kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,992 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

3141 Commits

Author SHA1 Message Date
Ciprian Hacman 1006f9082d Update Calico to v3.16.0 for k8s 1.16+ 2020-09-02 05:48:49 +03:00
Ole Markus With e9cc96baab Fully support kops get instances on openstack 2020-09-01 09:43:26 +02:00
Kubernetes Prow Robot e11146c0df
Merge pull request #9799 from olemarkus/cloudinstances-refactor 
Cloudinstances refactor
 2020-08-31 23:23:50 -07:00
Kubernetes Prow Robot 4fa353725f
Merge pull request #9841 from johngmyers/remove-deferral 
Remove more machinery for file-based cloudup models
 2020-08-31 14:25:50 -07:00
liranp b10f07fefc
feat(spot): upgrade the controller (v1.0.64) 2020-08-31 19:59:15 +03:00
Kubernetes Prow Robot 277038d419
Merge pull request #9839 from rifelpet/tf-cert-id 
Dont generate the ssl_certificate_id field on TCP listeners in Terraform
 2020-08-31 06:14:21 -07:00
Ole Markus With 715e46d58e Upgrade cilium versions 2020-08-31 12:01:03 +02:00
John Gardiner Myers 3e75884661 Remove unused functionality 2020-08-30 22:55:21 -07:00
John Gardiner Myers d95bf95c50 Remove dead code 2020-08-30 22:44:40 -07:00
Kubernetes Prow Robot 56bab9fa4f
Merge pull request #9813 from justinsb/expose_jwks 
Expose JWKS via a feature-flag
 2020-08-30 21:06:20 -07:00
Ole Markus With 0ec71686b9 Refactor cloudinstancegroupmember in a more independent cloud instance representation 
Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 21:37:03 +02:00
Peter Rifel 0326ce4ad7
Dont generate the ssl_certificate_id field on TCP listeners in Terraform 2020-08-30 09:44:16 -05:00
Justin SB 786423f617 Expose JWKS via a feature-flag 
When the PublicJWKS feature-flag is set, we expose the apiserver JWKS
document publicly (including enabling anonymous access).  This is a
stepping stone to a more hardened configuration where we copy the JWKS
document to S3/GCS/etc.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 10:15:11 -04:00
Justin SB c63ce4b5ab Implement setter by reflection 
This means we no longer have to individually hard-code the `kops set`
fields, however we use the "language" we're now demonstrated.

We add tests to ensure we have parity with our existing (hard-coded)
setter logic.
 2020-08-30 09:59:52 -04:00
Kubernetes Prow Robot 328f637880
Merge pull request #8119 from justinsb/addons_are_objects 
Addons: Support arbitrary additional objects
 2020-08-29 15:20:21 -07:00
Justin SB a1553bdf0b TaskDependentResource: support preview when the task isn't ready 
This is needed because otherwise if we try to diff a computed field,
we can't read the value.
 2020-08-29 08:39:14 -04:00
Justin Santa Barbara f32fcc35fa Addons: Support arbitrary additional objects 
We will be managing cluster addons using CRDs, and so we want to be
able to apply arbitrary objects as part of cluster bringup.

Start by allowing (behind a feature-flag) for arbitrary objects to be
specified.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-28 09:03:41 -04:00
Kubernetes Prow Robot e537846b41
Merge pull request #9784 from olemarkus/kops-delete-instance 
Add kops delete instance command
 2020-08-28 00:36:53 -07:00
Ole Markus With ff6c04938d Add kops delete instance command 
Add support for deleting instance by k8s node name

