kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,090 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

5247 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 141a040aec
Merge pull request #15607 from hakman/gce_cloud-init 
gce: Use `user-data` instead of `startup-script` metadata key
 2023-07-15 11:47:05 -07:00
Kubernetes Prow Robot 343d8cd6d5
Merge pull request #15632 from hakman/swap_memory 
Add support for using swap memory
 2023-07-15 10:47:05 -07:00
Ciprian Hacman 80944323f3 azure: Allow full load balancer access only when public 2023-07-15 19:16:59 +03:00
Kubernetes Prow Robot 5613a12027
Merge pull request #15635 from zetaab/hubblerules 
open hubble port 4244 for openstack
 2023-07-15 01:33:04 -07:00
Jesse Haka cbe1666012 open hubble port 4244 2023-07-15 09:40:28 +03:00
John Gardiner Myers b0aaf3b3ab Deprecate Canal, Flannel, and Kube-router 2023-07-14 21:57:33 -07:00
Ciprian Hacman 15b44bad52 azure: Remove permissions for nodes when dns=none 2023-07-14 13:46:26 +03:00
Ciprian Hacman 80afaaead2 Add support for using swap memory 2023-07-14 07:50:48 +03:00
Kubernetes Prow Robot 55daa5616c
Merge pull request #15628 from hakman/fix_duplicate_egress_instance 
aws: Allow using the same instance ID as egress for multiple subnets
 2023-07-13 00:02:08 -07:00
Ciprian Hacman 36b119d599 aws: Allow using the same instance ID as egress for multiple subnets 2023-07-13 09:12:26 +03:00
Ciprian Hacman 83d14d4343 azure: Add support for dns=none 2023-07-13 09:04:06 +03:00
Leïla MARABESE 9cdc30dfcb refactoring: utils functions to get info from tags 2023-07-12 16:23:25 +02:00
John Gardiner Myers 36373b11ba Improve validation of PodCIDR and ServiceClusterIPRange 2023-07-11 21:16:03 -07:00
John Gardiner Myers a56e8eb049 Refactor UsesExternalECRCredentialsProvider() 2023-07-11 09:46:01 -07:00
John Gardiner Myers aef6fbdd29 Refactor UseKopsControllerForNodeBootstrap() 2023-07-11 09:45:45 -07:00
Ciprian Hacman 704daec524 azure: Move ID parsing from `azuretasks` to `azure` utils 2023-07-11 12:55:48 +03:00
Ciprian Hacman 344d5b36c8 azure: Add mode dependency logic to deletion 2023-07-11 12:24:10 +03:00
Kubernetes Prow Robot 4b79e04b6f
Merge pull request #15614 from hakman/gce_bastion_ssh_rules 
gce: Rename firewall SSH rules for bastion
 2023-07-10 09:31:17 -07:00
Kubernetes Prow Robot 4ad116ec78
Merge pull request #15611 from justinsb/gce_lb_firewall 
gce: Set firewall rules for Internal LBs also
 2023-07-10 09:31:05 -07:00
justinsb 79c6d954d4 Update expected output for symlinks 2023-07-10 11:21:01 -04:00
justinsb c19788e83c etcd: only support 3.4 and 3.5 
We also fill in all the symlinks for these versions.
 2023-07-10 11:19:04 -04:00
justinsb 8b813b3051 Update expected test output 2023-07-10 11:11:59 -04:00
justinsb d6350a5a6e etcd-manager: support symlinking versions 
This is an easy way for us to signal that certain versions are
compatible with each to etcd-manager, which is otherwise
overly-cautious when it comes to unknown versions.

