kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,992 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1199 Commits

Author SHA1 Message Date
Kubernetes Prow Robot bca601d1da
Merge pull request #9969 from hakman/docker-19.03.13 
Update Docker to v19.03.13
 2020-09-18 10:46:46 -07:00
Ciprian Hacman 96e3fefd85 Update Docker to v19.03.13 2020-09-18 12:14:43 +03:00
Ole Markus With b9212f85ad Add addon for aws node termination handler 2020-09-17 21:09:28 +02:00
Adam Smith 2fb1a4ecd2 Support ChainInsertMode config option for Calico Networking 2020-09-16 10:38:45 +01:00
Ole Markus With 926a0bc7c1 Block external CCM for k8s less than 1.13 2020-09-15 15:51:23 +02:00
Kubernetes Prow Robot 04b9f41daa
Merge pull request #9883 from hs0210/work 
Add unit test for pkg/apis/kops/model/features.go
 2020-09-13 15:24:57 -07:00
Kubernetes Prow Robot 69f22a4b52
Merge pull request #9918 from olemarkus/validate-labels 
Validate labels
 2020-09-11 09:04:15 -07:00
Ole Markus With 9f5ba43445 Validate labels 2020-09-11 09:59:24 +02:00
Kubernetes Prow Robot 036ea69525
Merge pull request #9352 from justinsb/irsa_with_public 
Simplified form of IAM Roles for ServiceAccounts
 2020-09-09 22:23:44 -07:00
Chris Loukas 65610dbcee Update NodeLocalDNSConfig with Mem/CPU requests 
Add NodeLocalDNS.CPURequest and NodeLocalDNS.MemoryRequest to
configure resource requests.

If not explicitly set, fall back to 25m and 5Mi
 2020-09-09 18:40:14 +03:00
Justin SB 8498ac9dbb Create PublicJWKS feature flag 
This should be much easier to start and to get under testing; it only
works with a load balancer, it sets the apiserver into anonymous-auth
allowed, it grants the anonymous auth user permission to read our jwks
tokens.  But it shouldn't need a second bucket or anything of that
nature.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:06 -04:00
Hu Shuai 9d80c416e0 Add unit test for pkg/apis/kops/model/features.go 
Signed-off-by: Hu Shuai <hus.fnst@cn.fujitsu.com>
 2020-09-08 13:27:09 +08:00
Barry Melbourne 21fe46ce12 Add kubelet cgroup driver property 2020-09-07 17:11:33 +01:00
Ole Markus With a0e9fab104 Implement cluster autoscaler as bootstrap addon 
Use provider-agnostic node definition for cas instead of aws auto-discovery

Validate clusterAutoscalerSpec

Add spec documentation

Add cas docs

Make CRDs

Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>

Add enabled flag to cas config

Apply suggestions from code review

Co-authored-by: Guy Templeton <guyjtempleton@googlemail.com>

Add support for custom cas image

Support more k8s versions

Use full image names
 2020-09-03 09:52:13 +02:00
Kubernetes Prow Robot e6b8c82d88
Merge pull request #9838 from etwillbefine/api-server-cors 
add support for cors-allowed-origins
 2020-08-29 16:54:21 -07:00
etwillbefine 2b0970376e use list of strings for CORS 2020-08-29 22:11:24 +02:00
etwillbefine 1b6ee2c7e8 add support for cors-allowed-origins 
closes https://github.com/kubernetes/kops/issues/2045

correct typo in flag attribute

run code-gen, correct field description
 2020-08-29 19:14:39 +02:00
Justin Santa Barbara f32fcc35fa Addons: Support arbitrary additional objects 
We will be managing cluster addons using CRDs, and so we want to be
able to apply arbitrary objects as part of cluster bringup.

