kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,379 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

5660 Commits

Author SHA1 Message Date
Kubernetes Prow Robot a105e74424
Merge pull request #14475 from johngmyers/normalize-sshkey 
Refactor to avoid looking up SSH keypairs twice
 2022-10-30 14:06:43 -07:00
John Gardiner Myers 25b7dc21fa Create NLB instead of CLB for bastion 2022-10-29 17:00:00 -07:00
John Gardiner Myers f568527c62 Refactor to avoid looking up SSH keypairs twice 2022-10-29 14:27:11 -07:00
Ciprian Hacman 1d53eba4b3 aws: Set the target group health check interval to 10s 2022-10-29 10:30:50 +03:00
John Gardiner Myers 63111f662a ipv6: NPE fixes for IPv6-only instances 2022-10-28 13:43:54 -07:00
John Gardiner Myers 183f217f08 ipv6: bastions need to go into dualstack subnets 2022-10-28 13:42:57 -07:00
Kubernetes Prow Robot 20b0595189
Merge pull request #14463 from HealthEngineAU/pod-identity-webhook-metrics-fix 
Fix Prometheus scraping for pod-identity-webhook
 2022-10-28 11:50:53 -07:00
Kubernetes Prow Robot 0aebcbc6d9
Merge pull request #14459 from pacoxu/master 
Stop applying the beta.kubernetes.io/os
 2022-10-28 10:46:31 -07:00
Kubernetes Prow Robot a3e521da92
Merge pull request #14466 from hakman/calico-3.24.3 
Update Calico and Canal to v3.24.3
 2022-10-28 09:50:32 -07:00
Ciprian Hacman 5aa9570c5c Update Canal to v3.24.3 for k8s 1.25+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman 29cd8be78f Update Calico to v3.24.3 for k8s 1.25+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman acd39b8085 Update Canal to v3.23.4 for k8s 1.22+ 2022-10-28 07:39:30 +03:00
Ciprian Hacman 48ebb20d83 Update Calico to v3.23.4 for k8s 1.22+ 2022-10-28 07:30:19 +03:00
Ciprian Hacman f9acd69eb4 Update Calico to v3.21.6 for k8s 1.16+ 2022-10-28 07:30:06 +03:00
Jim Barber 1253d15103 Fix Prometheus scraping for pod-identity-webhook 
The Service annotation for the pod-identity-webhook is asking Prometheus
to scrape its metrics from `https://` but this results in a HTTP 404 Not
Found response.
The pod-identity-webhook pods expose their metrics via HTTP on TCP port
9999 (the same port where the healthz checks go).
Therefore update the annotations to use `http://:9999` instead.
 2022-10-28 11:25:14 +08:00
Kubernetes Prow Robot 85036d24e6
Merge pull request #14461 from johngmyers/ipv6-fix 
ipv6: Tolerate multiple routes to the same NAT Gateway
 2022-10-27 14:48:30 -07:00
John Gardiner Myers 71246dbd9c Pick appropriate default image types for ARM images 2022-10-27 11:07:17 -07:00
John Gardiner Myers 49115bcc11 ipv6: Tolerate multiple routes to the same NAT Gateway 2022-10-27 11:07:17 -07:00
Ciprian Hacman 4e5ded6dc3 hetzner: Create cluster without DNS or Gossip 2022-10-27 11:29:37 +03:00
Paco Xu d632e39eae Stop applying the beta.kubernetes.io/os 2022-10-27 12:15:38 +08:00
Ciprian Hacman dfc8af28d5 Update containerd to v1.6.9 2022-10-27 05:13:51 +03:00
John Gardiner Myers d33551c20c Need to setup topology before control plane for IPv6 private topology 2022-10-25 22:27:05 -07:00
John Gardiner Myers 87dbab9062 Remove dead code 2022-10-22 22:05:18 -07:00
John Gardiner Myers 4b95aec920 Move GCE project under CloudProvider in v1alpha3 API 2022-10-21 15:59:20 -07:00
Kubernetes Prow Robot 4cf5418eb8
Merge pull request #14442 from olemarkus/webhook-pdb 
Fix pdb for identity webhook
 2022-10-21 11:27:52 -07:00
Ole Markus With 96a7c96c29 Fix pdb for identity webhook 
Also removing namespace from non-namespaced resource
 2022-10-21 19:03:41 +02:00
Ciprian Hacman dc98c74428 Move Gossip check to cluster struct 2022-10-21 09:48:07 +03:00
Bronson Mirafuentes b87fbc3853 add option to query AMIs IDs from SSM 2022-10-19 11:39:39 -07:00
Kubernetes Prow Robot 4546cafdcb
Merge pull request #14420 from olemarkus/roletaints-cloudup 
Move setting role taints to cloudup
 2022-10-18 05:29:19 -07:00
Ole Markus With cd378bff72 Move setting role taints to cloudup 2022-10-18 13:42:00 +02:00
Steven E. Harris 95f98896c7
promote-keypair: Block items without certificates 
Forbid the "kops promote keypair" command from promoting a key pair
item that lacks an associated X.509 certificate.

