kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,686 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

3567 Commits

Author SHA1 Message Date
Justin SB c75e084158 Re-add integration tests for jwks 
We removed them from #10756, but they can be re-added.
 2021-03-20 22:55:11 -04:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Peter Rifel 7f32b2a211
Only log HasLifecycle details if it is worthy of a warning 2021-03-19 23:28:32 -05:00
MoShitrit d72006aaf0 Update expected 2021-03-19 23:12:08 -04:00
Ole Markus With 1900548213 Upload JWKS files as world readable 2021-03-19 20:07:38 +01:00
Ole Markus With 2c1f88f40e Do not need thumbprints to be resources 2021-03-19 20:05:37 +01:00
Peter Rifel 7c900b7fae Generate and upload keys.json + discovery.json to public store 
Generate and upload keys.json + discovery.json to public store

Don't enable anonymous auth on publicjwks

Remove tests that won't work using FS VFS anymore
 2021-03-19 20:03:26 +01:00
Ciprian Hacman 55f8c70779 Add channels entries for image architecture 2021-03-15 20:36:37 +02:00
Bharath Vedartham 059c7ef33a Create an environment file for kops-configuration systemd process 2021-03-13 22:20:49 +05:30
Kubernetes Prow Robot ad7c793050
Merge pull request #10913 from seh/scope-os-update-policy-to-instance-group-too 
Honor OS update policy at InstanceGroup level too
 2021-03-12 22:03:03 -08:00
Kubernetes Prow Robot 6d3c7d4117
Merge pull request #11015 from t1cg/caw/fixNullPointerOnUpdate 
azure: fix null pointer when updating in place cluster
 2021-03-12 10:08:18 -08:00
Collin Woodruff 46700685e5 azure: fix null pointer when updating in place cluster 2021-03-12 12:10:17 -05:00
Kubernetes Prow Robot bafbdaef6d
Merge pull request #11026 from olemarkus/cilium-1.10 
Allow cilium 1.10
 2021-03-12 07:06:18 -08:00
Kubernetes Prow Robot 928b8cc442
Merge pull request #11009 from spotinst/feat-launchspec-bdm 
Spotinst: Add support for block device mappings in Ocean Launch Spec
 2021-03-12 06:16:18 -08:00
Ole Markus With 8e2e60ae44 Allow cilium 1.10 2021-03-12 14:17:28 +01:00
Ciprian Hacman 909f206484 Update Calico to v3.18.1 2021-03-12 05:47:55 +02:00
liranp dc1ee9402a
feat(spot/ocean): support for block device mappings in launchspec 2021-03-10 15:30:39 +02:00
Bharath Vedartham 0c0767c0c9 Remove support for launch configurations 2021-03-09 09:04:15 +02:00
Kubernetes Prow Robot fea7589d97
Merge pull request #10574 from bharath-123/feat/protokube-systemd 
Run protokube as a systemd service
 2021-03-07 22:03:44 -08:00
Ciprian Hacman 77b72efe1d Fix various nits when changing Protokube to run as service 2021-03-08 07:19:48 +02:00
Ole Markus With 8a205724f2 Deduplicate adding mastervolumebuilder 2021-03-07 22:09:02 +01:00
Ole Markus With c817ae662c Merge the two apply_cluster switches 2021-03-07 22:08:15 +01:00
Ole Markus With c6a741a148 Move dns and external_access to awsmodel 2021-03-07 22:07:17 +01:00
Ole Markus With d415fdf1a1 Move bastion model to awsmodel 2021-03-07 22:06:20 +01:00
Ole Markus With 896f1740c6 Rename spotinst symbols and merge spotinstmodel with awsmodel 2021-03-07 22:06:12 +01:00
Ole Markus With 782052f472 Set ssh key on the model context in one location 2021-03-07 21:44:12 +01:00
Ole Markus With 27fd76bf9a Fix kops-controller rbac due to leader election change 2021-03-06 11:42:21 +01:00
Ciprian Hacman b44065c692 Remove manually added labels from addons 2021-03-06 09:31:22 +02:00
Bharath Vedartham 1d4c8e4afa Add protokube and channels to assets 2021-03-06 00:32:05 +05:30
Bharath Vedartham e5aa8177b6 Add protokube and channels urls 2021-03-06 00:31:18 +05:30
Steven E. Harris 2fc68564be Note new field's impact on OS package installation 2021-03-05 09:41:09 -05:00
Steven E. Harris e39c985ee7 Honor OS update policy at InstanceGroup level too 
As with the Cluster-level "spec.updatePolicy" field, add a similar
field at the InstanceGroup level, allowing overriding of the
cluster-level choice in each InstanceGroup.

