kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,119 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1513 Commits

Author SHA1 Message Date
ederst cd50ee00ac Pass actual cluster name to cinder-csi-plugin 
This passes the acutal cluster name to the cinder-csi-plugin, so that
the plugin will add the name as metadata to the backing volume in
OpenStack.

Effectively, the change will help to better identify which volume in
OpenStack belongs to which cluster, which is especially helpful when
running multiple clusters in one OpenStack tenant/project.

Setting the cluster name in both - the controller and the nodeserver -
will ensure that dynamic and ephemeral volumes will receive the correct
metadata.
 2023-02-13 17:31:32 +01:00
Ciprian Hacman 4f61895bd5 Use registry.k8s.io for managed addons 2023-02-12 13:45:32 +02:00
Moshe Shitrit b902a427f2 bump aws cni to v1.12.2 2023-02-04 08:04:29 -05:00
Kubernetes Prow Robot 18e77efb59
Merge pull request #15077 from Mia-Cross/scaleway_ccm_and_csi 
scaleway: CCM and CSI driver
 2023-01-31 00:02:49 -08:00
Kubernetes Prow Robot 94affad3a4
Merge pull request #15050 from anthonyhaussman/feat/tone/cilium_unreachable_routes_pod_deletion 
Cilium: Add unreachable route for pod IP on deletion option
 2023-01-30 05:26:51 -08:00
Leïla MARABESE b120e3de45 added CCM and CSI manifests 2023-01-30 13:36:34 +01:00
Moshe Shitrit 8218b5e1fa bump aws-cni to 1.12.1 and re-order some manifests for a cleaner diff from upstream chart 2023-01-24 12:34:33 -05:00
Anthony Hausman 484bde5b9b
cilium: Add unreachable route for pod IP on deletion option 
When a pod is deleted, the route to its IP is replaced with an unreachable route.
When a pod is created, the route is replaced with a route to the pod veth (so if an unreachable existed, it's replaced).

Ref:
 - https://github.com/cilium/cilium/pull/18505
 2023-01-24 14:08:24 +01:00
Justin SB c30ae1b45c gce cloud-controller-manager: Add nodes/patch permission 
This permission is needed to update the podCIDR.

When we fix --use-service-account-credentials in GCE CCM, this
permission will not be needed (moving instead to a different
serviceaccount).
 2023-01-21 12:40:45 -05:00
John Gardiner Myers 97977c7a87 Upgrade AWS LBC to v2.4.6 2023-01-20 19:30:45 -08:00
John Gardiner Myers 56092cd2b7 Upgrade Node Termination Handler to 1.18.3 2023-01-18 08:12:59 -08:00
Ole Markus With de7d70721e Bump cert-manager to 1.10.2 2023-01-11 10:31:26 +01:00
Grégory SANCHEZ 6fdf54ff34 feat(cluster-autoscaler): autogenerate priority-expander configMap 2023-01-11 08:26:33 +01:00
John Gardiner Myers ad92d2760c Run pods needing control-plane instance credentials on hostNetwork 2023-01-10 20:48:05 -08:00
Jesse Haka 4383f40af7 move openstack cloud config to k8s secrets 2023-01-06 19:56:35 +02:00
John Gardiner Myers 005ec38972 Remove code for no-longer-supported k8s 1.21 2022-12-24 21:44:50 -08:00
John Gardiner Myers 27b8522081 Avoid triggering upgrade tests on release commits 2022-12-24 15:23:56 -08:00
Ciprian Hacman f5b72742b4
Release 1.26.0-beta.1 (#14858) 2022-12-23 01:13:27 -08:00
Kubernetes Prow Robot b647e4413f
Merge pull request #14846 from hakman/gossip_to_dns-none 
Allow migration from Gossip DNS to no DNS
 2022-12-22 22:53:26 -08:00
Ciprian Hacman b08d53a131 Refactor Gossip usage in addon templates 2022-12-23 08:04:13 +02:00
John Gardiner Myers bce03549f0 Upgrade external-dns to 0.13.1 2022-12-22 19:43:24 -08:00
