kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,877 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1317 Commits

Author SHA1 Message Date
John Gardiner Myers 0aba1a24b9 Move ClusterConfigBase into CloudupSubContext 2022-12-18 13:40:02 -08:00
John Gardiner Myers 7fcd55737a Remove unused fields from fi.Context 2022-12-18 13:40:02 -08:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
justinsb 5fde739814 Introduce context.Context into some of our "Context" objects 
The rule of thumb is that we shouldn't be embedding a context.Context,
but it is reasonable when the lifetime is similar and when the
refactor would otherwise be unacceptably large.

This is a minimal way to introduce it, based on adding the support
needed in the GCS support for serviceAccountIssuerDiscovery.  We will
need to plumb through the context in many more places over time.
 2022-12-12 09:56:09 -05:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Leïla MARABESE 1bacbd591a fixed etcd + added machine type 2022-12-05 14:40:28 +01:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
John Gardiner Myers 76f71512cc v1alpha3: fix miscellaneous capitalization 2022-11-28 21:37:21 -08:00
John Gardiner Myers 6536c0b301 v1alpha3: use new terminology for kubelet config 2022-11-25 16:53:23 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
John Gardiner Myers 5fca16aa30 v1alpha3: Move API-related settings under API 2022-11-19 10:27:12 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
John Gardiner Myers 8473e8b2e7 Stop making MasterInternalName configurable 2022-11-16 22:06:02 -08:00
Kubernetes Prow Robot 6f2ded7fb2
Merge pull request #14501 from hakman/kops-controller_for_config 
Boot nodes without state store access
 2022-11-16 08:32:50 -08:00
John Gardiner Myers 0e981b1728 Remove dead code 2022-11-15 12:40:43 -08:00
Ciprian Hacman 18b5dcd297 Boot nodes without state store access 2022-11-15 14:40:14 +02:00
Ciprian Hacman 0e2cc7e0cc Rename BootConfig.APIServer to BootConfig.APIServerIP 2022-11-15 14:40:14 +02:00
Ciprian Hacman 22f73d0384 Use local API server on control plane nodes for clusters without DNS 2022-11-13 08:52:53 +02:00
Ciprian Hacman f30f9e92d9 azure: Use chrony instead of timesyncd 2022-11-08 22:30:34 +02:00
John Gardiner Myers 64be690211 Update TopologySpec for v1alpha3 API 2022-11-06 09:10:38 -08:00
Ciprian Hacman a997976642 Add /etc/hosts entry for kops-controller when using it for node bootstrap 2022-11-03 17:14:35 +02:00
Ciprian Hacman c9d1eb9761 hetzner: Use kops-controller for node bootstrap 2022-11-02 12:43:25 +02:00
Kubernetes Prow Robot 2c4808c5bd
Merge pull request #14440 from hakman/hetzner_no-dns_master 
hetzner: Create cluster without DNS or Gossip
 2022-11-02 02:02:47 -07:00
John Gardiner Myers c53c3bf8f8 Update images in tests 2022-11-01 17:04:43 -07:00
Ciprian Hacman 4e5ded6dc3 hetzner: Create cluster without DNS or Gossip 2022-10-27 11:29:37 +03:00