Along with that prohibition, refuse to store a key set in a VFS whose
primary key pair lacks a certificate. This allows us to continue
storing such key pairs, but we will never allow them to serve as the
primary key pair within the containing key set.
 2022-10-17 12:13:45 -04:00
Kubernetes Prow Robot 9e56f049b3
Merge pull request #14413 from TwoStone/patch-1 
Allow snapshot controller to create volumesnapshotcontent
 2022-10-17 02:49:08 -07:00
Kubernetes Prow Robot aebcae0568
Merge pull request #14419 from olemarkus/no-cluster-kubelet 
Remove usage of cluster kubelet config in nodeup
 2022-10-16 21:53:07 -07:00
Ole Markus With 950a69857d Remove usage of cluster kubelet config from nodeup 2022-10-16 21:04:20 +02:00
Jesse Haka c92f211862 bump Openstack ccm version 2022-10-16 21:02:24 +03:00
Niklas Walter 858bdbacfd
Allow snapshot controller to create volumesnapshotcontent 
For using dynamic provisioning of volumesnapshot the snapshot-controller has to be able to create volumesnapshotcontent objects at the cluster level.
When deploying the snapshot-controller as a kops addon the controller is not able to create volumesnapshotcontent object because it lacks the create permission.
This PR adds the create permission for the content objects, which should be the default according to https://github.com/kubernetes-csi/external-snapshotter/blob/v6.0.1/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml
 2022-10-15 00:54:38 +02:00
Ciprian Hacman 658a567dda Deprecate AWS Classic Load Balancer support for API 2022-10-12 11:18:30 +03:00
Kubernetes Prow Robot 7e38fd3715
Merge pull request #14408 from noony/upgrade-karpenter 
karpenter: upgrade to version 0.16.3 and support kubeReserved configuration
 2022-10-11 10:33:03 -07:00
Thomas Colomb e40239b241 fix typo kubeReserved not systemReserved and remove ec2:DescribeImages iam right not needed we use launch templates 2022-10-11 15:43:17 +02:00
Thomas Colomb a34939b5c0 karpenter: upgrade to version 0.16.3 and support kubeReserved configuration 2022-10-11 15:05:08 +02:00
Jesse Haka 9aba3e62b0 update k8s openstack 2022-10-11 10:12:08 +03:00
Jesse Haka 9fc29eec36 incr 1.24 version 2022-10-10 11:21:22 +03:00
Jesse Haka d459b2432a update k8s cloudprovider openstack images 2022-10-10 09:17:22 +03:00
justinsb 1472ae51ca Fix typo in format string 
Fixing Warning that should have been a Warningf
 2022-10-08 09:24:28 -04:00
Ole Markus With 18808486da Remove fsGroupPolicy as it is immutable 2022-10-05 18:23:10 +02:00
Ole Markus With 8e040a4082 Bump EBS CSI driver to 1.12.0 2022-10-05 08:56:48 +02:00
Kubernetes Prow Robot 4f34d8df11
Merge pull request #14379 from noony/cluster-autoscaler-config 
cluster-autoscaler : Add scaleDownUnneededTime and scaleDownUnreadyTime
 2022-10-04 12:39:54 -07:00
Kubernetes Prow Robot 36ecb5db2f
Merge pull request #14378 from noony/karpenter-ondemand-fallback 
Karpenter : fallback on ondemand instance by default
 2022-10-04 11:39:55 -07:00
Thomas Colomb e5ddd5b0c3 cluster-autoscaler : Add scaleDownUnneededTime and scaleDownUnreadyTime 2022-10-04 18:57:21 +02:00
Thomas Colomb 4800f29d19 Karpenter : fallback on ondemand instance by default 2022-10-04 11:10:13 +02:00