Ole Markus With 36b75b031d Use onDelete update strategy for node-local DNS cache 2022-12-20 22:12:51 +01:00
Kubernetes Prow Robot bfabf3752a
Merge pull request #14824 from hakman/cert-manager-v1.10.1 
Update cert-manager to v1.10.1
 2022-12-20 09:09:44 -08:00
Kubernetes Prow Robot 728fbabe6c
Merge pull request #14813 from johngmyers/gcp-csi 
v1alpha3: Move some GCE-specific fields to CloudProvider.GCE
 2022-12-20 06:45:44 -08:00
Ciprian Hacman 5a7086aa27 Update cert-manager to v1.10.1 2022-12-20 13:14:23 +02:00
John Gardiner Myers 472a7f38b6 Upgrade coredns to v1.10.0 2022-12-19 23:26:39 -08:00
John Gardiner Myers 34d7507f78 v1alpha3: Move some GCE-specific fields to CloudProvider.GCE 2022-12-19 08:28:28 -08:00
John Gardiner Myers dec7d33be6 v1alpha3: Move AWS EBS CSI spec under CloudProvider.AWS 2022-12-19 00:10:16 -08:00
John Gardiner Myers ca7d82b02a v1alpha3: move AWS-specific fields to AWSSpec 2022-12-18 15:16:49 -08:00
John Gardiner Myers 70e44c2bf6 Bump metrics-server to 0.6.2 2022-12-17 23:03:40 -08:00
John Gardiner Myers 246a27d689 NTH: Remove unnecessary configuration in Queue Processor mode 2022-12-17 09:44:57 -08:00
John Gardiner Myers 7f502be319 Calico: Don't try to upgrade IPAM in IPv6 clusters 2022-12-11 20:53:51 -08:00
Kubernetes Prow Robot 572b0655dc
Merge pull request #14732 from olemarkus/cilium-12 
Bump cilium version to 1.12.4
 2022-12-11 04:25:14 -08:00
John Gardiner Myers 7c5b983490 Enable NTH Scheduled Event Draining by default 2022-12-08 19:02:44 -08:00
Ole Markus With a5684f969f Bump cilium to 1.12.4 2022-12-07 18:33:03 +01:00
Kubernetes Prow Robot 7ce93c03ae
Merge pull request #14593 from johngmyers/cas-allow-spot 
Allow cluster-autoscaler to run on spot if nothing else is available
 2022-12-06 04:24:37 -08:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Kubernetes Prow Robot 66921ca27f
Merge pull request #14700 from hakman/gcp_cluster_autoscaler 
gce: Update cluster-autoscaler config
 2022-12-05 07:45:03 -08:00
Kubernetes Prow Robot 2fc25219be
Merge pull request #14715 from johngmyers/upgrade-nth 
Upgrade Node Termination Handler to 1.18.1 and fix some issues
 2022-12-04 13:13:54 -08:00
Min Ni 8f5892fcb6 upgrade authentication.aws to v0.5.12 2022-12-04 11:34:03 -08:00
John Gardiner Myers dfd71c0c41 Address review comments 2022-12-04 11:11:05 -08:00
John Gardiner Myers a7f59813fa NTH SQS Deployment needs hostNetwork if no IRSA 2022-12-03 21:42:56 -08:00
John Gardiner Myers 589800a378 Use narrower tolerations for NTH when no IRSA 2022-12-03 21:42:56 -08:00
John Gardiner Myers 6ee229eb0c Fix configuration of NTH SQS mode 2022-12-03 21:42:56 -08:00
John Gardiner Myers 30970609ec Upgrade Node Termination Handler to 1.18.1 2022-12-03 21:42:56 -08:00
Ciprian Hacman 7a65b0f75e gce: Update cluster-autoscaler config 2022-12-03 22:41:14 +02:00
Ciprian Hacman 8920b15f75 metrics-server: Set preferred address type to `InternalIP` when non AWS 2022-12-03 22:35:52 +02:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
Ole Markus With ea1d919d0c Fix disabling masquerade for cilium 1.11+ 2022-11-30 14:27:04 +01:00
John Gardiner Myers 0ce9877eb4 Revert copy of "Calico: Work around host port/conntrack problem" 2022-11-28 07:31:32 -08:00
John Gardiner Myers 5d1c3a8361 Revert "Calico: Work around host port/conntrack problem" 
This reverts commit 9105368a41.
