kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,165 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

175 Commits

Author SHA1 Message Date
John Gardiner Myers ac06f4af48 AWS: Use pagination for DescribeImages call 2022-12-22 17:03:03 -08:00
Ciprian Hacman 3a046ded6b aws: Add support for managing target group attributes 2022-12-07 18:56:14 +02:00
Kubernetes Prow Robot 0acd57eb01
Merge pull request #14635 from johngmyers/ipv6-subnet-assign 
Set AssignIPv6AddressOnCreation on subnets
 2022-11-23 08:46:19 -08:00
John Gardiner Myers f1c838f513 Set AssignIPv6AddressOnCreation on subnets 2022-11-22 22:52:49 -08:00
John Gardiner Myers 2e61fd9fa7 Fix missing locking in mock ModifySubnetAttribute() 2022-11-22 21:35:06 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
John Gardiner Myers 25b7dc21fa Create NLB instead of CLB for bastion 2022-10-29 17:00:00 -07:00
Ole Markus With eb003a19b1 Fix bugs and typo in iam resource deletion logic 2022-08-21 20:01:20 +02:00
Ole Markus With cdea136e64 Support multiple lifecycle hooks for the same ASG in our mocks 2022-08-18 20:23:34 +02:00
Nicolas Sterchele 73b6ed4150
aws: introduce maximum instance lifetime in cluster 
The maximum instance lifetime is an AWS only feature and specifies the
maximum amount of time (in seconds) that an instance can be in service
before it is terminated and replaced.
A common use case might be a requirement to replace your instances on a
schedule because of internal security policies or external compliance
controls.
 2022-07-04 20:38:33 +02:00
Nat Henderson 9b08c4bb51 Enable internal load balancers when running on GCP 
* Add ILBs, broadly following the AWS model.  The following new
capabilities are added for clusters in GCP:
  * Cluster's spec.api.loadBalancer can be set to 'type: internal' on
    GCP.
    * Therefore, GCP can now create:
        * regional backend services
        * regional (non-legacy) healthchecks
        * firewall rules with "internal" load-balancing scheme
        * firewall rules with dot-notation-specified IP addresses
  * Cluster's spec.api.loadBalancer's 'subnets' field functions
    as in the AWS model.

A few incidental changes are included, either because this change
touched the relevant code or because my use case happened to trigger the
issues that are fixed here.

* Cluster's spec.networkID field can be prefixed by project to use
  GCP's common cross-project networking model.
    * The presumption is that all specified subnets belong to this
      network and therefore this project.

* Add missing operation wait on forwarding rule creation.

* Some Terraform output improvements:
    * Permit no-ACL files in GCS buckets in Terraform output.
    * Enable marginally better cross-resource reference in Terraform outputs
    * Add project to network + subnetwork literals in Terraform output.
    * Add terraform output to backend services and health checks.

Testing:
  * Add mocks for backend services and health checks.
  * Add minimal integration test - copied from gce_private and ilb added.
  * Add update cluster goldens.

