kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,006 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

56 Commits

Author SHA1 Message Date
justinsb 2a9343a168 Generate revisions of NLB objects, and introduce cleanup phase 
This lets us safely make changes to otherwise immutable fields, in
particular for adding security groups to NLBs created without them.

We detect the older versions, and create deletion tasks to remove
them.  These tasks can be deferred, and we expect them to be
deferred to a "prune" phase that runs after cluster apply.

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2024-02-17 11:41:15 -05:00
justinsb bd8cce06ae refactor: Drop TargetGroups from NetworkLoadBalancer task 
They are not needed, they were only used for dependency ordering (and
we now have that dependency on the split out listener task)
 2024-02-04 18:09:17 -05:00
justinsb c9b9a47b94 cloudmock: Implement WithContext methods for ELBv2 
Also switch methods that were not passing a context.
 2024-02-04 15:52:29 -05:00
justinsb c35c754eff Refactor: Split out NLB Listener into its own task 
This allows us to use more of our task machinery, including dependency
analysis.  The intent is that we'll be able to support multiple
LoadBalancers and TargetGroups.
 2024-02-04 15:52:25 -05:00
justinsb 086af6458e refactor: wait for load balancer readiness using a private field 
This approach is more explicit than looking at the names of the target
groups, and using a private field is simpler.
 2024-01-29 09:34:56 -05:00
justinsb 169c96ba11 refactor: NetworkLoadBalancer Name should match Name tag 
It was actually the terraform name, and didn't match the tag.

This change should have no externally-visible effect.
 2024-01-28 16:19:02 -05:00
justinsb 50776a7e92 Refactor ForAPIServer 
We instead return a list of the services we are supporting.

We can in future split out internal and external apiserver services.
 2024-01-12 15:53:41 -05:00
John Gardiner Myers 2fbc7cf979 aws: Attach security groups to NLBs 2023-10-06 22:33:31 -07:00
John Gardiner Myers 8cc617afd9 Make NLBs dualstack when they're in IPv6-capable subnets 2023-05-11 14:46:23 -07:00
John Gardiner Myers af4f9671e6 Support dualstack NLBs with Terraform 2023-05-10 21:50:23 -07:00
John Gardiner Myers 4d309b0b36 Move Cluster into CloudupSubContext 2022-12-20 08:11:01 -08:00
John Gardiner Myers f7383b29da Move Cloud into CloudupSubContext 2022-12-18 13:40:02 -08:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
John Gardiner Myers 87925bf0ca Remove CloudFormation support 2022-11-22 21:02:50 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Kubernetes Prow Robot f982934ae2
Merge pull request #14499 from johngmyers/delete-clb 
aws: delete CLBs after migration to NLB
 2022-11-06 10:20:15 -08:00
John Gardiner Myers 66eb76ada5 aws: delete CLBs after migration to NLB 2022-11-05 14:34:57 -07:00
Ciprian Hacman edb44610f7 aws: Create cluster without DNS or Gossip 2022-11-02 12:54:27 +02:00
John Gardiner Myers 6eed8ff095 Refactor all normalization code into new Normalize() method 2022-10-30 23:59:22 -07:00
Ciprian Hacman ff40d18a7d Avoid spurious changes with NLB due to access log config 2022-09-23 20:57:57 +03:00
Ciprian Hacman 2f8154692f Allow returning multiple addresses for API 2022-05-09 14:14:15 +03:00
Peter Rifel e0555bb431
Remove unused json field tags from terraform structs 2021-12-24 14:17:23 -06:00
John Gardiner Myers 3314c18e89 Support creating dualstack internal NLBs 2021-12-19 21:52:56 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
justinsb 5ce259b424 Stable-sort subnets by Name 
This ensures a stable order, even if/when the IDs aren't set (e.g. in terraform)
 2021-11-18 11:36:56 -05:00
Ole Markus With fc9c86e778 Allow adding more subnets to an NLB 2021-09-24 14:21:45 +02:00
AkiraFukushima 73f7307844
Add AccessLog attribute to CloudFormation and Terraform renderer 2021-08-25 22:55:53 +09:00
AkiraFukushima 226cbe5561
Support AWS LB access log configuration for NetworkLoadBalancer 2021-08-03 12:12:16 +09:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 7c9e7e9286 Make Lifecycle field non-pointer 2021-06-02 23:02:16 -07:00
John Gardiner Myers 1b1b18f5ab Clean up straggling autogenerated code 2021-06-02 20:59:24 -07:00
John Gardiner Myers 4090c07e01 Move ELB/NLB query functions into AWSCloud 2021-05-15 15:22:01 -07:00
John Gardiner Myers 57dec35f68 Split out TerraformWriter 2021-05-02 21:54:46 -07:00
Peter Rifel 51cec7e556
Use "tag on create" for EIPs, NLBs, and TargetGroups 
These are the remaining resources that support "tag on create" of which we werent taking advantage.