 2022-11-27 15:19:14 -08:00
John Gardiner Myers 0424c474a3 Don't disable AWS src/dst checks in Calico IPv6 2022-11-25 20:57:48 -08:00
John Gardiner Myers c6349285d4
Release 1.26.0-alpha.2 (#14665) 2022-11-25 09:06:04 -08:00
Kubernetes Prow Robot b8987e39f6
Merge pull request #14628 from jsafrane/add-features-to-template 
Add SELinuxMount feature gate
 2022-11-22 23:58:14 -08:00
Ciprian Hacman 173839a35b hetzner: Update CSI driver to v2.0.0 2022-11-23 06:21:15 +02:00
Jan Safranek e969b849ad Add SELinuxMount feature 
This feature installs platform CSI drivers so they support
SELinuxMountReadWriteOncePod. This assumes the operating system on all
nodes supports SELinux!
 2022-11-22 17:36:03 +01:00
Kubernetes Prow Robot d405d4c5a2
Merge pull request #14507 from johngmyers/internalname 
Stop making MasterInternalName configurable
 2022-11-18 13:38:29 -08:00
John Gardiner Myers 9d90c7fc7b Allow cluster-autoscaler to run on spot if nothing else is available 2022-11-18 08:31:47 -08:00
Ole Markus With 104ee74d63 Fix disabling StorageClass management 
Previously this was done in the manifests leading to empty files. kubectl doesn't like this, so protokube will always fail updating the addon when StorageClass management is disabled
 2022-11-18 09:55:02 +01:00
Ole Markus With 58195904ee Bump cilium to 1.11.11 2022-11-18 08:44:55 +01:00
John Gardiner Myers 8473e8b2e7 Stop making MasterInternalName configurable 2022-11-16 22:06:02 -08:00
Kubernetes Prow Robot b2357dba3b
Merge pull request #14564 from heybronson/sprig-join 
use sprig join for template functions
 2022-11-15 13:52:58 -08:00
Kubernetes Prow Robot ca093709fa
Merge pull request #14540 from olemarkus/bump-lbc-245 
Bump AWS Load Balancer Controller to 2.4.5
 2022-11-15 09:48:41 -08:00
Bronson Mirafuentes 5a3ed44773 use sprig join for template functions 2022-11-15 08:59:05 -08:00
Ole Markus With 981e45bb41 Bump AWS Load Balancer Controller to 2.4.5 
Also force LBC to run on regular nodes when IRSA is enabled.
 2022-11-15 11:27:30 +01:00
Ciprian Hacman bfe984a68b Update Canal to v3.23.5 for k8s 1.22+ 2022-11-15 05:25:35 +02:00
Ciprian Hacman e2be2a5e52 Update Calico to v3.23.5 for k8s 1.22+ 2022-11-15 05:25:35 +02:00
Ciprian Hacman 8af0c17a51 Update Canal to v3.24.5 for k8s 1.25+ 2022-11-15 05:25:35 +02:00
Ciprian Hacman 9d47c8d2e4 Update Calico to v3.24.5 for k8s 1.25+ 2022-11-15 05:21:05 +02:00
Moshe Shitrit 968aefb0dd add a condition for the aws-cni ClusterRole based on the value of 'ANNOTATE_POD_IP' env 2022-11-08 11:20:42 -05:00
Moshe Shitrit 6b1c564747 use the same affinity config for coredns-autoscaler deployment as for main coredns deployment 2022-11-06 19:11:35 -05:00
Moshe Shitrit c44f8a94c5 use the same tolerations config for coredns-autoscaler deployment as for main coredns deployment 2022-11-06 19:05:29 -05:00
Moshe Shitrit 2bde382dbb update amazon-vpc-cni to 1.12.0 2022-11-01 21:11:05 -04:00
Kubernetes Prow Robot 20b0595189
Merge pull request #14463 from HealthEngineAU/pod-identity-webhook-metrics-fix 
Fix Prometheus scraping for pod-identity-webhook
 2022-10-28 11:50:53 -07:00
Kubernetes Prow Robot 0aebcbc6d9
Merge pull request #14459 from pacoxu/master 
Stop applying the beta.kubernetes.io/os
 2022-10-28 10:46:31 -07:00
Ciprian Hacman 5aa9570c5c Update Canal to v3.24.3 for k8s 1.25+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman 29cd8be78f Update Calico to v3.24.3 for k8s 1.25+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman acd39b8085 Update Canal to v3.23.4 for k8s 1.22+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman 48ebb20d83 Update Calico to v3.23.4 for k8s 1.22+ 2022-10-28 07:30:19 +03:00
Ciprian Hacman f9acd69eb4 Update Calico to v3.21.6 for k8s 1.16+ 2022-10-28 07:30:06 +03:00
Jim Barber 1253d15103 Fix Prometheus scraping for pod-identity-webhook 
The Service annotation for the pod-identity-webhook is asking Prometheus
to scrape its metrics from `https://` but this results in a HTTP 404 Not
Found response.