John Gardiner Myers 87dbab9062 Remove dead code 2022-10-22 22:05:18 -07:00
Ciprian Hacman dc98c74428 Move Gossip check to cluster struct 2022-10-21 09:48:07 +03:00
Ole Markus With cd378bff72 Move setting role taints to cloudup 2022-10-18 13:42:00 +02:00
Ole Markus With 950a69857d Remove usage of cluster kubelet config from nodeup 2022-10-16 21:04:20 +02:00
Ole Markus With abb9da1ed3 Remove nodeup merge test 
Merging has happened in cloudup for quite some time
 2022-10-16 19:59:48 +02:00
Kubernetes Prow Robot 197110947b
Merge pull request #14369 from olemarkus/fix-rp-filter 
Disable rp_filter on cilium hosts
 2022-10-02 12:14:13 -07:00
Ole Markus With 30f1ba7922 Disable rp_filter on cilium hosts 2022-10-02 19:41:30 +02:00
Ciprian Hacman 78a41e2d72 Refactor NodeUp GossipBuilder to EtcHostsBuilder 2022-10-02 15:02:05 +03:00
Ciprian Hacman 85026145a1 Always infer gossip DNS from cluster name 2022-10-02 12:54:37 +03:00
Ole Markus With a1678ad9bd Fix stringSliceEqual function when strings are out of order 2022-09-29 10:49:28 +02:00
Leïla MARABESE 01d480de8b added scaleway to v1alpha3 2022-09-26 13:55:44 +02:00
Leïla MARABESE 0fa996890d featureflag and env vars for nodeup ready for testing 2022-09-26 13:55:08 +02:00
Ole Markus With 74afb7aed0 Remove checks for k8s < 1.21 2022-09-19 19:12:53 +02:00
Ole Markus With e5d33401dc Remove k8s GTE 1.20 checks as it is always true 2022-09-17 20:17:23 +02:00
Ole Markus With 22687c48c2 Bump tests to supported k8s version 2022-09-17 20:17:15 +02:00
Ole Markus With 0daca07a6b Use specific deb repos based on closest LTS release 2022-08-25 14:46:22 +02:00
Ole Markus With 4a3274bb5a Update expected 2022-08-20 15:36:39 +02:00
Ole Markus With 1955a8cef3 Set podManifestPath for nodeup model tests 2022-08-20 15:35:17 +02:00
Ole Markus With 86be353777 Use testhelper for generating test IG 2022-08-20 15:34:22 +02:00
Ole Markus With 24d6b8f5fc Return error if podManifestPath has not been set 2022-08-20 15:34:22 +02:00
Ole Markus With d4ea445f24 Remove redundant buildKubeletConfig function 2022-08-20 15:34:22 +02:00
Ole Markus With a34e75b0e0 Always disable rp_filter when using cilium 2022-08-17 08:48:45 +02:00
AkiraFukushima 2ced5ce287
Disable some flags in kube-controller-manager and kube-scheduler when logging-format is not text 
Disable these flags because these are not accepted.
* --logtostderr
* --alsologtostderr
* --log-file
 2022-08-12 01:11:57 +09:00
justinsb a64a0d8c04 Upgrade KubeSchedulerConfiguration to v1beta2 in a few tests 
Avoids examples using unsupported versions.
 2022-08-03 15:22:49 -04:00
justinsb 9bb1d3e114 Configuration file for kube-scheduler 
We generate a kube-scheduler configuration file in the kops CLI, and
nodeup will use it if provided (instead of generating one).

We put the configuration file into the fileAssets.

Users can provide a kube-scheduler configuration in additional
objects, and this will be used as the base configuration (we add the
kubeconfig path).