Introduce a new value for the field ("automatic") as equivalent to the
default value applied when the field is absent. Honoring this new
value allows disabling automatic updates at the cluster level, but
then enabling them again for particular InstanceGroups. Without such a
positive affirmation, it's not possible to override a cluster-level
"external" policy at the InstanceGroup level, as there's no way to
specify positively that you want to recover the default
value. Instead, expressing the explicit "automatic" value is clear and
unambiguous.
 2021-03-05 08:53:07 -05:00
Kubernetes Prow Robot 825d98f915
Merge pull request #10976 from codablock/ebs-tags 
Add CloudLabels as --extra-tags to aws-ebs-csi driver
 2021-03-04 22:22:22 -08:00
mmerrill3 1a3cb79d2d Removing duplicate local and output values in terraform(#10786) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2021-03-04 16:32:52 -05:00
Alexander Block 54c509b33c Add CloudLabels as --extra-tags to aws-ebs-csi driver 2021-03-04 12:07:11 +01:00
Peter Rifel ce51ec44bc
Use new CPUCredits IG spec field in launch templates 2021-03-02 22:54:29 -06:00
liranp 32cbf28b45
feat(spot/addon): bump ocean-controller to 1.0.73 2021-03-01 13:57:26 +02:00
Peter Rifel 577df0addf
Add support for defining a transit gateway for a default route 
I opted to just use a *string for the TGW ID in the route task rather than a full TGW task because kops will never be creating TGWs itself, they will always be defined by ID.
 2021-02-28 12:38:29 -06:00
Kubernetes Prow Robot f9f4ae9f40
Merge pull request #10946 from olemarkus/bump-external-dns 
Bump external-dns to 0.7.6
 2021-02-28 07:50:39 -08:00
Ole Markus With 802eb5ffaf Bump external-dns to 0.7.6 2021-02-28 11:28:51 +01:00
Ole Markus With bca857326f Add standard labels to all resources 2021-02-28 07:43:58 +01:00
Ciprian Hacman 925350f836 Sort external policies when checking for changes 2021-02-27 11:36:07 +02:00
Kubernetes Prow Robot 7759c754cb
Merge pull request #10924 from hakman/fix-spotinst-nil-pointer 
Fix nil pointer deference for image ID with spotinst
 2021-02-25 01:29:26 -08:00
Ciprian Hacman 365f73f9c4 Fix nil pointer deference for image ID with spotinst 2021-02-25 07:51:29 +02:00
Kubernetes Prow Robot 9c5c186442
Merge pull request #10915 from t1cg/caw/publicLoadbalancer 
add support for azure public loadbalancer
 2021-02-24 19:51:24 -08:00
Kubernetes Prow Robot 1b42286cfe
Merge pull request #10832 from rifelpet/aws-sdk 
Add Tagging to Instance Profiles and OIDC Providers
 2021-02-24 05:40:50 -08:00
Collin Woodruff ee7fc850ff add support for azure public loadbalancer 2021-02-23 17:42:33 -05:00
Kubernetes Prow Robot a424958e83
Merge pull request #10872 from timothyclarke/feature/NLB-EIP 
Adding Elastic IP Allocations to NLB API
 2021-02-22 23:48:03 -08:00
Kubernetes Prow Robot 49be2d4809
Merge pull request #10904 from hakman/calico-3.18.0 
Update Calico to v3.18.0
 2021-02-22 22:52:03 -08:00
Ciprian Hacman aa7f866f26 Update Calico to v3.18.0 2021-02-23 06:22:40 +02:00
Nicholas Galantowicz 616d446658 add usage of subnet and routetable shared resources in azure 2021-02-22 15:28:55 -05:00
Kubernetes Prow Robot 4e8c655899
Merge pull request #10897 from olemarkus/remove-1-14-support 
Enforce 1.14 deprecation
 2021-02-22 06:01:43 -08:00
Ole Markus With 4d4bcba315 Enforce 1.14 deprecation 2021-02-21 17:59:39 +01:00
Kubernetes Prow Robot 53d83bd5ea
Merge pull request #10886 from t1cg/caw/fixLbNullPointer 
fix loadBalancerID null pointer
 2021-02-19 11:12:25 -08:00
Collin Woodruff cab1c1423f fix loadBalancerID null pointer 2021-02-19 12:29:25 -05:00
Ciprian Hacman dee13cecca Improve machine type and image validation 2021-02-19 18:28:57 +02:00
Kubernetes Prow Robot fb1cde0c95
Merge pull request #10876 from MoShitrit/aws-cni-1.7.9 
Update AWS CNI to latest patch version
 2021-02-18 23:10:24 -08:00
MoShitrit af1b978071 Update AWS CNI to latest patch version 2021-02-18 15:16:43 -05:00
Bharath Vedartham 1912db0f11 Add mocks 2021-02-19 01:20:15 +05:30
Timothy Clarke 1577b0a54b
Adding Elastic IP Allocations to NLB API 2021-02-18 12:27:28 +00:00
Otto Sulin 24dcd840bb Fix OpenStack delete functions 
This PR introduces two fixes:
1) Add missing RetryWithBackoff to DeleteInstanceWithID
2) Fix broken retry logic in all other delete functions. In the current implementation, as the first Delete request will almost certainly return nil, the function will return true and the retry will not try again, resulting in assets not getting deleted from OpenStack