The pod-identity-webhook pods expose their metrics via HTTP on TCP port
9999 (the same port where the healthz checks go).
Therefore update the annotations to use `http://:9999` instead.
 2022-10-28 11:25:14 +08:00
Paco Xu d632e39eae Stop applying the beta.kubernetes.io/os 2022-10-27 12:15:38 +08:00
John Gardiner Myers 87dbab9062 Remove dead code 2022-10-22 22:05:18 -07:00
Ole Markus With 96a7c96c29 Fix pdb for identity webhook 
Also removing namespace from non-namespaced resource
 2022-10-21 19:03:41 +02:00
Niklas Walter 858bdbacfd
Allow snapshot controller to create volumesnapshotcontent 
For using dynamic provisioning of volumesnapshot the snapshot-controller has to be able to create volumesnapshotcontent objects at the cluster level.
When deploying the snapshot-controller as a kops addon the controller is not able to create volumesnapshotcontent object because it lacks the create permission.
This PR adds the create permission for the content objects, which should be the default according to https://github.com/kubernetes-csi/external-snapshotter/blob/v6.0.1/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml
 2022-10-15 00:54:38 +02:00
Thomas Colomb e40239b241 fix typo kubeReserved not systemReserved and remove ec2:DescribeImages iam right not needed we use launch templates 2022-10-11 15:43:17 +02:00
Thomas Colomb a34939b5c0 karpenter: upgrade to version 0.16.3 and support kubeReserved configuration 2022-10-11 15:05:08 +02:00
Ole Markus With 18808486da Remove fsGroupPolicy as it is immutable 2022-10-05 18:23:10 +02:00
Ole Markus With 8e040a4082 Bump EBS CSI driver to 1.12.0 2022-10-05 08:56:48 +02:00
Kubernetes Prow Robot 4f34d8df11
Merge pull request #14379 from noony/cluster-autoscaler-config 
cluster-autoscaler : Add scaleDownUnneededTime and scaleDownUnreadyTime
 2022-10-04 12:39:54 -07:00
Thomas Colomb e5ddd5b0c3 cluster-autoscaler : Add scaleDownUnneededTime and scaleDownUnreadyTime 2022-10-04 18:57:21 +02:00
Thomas Colomb 4800f29d19 Karpenter : fallback on ondemand instance by default 2022-10-04 11:10:13 +02:00
Ciprian Hacman 26011ad579 hetzner: Fix metrics-server config to use internal IP 2022-09-28 08:40:00 +03:00
Ciprian Hacman 3ed1fd2d0b
Revert "Set metrics-server `--kubelet-preferred-address-types` by k8s version" 2022-09-28 07:39:00 +03:00
Ciprian Hacman d98b41ee4c Set metrics-server `--kubelet-preferred-address-types` by k8s version 2022-09-26 15:22:01 +03:00
Ciprian Hacman 1eb35d9686
Release 1.26.0-alpha.1 (#14311) 2022-09-21 01:28:54 -07:00
Ciprian Hacman d8b92aafae hetzner: Generate CCM args from external CCM config 2022-09-21 08:17:32 +03:00
Ciprian Hacman a32a3dc8bb Update Hetzner CCM to v1.13.0 2022-09-19 09:19:59 +03:00
Ciprian Hacman c783aa357d Add support for using an existing network for Hetzner 2022-09-18 12:35:23 +03:00
Moshe Shitrit 03bc54e0d6 remove 'get' from aws-cni clusterRole to reflect https://github.com/aws/amazon-vpc-cni-k8s/pull/2058 2022-09-13 08:13:35 -04:00