Issue #13352

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-08-03 09:51:05 -04:00
Kubernetes Prow Robot dba1e5d594
Merge pull request #14017 from infonova/add-occm-networking-config-options 
Allow configuring OpenStack CCM networking options
 2022-07-31 11:06:28 -07:00
Ole Markus With e7a77e808b Use cabundle for etcd CA files 2022-07-28 22:27:19 +02:00
ederst 8b9521b225 Allow configuring OpenStack CCM networking options 2022-07-21 22:44:37 +02:00
Rémy Léone 80d2d53643 fix tenv linter 2022-06-15 18:06:28 +02:00
Ciprian Hacman 57be0cbdfd Remove unneeded kube-proxy service account 2022-06-10 14:03:16 +03:00
Eric Bailey 34caed893b Add support for setting mode field on file assets 2022-06-09 10:37:29 -05:00
Ole Markus With 921d1b8ce0 OIDC flags are no longer optional 2022-06-07 15:45:56 +02:00
Peter Rifel 827326b860
Only rewrite to k8s.gcr.io until k8s 1.25 
1.25 is when official images have been migrated to registry.k8s.io, so we only need to rewrite until 1.25
 2022-06-06 20:20:42 -05:00
Ciprian Hacman 4553d7bab5 Remove unused DNS logic from Protokube 2022-05-28 07:42:21 +03:00
Ciprian Hacman fcb6ac3834 Add load balancer support for Hetzner 2022-05-11 09:44:46 +03:00
Ciprian Hacman b5f14b589b Add initial support for Hetzner Cloud 2022-05-09 06:12:15 +03:00
Kubernetes Prow Robot 89faa0a865
Merge pull request #13590 from hakman/additional_packages 
Add support for installing additional packages
 2022-05-03 07:27:55 -07:00
Ciprian Hacman 0b095068f3 Add support for installing additional packages 2022-05-03 06:47:44 +03:00
Ciprian Hacman 178cf89324 Don't install nfs-common/nfs-utils by default 2022-05-03 04:29:23 +03:00
Peter Rifel 569180f54b
Re-add net.bridge settings for flannel 
This was originally only set on Centos 7 / RHEL 7 but we're experiencing similar issues on Amazon Linux 2
 2022-04-27 20:45:25 -05:00
Kubernetes Prow Robot 9df1505cbd
Merge pull request #13553 from hakman/ubuntu_root 
Creaate kubeconfig for the root user on Ubuntu
 2022-04-24 19:55:39 -07:00
Ciprian Hacman bb8bd5ae27 Always set cluster-id flag for Protokube 2022-04-24 18:28:37 +03:00
Ciprian Hacman 6a51577cb0 Creaate kubeconfig for the root user on Ubuntu 2022-04-24 10:45:37 +03:00
Ole Markus With 8423d49bf3 Add control-plane taint and remove master node-role label 2022-04-18 13:56:13 +02:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
John Gardiner Myers aff5f587f3 Move Openstack settings to cloudProvider.openstack 2022-04-07 10:04:19 -07:00
Kubernetes Prow Robot 5cbb338528
Merge pull request #13065 from johngmyers/move-azure 
Move Azure settings to cloudProvider.azure
 2022-04-07 09:37:57 -07:00
Ciprian Hacman 759172c3f0 Use k8s.gcr.io for k8s side-loaded images 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-23 12:15:57 +02:00
Ciprian Hacman 30404d64a2 Run hack/update-expected.sh 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-18 09:01:59 +02:00
John Gardiner Myers 591dd1aba9 Move Azure settings to cloudProvider.azure 2022-03-03 15:18:23 -08:00
John Gardiner Myers cac727c357 Make cloudProvider a struct in v1alpha3 API 2022-03-02 21:59:49 -08:00
John Gardiner Myers 70f7d9bdb2 Use function to get cloud provider from cluster spec 2022-03-02 21:59:47 -08:00
Vivek Jain 503b73747d
Append policy config map arguments only if UsePolicyConfigmap is true (#13308) 
* check if UsePolicyConfigMap flag is true

* use suggested changes

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-03-02 20:44:48 -08:00
Kubernetes Prow Robot 49776c1924
Merge pull request #13264 from h3poteto/iss-13245 
Disable some flags in kube-apiserver when logging-format is not text
 2022-02-17 01:05:36 -08:00
AkiraFukushima 313cc69127
Disable some flags in kube-apiserver when logging-format is not text 
Disable these flags because these are not accepted.
* --logtostderr
* --alsologtostderr
* --log-file
 2022-02-17 00:41:06 +09:00
Ciprian Hacman 5746093297 Install contained from the release package 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-02-14 11:27:26 +02:00
Ole Markus With 19bce47653 Fix nilpointer when graceful shutdown is not configured 2022-02-13 21:11:07 +01:00
Ciprian Hacman dfd0f49594 Install runc from opencontainers/runc 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-02-12 14:02:43 +02:00
Ole Markus With 2625264fe5 Add support for graceful node shutdown 
Update docs/cluster_spec.md

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2022-02-11 20:51:02 +01:00
Ole Markus With 66e3202f34 Fix CSI migration feature gates 
We had a bug for KCM feature gate, and the scheuler and apiserver gate was missing entirely.
