kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,915 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

11915 Commits

Author SHA1 Message Date
Justin SB 2a44cb7f16 Update script and testdata CA keypair 
If we generate with the wrong type (usages), the keypair will be
regenerated.
 2020-09-12 16:21:15 -04:00
Justin SB 08ce1dacaf Add missing setResources on CA task 
Otherwise it doesn't work the first time round, in the JWKS scenario.
 2020-09-11 09:17:55 -04:00
Kubernetes Prow Robot bafdacd85d
Merge pull request #9917 from astrikos/astrikos/RemoveForceTCPFromDot 
Remove force_tcp flag for nodelocalcache dot zone
 2020-09-11 03:12:14 -07:00
Kubernetes Prow Robot ccd810dad9
Merge pull request #9907 from olemarkus/openstack-no-volume-type 
Remove constraint of setting volume type for OS
 2020-09-11 01:14:14 -07:00
Andreas Strikos 93c44d867a Remove force_tcp flag for nodelocalcache dot zone 
Forcing all DNS communication go through TCP can lead to increased
latency and slower DNS responses since a lot of upstream DNS
servers are not optimized for TCP traffic.
An example is AWS's VPC DNS server that sending all the DNS traffic
through TCP cause it to increase the latencies for this requests.
The kubernetes version has already changed this configmap to skip
force_tcp flag for the . zone, so it makes sense to follow their
example.
Reference https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml#L100
 2020-09-11 09:58:27 +02:00
Kubernetes Prow Robot 041f774642
Merge pull request #9909 from johngmyers/template-filter 
Get launch template versions after filtering templates
 2020-09-10 21:16:14 -07:00
Kubernetes Prow Robot 0a428bebf8
Merge pull request #9867 from devops-israel/v1.18.0-fix-external-policies 
Only apply external policies when these are defined
 2020-09-10 10:23:45 -07:00
Evgeny Zislis 608a561f8c
only apply external policy tasks on non-shared iam 2020-09-10 12:58:54 +03:00
Kubernetes Prow Robot a5fc8895dc
Merge pull request #9857 from hakman/detect-aws-region 
Detect AWS region for S3 inside containers
 2020-09-09 23:17:44 -07:00
John Gardiner Myers 8adb8e9868 Get launch template versions after filtering templates 2020-09-09 23:04:54 -07:00
Kubernetes Prow Robot 036ea69525
Merge pull request #9352 from justinsb/irsa_with_public 
Simplified form of IAM Roles for ServiceAccounts
 2020-09-09 22:23:44 -07:00
Kubernetes Prow Robot 4508406515
Merge pull request #9908 from rdrgmnzs/CacheNodeidentityInfo 
Allow caching of Nodeidentity Info in kops-controller for AWS.
 2020-09-09 13:01:44 -07:00
Rodrigo Menezes 4c057f138a Allow caching of Nodeidentity Info in kops-controller for AWS to reduce the number of DescribeInstances API calls. 2020-09-09 22:11:29 +03:00
Ole Markus With ecfdf5715b Remove constraint of setting volume type for OS 
There is no real reason to do this. In some cases this may even prevent
clusters from starting where there is no explicit volume type defined in
cinder.
 2020-09-09 20:53:17 +02:00
Kubernetes Prow Robot c7bbe9c472
Merge pull request #9904 from justinsb/relnotes_1_18_1 
Release notes for 1.18.1
 2020-09-09 11:15:07 -07:00
Kubernetes Prow Robot 5e871a7d5e
Merge pull request #9902 from justinsb/relnotes_1_17_2 
Release notes for 1.17.2
 2020-09-09 10:09:08 -07:00
Justin SB 5c423e9dfa Release notes for 1.18.1 2020-09-09 12:58:08 -04:00
Kubernetes Prow Robot 8a07275bbf
Merge pull request #9901 from commixon/nodelocalcache-configure-resources 
Nodelocalcache configure resources
 2020-09-09 09:19:08 -07:00
Justin SB ed83ae382d Release notes for 1.17.2 2020-09-09 11:56:24 -04:00
Chris Loukas 65610dbcee Update NodeLocalDNSConfig with Mem/CPU requests 
Add NodeLocalDNS.CPURequest and NodeLocalDNS.MemoryRequest to
configure resource requests.