We extend kops-utils to support the `-t` flag (like cp) to write to a
directory; and the `-s` flag (like cp) to use symlinks.  The syntax
isn't identical to cp, but should be semi-familiar and allows us to
minimize the number of initContainers we use.
 2023-07-10 11:11:59 -04:00
Kubernetes Prow Robot 65fe676967
Merge pull request #15613 from johngmyers/nodeup-sysctls 
Remove references to ClusterSpec from nodeup sysctls.go
 2023-07-10 01:23:05 -07:00
Kubernetes Prow Robot b915c6047c
Merge pull request #15612 from johngmyers/gcp-network 
v1alpha3: Rename GCE networking to GCP
 2023-07-09 21:13:05 -07:00
John Gardiner Myers f5fc710d6c Remove references to ClusterSpec from nodeup sysctls.go 2023-07-09 21:11:54 -07:00
Ciprian Hacman 53e45886f3 gce: Rename firewall SSH rules for bastion 2023-07-10 07:06:07 +03:00
John Gardiner Myers d926989600 v1alpha3: Rename GCE networking to GCP 2023-07-09 16:48:26 -07:00
justinsb 3613f586c8 GCE: Set firewall rules for Internal LBs also 
It seems we can use the exact same rules.
 2023-07-09 19:25:42 -04:00
John Gardiner Myers f4f8fc5bda Move GCE networkCIDR prohibition to validateNetworking() 2023-07-09 15:49:51 -07:00
Kubernetes Prow Robot 114ac311c1
Merge pull request #15332 from hakman/gce_internal_lb 
gce: Update logic for internal LB
 2023-07-09 14:11:04 -07:00
Norihiro Seto 00a0deb8e6
Update to use sha224 and base62 text. 2023-07-09 21:52:17 +09:00
Ciprian Hacman fb66f1770f gce: Use `user-data` instead of `startup-script` metadata key 2023-07-09 13:50:00 +03:00
Kubernetes Prow Robot 1a1055fa8e
Merge pull request #15602 from hakman/gce_fix_bastions 
gce: Add support for bastions
 2023-07-08 12:15:04 -07:00
Ciprian Hacman 4656743c22 gce: Add support for bastions 2023-07-08 18:19:40 +03:00
Ciprian Hacman 04a4e02920 gce: Update logic for internal LB 2023-07-08 04:34:43 +03:00
John Gardiner Myers 11304807f2 Hold reference to VFSContext from simple.Clientset 2023-07-06 19:41:45 -07:00
Leïla MARABESE d39cc04602 add scaleway zones to autocompletion 2023-07-06 15:30:02 +02:00
Kubernetes Prow Robot 6f1e3e6dc4
Merge pull request #14921 from johngmyers/nonmasq-overlap 
Validate additionalNetworkCIDRs only set on AWS
 2023-07-05 23:19:04 -07:00
Justin SB cf9134489c kops-controller: create IPAM controller for GCE 
We observe the IPv6 CIDRs assigned to nodes, and reflect them into the node.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2023-07-05 12:34:55 -04:00
Ciprian Hacman 7d68ee9eb7 hetzner: Update CCM to v1.16.0 2023-07-02 08:29:56 +03:00
Kubernetes Prow Robot 49a6ed4188
Merge pull request #15570 from hakman/azure_network_security 
azure: Add support for network security groups
 2023-07-01 06:54:48 -07:00
Ciprian Hacman 4fe84705a5 azure: Add support for network security groups 2023-07-01 10:06:25 +03:00
Ciprian Hacman 4085da870f hack/update-expected.sh 2023-07-01 09:51:22 +03:00
Ciprian Hacman 015c80f950 Update etcd-manager to v3.0.20230630 2023-07-01 09:48:40 +03:00
Kubernetes Prow Robot bda5e9e63d
Merge pull request #15564 from hakman/revert_remove_obsolete_versions 
Revert "Remove obsolete etcd versions"
 2023-06-30 21:24:44 -07:00
Ciprian Hacman df97b95972 azure: Hardcode DiskControllerType to SCSI 2023-06-30 21:29:06 +03:00
Ciprian Hacman 67f0abb541 hack/update-expected.sh 2023-06-30 21:24:44 +03:00
Ciprian Hacman be69b25221 Revert "Remove obsolete etcd versions" 
This reverts commit 76cacc5c6f.
 2023-06-30 21:20:30 +03:00
Tone c2ed4b6f64
Upgrade Karpenter to v0.27.5 (#15144) 
* feat(karpenter): Upgrade to version 0.27.0

Upgrade Karpenter to current last stable version `0.27.0`.
Template have been updated to use the same templates than the Helm chart.