 2022-02-04 15:29:28 +01:00
Ciprian Hacman 68b4611066 Clean up kubelet networking flags for dockershim 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-01-19 17:36:18 +02:00
Ciprian Hacman bf82a8f260 Update pause image to v3.6 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-01-19 13:00:36 +02:00
justinsb 45ad8b50ae Enhance AddHostPathMapping to support a fluent style 
This allows for the helper to be used in more places.
 2021-12-31 13:26:12 -05:00
Kubernetes Prow Robot 47e6acd09f
Merge pull request #13039 from olemarkus/kube-proxy-label 
Add managed-by label to static kube-proxy pods
 2021-12-27 16:26:18 -08:00
Ole Markus With 8794b84368 Add managed-by label to static kube-proxy pods 2021-12-27 17:23:28 +01:00
Ole Markus With 4a1e43526f Kube components log to stdout 2021-12-27 14:59:06 +01:00
Kubernetes Prow Robot 2f31054e19
Merge pull request #13007 from hakman/skip_non-masquerade-cidr 
Use kubelet --non-masquerade-cidr only for Docker with kubenet
 2021-12-21 18:49:36 -08:00
Kubernetes Prow Robot 28dc7d2815
Merge pull request #12917 from olemarkus/cgroups 
Create cgroups for kube and runtime if configured
 2021-12-20 12:53:33 -08:00
justinsb 8d7f4485db staticcheck cleanup: fixup nodeup/pkg/model 
These pop up in VSCode and are pretty simple to fix:

```
nodeup/pkg/model/cloudconfig_test.go:86:17: possible nil pointer dereference (SA5011)
        nodeup/pkg/model/cloudconfig_test.go:83:5: this check suggests that the pointer can be nil
nodeup/pkg/model/cloudconfig_test.go:155:17: possible nil pointer dereference (SA5011)
        nodeup/pkg/model/cloudconfig_test.go:152:5: this check suggests that the pointer can be nil
nodeup/pkg/model/sysctls.go:172:12: error strings should not be capitalized (ST1005)
nodeup/pkg/model/sysctls.go:184:12: error strings should not be capitalized (ST1005)
nodeup/pkg/model/volumes.go:59:11: error strings should not be capitalized (ST1005)
```
 2021-12-20 10:36:54 -05:00
Ole Markus With 166860b668 Create cgroups for kube and runtime if configured 2021-12-20 13:36:45 +01:00
Ciprian Hacman cb6d424675 Use kubelet --non-masquerade-cidr only for Docker with kubenet 2021-12-20 08:47:02 +02:00
Robbie Lankford b5b87b19af
remove ineffectual assignment; this codeblock should likely have been removed with commit e19a1bbad9 2021-12-12 18:16:42 -06:00
John Gardiner Myers c5e1dea184 Remove code for no-longer-supported k8s version 2021-12-11 16:30:51 -08:00
John Gardiner Myers ed5eb8c034 hack/update-expected.sh 2021-12-11 15:50:46 -08:00
John Gardiner Myers 63955f84d9 Bump unsupported k8s version for tests 2021-12-11 15:50:46 -08:00
Kubernetes Prow Robot c073ff595b
Merge pull request #12923 from justinsb/nodeup_store_cloudprovider 
nodeup: store the CloudProvider in the context
 2021-12-11 08:37:57 -08:00
justinsb 03cbb0381b tests: Improve logging on test failure 
I encountered a test failure that was hard to track down; this
additional logging on failure helped me figure it out.
 2021-12-11 09:17:08 -05:00
justinsb 8220211655 nodeup: store the CloudProvider in the context 
This is a bit simpler than fetching it from the cluster every time,
and also can allow things like mixed-cloud clusters (in future).
