kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,561 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

12561 Commits

Author SHA1 Message Date
Kubernetes Prow Robot b91a40c52a
Merge pull request #10199 from hakman/fix-nlb-reconciliation 
Fix AWS NLB reconciliation
 2020-11-08 10:43:37 -08:00
Ciprian Hacman 32658075d3 Fix disabling spot instances when using launch templates 2020-11-08 19:11:45 +02:00
Ciprian Hacman 9e1e90dac9 Fix mismatch between expected launch template Name and ID 2020-11-08 19:08:00 +02:00
Kubernetes Prow Robot 8c9cbcaae0
Merge pull request #10192 from olemarkus/updates-helm 
Upgrade helm to 2.17 and use the helm.sh reference
 2020-11-08 06:43:37 -08:00
Ciprian Hacman 6c6a9daaf3 Fix AWS NLB reconciliation 2020-11-08 13:14:56 +02:00
Kubernetes Prow Robot f12c7ff510
Merge pull request #10191 from olemarkus/updates-sprig 
Upgrade sprig to v3
 2020-11-07 23:05:37 -08:00
Kubernetes Prow Robot af5cd1a5fc
Merge pull request #10187 from hakman/fix-spot-instances 
Fix auto scaling group changes when using spot instances
 2020-11-07 21:49:38 -08:00
Ciprian Hacman 4070f09bef Fix auto scaling group changes when using spot instances 2020-11-08 05:54:46 +02:00
MoShitrit 7450276868 Update ubuntu ami to latest version 2020-11-07 21:51:52 -05:00
Kubernetes Prow Robot 43995fa6dd
Merge pull request #10189 from bmelbourne/upgrade-hcl-v2-module 
Upgrade Hashicorp HCLv2 Go module v2.7.0
 2020-11-07 14:35:37 -08:00
Ole Markus With f67af5223a Upgrade docker client 2020-11-07 22:45:14 +01:00
Ole Markus With d24d9e05ba Upgrade helm to 2.17 and use the helm.sh reference 2020-11-07 21:09:08 +01:00
Ole Markus With 3721bbb76b Upgrade sprig to v3 2020-11-07 20:41:02 +01:00
liranp fce6a22755
feat(spot/ocean): configure resource limits 2020-11-07 20:32:51 +02:00
Barry Melbourne 6d170bd89f Upgrade Hashicorp HCLv2 Go module v2.7.0 2020-11-07 18:06:06 +00:00
Kubernetes Prow Robot 6a57543f6e
Merge pull request #10179 from olemarkus/sgr-consistent-naming 
Consistent naming of security group rules
 2020-11-07 02:07:37 -08:00
Ole Markus With fab694d290 Add ability to consistently name sgrs 
In order to let kops fully control the rules for each security group we need to be able to generate names from the info in AWS. This is similar to the approach we used for openstack

Update pkg/model/firewall.go

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2020-11-07 10:27:19 +01:00
Kubernetes Prow Robot 6d075f02aa
Merge pull request #10186 from havulv/determistic-ordering-openstack-cidrs 
Compare KubernetesAPIAccess to OpenStack allowedCIDRs deterministically
 2020-11-07 00:13:37 -08:00
Jack Andersen 281e6140d9 Compare KubernetesAPIAccess to OpenStack allowedCIDRs deterministically 2020-11-07 00:29:24 -05:00
Kubernetes Prow Robot 1200083400
Merge pull request #10181 from rifelpet/bearer-cleanup 
Remove unused bearer token field from kubeconfig builder
 2020-11-06 12:04:30 -08:00
Peter Rifel 54decbc479
Always use TCP health check protocol for target groups 2020-11-06 11:09:38 -06:00
Peter Rifel 370092cb5a
Update TG ports rather than protocols when adding/removing ACM certs from listeners 
This also renames the TGs to be more descriptive, with tcp and tls prefixes.
 2020-11-06 11:09:38 -06:00
Peter Rifel 3417ef366c
Handle target groups that dont yet exist when reconciling 2020-11-06 11:09:38 -06:00
Peter Rifel 15ba84df16
Find target group names for existing NLB listeners 2020-11-06 11:09:37 -06:00
Peter Rifel 30f3d14979
Use the secondary ELB port when exporting kubecfg w/ --admin and sslCertificate 2020-11-06 11:09:37 -06:00
Peter Rifel 316c1eec8a
Update complex integration test for ACM cert and second listener 2020-11-06 11:09:37 -06:00
Peter Rifel 9242c34a38
Setup a second NLB listener on 8443 when sslCertificate is set 2020-11-06 11:09:37 -06:00
Peter Rifel 6357cc45c8
Fix cloudformation NLB listener certificate rendering 2020-11-06 11:09:36 -06:00
Peter Rifel 6c5b2fc58f
Add support for multiple NLB listeners and target groups 2020-11-06 11:09:36 -06:00
Peter Rifel aebe742291
Remove unused bearer token field from kubeconfig builder 
```
$ grep -r KubeBearerToken . | wc -l
0
```
 2020-11-06 08:07:55 -06:00
Kubernetes Prow Robot d13ae5ab36
Merge pull request #10178 from zetaab/portinuse 
OpenStack Reset deviceID status if needed
 2020-11-06 01:50:50 -08:00
Jesse Haka bd2dcc93ca fix test 2020-11-06 11:17:23 +02:00
Jesse Haka e3bbe25bc9 Reset deviceID status if needed 2020-11-06 11:07:30 +02:00
Ole Markus With 3c76610688 Remove the commented code. We can always retrieve it later 2020-11-06 09:53:10 +01:00
Kubernetes Prow Robot 7b26ec4b6d
Merge pull request #10065 from bharath-123/feature/instancegroup-specific-validation 
Avoid waiting on validation during rolling update for inapplicable instance groups
 2020-11-05 22:38:50 -08:00
Marcos Soutullo Rodriguez 9d6479fbba
Mount the whole /etc/ssl/certs directory for k8s-ec2-srcdst (#10169) 
* Fix: Mount the whole `/etc/ssl/certs` directory for k8s-ec2-srcdst deployment.

