kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,112 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

369 Commits

Author SHA1 Message Date
Ciprian Hacman edb44610f7 aws: Create cluster without DNS or Gossip 2022-11-02 12:54:27 +02:00
Kubernetes Prow Robot 2c4808c5bd
Merge pull request #14440 from hakman/hetzner_no-dns_master 
hetzner: Create cluster without DNS or Gossip
 2022-11-02 02:02:47 -07:00
John Gardiner Myers 25b7dc21fa Create NLB instead of CLB for bastion 2022-10-29 17:00:00 -07:00
Ciprian Hacman 1d53eba4b3 aws: Set the target group health check interval to 10s 2022-10-29 10:30:50 +03:00
Ciprian Hacman 4e5ded6dc3 hetzner: Create cluster without DNS or Gossip 2022-10-27 11:29:37 +03:00
Ciprian Hacman dc98c74428 Move Gossip check to cluster struct 2022-10-21 09:48:07 +03:00
Zsolt Nagy 235c2281bd Fix default launch spec detection 2022-10-06 11:15:57 +02:00
Ciprian Hacman 85026145a1 Always infer gossip DNS from cluster name 2022-10-02 12:54:37 +03:00
Ciprian Hacman ff40d18a7d Avoid spurious changes with NLB due to access log config 2022-09-23 20:57:57 +03:00
Ole Markus With 16c60a1a0c Change mock region/subnet names to match mockCloud 2022-09-17 13:14:30 +02:00
Peter Rifel f79a126bd2
Add service account tags to IAM Roles 2022-08-23 19:13:51 -05:00
Ole Markus With 7a48391172 Delete disabled lifecycle hooks and implement disable logic for warmpools 2022-08-18 19:50:48 +02:00
Ole Markus With 8bcc640452 Make Karpenter respect IG's spec.Subnets 
This will add tag all subnets with the IGs using that subnet

Update docs/operations/karpenter.md

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2022-08-01 21:06:24 +02:00
Nicolas Sterchele 73b6ed4150
aws: introduce maximum instance lifetime in cluster 
The maximum instance lifetime is an AWS only feature and specifies the
maximum amount of time (in seconds) that an instance can be in service
before it is terminated and replaced.
A common use case might be a requirement to replace your instances on a
schedule because of internal security policies or external compliance
controls.
 2022-07-04 20:38:33 +02:00
Ole Markus With 2e46fdee1b Fix unsetting ASG max price 2022-06-29 10:27:04 +02:00
Ole Markus With 15ba6610ab Depend on external cloud providers rather than cloud-providers-legacy 2022-06-16 11:08:36 +02:00
Ole Markus With d08c028747 Bump NTH to 1.16.4 and add support for scheduled instance change events 2022-05-18 21:48:28 +02:00
liranp 8061b27afd
feat(spot): add support for `rootVolumeEncryption` 2022-05-01 11:28:56 +03:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
Guillaume Perrin 1235b63a0d Only authorize additionalRoute for private subnets 
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 15:49:03 +02:00
Guillaume Perrin db27c00fa0 Apply suggestions from code review 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 14:57:21 +02:00
Guillaume Perrin e501ac62a4 Possibility to add additional routes in route tables of subnets 
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 14:57:21 +02:00
Kubernetes Prow Robot 65694b20b8
Merge pull request #13234 from spotinst/feat-ocean-template 
Spotinst: Ocean as a template for VNGs
 2022-03-19 00:45:08 -07:00
John Gardiner Myers cac727c357 Make cloudProvider a struct in v1alpha3 API 2022-03-02 21:59:49 -08:00
liranp 55de5a31bf
feat(spot): ocean as a template for vngs 2022-03-02 21:37:45 +02:00
John Gardiner Myers b41cca38d5 Enable RBN with AWS CCM 1.22.0-alpha.1 2022-02-16 22:21:30 -08:00
Kubernetes Prow Robot bffc60202c
Merge pull request #13113 from hierynomus/issue-12925 
Allow PrefixList for sshAccess and kubernetesApiAccess
 2022-02-15 07:20:03 -08:00
Jeroen van Erp 255a0322c9
Allow PrefixList for sshAccess and kubernetesApiAccess 
Signed-off-by: Jeroen van Erp <jeroen@hierynomus.com>
 2022-02-15 14:37:28 +01:00
John Gardiner Myers 5385381633 Use IPv6-only subnets for worker nodes in private IPv6 topology 2022-01-06 21:00:00 -08:00
Ole Markus With ea9d0de847 Handle default in templating instead of ig population 2021-12-30 09:01:43 +01:00
Ole Markus With b09241122f Support specifying instance requirements per IG 
Update docs/instance_groups.md