Add yes flag
 2020-08-28 08:43:30 +02:00
Peter Rifel 8bf1dfd43e
GCE - Set Bastion InstanceGroup zone 
GCE uses Spec.Zones rather than Spec.Subnets because subnets are regional rather than zonal.
This sets the Zones field for bastion IGs in GCE, avoiding an index out of range panic during cluster creation.
 2020-08-27 14:17:02 -05:00
Kubernetes Prow Robot e5e8908cce
Merge pull request #9821 from olemarkus/openstack-newer-nova-3 
Reconcile ports and floating ips
 2020-08-27 07:15:53 -07:00
Kubernetes Prow Robot 6a33402702
Merge pull request #9820 from olemarkus/managed-sgs 
Remove unknown rules from managed security groups on openstack
 2020-08-27 03:43:03 -07:00
MoShitrit db0111acfe Upgrade AWS VPC CNI to 1.7.1 2020-08-26 13:54:01 -04:00
Kubernetes Prow Robot b00f8049b6
Merge pull request #9808 from hakman/kope-to-k8s.gcr.io 
Pull images from k8s.gcr.io/kops instead of docker.io/kope
 2020-08-26 07:18:05 -07:00
Ole Markus With d2127d8981 Reconsile floating ips to instances 2020-08-26 14:17:24 +02:00
Ole Markus With 0ae88cde8a Support reconsiling server ports 2020-08-26 14:17:24 +02:00
Ole Markus With 8e4f3b1458 Tags are never used 2020-08-26 14:17:24 +02:00
Kubernetes Prow Robot 165933852d
Merge pull request #9790 from olemarkus/openstack-newer-nova 
Remove compute floating ip extension
 2020-08-26 04:26:03 -07:00
Ole Markus With 14a6f92f53 Delete SG rules that kops don't explicitly add to managed SGs 2020-08-26 11:09:22 +02:00
Kubernetes Prow Robot 154335e758
Merge pull request #9818 from hakman/kube-router-1.0.1 
Update kube-router to v1.0.1
 2020-08-26 01:46:03 -07:00
Ciprian Hacman fd62ca9e42 Update kube-router to v1.0.1 2020-08-26 10:53:22 +03:00
Ciprian Hacman eb218cdc1a Update Calico to v3.15.2 for k8s 1.16+ 2020-08-26 10:01:22 +03:00
Kubernetes Prow Robot f8a89b54db
Merge pull request #9812 from justinsb/write_full_certificate_chain 
Support writing a full certificate chain
 2020-08-25 22:32:02 -07:00
Peter Rifel 4d8f07c4f8
Fix GCE cluster creation with private topology 
This was later failing api validation with:

`spec.subnets[1].region: Required value: region must be specified for GCE subnets`

So now we copy the region value from the equivalent non-utility subnet when creating utility subnets.
 2020-08-25 20:03:06 -05:00
Justin SB b158ffab04 Refactor: KopsModelContext embeds IAMModelContext 
go syntax makes this an annoying change, unfortunately.
 2020-08-25 11:22:34 -04:00
Justin SB 2be21562a9 Support writing a full certificate chain 
This means that our https endpoint will serve the ca.crt as well.
 2020-08-25 11:09:04 -04:00
Ciprian Hacman a4ff90205a Pull images from k8s.gcr.io/kops instead of docker.io/kope 2020-08-25 08:04:36 +03:00
Peter Rifel dd75c1ed91
make apimachinery crds gomod, update-expected.sh 2020-08-24 10:58:09 -05:00
Kubernetes Prow Robot 9cb6797f67
Merge pull request #9801 from hakman/release-1.19.0-alpha.3 
Release 1.19.0-alpha.3
 2020-08-24 08:53:41 -07:00
Peter Rifel 7d9f0a06cf
Update API slice fields to not use pointers 
This is causing problems with the Kubernetes 1.19 code-generator.
A nil entry in these slices wouldn't be valid anyways, so this should have no impact.
 2020-08-24 07:46:38 -05:00
Ciprian Hacman ca2d501950 Update validation for Calico to assume etcd3 as default 2020-08-24 12:54:15 +03:00
Ole Markus With 2ab64942d7 Remove vendoring of nova floating ip 2020-08-24 06:46:25 +02:00
Ole Markus With 22d22ba0bd Clean up comment 2020-08-24 06:44:29 +02:00
Ole Markus With ef25dda399 Migrate floating IP deletion to neutron 2020-08-24 06:44:29 +02:00
Ole Markus With f757d3afe3 Remove unused function for creating floating IP 2020-08-24 06:44:29 +02:00
Ole Markus With a0acc90137 Remove unused mock endpoint 2020-08-24 06:44:29 +02:00
Ole Markus With bac632b9d1 Migrate floating IP getter to neutron 2020-08-24 06:44:29 +02:00
Ole Markus With cb005902b2 Remove unused mock function 2020-08-24 06:44:29 +02:00
Ole Markus With 36fb150105 Migrate floating IP to server association to neutron 2020-08-24 06:44:27 +02:00
Ole Markus With 8c70787bab Upgrade gophercloud to v1.11.0 
Update upup/pkg/fi/cloudup/openstacktasks/instance.go

