kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,334 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1227 Commits

Author SHA1 Message Date
Justin Santa Barbara db5e435c55 Merge pull request #2233 from justinsb/authorization_flag 
Add authorization flag to kops create
 2017-03-29 19:31:52 -04:00
Justin Santa Barbara 4fcb6e31da API machinery for AlwaysAllow 2017-03-29 13:54:44 -04:00
Justin Santa Barbara c9f412f0c8 Add authorization flag 
Also add AlwaysAllow to the schema
 2017-03-29 13:53:06 -04:00
Chris Love f63c52c425 Merge pull request #2225 from justinsb/use_kcm_serviceaccounts 
Set --use-service-account-credentials for 1.6
 2017-03-29 10:50:42 -06:00
Justin Santa Barbara 19db8b37a0 Set --use-service-account-credentials for 1.6 2017-03-29 11:42:24 -04:00
Justin Santa Barbara 8b965a0ad9 Disable insecure port for apiserver 
All components need a kubeconfig
 2017-03-28 21:26:17 -04:00
Justin Santa Barbara eecf22d593 Merge pull request #2206 from justinsb/kubeproxy_to_code 
Move kubeproxy configuration to code
 2017-03-28 19:51:02 -04:00
Justin Santa Barbara 533efb7c51 Add Authorization / RBAC option to schema 2017-03-28 15:28:54 -04:00
Justin Santa Barbara e2a06a389a Move kubeproxy configuration to code 
Also map kube-proxy ClusterCIDR arg.
 2017-03-28 10:03:17 -04:00
Justin Santa Barbara a7a0b38123 Merge pull request #2205 from justinsb/fix_omitempty_tag 
Fix omitEmpty tag: only omitempty is valid
 2017-03-28 09:49:22 -04:00
Kris Nova 5fdee1ad1f Merge pull request #2204 from kris-nova/uas 
API Server - rebased on 1.6 vendor changes, and compiling main.go
 2017-03-28 15:48:36 +02:00
Justin Santa Barbara 984191ef94 Fix omitEmpty tag: only omitempty is valid 
Although actually omitEmpty appears to be recognized, although it is not
"traditional".
 2017-03-28 02:16:53 -04:00
Justin Santa Barbara fea4df5868 Merge pull request #2202 from justinsb/post_2095 
More log options for k8s 1.6
 2017-03-28 01:25:20 -04:00
Justin Santa Barbara cb8ea7e043 Use repeated flags for log-opt to docker 
Also add tests for the expected format
 2017-03-28 00:53:31 -04:00
Justin Santa Barbara 1e9c2cb2d8 Multiple log-opt, log-driver options for docker 
Also only change for 1.6
 2017-03-28 00:53:26 -04:00
Justin Santa Barbara e6fb0a3d67 Move kube-scheduler to code & RBAC 2017-03-28 00:26:59 -04:00
Justin Santa Barbara b541a3fe68 ObjectMeta now _cannot_ be a named field 
Previously we had to make it a named field to work around an
apimachinery bug, but apiserver can't cope if it is a named field.
 2017-03-28 06:10:22 +02:00
Justin Santa Barbara 4fdded6e4b Fixes for updated apiserver/apimachinery 2017-03-28 06:10:21 +02:00
Justin Santa Barbara 8b4ce49e9b Initial work on UAS 2017-03-28 06:10:21 +02:00
Justin Santa Barbara 4006741a5d Update for new taints / labels names 2017-03-27 23:13:39 -04:00
Justin Santa Barbara 86d544c2f3 Update protokube to make tainting optional 
As of 1.6, kubelet can apply the taints, so we don't need to do it in
protokube.
 2017-03-27 23:08:15 -04:00
Justin Santa Barbara 1a74d9d759 Merge pull request #2095 from faraazkhan/master 
Use built in log rotation capabilities of the docker daemon
 2017-03-27 21:49:41 -04:00
Justin Santa Barbara 9f3d7c3636 Fix merge problems from tenancy 
I tried a manual conflict resolve in github; it went _ok_
 2017-03-27 21:33:11 -04:00
Justin Santa Barbara 7e8ed66620 Merge branch 'master' into tenancy 2017-03-27 21:31:16 -04:00
Justin Santa Barbara bdf0d04b0a Merge pull request #2104 from justinsb/container_optimized_os 
Initial Container-Optimized OS support
 2017-03-27 10:21:39 -04:00
Robin Percy 5f4d0851e5 Regenerated apimachinery conversions 2017-03-25 18:38:33 -07:00
Robin Percy 3b814e109d Fixing up InstanceGroup versions 
- Kubelet API hadn't yet been added to all versions, which was causing
  it to be deleted from apimachinery-generated conversions.
 2017-03-25 18:36:24 -07:00
Robin Percy 4b030fed69 Added taints property to IG Spec. 
- new property is only used when KubernetesVersion is 1.6 or greater
- taints are passed to kubelet via --register-with-taints flag
- Set a default NoSchedule taint on masters
- Set --register-schedule=true when --register-with-taints is used
- Changed the log message in taints.go to be less alarming if taints are
  found - since they are expected on 1.6.0+ clusters
- Added Taints section to the InstanceGroup docs
- Only default taints are allowed in the spec pre-1.6
- Custom taint validation happens as soon as IG specs are edited.
 2017-03-25 18:36:00 -07:00
Leon Waldman 133153b9a2 Add AWS CloudConfig DisableSecurityGroupIngress Configuration Parameter 2017-03-22 21:49:38 -03:00
Daniel Cohen 6ed85e0ef7 Merge branch 'master' into tenancy 2017-03-22 14:47:15 -04:00
Justin Santa Barbara 8712a72e0b Merge pull request #1931 from mzsanford/instance_group_kubelet_options 
Allow InstanceGroups to override Kubelet config
 2017-03-22 10:32:58 -04:00
Daniel Cohen aa1205036d Specify instance tenancy on AWS 
Allow tenancy to default to empty

