kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,992 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1218 Commits

Author SHA1 Message Date
Kubernetes Prow Robot ea2d0da1cc
Merge pull request #8577 from justinsb/dump 
Capture logs from a kops cluster
 2020-08-09 17:18:19 -07:00
John Gardiner Myers 8258dcd395 Exempt OpenStack from the EnableExternalCloudController feature flag 2020-07-25 13:12:25 -07:00
Peter Rifel 40a25bd8ba
Expose private key as a flag 2020-07-24 20:15:45 -05:00
Peter Rifel 3f03094e79
Try to list nodes for dumping logs 2020-07-24 20:12:53 -05:00
Peter Rifel 1faeb36d37
Address feedback and test failures 2020-07-22 22:19:00 -05:00
John Gardiner Myers a45b07c156 Reduce the lifetime of exported kubecfg credentials 2020-07-17 22:39:01 -07:00
Kubernetes Prow Robot 022fec8606
Merge pull request #9471 from johngmyers/ig-per-zone 
Create one nodes instance group per zone
 2020-07-17 12:34:54 -07:00
John Gardiner Myers e9b8e4e39a Create zero-node IGs if more zones than nodes 2020-07-17 11:26:09 -07:00
John Gardiner Myers fbc235a3fe Create one nodes IG per zone 2020-07-17 11:26:09 -07:00
John Gardiner Myers 3201cc4dd8 Require extra flag when updating cluster with downgraded kops version 2020-07-17 11:11:12 -07:00
Kubernetes Prow Robot 6f3c067e5e
Merge pull request #9280 from olemarkus/no-admin 
Specify user on export kubecfg
 2020-07-17 11:00:51 -07:00
Justin Santa Barbara d8b69ab2e3
Capture logs from a kops cluster 
This is derived from the dumping code in kubetest.  If we want to run
tests outside of kubetest (e.g. upgrade tests), we're going to need
that functionality.
 2020-07-17 10:00:06 -05:00
Ciprian Hacman 827d8c041f Update mock version to 1.19.0-alpha.1 2020-07-08 18:31:18 +03:00
Ole Markus With aab5054ffc Add networking provider for using etcd-manager for cilium 
This is the only feasible way of adding the additional etcd cluster for a cilium e2e test
 2020-07-07 21:06:21 +02:00
John Gardiner Myers 03c5f4c024 Move remaining new cluster setup to pkg 2020-07-06 21:28:08 -07:00
Kubernetes Prow Robot f5c7003aff
Merge pull request #9509 from rifelpet/amazonvpc-docs 
Update AWS VPC CNI docs to use `--networking amazonvpc`
 2020-07-06 18:41:57 -07:00
Kubernetes Prow Robot 222756b35d
Merge pull request #9490 from johngmyers/newcluster-4 
Move more cluster creation code to NewCluster()
 2020-07-06 16:23:57 -07:00
Peter Rifel 7582109b23
Update AWS VPC CNI docs to use --networking amazonvpc 2020-07-06 17:40:21 -05:00
John Gardiner Myers d60eeabade Move topology setup to pkg 2020-07-03 10:49:50 -07:00
John Gardiner Myers de0e20ee7b Move network provider setup to pkg 2020-07-03 10:49:16 -07:00
John Gardiner Myers b4c3b38436 Move more cloud provider setup to pkg 2020-07-03 10:48:29 -07:00
Ole Markus With 263172caac Use new templates for cilium 1.8 2020-07-03 07:56:35 +02:00
Kubernetes Prow Robot 734a0eb5f3
Merge pull request #9415 from johngmyers/refactor-nodeup-2 
Continue moving InstanceGroup data to NodeupConfig
 2020-07-02 20:50:47 -07:00
Kubernetes Prow Robot 38195fbd41
Merge pull request #9467 from johngmyers/newcluster-3 
Move more cluster creation code to NewCluster()
 2020-07-02 17:02:47 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
John Gardiner Myers f1a9297cb5 Move node setup to pkg and refactor 2020-06-30 22:45:38 -07:00
John Gardiner Myers a5b60ccac3 Move master setup to pkg and refactor 2020-06-30 21:52:06 -07:00
John Gardiner Myers a33acc0ae4 Move zone setup to pkg and refactor 2020-06-30 20:20:09 -07:00
John Gardiner Myers 56e5adc67e Move VPC setup into NewCluster() 2020-06-30 12:37:46 -07:00