Co-authored-by: Travis Reid <travis_reid@apple.com>
 2022-04-25 13:31:47 -07:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
Ole Markus With f8525ce6f9 Add integration test for really long cluster names 2022-03-15 20:44:26 +01:00
Jesse Haka db74df049e override email because its not part of create 2022-03-01 12:10:23 +02:00
Kubernetes Prow Robot 02dc9dd8b3
Merge pull request #13201 from zetaab/removesa 
cleanup GCP Cluster Service Accounts
 2022-02-23 04:24:19 -08:00
Kubernetes Prow Robot e5f75e03b0
Merge pull request #13199 from zetaab/addhealthcheck 
GCP API health checks
 2022-02-15 17:27:02 -08:00
Jeroen van Erp 255a0322c9
Allow PrefixList for sshAccess and kubernetesApiAccess 
Signed-off-by: Jeroen van Erp <jeroen@hierynomus.com>
 2022-02-15 14:37:28 +01:00
Jesse Haka 0a19533410 remove GCE Cluster Service Accounts 2022-02-04 16:46:27 +02:00
Jesse Haka 6aeccc1c9e remove list 2022-02-03 21:06:09 +02:00
Jesse Haka d3fac0c1be GCP API health checks 2022-02-03 21:02:21 +02:00
Kubernetes Prow Robot af7e6a4aeb
Merge pull request #12983 from zetaab/feature/drainos 
Drain OpenStack loadbalancers
 2022-01-03 02:23:00 -08:00
Jesse Haka b88d110f58 Drain OpenStack loadbalancers 2021-12-31 13:16:02 +02:00
Ole Markus With ea9d0de847 Handle default in templating instead of ig population 2021-12-30 09:01:43 +01:00
Ole Markus With 66e6ed0850 Delete ENIs tagged with k8s tags 2021-12-22 21:45:01 +01:00
Kubernetes Prow Robot 7ab4f43500
Merge pull request #12864 from johngmyers/rbn-subnet 
Set Resource Based Naming on managed subnets
 2021-12-19 21:03:25 -08:00
justinsb faeeb1fe80 GCE: Project IAM Binding task 
This allows us to grant a project-level permission to a service account.
 2021-12-13 13:48:55 -05:00
justinsb eeb948aca8 GCE: Task for StorageBucket IAM 
IAM at the bucket level is recommended over object or bucket level ACLs.
 2021-12-13 10:16:54 -05:00
justinsb 345c2900e8 gce: ServiceAccount task 
Create a Task to manage GCE service account resources.
 2021-12-12 22:12:18 -05:00
Ole Markus With a4e609c450 Set the default LT version to the new LT version 2021-12-11 14:53:05 +01:00
Kubernetes Prow Robot b28cc53252
Merge pull request #12629 from rifelpet/iam-profile-tag 
Ignore InvalidAction errors when tagging IAM Instance Profiles
 2021-12-10 16:40:33 -08:00
John Gardiner Myers 9f9316a921 Set Resource Based Naming on managed subnets 2021-12-05 17:42:29 -08:00
Jesse Haka 8f3b42222b Cleanup GCE loadbalancers created by k8s 2021-12-05 12:26:43 +02:00
Peter Rifel fd2370c8e8
Ignore InvalidAction errors when tagging IAM Instance Profiles 2021-12-02 08:12:16 -06:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers b2e9d809b7 Support IPv6 private topology 2021-11-16 21:38:03 -08:00
Peter Rifel 5d82ce0b5f
Update cloudmock and integration test inputs to use aws-test partition 2021-10-29 23:07:30 -05:00
Kubernetes Prow Robot 228c82cb6e
Merge pull request #12571 from rifelpet/sqs-arn 
Use the SQS Queue's ARN reference
 2021-10-26 22:19:26 -07:00
justinsb e3c3671f76 GCE: Support network deletion 2021-10-24 17:41:14 -04:00
justinsb d363bf3dad GCE: improve network & subnet terraform support 
We should use the subnet spec in the Cluster, and default to creating
a new subnet/network, but allow an existing one to be specified.
 2021-10-24 17:41:14 -04:00
Peter Rifel cedb8f813c
Use the SQS Queue's ARN reference 2021-10-20 20:47:26 -07:00
Ole Markus With d98994686a Use sg rule ids and tags where possible 2021-09-12 14:32:58 +02:00
Peter Rifel 60c86e1a44
Enable IMDS IPv6 endpoint when IPv6AddressCount > 0 2021-09-09 07:24:14 -05:00
John Gardiner Myers 4152667f28 Remove dead code 2021-07-14 20:05:47 -07:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 024b3653c0 Set lifecycle on WarmPool task 2021-05-28 20:05:44 -07:00
Kubernetes Prow Robot fe7d6e5516
Merge pull request #11442 from hakman/ipv6 
Add initial support for configuring IPv6 with AWS
 2021-05-18 21:02:50 -07:00
Ciprian Hacman cedbe1f360 Add initial support for configuring IPv6 with AWS 2021-05-19 06:21:07 +03:00
John Gardiner Myers dd605fdbc3 Subsume StatusStore into fi.Cloud 2021-05-15 17:39:32 -07:00
Kenji Kaneda 71f52363f8 Add a lifecycle test for GCE 
- Move MockGCECloud to cloudmock/gce.
- Change Compute() and CloudDNS() of GCECloud to return interfaces
  for mocking
 2021-04-26 13:05:27 -07:00