kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,340 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

570 Commits

Author SHA1 Message Date
Kubernetes Prow Robot a140168c70
Merge pull request #10467 from olemarkus/ebs-csi 
AWS CSI driver
 2021-01-12 13:36:35 -08:00
Kubernetes Prow Robot e4f4a20d27
Merge pull request #10419 from bharath-123/task/default-systemd 
Default cgroup driver to systemd from k8s 1.20
 2021-01-12 08:30:27 -08:00
Bharath Vedartham a8d709acf2 Default cgroup driver to systemd from k8s 1.20 
Currently, kOps uses cgroupfs cgroup driver for the kubelet and CRIs. This PR defaults
the cgroup driver to systemd for clusters created with k8s versions >= 1.20.

Using systemd as the cgroup-driver is the recommended way as per
https://kubernetes.io/docs/setup/production-environment/container-runtimes/
 2021-01-12 20:39:25 +05:30
Ole Markus With f5ae5f8808 AWS CSI driver 2021-01-12 07:09:10 +01:00
Kubernetes Prow Robot 695be2666c
Merge pull request #10281 from dntosas/cluster-autoscaler-improvements 
[addons/CA] Add support for specifying resources and metrics
 2021-01-11 12:16:26 -08:00
dntosas 56fe4bab24
[addons/CA] Add support for specifying resources and metrics 
- Resources
We enable users to set their desired capacity for cluster-autoscaler addon.
There are edge cases, especially in big clusters, where autoscaler needs
to reconcile a large number of objects thus may need increased memory or
increased cpu to avoid saturation.

- Metrics
Cluster autoscaler provides valuable insights for monitoring capacity
allocation and scheduling aspects of a cluster. In this commit, we
add proper annotation on deployment to enable Prometheus scrape metrics.

We also bump patch version of container images.

Signed-off-by: dntosas <ntosas@gmail.com>
 2021-01-11 20:53:08 +02:00
Ole Markus With 4d2eca199f Remove node-authorization 2021-01-11 18:59:45 +01:00
Ciprian Hacman 66039f150e Add containerd option for registry mirrors 2020-12-28 19:32:06 +02:00
Ciprian Hacman c02e5a20ea Remove support for Kubenet with containerd 2020-12-27 18:21:16 +02:00
Kenji Kaneda a61caea8d2 Add Azure support 
This commit contains all changes required to support Azure
(https://github.com/kubernetes/kops/issues/3957).
 2020-12-21 08:27:54 -08:00
Justin SB 1945a656a0 Remove deprecated ResourceHolder 
Cleaning up what is now dead code.
 2020-12-19 23:15:37 -05:00
Akshansh Gupta 830fef7959 addons(cluster-autoscaler): Add newPodScaleUpDelay in clusterAutoscaler spec 2020-12-19 14:30:18 +05:30
Steven E. Harris f0f45b71fd Allow use of Calico's VXLAN networking backend 
Introduce a new "encapsulationMode" field in Calico's portion of the
Cluster specification to allow switching between the the IP-in-IP and
VXLAN encapsulation protocols. For now, we accept the values "ipip"
and "vxlan," and forgo a possible "none" value that would disable
encapsulation altogether (at least for the default Calico IP pool).

Augment the default-populating procedure for Calico to take this field
into account when deciding both which networking backend to use and
whether to use IP-in-IP or VXLAN encapsulation for the default IP
pool. Note that these values supplied for the "CALICO_IPV4POOL_IPIP"
and "CALICO_IPV4POOL_VXLAN" environment variables in the "calico-node"
DaemonSet pod spec only matter for creating the "default" IPPool pool
object when no such objects already exist.

Generalize the documentation for the "crossSubnet" field to cover
environments more broad than just AWS, as Calico can employ this
selective encapsulation in any environment in which it can detect
boundaries between subnets.
 2020-12-18 10:55:11 -05:00
Ciprian Hacman 1c6618bdd9 Update tests 2020-12-13 13:28:41 +02:00
Ciprian Hacman d2b34eac90 Add support for containerd v1.3.9 for older k8s versions 2020-12-13 13:28:36 +02:00
Justin SB dc48ca6905 Update etcd-manager to 20201209 
Highlights:

* Fix arm64 images, which were built with an incorrect base image.
* Initial (experimental) Azure support

Full change list:

* Update Kops dependency for Azure Blob Storage support [#372](https://github.com/kopeio/etcd-manager/pull/372)
* Exclude gazelle from tools/deb-tools [#373](https://github.com/kopeio/etcd-manager/pull/373)
* Regenerate bazel in tools/deb-tools [#374](https://github.com/kopeio/etcd-manager/pull/374)
* Release notes for 3.0.20201202 [#375](https://github.com/kopeio/etcd-manager/pull/375)
* Remove travis CI [#377](https://github.com/kopeio/etcd-manager/pull/377)
* Fix vendor generation for tools/deb-tools subproject [#376](https://github.com/kopeio/etcd-manager/pull/376)
* Add script to verify image hashes [#380](https://github.com/kopeio/etcd-manager/pull/380)
* Fix some incorrect base image hashes for arm64 [#379](https://github.com/kopeio/etcd-manager/pull/379)
* Support Azure [#378](https://github.com/kopeio/etcd-manager/pull/378)
* Add more descriptions to wait loops [#383](https://github.com/kopeio/etcd-manager/pull/383)
* Rename fields in the azure client struct [#382](https://github.com/kopeio/etcd-manager/pull/382)
* Fix small typo in code comment [#381](https://github.com/kopeio/etcd-manager/pull/381)
 2020-12-09 09:30:44 -05:00
Kubernetes Prow Robot 0fecffbfe0
Merge pull request #10284 from johngmyers/service-account-issuer 
Set --service-account-issuer for k8s 1.20+
 2020-12-04 08:07:59 -08:00
John Gardiner Myers 4f5def8610 Address review comment 2020-12-03 23:24:43 -08:00
Kubernetes Prow Robot 443567426e
Merge pull request #9704 from nckturner/aws-cloud-controller 
Add aws-cloud-controller-manager config to addons
 2020-12-02 12:17:00 -08:00
Justin SB 0ea98a1e87 Update etcd-manager to 3.0.20201202 
The important PR we want to pick up is 369, fixing a bug when
ListenMetricsURLS is set as an env var.

Full changelist:

* Release notes for 3.0.20201117 [#364](https://github.com/kopeio/etcd-manager/pull/364)
* Fix gofmt [#365](https://github.com/kopeio/etcd-manager/pull/365)
* Add gofmt check to github actions [#366](https://github.com/kopeio/etcd-manager/pull/366)
* Add boilerplate to tools/deb-tools/main.go [#367](https://github.com/kopeio/etcd-manager/pull/367)
* Do not set ListenMetricsURLS [#369](https://github.com/kopeio/etcd-manager/pull/369)
* Fix bazel formatting [#370](https://github.com/kopeio/etcd-manager/pull/370)
 2020-12-02 12:08:37 -05:00
Ciprian Hacman e11156135b Update Docker to v19.03.14 2020-12-02 10:11:27 +02:00
Ciprian Hacman 2b6d730354 Update containerd to v1.4.3 2020-12-02 09:53:57 +02:00
Nick Turner c9feb36f3f Add aws-cloud-controller-manager config to addons 
- Config at aws-cloud-controller.addons.k8s.io/k8s-1.18.yaml.template
- AWSCCMTag function for CCM image tag
 2020-11-30 01:35:07 -08:00
Ciprian Hacman 338fb43f8b Update kOps version after 1.19.0-beta.2 release 2020-11-22 08:10:50 +02:00
John Gardiner Myers 9607b9955c Set --service-account-issuer for k8s 1.20+ 2020-11-20 22:20:39 -08:00
Ciprian Hacman 4853bf982a Use etcd v3.4.13 for k8s v1.19+ 2020-11-20 14:25:22 +02:00
Justin SB d516fb7d9c Update etcd-manager to 3.0.20201117 
Release notes for 3.0.20201117:

* Release notes for 3.0.20200531
* Adds support for using OS application credentials
* Fixes usage of OpenStack Swift reauthentication
* Move from debian-hyperkube-base to debian-base
* Add license headers to each file
* Fix some typos picked up by verify-spelling
* Fix some problems with trailing spaces
* Add support for etcd 3.4.13
* Switch to gcr.io/cloud-marketplace-containers/google/debian10 - Fix
 for #340 option 1
* Support for ARM64
* BUG: OpenStack ignore AvailabilityZone in discovery
* Added full cinder ID to candidateDeviceNodes
* feat(etcd-manager-ctl): use backupname to delete backup instead of timestamp
* Update kops to pick up AllowAuth Openstack
* Build base image by raw expansion of deb packages
* Switch the cloudbuild docker image, locking to 2.2.0
* Fix build on case-insensitive file systems (MacOS)
* Set AltNames on server certificates
* govet: Fix a log message
 2020-11-17 22:03:30 -05:00
John Gardiner Myers 1165fd381e Remove more code specific to unsupported etcd v2 2020-11-15 22:21:24 -08:00
Kubernetes Prow Robot db473a11cd
Merge pull request #10194 from elblivion/etcdmanager-logverbosity 
Make etcd-manager log verbosity configurable
 2020-11-12 10:39:07 -08:00
Anthony Stanton c117d8d924 feat: Make etcd-manager log verbosity configurable 2020-11-12 09:58:09 +01:00
Ciprian Hacman 3e8770f763 Update kOps version after 1.19.0-beta.1 release 2020-11-11 10:15:39 +02:00
Ciprian Hacman 91d9c061dd Simplify etcd options builder 2020-10-30 09:11:00 +02:00
John Gardiner Myers 2ac17bee69 Remove code for no-longer-supported k8s releases 2020-10-29 16:45:53 -07:00
Javi Polo c2684bcf7b Add nodeLocalDNSCache.kubeDnsOnly option 2020-10-27 10:46:25 +01:00
Kubernetes Prow Robot c9aa53895a
Merge pull request #10048 from hakman/container-runtime-assets 
Install container runtime packages as assets
 2020-10-25 21:03:01 -07:00
Ole Markus With 29a1cb2a9f If we use node local dns, always use the nld local ip as cluster dns 2020-10-16 12:46:17 +02:00
Ciprian Hacman 23e73a5b8e Release 1.19.0-alpha.5 2020-10-15 07:09:46 +03:00
Ciprian Hacman 852bebe165 Install container runtime packages as assets - Misc 2020-10-14 15:41:51 +03:00
Ciprian Hacman 95f9228e54 Update Docker version defaults for older k8s versions 2020-10-09 17:12:37 +03:00
Ole Markus With 7eb1489945 Bump cilium to 1.8.4 2020-10-01 10:21:10 +02:00
Kubernetes Prow Robot 13cbd84886
Merge pull request #9967 from olemarkus/cilium-hubble-pointer 
Cilium hubble pointer
 2020-09-30 12:36:54 -07:00
Kubernetes Prow Robot bca601d1da
Merge pull request #9969 from hakman/docker-19.03.13 
Update Docker to v19.03.13
 2020-09-18 10:46:46 -07:00
Kubernetes Prow Robot e7bfedd1ac
Merge pull request #9921 from olemarkus/nth 
Add addon for aws node termination handler
 2020-09-18 03:10:45 -07:00
Ciprian Hacman 96e3fefd85 Update Docker to v19.03.13 2020-09-18 12:14:43 +03:00
Ole Markus With b9111c78e7 Make hubbleSpec into a pointer 2020-09-18 09:23:52 +02:00
Ciprian Hacman fcc486d250 Update containerd to v1.4.1 2020-09-18 10:01:30 +03:00
Ole Markus With b9212f85ad Add addon for aws node termination handler 2020-09-17 21:09:28 +02:00
Ciprian Hacman 0eb626fcdd Release 1.19.0-alpha.4 2020-09-16 11:37:38 +03:00
Ole Markus With b8bc6d35b8 Force external cloud controller manager on OS 2020-09-15 18:49:51 +02:00
Kubernetes Prow Robot 58092b5666
Merge pull request #9925 from olemarkus/cas-fixes 
Add missing flags to cluster autoscaler template
 2020-09-13 00:58:57 -07:00
Ole Markus With 2b5950c24c Add missing flags to template 2020-09-12 08:24:29 +02:00
Kubernetes Prow Robot 036ea69525
Merge pull request #9352 from justinsb/irsa_with_public 
Simplified form of IAM Roles for ServiceAccounts
 2020-09-09 22:23:44 -07:00
Chris Loukas 65610dbcee Update NodeLocalDNSConfig with Mem/CPU requests 
Add NodeLocalDNS.CPURequest and NodeLocalDNS.MemoryRequest to
configure resource requests.

If not explicitly set, fall back to 25m and 5Mi
 2020-09-09 18:40:14 +03:00
Justin SB a61ecf4c58 Refactor to use interface for iam Subjects 
Hat-tip to johngmyers for the idea!
 2020-09-09 09:57:07 -04:00
Justin SB 8498ac9dbb Create PublicJWKS feature flag 
This should be much easier to start and to get under testing; it only
works with a load balancer, it sets the apiserver into anonymous-auth
allowed, it grants the anonymous auth user permission to read our jwks
tokens.  But it shouldn't need a second bucket or anything of that
nature.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:06 -04:00
Ole Markus With 886b4c97cb Don't explicitly set insecure-bind-address on newer k8s 2020-09-09 11:41:51 +02:00
Kubernetes Prow Robot bac4afa3e5
Merge pull request #9871 from olemarkus/cilium-upgrades-sept-2 
Bump cilium to 1.8.3
 2020-09-05 09:15:41 -07:00
Ole Markus With 3ac61c7ea9 Bump cilium to 1.8.3 2020-09-05 10:47:48 +02:00
Ole Markus With a0e9fab104 Implement cluster autoscaler as bootstrap addon 
Use provider-agnostic node definition for cas instead of aws auto-discovery