John Gardiner Myers fe66b0011b Move CloudProvider determination into NewCluster() 2020-06-30 12:37:11 -07:00
John Gardiner Myers bd2890c0db Refactor more cluster creation code into NewCluster() 2020-06-30 12:37:10 -07:00
Ole Markus With d529afe637 Only enable nodeport by default if k8s is 1.12 or newer 2020-06-29 21:42:09 +02:00
Ole Markus With 4d1897ab90 Enable nodeport by default 2020-06-29 21:42:09 +02:00
John Gardiner Myers 44fb283e3f Move NodeLabels into the NodeupConfig 2020-06-28 18:52:03 -07:00
Kubernetes Prow Robot 679b9db9a1
Merge pull request #9422 from johngmyers/trim-loader 
Remove dead cloudup code
 2020-06-28 13:42:14 -07:00
Ole Markus With 72fd007acf Don't export admin user by default. Allow specifying existing user when exporting context 2020-06-24 19:54:25 +02:00
Kubernetes Prow Robot 028aad06ce
Merge pull request #9413 from johngmyers/create-pkg 
Start pushing create_cluster logic into pkg
 2020-06-24 05:57:16 -07:00
John Gardiner Myers a76a1cd127 Remove unused model options 2020-06-21 22:37:16 -07:00
Kubernetes Prow Robot 10553e143f
Merge pull request #9410 from johngmyers/refactor-lyft 
Refactor lyft config file to Go code
 2020-06-20 13:42:39 -07:00
John Gardiner Myers be6ff2adb7 Start pushing create_cluster logic into pkg 2020-06-20 12:46:35 -07:00
Kubernetes Prow Robot 8b371acef0
Merge pull request #9094 from olemarkus/vault-vfs 
Implement VFS for vault
 2020-06-20 12:02:39 -07:00
Kubernetes Prow Robot a5b47e9c18
Merge pull request #9407 from hakman/master-node-image 
Add master and node image options when creating a cluster
 2020-06-20 11:08:39 -07:00
Ciprian Hacman 279fd313ec Address review comments 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2020-06-20 19:33:42 +03:00
John Gardiner Myers 99c8c4b8fc Move apply logic down into pkg for import use 2020-06-19 23:51:41 -07:00
John Gardiner Myers 87a981093b Remove unused loading code from Loader 2020-06-19 23:30:56 -07:00
Peter Rifel 75ccf45eb7
Fold multiple integration test cases into the complex cluster test 
Each integration test cluster adds many LoC and some overhead in running the integration tests.
Since many of the tests are only testing a specific feature, it would be simpler to combine all of the non-mutually exclusive features into the complex cluster.
 2020-06-19 22:09:22 -05:00
Ciprian Hacman fa9b4ac217 Add master and node image options when creating a cluster 2020-06-19 22:23:05 +03:00
Peter Rifel 9eba72c2b4
Add a couple more "area" labels 2020-06-18 07:01:05 -05:00
Ole Markus With acaa1e1dfc Implement VFS for vault 2020-06-18 13:02:37 +02:00
Kubernetes Prow Robot eb39ab7349
Merge pull request #9355 from johngmyers/move-port 
Move host-network services off of port 8080
 2020-06-16 09:10:04 -07:00
John Gardiner Myers 0d74344a43 Remove the baremetal cloud provider 2020-06-14 10:38:29 -07:00
John Gardiner Myers 4bf8302f14 Move kube-apiserver-healthcheck to port 3990 2020-06-12 22:00:14 -07:00
Kubernetes Prow Robot 54d4a81ea8
Merge pull request #9289 from johngmyers/launch-template 
Use launch templates by default
 2020-06-11 13:40:57 -07:00
Ole Markus With 2abded190a Update cmd help text 2020-06-11 08:37:10 +02:00
John Gardiner Myers 3ce8dd165b Use launch templates by default 2020-06-10 09:34:48 -07:00
Peter Rifel ba62bbea74
Fix NPD when creating a kube-router cluster 2020-06-10 07:04:40 -05:00
Peter Rifel 0895218e3d
Disable kubeproxy when creating a kube-router cluster 2020-06-09 21:53:53 -05:00
Peter Rifel bc074e857c
Use ec2.DescribeInstanceTypes in awsup.GetMachineTypeInfo 
This requires passing a cloud object in additional places throughout the validation package and originating mostly from cmd/kops