Signed-off-by: Marcos Soutullo Rodriguez <marcos.soutullo@vodafone.com>

* Fix: Retrospective change to mount all CA certificates in <k8s-1.16

* Apply suggestions from code review

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2020-11-04 22:12:53 -08:00
Kubernetes Prow Robot 8043a5e799
Merge pull request #10164 from hakman/fix-cf-tf 
Fix output for CF and TF
 2020-11-04 19:32:53 -08:00
Ciprian Hacman a3a0b91b5f Order policy document sections alphabetically 2020-11-04 16:15:00 +02:00
Ciprian Hacman 7ef07be471 Ignore tags added by CF 2020-11-04 16:15:00 +02:00
Ciprian Hacman b5e4b7ad48 Add missing instance monitoring for CF and TF 2020-11-04 16:15:00 +02:00
Ciprian Hacman 51e70083f8 Add missing resource names for CF 2020-11-04 16:15:00 +02:00
Kubernetes Prow Robot 3cc074d181
Merge pull request #10160 from Hellcatlk/master 
Some typos
 2020-11-03 18:52:04 -08:00
Kubernetes Prow Robot 578920e921
Merge pull request #10162 from rifelpet/nlb-sg 
Fix additionalSecurityGroups support for NLB
 2020-11-03 08:02:16 -08:00
Kubernetes Prow Robot 235133d0f5
Merge pull request #10161 from rifelpet/nlb-cidr 
Move NLB's VPC CIDR security group rule logic into model
 2020-11-03 06:50:16 -08:00
Peter Rifel 860249f6b7
Fix additionalSecurityGroups support for NLB 
We were correctly adding the security groups to the master ASGs but identified them incorrectly.
 2020-11-03 08:22:24 -06:00
Peter Rifel f08284834e
Move NLB's VPC CIDR security group rule logic into model 
This way the security group rule task doesn't need to be aware of VPCs, since we know the VPC CIDR ahead of time via cluster spec.

This also fixes the terraform and cloudformation rendering of this rule (see the added cidr block in the integration test outputs)

These rules are for NLB's health checks. The AWS docs recommend allowing access from the entire VPC CIDRs
Also add rules for additionalNetworkCIDRs, supporting VPCs with multiple CIDR blocks.
 2020-11-03 08:13:32 -06:00
zouyu 2e6b50f9e4 Some typos 
Signed-off-by: zouyu <zouy.fnst@cn.fujitsu.com>
 2020-11-03 16:28:30 +08:00
Kubernetes Prow Robot be5c344dce
Merge pull request #10158 from rifelpet/nlb-name 
Fix NLB naming for terraform and cloudformation targets
 2020-11-02 19:58:15 -08:00
Peter Rifel 0cd3854605
Fix NLB naming for terraform and cloudformation targets 2020-11-02 19:38:01 -06:00
Peter Rifel 30f13eae80
Add ACM cert permalink 
The ACM bugfix will fail API validation with k8s >=1.19 + `sslCertificate` + `class: Classic`.
The error message will contain this permalink, so I'd like to get eyes on this early.
If/when we handle migration without downtime, we can update these instructions to match.
 2020-11-02 11:11:04 -06:00