 2021-12-11 09:16:03 -05:00
Ole Markus With 2088849768 Do not set insecure port on k8s 1.20+ 2021-12-11 12:44:56 +01:00
Kai Lueke d93033ae75 Simplify Flatcar containerd exec command 
The containerd command used in
https://github.com/kubernetes/kops/pull/12177 is a modification from
the torcx containerd unit. However, how torcx starts containerd is a
implementation detail and it's better to not hardcode torcx in case it
isn't used anymore.
Change the ExecStard command to use /usr/bin/containerd directly,
making it simpler and more future-proof.
 2021-12-06 14:07:39 +01:00
Kubernetes Prow Robot f7e66049d6
Merge pull request #12862 from johngmyers/instanceid-nodename 
Use instance ID as node name when AWS CCM supports it
 2021-12-05 14:58:32 -08:00
justinsb 4cf52d0e51 GCE: Support kops-controller, including in gossip mode 
We discover the kops-controller in gossip mode using seeding code that
calls into the GCE API, just like gossip itself does.

We refactor the gossip code into a shared gcediscovery library with
minimal dependencies.
 2021-12-04 11:51:41 -05:00
Kubernetes Prow Robot 576dc1946a
Merge pull request #12883 from hakman/k8s-1.23.0-rc.0 
Update k8s dependencies to v1.23.0-rc.0
 2021-12-03 20:48:33 -08:00
Ciprian Hacman 1f5a814d3a Replace Handler with ProbeHandler for container probes 2021-12-03 22:57:43 +02:00
Ciprian Hacman e19a1bbad9 Remove support for RHEL/CentOS 7 2021-12-03 21:40:10 +02:00
Ciprian Hacman 45094241f6 Remove support for Ubuntu 16.04 2021-12-03 21:28:12 +02:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers 73f164e229 Use instance ID as node name when AWS CCM supports it 2021-11-30 17:54:54 -08:00
Ole Markus With f2f9b9dcbb Determine hostnameOverride entirely in nodeup instead of passing in cloud placeholders from cloudup 2021-11-30 13:29:54 +01:00
Ole Markus With 91b40385e6 Remove redundant evaluation of hostnameOverride 
The override is already resolved in upup/pkg/fi/nodeup/command.go
 2021-11-30 11:22:02 +01:00
John Gardiner Myers ef754ce71f Make requests and limits be *resource.Quantity 2021-11-29 22:50:31 -08:00
Kubernetes Prow Robot 2b059a06d3
Merge pull request #12844 from bwagner5/metadata-hostname 
Use AWS metadata to retrieve local-hostname in nodeup
 2021-11-27 07:10:41 -08:00
Brandon 652eea951c update bazel 2021-11-26 23:33:51 -06:00
Brandon 4bc48fc7b6 use metadata to retrieve instance hostname in nodeup 2021-11-26 19:24:04 -06:00
John Gardiner Myers e4bad43098 Reverse the sense of hook enablement in v1alpha3 2021-11-25 18:45:13 -08:00
Kubernetes Prow Robot 0e56286aa3
Merge pull request #12816 from johngmyers/rename-fields-2 
Rename fields to fit acronym conventions
 2021-11-24 23:14:33 -08:00
John Gardiner Myers 03157c5894 hack/update-expected.sh 2021-11-24 17:46:00 -08:00
Kubernetes Prow Robot a8289da46e
Merge pull request #12789 from WeTransfer/dnsopt 
Add support for --dns flag in Docker config
 2021-11-24 08:18:20 -08:00
John Gardiner Myers b9ac79ec6e Rename fields in v1alpha3 networking API to fit acronym convention 2021-11-22 08:07:55 -08:00
John Gardiner Myers f4d2cb0437 Rename fields in v1alpha3 keyset API to fit acronym convention 2021-11-22 08:07:55 -08:00
John Gardiner Myers f65ba3d9cd Rename fields in v1alpha3 componentconfig API to fit acronym convention 2021-11-21 16:16:32 -08:00
John Gardiner Myers 5a42c10fd3 Rename fields in v1alpha3 cluster API to fit acronym convention 2021-11-21 16:16:32 -08:00
Jeff Wolski a9ecfa47b5 Add support for --dns flag in Docker config 
This commit adds support for the --dns flag which is provided as a
Docker daemon startup flag. The flag is used to set the IP address of
the DNS server that the daemon injects into containers. Multiple --dns
flags are supported.