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-12-24 21:19:58 +01:00
John Gardiner Myers f9071dd0d5 Allow IPv6-only subnets 2021-12-23 19:50:46 -08:00
John Gardiner Myers 3314c18e89 Support creating dualstack internal NLBs 2021-12-19 21:52:56 -08:00
Kubernetes Prow Robot 7ab4f43500
Merge pull request #12864 from johngmyers/rbn-subnet 
Set Resource Based Naming on managed subnets
 2021-12-19 21:03:25 -08:00
Kubernetes Prow Robot 424452a855
Merge pull request #12906 from olemarkus/karpenter 
Support Karpenter
 2021-12-14 13:58:50 -08:00
Ole Markus With 0a6e329477 Use internal-elb as karpenter subnet selector 2021-12-13 21:11:56 +01:00
Ole Markus With b785965c50 Rename InstanceManager to Manager 2021-12-13 09:14:24 +01:00
Robbie Lankford 88a9d50e73
fix ineffectual assignments 2021-12-12 18:16:46 -06:00
Ole Markus With d4ec7cc7e0 Make kops get instances work with karpenter 2021-12-12 19:33:41 +01:00
Ole Markus With 794cb72112 Karpenter addon 
Constrain the instance types to what is supported by the AMI

Add taints and label to karpenter provisioner

Add instance types to karpenter provisioner
 2021-12-12 19:33:41 +01:00
Kubernetes Prow Robot e146bb4334
Merge pull request #12881 from heybronson/enable-conn-draining 
enable connection-draining for aws classic lb
 2021-12-05 21:18:33 -08:00
John Gardiner Myers 9f9316a921 Set Resource Based Naming on managed subnets 2021-12-05 17:42:29 -08:00
Bronson Mirafuentes 95c520f4af enable connection-draining for aws classic lb 2021-12-03 10:00:45 -08:00
John Gardiner Myers 7e0e97b566 Rename bastionPublicName in v1alpha3 API 2021-12-02 19:34:48 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers 19c46f766a Route NAT64 to NAT Gateway in IPv6 public topology 2021-11-27 16:56:21 -08:00
John Gardiner Myers 26e836ef11 Route NAT64 to NAT Gateway in IPv6 private topology 2021-11-26 16:11:03 -08:00
John Gardiner Myers 6fb2cd5aa3 Change DisableSubnetTags to tagSubnets 2021-11-24 23:52:28 -08:00
John Gardiner Myers 8fed76c8b2 Rename fields in v1alpha3 instancegroup API to fit acronym convention 2021-11-22 08:07:55 -08:00
John Gardiner Myers b2e9d809b7 Support IPv6 private topology 2021-11-16 21:38:03 -08:00
Peter Rifel 0bd7348ad9
Fix ARN partition in SQS queue policy 2021-10-29 23:08:30 -05:00
Peter Rifel c734f5c08d
Update IAMBuilder to include the current partition in ARNs 2021-10-29 23:07:31 -05:00
Kubernetes Prow Robot 228c82cb6e
Merge pull request #12571 from rifelpet/sqs-arn 
Use the SQS Queue's ARN reference
 2021-10-26 22:19:26 -07:00
Peter Rifel cedb8f813c
Use the SQS Queue's ARN reference 2021-10-20 20:47:26 -07:00
liranp b3a3526ad0
feat(spot/ocean): get instance types from `mixedInstancesPolicy` 2021-10-18 16:08:45 +03:00
Peter Rifel b1fa018c36
Don't hard-code the SQS Queue ARN partition 2021-10-15 09:49:57 -07:00
liranp 30f09f9f07
feat(spot): new metadata label: utilize-commitments 2021-10-12 01:32:09 +03:00
Kubernetes Prow Robot 3dc1d25454
Merge pull request #12439 from rifelpet/nth-truncate 
Truncate cluster name in NTH EventBridgeRules
 2021-09-30 00:58:07 -07:00
Peter Rifel 3311e45767
Truncate cluster name prefix used in event bridge rules 2021-09-29 19:12:49 -05:00
Charles-Edouard Brétéché 7c8c9b9a23 feat: add support for custom audience in aws oidc provider 
fix: missing json tags


