kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,026 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

4602 Commits

Author SHA1 Message Date
Ole Markus With 4a3274bb5a Update expected 2022-08-20 15:36:39 +02:00
Ole Markus With d471845dce Move merging of kubelet configs to populate instance groups so we have only one place to fetch them 
The kubelet config can be configured in a number of places. Merge them earlier so we only need to check the config in the IG kubeletConfig
 2022-08-20 15:35:15 +02:00
Ole Markus With 86be353777 Use testhelper for generating test IG 2022-08-20 15:34:22 +02:00
Kubernetes Prow Robot e8fcb0c132
Merge pull request #14150 from olemarkus/cas-default-image2 
Add default image for CAS that exists
 2022-08-20 03:29:46 -07:00
Kubernetes Prow Robot 8f20d22ef7
Merge pull request #14127 from olemarkus/write-ig-input 
Write the user provided IG spec to state store instead of the full spec
 2022-08-20 03:29:35 -07:00
Ole Markus With 535f597bce Rely on tags alone when deleting instance profiles 2022-08-20 10:25:49 +02:00
Ole Markus With e01b233b76 Warn instead of failure if we cannot read IAM role tags 
Since we now try to get tags for all roles in the account, we may encounter roles we are not allowed to get e.g if there is an SCP or similar with explicit deny.
 2022-08-20 09:53:10 +02:00
Ole Markus With 09b604867d Don't skip roles that don't have cluster name prefix 
This should plug the IAM roles leak. It probably a leftover from when roles did not have tags and we relied on the name of the role instead.
 2022-08-20 09:07:15 +02:00
Ole Markus With 8e7a50346b Add iam role deletion test 2022-08-20 09:07:15 +02:00
Ole Markus With 3265e9db0e Add default image for CAS that exists 2022-08-20 07:32:14 +02:00
Ole Markus With dd578430e8 Create a better image validation test 2022-08-20 07:02:34 +02:00
Kubernetes Prow Robot 5aec4d9016
Merge pull request #14142 from olemarkus/karpenter-14 
Bump Karpenter to 0.15 and enable consolidation
 2022-08-19 07:01:53 -07:00
Ole Markus With 29bbfeff70 Bump karpenter to 0.15 and enable consolidation 2022-08-18 20:46:25 +02:00
Ole Markus With 7a48391172 Delete disabled lifecycle hooks and implement disable logic for warmpools 2022-08-18 19:50:48 +02:00
Kubernetes Prow Robot 161d30b743
Merge pull request #14138 from olemarkus/revert-positional-arg 
Revert "Remove passing cluster name as positional argument"
 2022-08-18 03:28:37 -07:00
Kubernetes Prow Robot c880da184d
Merge pull request #14137 from olemarkus/bump-cilium-118 
Bump cilium to 1.11.8
 2022-08-17 23:42:37 -07:00
Ole Markus With 7d7780bad9 Revert "Remove passing cluster name as positional argument" 
This reverts commit 824eb9cabb.
 2022-08-18 07:26:42 +02:00
Justin SB 89201877e0 Introduce mock kubeapiserver to applylib 
Use it for a simple test.
 2022-08-17 08:10:21 -04:00
Justin SB 6184f12861 Introduce applylib 
A number of projects need a library for applying objects.  While we
are figuring out exactly what functionality is needed, we are using a
copy-and-paste approach.

