kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,931 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

11931 Commits

Author SHA1 Message Date
Ole Markus With 31ee079c7b Improve kops get instances when api is unavailable 
When the api is unavailable, kops will say all the nodes have not yet
joined the cluster. That is not the case simply because e.g the admin
credentials have been expired. This PR makes it a bit more clear that we
cannot know the node name when the API is unavailable.
 2020-09-19 08:43:53 +02:00
Kubernetes Prow Robot 88748fe7b7
Merge pull request #9934 from justinsb/backfill 
Document process to get older releases into artifacts.k8s.io
 2020-09-14 09:16:59 -07:00
Justin SB 5797f372a9 Document process to get older releases into artifacts.k8s.io 2020-09-14 11:27:25 -04:00
Kubernetes Prow Robot a93febf5a6
Merge pull request #9911 from hakman/fix-gossip 
Allow the BootstrapClient task to run after Protokube
 2020-09-13 21:10:57 -07:00
Kubernetes Prow Robot 7a81b3e10e
Merge pull request #9900 from olemarkus/kops-get-instances-nil-pointer 
Continue if asg instance is unknown
 2020-09-13 16:14:57 -07:00
Kubernetes Prow Robot 04b9f41daa
Merge pull request #9883 from hs0210/work 
Add unit test for pkg/apis/kops/model/features.go
 2020-09-13 15:24:57 -07:00
Kubernetes Prow Robot 58092b5666
Merge pull request #9925 from olemarkus/cas-fixes 
Add missing flags to cluster autoscaler template
 2020-09-13 00:58:57 -07:00
Kubernetes Prow Robot 3fa13d30bd
Merge pull request #9919 from justinsb/set_resources_on_ca_task 
Add missing setResources on CA task
 2020-09-12 18:58:57 -07:00
Justin SB 2a44cb7f16 Update script and testdata CA keypair 
If we generate with the wrong type (usages), the keypair will be
regenerated.
 2020-09-12 16:21:15 -04:00
Ole Markus With 2b5950c24c Add missing flags to template 2020-09-12 08:24:29 +02:00
Ciprian Hacman 07ffd665a7 Allow container runtime to run before BootstrapKubeconfig 2020-09-12 08:13:40 +03:00
Ciprian Hacman fe3adb1fe3 Force BootstrapClient to run after Protokube 2020-09-12 08:06:21 +03:00
Kubernetes Prow Robot 69f22a4b52
Merge pull request #9918 from olemarkus/validate-labels 
Validate labels
 2020-09-11 09:04:15 -07:00
Justin SB 08ce1dacaf Add missing setResources on CA task 
Otherwise it doesn't work the first time round, in the JWKS scenario.
 2020-09-11 09:17:55 -04:00
Kubernetes Prow Robot bafdacd85d
Merge pull request #9917 from astrikos/astrikos/RemoveForceTCPFromDot 
Remove force_tcp flag for nodelocalcache dot zone
 2020-09-11 03:12:14 -07:00
Kubernetes Prow Robot ccd810dad9
Merge pull request #9907 from olemarkus/openstack-no-volume-type 
Remove constraint of setting volume type for OS
 2020-09-11 01:14:14 -07:00
Ole Markus With 9f5ba43445 Validate labels 2020-09-11 09:59:24 +02:00
Andreas Strikos 93c44d867a Remove force_tcp flag for nodelocalcache dot zone 
Forcing all DNS communication go through TCP can lead to increased
latency and slower DNS responses since a lot of upstream DNS
servers are not optimized for TCP traffic.
An example is AWS's VPC DNS server that sending all the DNS traffic
through TCP cause it to increase the latencies for this requests.
The kubernetes version has already changed this configmap to skip
force_tcp flag for the . zone, so it makes sense to follow their
example.
Reference https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml#L100
 2020-09-11 09:58:27 +02:00
Kubernetes Prow Robot 041f774642
Merge pull request #9909 from johngmyers/template-filter 
Get launch template versions after filtering templates
 2020-09-10 21:16:14 -07:00
Ciprian Hacman c1e0991153 Skip the iamPolicy.DNSZone task when using gossip 2020-09-10 22:55:36 +03:00
Kubernetes Prow Robot 0a428bebf8
Merge pull request #9867 from devops-israel/v1.18.0-fix-external-policies 
Only apply external policies when these are defined
 2020-09-10 10:23:45 -07:00
Evgeny Zislis 608a561f8c
only apply external policy tasks on non-shared iam 2020-09-10 12:58:54 +03:00
Kubernetes Prow Robot a5fc8895dc
Merge pull request #9857 from hakman/detect-aws-region 
Detect AWS region for S3 inside containers
 2020-09-09 23:17:44 -07:00
John Gardiner Myers 8adb8e9868 Get launch template versions after filtering templates 2020-09-09 23:04:54 -07:00
Kubernetes Prow Robot 036ea69525
Merge pull request #9352 from justinsb/irsa_with_public 
Simplified form of IAM Roles for ServiceAccounts
 2020-09-09 22:23:44 -07:00
Ole Markus With f6abac3ec2 Continue if asg instance is unknown 
Most likely this comes from ASG thinking the instance is inService, but it is terminating when we run describe from EC2
 2020-09-10 07:09:05 +02:00
Kubernetes Prow Robot 4508406515
Merge pull request #9908 from rdrgmnzs/CacheNodeidentityInfo 
Allow caching of Nodeidentity Info in kops-controller for AWS.
 2020-09-09 13:01:44 -07:00
Rodrigo Menezes 4c057f138a Allow caching of Nodeidentity Info in kops-controller for AWS to reduce the number of DescribeInstances API calls. 2020-09-09 22:11:29 +03:00
Ole Markus With ecfdf5715b Remove constraint of setting volume type for OS 
There is no real reason to do this. In some cases this may even prevent
clusters from starting where there is no explicit volume type defined in
cinder.
 2020-09-09 20:53:17 +02:00
Kubernetes Prow Robot c7bbe9c472
Merge pull request #9904 from justinsb/relnotes_1_18_1 
Release notes for 1.18.1
 2020-09-09 11:15:07 -07:00
Kubernetes Prow Robot 5e871a7d5e
Merge pull request #9902 from justinsb/relnotes_1_17_2 
Release notes for 1.17.2
 2020-09-09 10:09:08 -07:00
Justin SB 5c423e9dfa Release notes for 1.18.1 2020-09-09 12:58:08 -04:00
Kubernetes Prow Robot 8a07275bbf
Merge pull request #9901 from commixon/nodelocalcache-configure-resources 
Nodelocalcache configure resources
 2020-09-09 09:19:08 -07:00
Justin SB ed83ae382d Release notes for 1.17.2 2020-09-09 11:56:24 -04:00
Chris Loukas 65610dbcee Update NodeLocalDNSConfig with Mem/CPU requests 
Add NodeLocalDNS.CPURequest and NodeLocalDNS.MemoryRequest to
configure resource requests.

