kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,334 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1227 Commits

Author SHA1 Message Date
Justin Santa Barbara 33884d232c Add authz flags 
We aren't wiring them up now, but this unblocks people that want to have
a go.
 2017-01-20 11:43:21 -05:00
Justin Santa Barbara 686e4efa3b Egress follow up 
* Round trip to v1alpha1
* Enable test
 2017-01-20 00:40:41 -05:00
Justin Santa Barbara bb46c3ca32 Turn off validation that master & nodes have same topology 
First step towards supporting mixed-modes.
 2017-01-19 23:00:24 -05:00
Justin Santa Barbara 2b277c6789 Include `cluster` label in `kops get ig -oyaml` 
Fix #1559
 2017-01-19 22:59:55 -05:00
Justin Santa Barbara a60e10eacd Merge pull request #1366 from reactiveops/kris-and-eric-1282 
Specify Existing NAT Gateways to Use in Cluster Creation
 2017-01-19 21:06:12 -05:00
Eric Hole 1e3d94392c Major redo/squash of the work to get egress added to the API and hooked up. 
One commit from the always incredible @kris-nova was incorporated here, it was to
check for tags in `kutil/delete_cluster.go`. She was a major driver and instrumental in getting
this to where we aere now!
 2017-01-19 16:57:42 -05:00
Justin Santa Barbara 165ead4fac Merge pull request #1170 from yissacharcw/extensible-iam-roles 
Add support for extensible IAM permissions
 2017-01-19 12:45:55 -05:00
Justin Santa Barbara 2af86f4c37 Merge pull request #1438 from blakebarnett/bdb/add_odic_flags 
Add OIDC flags
 2017-01-19 00:32:30 -05:00
Justin Santa Barbara a77c1ed50c Merge pull request #1465 from DualSpark/k-c-m-attachedetachflag 
Updates for new k-c-m flag
 2017-01-18 21:44:55 -05:00
Chris Love bc5d01962a Merge pull request #1504 from justinsb/fix_1198 
Validate that bastion IdleTimeout < 1 hour
 2017-01-18 12:35:05 -08:00
chrislovecnm 3cabfb25d0 Updates to add new flag used by Kubernetes Controller manager: attach-detach-reconcile-sync-period 2017-01-18 12:29:29 -08:00
Kris Nova d41c655d9f Adding notes from call 2017-01-17 09:35:38 -07:00
Kris Nova 2d76602a3b Merge branch 'kris-and-eric-1282' of github.com:reactiveops/kops into eric-kris 2017-01-17 08:28:27 -07:00
Justin Santa Barbara 3c7e19ecae Validate that bastion IdleTimeout < 1 hour 
Fix #1198
 2017-01-17 01:33:03 -05:00
Kris Nova edded7ad6c Merge pull request #1483 from justinsb/int_to_int32 
Change int to int32 in API
 2017-01-16 20:04:28 -07:00
Blake 754f0e98a9 Change JSON var format, add some comments. 2017-01-15 15:55:35 -08:00
Blake 6d0a1f5a2a Run go fmt - oops 2017-01-15 15:55:35 -08:00
Blake 0b00ce6fd3 Add OIDC flags 2017-01-15 15:55:35 -08:00
Justin Santa Barbara 09cb9b654c Change int to int32 in API 
We shouldn't be using the variable-sized int in the API
 2017-01-15 18:23:44 -05:00
Justin Santa Barbara 373dc9fe42 Add updated conversion file 2017-01-15 16:02:53 -05:00
Yissachar Radcliffe 773335e342 Create separate IAM policies instead of editing existing one 2017-01-11 11:05:36 -05:00
Yissachar Radcliffe f7d8d3a5fe Add generated apimachinery conversion 2017-01-11 11:02:44 -05:00
Yissachar Radcliffe 13ac2d49d3 Add support for extensible IAM permissions 2017-01-11 11:02:44 -05:00
Eric Hole 8c0a4f2890 Fix integration tests. 2017-01-10 10:20:02 -05:00
Eric Hole a03ba42b56 Merge branch 'master' into kris-and-eric-1282 2017-01-09 22:01:59 -05:00
Eric Hole f5b3425d3d First pass at create_cluster_integration_test for specifying NGWs. 2017-01-09 17:28:10 -05:00
Justin Santa Barbara 61011650dd Support private hosted zones in DNS 2017-01-09 09:32:52 -05:00
Eric Hole bcaf929256 Rebased the new EIP/NGW code and integrated with 1282 code. Working CI. 2017-01-08 13:20:32 -05:00
Eric Hole 0f84494dbd Merge branch 'master' into kris-and-eric-1282 2017-01-08 11:10:13 -05:00
Eric Hole 3de7bfb93f First pass at Shared NGW docs. 2017-01-08 09:35:56 -05:00
Eric Hole cab1251161 New API fields ngwId and ngwEip. 2017-01-08 09:35:20 -05:00
Justin Santa Barbara 53135fa57e Add conversion tests, and fix some problems 
* We were naming our etcd zones inconsistently
* When we wrote to v1alpha2, we would change the etc member names