fix: code gen


fix: switch to additional audiences


fix: oidc task


fix: add integration test
 2021-09-28 22:39:56 +02:00
Kubernetes Prow Robot 1774e6cae3
Merge pull request #12321 from dezmodue/private_bastion 
Add option to create an internal load balancer for the bastion
 2021-09-24 07:23:24 -07:00
Kubernetes Prow Robot 74f9a8e2fb
Merge pull request #12342 from eddycharly/irsa-wildcard 
feat: add support for wildcard in roles generated for IRSA
 2021-09-22 16:09:10 -07:00
Charles-Edouard Brétéché 5f523366d6 feat: add support for wildcard in roles generated for IRSA 2021-09-23 00:24:45 +02:00
justinsb 99764fb168 AWS: Move some subnet functions into AWS model 
We want to move all these eventually, and this is preparing for better
GCE subnet support.
 2021-09-19 12:08:09 -04:00
Simone Sciarrati 61763d488a Add option to create an internal load balancer for the bastion 2021-09-18 20:47:55 +02:00
Ole Markus With d98994686a Use sg rule ids and tags where possible 2021-09-12 14:32:58 +02:00
Peter Rifel 60c86e1a44
Enable IMDS IPv6 endpoint when IPv6AddressCount > 0 2021-09-09 07:24:14 -05:00
Ole Markus With b52008d9b6 Add instance state change notification to nth 2021-08-31 22:54:21 +02:00
Kubernetes Prow Robot bb38a3e52e
Merge pull request #12067 from h3poteto/iss-11608 
Support AWS LB access log configuration in cluster spec
 2021-08-25 16:51:23 -07:00
Ole Markus With 0439bb0d76 Remove UseServiceAccountIAM feature flag and rename feature to UseServiceAccountExternalPermissions 2021-08-07 21:20:03 +02:00
AkiraFukushima 2fd69ba3a3
Remove access log attributes when the spec is removed from cluster spec 2021-08-03 17:45:20 +09:00
AkiraFukushima 226cbe5561
Support AWS LB access log configuration for NetworkLoadBalancer 2021-08-03 12:12:16 +09:00
Peter Rifel a0a6e3c974
Cleanup various references to LaunchConfigurations 2021-07-29 22:25:01 -04:00
AkiraFukushima 50ab82ed04
Support AWS LB access log configuration in cluster spec 2021-07-29 22:39:23 +09:00
John Gardiner Myers e9fc12b4f3 Fix certificate bootstrap for non-kops-controller-bootstrap cloud providers 2021-07-18 13:37:19 -07:00
John Gardiner Myers c35d101a89 Refactor keysets for etcd-manager 2021-07-08 18:46:03 -07:00
Ole Markus With aefa906491 Do not set both CIDR and IPv6CIDR on sg rules 2021-07-03 07:57:35 +02:00
John Gardiner Myers 1e0c6cb1aa Refactor apiserver-aggregator-ca 2021-07-01 22:25:47 -07:00
Kubernetes Prow Robot 19ffc06d3d
Merge pull request #11853 from johngmyers/override-issuer 
Allow overriding the ServiceAccountIssuer for IRSA
 2021-07-01 04:43:54 -07:00
John Gardiner Myers 3de05a500e Refactor etcd-clients-ca keyset for api-server 2021-06-30 18:55:30 -07:00
Kubernetes Prow Robot ee048e89e7
Merge pull request #11872 from johngmyers/refactor-serviceaccount 
Refactor nodeup APIServer builder, part one
 2021-06-28 10:42:01 -07:00
Kubernetes Prow Robot 917c965c8f
Merge pull request #11873 from hakman/avoid_spurious_changes 
Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring
 2021-06-27 19:59:24 -07:00
John Gardiner Myers e1df9f09dd Refactor service-account public keys 2021-06-27 08:45:06 -07:00
Kubernetes Prow Robot 22c11c10f1
Merge pull request #11848 from johngmyers/cilium-etcd-client 
Refactor etcd-client-cilium secrets
 2021-06-27 04:01:24 -07:00
Ciprian Hacman 348eed772a Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring 2021-06-27 10:08:13 +03:00
Kubernetes Prow Robot 51daab932e
Merge pull request #11870 from hakman/ipv6_use_dualstack_nlb 
Use DualStack API NLB for IPv6
 2021-06-26 12:45:24 -07:00
Ciprian Hacman 7969f57d07 Address review comments 2021-06-26 21:27:00 +03:00
Ole Markus With dc79acb1bb Don't reconcile roles and policies if a profile is provided 2021-06-26 19:45:19 +02:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 2faf28379a Refactor etcd-client-cilium secrets 2021-06-25 23:57:23 -07:00
John Gardiner Myers 24d1706848 Allow overriding the ServiceAccountIssuer for IRSA 2021-06-25 18:33:07 -07:00
John Gardiner Myers 5687b0d5dc Weaken some interfaces 2021-06-21 23:11:47 -07:00
Ole Markus With b2588b637b fix missing lifecycle when deleting iam roles 2021-06-16 13:59:19 +02:00
Ciprian Hacman eb574a414c Don't set Subnet dependency on AmazonIPv6CIDR for shared VPCs 2021-06-13 12:25:42 +02:00
Kubernetes Prow Robot cfc93e5178
Merge pull request #9294 from johngmyers/refactor-nodeup-context 
Remove InstanceGroup from NodeupModelContext
 2021-06-12 13:43:01 -07:00
Kubernetes Prow Robot 92af7b88f4
Merge pull request #11523 from hakman/ipv6_cidr_subnet 
Calculate IPv6 subnet CIDR based on cluster CIDR
 2021-06-10 21:40:13 -07:00
Kubernetes Prow Robot 4005c209ff
Merge pull request #11604 from spotinst/feat-aws-nlb 
Spotinst: Support for API Load Balancer with AWS/NLB
 2021-06-10 04:29:28 -07:00
Ciprian Hacman 99268697c0 Add Subnet dependency on VPCAmazonIPv6CIDRBlock 2021-06-09 09:57:53 +03:00
John Gardiner Myers eb09d31a3c Pass AuxConfig to nodeup 2021-06-03 21:04:21 -07:00
John Gardiner Myers 7c9e7e9286 Make Lifecycle field non-pointer 2021-06-02 23:02:16 -07:00