This means that some kops commands now require valid cloud provider credentials, but I don't think this is an issue because the vast majority of use-cases already require the same cloud provider credentials in order to interact with the state store.
 2020-06-09 10:13:01 -05:00
ZouYu 2fc52ec6be fix some go-lint warning 
Signed-off-by: ZouYu <zouy.fnst@cn.fujitsu.com>
 2020-06-09 08:52:50 +08:00
Kubernetes Prow Robot d18e97140e
Merge pull request #9130 from johngmyers/pki-refactor 
Refactor cert issuance code
 2020-06-05 01:43:43 -07:00
John Gardiner Myers f9b0415093 Update generated files 2020-06-04 12:13:49 -07:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
John Gardiner Myers c142483cfa Move cert issuance code to pki module 2020-06-04 10:26:42 -07:00
Kubernetes Prow Robot c6dcaa8199
Merge pull request #9154 from MoShitrit/issue-9031 
Add support for encryption in Cilium
 2020-06-04 03:11:15 -07:00
Ole Markus With 991549a5f4 Remove support for Romana 2020-06-03 08:23:53 +02:00
Peter Rifel 0117881962
Remove redundant ValidateInstanceGroup call 
The `cloudup.PopulateInstanceGroupSpec` directly after this calls `ValidateInstanceGroup` so this first call is redundant.

This is minor cleanup to help simplify the aws instance type validation PR
 2020-06-02 22:01:02 -05:00
Zhou Hao deb90e4ea4 Add example for describe secret 
Signed-off-by: Zhou Hao <zhouhao@cn.fujitsu.com>
 2020-06-02 10:38:34 +08:00
Kubernetes Prow Robot 7b067983df
Merge pull request #9177 from olemarkus/remove-vsphere 
Remove vsphere cloud provider
 2020-06-01 06:19:54 -07:00
Justin SB ac36147372 GCE: fix typo 2020-05-31 23:37:16 -04:00
John Gardiner Myers 121cd926eb Remove unused file 2020-05-30 17:15:47 -07:00
Ole Markus With 7342525872 Remove vsphere from kops files 2020-05-30 13:36:55 +02:00
Kubernetes Prow Robot ba08b248f0
Merge pull request #9198 from q384566678/add-example 
Add example for delete secret
 2020-05-29 19:23:53 -07:00
Zhou Hao 6f1fcf1944 Add example for delete secret 
Signed-off-by: Zhou Hao <zhouhao@cn.fujitsu.com>
 2020-05-29 08:40:29 +08:00
Kubernetes Prow Robot 6830cf6d44
Merge pull request #9065 from johngmyers/remove-distro 
Remove support for CoreOS and Jessie
 2020-05-27 23:22:01 -07:00
MoShitrit 316a0e2b00 Adding encryption support for Cilium 
Adding support for 'secret-name' flag

Adding instructions to enable encryption

Updating docs for cli

Addressing comments

Adding ciliumpassword subcommand to 'kops create secret'

Updating command to generate ciliumpassword secret
 2020-05-25 01:54:24 -04:00
John Gardiner Myers 2d98e5609c Remove/fix more CoreOS references 2020-05-22 20:54:41 -07:00
Ole Markus With 6e04586361 Docs fixes 2020-05-22 08:08:58 +02:00
Ole Markus With e3055a6906 Inline supportsPrivateTopology 2020-05-22 08:08:58 +02:00
Ole Markus With eebb605c9c Remove as much of the classic networking logic as we can 2020-05-22 08:08:58 +02:00
Ole Markus With d1ff25bb4e Remove some rather long networking nil checks 2020-05-22 08:08:58 +02:00
Ole Markus With 95d2170fa6 Update networking in kops create 
* Remove classic from cli docs. Add missing providers
* Use cilium instead of weave in example since we don't consider weave stable
 2020-05-22 08:08:58 +02:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
Kubernetes Prow Robot 50a1a8edfb
Merge pull request #9121 from atmosx/master 
Add EC2 Instance LifeCycle label
 2020-05-15 11:17:37 -07:00
Panagiotis Atmatzidis 31acabf8cd
Add EC2 instance lifecycle label to nodes 
When using a "mixed instance policy"[1] instance group spot and onDemand nodes are part of the same
ASG. The ASG handles the percentage of spot vs onDemand instances. There are no annotations, EC2 tags or labels to identify which
instances are onDemand vs spot. There is a field called `InstanceLifecycle` accessible through `EC2.DescribeInstances`.