Fix #1202
 2017-01-07 21:54:15 -05:00
Justin Santa Barbara 5e8c3fd09b Fix merge conflicts 2017-01-05 00:13:51 -05:00
Justin Santa Barbara ccb9350e39 Merge pull request #1268 from justinsb/api_exposure_in_topology 
Control how we expose the API
 2017-01-04 23:48:18 -05:00
Kris Nova 968366d444 Merge pull request #1309 from justinsb/version_update 
Update to k8s 1.6 code
 2017-01-04 21:08:54 -07:00
Justin Santa Barbara 2912dee6e1 Rename -> AccessSpec, ELB -> LoadBalancer 
Also add docs
 2017-01-04 23:04:30 -05:00
Justin Santa Barbara 02f92979a6 Fixes per code review 2017-01-04 23:04:30 -05:00
Justin Santa Barbara da4d5de24a Auto generated code 2017-01-04 23:04:30 -05:00
Justin Santa Barbara 9314575953 Working on expressing how we expose services like the API 2017-01-04 23:04:30 -05:00
Kris Nova 1b769b48c8 Adding notes from our meeting 2017-01-04 10:01:51 -07:00
Justin Santa Barbara 09e834849d Specify storage-backend=etcd2 explicitly 
The default may change to etcd3, but we want to stick with etcd2 until
upgrade has been fully vetted.
 2017-01-04 11:27:31 -05:00
Justin Santa Barbara a375b1af82 Updates for k8s 1.6 code 2017-01-03 20:32:48 -05:00
Justin Santa Barbara b790eac9d4 fix gofmt 2016-12-30 10:52:14 -05:00
Chris Love d5cccfe88c Merge pull request #1254 from DualSpark/backport-the-backport 
Backport the backport
 2016-12-29 22:10:23 -07:00
Kris Nova e059f01680 Refactoring logic in validation, we want topology-less clusters to fall through so the new API conversion code can deal with them. 
Added PerformAssignments() to the create -f workflow

Also bumpings k8s version in create_cluster tests to 1.4.7 so the creation works as expected.
 2016-12-29 06:01:16 -07:00
Justin Santa Barbara 56b07c04d9 Fix gofmt & calico autogen 2016-12-28 13:23:53 -05:00
Justin Santa Barbara 889a65c966 Create alpha channel for 1.5.1 2016-12-28 11:30:40 -05:00
Kris Childress c3c0322712 Backport the backport 2016-12-25 18:56:26 -07:00
Kris Childress 9751746415 Backport the backport 2016-12-25 18:13:32 -07:00
Chris Love 789bfcf07b Merge pull request #1093 from heschlie/master 
Integrating Calico as CNI provider
 2016-12-22 17:43:48 -07:00
heschlie 5cb8575dfe Fixed CI integration, added some tests for Calico 
- CI issues were due to v1alpha2 being added, created Calico there
- Added some tests around Calico, similar to Weave
- Added conversion functions similar to Weave in zz_generated_conversion
 2016-12-21 19:15:52 -08:00
Chris Love 8470034dc5 Merge pull request #1215 from justinsb/prevent_utility_subnetid_in_v1alpha1 
If the user tries to save a SubnetID into v1alpha1, fail
 2016-12-20 20:00:22 -07:00
Vince Montalbano 0fbd19adfd Add KubeletPreferredAddressTypes #1083 2016-12-20 12:31:42 -06:00
heschlie a4b7093b0d Calico integration 
Adding the option to install Calico with the `--networking calico`
argument.  This will currently deploy Calico v2.0 to the cluster.