Don't allow dedicated clusters to launch unsupported instances
 2017-03-21 14:13:17 -04:00
Justin Santa Barbara b9204e9911 Initial Container-Optimized OS support 
Add initial support for google's container-optimized OS (available on
GCE).
 2017-03-20 23:47:37 -04:00
Chris Love 0a45503134 Merge pull request #2128 from justinsb/vendor16 
Update dependencies for k8s 1.6
 2017-03-16 14:33:46 -06:00
Faraaz Khan 256640d3d4 enable log rotation using built in docker option 2017-03-16 13:09:48 -05:00
Justin Santa Barbara 59d097b6be Merge pull request #2111 from dacohen/master 
Remove requirement to define SSH and K8S API Access CIDRs
 2017-03-16 11:07:32 -04:00
Justin Santa Barbara cb4641fea3 Code updates 2017-03-16 02:40:50 -04:00
Daniel Cohen 8945f16ead Remove requirement to define SSH and K8S API Access CIDRs 2017-03-14 09:50:22 -04:00
Seth Pollack 438483354e
add webhook authenticator flags 2017-03-09 19:47:49 -05:00
Justin Santa Barbara cdc8b034d1 Fix 1.6.0 validation 
We were requiring API servers, but the apiserver flag is removed from
1.6.
 2017-03-01 12:58:54 -05:00
Justin Santa Barbara 3d14d07616 Support cloud-config on GCE 2017-02-28 20:08:03 -05:00
Michael Taufen c24a017ed5 use --kubeconfig on kubelet instead of --api-servers in post 1.6 clusters 2017-02-27 15:49:11 -08:00
yissachar 8219e52c79 Merge pull request #1957 from justinsb/fix_1956 
Cleanup nil handling in kubelet options
 2017-02-24 00:26:33 -05:00
Robin Percy f9b3c5e584 Now applying the tags to IGs at render time. 
- Previous method would have caused issues with the way tags are used
  for filtering resources.
- Updated docs and comments to only refer to instance groups, rather
  than all AWS resources
 2017-02-23 06:10:15 -08:00
Robin Percy 7a1792e7cb go fmt fixes and apimachinery run 2017-02-22 09:51:18 -08:00
Robin Percy 6fa4acd49e Exposed cloud labels as a CLI option 
- --cloud-labels will be applied to every kops-created resource
- Also ran apimachinery to regenerated the conversions for the new
  Cluster.ClusterLabels property.
 2017-02-22 06:24:35 -08:00
Justin Santa Barbara 3ad94fc964 Merge pull request #1879 from sethpollack/fix_1872 
Add audit flags to kube-apiserver
 2017-02-21 00:50:30 -05:00
Justin Santa Barbara c70988f39d Move TerminatedPodGCThreshold to kcm 
This is technically a breaking change, but given anyone that set it
would not have a working cluster I think we are OK to break compat.
 2017-02-21 00:45:00 -05:00
Justin Santa Barbara ad12930f4f Tolerate missing ServiceClusterIPRange if not strict validation 
We probably ought to get rid of non-strict validation, and just always
validate strictly after everything has been defaulted.

Issue #1956
 2017-02-21 00:45:00 -05:00
Justin Santa Barbara fab539f978 Cleanup nil handling in kubelet options 2017-02-21 00:44:55 -05:00
jg Chen d489244652 fix misspell "unhealthy" in componentconfig.go 2017-02-20 14:05:09 +08:00
Seth Pollack 38b97e505c
change variable names 2017-02-17 14:55:35 -05:00
Seth Pollack f61d6c8010
change maxage, maxbackup, and maxsize to int32 2017-02-17 14:16:55 -05:00
Seth Pollack 89899b1a79
Add audit flags to kube-apiserver 2017-02-17 14:16:55 -05:00
Justin Santa Barbara 45cfd8a455 Merge pull request #1886 from zacblazic/optional-apiserver-elb-timeout 
Add support for adjusting ELB idle timeout for apiserver
 2017-02-17 11:25:20 -05:00
Matt Sanford b79dbd65d4 Allow InstanceGroups to override Kubelet config 2017-02-16 10:57:14 -08:00
fate-grand-order c0932d214b fix misspell "unhealthy" in componentconfig.go 2017-02-15 10:18:34 +08:00
Zac Blazic ce643d0df5
Add apimachinery generated code 2017-02-14 21:52:28 +02:00
Zac Blazic 74df54276b
Add api load balancer idle timeout field to cluster spec 2017-02-14 21:34:57 +02:00
Justin Santa Barbara 1c7818833a Merge pull request #1813 from aledbf/coreos 
Initial (experimental) CoreOS support
 2017-02-14 11:08:40 -05:00
chrislovecnm 0604dc107c fixing missed api file 2017-02-13 23:19:12 -07:00
Chris Love bceed6dfaf Merge pull request #1863 from mihok/cni-flannel 
Adding basic flannel support
 2017-02-13 22:32:10 -07:00
Chris Love 89a14c0641 Merge pull request #1797 from justinsb/conversion_v1alpha2 
Add v1alpha2 conversion functions
 2017-02-13 22:30:19 -07:00
Matthew Mihok bc235765d1 Adding basic flannel support 2017-02-11 16:26:18 -05:00
Justin Santa Barbara 313b08266d Add semver test that highlights the ordering problem 
Everyone (mostly me) falls into the trap:

1.6.0-alpha.1 < 1.6.0

Which means you can't use >= 1.6.0 as meaning "1.6 series"
 2017-02-11 14:36:19 -05:00
Manuel de Brito Fontes 6715bd53db Address comments 2017-02-11 13:57:30 -03:00
Justin Santa Barbara 1bacf8271e Initial (experimental) CoreOS support 
* Detect CoreOS
* Move key manifests to code, to tolerate read-only mounts
* Misc refactorings so more code can be shared
* Change lots of ints to int32s in the models
* Run nodeup as a oneshot systemd service, rather than relying on
cloud-init behaviour which varies across distros
 2017-02-11 13:57:30 -03:00
Stephen Schlie 991fc5bc7c Integrating Canal (Flannel + Calico) for CNI (#1459) 
* Integrating Canal (Flannel + Calico) for CNI

Initial steps to integrate Canal as a CNI provider for kops

Removed CNI in help as per chrislovecnm

* Integration tests, getting closer to working

- Added some integration tests for Canal
- Finding more places Canal needed to be added
- Sneaking in update to Calico Policy Controller

* Add updated conversion file

* turned back on canal integration tests

* fixed some rebase issues

* Fixed tests and flannel version

* Fixed canal yaml, and some rebasing errors

- Added some env vars to the install-cni container to get the proper
  node name handed off

* Added resource limits

- set resource limits on containers for Canal
- Ran through basic calico tutorials to verify functionality

* Updating Calico parts to Calico 2.0.2
 2017-02-11 11:03:23 -05:00
Manuel de Brito Fontes 6168606712 Map kubelet flag volume-plugin-dir 2017-02-10 11:20:15 -03:00
Eric Hole 768508f00f Add a warning that egress is not appropriate for public subnets 2017-02-07 15:33:16 -05:00
Justin Santa Barbara 5a4ddb2f8d create cluster: take correct k8s version 
We were not overriding the cluster version, even when a kubernetes
version could be determined from the direct specifications.
 2017-02-07 01:18:13 -05:00
Justin Santa Barbara dd4b9b08c6 Add v1alpha2 conversion functions 2017-02-06 20:31:53 -05:00
Justin Santa Barbara a909f38b9c Merge pull request #1790 from justinsb/k8s_version_per_kops_version 
Recommend a k8s version based on each kops version
 2017-02-06 20:13:57 -05:00
Justin Santa Barbara c6d3675788 fix conversion for v1alpha1 adminAccess 
The empty slice was interpreted as "0.0.0.0/0"
 2017-02-06 01:30:06 -05:00
Justin Santa Barbara 2d37ab1ca5 Recommend a k8s version based on each kops version 
So the flow is that we recommend (or strongly recommend) a new kops
version when one is required for a new version, and then the new kops
version will recommend (or strongly recommend) a new k8s version.

We don't have a notion of multiple recommended k8s versions per kops
version - that is what channels are for.

Users are always free to disregard updates, even "required" ones by
setting a flag.
 2017-02-06 01:06:03 -05:00
Kamil Hristov a29b5f640a Edit EtcdClusterSpec: replace Config -> PodManifestPath 2017-02-02 23:33:20 +02:00
Justin Santa Barbara e875c27ab8 Workaround for time.Duration zero value 
Go 1.6 has the zero value of time.Duration render to a string as `0`,
but 1.7 and on renders as `0s`.

Force to `0s` for consistency across versions.
 2017-02-01 00:30:02 -05:00
Justin Santa Barbara 493a336f35 Add apimachinery codegen 2017-01-31 23:12:41 -05:00
Justin Santa Barbara 1172fb2b95 Add Eviction flags 
Otherwise we were not evicting based on low inodes

Also add the notion of a flag-default, so we can pass fewer spurious
flags, and gget closer to the component model
 2017-01-31 23:12:35 -05:00
Justin Santa Barbara 44d9a30f68 Map NvidiaGPUs / --experimental-nvidia-gpus 
Issue #518
 2017-01-31 10:40:23 -05:00
Justin Santa Barbara 37bfe29406 Merge pull request #1444 from tsupertramp/allow-adding-existing-security-groups 
Allow adding existing security groups
 2017-01-31 00:27:40 -05:00
Michael Taufen bc615ae923 Config is deprecated, use PodManifestPath 2017-01-30 16:01:43 -08:00
Thomas Peitz 640d28dce4 Rename json:additionalSecurityGroupIDs to additionalSecurityGroups 2017-01-30 18:58:49 +01:00
Thomas Peitz d09a13ce4b Add generated conversion 2017-01-30 18:58:48 +01:00
Thomas Peitz 96f71b8fab Allow additional NodeSecurityGroupIDs, MasterSecurityGroupIDs 2017-01-30 18:58:48 +01:00
Justin Santa Barbara 7e232f14d8 Allow specification of multiple CIDRs to create cluster 
Fix #1641
 2017-01-28 15:58:50 -05:00
Justin Santa Barbara 379e0ca098 Channel manifest should be version aware 
* We can target AMIs to kubernetes versions
* We can recommend / force a kops upgrade
* We can recommend / force a kubernetes upgrade
 2017-01-25 23:13:48 -05:00
Justin Santa Barbara c89f58d260 Better validate CIDRs - provide some hints on failure 
With this:

`kops create cluster ... --admin-access 12.34.56.78`

gives

spec.sshAccess[0]: Invalid value: "12.34.56.78": Could not be parsed as
a CIDR (did you mean "12.34.56.78/32")

Fix #1595
 2017-01-25 02:18:35 -05:00
Justin Santa Barbara 5afbc00b76 Add test for isSubnet 2017-01-25 00:25:22 -05:00
Justin Santa Barbara 9e015285f8 validation: Validate we specify ids for all subnets 
Move our validation to the apimachinery style.  And then add a
validation that we specify IDs either for all subnets or no subnets.
 2017-01-24 12:38:52 -05:00
Kris Nova 084758917b Merge pull request #1503 from justinsb/mixed_networking 
Turn off validation that master & nodes have same topology
 2017-01-21 11:37:39 -07:00
Kris Nova 97afdf9f97 Merge pull request #1357 from justinsb/authn_flags 
Add authz flags
 2017-01-21 11:36:46 -07:00
Kris Nova 1b50cab930 Merge pull request #1574 from justinsb/lots_of_flags 
Map a bunch of flags
 2017-01-21 10:50:20 -07:00
Justin Santa Barbara d885074723 Merge pull request #1560 from justinsb/kops_get_should_include_cluster_label 
Include `cluster` label in `kops get ig -oyaml`
 2017-01-21 09:50:58 -05:00
Justin Santa Barbara 01cd64d800 apimachinery for the flags added 2017-01-20 12:32:13 -05:00
Justin Santa Barbara de884f4fb7 Map docker --bip flag 
Fix #710
Fix #42
 2017-01-20 12:31:41 -05:00
Justin Santa Barbara 5c177fb5e4 Map terminated-pod-gc-threshold flag 
Fix #998
 2017-01-20 11:55:23 -05:00
Justin Santa Barbara 98603bf6f0 Map image-gc-high/low-threshold kubelet flags 
Fix #1243
 2017-01-20 11:52:11 -05:00
Justin Santa Barbara 5a7ef0711b Max kubelet max-pods flag 
Fix #1445
 2017-01-20 11:49:48 -05:00
Justin Santa Barbara db54ecf23d Map enable-custom-metrics kubelet flag 
Fix #1467
 2017-01-20 11:46:07 -05:00
Justin Santa Barbara 33884d232c Add authz flags 
We aren't wiring them up now, but this unblocks people that want to have
a go.
 2017-01-20 11:43:21 -05:00
Justin Santa Barbara 686e4efa3b Egress follow up 
* Round trip to v1alpha1
* Enable test
 2017-01-20 00:40:41 -05:00
Justin Santa Barbara bb46c3ca32 Turn off validation that master & nodes have same topology 
First step towards supporting mixed-modes.
 2017-01-19 23:00:24 -05:00
Justin Santa Barbara 2b277c6789 Include `cluster` label in `kops get ig -oyaml` 
Fix #1559
 2017-01-19 22:59:55 -05:00
Justin Santa Barbara a60e10eacd Merge pull request #1366 from reactiveops/kris-and-eric-1282 
Specify Existing NAT Gateways to Use in Cluster Creation
 2017-01-19 21:06:12 -05:00
Eric Hole 1e3d94392c Major redo/squash of the work to get egress added to the API and hooked up. 
One commit from the always incredible @kris-nova was incorporated here, it was to
check for tags in `kutil/delete_cluster.go`. She was a major driver and instrumental in getting
this to where we aere now!
 2017-01-19 16:57:42 -05:00
Justin Santa Barbara 165ead4fac Merge pull request #1170 from yissacharcw/extensible-iam-roles 
Add support for extensible IAM permissions
 2017-01-19 12:45:55 -05:00
Justin Santa Barbara 2af86f4c37 Merge pull request #1438 from blakebarnett/bdb/add_odic_flags 
Add OIDC flags
 2017-01-19 00:32:30 -05:00
Justin Santa Barbara a77c1ed50c Merge pull request #1465 from DualSpark/k-c-m-attachedetachflag 
Updates for new k-c-m flag
 2017-01-18 21:44:55 -05:00
Chris Love bc5d01962a Merge pull request #1504 from justinsb/fix_1198 
Validate that bastion IdleTimeout < 1 hour
 2017-01-18 12:35:05 -08:00
chrislovecnm 3cabfb25d0 Updates to add new flag used by Kubernetes Controller manager: attach-detach-reconcile-sync-period 2017-01-18 12:29:29 -08:00
Kris Nova d41c655d9f Adding notes from call 2017-01-17 09:35:38 -07:00
Kris Nova 2d76602a3b Merge branch 'kris-and-eric-1282' of github.com:reactiveops/kops into eric-kris 2017-01-17 08:28:27 -07:00
Justin Santa Barbara 3c7e19ecae Validate that bastion IdleTimeout < 1 hour 
Fix #1198
 2017-01-17 01:33:03 -05:00
Kris Nova edded7ad6c Merge pull request #1483 from justinsb/int_to_int32 
Change int to int32 in API
 2017-01-16 20:04:28 -07:00
Blake 754f0e98a9 Change JSON var format, add some comments. 2017-01-15 15:55:35 -08:00
Blake 6d0a1f5a2a Run go fmt - oops 2017-01-15 15:55:35 -08:00
Blake 0b00ce6fd3 Add OIDC flags 2017-01-15 15:55:35 -08:00
Justin Santa Barbara 09cb9b654c Change int to int32 in API 
We shouldn't be using the variable-sized int in the API
 2017-01-15 18:23:44 -05:00
Justin Santa Barbara 373dc9fe42 Add updated conversion file 2017-01-15 16:02:53 -05:00
Yissachar Radcliffe 773335e342 Create separate IAM policies instead of editing existing one 2017-01-11 11:05:36 -05:00
Yissachar Radcliffe f7d8d3a5fe Add generated apimachinery conversion 2017-01-11 11:02:44 -05:00
Yissachar Radcliffe 13ac2d49d3 Add support for extensible IAM permissions 2017-01-11 11:02:44 -05:00
Eric Hole 8c0a4f2890 Fix integration tests. 2017-01-10 10:20:02 -05:00
Eric Hole a03ba42b56 Merge branch 'master' into kris-and-eric-1282 2017-01-09 22:01:59 -05:00
Eric Hole f5b3425d3d First pass at create_cluster_integration_test for specifying NGWs. 2017-01-09 17:28:10 -05:00
Justin Santa Barbara 61011650dd Support private hosted zones in DNS 2017-01-09 09:32:52 -05:00
Eric Hole bcaf929256 Rebased the new EIP/NGW code and integrated with 1282 code. Working CI. 2017-01-08 13:20:32 -05:00
Eric Hole 0f84494dbd Merge branch 'master' into kris-and-eric-1282 2017-01-08 11:10:13 -05:00
Eric Hole 3de7bfb93f First pass at Shared NGW docs. 2017-01-08 09:35:56 -05:00
Eric Hole cab1251161 New API fields ngwId and ngwEip. 2017-01-08 09:35:20 -05:00
Justin Santa Barbara 53135fa57e Add conversion tests, and fix some problems 
* We were naming our etcd zones inconsistently
* When we wrote to v1alpha2, we would change the etc member names