 2021-11-19 10:02:12 +01:00
Kubernetes Prow Robot 6c6ea761b0
Merge pull request #12712 from rifelpet/kube-proxy-go-runner 
Migrate kube-proxy manifest to use go-runner for logging
 2021-11-18 06:15:02 -08:00
Kubernetes Prow Robot 2c9183509d
Merge pull request #12699 from zetaab/hostnamesuffix 
Add ingress hostname suffix configurable to kOps
 2021-11-16 07:13:27 -08:00
Ole Markus With bb490decb5 Do not return error when there is no error checking for cgroupfs 2021-11-15 11:15:55 +01:00
Kubernetes Prow Robot 0176f079e7
Merge pull request #12726 from johngmyers/revert-leader-migration 
Revert leader migration
 2021-11-12 22:50:48 -08:00
John Gardiner Myers 561b562a65 Revert "Update automatically generated files" 
This reverts commit 3d5d5b38d6.
 2021-11-12 22:07:18 -08:00
Eng Zer Jun 425173ae9f
refactor: move from io/ioutil to io and os packages 
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-11-12 15:37:18 +08:00
Peter Rifel 90d9b4e54e
Migrade kube-proxy manifest to use go-runner for logging 2021-11-11 17:14:40 -06:00
Jesse Haka 5a5390335e fix 2021-11-09 10:40:30 +02:00
Jesse Haka 5af63f0fe8 Add ingress hostname suffix configurable to kOps 2021-11-09 10:22:05 +02:00
Kubernetes Prow Robot e230cc95aa
Merge pull request #12676 from johngmyers/leader-migration 
Migrate to AWS CCM in k8s 1.24
 2021-11-05 23:14:51 -07:00
Ciprian Hacman 5ec40c0c32 Use chrony for synchronizing time in Ubuntu 2021-11-04 10:20:41 +02:00
John Gardiner Myers 3d5d5b38d6 Update automatically generated files 2021-11-02 23:08:03 -07:00
Peter Rifel 3442f95d59
Revert "Migrade kube-proxy manifest to use go-runner for logging" 
This reverts commit b0e585c751.
 2021-11-02 06:48:01 -05:00
Peter Rifel b0e585c751
Migrade kube-proxy manifest to use go-runner for logging 2021-11-01 17:01:19 -05:00
Ciprian Hacman d1375353b0 Enable Router Advertisements for Debian 11 on ens* interfaces 2021-10-31 15:16:10 +02:00
John Gardiner Myers 5447fa62e0 Prohibit masquerading in IPv6 clusters 2021-10-30 12:57:07 -07:00
Ciprian Hacman 91e215de96 Enable Router Advertisements for Debian 11 2021-10-30 10:22:43 +03:00
John Gardiner Myers 7cb4fbe91e Never masquerade IPv6 with Cilium 2021-10-27 23:40:02 -07:00
Ciprian Hacman 2f4bdde429 Respect any MaxPods value the user sets explicitly 
even for AWS VPC CNI.
 2021-10-25 06:39:34 +03:00
Kubernetes Prow Robot 03044b79a6
Merge pull request #12587 from justinsb/chrony_on_ubuntu_gce 
GCE: use chrony on Ubuntu + GCE
 2021-10-23 14:02:21 -07:00
Kubernetes Prow Robot 6cf33f74a0
Merge pull request #12554 from justinsb/nodeup_gossip_seed 
gossip: Seed /etc/hosts in nodeup
 2021-10-23 13:16:32 -07:00
justinsb f54cf000fd GCE: use chrony on Ubuntu + GCE 
Ubuntu on GCE has systemd-timesyncd masked, and recommends (and
preconfigures) chrony instead.
