kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,090 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1947 Commits

Author SHA1 Message Date
Ciprian Hacman 5901a8ae30 Use Ubuntu 22.04 (Jammy) as the default distro for K8s 1.27+ 2023-06-07 14:52:25 +03:00
Kubernetes Prow Robot fe3e5cd6e1
Merge pull request #15436 from hakman/etcd-3.5.9 
Update etcd to v3.5.9
 2023-05-31 10:25:48 -07:00
John Gardiner Myers 1e7576c9c5 Upgrade external-dns to v0.13.5 2023-05-30 17:47:59 -07:00
Ciprian Hacman 2f07263d3d Update etcd to v3.5.9 2023-05-26 07:33:12 +03:00
Kubernetes Prow Robot f7d97dba3c
Merge pull request #15422 from scaleway/scw_none_dns 
scaleway: none DNS option available
 2023-05-24 05:14:51 -07:00
justinsb ca67b1ca1e Refactor: rename IsGossip -> UsesLegacyGossip 
We want to be able to use "dns=none" (without peer-to-peer gossip)
even for clusters that have the k8s.local extension.  These were
previously called "gossip clusters", but really that is an
implementation; what actually matters to users is that they don't rely
on writing records into a DNS zone (such as Route53).
 2023-05-22 21:50:16 -04:00
Leïla MARABESE fddab4d8e9 scaleway: none DNS option available 2023-05-16 18:20:34 +02:00
Aurelio Forese efd50d000a OpenStack Octavia LoadBalancer supports for FlavorID 
When using Octavia as OpenStack Load Balancer, it is now possible to
specify the Octavia flavor ID to use.
 2023-05-13 10:17:44 +02:00
Moshe Vayner 881bd4e55f make apimachinery && make crds 2023-05-09 21:56:42 -04:00
Moshe Vayner 99ff00df61 Support Cilium operator pod annotations 2023-05-09 21:50:36 -04:00
justinsb 1faee9dd8c digitalocean: bootstrap nodes through kops-controller. 
We start with a simple node verifier.
 2023-05-07 13:17:56 -04:00
justinsb 8657e25f21 digitalocean: Allow dns=none 
This works similar to other clouds, going through the (public) load balancer.
 2023-05-07 12:38:06 -04:00
justinsb c89f434f1b Only use node challenge on hetzner 
DigitalOcean (and others) will follow shortly.

Also create a method for CloudProvider, so that we are more ambivalent
towards bootstrapping methods.
 2023-05-06 08:57:21 -04:00
Justin SB c67f895226 Perform challenge callbacks into a node 
In order to verify that the caller is running on the specified node,
we source the expected IP address from the cloud, and require that the
node set up a simple challenge/response server to answer requests.

Because the challenge server runs on a port outside of the nodePort
range, this also makes it harder for pods to impersonate their host
nodes - though we do combine this with TPM and similar functionality
where it is available.
 2023-05-06 08:03:21 -04:00
Ole Markus With 5d82e52c48 Use external ECR credential provider as of Kubernetes 1.27 2023-04-29 10:21:57 +02:00
Jesse Haka 80f8e12fa5 run make apimachinery 2023-04-20 15:10:23 +03:00
Jesse Haka c09b401b38 add csi cinder metrics 2023-04-20 14:40:44 +03:00
Steven E. Harris 9595c833ee
Allow Cluster Autoscaler to ignore daemon pods 
By default the cluster autoscaler takes DaemonSet-managed pods'
resource requests into consideration when computing a node's resource
utilization. Allow toggling its "--ignore-daemonsets-utilization"
command-line flag via a new field in the Cluster
spec—"clusterAutoscaler.ignoreDaemonSetsUtilization." Setting that
field to true causes the autoscaler to ignore such daemon pods'
requests, such that it will more likely judge a node running only
daemon pods as being underutilized and shut down its hosting machine.
 2023-04-05 10:03:24 -04:00
ederst a0c8bb600a Run make apimachinery and crds 2023-03-24 11:34:34 +01:00
ederst 1e9fc8e6d5 OpenStack: Add OCCM address sort order config 
This will add the OCCM config to specify an address sort order:
* https://github.com/kubernetes/cloud-provider-openstack/pull/1946
 2023-03-24 11:34:22 +01:00
Kubernetes Prow Robot 4b61ae77c1
Merge pull request #15183 from anthonyhaussman/feat/kops/nodeLocalDNS_ExternalCoreFile 
feat(NodeLocalDNS): Add possibility to set an ExternalCoreFile
 2023-02-28 23:17:17 -08:00
Anthony Hausman cc47bd278c
feat(nodelocaldns): Add possibility to set an ExternalCoreFile 
Allow users to provide entirely custom CoreFile for NodeLocalDNS to provide improved flexibility.
 2023-02-28 08:19:20 +01:00
Jesse Haka 3f9a1b6462 set node status update freq to 60min in OpenStack 2023-02-27 20:38:30 +02:00
Justin SB 94c35804c9 validation cleanup: simplify signature of validateCIDR 
We split out the "add to a slice" logic, as this is then easier to
reason about.