Documentation has also been updated with information about Calico and
where one can find more information or help.
 2016-12-20 10:13:00 -08:00
Justin Santa Barbara 594ec692e4 If the user tries to save a SubnetID into v1alpha1, fail 
Rather than failing silently.

Will not be an issue once we switch the default to v1alpha2, but in the
meantime this is surprising.
 2016-12-20 09:55:21 -05:00
Justin Santa Barbara 846b7601db Configure DockerVersion in Docker Spec 
And automatically choose 1.12.3 for k8s >= 1.5, 1.11.2 for < 1.5

Fix #849
 2016-12-20 00:34:40 -05:00
Justin Santa Barbara 8ce09c65e9 Fixes per code review 2016-12-19 01:18:28 -05:00
Justin Santa Barbara 50296f1a30 Fix file headers 2016-12-19 00:23:20 -05:00
Justin Santa Barbara a03ea54365 Rename SubnetName -> Name 
No schema impact
 2016-12-19 00:01:38 -05:00
Justin Santa Barbara aeef9dc6eb A few real-world fixes to create-cluster around initialization 2016-12-18 23:56:36 -05:00
Justin Santa Barbara 91b77ae11e Multi-version testing; fix few edge cases 
By testing with data from various schema versions, we effectively check
that they are equivalent.