Validate clusterAutoscalerSpec

Add spec documentation

Add cas docs

Make CRDs

Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>

Add enabled flag to cas config

Apply suggestions from code review

Co-authored-by: Guy Templeton <guyjtempleton@googlemail.com>

Add support for custom cas image

Support more k8s versions

Use full image names
 2020-09-03 09:52:13 +02:00
Ole Markus With 715e46d58e Upgrade cilium versions 2020-08-31 12:01:03 +02:00
Justin SB 786423f617 Expose JWKS via a feature-flag 
When the PublicJWKS feature-flag is set, we expose the apiserver JWKS
document publicly (including enabling anonymous access).  This is a
stepping stone to a more hardened configuration where we copy the JWKS
document to S3/GCS/etc.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 10:15:11 -04:00
Kubernetes Prow Robot b00f8049b6
Merge pull request #9808 from hakman/kope-to-k8s.gcr.io 
Pull images from k8s.gcr.io/kops instead of docker.io/kope
 2020-08-26 07:18:05 -07:00
Justin SB b158ffab04 Refactor: KopsModelContext embeds IAMModelContext 
go syntax makes this an annoying change, unfortunately.
 2020-08-25 11:22:34 -04:00
Ciprian Hacman a4ff90205a Pull images from k8s.gcr.io/kops instead of docker.io/kope 2020-08-25 08:04:36 +03:00
Peter Rifel dd75c1ed91
make apimachinery crds gomod, update-expected.sh 2020-08-24 10:58:09 -05:00
Kubernetes Prow Robot 9cb6797f67
Merge pull request #9801 from hakman/release-1.19.0-alpha.3 
Release 1.19.0-alpha.3
 2020-08-24 08:53:41 -07:00
Peter Rifel 7d9f0a06cf
Update API slice fields to not use pointers 
This is causing problems with the Kubernetes 1.19 code-generator.
A nil entry in these slices wouldn't be valid anyways, so this should have no impact.
 2020-08-24 07:46:38 -05:00
Ciprian Hacman 2d61ab0876 Bump kops to v1.19.0-alpha.3 2020-08-23 12:07:44 +03:00
Ciprian Hacman 537ad60191 Add support for containerd v1.4.0 2020-08-18 10:04:18 +03:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers c5871df319 Get kubelet certificate from kops-controller 2020-08-15 10:30:20 -07:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
Ole Markus With 25d98796e2 Add cinder plugin 2020-08-11 10:15:12 +02:00
Ciprian Hacman c51a811c21 ARM64 support - Update expected tests output 2020-08-10 13:47:07 +03:00
Ciprian Hacman 172031859d ARM64 support - Build multi-arch images 2020-08-10 13:47:07 +03:00
Justin SB c64abd4301 Release 1.19.0-alpha.2 2020-07-31 07:59:05 -04:00
John Gardiner Myers 8258dcd395 Exempt OpenStack from the EnableExternalCloudController feature flag 2020-07-25 13:12:25 -07:00
John Gardiner Myers ac13557e03 Add missing lifecycle to etcd keypair tasks 2020-07-11 22:27:53 -07:00
Ciprian Hacman 06df2cc123 Re-enable disk based evictions for Kubernetes 1.19 2020-07-09 19:36:11 +03:00
John Gardiner Myers 479b4860e8 Remove deprecated function 2020-07-06 22:48:01 -07:00
Kubernetes Prow Robot 0c62641dad
Merge pull request #9354 from johngmyers/refactor-certs-2 
Continue refactoring certs into nodeup
 2020-07-06 17:13:57 -07:00
Kubernetes Prow Robot a97fc42666
Merge pull request #9491 from johngmyers/nodeport-dns 
Default ClusterDNS appropriately when NodeLocalDNS is enabled
 2020-07-05 22:28:50 -07:00
Kubernetes Prow Robot b944b6973c
Merge pull request #9495 from hakman/docker-specific-flags 
Use kubelet docker-specific flags only for Docker
 2020-07-05 12:44:49 -07:00
Ciprian Hacman 69511a998e Use kubelet docker-specific flags only for Docker 2020-07-05 07:57:10 +03:00
Justin SB 591626af3c Release 1.19.0-alpha.1 2020-07-04 21:46:14 -04:00
John Gardiner Myers 004f7b578f Default ClusterDNS appropriately when NodeLocalDNS is enabled 2020-07-03 16:57:03 -07:00
Ole Markus With 53f670aeb0 Rebase with master 2020-07-03 08:39:43 +02:00
Ole Markus With 263172caac Use new templates for cilium 1.8 2020-07-03 07:56:35 +02:00
Rodrigo Menezes 627b71557e Fix where etcd-cluster-spec is writen when etcd's BackupStore is defined - v2 2020-07-02 00:01:43 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
John Gardiner Myers d2e270c844 update-expected.sh 2020-06-28 23:12:13 -07:00
Justin SB 74c787b598 NodeLocalDNS config population: small tweaks 
Minor tweaks to the code-style when filling out the NodeLocalDNS
config, just to make it more consistent.
 2020-06-16 16:23:38 -04:00
Kubernetes Prow Robot eb39ab7349
Merge pull request #9355 from johngmyers/move-port 
Move host-network services off of port 8080
 2020-06-16 09:10:04 -07:00
John Gardiner Myers 747aa6e8c4 Revert "Fix kube-apiserver-healthcheck image" 
This reverts commit 7e52f223
 2020-06-16 07:39:53 -07:00
Kubernetes Prow Robot 2a73c9dd73
Merge pull request #9334 from hakman/docker-selinux 
Add "--selinux-enabled" flag for Docker
 2020-06-15 22:52:04 -07:00
Kubernetes Prow Robot dc0c219727
Merge pull request #9360 from johngmyers/remove-baremetal 
Remove the baremetal cloud provider
 2020-06-15 21:11:57 -07:00
Kubernetes Prow Robot 06840579c2
Merge pull request #9359 from coreypobrien/fixkubeapihealthimage 
Fix kube-apiserver-healthcheck image
 2020-06-15 11:59:57 -07:00
John Gardiner Myers 0d74344a43 Remove the baremetal cloud provider 2020-06-14 10:38:29 -07:00
Corey O'Brien 7e52f223eb Fix kube-apiserver-healthcheck image 2020-06-14 12:55:22 -04:00
John Gardiner Myers 4bf8302f14 Move kube-apiserver-healthcheck to port 3990 2020-06-12 22:00:14 -07:00
Ciprian Hacman 0b1f01be25 Set the default log level for Docker to "info" 2020-06-12 06:19:09 +03:00
Ole Markus With e09365b6c2 Validate cilium version 2020-06-11 07:38:14 +02:00
Ole Markus With 39751cfe63 Set cilium defaults in code 2020-06-11 07:38:13 +02:00
Ciprian Hacman dc79e31a2c Use Docker 19.03.11 for Kubernetes 1.17+ 2020-06-09 18:16:06 +03:00
Ciprian Hacman 87ad779c76 Disable disk based evictions for Kubernetes 1.19 2020-06-08 11:13:23 +03:00
Ciprian Hacman f34a13a8f0 Disable disk based evictions for Kubernetes 1.19 2020-06-08 11:11:44 +03:00
Kubernetes Prow Robot 9e4bf1699a
Merge pull request #9216 from hakman/prepare-multi-arch 
Prepare Kops for multi-architecture support
 2020-06-04 21:35:43 -07:00
John Gardiner Myers 2b81bad20e Remove reference to Jessie 2020-06-04 12:13:54 -07:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
Kubernetes Prow Robot 4fe5ad03f8
Merge pull request #9255 from olemarkus/romana-remove 
Remove romana support
 2020-06-03 13:24:59 -07:00
Ciprian Hacman d049862cff Make architecture related decisions to nodeup 2020-06-03 17:24:01 +03:00
Ciprian Hacman 33c242c896 Use multi-arch image for pause container 2020-06-03 17:17:32 +03:00
Ciprian Hacman a7c9ef9ff0 Use Docker 19.03.11 for Kubernetes 1.18+ 2020-06-03 12:03:56 +03:00
Ole Markus With 991549a5f4 Remove support for Romana 2020-06-03 08:23:53 +02:00
Kubernetes Prow Robot d55e28f0ab
Merge pull request #9237 from hakman/etcd-manager-update 
Update etcd-manager to 3.0.20200531
 2020-06-01 08:29:56 -07:00
Ciprian Hacman 564d3d4ddc Update etcd-manager to 3.0.20200531 2020-06-01 13:08:59 +03:00
Ole Markus With 7342525872 Remove vsphere from kops files 2020-05-30 13:36:55 +02:00
Justin SB bb8c6b9fbe Update etcd-manager to 3.0.20200527 
Changes since 3.0.20200429:

* Use env vars to customize backup retention
* Use next attachment point when device already in use
* Simplify uploading backups
 2020-05-27 01:44:18 -04:00
Kubernetes Prow Robot bfd65ae589
Merge pull request #9157 from olemarkus/networking-cleanup 
Networking cleanup
 2020-05-24 07:03:10 -07:00
Kubernetes Prow Robot e6d73b5ba0
Merge pull request #9135 from justinsb/gce_no_hostname_no_worries 
GCE: don't rely on hostname being correct
 2020-05-22 17:43:10 -07:00
Ole Markus With b3505030c3 Fix containerd test 2020-05-22 09:56:19 +02:00
Ole Markus With fc0f7f237c Fix UsesKubenet call in containerd.go 2020-05-22 09:14:36 +02:00
Ole Markus With eebb605c9c Remove as much of the classic networking logic as we can 2020-05-22 08:08:58 +02:00
Ole Markus With d1ff25bb4e Remove some rather long networking nil checks 2020-05-22 08:08:58 +02:00
Kubernetes Prow Robot 2c899d859a
Merge pull request #9104 from hakman/containerd-kubenet 
Add support for Kubenet with containerd
 2020-05-21 22:20:38 -07:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
Ciprian Hacman 9d666c73bc Use components.UsesKubenet to check if Kubenet is required 2020-05-19 20:43:33 +03:00
Justin Santa Barbara 35c6056fb2 Create golden image test for nodeup kube-apiserver 
The building of the manifests for nodeup tasks can be a little opaque;
create a test to verify and expose what is happening.
 2020-05-18 06:42:16 -04:00
Justin SB 5ed11fd9c7 GCE: don't rely on hostname being correct 
Distros that use systemd for DHCP often don't have the hostname
correct, due to e.g. the requirement for policy kit.