Should be a no-op in terms of valid inputs, might avoid some crashes
with invalid inputs.
 2023-02-24 11:09:49 -05:00
Kubernetes Prow Robot e8f704a855
Merge pull request #15036 from johngmyers/addlcidr-subnet 
Improve support for AdditionalNetworkCIDRs
 2023-02-24 06:33:34 -08:00
Kubernetes Prow Robot ca3b53c00a
Merge pull request #15095 from infonova/use-clustername-in-cinder-csi-plugin 
Pass actual cluster name to cinder-csi-plugin
 2023-02-13 09:33:29 -08:00
ederst b4557d4729 Run make apimachinery and crds 2023-02-13 17:34:31 +01:00
ederst cd50ee00ac Pass actual cluster name to cinder-csi-plugin 
This passes the acutal cluster name to the cinder-csi-plugin, so that
the plugin will add the name as metadata to the backing volume in
OpenStack.

Effectively, the change will help to better identify which volume in
OpenStack belongs to which cluster, which is especially helpful when
running multiple clusters in one OpenStack tenant/project.

Setting the cluster name in both - the controller and the nodeserver -
will ensure that dynamic and ephemeral volumes will receive the correct
metadata.
 2023-02-13 17:31:32 +01:00
Justin SB 0b699832ec Use cloud-discovery on GCE in gossip mode 
It's a little simpler and should speed up our boot.
 2023-02-11 11:03:12 -05:00
ederst f4fdf7df79 Allow setting 'ignore-volume-microversion' for OCCP 
This will allow setting the option `ignore-volume-microversion` for the
cinder-csi-plugin.

Setting this is necessary for older OpenStack APIs so that OCCP can
create PVs.

Note: This will work with cinder-csi-plugin >= 1.25.

For reference:
* https://github.com/kubernetes/cloud-provider-openstack/pull/1986/
 2023-01-31 11:48:25 +01:00
Anthony Hausman 484bde5b9b
cilium: Add unreachable route for pod IP on deletion option 
When a pod is deleted, the route to its IP is replaced with an unreachable route.
When a pod is created, the route is replaced with a route to the pod veth (so if an unreachable existed, it's replaced).