 2021-10-23 13:36:50 -04:00
justinsb 71264d5fec gossip: Seed /etc/hosts in nodeup 
In some scenarios (e.g. cilium), we rely on the internal DNS name
being available, but this isn't the case with gossip clusters.

nodeup can seed /etc/hosts for the control-plane nodes, breaking the
deadlock.
 2021-10-19 09:26:07 -04:00
justinsb c34fd83365 Add SystemGeneration to channel version tracker 
This allows us to reapply a manifest when we introduce new
functionality, such as pruning.

Otherwise an old version can apply the manifest, mark the manifest as
applied, and we won't reapply.
 2021-10-15 17:47:13 -04:00
Jesse Haka 43c5c9f9ab Enable ingress hostname feature for OpenStack 2021-10-12 10:12:41 +03:00
John Gardiner Myers 7963b9b9ec Remove some unused fields from v1alpha3 componentconfig 2021-10-07 23:29:53 -07:00
Kubernetes Prow Robot fcfdbab4b1
Merge pull request #12420 from justinsb/gce_tpm 
Support GCE TPM verification
 2021-10-06 23:33:47 -07:00
Peter Rifel f176380550
./hack/update-expected.sh 2021-10-06 08:11:04 -05:00
Peter Rifel db639664a1
Replace klog flags with go-runner in k8s 1.23 
These flags have been deprecated, see https://github.com/kubernetes/enhancements/tree/master/keps/sig-instrumentation/2845-deprecate-klog-specific-flags-in-k8s-components
 2021-10-06 08:10:20 -05:00
justinsb 4dc2c062fd Support GCE TPM verification 2021-10-06 08:40:20 -04:00
Ciprian Hacman 71a0bcf353 Add kubescheduler.config.k8s.io/v1beta2 for k8s 1.22+ 2021-10-05 10:27:02 +03:00
John Gardiner Myers 0fd4dca30e Remove dead code 2021-10-02 20:58:55 -07:00
Ciprian Hacman 290d3d3e3d Remove unnecessary sysctl "net.ipv6.conf.all.accept_ra=2" 2021-10-02 08:07:04 +03:00
Peter Rifel 7ce1cdc065
Set kubelet's --no-ip on IPv6-only clusters 2021-09-30 09:20:33 -05:00
Peter Rifel 724804025b
./hack/update-expected.sh 2021-09-30 09:20:33 -05:00
Peter Rifel 88ddff3baf
Use separate cloud.config files for in-tree vs out-of-tree components 2021-09-30 09:20:33 -05:00
Kubernetes Prow Robot b9d5e37e1f
Merge pull request #12431 from olemarkus/cilium-al2 
Mount cgroupv2 for cilium at a custom location
 2021-09-28 07:14:43 -07:00
Ole Markus With 39178703c8 Mount cgroupv2 for cilium at a custom location 2021-09-27 19:29:36 +02:00
justinsb fad6db8beb Refactor bootstrap verifier/authenticator into its own package 
No code changes, but this avoids a circular package dependency that we
would otherwise introduce in the GCE logic.
 2021-09-26 09:43:53 -04:00
Ole Markus With fed0c16085 Revert "Remove unneeded network related sysctls" 
This reverts commit ce08ec68df.
 2021-09-25 08:24:47 +02:00
Peter Rifel ca044455a3
Remove critical-pod scheduler annotation. 
