kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,072 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

584 Commits

Author SHA1 Message Date
k8s-ci-robot 5dce6b1e6f
Merge pull request #5875 from seanson/5700_add_flag_for_no_subnet_tags 
#5700: Add command line flag for disabling Subnet ELB tags
 2018-11-09 13:05:48 -08:00
Jay Eno e0948842f3
Update iam_builder_node_strict_ecr.json 2018-11-03 01:03:01 -06:00
Jay Eno e5c12bdbef
Update iam_builder_node_strict.json 2018-11-03 01:02:42 -06:00
Jay Eno b0201c5922
Update iam_builder_node_legacy.json 2018-11-03 01:02:24 -06:00
Jay Eno ccfee27165
Update iam_builder_master_strict_ecr.json 2018-11-03 01:01:47 -06:00
Jay Eno d7dab870c9
Update iam_builder_master_legacy.json 2018-11-03 01:01:08 -06:00
Jay Eno 107b079cf6
Add permission to check encryption policy on root bucket. 2018-11-02 23:50:30 -06:00
Jay Eno 7228721439
Update test for new role 2018-11-02 23:46:02 -06:00
Justin SB 4b3e66b347
Use hostPID: true with etcd-manager 
Addresses issues with mounting inside a container with systemd
("Failed to add PIDs to scope's control group: Invalid argument")
 2018-10-18 20:20:11 -07:00
k8s-ci-robot 1fbc6331c6
Merge pull request #5922 from spotinst/feature-spotinst-aws 
New integration: Spotinst
 2018-10-15 09:26:13 -07:00
mooncake d75dc2745d Fix typos in files 
Signed-off-by: mooncake <xcoder@tenxcloud.com>
 2018-10-14 21:44:44 +08:00
Liran Polak 07a509b917 fix: rename autoscaler node labels metadata label 2018-10-14 12:51:38 +03:00
Liran Polak a8db93b7d4 fix: rename cluster_identifier field 2018-10-14 11:54:58 +03:00
Liran Polak 67fd31696b fix: remove unnecessary nil check 2018-10-14 11:37:31 +03:00
Liran Polak cfa14b687d fix: parse boolean values 2018-10-14 11:37:31 +03:00
Liran Polak 07376e5105 fix: max size defaults to 2 2018-10-14 11:37:31 +03:00
Liran Polak 46b1c70b96 fix: ignore additional instance types 2018-10-14 11:37:31 +03:00
Liran Polak 0b9ab26862 fix: don't use curly brackets for additional scoping 2018-10-14 11:37:31 +03:00
Liran Polak 4c8ac60bf3 deps: vendor dependencies 2018-10-14 11:37:31 +03:00
Liran Polak 7654a923f1 feature: new integration: spotinst 2018-10-14 11:37:31 +03:00
Sean Johnson 737a7a2cb8 5700: Add command line flag for disabling Subnet ELB tags 2018-10-10 12:48:06 +11:00
Justin Santa Barbara e5d8b37772 Don't override name of ELB API SecurityGroup 
We don't need to because there can be only one, and it risks breaking
other callers of LinkToELBSecurityGroup (though admittedly there
aren't any!)
 2018-10-03 09:57:58 -07:00
k8s-ci-robot c81a0c64c5
Merge pull request #5868 from gambol99/fix_up_client 
Node Authorizer Fixes
 2018-10-03 06:12:55 -07:00
k8s-ci-robot 9c851ddcda
Merge pull request #5867 from gambol99/node_mode_controllers 
Node mode controllers
 2018-10-03 06:12:45 -07:00
Rohith aa700961b5 - fixing up the prometheus metrics annotation to indicates a https scheme 2018-10-03 11:39:35 +01:00
Rohith 2ce1df88cc - fixing the logging message, variable were wrong way around 2018-10-03 11:39:35 +01:00
Rohith 97dc2beb71 Node Authorizer Client Fix 
- fixing up the client for reboots ... somewhat of a oversight on my part :-)
- added the reason to the node denial message
 2018-10-03 11:39:35 +01:00
Rohith cf67cfd030 - enabling the tokencleaner controller when bootstrap tokens are enabled 2018-10-03 11:36:51 +01:00
k8s-ci-robot 3fe0287ff8
Merge pull request #5862 from justinsb/follow_on_5744 
Follow on for #5744
 2018-10-02 17:22:03 -07:00
k8s-ci-robot b3d61542cd
Merge pull request #5820 from justinsb/etcd_manager_channels_step1 
etcd: introduce field to specify whether we are using etcd-manager or legacy mode
 2018-10-02 14:20:37 -07:00
Justin Santa Barbara 9a9a947f7d Extract default etcd versions as constants 2018-10-02 13:13:11 -07:00
Justin Santa Barbara 789b7c9f28 Remove duplicate security-group overrides 2018-10-02 12:46:55 -07:00
Justin Santa Barbara 81cadec4ca Simplify building of security groups 
Also add comments about why we don't set e.g. RemoveExtraRules
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 9a6653421c Support override security groups with bastion 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 1e2a62992b Use JoinSuffixes for node->master traffic, also fix AmazonVPC rule 
This ensures we are consistently naming our rules
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 1906bcdf5d We need to create the cross-product of rules for SG overrides 
e.g. each master SGs need to be configured to talk to each master SG
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara bfb54935ff Build security groups along with suffixes 
Fixes the case where we mix use of specified & default SGs.
 2018-10-02 11:53:41 -07:00
Rodrigo Menezes 87eec75f5b Fix blocker 2018-10-02 10:22:09 -07:00
Rodrigo Menezes a82f548ff8 Allow using existing/shared Security Groups 
Verbosely log when a user overwrites LB or IG security groups