Fix #1202
 2017-01-07 21:54:15 -05:00
Justin Santa Barbara 5e8c3fd09b Fix merge conflicts 2017-01-05 00:13:51 -05:00
Justin Santa Barbara ccb9350e39 Merge pull request #1268 from justinsb/api_exposure_in_topology 
Control how we expose the API
 2017-01-04 23:48:18 -05:00
Kris Nova 968366d444 Merge pull request #1309 from justinsb/version_update 
Update to k8s 1.6 code
 2017-01-04 21:08:54 -07:00
Justin Santa Barbara 2912dee6e1 Rename -> AccessSpec, ELB -> LoadBalancer 
Also add docs
 2017-01-04 23:04:30 -05:00
Justin Santa Barbara 02f92979a6 Fixes per code review 2017-01-04 23:04:30 -05:00
Justin Santa Barbara da4d5de24a Auto generated code 2017-01-04 23:04:30 -05:00
Justin Santa Barbara 9314575953 Working on expressing how we expose services like the API 2017-01-04 23:04:30 -05:00
Kris Nova 1b769b48c8 Adding notes from our meeting 2017-01-04 10:01:51 -07:00
Justin Santa Barbara 09e834849d Specify storage-backend=etcd2 explicitly 
The default may change to etcd3, but we want to stick with etcd2 until
upgrade has been fully vetted.
 2017-01-04 11:27:31 -05:00
Justin Santa Barbara a375b1af82 Updates for k8s 1.6 code 2017-01-03 20:32:48 -05:00
Justin Santa Barbara b790eac9d4 fix gofmt 2016-12-30 10:52:14 -05:00
Chris Love d5cccfe88c Merge pull request #1254 from DualSpark/backport-the-backport 
Backport the backport
 2016-12-29 22:10:23 -07:00
Kris Nova e059f01680 Refactoring logic in validation, we want topology-less clusters to fall through so the new API conversion code can deal with them. 
Added PerformAssignments() to the create -f workflow