The field `InstanceLifecycle` is available only in `spot` and
`scheduled` AWS EC2 instance types.

This PR introduces a new label to be attached on AWS EC2 spot nodes.

The label is:

```
node-role.kubernetes.io/spot-worker: "true"
```

or

```
node-role.kubernetes.io/scheduled-worker: "true"
```

[^1]: https://github.com/kubernetes/kops/blob/master/docs/instance_groups.md#mixedinstancepolicy-aws-only
 2020-05-15 09:33:37 +03:00
John Gardiner Myers 154833e652 Fail cluster validation if too few nodes for ig's target size 2020-05-12 22:28:26 -07:00
Kubernetes Prow Robot 6e0aea35ce
Merge pull request #9108 from olemarkus/zsh-completion 
Fix zsh completion
 2020-05-12 06:14:21 -07:00
Jesse Haka b242c44dd2 use v3 api in kubernetes also 2020-05-11 08:17:47 +03:00
Ole Markus With 520ba275f3 Fix zsh completion 2020-05-10 15:40:54 +02:00
Kubernetes Prow Robot 8768178082
Merge pull request #9084 from rifelpet/gce-tf-metadata 
Dont use terraform's file() for singleline strings in GCE metadata
 2020-05-08 16:21:51 -07:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
Peter Rifel ef6abbcd5c
Don't use file references for single line strings in gce's metadata fields 2020-05-06 23:06:24 -05:00
Kubernetes Prow Robot 486c20f724
Merge pull request #9053 from johngmyers/channels-dependency 
Allow cluster maintenance when channel is unavailable
 2020-05-06 07:39:09 -07:00
John Gardiner Myers 843e5b9b16 Move GCEServiceAccount into CloudConfig 2020-05-03 20:35:32 -07:00
John Gardiner Myers 126c4c8d37 Allow cluster maintenance when channel is unavailable 2020-05-03 13:48:15 -07:00
Ole Markus With 4978932213 Make it possible to switch zone for an IG 
* Ensure every master runs etcd
* Make it possible to remove masters
* "Cross" Validate on IG creation
 2020-04-28 13:28:15 +02:00
Martin Tomes 462ca78f2a Import package aliases modified 
Modified api -> kopsapi aliases of imports of k8s.io/kops/pkg/apis/kops
 2020-04-17 16:55:08 +02:00
Justin Santa Barbara ffb6cd61aa Rolling-update validation harmonization 
This is a follow-on to #8868; I believe the intent of that was to
expose the option to do more (or fewer) retries.

We previously had a single retry to prevent flapping; this basically
unifies the previous behaviour with the idea of making it
configurable.

* validate-count=0 effectively turns off validation.

* validate-count=1 will do a single validation, without flapping
  detection.

* validate-count>=2 will require N succesful validations in a row,
waiting ValidateSuccessDuration in between.

A nice side-effect of this is that the tests now explicitly specify
ValidateCount=1 instead of setting ValidateSuccessDuration=0, which
had the side effect of doing the equivalent to ValidateCount=1.
 2020-04-17 01:40:02 -04:00
Ole Markus With d174faf116 Add some integration tests for cilium 2020-04-16 16:22:58 +02:00
Justin Santa Barbara 31bb16d4d1 Add context.Context to most signatures 
The client-go signature for most methods adds a context.Context
object, and also makes Options mandatory.  Feed through a
context.Context through many of our methods (but use context.TODO to
stop it getting totally out of hand!)
 2020-04-11 14:44:17 -04:00
Kubernetes Prow Robot 47b9b23a30
Merge pull request #8873 from justinsb/update_gomod_for_k8s_1_17 
Update go.mod for k8s 1.17
 2020-04-08 07:01:43 -07:00