Ciprian Hacman 102c2d4720 Fix logic for pre-creating DNS records 2022-10-04 09:41:01 +03:00
Ciprian Hacman 78a41e2d72 Refactor NodeUp GossipBuilder to EtcHostsBuilder 2022-10-02 15:02:05 +03:00
Ciprian Hacman 85026145a1 Always infer gossip DNS from cluster name 2022-10-02 12:54:37 +03:00
Ole Markus With 788b9d7508 Fix json merge behavior so IG kubelet config takes precedence 
Update upup/pkg/fi/cloudup/populate_instancegroup_spec.go

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-09-29 10:49:24 +02:00
Ole Markus With 3cdfb0181b Nil clouds use amd64 2022-09-28 12:16:03 +02:00
Ole Markus With 8c12d5b035 When using kops create, set the provided machinetype in the written IG spec 2022-09-28 12:16:03 +02:00
Leïla MARABESE f155834bf7 protokube is operational 2022-09-28 11:17:05 +02:00
Kubernetes Prow Robot 5c0040baa8
Merge pull request #14339 from hakman/gossip_dns_validation_warning 
Set higher verbosity when logging Gossip DNS info
 2022-09-28 00:41:36 -07:00
Ciprian Hacman 26011ad579 hetzner: Fix metrics-server config to use internal IP 2022-09-28 08:40:00 +03:00
Ciprian Hacman 3ed1fd2d0b
Revert "Set metrics-server `--kubelet-preferred-address-types` by k8s version" 2022-09-28 07:39:00 +03:00
Ciprian Hacman dc60265868 Validate `--zones` flag earlier 2022-09-27 09:22:38 +03:00
Ciprian Hacman 1a3f894808 Set higher verbosity when logging Gossip DNS info 2022-09-26 18:10:02 +03:00
Ciprian Hacman a47815fbc6 Run hack/update-expected.sh 2022-09-26 15:22:02 +03:00
Ciprian Hacman d98b41ee4c Set metrics-server `--kubelet-preferred-address-types` by k8s version 2022-09-26 15:22:01 +03:00
Kubernetes Prow Robot d1af91fe7b
Merge pull request #14319 from hakman/nlb_access-log_changes 
Avoid spurious changes with NLB due to access log config
 2022-09-23 19:08:04 -07:00
Ciprian Hacman ff40d18a7d Avoid spurious changes with NLB due to access log config 2022-09-23 20:57:57 +03:00
Ciprian Hacman 1eb35d9686
Release 1.26.0-alpha.1 (#14311) 2022-09-21 01:28:54 -07:00
Kubernetes Prow Robot d2f8b98f94
Merge pull request #14309 from hakman/hetzner_ccm_config 
Hetzner: Generate CCM args from external CCM config
 2022-09-21 00:36:53 -07:00
Ciprian Hacman d8b92aafae hetzner: Generate CCM args from external CCM config 2022-09-21 08:17:32 +03:00
Ole Markus With 4f0d04ee75 Bump oldest allowed and oldest recommended k8s versions 2022-09-19 19:12:53 +02:00
Ole Markus With 74afb7aed0 Remove checks for k8s < 1.21 2022-09-19 19:12:53 +02:00
Kubernetes Prow Robot c78bdf0d98
Merge pull request #14299 from hakman/hetzner_remove_featureflag 
hetzner: Move out of alpha and drop feature flag
 2022-09-19 01:22:30 -07:00
Ciprian Hacman 81b4bb0717 hetzner: Move out of alpha and drop feature flag 2022-09-19 10:35:19 +03:00
Ciprian Hacman a32a3dc8bb Update Hetzner CCM to v1.13.0 2022-09-19 09:19:59 +03:00
Kubernetes Prow Robot d8ce157d81
Merge pull request #14294 from hakman/hetzner_network_id 
Add support for using an existing network for Hetzner
 2022-09-18 03:52:28 -07:00
Ciprian Hacman c783aa357d Add support for using an existing network for Hetzner 2022-09-18 12:35:23 +03:00
Ole Markus With e5d33401dc Remove k8s GTE 1.20 checks as it is always true 2022-09-17 20:17:23 +02:00