Also bumpings k8s version in create_cluster tests to 1.4.7 so the creation works as expected.
 2016-12-29 06:01:16 -07:00
Justin Santa Barbara 56b07c04d9 Fix gofmt & calico autogen 2016-12-28 13:23:53 -05:00
Justin Santa Barbara 889a65c966 Create alpha channel for 1.5.1 2016-12-28 11:30:40 -05:00
Kris Childress c3c0322712 Backport the backport 2016-12-25 18:56:26 -07:00
Kris Childress 9751746415 Backport the backport 2016-12-25 18:13:32 -07:00
Chris Love 789bfcf07b Merge pull request #1093 from heschlie/master 
Integrating Calico as CNI provider
 2016-12-22 17:43:48 -07:00
heschlie 5cb8575dfe Fixed CI integration, added some tests for Calico 
- CI issues were due to v1alpha2 being added, created Calico there
- Added some tests around Calico, similar to Weave
- Added conversion functions similar to Weave in zz_generated_conversion
 2016-12-21 19:15:52 -08:00
Chris Love 8470034dc5 Merge pull request #1215 from justinsb/prevent_utility_subnetid_in_v1alpha1 
If the user tries to save a SubnetID into v1alpha1, fail
 2016-12-20 20:00:22 -07:00
Vince Montalbano 0fbd19adfd Add KubeletPreferredAddressTypes #1083 2016-12-20 12:31:42 -06:00
heschlie a4b7093b0d Calico integration 
Adding the option to install Calico with the `--networking calico`
argument.  This will currently deploy Calico v2.0 to the cluster.

Documentation has also been updated with information about Calico and
where one can find more information or help.
 2016-12-20 10:13:00 -08:00
Justin Santa Barbara 594ec692e4 If the user tries to save a SubnetID into v1alpha1, fail 
Rather than failing silently.

Will not be an issue once we switch the default to v1alpha2, but in the
meantime this is surprising.
 2016-12-20 09:55:21 -05:00
Justin Santa Barbara 846b7601db Configure DockerVersion in Docker Spec 
And automatically choose 1.12.3 for k8s >= 1.5, 1.11.2 for < 1.5

Fix #849
 2016-12-20 00:34:40 -05:00
Justin Santa Barbara 8ce09c65e9 Fixes per code review 2016-12-19 01:18:28 -05:00
Justin Santa Barbara 50296f1a30 Fix file headers 2016-12-19 00:23:20 -05:00
Justin Santa Barbara a03ea54365 Rename SubnetName -> Name 
No schema impact
 2016-12-19 00:01:38 -05:00
Justin Santa Barbara aeef9dc6eb A few real-world fixes to create-cluster around initialization 2016-12-18 23:56:36 -05:00
Justin Santa Barbara 91b77ae11e Multi-version testing; fix few edge cases 
By testing with data from various schema versions, we effectively check
that they are equivalent.

Also this uncovered a few places where we were not strictly ordering
things - add some sorts in there.
 2016-12-18 23:14:29 -05:00
Justin Santa Barbara 4475d68c2e Remove dead code 2016-12-18 21:56:57 -05:00
Justin Santa Barbara ef6d1fddf5 Update tests for new TF output 2016-12-18 21:56:57 -05:00
Justin Santa Barbara 1ef2c367c1 Reintroduce subnet assignemnt logic 2016-12-18 21:56:57 -05:00
Justin Santa Barbara fed68310fa Schema v1alpha2 
* Zones are now subnets
* Utility subnet is no longer part of Zone
* Bastion InstanceGroup type added instead
* Etcd clusters defined in terms of InstanceGroups, not zones
* AdminAccess split into SSHAccess & APIAccess
* Dropped unused Multizone flag
 2016-12-18 21:56:57 -05:00
Justin Santa Barbara c01c2af656 Mark ObjectMeta as a named field 
This will work around some apimachinery bugs
(https://github.com/kubernetes/client-go/issues/8)
 2016-12-14 22:26:57 -05:00
Justin Santa Barbara 96243ee442 Specify --anonymous-auth=false for k8s 1.5 
We'll expose this option as part of RBAC, but in the meantime explicitly
specify the existing behaviour.
 2016-12-13 01:44:28 -05:00
Chris Love 704aaaeff2 Merge pull request #1089 from justinsb/kops_edit_cluster 
Use versioned marshaling where we can
 2016-12-11 10:09:53 -07:00
Justin Santa Barbara dbab97e508 Use versioned marshaling where we can 
In particular during a kops edit
 2016-12-08 22:17:26 -05:00
Justin Santa Barbara 83f9d05251 Allow role specification on kops create ig 2016-12-08 13:41:04 -05:00
Manuel de Brito Fontes 2eea3eb074 Simplify return 2016-12-07 09:13:56 -03:00
Justin Santa Barbara df9e1e44db Hotfix for segfaults 2016-12-04 12:44:22 -05:00
alok87 a9badebf42 Lowercase json display 2016-12-04 17:35:01 +05:30
alok87 99aa9d6490 Merge remote-tracking branch 'kopsrepo/master' into bastion_improvements 
* kopsrepo/master: (29 commits)
  Add verify-boilerplate target
  Add logging of AWS retries
  adding hack/verify-boilerplate.sh to make ci target
  Print time remaining to succeed as a positive value
  adding hack/verify-boilerplate.sh to make ci target
  updating headers, OMG we need this in the ci
  Format resource diffs
  Include error in message when we fail to query AZs
  Import tidying
  Apply gofmt
  Update cmd/kops/validate_cluster for refactor
  Move to pkg/validation and tidy up
  Update command building pattern, a few tweaks
  adds more machine types
  fix path to adding feature doc
  Update dns-controller README
  bug in my fix header script
  updating header
  bumping weave version
  Remove old file
  ...
 2016-12-04 17:24:29 +05:30
alok87 66d2e4791d IdleTimeout configurable from editcluster 2016-12-04 16:35:39 +05:30
alok87 0ab99a432f Headers updated for ci fix 2016-12-04 15:15:10 +05:30
alok87 7342346638 v1aplha1 api code 2016-12-03 03:06:10 +05:30
Justin Santa Barbara 5674b8c2ce Move to pkg/validation and tidy up 2016-12-02 11:13:06 -05:00
Justin Santa Barbara ff2d580257 Update command building pattern, a few tweaks 2016-12-02 09:49:39 -05:00
alok87 d4eccb2688 Made bastion as part of TopologySpec 2016-12-01 09:56:45 +05:30
Justin Santa Barbara 23638dc1fb Fix CIDR math to avoid private CIDR collisions 2016-11-30 11:08:14 -05:00
alok87 a413ea5ac3 Merge remote-tracking branch 'kopsrepo/master' into bastion_improvements 
* kopsrepo/master:
  gcs-upload: Use a no-clobber copy instead
  gcs-upload: Fix cache-control on other files as well
  changes from code review
  doc updates
  unit tests with fakes
  it is working in alpha
  working on the start of validate
  Starting work on node lookup and validation
  starting porting node code
  Fix retries for AutoScalingGroup pending delete
  Apply gofmt to pkg directory
  Avoid tests hitting kubernetes stable.txt HTTP file
  Fix printing of max size on instance group
  Disable kubelet from starting until after volume mounts
  Fix Cluster parsing error message
  bumping stable channel to k8s 1.4.6
  support more zones(cn-north-1a/b) for cloud provider guess
 2016-11-30 07:58:41 +05:30
chrislovecnm 2bbc95d9e8 changes from code review 2016-11-28 18:54:57 -07:00
chrislovecnm 8a1934ae8b unit tests with fakes 
updating docs
 2016-11-28 18:17:53 -07:00
chrislovecnm 8b8bb18815 it is working in alpha 2016-11-28 18:16:32 -07:00
chrislovecnm 82cf2c2c0f working on the start of validate 
cluster validation seem to be working.  Need to test more

