kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,366 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

64 Commits

Author SHA1 Message Date
justinsb fc049f40f3 Use embedded hashes for our well-known assets 
Rather than downloading the hash every time, we can record the hashes
for our well-known assets and bake them into the kOps binary.  If the
hash is not baked in, we will continue to fall-back to downloading it,
this is important for new k8s versions, or where the user specifies a
version of one of our well-known assets (such as containerd).
 2024-05-09 10:27:33 -04:00
justinsb 192b880434 chore: refactor MirroredAsset into assets 
This seems logically coherent, and is part of the work to start using
compiled-in hashes for most well-known assets.
 2024-03-30 10:34:27 -04:00
Jesse Haka 9f383f93cc skip file remapping if same host 2023-11-20 09:18:55 +02:00
Justin SB 1bf8485cdf Recognize kops-controller in registry.k8s.io 
We had hard-coded k8s.gcr.io, but this is also available in registry.k8s.io

Also cleanup a few comments
 2023-09-18 11:53:08 -04:00
Ciprian Hacman 7c2481c51d Find containerd package hash from release sha256sum 2023-08-28 03:53:55 +03:00
justinsb e56c530ba2 Add cdn.dl.k8s.io as a mirror for dl.k8s.io 
This should help with reachability, and lets us add more mirrors in
future.
 2023-08-24 08:46:46 -04:00
Ciprian Hacman 29f2109410 Print error message when digest image fails 2023-07-22 08:51:40 +03:00
John Gardiner Myers 1358851c7d Get VFSContext from caller in NewAssetBuilder() 2023-07-18 08:49:06 -07:00
Ciprian Hacman e6e4324b85 Remove compatibility with k8s.gcr.io 2023-02-12 13:46:48 +02:00
John Gardiner Myers c68be498c6 Refactor NewAssetBuilder to not take a Cluster 2023-01-01 13:37:52 -08:00
justinsb 9bb1d3e114 Configuration file for kube-scheduler 
We generate a kube-scheduler configuration file in the kops CLI, and
nodeup will use it if provided (instead of generating one).

We put the configuration file into the fileAssets.

Users can provide a kube-scheduler configuration in additional
objects, and this will be used as the base configuration (we add the
kubeconfig path).

Issue #13352

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-08-03 09:51:05 -04:00
Ciprian Hacman 3e5c506872 Don't digest side-loaded images 2022-04-29 18:26:11 +03:00
Ole Markus With 0f3e3c793b Create feature flag that is default on for image digests 2022-03-26 18:40:21 +01:00
Ole Markus With e657a1a0f2 Remap images to add digest to them 2022-03-26 18:40:21 +01:00
Ciprian Hacman a4ed2b0654 Migrate to registry.k8s.io 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 08:47:12 +02:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers e0915887ed Move asset copying out of apply_cluster 2021-06-05 21:17:50 -07:00
John Gardiner Myers 95aa3fd13e Rename "DockerImage" to "DownloadLocation" 2021-05-29 16:40:56 -07:00
John Gardiner Myers 34c6f7f295 Rename "ContainerAssets" to "ImageAssets" 2021-05-29 16:36:55 -07:00
John Gardiner Myers 1c33270f91 Always set canonical location of assets 2021-05-28 21:33:46 -07:00
John Gardiner Myers 227c179f83 Remove support for disabling manifest normalization 2020-11-22 11:01:15 -08:00
Ciprian Hacman 2f218125fe Mention the new sha256 hash files only after failing all mirrors 2020-09-18 09:51:55 +03:00
Ciprian Hacman 0c6f1c733c Use all kops mirrors to determine artifacts hashes 2020-09-18 09:44:37 +03:00
Justin Santa Barbara f32fcc35fa Addons: Support arbitrary additional objects 
We will be managing cluster addons using CRDs, and so we want to be
able to apply arbitrary objects as part of cluster bringup.

Start by allowing (behind a feature-flag) for arbitrary objects to be
specified.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-28 09:03:41 -04:00
Ciprian Hacman a4ff90205a Pull images from k8s.gcr.io/kops instead of docker.io/kope 2020-08-25 08:04:36 +03:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
Ciprian Hacman e439684445 Refactor networking assets finder 2020-08-02 22:36:33 +03:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
Justin SB 854a4548e3 Refactor kubemanifest to be clearer 
Primarily renaming manifests to objects, which is a more accurate
term.
 2020-06-11 21:40:51 -04:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
Justin SB f348b47332
Don't output empty sections in the manifests 
In our kube-dns manifest for 1.6 we often had an empty section,
normalization converted this to `{}` which causes `kubectl apply` to
fail.

We can simply skip empty objects when outputing.
 2020-01-11 20:58:24 -05:00
tanjunchen f45dba4b62 replace TrimRight with TrimSuffix 2019-12-16 09:45:49 +08:00
Justin SB 6cb341dfeb
Add kops-controller to default adddons 2019-09-25 12:04:37 -04:00
Justin SB cc20210c27
Log more sensibly when we can't get sha256 
Issue #7550
 2019-09-10 10:03:54 -04:00
Justin SB f9bf9bbb9d
Ignore empty hashfiles 
While developing sha256 support, I observed that an empty hash file
caused a panic.
 2019-08-25 16:03:13 -04:00
Justin SB eca2ac6b80
Look for sha256 and sha1 files for artifacts 2019-08-23 18:26:25 -04:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Justin SB 9360887551
Refactor names of URLs in assets to clarify their purpose 2019-03-14 00:37:25 -04:00
Justin SB 26bd75aecb
Bulk spelling fixes 
Experimenting with my own spelling checker, these are the typos it caught.
 2018-12-20 17:43:56 -05:00
Justin Santa Barbara 0914959ba7 Recognize shasum format for hashes 
The CNI assets have started publishing with shasum files as their
.sha1 files, instead of the bare hashes we use elsewhere.
 2018-10-08 10:24:36 -04:00
Christian Kampka 05af75fac3 ContainerRegistry remapping should be atomic 
Fixes #5061
 2018-07-20 20:56:52 +02:00
Christian Kampka 97c1211338 Finish builder implementation and add tests 2018-07-06 14:32:29 +02:00
Christian Kampka cbcd7d43c0 Run gofmt 2018-07-06 14:32:29 +02:00
Christian Kampka 4d87fb6a74 Destinguish between docker hub and convenience registry domain 2018-07-06 14:32:29 +02:00
Christian Kampka 7e3221a2fb Add pull-through proxy cache for asset docker images 2018-07-06 14:32:29 +02:00
Christian Kampka 921591343a Fix containerRegistry for Kubernetes < 1.10 2018-06-20 09:46:55 +02:00
AdamDang f7b5849266
Typo fix in error message 
an nil URL -> a nil URL
 2018-04-02 20:20:04 +08:00
Justin Santa Barbara df47310e41 Fix comment on RemapFileAndSHA 2018-02-22 21:42:41 -08:00
Justin Santa Barbara e4fafa6065 Use legacy image registry gcr.io/google_containers for <= 1.9 
The k8s.gcr.io prefix is an alias, but for CI builds we run from a
docker load, and we only double-tag from 1.10 onwards.  For versions
prior to 1.10, remap k8s.gcr.io to the old name.  This also means that
we won't start using the aliased names on existing clusters, which could
otherwise be surprising to users.
 2018-02-22 21:42:33 -08:00