Also, the current writeBackoff is pretty aggressive and I introduced a bit less hasty deleteBackoff.

The change has been tested with OpenStack. I verified that all APIs we are hitting will eventually return the 404 (type) we are looking for.
 2021-02-17 11:02:12 +02:00
Ciprian Hacman f42f913ee2 Add liveness probe for calico-kube-controllers 2021-02-17 08:48:55 +02:00
Ciprian Hacman 35ea2f49b3 Release 1.21.0-alpha.1 2021-02-16 10:44:34 +02:00
Peter Rifel 1659a95f56
Precreate the kops-controller DNS name 
We're seeing test failures in prow because nodes are not able to resolve the kops-controller dns record.

Judging by timestamps, dns-controller adds the record after it is first queried by nodeup.
The negative TTL is long enough that the cluster doesn't validate within the alotted time.
Rather than increasing the validation timeout I think its better to precreate the DNS record the same way we do for the other records.
 2021-02-15 18:00:36 -06:00
Peter Rifel d52fd9f76c
Add tagging support to AWS Instance Profiles and OIDC Providers 2021-02-15 16:48:43 -06:00
Peter Rifel 6e6e072d93
Use AWS SDK const for IAM entities not found 2021-02-15 15:53:59 -06:00
Kubernetes Prow Robot cd10383fa0
Merge pull request #10741 from codablock/nlb-subnets 
Allow to control which subnets and IPs get used for the API loadbalancer
 2021-02-14 14:23:06 -08:00
Kubernetes Prow Robot 6bb8e6b48f
Merge pull request #10820 from spotinst/feat-ocean-controller-1.0.72 
Spotinst: Bump the Ocean Controller to 1.0.72
 2021-02-14 07:51:06 -08:00
liranp c7abdfd7fe
feat(spot/addon): bump ocean-controller to 1.0.72 2021-02-14 12:16:27 +02:00
liranp 36cf8a2da0
fix(spot/ocean): replace corev1.Taint to fix hcl2 serialization 2021-02-14 11:06:37 +02:00
Kubernetes Prow Robot 688aeb873a
Merge pull request #10744 from t1cg/caw/azureLoadbalancer 
add azure support for internal loadbalancer to k8s api
 2021-02-12 14:53:04 -08:00
Collin Woodruff 6a8d474acd add internal loadbalancer for azure 2021-02-12 17:13:01 -05:00
Ciprian Hacman 2324366736 Fix LaunchSpec TF output 2021-02-12 17:00:17 +02:00
Ciprian Hacman c0d02d7dc9 Update Docker to v19.03.15 2021-02-12 07:10:32 +02:00
Kubernetes Prow Robot ec495195a7
Merge pull request #10733 from seh/allow-disabling-of-storage-class-mgmt 
Storage: Allow disabling of kOps's management of StorageClasses
 2021-02-11 10:26:17 -08:00
Kubernetes Prow Robot c7f312ce08
Merge pull request #10728 from h3poteto/iss-10719 
Fill Role names in kops-controller-config instead of instance profile names when it is specified
 2021-02-11 08:38:16 -08:00
Steven E. Harris d44612cc84 Capture outcome of "hack/update-expected.sh" run 2021-02-11 10:49:49 -05:00
Steven E. Harris d1432bf1d4 Establish default CloudConfiguration values 2021-02-11 10:49:49 -05:00
Ciprian Hacman fe55158624 Update Calico to v3.17.2 2021-02-11 13:03:14 +02:00
Kubernetes Prow Robot b233f031a3
Merge pull request #10489 from olemarkus/aws-loadbalancer-controller 