Introduce applylib here also, and add the create-or-update
functionality that we want here.
 2022-08-17 08:10:20 -04:00
Kubernetes Prow Robot 7035526204
Merge pull request #14135 from hakman/go-1.19.0 
Update Go to v1.19.0
 2022-08-17 02:40:55 -07:00
Kubernetes Prow Robot d7e85dc12e
Merge pull request #14130 from olemarkus/bump-ccm 
Bump the CCM images
 2022-08-17 00:32:55 -07:00
Ole Markus With 65aaa8dfe7 Bump cilium to 1.11.8 2022-08-17 08:49:26 +02:00
Ciprian Hacman cb99db0757 Run make goimports 2022-08-17 07:03:33 +03:00
Ciprian Hacman 5e3e9fabd0 Limit GCE network names to 63 chars 2022-08-17 06:37:26 +03:00
Ole Markus With 579bbc443b Bump the CCM images 2022-08-16 14:28:17 +02:00
Ciprian Hacman b9394fed18 Run hack/update-expected.sh 2022-08-12 19:40:25 +03:00
Ciprian Hacman a32cf690bb Create etcd-manager config for each instance group 2022-08-10 11:04:36 +03:00
Ciprian Hacman 13a4e1ca46 Update containerd to v1.6.8 2022-08-10 04:31:58 +03:00
Ciprian Hacman 11a0f64cd8 Add option to configure runc version for containerd 2022-08-04 09:48:46 +03:00
justinsb e4d8dff835 kube-scheduler: MVP configuration validation 
We check that users haven't specified the kubeconfig file path, as
this file is created / managed by kOps.  We don't try to reuse the
upstream configuration validation, as this allows the user to specify
a partial configuration, and this means that we don't have to pull in
the upstream libraries.

We could in future accept the "correct" value or just treat providing
a value as a signal that kOps should not manage the file; for now we
are starting with the most restrictive configuration, as we can then
relax it in future if needed.
 2022-08-03 09:51:16 -04:00
justinsb d1fc0b9f88 Create goldentest for additional objects 2022-08-03 09:51:16 -04:00
justinsb 296e85a1f1 kube-scheduler: validate completed cluster in tests 2022-08-03 09:51:16 -04:00
justinsb c8deb1428d kube-scheduler: Add test for static manifests 2022-08-03 09:51:16 -04:00
justinsb 9bb1d3e114 Configuration file for kube-scheduler 
We generate a kube-scheduler configuration file in the kops CLI, and
nodeup will use it if provided (instead of generating one).

We put the configuration file into the fileAssets.

Users can provide a kube-scheduler configuration in additional
objects, and this will be used as the base configuration (we add the
kubeconfig path).

Issue #13352

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-08-03 09:51:05 -04:00
Ole Markus With 8bcc640452 Make Karpenter respect IG's spec.Subnets 
This will add tag all subnets with the IGs using that subnet

Update docs/operations/karpenter.md

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2022-08-01 21:06:24 +02:00
Ole Markus With 2a21b49eea Fix IAM permissions for Karpenter 2022-08-01 08:43:21 +02:00
Kubernetes Prow Robot dba1e5d594
Merge pull request #14017 from infonova/add-occm-networking-config-options 
Allow configuring OpenStack CCM networking options
 2022-07-31 11:06:28 -07:00
Ole Markus With 824eb9cabb Remove passing cluster name as positional argument 
Apply suggestions from code review