If not explicitly set, fall back to 25m and 5Mi
 2020-09-09 18:40:14 +03:00
Kubernetes Prow Robot 900e3c1b46
Merge pull request #9894 from hakman/calico-3.16.1 
Update Calico to v3.16.1
 2020-09-09 08:03:52 -07:00
Justin SB 6fa8be2716 JSON formatting of IAM: Workaround for optional fields 
AWS IAM is very strict and doesn't support `Resource: []` for example.
We implement a custom MarshalJSON method to work around that.
 2020-09-09 09:57:07 -04:00
Justin Santa Barbara d8895c57ec Add version logic to UseServiceAccountIAM 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:07 -04:00
Justin SB a61ecf4c58 Refactor to use interface for iam Subjects 
Hat-tip to johngmyers for the idea!
 2020-09-09 09:57:07 -04:00
Justin SB f05980f6ba IAM Policy: rely on stub resolution/unification 
This avoids the hacky search through the list of tasks.
 2020-09-09 09:57:06 -04:00
Justin SB ccc814dfbc Create tests for JWKS scenarios 2020-09-09 09:57:06 -04:00
Justin SB 8498ac9dbb Create PublicJWKS feature flag 
This should be much easier to start and to get under testing; it only
works with a load balancer, it sets the apiserver into anonymous-auth
allowed, it grants the anonymous auth user permission to read our jwks
tokens.  But it shouldn't need a second bucket or anything of that
nature.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:06 -04:00
Kubernetes Prow Robot c9f4f3df99
Merge pull request #9892 from olemarkus/cas-docs 
Deprecate old cluster autoscaler addon
 2020-09-09 04:39:52 -07:00
Kubernetes Prow Robot 4604fa53b3
Merge pull request #9899 from olemarkus/remove-insecure-bind-address 
Don't explicitly set insecure-bind-address on newer k8s
 2020-09-09 03:25:53 -07:00
Ole Markus With 6cfd50a07a Deprecate the old cas addon 2020-09-09 12:13:32 +02:00
Ole Markus With 886b4c97cb Don't explicitly set insecure-bind-address on newer k8s 2020-09-09 11:41:51 +02:00
Kubernetes Prow Robot ddde1b8d35
Merge pull request #9897 from johngmyers/spot-direct 
Add missing spot support to launch template direct render
 2020-09-09 00:59:52 -07:00
John Gardiner Myers 0cb9eed851 Add missing spot support to launch template direct render 2020-09-08 23:20:29 -07:00
Ciprian Hacman 0357d33ff6 Update Calico to v3.16.1 2020-09-09 06:37:27 +03:00
Kubernetes Prow Robot 68b2302b48
Merge pull request #9885 from olemarkus/encryptionconfig-warn 
Errors when encryptionConfig is enabled, but no encryptionconfig secret
 2020-09-08 11:09:45 -07:00
Ole Markus With 192d6a46f9 Errors when encryptionConfig is enabled, but no encryptionconfig secret 
When encryptionConfig is enabled, but the secret is missing, there is no
visible errors anywhere. kube-apiserver just goes into a crashloop
without any complains. This PR adds warnings both on the client side and
through nodeup.
 2020-09-08 17:46:18 +02:00
Kubernetes Prow Robot 3527d32b26
Merge pull request #9872 from hakman/root-vol-encrypt-lc 
Use root volume encryption flag for LaunchConfiguration with TF and CF
 2020-09-08 04:31:42 -07:00
Kubernetes Prow Robot 543c418dc7
Merge pull request #9882 from hakman/gh-releae-artifacts 
Use new GitHub artifact names for mirrored assets
 2020-09-08 02:21:44 -07:00
Ciprian Hacman 43e0b2332c Update expected outputs of integration tests 2020-09-08 10:12:57 +03:00
Ciprian Hacman 315ed2c9b5 Use new GitHub artifact names for mirrored assets 2020-09-08 10:10:23 +03:00
Kubernetes Prow Robot 766e65c725
Merge pull request #9884 from hakman/mock-1.19.0-alpha.3 
Update mock version to 1.19.0-alpha.3
 2020-09-08 00:09:43 -07:00
Ciprian Hacman d1bdc1632d Update expected outputs of integration tests 2020-09-08 08:46:09 +03:00
Ciprian Hacman c7bc3d4397 Update mock version to 1.19.0-alpha.3 2020-09-08 08:45:25 +03:00
Kubernetes Prow Robot c3020cff46
Merge pull request #9881 from justinsb/avoid_warning_from_find 
verify-terraform: rearrange arguments to find
 2020-09-07 17:27:42 -07:00
Justin SB 5f9d3b3431 verify-terraform: rearrange arguments to find 
Otherwise we get a warning:

"find: warning: you have specified the global option -maxdepth after the argument -type, but global options are not positional, i.e., -maxdepth affects tests specified before it as well as those specified after it.  Please specify global options before other arguments."
 2020-09-07 17:35:57 -04:00
Kubernetes Prow Robot bb63f296f1
Merge pull request #9879 from bmelbourne/add-kubelet-cgroup-driver 
Add kubelet cgroup driver property
 2020-09-07 10:33:42 -07:00
Barry Melbourne 21fe46ce12 Add kubelet cgroup driver property 2020-09-07 17:11:33 +01:00
Kubernetes Prow Robot 1c7a6d4845
Merge pull request #9878 from hakman/go-1.15.1 
Update Go to v1.15.1
 2020-09-06 21:41:42 -07:00
Ciprian Hacman 224e19179e Update Go to v1.15.1 2020-09-07 05:56:46 +03:00
Kubernetes Prow Robot d90c90cfa4
Merge pull request #9877 from johngmyers/fspath-notexist 
Map ENOENT to ErrNotExist in FSPath
 2020-09-05 22:33:41 -07:00