This is no longer recognized in all supported k8s versions (1.16+)

ea07644522/CHANGELOG/CHANGELOG-1.16.md (deprecations-and-removals)
 2021-09-22 21:14:50 -05:00
Ciprian Hacman ce08ec68df Remove unneeded network related sysctls 2021-09-22 06:51:10 +03:00
Ole Markus With a3a2a9c3bf Have nodeup assign an ipv6 prefix 2021-09-16 19:28:07 +02:00
Ole Markus With 29771b73c1 Use TLS for kubescheduler health check as of k8s 1.23 2021-09-16 07:46:16 +02:00
Kubernetes Prow Robot 3fd7b446c0
Merge pull request #12305 from hakman/node_ip_families 
Make AWS CCM NodeIPFamilies configurable
 2021-09-12 06:26:14 -07:00
Kubernetes Prow Robot 1b431b4c9c
Merge pull request #11628 from olemarkus/gpu-runtime 
Pre-install nvidia container runtime + drivers on GPU instances
 2021-09-11 13:00:07 -07:00
Ciprian Hacman dde08e839d Make AWS CCM NodeIPFamilies configurable 2021-09-11 13:09:08 +03:00
Ole Markus With f5fed2a08d Move nvidia config under containerd 2021-09-05 20:28:07 +02:00
Ole Markus With 4ab75b01cb Have instances learn about their GPU capabilities 2021-09-05 20:09:04 +02:00
Ole Markus With 2d013e460c Install nvidia container runtime 2021-09-05 20:09:04 +02:00
Ciprian Hacman 58fb2676eb Fix kernel parameter for IPv6 forwarding 2021-09-05 09:35:35 +03:00
Ole Markus With ec2dcfca48 Set NodeIPFamilies in ipv6 mode 2021-09-03 08:31:09 +02:00
Kubernetes Prow Robot c7eb08c76f
Merge pull request #12193 from olemarkus/protect-kernel-defaults 
Enable protect-kernel-defaults by default and set the correct sysctls in nodeup
 2021-09-02 04:42:09 -07:00
Ole Markus With 18faee636f Set kube-apiserver as default logs container 
Apply suggestions from code review

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-09-02 08:29:30 +02:00
John Gardiner Myers 01dd7d562e hack/update-expected.sh 2021-08-29 14:19:02 -07:00
John Gardiner Myers 62c4ce4d93 Move bootstrap RBAC from protokube to core bootstrap addon 2021-08-29 12:36:21 -07:00
John Gardiner Myers a6de058dc3 hack/update-expected.sh 2021-08-28 13:49:55 -07:00
John Gardiner Myers be8933b577 Remove code for unsupported features 2021-08-28 13:49:55 -07:00
John Gardiner Myers 6655022ce1 Remove support for the Lyft CNI 2021-08-28 11:54:39 -07:00
Ole Markus With ad16042a1f Add IPs to kubelet server cert 
Since AWS does not resolve instance hostnames to ipv6, ipv6-only pods that talk to kubelet API has to use node IP, not hostname. Thus we need to add IPs to kubelet server cert.
 2021-08-26 20:54:02 +02:00
Ole Markus With 4ef0172ee9 Enable protect-kernel-defaults by default and set the correct sysctls in nodeup 2021-08-23 11:48:20 +02:00
Ciprian Hacman 84bdfd900d Hardcode Flatcar containerd exec command 2021-08-19 09:50:08 +03:00
Ole Markus With ab596a49bc Enable ipv6 forwarding and router announcements 2021-08-11 11:09:29 +02:00
Reilly Brogan 13e2b54abc Debian 11: python-apt is not available 2021-08-10 14:33:48 -05:00
Ole Markus With f1a8565024 Fix disabling unattended upgrades 
Current default AMIs pre-install and pre-configure unattended upgrades.
We therefor need to explicitly disable it if the update policy requires
it.
 2021-08-10 12:51:49 +02:00
Ole Markus With 820683bba0 Test if update_service behaves as intended 2021-08-10 12:51:44 +02:00
John Gardiner Myers beb9741943 hack/update-expected.sh 2021-07-22 21:00:03 -07:00
John Gardiner Myers 3a53fdb139 Provision TLS server certs for controller-manager and scheduler 2021-07-22 20:59:58 -07:00
John Gardiner Myers cfd1582b0d Use kubeconfig for authentication and authorization as well 2021-07-21 19:24:06 -07:00
John Gardiner Myers 8416bd0c39 hack/update-expected.sh 2021-07-17 14:25:19 -07:00
John Gardiner Myers 526dd38e16 Remove apiserver's access to controller-manager secrets 2021-07-17 14:25:19 -07:00