kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,202 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

91 Commits

Author SHA1 Message Date
John Gardiner Myers dec7d33be6 v1alpha3: Move AWS EBS CSI spec under CloudProvider.AWS 2022-12-19 00:10:16 -08:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Leïla MARABESE af19c467e8 added scaleway to all switches for cluster creation 2022-12-05 14:38:08 +01:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Ole Markus With 74afb7aed0 Remove checks for k8s < 1.21 2022-09-19 19:12:53 +02:00
Ole Markus With e5d33401dc Remove k8s GTE 1.20 checks as it is always true 2022-09-17 20:17:23 +02:00
Ciprian Hacman b5f14b589b Add initial support for Hetzner Cloud 2022-05-09 06:12:15 +03:00
John Gardiner Myers 70f7d9bdb2 Use function to get cloud provider from cluster spec 2022-03-02 21:59:47 -08:00
Ole Markus With 74e9a6cd18 Fix irsa for k8s < 1.20 2022-02-09 08:52:06 +01:00
Ole Markus With 66e3202f34 Fix CSI migration feature gates 
We had a bug for KCM feature gate, and the scheuler and apiserver gate was missing entirely.
 2022-02-04 15:29:28 +01:00
Ole Markus With 59dc424eae Bump metrics-server to 0.6.0 and enable HA mode 2022-01-21 09:28:50 +01:00
John Gardiner Myers a0736b3c29 Remove support for Aliyun/Alibaba Cloud 2021-12-11 21:49:13 -08:00
John Gardiner Myers c5e1dea184 Remove code for no-longer-supported k8s version 2021-12-11 16:30:51 -08:00
Ole Markus With 2088849768 Do not set insecure port on k8s 1.20+ 2021-12-11 12:44:56 +01:00
John Gardiner Myers 0fd4dca30e Remove dead code 2021-10-02 20:58:55 -07:00
Peter Rifel 88ddff3baf
Use separate cloud.config files for in-tree vs out-of-tree components 2021-09-30 09:20:33 -05:00
John Gardiner Myers fc9ec13bb7 Set BindAddress appropriately when in IPv6-only mode 2021-06-13 09:41:19 -07:00
Alexander Block bb52334222 Make the events etcd cluster optional 2021-05-20 08:05:42 +02:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Peter Rifel 7c900b7fae Generate and upload keys.json + discovery.json to public store 
Generate and upload keys.json + discovery.json to public store

Don't enable anonymous auth on publicjwks

Remove tests that won't work using FS VFS anymore
 2021-03-19 20:03:26 +01:00
Kenji Kaneda a61caea8d2 Add Azure support 
This commit contains all changes required to support Azure
(https://github.com/kubernetes/kops/issues/3957).
 2020-12-21 08:27:54 -08:00
John Gardiner Myers 1165fd381e Remove more code specific to unsupported etcd v2 2020-11-15 22:21:24 -08:00
John Gardiner Myers 2ac17bee69 Remove code for no-longer-supported k8s releases 2020-10-29 16:45:53 -07:00
Ole Markus With 886b4c97cb Don't explicitly set insecure-bind-address on newer k8s 2020-09-09 11:41:51 +02:00
Justin SB 786423f617 Expose JWKS via a feature-flag 
When the PublicJWKS feature-flag is set, we expose the apiserver JWKS
document publicly (including enabling anonymous access).  This is a
stepping stone to a more hardened configuration where we copy the JWKS
document to S3/GCS/etc.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 10:15:11 -04:00
John Gardiner Myers c5871df319 Get kubelet certificate from kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers 8258dcd395 Exempt OpenStack from the EnableExternalCloudController feature flag 2020-07-25 13:12:25 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
Kubernetes Prow Robot eb39ab7349
Merge pull request #9355 from johngmyers/move-port 
Move host-network services off of port 8080
 2020-06-16 09:10:04 -07:00
John Gardiner Myers 0d74344a43 Remove the baremetal cloud provider 2020-06-14 10:38:29 -07:00
John Gardiner Myers 4bf8302f14 Move kube-apiserver-healthcheck to port 3990 2020-06-12 22:00:14 -07:00
Kubernetes Prow Robot 9e4bf1699a
Merge pull request #9216 from hakman/prepare-multi-arch 
Prepare Kops for multi-architecture support
 2020-06-04 21:35:43 -07:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
Ciprian Hacman d049862cff Make architecture related decisions to nodeup 2020-06-03 17:24:01 +03:00
Ole Markus With 7342525872 Remove vsphere from kops files 2020-05-30 13:36:55 +02:00
Justin Santa Barbara 8db0017e62 kube-apiserver-healthcheck: actually enable on 1.17 
We cherry picked the support to 1.17, but now we need to activate the
feature.
 2020-05-08 13:32:22 -04:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
John Gardiner Myers 83bdb3ef88 Remove code for unsupported k8s versions from pkg/model/components 2020-01-12 16:05:00 -08:00
Michael Wagner bfe9b21213 fix(external-ccm): prevent core components to be misconfigured 
Previously when setting the external cloud controller manager
configuration the core components `kubelet`, `apiserver` and
`kubecontroller-manager` were configured to use the external cloud
controller manager. Without setting the feature flag
EnableExternalCloudController this lead to a cluster in which the
masters had the cloud controller taint
`node.cloudprovider.kubernetes.io/uninitialized` which prevents
essential pods, like dns-controller to not be scheduled and leaves a
cluster where worker nodes can't connect to the api server because they
cannot resolve its hostname.
 2019-10-10 21:38:50 +02:00
Justin SB 71fed5e6ff
Fix for tarball image names after 1.16 
Image names from 1.16 on include an architecture suffix,
e.g. "-amd64"; the generic alias continues to work when pulling, but
when loading from a tarball (i.e. running in CI) we must use the
per-architecture name.
 2019-09-26 10:20:54 -04:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Jesse Haka 4cad3676a7 implement append admission controllers 2019-05-26 12:38:16 +03:00
Lily e4cbd3c17c add ALI flags 2019-03-16 17:26:44 +08:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) c9b5911b1c Openstack gopkg updates 2019-01-19 08:41:15 -07:00
Jordan Liggitt 32f196fd71 Remove Initializers from default admission plugins 2019-01-16 16:49:46 -05:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 4f0169bb79 codegen 2019-01-16 09:30:40 -07:00
Justin SB 26bd75aecb
Bulk spelling fixes 
Experimenting with my own spelling checker, these are the typos it caught.
 2018-12-20 17:43:56 -05:00