documentation yo

refactoring to get rid of import cycle not allowed
 2016-11-28 18:16:32 -07:00
Chris Love 8d1a921e8b Merge pull request #994 from justinsb/gofmt_pkg 
Apply gofmt to pkg directory
 2016-11-28 11:37:14 -07:00
Justin Santa Barbara 35cd96f359 Apply gofmt to pkg directory 
It was omitted from the makefile `make gofmt`
 2016-11-28 02:11:47 -05:00
Justin Santa Barbara 4901573a0c Avoid tests hitting kubernetes stable.txt HTTP file 
Fix #949
 2016-11-28 02:09:04 -05:00
alok87 edf22f3797 Bastion DNS as an option and not by default 2016-11-23 12:40:45 +05:30
alok87 6b17c27572 Bastion Improvements 2016-11-23 12:37:42 +05:30
alok87 6206bc711e Separate configuration for bastion 2016-11-23 12:35:10 +05:30
alok87 2f1ebdea15 Enable/disable bastion, defaults to false 2016-11-23 12:31:51 +05:30
Chris Love e306357dcc Merge pull request #940 from emerlinsky/patch-1 
Fix generated private subenet CIDR overlap with VPC range
 2016-11-22 15:37:58 -07:00
Chris Love 0055732972 Merge pull request #959 from yancl/fix-master-kubelet-validation 
fix validation for master kubelet api server
 2016-11-21 09:06:43 -07:00
Chris Love 4308340ed2 Merge pull request #965 from DualSpark/patch-panic-validation 
Adding backwards support for non-topology validation
 2016-11-21 07:55:52 -07:00
Kris Childress 379a8c8c71 Adding backwards support for non-topology validation 2016-11-21 07:35:07 -07:00
yancl 9c9ff8c6e0 fix validation for master kubelet api server that checked kubelet api 
server instead
 2016-11-21 03:50:44 +00:00
Kris Childress 9e1b3dce55 Merge pull request #750 from Shrugs/docs/runtime-config 
docs: add documentation for cluster.spec, namely runtimeConfig
 2016-11-20 19:34:09 -07:00
emerlinsky 6d442f549a Fix private subenet overlap with VPC range 
Without this fix, last generated private subnet address overlaps with main CIDR range provided via --network-cidr= option, which causes error.
For example before change, with  --network-cidr=10.0.0.0/22, the list of subnets generated by the code was:

```
I1117 07:34:24.720380   47964 cluster.go:503] Assigned CIDR 10.0.1.128/25 to zone us-east-1c
I1117 07:34:24.720397   47964 cluster.go:514] Assigned Private CIDR 10.0.3.0/25 to zone us-east-1c
I1117 07:34:24.720404   47964 cluster.go:503] Assigned CIDR 10.0.2.0/25 to zone us-east-1d
I1117 07:34:24.720409   47964 cluster.go:514] Assigned Private CIDR 10.0.3.128/25 to zone us-east-1d
I1117 07:34:24.720415   47964 cluster.go:503] Assigned CIDR 10.0.2.128/25 to zone us-east-1e
I1117 07:34:24.720420   47964 cluster.go:514] Assigned Private CIDR 10.0.4.0/25 to zone us-east-1e
```

The last CIDR 10.0.4.0/25 is beyond 10.0.0.0/22 boundaries, which causes the error:

```
W1117 07:39:29.240474   48009 executor.go:100] error running task "subnet/private-us-east-1e.kubpriv.pink-ptdevcloud.com": error creating subnet: InvalidSubnet.Range: The CIDR '10.0.4.0/25' is invalid.
	status code: 400, request id: b195c64b-0a35-413c-b6ec-d7ee40d49adb
```