Start by allowing (behind a feature-flag) for arbitrary objects to be
specified.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-28 09:03:41 -04:00
Peter Rifel 7d9f0a06cf
Update API slice fields to not use pointers 
This is causing problems with the Kubernetes 1.19 code-generator.
A nil entry in these slices wouldn't be valid anyways, so this should have no impact.
 2020-08-24 07:46:38 -05:00
Ciprian Hacman ca2d501950 Update validation for Calico to assume etcd3 as default 2020-08-24 12:54:15 +03:00
Kubernetes Prow Robot 6c5150f786
Merge pull request #9793 from hakman/root-vol-encrypt 
Add flag for root volume encryption
 2020-08-21 09:15:40 -07:00
Ciprian Hacman 2880e22bce Add flag for root volume encryption 2020-08-21 18:31:21 +03:00
Kubernetes Prow Robot 076df5ec84
Merge pull request #9782 from hakman/ignore-flannel-workaround 
Ignore the disableTxChecksumOffloading flag for Flannel and Canal
 2020-08-21 04:47:40 -07:00
Ciprian Hacman 68474f7793 Ignore the disableTxChecksumOffloading flag for Flannel and Canal 2020-08-21 07:55:25 +03:00
Kubernetes Prow Robot 8a81d94c7b
Merge pull request #9773 from victorfrancax1/7286 
Adding support for permission boundaries for AWS IAM Roles
 2020-08-19 06:51:11 -07:00
Victor Ferreira 3aaa9a7c0f feat(aws): adding support to permission boundaries for IAM Roles 2020-08-19 01:16:13 -03:00
John Gardiner Myers 07220797b4 Issue the cilium etcd client cert out of kops-controller 2020-08-17 21:15:34 -07:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers bec273ebf1 Implement signing of kubelet cert in kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers 9c01e1f44d Send bootstrap query from nodeup to kops-controller 2020-08-15 09:50:08 -07:00
John Gardiner Myers 00c60ddff6 Add server code to kops-controller 2020-08-15 09:46:30 -07:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
Ole Markus With 9890839cec Add an integration test for openstack floating ip 
* Integration test for floatingip cluster
* Implements mocking of floatingIP (only list for now)
* Expands various cloudmocks
* Fixes an NPR in openstack validation
* Fixes a bug where kops tries to use DNS even if the cluster is gossip
 2020-08-12 12:59:30 +02:00
Kubernetes Prow Robot 46ebae1b4e
Merge pull request #9726 from Evalle/ISSUE-9695 
Add missing cli options for kube-controller-manager and kube-scheduler
 2020-08-12 01:01:45 -07:00
Evgeny Shmarnev 17b2ff0c14 Add authorization-always-allow-paths 2020-08-12 09:10:31 +02:00
Evgeny Shmarnev fd9f4e481f Add missing cli options for kube-controller-manager and kube-scheduler 2020-08-12 08:40:59 +02:00
Ole Markus With 25d98796e2 Add cinder plugin 2020-08-11 10:15:12 +02:00
Ciprian Hacman 331d223043 ARM64 support - Side-load multi-arch images 2020-08-10 13:47:07 +03:00
Ole Markus With fbcdeb2ed6 Respect Topology when assigning floating ips or not 2020-08-08 12:23:09 +02:00
Robert Russell 6e5544f615 Allow configurable backend modes for aws-iam-authenticator 2020-08-06 21:37:55 -07:00
John Gardiner Myers c2cb6646af Remove tags from NodeupConfig 2020-07-29 17:24:39 -07:00
John Gardiner Myers 8258dcd395 Exempt OpenStack from the EnableExternalCloudController feature flag 2020-07-25 13:12:25 -07:00
Kubernetes Prow Robot a00268d511
Merge pull request #9554 from olemarkus/openstack-fixes 
Openstack fixes
 2020-07-23 13:06:25 -07:00
John Gardiner Myers 9693da66b3 Remove support for legacy IAM permissions 2020-07-17 20:08:17 -07:00
John Gardiner Myers 3201cc4dd8 Require extra flag when updating cluster with downgraded kops version 2020-07-17 11:11:12 -07:00
Ole Markus With 9b0d235554 Don't apply spec.api defaults on OS 
Openstack can use floating IPs as master API address. Setting these defauls and using floating ips ends up in a nil pointer error somewhere in the lbaasv2 code
 2020-07-12 21:08:13 +02:00
John Gardiner Myers 70926d43fc Use a stable key for signing service account tokens 2020-07-11 13:18:50 -07:00
John Gardiner Myers 03c5f4c024 Move remaining new cluster setup to pkg 2020-07-06 21:28:08 -07:00
Kubernetes Prow Robot 0c62641dad
Merge pull request #9354 from johngmyers/refactor-certs-2 
Continue refactoring certs into nodeup
 2020-07-06 17:13:57 -07:00
John Gardiner Myers 004f7b578f Default ClusterDNS appropriately when NodeLocalDNS is enabled 2020-07-03 16:57:03 -07:00