731ce989 Use secure kubelet auth 
Without secure node auth enabled, commands like `kubectl logs` may fail
with certain configurations.

Previously, we checked if anonymousAuth was enabled on the kubelet
before securing node communication, but this isn't really relevant. We
can still authenticate even if anonymous access is allowed.
 2021-04-13 08:59:39 +02:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Kubernetes Prow Robot 4ee8936d63
Merge pull request #10547 from justinsb/cos_var_lib_kubelet 
COS/GCE: exec on kubelet/flexvolume dirs
 2021-01-10 08:23:17 -08:00
Justin Santa Barbara e9f6623a80 COS/GCE: exec on kubelet/flexvolume dirs 
Upstream bind mounts /var/lib/kubelet with exec, dev and suid
permissions, because emptyDirs end up inheriting these permissions.

Similarly, /home/kubernetes/flexvolume needs exec permission to
support flexdrivers.
 2021-01-09 13:56:18 -05:00
Justin Santa Barbara 78b139465c Refactor and centralize distribution logic 
Use of a struct makes it more sustainable, centralizing into the
distribution package makes it simpler to follow.
 2021-01-05 11:50:23 -05:00
Justin SB b17e44b709 Recognize ubuntu 20.10 
Teach nodeup about ubuntu 20.10, including the unusual
/etc/resolv.conf configuration.
 2021-01-05 10:53:40 -05:00