* feat(karpenter): Use AWSNodeTemplate for launchTemplate

To set Launch Templates is deprecated into the provisioner, it is recommends using the `AWSNodeTemplate` to set it.
Ref:
 - https://karpenter.sh/v0.27.0/concepts/node-templates/

* feat(karpenter): Enable pruning addon

* Use extra flags in upgrade-ab scenario test

* feat(karpenter): Drop `karpenter` feature flag

* feat(karpenter): Add release note for `1.27`

* feat(karpenter): Upgrade to version 0.27.3

* feat(karpenter):  fix template

* feat(karpenter): Upgrade to version 0.27.5

* Update Karpenter documentation with depending kops version

* Delete KOPS_FEATURE_FLAGS from e2e test `run-test`

* Run hack/update-expected.sh
 2023-06-29 22:57:45 -07:00
Ciprian Hacman e8980bc21a Add option for specifying the list of etcd metrics urls 2023-06-27 19:50:05 +03:00
Norihiro Seto 969bd8f0b5
fix: update header 2023-06-27 20:48:16 +09:00
John Gardiner Myers f16c807f09 Validate additionalNetworkCIDRs only set on AWS 2023-06-25 00:25:17 -07:00
John Gardiner Myers cad5b69446
Release 1.28.0-alpha.1 (#15548) 2023-06-24 20:45:09 -07:00
Norihiro Seto ce1169cae8
Fix long auth helper cache file name 2023-06-23 20:40:09 +09:00
John Gardiner Myers 0dfac69d83 Remove support for Weave networking 2023-06-22 23:03:24 -07:00
justinsb 476f1661f7 etcd-manager: set environment variables once 
Previously we were setting the env variable up to 3 times in an HA
control-plane, because we were adding to the etcd-manager
configuration once for each replica.
 2023-06-22 17:14:51 +03:00
Kubernetes Prow Robot dcdbec93e1
Merge pull request #15526 from justinsb/remove_duplicate_cluster 
Remove duplicate Cluster field in BootstrapScriptBuilder
 2023-06-20 04:26:22 -07:00
Ciprian Hacman cbddb4a9fd Remove duplicate Cluster field from tests 2023-06-20 12:19:04 +03:00
Ciprian Hacman 59b7653cc3 Update min versions for kOps v1.28 2023-06-20 08:11:21 +03:00
justinsb 2f0a94c34b Remove duplicate Cluster field in BootstrapScriptBuilder 
We had an identically named Cluster field in the "base class" (the
unnamed embedded objects we inherit), causing shadowing and the
potential for a nil-pointer panic.
 2023-06-19 14:34:02 -04:00
Kubernetes Prow Robot b5adab4d53
Merge pull request #15520 from hakman/fix-kops-utils-cp 
Fix promotion of `kops-utils-cp`
 2023-06-19 10:54:22 -07:00
Kubernetes Prow Robot b4c5a75829
Merge pull request #15487 from jsafrane/add-selinux 
Add optional SELinux support to RHEL clusters
 2023-06-19 08:54:22 -07:00
Kubernetes Prow Robot 0546addf29
Merge pull request #15515 from justinsb/strict_node_label_checking 
node labeling: don't ignore unknown roles
 2023-06-19 07:48:21 -07:00
Ciprian Hacman 60b14823bd hack/update-expected.sh 2023-06-19 16:52:28 +03:00
Ciprian Hacman 1d0fbfc4f1 Fix promotion of `kops-utils-cp` 2023-06-19 16:40:40 +03:00
Jan Safranek 134727a2e7 Generate API 2023-06-19 15:20:08 +02:00
Jan Safranek 0d03095fda Add SELinux support to containerd 
Add cluster.Spec.Containerd.SELinuxEnabled field that enables SELinux in
containerd.