Also this uncovered a few places where we were not strictly ordering
things - add some sorts in there.
 2016-12-18 23:14:29 -05:00
Justin Santa Barbara 4475d68c2e Remove dead code 2016-12-18 21:56:57 -05:00
Justin Santa Barbara ef6d1fddf5 Update tests for new TF output 2016-12-18 21:56:57 -05:00
Justin Santa Barbara 1ef2c367c1 Reintroduce subnet assignemnt logic 2016-12-18 21:56:57 -05:00
Justin Santa Barbara fed68310fa Schema v1alpha2 
* Zones are now subnets
* Utility subnet is no longer part of Zone
* Bastion InstanceGroup type added instead
* Etcd clusters defined in terms of InstanceGroups, not zones
* AdminAccess split into SSHAccess & APIAccess
* Dropped unused Multizone flag
 2016-12-18 21:56:57 -05:00
Justin Santa Barbara c01c2af656 Mark ObjectMeta as a named field 
This will work around some apimachinery bugs
(https://github.com/kubernetes/client-go/issues/8)
 2016-12-14 22:26:57 -05:00
Justin Santa Barbara 96243ee442 Specify --anonymous-auth=false for k8s 1.5 
We'll expose this option as part of RBAC, but in the meantime explicitly
specify the existing behaviour.
 2016-12-13 01:44:28 -05:00
Chris Love 704aaaeff2 Merge pull request #1089 from justinsb/kops_edit_cluster 
Use versioned marshaling where we can
 2016-12-11 10:09:53 -07:00
Justin Santa Barbara dbab97e508 Use versioned marshaling where we can 
In particular during a kops edit
 2016-12-08 22:17:26 -05:00
Justin Santa Barbara 83f9d05251 Allow role specification on kops create ig 2016-12-08 13:41:04 -05:00
Manuel de Brito Fontes 2eea3eb074 Simplify return 2016-12-07 09:13:56 -03:00
Justin Santa Barbara df9e1e44db Hotfix for segfaults 2016-12-04 12:44:22 -05:00
alok87 a9badebf42 Lowercase json display 2016-12-04 17:35:01 +05:30
alok87 99aa9d6490 Merge remote-tracking branch 'kopsrepo/master' into bastion_improvements 
* kopsrepo/master: (29 commits)
  Add verify-boilerplate target
  Add logging of AWS retries
  adding hack/verify-boilerplate.sh to make ci target
  Print time remaining to succeed as a positive value
  adding hack/verify-boilerplate.sh to make ci target
  updating headers, OMG we need this in the ci
  Format resource diffs
  Include error in message when we fail to query AZs
  Import tidying
  Apply gofmt
  Update cmd/kops/validate_cluster for refactor
  Move to pkg/validation and tidy up
  Update command building pattern, a few tweaks
  adds more machine types
  fix path to adding feature doc
  Update dns-controller README
  bug in my fix header script
  updating header
  bumping weave version
  Remove old file
  ...
 2016-12-04 17:24:29 +05:30
alok87 66d2e4791d IdleTimeout configurable from editcluster 2016-12-04 16:35:39 +05:30
alok87 0ab99a432f Headers updated for ci fix 2016-12-04 15:15:10 +05:30
alok87 7342346638 v1aplha1 api code 2016-12-03 03:06:10 +05:30
Justin Santa Barbara 5674b8c2ce Move to pkg/validation and tidy up 2016-12-02 11:13:06 -05:00
Justin Santa Barbara ff2d580257 Update command building pattern, a few tweaks 2016-12-02 09:49:39 -05:00
alok87 d4eccb2688 Made bastion as part of TopologySpec 2016-12-01 09:56:45 +05:30
Justin Santa Barbara 23638dc1fb Fix CIDR math to avoid private CIDR collisions 2016-11-30 11:08:14 -05:00
alok87 a413ea5ac3 Merge remote-tracking branch 'kopsrepo/master' into bastion_improvements 
* kopsrepo/master:
  gcs-upload: Use a no-clobber copy instead
  gcs-upload: Fix cache-control on other files as well
  changes from code review
  doc updates
  unit tests with fakes
  it is working in alpha
  working on the start of validate
  Starting work on node lookup and validation
  starting porting node code
  Fix retries for AutoScalingGroup pending delete
  Apply gofmt to pkg directory
  Avoid tests hitting kubernetes stable.txt HTTP file
  Fix printing of max size on instance group
  Disable kubelet from starting until after volume mounts
  Fix Cluster parsing error message
  bumping stable channel to k8s 1.4.6
  support more zones(cn-north-1a/b) for cloud provider guess
 2016-11-30 07:58:41 +05:30
chrislovecnm 2bbc95d9e8 changes from code review 2016-11-28 18:54:57 -07:00
chrislovecnm 8a1934ae8b unit tests with fakes 
updating docs
 2016-11-28 18:17:53 -07:00
chrislovecnm 8b8bb18815 it is working in alpha 2016-11-28 18:16:32 -07:00
chrislovecnm 82cf2c2c0f working on the start of validate 
cluster validation seem to be working.  Need to test more

