kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,460 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

193 Commits

Author SHA1 Message Date
Ciprian Hacman 75fac81273 Run hack/update-expected.sh 2022-05-02 10:33:26 +03:00
Ciprian Hacman 5b4daf85d0 Update etcd to v3.5.4 2022-05-02 10:32:13 +03:00
Ciprian Hacman 80493ed902 Update to etcd-manager 3.0.v3.0.20220417-19-g1140ce25 2022-05-02 10:31:05 +03:00
Kubernetes Prow Robot 6d264080ed
Merge pull request #13484 from olemarkus/no-bazel-targets 
Remove bazel targets and tools
 2022-04-17 23:16:41 -07:00
justinsb 3027943dd2 Use etcd 3.5.3 instead of 3.5.1 
3.5.3 includes the fixes for the potential etcd 3.5.x corruption
issues.
 2022-04-17 17:04:46 -04:00
Ciprian Hacman 0643271a97 Revert "Enable etcd corruption check as mitigatio of 3.5 corruption issue" 
This reverts commit 6d75f8f9f0.
 2022-04-17 18:34:49 +03:00
justinsb 74397b2a4f Update to etcd-manager 3.0.20220417 
In particular we want to pick up changes addressing the potential
corruption found in 3.5.0 - 3.5.2:

* Use etcd 3.5.3
* Pass the ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK for all 3.5 series
 2022-04-17 10:29:01 -04:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
Ole Markus With 6d75f8f9f0 Enable etcd corruption check as mitigatio of 3.5 corruption issue 2022-04-03 14:11:15 +02:00
Ole Markus With e657a1a0f2 Remap images to add digest to them 2022-03-26 18:40:21 +01:00
Ciprian Hacman 30404d64a2 Run hack/update-expected.sh 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 09:01:59 +02:00
Ciprian Hacman a4ed2b0654 Migrate to registry.k8s.io 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 08:47:12 +02:00
John Gardiner Myers 70f7d9bdb2 Use function to get cloud provider from cluster spec 2022-03-02 21:59:47 -08:00
justinsb 4f89c2e689 Update expected test output for etcd-manager bump 2022-02-03 11:21:54 -05:00
justinsb 97b7b90226 Update to etcd-manager v3.0.20220203 
Relevant changes:

* Only emit GOMAXPROCS if non-zero [justinsb](https://github.com/justinsb) [284](https://github.com/kubernetes-sigs/etcdadm/pull/284)
* Set ETCD_STRICT_RECONFIG_CHECK [justinsb](https://github.com/justinsb) [286](https://github.com/kubernetes-sigs/etcdadm/pull/286)
* environment: ignore empty lines when converting to map [justinsb](https://github.com/justinsb) [285](https://github.com/kubernetes-sigs/etcdadm/pull/285)
* Fix ipv6 detection [olemarkus](https://github.com/olemarkus) [291](https://github.com/kubernetes-sigs/etcdadm/pull/291)
* Test for nil in to not found check [olemarkus](https://github.com/olemarkus) [292](https://github.com/kubernetes-sigs/etcdadm/pull/292)
 2022-02-03 11:21:09 -05:00
Ole Markus With 6327cc378f Fix etcd-manager for ipv6 2022-02-03 12:59:26 +01:00
Ole Markus With af4d69cab3 Use etcd-manager pre-release until final release has been cut 2022-02-02 13:10:32 +01:00
Ole Markus With 994588c0fd Bump etcd-manager to v3.0.20220128 2022-01-30 07:13:32 +01:00
justinsb 45ad8b50ae Enhance AddHostPathMapping to support a fluent style 
This allows for the helper to be used in more places.
 2021-12-31 13:26:12 -05:00
John Gardiner Myers a0736b3c29 Remove support for Aliyun/Alibaba Cloud 2021-12-11 21:49:13 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers daca9fb2b8 Reissue client keypairs on issuer change 2021-11-27 15:24:36 -08:00
Ciprian Hacman 5f8af27efa Add support for etcd v3.5.1 2021-11-25 11:32:18 +02:00
Ciprian Hacman f740f0d493 Run hack/update-expected.sh 2021-11-25 11:32:12 +02:00
Ciprian Hacman d0291fe6f6 Update etcd-manager to v3.0.20211124 2021-11-25 11:30:26 +02:00
justinsb 0c696d41d3 Create supporting services in kops-controller for gossip-mode 
The intent is that we can then expose these via CoreDNS, so that
internal name resolution will work.
 2021-11-19 11:02:10 -05:00
justinsb 7995e8cc28 Update test data for etcd-manager bump 2021-11-18 11:49:14 -05:00
justinsb e2922a257d Bump etcd-manager version 2021-11-18 11:49:14 -05:00
Ciprian Hacman efe21a8d1b Run hack/update-expected.sh 2021-10-07 13:25:37 +03:00
Ciprian Hacman 78f136705e Update etcd-manager to 3.0.20211007 2021-10-07 13:25:37 +03:00
Peter Rifel ca044455a3
Remove critical-pod scheduler annotation. 
This is no longer recognized in all supported k8s versions (1.16+)