With SELinux enabled, all pods that use HostPath volumes must run with
SELinux label `spc_t`, otherwise SELinux denies the pods to touch the host
filesystem.
 2023-06-19 15:20:08 +02:00
Ciprian Hacman cd1c7434e8 hack/update-expected.sh 2023-06-19 15:12:11 +03:00
Leïla MARABESE 62e3495b1a scaleway dns provider + tests 2023-06-19 11:40:08 +02:00
Alasdair Tran 63cbe32293 Remap all init container images of etcd-manager 2023-06-19 00:09:32 +00:00
justinsb 36a763c88f node labeling: don't ignore unknown roles 
We were silently ignoring unknown roles, which makes it hard to know
when our expectations aren't met.  It looks like the rename of the
role from "Master" to "ControlPlane" may have caused some drift
against our expectations also.
 2023-06-18 19:40:56 -04:00
Ciprian Hacman 1026a131a1
Release 1.27.0-beta.1 (#15510) 2023-06-17 07:16:20 -07:00
Kubernetes Prow Robot 7117a67870
Merge pull request #15509 from hakman/kops-utils-cp 
Rename `kops-copy` to `kops-utils-cp`
 2023-06-17 02:56:20 -07:00
Ciprian Hacman ccb75c1e33 hack/update-expected.sh 2023-06-16 22:28:38 +03:00
Ciprian Hacman bec7226ad1 Rename `kops-copy` to `kops-utils-cp` 2023-06-16 22:24:51 +03:00
Ciprian Hacman 8a8f1be1ed Update pause image to v3.9 2023-06-16 21:15:50 +03:00
Ciprian Hacman 059e7c7f11 Update containerd to v1.7.2 2023-06-16 11:58:55 +03:00
Leïla MARABESE 39ed84601f keep support for gossip clusters 2023-06-14 15:15:22 +02:00
Leïla MARABESE 4a943d8235 refactoring client 2023-06-14 15:15:22 +02:00
Leïla MARABESE dab001c3e9 scaleway authenticator and verifier 2023-06-14 15:15:17 +02:00
Leïla MARABESE 49465a62c7 add backend for kops controller port 2023-06-14 15:11:53 +02:00
Kubernetes Prow Robot 3eac17c582
Merge pull request #15479 from fchiacchiaretta/openstack-metrics-sg-rules 
New OpenStack security group rules for metrics
 2023-06-11 11:35:46 -07:00
Kubernetes Prow Robot 38b99df517
Merge pull request #15493 from justinsb/hetzner_kops_controller 
Use kops-controller on hetzner, even with gossip
 2023-06-11 08:57:47 -07:00
Kubernetes Prow Robot 79178d93bb
Merge pull request #15462 from hakman/cli_internal_server_name 
Use API internal name as TLS server name in kubeconfig
 2023-06-11 06:43:48 -07:00
Kubernetes Prow Robot 1f750303d6
Merge pull request #15475 from hakman/default_ubuntu_jammy 
Use Ubuntu 22.04 (Jammy) as the default distro for K8s 1.27+
 2023-06-11 05:21:46 -07:00
justinsb abd274b3f9 Use kops-controller on hetzner, even with gossip 
This is a more secure configuration.
 2023-06-11 07:15:31 -04:00
Jesse Haka d7d7a55c41 add additional config for node local dns 2023-06-10 10:22:32 +03:00
Tessia Piboubès 896b4ce56e Increase verbosity level of log message about object ACLs 2023-06-08 19:49:15 +02:00
Federico Chiacchiaretta 110dd89eaf
New OpenStack security group rules to allow scraping of metrics for 
kubeControllerManager and kubeScheduler
 2023-06-07 18:04:06 +02:00
Ciprian Hacman 53a9be0bba Add integration tests for K8s 1.27 2023-06-07 14:52:25 +03:00
Ciprian Hacman 5901a8ae30 Use Ubuntu 22.04 (Jammy) as the default distro for K8s 1.27+ 2023-06-07 14:52:25 +03:00
guoguangwu da8c0ca830 chore: remove refs to deprecated io/ioutil 2023-06-07 18:02:33 +08:00
Ciprian Hacman 4810cc18b7 hack/update-expected.sh 2023-06-05 16:46:37 +03:00
Ciprian Hacman 825e60b3ff etcd-manager: Add back etcd v3.5.7 binaries 2023-06-05 16:46:31 +03:00
Ciprian Hacman 8d76b6e573 Use API internal name as TLS server name in kubeconfig 2023-06-02 14:13:01 +03:00
Kubernetes Prow Robot fe3e5cd6e1
Merge pull request #15436 from hakman/etcd-3.5.9 
Update etcd to v3.5.9
 2023-05-31 10:25:48 -07:00
Ciprian Hacman 9201263abb hack/update-expected.sh 2023-05-31 12:57:30 +03:00
Ciprian Hacman 071d272ad3 Use `opt` instead for volume name 2023-05-31 12:54:57 +03:00
John Gardiner Myers 1e7576c9c5 Upgrade external-dns to v0.13.5 2023-05-30 17:47:59 -07:00