We don't rely on it being set correctly on other clouds; no real
reason to require it on GCP either!
 2020-05-17 15:20:58 -04:00
Ciprian Hacman e608cd5265 Add support for Kubenet with containerd 2020-05-12 17:20:59 +03:00
Justin Santa Barbara 8db0017e62 kube-apiserver-healthcheck: actually enable on 1.17 
We cherry picked the support to 1.17, but now we need to activate the
feature.
 2020-05-08 13:32:22 -04:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
Ciprian Hacman 78de18a803 Update k8s.gcr.io/pause image to version 3.2 2020-05-01 22:12:42 +03:00
Justin SB 35a42c37e4 Add etcd 3.3.17 to supported etcd version list 2020-04-30 01:35:50 +00:00
Justin Santa Barbara 3f77222cf3 Update to etcd-manager 3.0.20200429 
Adds support for new AWS regions

Full changes

* Upgrade aws-sdk-go [#320](https://github.com/kopeio/etcd-manager/pull/320)
* Release notes for 3.0.20200428 [#319](https://github.com/kopeio/etcd-manager/pull/319)
 2020-04-29 08:33:19 -04:00
Justin Santa Barbara eb3ef1a9bb Update to etcd-manager 3.0.20200428 
Contains the workaround for 1-year certificate expiry.

Full changes

* Release notes for 3.0.20200307 [#303](https://github.com/kopeio/etcd-manager/pull/303)
* Add support for etcd 3.3.17 [#304](https://github.com/kopeio/etcd-manager/pull/304)
* Adding client usage extension for server cert (#305) [#306](https://github.com/kopeio/etcd-manager/pull/306)
* Add a check to renew certificates on startup if they expire in 60 days or less [#309](https://github.com/kopeio/etcd-manager/pull/309)
* Try github actions [#310](https://github.com/kopeio/etcd-manager/pull/310)
* Upgrade bazel to 2.2.0 [#311](https://github.com/kopeio/etcd-manager/pull/311)
* Update to go 1.13.10 [#314](https://github.com/kopeio/etcd-manager/pull/314)
* Bazel: update dependency [#316](https://github.com/kopeio/etcd-manager/pull/316)
* e2e tests should wait for cluster readiness [#318](https://github.com/kopeio/etcd-manager/pull/318)
* Remove old bazel versions from travis [#317](https://github.com/kopeio/etcd-manager/pull/317)
* Always renew certificates [#313](https://github.com/kopeio/etcd-manager/pull/313)
 2020-04-28 09:15:02 -04:00
Ciprian Hacman 3de48dad8b Add support for containerd v1.3.4 2020-04-20 06:11:37 +03:00
Martin Tomes 462ca78f2a Import package aliases modified 
Modified api -> kopsapi aliases of imports of k8s.io/kops/pkg/apis/kops
 2020-04-17 16:55:08 +02:00
Kubernetes Prow Robot 982496c539
Merge pull request #8930 from justinsb/enabled_to_pointer 
Change NodeLocalDNS Enabled to *bool
 2020-04-16 21:55:06 -07:00
Justin Santa Barbara f3a40cf87c Change NodeLocalDNS Enabled to *bool 
As discussed in #8780 so we differentiate between false and not-set.
Also tweak the comment.
 2020-04-17 00:09:35 -04:00
Ole Markus With 869ab75dea Use etcd-manager for the cilium etcd cluster 2020-04-16 08:42:59 +02:00
Ole Markus With d5019a6c11 Simplify the spec and templates a bit 2020-04-10 10:48:21 +02:00
Salvatore Mazzarino f754cbda7d NodeLocal DNSCache 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2020-04-10 10:44:53 +02:00
Ciprian Hacman 73903bcb3d Remove support for unreleased Docker 19.03.7 2020-04-06 17:34:59 +03:00
Ciprian Hacman 5c8cc493af Set default log level to "info" for containerd 2020-03-22 20:53:58 +02:00
Ciprian Hacman 99bec7e9a0 Use containerd 1.2.13 with Docker 19.03.8 2020-03-16 08:03:35 +02:00
Kubernetes Prow Robot e7846fd0db
Merge pull request #8402 from rdrgmnzs/etcd-setting-overwrite 
Allow users to overwrite etcd settings.
 2020-03-15 11:34:35 -07:00
Ciprian Hacman 3310885064 Update Docker to 19.03.8 for 1.18 2020-03-15 12:31:26 +02:00
Kubernetes Prow Robot 0a6dcce580
Merge pull request #8525 from hakman/docker-tgz 
Update support for docker tgz package
 2020-03-14 16:40:35 -07:00
Rodrigo Menezes 7e16cad334 Add test and rebase 2020-03-12 10:54:16 -07:00
Rodrigo Menezes 5901ba05fc updated to use #8455 2020-03-12 10:25:52 -07:00
Rodrigo Menezes 301463577e Allow users to overwrite etcd settings. 
Fix typo