ea07644522/CHANGELOG/CHANGELOG-1.16.md (deprecations-and-removals)
 2021-09-22 21:14:50 -05:00
John Gardiner Myers be8933b577 Remove code for unsupported features 2021-08-28 13:49:55 -07:00
Ciprian Hacman fd08e2b047 Run hack/update-expected.sh 2021-07-08 22:12:12 +03:00
Ciprian Hacman 1e41439e36 Use etcd v3.5.0 for Kubernetes 1.22+ 2021-07-08 22:09:22 +03:00
John Gardiner Myers 186aaf6d96 hack/update-expected.sh 2021-07-01 14:45:32 -07:00
John Gardiner Myers 7162a7473a Remove dead code 2021-07-01 13:58:51 -07:00
John Gardiner Myers 2faf28379a Refactor etcd-client-cilium secrets 2021-06-25 23:57:23 -07:00
Ole Markus With f80b550c7a Use internal name for cilium etcd if we do not enable api server nodes 2021-06-16 08:27:26 +02:00
John Gardiner Myers e0915887ed Move asset copying out of apply_cluster 2021-06-05 21:17:50 -07:00
John Gardiner Myers fc4f0888ac hack/update-expected.sh 2021-06-02 23:02:17 -07:00
John Gardiner Myers 7c9e7e9286 Make Lifecycle field non-pointer 2021-06-02 23:02:16 -07:00
John Gardiner Myers 36f93d0069 hack/update-expected.sh 2021-05-07 23:40:03 -07:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Justin SB c1dd7e7698 Use etcd-manager built from etcdadm repo 
We can now use etcd-manager as built from the kubernetes-sigs/etcdadm
repo.
 2021-05-08 07:11:21 +03:00
Ciprian Hacman 689b76d0ff Mark control-plane node for update when etcd manager config changes 2021-05-02 08:50:42 +03:00
Ciprian Hacman 75047c6513 Mount /run inside etcd-manager pods for systemd mounts 2021-04-29 10:15:58 +03:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Otto Sulin 8fa6be1b03 Add etcd-manager discoveryPollInterval option 2021-03-04 09:35:05 +02:00
Justin SB 09f7f6f039 Update etcd-manager to 3.0.20210228 
Changes:

* Add user agent to etcd-manager requests [#395](https://github.com/kopeio/etcd-manager/pull/395)
* Add etcd-manager metrics, add openstack API metrics [#396](https://github.com/kopeio/etcd-manager/pull/396)
* Make discovery poll interval configurable [#397](https://github.com/kopeio/etcd-manager/pull/397)
* Add log levels to prevent too verbose logging [#394](https://github.com/kopeio/etcd-manager/pull/394)
 2021-02-28 20:41:30 -05:00
Barry Melbourne 659bfa0daf Update Controller Runtime Go module to v0.8.2 2021-02-25 20:34:12 +00:00
Ole Markus With e0c3490cc3 Add support for creating world-readable managedFiles 2021-02-09 21:06:28 +01:00
Justin SB 28f184f68a etcd-manager: Update to 3.0.20210122 
Upstream changes:

* Release notes for 3.0.20201209
* Handling hanging list command from etcd client during reconciliation loop
* Update dependencies to match kOps 1.19
* Include IPs in peer certificates
* Use etcd v3.4.13 in tests
* Eager-broadcast leadership on every leader iteration
* Update Go to 1.15.7
 2021-01-22 16:01:03 -05:00
Kenji Kaneda a61caea8d2 Add Azure support 
This commit contains all changes required to support Azure
(https://github.com/kubernetes/kops/issues/3957).
 2020-12-21 08:27:54 -08:00
Justin SB 1945a656a0 Remove deprecated ResourceHolder 
Cleaning up what is now dead code.
 2020-12-19 23:15:37 -05:00
Justin SB dc48ca6905 Update etcd-manager to 20201209 
Highlights:

* Fix arm64 images, which were built with an incorrect base image.
* Initial (experimental) Azure support

Full change list:

* Update Kops dependency for Azure Blob Storage support [#372](https://github.com/kopeio/etcd-manager/pull/372)
* Exclude gazelle from tools/deb-tools [#373](https://github.com/kopeio/etcd-manager/pull/373)
* Regenerate bazel in tools/deb-tools [#374](https://github.com/kopeio/etcd-manager/pull/374)
* Release notes for 3.0.20201202 [#375](https://github.com/kopeio/etcd-manager/pull/375)
* Remove travis CI [#377](https://github.com/kopeio/etcd-manager/pull/377)
* Fix vendor generation for tools/deb-tools subproject [#376](https://github.com/kopeio/etcd-manager/pull/376)
* Add script to verify image hashes [#380](https://github.com/kopeio/etcd-manager/pull/380)
* Fix some incorrect base image hashes for arm64 [#379](https://github.com/kopeio/etcd-manager/pull/379)
* Support Azure [#378](https://github.com/kopeio/etcd-manager/pull/378)
* Add more descriptions to wait loops [#383](https://github.com/kopeio/etcd-manager/pull/383)
* Rename fields in the azure client struct [#382](https://github.com/kopeio/etcd-manager/pull/382)
* Fix small typo in code comment [#381](https://github.com/kopeio/etcd-manager/pull/381)
 2020-12-09 09:30:44 -05:00
Justin SB 0ea98a1e87 Update etcd-manager to 3.0.20201202 
The important PR we want to pick up is 369, fixing a bug when
ListenMetricsURLS is set as an env var.

Full changelist:

* Release notes for 3.0.20201117 [#364](https://github.com/kopeio/etcd-manager/pull/364)
* Fix gofmt [#365](https://github.com/kopeio/etcd-manager/pull/365)
* Add gofmt check to github actions [#366](https://github.com/kopeio/etcd-manager/pull/366)
* Add boilerplate to tools/deb-tools/main.go [#367](https://github.com/kopeio/etcd-manager/pull/367)
* Do not set ListenMetricsURLS [#369](https://github.com/kopeio/etcd-manager/pull/369)
* Fix bazel formatting [#370](https://github.com/kopeio/etcd-manager/pull/370)
 2020-12-02 12:08:37 -05:00
Ciprian Hacman 4853bf982a Use etcd v3.4.13 for k8s v1.19+ 2020-11-20 14:25:22 +02:00
Justin SB d516fb7d9c Update etcd-manager to 3.0.20201117 
Release notes for 3.0.20201117:

* Release notes for 3.0.20200531
* Adds support for using OS application credentials
* Fixes usage of OpenStack Swift reauthentication
* Move from debian-hyperkube-base to debian-base
* Add license headers to each file
* Fix some typos picked up by verify-spelling
* Fix some problems with trailing spaces
* Add support for etcd 3.4.13
* Switch to gcr.io/cloud-marketplace-containers/google/debian10 - Fix
 for #340 option 1
* Support for ARM64
* BUG: OpenStack ignore AvailabilityZone in discovery
* Added full cinder ID to candidateDeviceNodes
* feat(etcd-manager-ctl): use backupname to delete backup instead of timestamp
* Update kops to pick up AllowAuth Openstack
* Build base image by raw expansion of deb packages
* Switch the cloudbuild docker image, locking to 2.2.0
* Fix build on case-insensitive file systems (MacOS)
* Set AltNames on server certificates
* govet: Fix a log message
 2020-11-17 22:03:30 -05:00
Anthony Stanton c117d8d924 feat: Make etcd-manager log verbosity configurable 2020-11-12 09:58:09 +01:00
John Gardiner Myers 2ac17bee69 Remove code for no-longer-supported k8s releases 2020-10-29 16:45:53 -07:00
Justin SB b158ffab04 Refactor: KopsModelContext embeds IAMModelContext 
go syntax makes this an annoying change, unfortunately.
 2020-08-25 11:22:34 -04:00
Peter Rifel dd75c1ed91
make apimachinery crds gomod, update-expected.sh 2020-08-24 10:58:09 -05:00
Peter Rifel 7d9f0a06cf
Update API slice fields to not use pointers 
This is causing problems with the Kubernetes 1.19 code-generator.
A nil entry in these slices wouldn't be valid anyways, so this should have no impact.
 2020-08-24 07:46:38 -05:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers ac13557e03 Add missing lifecycle to etcd keypair tasks 2020-07-11 22:27:53 -07:00
Kubernetes Prow Robot 0c62641dad
Merge pull request #9354 from johngmyers/refactor-certs-2 
Continue refactoring certs into nodeup
 2020-07-06 17:13:57 -07:00
Rodrigo Menezes 627b71557e Fix where etcd-cluster-spec is writen when etcd's BackupStore is defined - v2 2020-07-02 00:01:43 -07:00
John Gardiner Myers d2e270c844 update-expected.sh 2020-06-28 23:12:13 -07:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
Ciprian Hacman 564d3d4ddc Update etcd-manager to 3.0.20200531 2020-06-01 13:08:59 +03:00
Justin SB bb8c6b9fbe Update etcd-manager to 3.0.20200527 
Changes since 3.0.20200429:

* Use env vars to customize backup retention
* Use next attachment point when device already in use
* Simplify uploading backups
 2020-05-27 01:44:18 -04:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
Justin Santa Barbara 35c6056fb2 Create golden image test for nodeup kube-apiserver 
The building of the manifests for nodeup tasks can be a little opaque;
create a test to verify and expose what is happening.
 2020-05-18 06:42:16 -04:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
Justin SB 35a42c37e4 Add etcd 3.3.17 to supported etcd version list 2020-04-30 01:35:50 +00:00
Justin Santa Barbara 3f77222cf3 Update to etcd-manager 3.0.20200429 
Adds support for new AWS regions

Full changes

* Upgrade aws-sdk-go [#320](https://github.com/kopeio/etcd-manager/pull/320)
* Release notes for 3.0.20200428 [#319](https://github.com/kopeio/etcd-manager/pull/319)
 2020-04-29 08:33:19 -04:00
Justin Santa Barbara eb3ef1a9bb Update to etcd-manager 3.0.20200428 
Contains the workaround for 1-year certificate expiry.

Full changes

* Release notes for 3.0.20200307 [#303](https://github.com/kopeio/etcd-manager/pull/303)
* Add support for etcd 3.3.17 [#304](https://github.com/kopeio/etcd-manager/pull/304)
* Adding client usage extension for server cert (#305) [#306](https://github.com/kopeio/etcd-manager/pull/306)
* Add a check to renew certificates on startup if they expire in 60 days or less [#309](https://github.com/kopeio/etcd-manager/pull/309)
* Try github actions [#310](https://github.com/kopeio/etcd-manager/pull/310)
* Upgrade bazel to 2.2.0 [#311](https://github.com/kopeio/etcd-manager/pull/311)
* Update to go 1.13.10 [#314](https://github.com/kopeio/etcd-manager/pull/314)
* Bazel: update dependency [#316](https://github.com/kopeio/etcd-manager/pull/316)
* e2e tests should wait for cluster readiness [#318](https://github.com/kopeio/etcd-manager/pull/318)
* Remove old bazel versions from travis [#317](https://github.com/kopeio/etcd-manager/pull/317)
* Always renew certificates [#313](https://github.com/kopeio/etcd-manager/pull/313)
 2020-04-28 09:15:02 -04:00
Ole Markus With 869ab75dea Use etcd-manager for the cilium etcd cluster 2020-04-16 08:42:59 +02:00
Rodrigo Menezes 7e16cad334 Add test and rebase 2020-03-12 10:54:16 -07:00
Rodrigo Menezes 5901ba05fc updated to use #8455 2020-03-12 10:25:52 -07:00
Rodrigo Menezes 301463577e Allow users to overwrite etcd settings. 
Fix typo

fix env vars config  ordering
 2020-03-12 10:25:52 -07:00
Justin SB 280d8d7729
Update etcd-manager to 3.0.20200307 
Changelog:

* Allow overwriting etcd configs with env variables  [#296](https://github.com/kopeio/etcd-manager/pull/296)
* Update kops dependency to v1.16.0 [#302](https://github.com/kopeio/etcd-manager/pull/302)
 2020-03-07 18:55:15 -05:00
Kubernetes Prow Robot 044196ac94
Merge pull request #8016 from bittopaz/ali-patch-6 
Alicloud: etcd-manager support
 2020-01-28 22:52:14 -08:00
mmerrill3 751ce5d19f Bump etcd-manager to 3.0.20200116 (#8310) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2020-01-23 11:09:14 -05:00
Justin SB 4fe3db7faa
Don't share /etc/hosts when using etcd-manager 
With etcd-manager the DNS names should only be used by the
etcd-manager pod itself, so we don't need to share /etc/hosts with the
host.

By not sharing we avoid:

(1) the temptation to address etcd directly
(2) problems of concurrent updates to /etc/hosts being hard from within a container (because locking is difficult across bind mounts)

Introducing with kubernetes 1.17 to avoid changing behavior of existing versions.
 2020-01-12 11:56:14 -05:00
Xiaoyu Zhong d81566482b Alicloud: etcd-manager support 2019-11-28 10:00:08 +08:00
Justin SB 9108b69798
Update etcd-manager to 3.0.20191025 
Primarily for DigitalOcean support

Changes:

* fix issues in pr#253
* Update rules-docker to 0.12
* [DO-7442] Fix logic for Digital Ocean volume tag
* Update release process to use shipbot
* Move to go modules
* Update golang to 1.13.3
* travis: Test newer bazel versions
* Fix unit tests
* Test everything, not just //test
 2019-10-25 09:47:22 -04:00
Justin SB b6862103bb
Change default port for memberlist from 3997 
We had a port collision on 3997; change the default memberlist ports
to avoid the collision (we haven't shipped a release with this in it).

Also create a go file so that we can use constants to keep track of
our port numbers, rather than magic values.
 2019-10-14 07:26:27 -04:00
tanjunchen 279c429abd remove the unnecessary newline and unused vars 2019-10-08 22:43:10 +08:00
Kubernetes Prow Robot bbe979f56e
Merge pull request #7710 from justinsb/update_etcd_manager 
Update etcd-manager with OpenStack fixes
 2019-09-30 12:44:53 -07:00
Justin SB e1be7aeba1
Update etcd-manager with OpenStack fixes 
etcd-manager changes:

* Use disk by id for mounting devices in OpenStack [zetaab](https://github.com/zetaab) [#253](https://github.com/kopeio/etcd-manager/pull/253)
 2019-09-30 13:15:27 -04:00
Jesse Haka 4ccad007ce mountcerts -> usehostcerts 2019-09-30 11:36:32 +03:00
Jesse Haka 352bc1eaa2 Allow to use custom rootCAs 2019-09-30 11:35:58 +03:00
Kubernetes Prow Robot 070498ba2d
Merge pull request #7566 from srikiz/DO-7442-AddTagsForCreateVolumeRequest 
[DO-7442] Digital Ocean add consistent volume and droplet tags for multi master feature
 2019-09-16 08:22:38 -07:00
Srikanth 88850e2151 Additional review comments addressed, also reverted back to Replace instead of ReplaceAll 2019-09-12 15:31:55 +05:30
Srikanth a5cda6643c Address review comments 2019-09-12 10:38:48 +05:30
Srikanth 84da7d00ef Add tags for droplets and volumes 2019-09-12 00:27:12 +05:30
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 3fbc906cbc
Create env-var helper function 
Refactor to start to centralize the env-var configuration for system
components, also start to add test coverage so we can be sure we
haven't broken things!
 2019-09-02 10:26:09 -07:00
Srikanth 704d32a87f Go Fmt code 2019-08-20 07:18:30 +05:30