documentation yo

refactoring to get rid of import cycle not allowed
 2016-11-28 18:16:32 -07:00
Chris Love 8d1a921e8b Merge pull request #994 from justinsb/gofmt_pkg 
Apply gofmt to pkg directory
 2016-11-28 11:37:14 -07:00
Justin Santa Barbara 35cd96f359 Apply gofmt to pkg directory 
It was omitted from the makefile `make gofmt`
 2016-11-28 02:11:47 -05:00
Justin Santa Barbara 4901573a0c Avoid tests hitting kubernetes stable.txt HTTP file 
Fix #949
 2016-11-28 02:09:04 -05:00
alok87 edf22f3797 Bastion DNS as an option and not by default 2016-11-23 12:40:45 +05:30
alok87 6b17c27572 Bastion Improvements 2016-11-23 12:37:42 +05:30
alok87 6206bc711e Separate configuration for bastion 2016-11-23 12:35:10 +05:30
alok87 2f1ebdea15 Enable/disable bastion, defaults to false 2016-11-23 12:31:51 +05:30
Chris Love e306357dcc Merge pull request #940 from emerlinsky/patch-1 
Fix generated private subenet CIDR overlap with VPC range
 2016-11-22 15:37:58 -07:00
Chris Love 0055732972 Merge pull request #959 from yancl/fix-master-kubelet-validation 
fix validation for master kubelet api server
 2016-11-21 09:06:43 -07:00
Chris Love 4308340ed2 Merge pull request #965 from DualSpark/patch-panic-validation 
Adding backwards support for non-topology validation
 2016-11-21 07:55:52 -07:00
Kris Childress 379a8c8c71 Adding backwards support for non-topology validation 2016-11-21 07:35:07 -07:00
yancl 9c9ff8c6e0 fix validation for master kubelet api server that checked kubelet api 
server instead
 2016-11-21 03:50:44 +00:00
Kris Childress 9e1b3dce55 Merge pull request #750 from Shrugs/docs/runtime-config 
docs: add documentation for cluster.spec, namely runtimeConfig
 2016-11-20 19:34:09 -07:00
emerlinsky 6d442f549a Fix private subenet overlap with VPC range 
Without this fix, last generated private subnet address overlaps with main CIDR range provided via --network-cidr= option, which causes error.
For example before change, with  --network-cidr=10.0.0.0/22, the list of subnets generated by the code was:

```
I1117 07:34:24.720380   47964 cluster.go:503] Assigned CIDR 10.0.1.128/25 to zone us-east-1c
I1117 07:34:24.720397   47964 cluster.go:514] Assigned Private CIDR 10.0.3.0/25 to zone us-east-1c
I1117 07:34:24.720404   47964 cluster.go:503] Assigned CIDR 10.0.2.0/25 to zone us-east-1d
I1117 07:34:24.720409   47964 cluster.go:514] Assigned Private CIDR 10.0.3.128/25 to zone us-east-1d
I1117 07:34:24.720415   47964 cluster.go:503] Assigned CIDR 10.0.2.128/25 to zone us-east-1e
I1117 07:34:24.720420   47964 cluster.go:514] Assigned Private CIDR 10.0.4.0/25 to zone us-east-1e
```

The last CIDR 10.0.4.0/25 is beyond 10.0.0.0/22 boundaries, which causes the error:

```
W1117 07:39:29.240474   48009 executor.go:100] error running task "subnet/private-us-east-1e.kubpriv.pink-ptdevcloud.com": error creating subnet: InvalidSubnet.Range: The CIDR '10.0.4.0/25' is invalid.
	status code: 400, request id: b195c64b-0a35-413c-b6ec-d7ee40d49adb
```

With a code fix, subnets get generated in a correct way:

```
I1118 07:22:31.466899   55710 cluster.go:503] Assigned CIDR 10.0.1.0/25 to zone us-east-1c
I1118 07:22:31.466908   55710 cluster.go:514] Assigned Private CIDR 10.0.2.128/25 to zone us-east-1c
I1118 07:22:31.466913   55710 cluster.go:503] Assigned CIDR 10.0.1.128/25 to zone us-east-1d
I1118 07:22:31.466917   55710 cluster.go:514] Assigned Private CIDR 10.0.3.0/25 to zone us-east-1d
I1118 07:22:31.466922   55710 cluster.go:503] Assigned CIDR 10.0.2.0/25 to zone us-east-1e
I1118 07:22:31.466925   55710 cluster.go:514] Assigned Private CIDR 10.0.3.128/25 to zone us-east-1e