If not explicitly set, fall back to 25m and 5Mi
 2020-09-09 18:40:14 +03:00
Kubernetes Prow Robot 900e3c1b46
Merge pull request #9894 from hakman/calico-3.16.1 
Update Calico to v3.16.1
 2020-09-09 08:03:52 -07:00
Justin SB 6fa8be2716 JSON formatting of IAM: Workaround for optional fields 
AWS IAM is very strict and doesn't support `Resource: []` for example.
We implement a custom MarshalJSON method to work around that.
 2020-09-09 09:57:07 -04:00
Justin Santa Barbara d8895c57ec Add version logic to UseServiceAccountIAM 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:07 -04:00
Justin SB a61ecf4c58 Refactor to use interface for iam Subjects 
Hat-tip to johngmyers for the idea!
 2020-09-09 09:57:07 -04:00
Justin SB f05980f6ba IAM Policy: rely on stub resolution/unification 
This avoids the hacky search through the list of tasks.
 2020-09-09 09:57:06 -04:00
Justin SB ccc814dfbc Create tests for JWKS scenarios 2020-09-09 09:57:06 -04:00
Justin SB 8498ac9dbb Create PublicJWKS feature flag 
This should be much easier to start and to get under testing; it only
works with a load balancer, it sets the apiserver into anonymous-auth
allowed, it grants the anonymous auth user permission to read our jwks
tokens.  But it shouldn't need a second bucket or anything of that
nature.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:06 -04:00
Kubernetes Prow Robot c9f4f3df99
Merge pull request #9892 from olemarkus/cas-docs 
Deprecate old cluster autoscaler addon
 2020-09-09 04:39:52 -07:00
Kubernetes Prow Robot 4604fa53b3
Merge pull request #9899 from olemarkus/remove-insecure-bind-address 
Don't explicitly set insecure-bind-address on newer k8s
 2020-09-09 03:25:53 -07:00
Ole Markus With 6cfd50a07a Deprecate the old cas addon 2020-09-09 12:13:32 +02:00
Ole Markus With 886b4c97cb Don't explicitly set insecure-bind-address on newer k8s 2020-09-09 11:41:51 +02:00
Kubernetes Prow Robot ddde1b8d35
Merge pull request #9897 from johngmyers/spot-direct 
Add missing spot support to launch template direct render
 2020-09-09 00:59:52 -07:00
John Gardiner Myers 0cb9eed851 Add missing spot support to launch template direct render 2020-09-08 23:20:29 -07:00
Ciprian Hacman 0357d33ff6 Update Calico to v3.16.1 2020-09-09 06:37:27 +03:00
Kubernetes Prow Robot 68b2302b48
Merge pull request #9885 from olemarkus/encryptionconfig-warn 
Errors when encryptionConfig is enabled, but no encryptionconfig secret
 2020-09-08 11:09:45 -07:00