Automatic merge from submit-queue.
Fix node counts
When running `kops validate`, and the cluster size is greater than the minimum configuration, the display message is
<img width="153" alt="screen shot 2017-12-07 at 1 10 14 pm" src="https://user-images.githubusercontent.com/11003242/33738958-1571943e-db50-11e7-9156-f034c9af7d9c.png">
This PR sets the NodeCount value to the length of the nodes array instead of the configuration.
Automatic merge from submit-queue.
Allow additional SGs to be added to API loadbalancer
Allow adding precreated additional security groups to the API loadbalancer using cluster spec:
```yaml
spec:
api:
loadBalancer:
type: Public
additionalSecurityGroups:
- sg-exampleid3
- sg-exampleid4
```
- [x] Adding additionalSecurityGroups cluster spec
- [x] Adding validation for repeated security groups
- [x] Adding validation for API loadbalancer security groups
- [x] Integration test for API loadbalancer and its security groups
- [x] Update API docs and cluster.spec docs
Automatic merge from submit-queue.
Add additionalNetworkCIDRs to support VPCs with multiple CIDRs in AWS
Add additionalNetworkCIDRs to support VPCs with multiple CIDRs in AWS.
@justinsb I cannot find anywhere that does a check on an existing VPC to see if the networkCIDR matches what is on the VPC defined, I was looking for that so I can add a similar check for this. Am I missing something or is there really no check like that?
Automatic merge from submit-queue.
Let a user set a hostnameOverride when the cloud provider is aws.
Let a user use the hostname or set a hostnameOverride when the cloud provider is aws. This would allow for a more descriptive name to be used. The name of the hosts when using @hostname can be set by using a hook or some other method.
Automatic merge from submit-queue.
Fix spurious shared InternetGateway renaming
This fixes the original issue described in #476 where `kops update cluster` would continuously report renaming a shared IGW even though it never actually renames it. I also added tests to confirm the behavior change.
I removed the bug mention from the docs although if you would prefer to keep it and instead say `In kops versions before X, ...` I can do that too
Automatic merge from submit-queue.
When using private DNS add ELB name to the api certificate
This fixes issue #2032 by using the gossip paths with private dns as well:
* When creating the api server certificate, include the ELB hostname
* When generating kubeconfig, use the ELB hostname as the api server name
Automatic merge from submit-queue.
Add missing permissions for NLB creation
Without this permissions is not possible to create a network load balancer (alpha in k8s >= 1.9)
Automatic merge from submit-queue.
DNS Controller Optional
The current implementation enforces a dns-controller is running; given the user can switch the make the kube-apiserver server Internal and then reuse the dns for the masterInternalName; this effectlively removes the need to run the service (assuming your not using it for pods, node and service dns)
- adding a disableDnsController to the ExternalDNS spec provides a toggle on the addon (name is definitely up for debate)
- the default behaviour remains, the dns-controller is always pushed as an addon
Automatic merge from submit-queue.
Respect the shared tag when deleting route tables
Fixes#3828.
Modifies the `buildTrackerForRouteTable` function (used by `ListRouteTables`) to set the `Shared` field of each returned route table resource, based on the presence of the `kubernetes.io/cluster/<clustername>: shared` tag. This prevents route tables with this tag from being deleted.
WIP while I add some more tests.
Kubernetes Submit Queue