Add AWS LoadBalancerController
 2021-02-11 02:06:16 -08:00
Ole Markus With e106e5f752 Apply suggestions from code review 
Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2021-02-11 10:15:26 +01:00
Ole Markus With 56330188d0 Add AWS LoadBalancerController 2021-02-11 08:47:03 +01:00
Kubernetes Prow Robot 9b7ed553a7
Merge pull request #10778 from olemarkus/managed-file-public 
Add support for creating world-readable managedFiles
 2021-02-10 23:02:16 -08:00
AkiraFukushima 36acadca59 Fill Role names in kops-controller-config instead of instance profile names when it is specified 
The role names are checked in node bootstrap.
If profile names are provided, bootstrap will fail.
Because profile name and role name do not always mactch in AWS IAM
 2021-02-11 14:28:49 +09:00
Kubernetes Prow Robot c00e561fe5
Merge pull request #10767 from johanneswuerbach/fix-cp-docker-img 
fix: asset task copy docker image
 2021-02-10 17:10:16 -08:00
Alexander Block 684ff3498e Add back "omitempty" to cloudformation SubnetMapping 2021-02-10 18:02:13 +01:00
Justin SB f577e48cdf Logging: don't suggest we are pre-creating DNS records unless we are 
We want to communicate what we're doing, but the log message is confusing.
 2021-02-10 10:04:18 -05:00
Alexander Block 277b917a24 Add notice about it being a bug if len(PrivateIPv4Address) = 1 2021-02-10 15:44:02 +01:00
Alexander Block 16c89e11b1 Remove Subnets fields from cloudformation and terraform 2021-02-10 15:43:19 +01:00
Alexander Block 091a18a128 Add omitempty to Subnets and SubnetMappings for terraform and cloudformation 2021-02-10 10:29:48 +01:00
Alexander Block 76dda4d925 Abort in case a NLB has more then one PrivateIPv4Address 2021-02-10 09:42:59 +01:00
Ole Markus With e0c3490cc3 Add support for creating world-readable managedFiles 2021-02-09 21:06:28 +01:00
Kubernetes Prow Robot b78d66464a
Merge pull request #10771 from bharath-123/fix/cloud-zones 
Update GCE zones
 2021-02-08 18:16:28 -08:00
Kubernetes Prow Robot 4507be8e13
Merge pull request #10469 from justinsb/boot_nodes_from_kops_controller 
Boot nodes without state store access
 2021-02-08 11:28:19 -08:00
Bharath Vedartham e1e02aa761 Refactor error message 2021-02-09 00:24:30 +05:30
Bharath Vedartham 8a3cf01384 Update GCE zones 2021-02-09 00:17:19 +05:30
Johannes Würbach f89d407945
fix: asset task copy docker image 2021-02-08 13:09:54 +01:00
Ciprian Hacman ede4daf7ce Release 1.20.0-alpha.2 2021-02-08 13:36:48 +02:00
Ciprian Hacman 47adc91dc2 Add dummy EnsureFileOwner function for Windows 2021-02-08 09:12:33 +02:00
Justin SB 4ca45411d1 nodeup file: Set owner & group when we write the file. 
Otherwise we had an issue where the file existed with the correct
owner/group; when we rewrote it we set the owner/group to root/root;
but we then didn't set the owner/group if they were previously
correct.

Was visible in the flatcar test results.
 2021-02-07 17:41:13 -05:00