Ref:
 - https://github.com/cilium/cilium/pull/18505
 2023-01-24 14:08:24 +01:00
Ciprian Hacman b1ef66f136 etcd-manager: Add option to set backup retention 2023-01-23 09:43:09 +02:00
John Gardiner Myers 7d3c20d036 Validate additionalRoutes against additionalNetworkCIDRs 2023-01-21 18:42:58 -08:00
Kubernetes Prow Robot 987eefb48a
Merge pull request #14997 from johngmyers/validate-addlcidrs 
Validate nonMasqueradeCIDR doesn't overlap additionalNetworkCIDRs
 2023-01-21 12:10:02 -08:00
Kubernetes Prow Robot e88fbf5d7d
Merge pull request #15016 from johngmyers/nodeup-network2 
Move more networking settings into nodeup.Config
 2023-01-18 02:04:35 -08:00
Jesse Haka 39ab519269 support multiple ConfigServers 2023-01-16 10:51:50 +02:00
John Gardiner Myers 0c323445fb Move UsesKubenet to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers 68c4ef1a93 Move networking-related tests to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers cc49461849 Move several CNI tests to nodeup.Config 2023-01-15 23:11:58 -08:00
John Gardiner Myers f6debfd658 Move ServiceClusterIPRange to nodeup.Config 2023-01-15 17:19:18 -08:00
John Gardiner Myers 2e6e022eca Move EgressProxy to nodeup.Config 2023-01-15 17:19:18 -08:00
John Gardiner Myers da881fb320 Move NonMasqueradeCIDR to nodeup.Config 2023-01-15 17:19:18 -08:00
Kubernetes Prow Robot 1c8f9c8a35
Merge pull request #14894 from johngmyers/v1alpha3-oidc 
v1alpha3: Move most OIDC settings to authentication.oidc
 2023-01-15 08:40:31 -08:00
Jesse Haka 3dab0eb807 Use kops-controller to boostrap nodes in OpenStack 2023-01-14 13:54:14 +02:00
John Gardiner Myers e52480ecc6 Validate nonMasqueradeCIDR doesn't overlap additionalNetworkCIDRs 2023-01-13 19:36:57 -08:00
John Gardiner Myers a6bd29b2ae Move more networking validations out of legacy.go 2023-01-13 19:36:55 -08:00
John Gardiner Myers 2365980281 openstack: use subnet type instead of topology 2023-01-12 19:33:10 -08:00
Kubernetes Prow Robot a1a0ce3f33
Merge pull request #14930 from zetaab/feature/openstacknodns 
OpenStack: Add support for clusters without DNS
 2023-01-12 07:52:54 -08:00
John Gardiner Myers 1de02c56f1 Use state store for nodeup.Config in Gossip clusters 2023-01-11 21:19:24 -08:00
John Gardiner Myers d009928883 v1alpha3: Move most OIDC settings to authentication.oidc 2023-01-11 19:26:18 -08:00
Jesse Haka cc8871eede no dns for OpenStack 2023-01-11 20:02:02 +02:00
Grégory SANCHEZ 6fdf54ff34 feat(cluster-autoscaler): autogenerate priority-expander configMap 2023-01-11 08:26:33 +01:00
Kubernetes Prow Robot 7b4430ff61
Merge pull request #14885 from johngmyers/root-volume 
v1alpha3: Move IG root volume settings to sub-struct
 2023-01-04 18:11:58 -08:00
John Gardiner Myers 8fc4bdb669 Add missing line break 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2023-01-04 17:25:44 -08:00
John Gardiner Myers 447220ef4e Use NodeupConfig for NTP-managed setting 2023-01-03 22:16:20 -08:00
John Gardiner Myers 4179fcce58 Use NodeupConfig for KubernetesVersion 2023-01-03 22:16:20 -08:00
John Gardiner Myers b5eef1c129 Use NodeupConfig for kube-proxy config 2023-01-03 12:29:07 -08:00
John Gardiner Myers fe448ef906 Use NodeupConfig for DockerConfig 2023-01-02 13:58:21 -08:00
John Gardiner Myers 125866792d Use NodeupConfig for ContainerdConfig 2023-01-02 13:42:11 -08:00
John Gardiner Myers 25a897b691 Use NodeupConfig for ContainerRuntime 2023-01-02 12:50:23 -08:00
John Gardiner Myers c68be498c6 Refactor NewAssetBuilder to not take a Cluster 2023-01-01 13:37:52 -08:00
John Gardiner Myers 74becb764e Don't require subnets on DO and Hetzner 2022-12-30 12:00:02 -08:00
Kubernetes Prow Robot fc527b6e9f
Merge pull request #14909 from johngmyers/valid-values 
Make IsValidValue more useful for enum types
 2022-12-30 01:25:36 -08:00
Kubernetes Prow Robot ee990f8057
Merge pull request #14881 from johngmyers/addl-cidr 
Move networking validations inside validateNetworking()
 2022-12-30 01:25:29 -08:00
John Gardiner Myers 43f56de38b Make IsValidValue more useful for enum types 2022-12-29 23:30:53 -08:00