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-07-31 15:54:35 +02:00
Ole Markus With 2bb0b16e53 Rename ClientSet to KopsClient in cmd factory interface 2022-07-30 20:41:13 +02:00
Ciprian Hacman 4dee7dd9a2
Release 1.25.0-alpha.2 (#14070) 2022-07-29 11:31:11 -07:00
Kubernetes Prow Robot 921eadd04f
Merge pull request #14058 from hakman/hetzner_ssh_keys 
Add multiple SSH keys support for Hetzner
 2022-07-29 07:45:19 -07:00
Kubernetes Prow Robot d7e9cfd9dc
Merge pull request #14057 from hakman/hetzner_wait_lb_address 
Wait for load balancer to be ready for Hetzner
 2022-07-29 07:45:11 -07:00
Ciprian Hacman 1cf3e5f0da Add multiple SSH keys support for Hetzner 2022-07-29 16:20:25 +03:00
Kubernetes Prow Robot 7d40680ec7
Merge pull request #14034 from hakman/hetzner_server_groups 
Enable rolling updates for Hetzner
 2022-07-29 05:59:11 -07:00
Ciprian Hacman 271ce3387a Wait for load balancer to be ready for Hetzner 2022-07-29 14:52:03 +03:00
Kubernetes Prow Robot d1f66b8479
Merge pull request #14045 from olemarkus/no-psp 
Do not allow PodSecurityPolicy using K8s 1.25
 2022-07-28 01:47:11 -07:00
Ole Markus With 27306943d9 Do not allow PodSecurityPolicy using K8s 1.25 2022-07-28 09:36:35 +02:00
Ciprian Hacman 45012d83bf Run hack/update-expected.sh 2022-07-27 21:55:34 +03:00
Ciprian Hacman 98ebfac085 Update etcd-manager to v3.0.20220727 2022-07-27 21:52:35 +03:00
Ciprian Hacman 39b203c265 Enable rolling updates for Hetzner 2022-07-27 15:21:15 +03:00
Ciprian Hacman d3c4a356bd Add server group management for Hetzner 2022-07-22 00:04:53 +03:00
ederst 8b9521b225 Allow configuring OpenStack CCM networking options 2022-07-21 22:44:37 +02:00
Ciprian Hacman 7b99594f39 Run hack/update-expected.sh 2022-07-18 06:36:23 +03:00
Ciprian Hacman 1270963832 Update etcd-manager to v3.0.20220717 2022-07-18 06:34:40 +03:00
Kubernetes Prow Robot 02433a6785
Merge pull request #13946 from jonasasx/feature/gce_spot 
Adding GCE SPOT support
 2022-07-16 14:06:53 -07:00
Ciprian Hacman a76fef1b2d Add option to set number of replicas for pod-identity-webhook 2022-07-16 07:23:54 +03:00
Kubernetes Prow Robot b7d4499629
Merge pull request #13975 from hakman/etcd-manager_backup_interval 
Add option to set etcd-manager backup interval
 2022-07-15 09:52:19 -07:00
Ciprian Hacman ffed39b74f Use only IPv4 for Hetzner servers 2022-07-15 18:08:17 +03:00
Ivan Volynkin 329c60cc62 Adding GCE SPOT support 2022-07-14 20:19:50 +03:00
Ciprian Hacman 19ca0861a1 Add option to set etcd-manager backup interval 2022-07-14 09:58:19 +03:00
Ciprian Hacman 4198df2fcd Set SpecOverrideFlag to true by default 2022-07-08 07:25:23 +03:00
Nicolas Sterchele 73b6ed4150
aws: introduce maximum instance lifetime in cluster 
The maximum instance lifetime is an AWS only feature and specifies the
maximum amount of time (in seconds) that an instance can be in service
before it is terminated and replaced.
A common use case might be a requirement to replace your instances on a
schedule because of internal security policies or external compliance
controls.
 2022-07-04 20:38:33 +02:00
Ciprian Hacman 6c9b2c7b7b Bump EBS CSI driver to 1.8.0 2022-07-02 11:36:54 +03:00
Kubernetes Prow Robot a94f09c4a3
Merge pull request #13852 from olemarkus/fix-unset-maxprice 
Fix unsetting ASG max price
 2022-07-01 20:55:29 -07:00
Ciprian Hacman 7fbf2705dd Limit GCE router name to 63 chars 2022-07-01 07:37:30 +03:00
Kubernetes Prow Robot d1c338ff19
Merge pull request #13917 from ReillyBrogan/reilly/cilium1116 
Update Cilium to 1.11.6
 2022-06-30 11:32:08 -07:00
Kubernetes Prow Robot 7803fee2b9
Merge pull request #13929 from olemarkus/lbc-shield 
Make it possible to enable the shield addon for LBC
 2022-06-30 09:22:07 -07:00
Ole Markus With afd7c60d77 Make it possible to enable the shield addon for LBC 2022-06-30 16:23:08 +02:00
Ciprian Hacman 5a8472313f Limit GCE names to 63 chars for various resources 2022-06-30 14:15:17 +03:00
Ciprian Hacman d2e614dd3e Refactor ClusterPrefixedName and ClusterSuffixedName to not return error 2022-06-30 07:59:52 +03:00
Reilly Brogan f3a421d600 Update Cilium to 1.11.6 2022-06-29 13:18:21 -05:00
Ciprian Hacman 4b637db62b
Release 1.25.0-alpha.1 (#13912) 
* Release 1.25.0-alpha.1

* Squash release commit for more clarity
 2022-06-29 05:32:06 -07:00
Kubernetes Prow Robot 36aa0920df
Merge pull request #13907 from hakman/gce_fix_cleanup_by_hash 
Fix cleanup of firewall rules that contain targets with the cluster name hash
 2022-06-29 02:50:06 -07:00
Ole Markus With 2e46fdee1b Fix unsetting ASG max price 2022-06-29 10:27:04 +02:00
Kubernetes Prow Robot a86cd06376
Merge pull request #13888 from h3poteto/iss-13817 
Add validation for IRSA bucket name which contains dots
 2022-06-28 23:24:04 -07:00
Ciprian Hacman bdb1f509f0 Fix cleanup of firewall rules that contain the cluster name hash 2022-06-29 06:30:14 +03:00
justinsb 29b168b9d7 gce: Move out of beta, drop feature flag 
GCE support seems stable now, and we have good clarity at the API
level and how that translates to GCP resources, which was our blocker
previously.