Ole Markus With 22687c48c2 Bump tests to supported k8s version 2022-09-17 20:17:15 +02:00
Ole Markus With 16c60a1a0c Change mock region/subnet names to match mockCloud 2022-09-17 13:14:30 +02:00
Ole Markus With 0dd0aef1ea Add test for ensuring taints are merged correctly 2022-09-17 08:15:32 +02:00
Ciprian Hacman 5b06da5ea6 Delete the oldest servers when over the desired count for Hetzner 2022-09-16 11:38:14 +03:00
Moshe Shitrit ecc9077ed4 hack/update-expected 2022-09-13 08:16:10 -04:00
Moshe Shitrit 03bc54e0d6 remove 'get' from aws-cni clusterRole to reflect https://github.com/aws/amazon-vpc-cni-k8s/pull/2058 2022-09-13 08:13:35 -04:00
Moshe Shitrit 2f1d6493aa hack/update-expected 2022-09-12 22:18:20 -04:00
Moshe Shitrit 731ebc2454 bump aws-cni to version 1.11.4 2022-09-12 22:15:36 -04:00
Kubernetes Prow Robot 34e086ff4a
Merge pull request #14260 from olemarkus/deverbose 
Bump verbosity level for some log statements
 2022-09-11 07:57:23 -07:00
Ole Markus With 33fa4de890 Bump verbosity level for some log statements 2022-09-11 16:15:28 +02:00
Ole Markus With f5e0feab5f Fix CAS cordon flag 2022-09-10 20:15:25 +02:00
Anthony Hausman af1ab751fd
aws-node-termination-handler: Add option to fetch node name through Kubernetes node `.spec.providerID` 
Fetch node name through Kubernetes node `.spec.providerID` since Kops use InstanceID as node name.
 - 701db81ccf
 2022-09-08 07:00:48 +02:00
Kubernetes Prow Robot 3980383aa1
Merge pull request #13853 from akkina2107/Truncate-cluster-name 
Fix openstack tag limitation
 2022-09-06 12:56:23 -07:00
Daniel Franca cdd0013b1f
Add support to --cordon-node-before-terminating on the cluster autoscaler addon (CordonNodeBeforeTerminating) 2022-09-06 17:03:24 +02:00
Kubernetes Prow Robot cec34dc935
Merge pull request #14233 from justinsb/gce_controlplane_type 
GCE: change default control-plane instance type to e2-medium
 2022-09-06 00:25:07 -07:00
Kubernetes Prow Robot d4b72f394a
Merge pull request #14229 from olemarkus/cert-manager-hostedzones 
Allow cert-manager the privileges needed to resolve dns-01 challenges
 2022-09-06 00:24:56 -07:00
Kubernetes Prow Robot 75f541172d
Merge pull request #14226 from hakman/flannel-0.19.2 
Update Flannel to v0.19.2
 2022-09-05 12:17:01 -07:00
justinsb 98f990fea6 GCE: change default control-plane instance type to e2-medium 
This better matches the AWS machine, which is also a burstable 2 core
machine.  Without this pods sometimes fail to schedule on single core
machines.
 2022-09-05 10:44:50 -04:00
Ole Markus With 6548ca6ca7 Don't add add IAM vars to manifest if service account is not being created 
In the case IRSA is optional for an addon, we shouldn't unconditinally add the IRSA bits to the manifest.
This is also a clean up. We no longer need to expand the list of well-known SAs as we already know which roles are being built
 2022-09-04 08:28:32 +02:00
Ole Markus With 3518182e44 Add support for cert-manager dns-01 challenges 2022-09-04 08:19:22 +02:00
Ciprian Hacman c4decc2d11 Update Flannel to v0.19.2 2022-09-03 12:18:08 +03:00
Ciprian Hacman 083947b7fe Update Canal to v3.24.1 2022-09-03 10:58:07 +03:00
Ciprian Hacman 6a5ba584c5 Update Calico to v3.24.1 2022-09-03 10:58:06 +03:00