Kubernetes Prow Robot 50fe61338c
Merge pull request #14883 from johngmyers/sg-override 
Improve validation of API loadbalancer specs
 2022-12-29 23:27:29 -08:00
John Gardiner Myers 92958f9966 v1alpha3: Move IG root volume settings to sub-struct 2022-12-26 20:35:26 -08:00
John Gardiner Myers d9b7d41bd4 Improve validation of API loadbalancer specs 2022-12-26 13:08:50 -08:00
John Gardiner Myers 355f9e4bd2 Kubelet needs cloudconfig for in-tree cloudprovider 2022-12-26 11:25:24 -08:00
John Gardiner Myers d32a0fb3cc APIServer nodes need cloudconfig 2022-12-26 10:56:30 -08:00
John Gardiner Myers 8e96aa1acd Move networking validations inside validateNetworking() 2022-12-26 10:09:41 -08:00
John Gardiner Myers 5c69274317 Simplify pointers to maps in API 2022-12-25 20:29:51 -08:00
John Gardiner Myers b3dfcea95f v1alpha3: Move AWS-specific CloudConfig settings to AWSSpec 2022-12-25 16:12:02 -08:00
Kubernetes Prow Robot e13c51968b
Merge pull request #14869 from johngmyers/upd-min-version 
Update min versions for 1.27
 2022-12-24 23:59:27 -08:00
Kubernetes Prow Robot b97662c6a3
Merge pull request #14837 from johngmyers/gce-cloudconfig 
v1alpha3: Move GCE-specific CloudConfig settings to GCESpec
 2022-12-24 22:31:26 -08:00
John Gardiner Myers 005ec38972 Remove code for no-longer-supported k8s 1.21 2022-12-24 21:44:50 -08:00
Ciprian Hacman bb6d4d6c17 Mount the audit config dir for kube-apiserver 2022-12-24 07:23:10 +02:00
Kubernetes Prow Robot 269477e52c
Merge pull request #14856 from johngmyers/validate-ipv6-dns 
Validate external-dns not being used for IPv6 clusters
 2022-12-22 23:45:25 -08:00
Kubernetes Prow Robot b647e4413f
Merge pull request #14846 from hakman/gossip_to_dns-none 
Allow migration from Gossip DNS to no DNS
 2022-12-22 22:53:26 -08:00
John Gardiner Myers 1306862b5a Validate external-dns not being used for IPv6 clusters 2022-12-22 21:41:18 -08:00
Ciprian Hacman bead06a6d1 Validate control-plane IG size 2022-12-22 15:35:51 +02:00
Ciprian Hacman 362601cd66 Allow migration from Gossip DNS to no DNS 2022-12-22 12:36:32 +02:00
John Gardiner Myers 0e11075012 v1alpha3: Move GCE-specific CloudConfig settings to GCESpec 2022-12-20 19:44:32 -08:00
John Gardiner Myers 4d309b0b36 Move Cluster into CloudupSubContext 2022-12-20 08:11:01 -08:00
John Gardiner Myers 34d7507f78 v1alpha3: Move some GCE-specific fields to CloudProvider.GCE 2022-12-19 08:28:28 -08:00
John Gardiner Myers dec7d33be6 v1alpha3: Move AWS EBS CSI spec under CloudProvider.AWS 2022-12-19 00:10:16 -08:00
John Gardiner Myers ca7d82b02a v1alpha3: move AWS-specific fields to AWSSpec 2022-12-18 15:16:49 -08:00
John Gardiner Myers 1834fded6a NTH: add API validation against unsupported option configurations 2022-12-16 17:12:54 -08:00
Ciprian Hacman b9f7c2619b gce: Add support for clusters without DNS 2022-12-14 11:09:54 +02:00
Kubernetes Prow Robot 572b0655dc
Merge pull request #14732 from olemarkus/cilium-12 
Bump cilium version to 1.12.4
 2022-12-11 04:25:14 -08:00
John Gardiner Myers 7c5b983490 Enable NTH Scheduled Event Draining by default 2022-12-08 19:02:44 -08:00
Ole Markus With a5684f969f Bump cilium to 1.12.4 2022-12-07 18:33:03 +01:00
Kubernetes Prow Robot f827ec7f54
Merge pull request #14721 from johngmyers/nth-default-queue 
Change default for NTH Queue Processor mode to enabled
 2022-12-06 03:18:36 -08:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Kubernetes Prow Robot c5c02c2ee3
Merge pull request #14676 from johngmyers/cilium-doc 
Update documentation and validation for Cilium
 2022-12-05 20:42:38 -08:00
Leïla MARABESE 1bacbd591a fixed etcd + added machine type 2022-12-05 14:40:28 +01:00
Leïla MARABESE af19c467e8 added scaleway to all switches for cluster creation 2022-12-05 14:38:08 +01:00
John Gardiner Myers a22a33621c Change default for NTH Queue Processor mode to enabled 2022-12-04 15:56:18 -08:00
John Gardiner Myers be43dc2784 Extract NTH Queue mode enable check to struct receiver 2022-12-04 15:55:58 -08:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00