fix env vars config  ordering
 2020-03-12 10:25:52 -07:00
tanjunchen b8020aa8fc remove // TODO path.Join here? 2020-03-09 14:13:22 +08:00
tanjunchen b6fd377af8 remove // TODO path.Join here? 2020-03-09 14:01:47 +08:00
Justin SB 280d8d7729
Update etcd-manager to 3.0.20200307 
Changelog:

* Allow overwriting etcd configs with env variables  [#296](https://github.com/kopeio/etcd-manager/pull/296)
* Update kops dependency to v1.16.0 [#302](https://github.com/kopeio/etcd-manager/pull/302)
 2020-03-07 18:55:15 -05:00
Ciprian Hacman a57aba01bf Update support for docker tgz package 2020-03-07 08:20:39 +02:00
Shukun c907df426a Resolve TODO in /pkg/model/component/context.go 2020-02-17 17:52:22 +09:00
Ciprian Hacman 7048755c0e Add support for containerd v1.3.3 2020-02-07 08:01:09 +02:00
Kubernetes Prow Robot 044196ac94
Merge pull request #8016 from bittopaz/ali-patch-6 
Alicloud: etcd-manager support
 2020-01-28 22:52:14 -08:00
Ciprian Hacman 5f930683ed Update support for Amazon Linux 2 2020-01-28 08:13:45 +02:00
mmerrill3 751ce5d19f Bump etcd-manager to 3.0.20200116 (#8310) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2020-01-23 11:09:14 -05:00
Kubernetes Prow Robot 77d6d381c3
Merge pull request #8327 from johngmyers/remove-code 
Remove code for unsupported Kubernetes versions
 2020-01-15 14:54:22 -08:00
John Gardiner Myers 83bdb3ef88 Remove code for unsupported k8s versions from pkg/model/components 2020-01-12 16:05:00 -08:00
Justin SB 4fe3db7faa
Don't share /etc/hosts when using etcd-manager 
With etcd-manager the DNS names should only be used by the
etcd-manager pod itself, so we don't need to share /etc/hosts with the
host.

By not sharing we avoid:

(1) the temptation to address etcd directly
(2) problems of concurrent updates to /etc/hosts being hard from within a container (because locking is difficult across bind mounts)

Introducing with kubernetes 1.17 to avoid changing behavior of existing versions.
 2020-01-12 11:56:14 -05:00
Ciprian Hacman 0781afdce7 Set a default version for containerd even with Kubernetes 1.17 2020-01-06 22:04:29 +02:00
tanjunchen 7e25f9831d nodeup/pkg/ pkg/ staticcheck 2019-12-31 15:03:39 +08:00
tanjunchen 8acb51e061 pkg/apis/ pkg/commands/ pkg/model/ staticcheck 2019-12-30 21:13:40 +08:00
Kubernetes Prow Robot adf659370c
Merge pull request #8170 from hakman/coninerd-add-1.2.4 
containerd: Use containerd 1.2.4 with Docker 18.09.3
 2019-12-27 09:29:38 -08:00
Kubernetes Prow Robot dd608e879b
Merge pull request #7770 from mitch000001/external-cloud-controller-feature-flag 
Guard External cloud controller manager with its feature flag
 2019-12-26 14:03:38 -08:00
Ciprian Hacman 760c7b06b4 Use containerd 1.2.4 with Docker 18.09.3 2019-12-23 19:26:38 +02:00
Ciprian Hacman f1ffd9a7f6 Rename config option contained.configFile to containerd.configOverride 2019-12-16 00:59:26 +02:00
Ciprian Hacman 92cd1842c6 Add support for containerd container runtime - generated 2019-12-15 21:37:57 +02:00
Ciprian Hacman 1a4d8bf49c Add support for containerd container runtime - tests 2019-12-15 21:37:57 +02:00
Ciprian Hacman 42b73b877d Add support for containerd container runtime 2019-12-15 21:37:57 +02:00
Kubernetes Prow Robot 11cec04bab
Merge pull request #7792 from tanjunchen/remove-some-unused-code 
remove unused functions and simplify return str
 2019-12-09 21:15:28 -08:00
Xiaoyu Zhong d81566482b Alicloud: etcd-manager support 2019-11-28 10:00:08 +08:00
陈谭军 e197b32b0e
Merge branch 'master' into remove-some-unused-code 2019-11-13 09:50:30 +08:00
Ciprian Hacman 3e07810e0b Update Docker version defaults 2019-11-09 07:11:52 +02:00
Justin SB 9108b69798
Update etcd-manager to 3.0.20191025 
Primarily for DigitalOcean support