```
 2016-11-18 09:08:21 -08:00
chrislovecnm 785ce5a156 it lives 2016-11-17 00:03:34 -05:00
chrislovecnm 60dce754b0 package name ... duh 2016-11-16 16:54:29 -07:00
chrislovecnm 41b8b6bd14 Now I understand the comment on the PR 2016-11-16 16:46:55 -07:00
chrislovecnm f8e10dc200 because these peeps do awesome code reviews 2016-11-16 16:39:35 -07:00
chrislovecnm 25ee1e4cdb adding weave support 2016-11-16 15:48:32 -07:00
Justin Santa Barbara ee44353cde Add support for kopeio networking 2016-11-16 14:20:23 -05:00
Justin Santa Barbara ae84beddb7 Use more api machinery when writing 2016-11-13 22:11:36 -05:00
Kris Childress 8b4e9580c6 Merge pull request #843 from zmerlynn/fix-version-whine 
Quiet version string match (it's really spammy in logs)
 2016-11-08 22:06:04 -08:00
Kris Childress 07eb92fd43 gofmt on pkg/apis/kops/cluster.go 2016-11-08 17:09:34 -08:00
Kris Childress 8c41dad16d Unit Tests 
- Adding populateClusterSpec unit tests
 - Topology happy/sad paths
 - Fleshing out topology in the buildMinimalCluster() function
 2016-11-08 15:16:41 -08:00
Kris Childress c1644cc4e7 Remove refs to `privatemasters` 2016-11-08 15:16:41 -08:00
Kris Childress e962f9c5fd Adding bastion support 2016-11-08 15:16:41 -08:00
Kris Childress cebdde3fb4 Woo! Time to start playing with private networks in AWS!! 2016-11-08 15:16:41 -08:00
Kris Childress a1c5c77b23 docs 2016-11-08 15:16:41 -08:00
Kris Childress 8fba14b85b Small refactor - getting ready to start YAML 2016-11-08 15:16:41 -08:00
Kris Childress 000e847af2 Topology Initial Commit 
- Refactor private networking -> topology
- Define new topology models (no changes yet)
- Docs
- Create cluster --topology and -t
- New functions for topology templating
 2016-11-08 15:16:41 -08:00
Zach Loafman 2d7aa0a789 Quiet version string match (it's really spammy in logs) 2016-11-08 13:40:22 -08:00
Zach Loafman 8263cae51b Quick fix: add v1.[67] to valid version checks 2016-11-07 11:22:59 -08:00
Matt Condon ad03ba6099 squash: line notes and additional comments/docs 2016-11-04 18:08:34 -04:00
chrislovecnm 6e3bece0d0 adding model and options to handle cni networking 2016-10-19 09:20:36 -06:00
Chris Love 0d78c65498 Merge pull request #660 from justinsb/fix_upgrade 
Fix upgrade from kube-up
 2016-10-18 10:39:33 -06:00
chrislovecnm 8fa2aac99f fixing more headers 2016-10-15 19:20:56 -06:00
Justin Santa Barbara c933008006 Don't validate cluster name when importing kube-up clusters 2016-10-14 22:38:29 -04:00
Justin Santa Barbara 58a8daf63e Experimental support for federation 
Highly experimental right now, and has exposed some upstream issues (I
believe), but adding so that people can start playing.
 2016-10-11 10:29:46 -04:00
Justin Santa Barbara dc1e7d3a5d Add v1alpha1 version of APIs 
Moving towards versioned APIs
 2016-10-11 10:17:14 -04:00
Justin Santa Barbara 542f8fb4f2 Refactor CLI to match kubectl approach 
We have an Options class for each command, and a Run function that can
be called directly.
 2016-10-11 09:47:11 -04:00
Justin Santa Barbara 5ac44018d4 Move API to pkg/apis/kops 
This is a breaking change for people using the API (sorry), but is
hopefully a simple search and replace:

"k8s.io/kops/upup/pkg/api"
 -> api "k8s.io/kops/pkg/apis/kops"

"k8s.io/kops/upup/pkg/api/registry"
 -> "k8s.io/kops/pkg/apis/kops/registry"

This is the "correct" place for it in the k8s API infrastructure - we
are working towards a versioned API here.
 2016-10-11 08:52:54 -04:00