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2020-08-23 16:45:00 +02:00
Ciprian Hacman 2d61ab0876 Bump kops to v1.19.0-alpha.3 2020-08-23 12:07:44 +03:00
Kubernetes Prow Robot 10405bc4d3
Merge pull request #9792 from olemarkus/openstack-newer-nova-2 
Don't use nova for glance mocks
 2020-08-21 10:19:40 -07:00
Ciprian Hacman 2880e22bce Add flag for root volume encryption 2020-08-21 18:31:21 +03:00
Ole Markus With 29682700c7 Don't use nova for glance mocks 
Fetching images through nova is deprecated and removed in newer versions
of the compute API. Mocks now reflect this behavior.
 2020-08-21 10:18:52 +02:00
MoShitrit 9bd7a350eb Upgrade AWS VPC CNI to 1.7.0 2020-08-19 21:51:22 -04:00
Kubernetes Prow Robot 899c43b23a
Merge pull request #9783 from hakman/weave-2.7.0 
Update Weave Net to v2.7.0
 2020-08-19 10:17:22 -07:00
Ciprian Hacman 5e8bfa06b6 Update Weave Net to v2.7.0 2020-08-19 19:42:02 +03:00
Kubernetes Prow Robot 8a81d94c7b
Merge pull request #9773 from victorfrancax1/7286 
Adding support for permission boundaries for AWS IAM Roles
 2020-08-19 06:51:11 -07:00
Victor Ferreira 3aaa9a7c0f feat(aws): adding support to permission boundaries for IAM Roles 2020-08-19 01:16:13 -03:00
Kubernetes Prow Robot bacd944dea
Merge pull request #9776 from johngmyers/cni-client-certs 
Issue the cilium etcd client cert out of kops-controller
 2020-08-18 08:13:30 -07:00
Kubernetes Prow Robot ffe3b3468d
Merge pull request #9766 from hakman/distros 
Use /etc/os-release to identify the distribution
 2020-08-17 22:37:30 -07:00
John Gardiner Myers 07220797b4 Issue the cilium etcd client cert out of kops-controller 2020-08-17 21:15:34 -07:00
Kubernetes Prow Robot 655c424ded
Merge pull request #9755 from WarpRat/9750 
Fix backwards compatibility when backend mode isn't set
 2020-08-17 06:28:18 -07:00
John Gardiner Myers d05f9a3eff Don't issue certs for features not enabled 2020-08-16 23:40:43 -07:00
Robert Russell 1981c56f67 Fix backwards compatibility when backend mode isnt set 2020-08-16 23:05:04 -07:00
Ciprian Hacman e68ee80a93 Move and rename the "distros" package 2020-08-17 07:25:43 +03:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers 1a253dc574 Send the STS queries to the local region 2020-08-15 10:30:22 -07:00
John Gardiner Myers 5dcc95178f Verify the ARN's partition 2020-08-15 10:30:22 -07:00
John Gardiner Myers 9e99f76a6e Address review comments 2020-08-15 10:30:21 -07:00
John Gardiner Myers 8ec55f28c7 Don't install RBAC addon when using kops-controller bootstrap 2020-08-15 10:30:21 -07:00
John Gardiner Myers c5871df319 Get kubelet certificate from kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers bec273ebf1 Implement signing of kubelet cert in kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers 9cfa169740 Add server code to kops-controller 2020-08-15 10:30:15 -07:00