This allows more fine-grained IAM permissions for the kops cli.
 2021-03-22 07:21:51 -05:00
Timothy Clarke 1577b0a54b
Adding Elastic IP Allocations to NLB API 2021-02-18 12:27:28 +00:00
Alexander Block 684ff3498e Add back "omitempty" to cloudformation SubnetMapping 2021-02-10 18:02:13 +01:00
Alexander Block 277b917a24 Add notice about it being a bug if len(PrivateIPv4Address) = 1 2021-02-10 15:44:02 +01:00
Alexander Block 16c89e11b1 Remove Subnets fields from cloudformation and terraform 2021-02-10 15:43:19 +01:00
Alexander Block 091a18a128 Add omitempty to Subnets and SubnetMappings for terraform and cloudformation 2021-02-10 10:29:48 +01:00
Alexander Block 76dda4d925 Abort in case a NLB has more then one PrivateIPv4Address 2021-02-10 09:42:59 +01:00
Alexander Block 49e7ec8890 Use SubnetMappings for NLBs instead of Subnets 
SubnetMappings allow to explicitely set the private IPv4 address that
must be used for the NLB.

SubnetMappings and Subnets in the AWS API are compatible as long as the
address settings are not changes, making this commit backwards compatible.
 2021-02-05 17:53:20 +01:00
Alexander Block 190073e766 Refactor and fix NLB subnet change checks 
Move checks for valid subnet operations into CheckChanges. This also fixes
a bug where changes would cause immutable field errors while it's actually
perfectly fine to add new subnets (only detaching is forbidden).

This also commit changes the actualSubnets and expectedSubnets lists to
be maps of *string. This is in preparation for the next commit that then
relies on it being a map.
 2021-02-05 13:08:57 +01:00
Peter Rifel 580d73bdc7
Fix NLB listener -> target group association for TF & CF 
The old code made the incorrect assumption that the NLB's list of TargetGroup tasks is in the same order as the NLB's list of listeners for their associations.
Because the model adds them in opposite orders this resulted in the TLS listener being forwarded to the TCP TG and vice versa.

This updates the terraform and cloudformation generation code to search the NLB's list of target groups by name for the target group that should be associated with the listener.
This matches the logic used in the "direct" target.
 2021-01-12 23:21:55 -06:00
Ciprian Hacman e57cd534b5 Allow attaching same external target group to multiple instance groups 2020-12-03 06:59:59 +02:00
Frank Yang 93dcaddc48 feat(aws): add PolicyNames for ELB to change listener's security policy 2020-11-19 16:07:21 +08:00
Ciprian Hacman 0934374fe2 Fix various NLB nits 2020-11-10 17:30:23 +02:00
Peter Rifel 4758ea9f2f
Address feedback 2020-11-09 17:24:32 -06:00
Peter Rifel 370092cb5a
Update TG ports rather than protocols when adding/removing ACM certs from listeners 
This also renames the TGs to be more descriptive, with tcp and tls prefixes.
 2020-11-06 11:09:38 -06:00
Peter Rifel 15ba84df16
Find target group names for existing NLB listeners 2020-11-06 11:09:37 -06:00