Drop the need for the feature-flag.
 2022-06-28 11:22:34 -04:00
AkiraFukushima 5b31fe3a31
Add validation for IRSA bucket name which contains dots 2022-06-28 23:39:54 +09:00
Ole Markus With c260cf69b3 Log errors from detachInstance 2022-06-27 19:58:16 +02:00
Ciprian Hacman 377e26d407 Clean-up firewall rules that contain targets with the cluster name hash 2022-06-25 10:52:30 +03:00
Kubernetes Prow Robot ba1d2d2fd6
Merge pull request #13707 from jonasasx/feature/accelerators-from-master 
Adding GuestAccelerators to InstanceTemplate
 2022-06-23 23:21:20 -07:00
Ciprian Hacman 4750fdfc1e Limit GCE ASG labels to 63 chars 2022-06-23 20:38:23 +03:00
Ciprian Hacman d34e0fd1e0 Fix GCE resource tracking 2022-06-23 19:50:39 +03:00
Ivan Volynkin 4264d78839 Adding GuestAccelerators to InstanceTemplate 2022-06-23 10:00:02 +03:00
Kubernetes Prow Robot 0a2a2481ce
Merge pull request #13824 from hakman/etcd-manager-3.0.20220617 
Update etcd-manager to v3.0.20220617
 2022-06-18 02:16:03 -07:00
Kubernetes Prow Robot 62726f71ca Merge pull request #13793 from olemarkus/validate-internal-lb 
Ensure clusters with internal load balancers have a private subnet
 2022-06-17 23:26:03 -07:00
Ciprian Hacman 7356b0f233 Fix tests 2022-06-18 09:21:57 +03:00
Ciprian Hacman 11870286e0 Run hack/update-expected.sh 2022-06-18 09:01:23 +03:00
Ciprian Hacman e0a92f22f4 Update etcd-manager to v3.0.20220617 2022-06-18 08:59:55 +03:00
Ole Markus With 2ed2a819f6 Apply suggestions from code review 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2022-06-17 19:58:27 +02:00
Ole Markus With d893c95059 Ensure clusters with internal load balancers have a private subnet 2022-06-17 19:58:27 +02:00
Kubernetes Prow Robot 5889ff0142
Merge pull request #13808 from olemarkus/drop-legacy-ccms 
Depend on external cloud providers rather than cloud-providers-legacy
 2022-06-16 08:58:48 -07:00
Kubernetes Prow Robot 08fc101353
Merge pull request #13802 from remyleone/fix_tenv 
fix tenv linter
 2022-06-16 04:12:48 -07:00
Ole Markus With 15ba6610ab Depend on external cloud providers rather than cloud-providers-legacy 2022-06-16 11:08:36 +02:00
Aaron Friel a714745382 Use exported interface to detect SSH key type 
Don't rely on the `golang.org/x/crypto` library to keep consistent,
non-exported type names.
 2022-06-15 17:57:29 -07:00
Rémy Léone 80d2d53643 fix tenv linter 2022-06-15 18:06:28 +02:00
Eric Bailey 34caed893b Add support for setting mode field on file assets 2022-06-09 10:37:29 -05:00
Kubernetes Prow Robot 5d78cb0f41
Merge pull request #13748 from hakman/bump_aws-ccm 
Update AWS CCM images for k8s 1.20-1.22
 2022-06-08 04:38:22 -07:00
Ciprian Hacman 7ae4f85a69 Update AWS CCM images for k8s 1.20-1.22 2022-06-08 09:08:04 +03:00
Ole Markus With 4029d2bf33 Remove support for older cilium versions 2022-06-07 20:39:25 +02:00