John Gardiner Myers cfa262a81a Authenticate from nodeup to kops-controller 2020-08-15 09:50:08 -07:00
John Gardiner Myers 9c01e1f44d Send bootstrap query from nodeup to kops-controller 2020-08-15 09:50:08 -07:00
John Gardiner Myers 82c75211cf update-expected.sh 2020-08-15 09:50:07 -07:00
John Gardiner Myers 00c60ddff6 Add server code to kops-controller 2020-08-15 09:46:30 -07:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
John Gardiner Myers 2472e75bbf Remove unused tags functionality 2020-08-14 14:29:30 -07:00
Kubernetes Prow Robot e2e5b00620
Merge pull request #9689 from secoya/master 
Support for using hostPort when using kube-router
 2020-08-14 01:08:22 -07:00
Anders Ingemann ee8ec6c511
kube-router: Bump version 2020-08-14 09:31:41 +02:00
liranp 64c07b336a
feat(spot/ocean): add support for instance types in launchspec 2020-08-13 16:32:54 +03:00
Kubernetes Prow Robot 69954dc124
Merge pull request #9737 from hakman/remove-tags 
Remove unused Tags and FSRoot from NodeUp
 2020-08-13 00:40:13 -07:00
Ciprian Hacman baac575df2 Update cluster-proportional-autoscaler to v1.8.3 2020-08-13 07:44:19 +03:00
Ciprian Hacman d70fb506e5 Remove unused FSRoot from NodeUp 2020-08-12 18:35:35 +03:00
Ciprian Hacman 44db702f7e Update bazel 2020-08-12 18:35:26 +03:00
Ciprian Hacman d75042cc85 Remove unused Tags from NodeUp 2020-08-12 18:35:26 +03:00
Ole Markus With 9890839cec Add an integration test for openstack floating ip 
* Integration test for floatingip cluster
* Implements mocking of floatingIP (only list for now)
* Expands various cloudmocks
* Fixes an NPR in openstack validation
* Fixes a bug where kops tries to use DNS even if the cluster is gossip
 2020-08-12 12:59:30 +02:00
Peter Rifel 008c22d9c0
Upgrade AWS VPC CNI provider to 1.6.4 
This adds support for arm64
 2020-08-11 20:41:02 -05:00
Kubernetes Prow Robot 9b46e3fb9a
Merge pull request #9721 from hakman/ghw-win-2019 
Add windows job to GH workflows
 2020-08-11 11:20:18 -07:00
Ciprian Hacman 7fcabc107d Exclude file tests for Windows 2020-08-11 14:28:37 +03:00
Ciprian Hacman 3f97ba8d85 Fix terraform tests /tmp error for Windows 2020-08-11 14:28:37 +03:00
Ole Markus With 25d98796e2 Add cinder plugin 2020-08-11 10:15:12 +02:00
Peter Rifel a852a9d3e0
Update openstack.MockCloud to use cloudmock clients 2020-08-10 15:22:49 -05:00
Ciprian Hacman 331d223043 ARM64 support - Side-load multi-arch images 2020-08-10 13:47:07 +03:00
Ciprian Hacman c51a811c21 ARM64 support - Update expected tests output 2020-08-10 13:47:07 +03:00
Ciprian Hacman 172031859d ARM64 support - Build multi-arch images 2020-08-10 13:47:07 +03:00
Ciprian Hacman cd74b9d1a6 ARM64 support - Don't generate Protokube assets for mock 2020-08-10 12:05:24 +03:00
Peter Rifel 3426e2f585
Address feedback 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-08 21:51:43 -05:00