kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,094 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

2051 Commits

Author SHA1 Message Date
Ciprian Hacman 411adb2d74 Update containerd to v1.6.3 2022-04-30 05:50:19 +03:00
Nat Henderson 9b08c4bb51 Enable internal load balancers when running on GCP 
* Add ILBs, broadly following the AWS model.  The following new
capabilities are added for clusters in GCP:
  * Cluster's spec.api.loadBalancer can be set to 'type: internal' on
    GCP.
    * Therefore, GCP can now create:
        * regional backend services
        * regional (non-legacy) healthchecks
        * firewall rules with "internal" load-balancing scheme
        * firewall rules with dot-notation-specified IP addresses
  * Cluster's spec.api.loadBalancer's 'subnets' field functions
    as in the AWS model.

A few incidental changes are included, either because this change
touched the relevant code or because my use case happened to trigger the
issues that are fixed here.

* Cluster's spec.networkID field can be prefixed by project to use
  GCP's common cross-project networking model.
    * The presumption is that all specified subnets belong to this
      network and therefore this project.

* Add missing operation wait on forwarding rule creation.

* Some Terraform output improvements:
    * Permit no-ACL files in GCS buckets in Terraform output.
    * Enable marginally better cross-resource reference in Terraform outputs
    * Add project to network + subnetwork literals in Terraform output.
    * Add terraform output to backend services and health checks.

Testing:
  * Add mocks for backend services and health checks.
  * Add minimal integration test - copied from gce_private and ilb added.
  * Add update cluster goldens.

Co-authored-by: Travis Reid <travis_reid@apple.com>
 2022-04-25 13:31:47 -07:00
Peter Rifel 0481aebc2d
Trim GCE Subnet and Disk names 2022-04-21 17:40:29 -05:00
Peter Rifel 0eca23e864
Pin AWS CCM image tag for k8s 1.25 
With the k8s 1.24 rc.0 published, our prow jobs that use k8s CI builds are now on k8s 1.25.
To avoid the panic occurring in the latest AWS CCM tag we have to pin 1.25 to the same tag as k8s 1.23 and 1.24
 2022-04-21 06:09:28 -05:00
Steven E. Harris de1ecd844d
Allow cluster autoscaler to get EC2 instance types 
When the cluster autoscaler builds its EC2 instance type catalog
dynamically instead of using only its statically defined set, grant it
the additional IAM permissions required to fetch the instance types
from the AWS API.
 2022-04-20 12:22:28 -04:00
Kubernetes Prow Robot 91bce6627e
Merge pull request #13513 from rifelpet/gcp-fw-rule-length 
Trim GCE firewall rule names to their max length
 2022-04-19 12:38:32 -07:00
Ciprian Hacman b8d8f7b34d Revert to using 1.23.0-alpha.0 for AWS CCM 2022-04-19 04:18:23 +03:00
Peter Rifel 0e59715e15
Trim GCE firewall rule names to their max length 2022-04-18 18:40:39 -05:00
Ole Markus With ba544eacce Add control-plane taint as kubetest2 non-blocking taint and fix OS tests 2022-04-18 13:56:13 +02:00
Ole Markus With 2d86420e77 Use Cluster Autoscaler 1.23 for k8s 1.24 
We made this explicitly fail before because there is a risk of us forgetting to bump. I think, however, history has shown this risk is not very real
 2022-04-18 12:39:20 +02:00
Kubernetes Prow Robot 1365bbb1d5
Merge pull request #13506 from olemarkus/ccm-stable 
Bump CCM 1.22 and 1.23 images to stable versions
 2022-04-18 00:04:41 -07:00
Ole Markus With 01d94fa392 Bump CCM 1.22 and 1.23 images to stable versions 2022-04-18 08:17:58 +02:00
Kubernetes Prow Robot 6d264080ed
Merge pull request #13484 from olemarkus/no-bazel-targets 
Remove bazel targets and tools
 2022-04-17 23:16:41 -07:00
justinsb 3027943dd2 Use etcd 3.5.3 instead of 3.5.1 
3.5.3 includes the fixes for the potential etcd 3.5.x corruption
issues.
 2022-04-17 17:04:46 -04:00
Ciprian Hacman 0643271a97 Revert "Enable etcd corruption check as mitigatio of 3.5 corruption issue" 
This reverts commit 6d75f8f9f0.
 2022-04-17 18:34:49 +03:00
justinsb 74397b2a4f Update to etcd-manager 3.0.20220417 
In particular we want to pick up changes addressing the potential
corruption found in 3.5.0 - 3.5.2:

* Use etcd 3.5.3
* Pass the ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK for all 3.5 series
 2022-04-17 10:29:01 -04:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
Kubernetes Prow Robot 8120147889
Merge pull request #13326 from johngmyers/move-openstack 
Move Openstack settings to cloudProvider.openstack
 2022-04-10 00:10:05 -07:00
DingGGu 1b9cf91684
Bump NTH to 1.16.1, use WithDefaultBool in gotemplate, set ExcludeLoadBalancers default true 2022-04-09 17:04:23 +09:00
DingGGu c1042f4a3b
Bump NTH 1.16 and add excludeFromLoadBalancers option 2022-04-09 17:04:16 +09:00
John Gardiner Myers 6a621fcde5 Cleanup OpenStackOptionsBuilder 2022-04-07 14:52:25 -07:00
John Gardiner Myers aff5f587f3 Move Openstack settings to cloudProvider.openstack 2022-04-07 10:04:19 -07:00
Kubernetes Prow Robot 5cbb338528
Merge pull request #13065 from johngmyers/move-azure 
Move Azure settings to cloudProvider.azure
 2022-04-07 09:37:57 -07:00
Kubernetes Prow Robot 107fa6dcfb
Merge pull request #13454 from olemarkus/enable-etcd-corruption-check 
Enable etcd corruption check as mitigatio of 3.5 corruption issue
 2022-04-07 08:50:08 -07:00
Kubernetes Prow Robot f32503e413
Merge pull request #12919 from olemarkus/cilium-11-default 
Use Cilium 1.11 as default
 2022-04-06 04:18:56 -07:00
Ciprian Hacman 42289b7faa Update containerd to v1.6.2 2022-04-04 09:01:10 +03:00
Ole Markus With 6d75f8f9f0 Enable etcd corruption check as mitigatio of 3.5 corruption issue 2022-04-03 14:11:15 +02:00
Ole Markus With 3d77ab6139 Use Cilium 1.11 as default 2022-03-29 12:58:24 +02:00
Guillaume Perrin 1235b63a0d Only authorize additionalRoute for private subnets 
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 15:49:03 +02:00
Guillaume Perrin db27c00fa0 Apply suggestions from code review 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 14:57:21 +02:00
Guillaume Perrin e501ac62a4 Possibility to add additional routes in route tables of subnets 
Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>
 2022-03-28 14:57:21 +02:00
Ole Markus With 93e35adebc update bazel 2022-03-26 18:50:14 +01:00
Ole Markus With e657a1a0f2 Remap images to add digest to them 2022-03-26 18:40:21 +01:00
Anthony Hausman 2b589d5914
FIX: Set default version into `model/components/nodeterminationhandler.go` 2022-03-23 11:56:38 +01:00
Kubernetes Prow Robot 65694b20b8
Merge pull request #13234 from spotinst/feat-ocean-template 
Spotinst: Ocean as a template for VNGs
 2022-03-19 00:45:08 -07:00
Bronson Mirafuentes e112d81025
Release 1.24.0-alpha.3 (#13372) 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 21:09:12 -07:00
Ciprian Hacman 30404d64a2 Run hack/update-expected.sh 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 09:01:59 +02:00
Ciprian Hacman a4ed2b0654 Migrate to registry.k8s.io 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 08:47:12 +02:00
Kubernetes Prow Robot d751d0f056
Merge pull request #13364 from olemarkus/fix-long-role-names 
Fix long role names
 2022-03-17 23:43:16 -07:00
Kubernetes Prow Robot 6151a11e63
Merge pull request #13369 from olemarkus/lbc-permissions-2 
Add missing permissions to aws lbc for IP targeting
 2022-03-16 06:53:50 -07:00
Ole Markus With b080abcd88 Add missing permissions to aws lbc for IP targeting 2022-03-16 13:28:20 +01:00
Kubernetes Prow Robot 404e411103
Merge pull request #13330 from zetaab/feature/openstackgpu 
Support GPU in OpenStack
 2022-03-16 03:37:50 -07:00
Ole Markus With 3fcb84ed6b Truncate the standard role names 2022-03-15 21:31:04 +01:00
Kubernetes Prow Robot aff109f9fc
Merge pull request #13343 from olemarkus/securitycontext 
Add user to container securityContext and remove command
 2022-03-14 02:48:21 -07:00
Jesse Haka a800218840 fixes 2022-03-11 12:01:20 +02:00
Ole Markus With 8524c3d320 Bump CCM 1.22 image. Use the 1.23 image for 1.24 due to latest being broken 2022-03-11 08:12:52 +01:00
Ole Markus With d7cb3bb1f7 Add user to container securityContext and remove command 2022-03-07 15:09:51 +01:00
Kubernetes Prow Robot fabfb3f4ab
Merge pull request #13310 from zetaab/fixgce 
Fix GCE service account creation
 2022-03-04 11:02:52 -08:00
Ciprian Hacman 2ff86a6656 Update containerd to v1.6.1 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-04 07:51:46 +02:00
John Gardiner Myers 591dd1aba9 Move Azure settings to cloudProvider.azure 2022-03-03 15:18:23 -08:00