With a code fix, subnets get generated in a correct way:

```
I1118 07:22:31.466899   55710 cluster.go:503] Assigned CIDR 10.0.1.0/25 to zone us-east-1c
I1118 07:22:31.466908   55710 cluster.go:514] Assigned Private CIDR 10.0.2.128/25 to zone us-east-1c
I1118 07:22:31.466913   55710 cluster.go:503] Assigned CIDR 10.0.1.128/25 to zone us-east-1d
I1118 07:22:31.466917   55710 cluster.go:514] Assigned Private CIDR 10.0.3.0/25 to zone us-east-1d
I1118 07:22:31.466922   55710 cluster.go:503] Assigned CIDR 10.0.2.0/25 to zone us-east-1e
I1118 07:22:31.466925   55710 cluster.go:514] Assigned Private CIDR 10.0.3.128/25 to zone us-east-1e

```
 2016-11-18 09:08:21 -08:00
chrislovecnm 785ce5a156 it lives 2016-11-17 00:03:34 -05:00
chrislovecnm 60dce754b0 package name ... duh 2016-11-16 16:54:29 -07:00
chrislovecnm 41b8b6bd14 Now I understand the comment on the PR 2016-11-16 16:46:55 -07:00
chrislovecnm f8e10dc200 because these peeps do awesome code reviews 2016-11-16 16:39:35 -07:00
chrislovecnm 25ee1e4cdb adding weave support 2016-11-16 15:48:32 -07:00
Justin Santa Barbara ee44353cde Add support for kopeio networking 2016-11-16 14:20:23 -05:00
Justin Santa Barbara ae84beddb7 Use more api machinery when writing 2016-11-13 22:11:36 -05:00
Kris Childress 8b4e9580c6 Merge pull request #843 from zmerlynn/fix-version-whine 
Quiet version string match (it's really spammy in logs)
 2016-11-08 22:06:04 -08:00
Kris Childress 07eb92fd43 gofmt on pkg/apis/kops/cluster.go 2016-11-08 17:09:34 -08:00
Kris Childress 8c41dad16d Unit Tests 
- Adding populateClusterSpec unit tests
 - Topology happy/sad paths
 - Fleshing out topology in the buildMinimalCluster() function
 2016-11-08 15:16:41 -08:00
Kris Childress c1644cc4e7 Remove refs to `privatemasters` 2016-11-08 15:16:41 -08:00
Kris Childress e962f9c5fd Adding bastion support 2016-11-08 15:16:41 -08:00
Kris Childress cebdde3fb4 Woo! Time to start playing with private networks in AWS!! 2016-11-08 15:16:41 -08:00
Kris Childress a1c5c77b23 docs 2016-11-08 15:16:41 -08:00
Kris Childress 8fba14b85b Small refactor - getting ready to start YAML 2016-11-08 15:16:41 -08:00
Kris Childress 000e847af2 Topology Initial Commit 
- Refactor private networking -> topology
- Define new topology models (no changes yet)
- Docs
- Create cluster --topology and -t
- New functions for topology templating
 2016-11-08 15:16:41 -08:00
Zach Loafman 2d7aa0a789 Quiet version string match (it's really spammy in logs) 2016-11-08 13:40:22 -08:00
Zach Loafman 8263cae51b Quick fix: add v1.[67] to valid version checks 2016-11-07 11:22:59 -08:00
Matt Condon ad03ba6099 squash: line notes and additional comments/docs 2016-11-04 18:08:34 -04:00
chrislovecnm 6e3bece0d0 adding model and options to handle cni networking 2016-10-19 09:20:36 -06:00
Chris Love 0d78c65498 Merge pull request #660 from justinsb/fix_upgrade 
Fix upgrade from kube-up
 2016-10-18 10:39:33 -06:00
chrislovecnm 8fa2aac99f fixing more headers 2016-10-15 19:20:56 -06:00
Justin Santa Barbara c933008006 Don't validate cluster name when importing kube-up clusters 2016-10-14 22:38:29 -04:00
Justin Santa Barbara 58a8daf63e Experimental support for federation 
Highly experimental right now, and has exposed some upstream issues (I
believe), but adding so that people can start playing.
 2016-10-11 10:29:46 -04:00
Justin Santa Barbara dc1e7d3a5d Add v1alpha1 version of APIs 
Moving towards versioned APIs
 2016-10-11 10:17:14 -04:00
Justin Santa Barbara 542f8fb4f2 Refactor CLI to match kubectl approach 
We have an Options class for each command, and a Run function that can
be called directly.
 2016-10-11 09:47:11 -04:00
Justin Santa Barbara 5ac44018d4 Move API to pkg/apis/kops 
This is a breaking change for people using the API (sorry), but is
hopefully a simple search and replace:

"k8s.io/kops/upup/pkg/api"
 -> api "k8s.io/kops/pkg/apis/kops"

"k8s.io/kops/upup/pkg/api/registry"
 -> "k8s.io/kops/pkg/apis/kops/registry"

This is the "correct" place for it in the k8s API infrastructure - we
are working towards a versioned API here.
 2016-10-11 08:52:54 -04:00