Change SecurityGroup to SecurityGroupOverride

Allow using existing/shared Security Groups

Update tests
 2018-10-02 00:51:39 -07:00
Justin Santa Barbara 54c499fe9b Introduce field to specify whether we are using etcd-manager or legacy mode 
Splitting this out from the bigger bundle PR
 2018-10-01 15:36:24 -07:00
Rohith 8401273b06 - fixing the reference to the import, goimports made an error 
- updating the version of the node-authorizer manifest
 2018-09-27 10:21:10 +01:00
Rohith 26942eb601 - updating to the fix rollout image for node authorizer 2018-09-27 09:59:23 +01:00
Justin Santa Barbara e6bf6b9f32 Field names are case-sensitive again 
There was a regression in apimachinery which meant that kubernetes
tolerated field names with incorrect case.  Upstream bug is
https://github.com/kubernetes/kubernetes/issues/64612

Syncing up with latest kubernetes will mean we get the same breaking
change as kubernetes has/had.  It should only affect people that are
manually building YAML / JSON.

Added as a significant item to release notes.
 2018-09-23 19:23:28 -04:00
Justin Santa Barbara 666e290983
Merge pull request #5547 from justinsb/etcd_manager_tests 
Add test for etcd-manager output
 2018-09-22 08:29:30 -07:00
Justin Santa Barbara 237043dded Update expected test output for script changes 2018-09-21 14:51:45 -04:00
Justin Santa Barbara 8a483c124e Avoid using which, CoreOS doesn't always have it 
We just try executing `curl --version` instead, and fall back to wget.
We can't use `wget --version` because busybox wget doesn't support
`--version`.
 2018-09-21 13:54:13 -04:00
Justin Santa Barbara 7cf432fcba Add test for etcd-manager output 
We need to get this under test coverage so we can start changing it confidently!
 2018-09-14 08:46:32 -04:00
Kelly Campbell 8132073ad9 Add elasticloadbalancing:DeregisterTargets permission to master policy 
Without this permission, controller-manager gets the following error:

    failed to ensure load balancer for service XXX: Error trying to
    deregister targets in target group:
    "AccessDenied: User: arn:aws:sts::XXX:assumed-role/masters...
    is not authorized to perform: elasticloadbalancing:DeregisterTargets
    on resource: arn:aws:elasticloadbalancing:XXX
 2018-09-05 14:01:01 -04:00
k8s-ci-robot b1c446f8f3
Merge pull request #5503 from mikesplain/fix_suspendprocess 
Fix suspendprocess
 2018-09-03 16:28:31 -07:00
andrewsykim 6dc9f01a41 add kube-proxy hostname override 2018-08-16 23:26:37 -04:00