Changes:

* fix issues in pr#253
* Update rules-docker to 0.12
* [DO-7442] Fix logic for Digital Ocean volume tag
* Update release process to use shipbot
* Move to go modules
* Update golang to 1.13.3
* travis: Test newer bazel versions
* Fix unit tests
* Test everything, not just //test
 2019-10-25 09:47:22 -04:00
Xiaoyu Zhong 002ddbb270 Alicloud: add hostname override 2019-10-16 21:53:40 +08:00
tanjunchen fa6d0130c8 remove unused functions and simplify return str 2019-10-15 23:54:10 +08:00
Justin SB b6862103bb
Change default port for memberlist from 3997 
We had a port collision on 3997; change the default memberlist ports
to avoid the collision (we haven't shipped a release with this in it).

Also create a go file so that we can use constants to keep track of
our port numbers, rather than magic values.
 2019-10-14 07:26:27 -04:00
Kubernetes Prow Robot 211d272f80
Merge pull request #7760 from tanjunchen/fix-up-unnecessary-newline 
remove the unnecessary newline and unused vars
 2019-10-13 09:18:36 -07:00
Michael Wagner bfe9b21213 fix(external-ccm): prevent core components to be misconfigured 
Previously when setting the external cloud controller manager
configuration the core components `kubelet`, `apiserver` and
`kubecontroller-manager` were configured to use the external cloud
controller manager. Without setting the feature flag
EnableExternalCloudController this lead to a cluster in which the
masters had the cloud controller taint
`node.cloudprovider.kubernetes.io/uninitialized` which prevents
essential pods, like dns-controller to not be scheduled and leaves a
cluster where worker nodes can't connect to the api server because they
cannot resolve its hostname.
 2019-10-10 21:38:50 +02:00
tanjunchen 279c429abd remove the unnecessary newline and unused vars 2019-10-08 22:43:10 +08:00
tanjunchen 28fdb358f8 fix-up staticcheck error 2019-10-08 13:53:04 +08:00
Kubernetes Prow Robot 5700b98bc2
Merge pull request #7713 from justinsb/update_etcd_manager_backup 
Update etcd-manager backup image
 2019-09-30 12:45:01 -07:00
Kubernetes Prow Robot bbe979f56e
Merge pull request #7710 from justinsb/update_etcd_manager 
Update etcd-manager with OpenStack fixes
 2019-09-30 12:44:53 -07:00
Justin SB 025fd44827
Update etcd-manager backup image 
Should be no changes in the backup image (so no need to backport), but
just want to sync up the versions so I don't forget it again!
 2019-09-30 13:40:24 -04:00
Justin SB e1be7aeba1
Update etcd-manager with OpenStack fixes 
etcd-manager changes:

* Use disk by id for mounting devices in OpenStack [zetaab](https://github.com/zetaab) [#253](https://github.com/kopeio/etcd-manager/pull/253)
 2019-09-30 13:15:27 -04:00
Jesse Haka 4ccad007ce mountcerts -> usehostcerts 2019-09-30 11:36:32 +03:00
Jesse Haka 352bc1eaa2 Allow to use custom rootCAs 2019-09-30 11:35:58 +03:00
Peter Rifel 1f4e9510f8 Remove unnecssary Sprintf 2019-09-27 12:51:19 -07:00
Justin SB 71fed5e6ff
Fix for tarball image names after 1.16 
Image names from 1.16 on include an architecture suffix,
e.g. "-amd64"; the generic alias continues to work when pulling, but
when loading from a tarball (i.e. running in CI) we must use the
per-architecture name.
 2019-09-26 10:20:54 -04:00
Kubernetes Prow Robot 070498ba2d
Merge pull request #7566 from srikiz/DO-7442-AddTagsForCreateVolumeRequest 
[DO-7442] Digital Ocean add consistent volume and droplet tags for multi master feature
 2019-09-16 08:22:38 -07:00
Srikanth 88850e2151 Additional review comments addressed, also reverted back to Replace instead of ReplaceAll 2019-09-12 15:31:55 +05:30
Srikanth a5cda6643c Address review comments 2019-09-12 10:38:48 +05:30
Srikanth 84da7d00ef Add tags for droplets and volumes 2019-09-12 00:27:12 +05:30
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 3fbc906cbc
Create env-var helper function 
Refactor to start to centralize the env-var configuration for system
components, also start to add test coverage so we can be sure we
haven't broken things!
 2019-09-02 10:26:09 -07:00