kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,934 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

89 Commits

Author SHA1 Message Date
Ole Markus With 4d2eca199f Remove node-authorization 2021-01-11 18:59:45 +01:00
Ciprian Hacman c36262009b Install container runtime packages as assets - Code Review 1 2020-10-23 11:05:41 +03:00
Ciprian Hacman 852bebe165 Install container runtime packages as assets - Misc 2020-10-14 15:41:51 +03:00
Justin SB 2be21562a9 Support writing a full certificate chain 
This means that our https endpoint will serve the ca.crt as well.
 2020-08-25 11:09:04 -04:00
Kubernetes Prow Robot bacd944dea
Merge pull request #9776 from johngmyers/cni-client-certs 
Issue the cilium etcd client cert out of kops-controller
 2020-08-18 08:13:30 -07:00
Kubernetes Prow Robot ffe3b3468d
Merge pull request #9766 from hakman/distros 
Use /etc/os-release to identify the distribution
 2020-08-17 22:37:30 -07:00
John Gardiner Myers 07220797b4 Issue the cilium etcd client cert out of kops-controller 2020-08-17 21:15:34 -07:00
John Gardiner Myers 2d898fa645 Inline some methods 2020-08-17 00:18:00 -07:00
Ciprian Hacman e68ee80a93 Move and rename the "distros" package 2020-08-17 07:25:43 +03:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
John Gardiner Myers c5871df319 Get kubelet certificate from kops-controller 2020-08-15 10:30:20 -07:00
John Gardiner Myers 321035f460 Allow cert/key file tasks to specify owner 2020-08-15 10:30:20 -07:00
John Gardiner Myers 00c60ddff6 Add server code to kops-controller 2020-08-15 09:46:30 -07:00
Kubernetes Prow Robot 734a0eb5f3
Merge pull request #9415 from johngmyers/refactor-nodeup-2 
Continue moving InstanceGroup data to NodeupConfig
 2020-07-02 20:50:47 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
John Gardiner Myers 5e5f25703d Move KubeletConfig into the NodeupConfig 2020-06-28 18:51:16 -07:00
John Gardiner Myers 386286d172 Move VolumeMounts into the NodeupConfig 2020-06-17 09:09:24 -07:00
John Gardiner Myers a5f5acc09d Move the instancegroup role into NodeupConfig 2020-06-17 09:05:15 -07:00
Justin SB bf11a65bd3 Try wrapping pkix.Name 2020-06-09 20:24:09 -07:00
John Gardiner Myers b0694300df Issue kube-scheduler cert in nodeup 2020-06-09 20:23:33 -07:00
ZouYu 2fc52ec6be fix some go-lint warning 
Signed-off-by: ZouYu <zouy.fnst@cn.fujitsu.com>
 2020-06-09 08:52:50 +08:00
Kubernetes Prow Robot 9e4bf1699a
Merge pull request #9216 from hakman/prepare-multi-arch 
Prepare Kops for multi-architecture support
 2020-06-04 21:35:43 -07:00
Ole Markus With b62f6aa894 Move networking in nodeup to dedicated subpackage 2020-06-04 17:32:41 +02:00
Ciprian Hacman 654a0d2d8a Detect supported architecture during node setup 2020-06-03 17:23:59 +03:00
John Gardiner Myers c1562291d7 Update adding_a_feature.md with more modern example 2020-05-28 23:19:14 -07:00
Kubernetes Prow Robot 6830cf6d44
Merge pull request #9065 from johngmyers/remove-distro 
Remove support for CoreOS and Jessie
 2020-05-27 23:22:01 -07:00
Ole Markus With d1ff25bb4e Remove some rather long networking nil checks 2020-05-22 08:08:58 +02:00
Justin SB 75fd939a62
kube-apiserver: healthcheck via sidecar container 
kube-apiserver doesn't expose the healthcheck via a dedicated
endpoint, instead relying on anonyomous-access being enabled.  That
has previously forced us to enable the unauthenticated endpoint on
127.0.0.1:8080.

Instead we now run a small sidecar container, which
proxies /healthz and /readyz requests (only) adding appropriate
authentication using a client certificate.

This will also enable better load balancer checks in future, as these
have previously been hampered by the custom CA certificate.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-05-07 08:06:52 -04:00
John Gardiner Myers 06c6ac1bee Remove support for CoreOS and Jessie 2020-05-04 23:09:52 -07:00
Ciprian Hacman 4d7aa9b0f3 Always run Docker "health-check" for older versions of Kubernetes 2020-03-15 09:51:03 +02:00
Ole Markus With ced8f00201 Add option to use ENI as IPAM mode for Cilium 
* Force cilium-operator run on master nodes
* Add option for setting cilium ipam mode
* If cilium ipam mode is eni, add additional permissions to master nodes
* Allow NonMasqueradeCIDR overlap with NetworkCIDR when Cilium ENI is enabled
 2020-02-16 19:11:01 +01:00
Kubernetes Prow Robot 77d6d381c3
Merge pull request #8327 from johngmyers/remove-code 
Remove code for unsupported Kubernetes versions
 2020-01-15 14:54:22 -08:00
John Gardiner Myers 6e9dc8fc0f Remove code for unsupported k8s versions from nodeup 2020-01-12 19:30:34 -08:00
Justin SB a0c16c9abe Use /opt/cni/bin on all distros 
We used to remap the cni-bin to /home/kubernetes/bin on COS, but that
then requires us to change the CNI manifests also to write to the new
location.

Instead we can use /opt/cni/bin on all distros, now that we are making
it writeable everywhere with a bind mount.
 2020-01-11 13:03:12 -05:00
Justin Santa Barbara fc21f4255f Replace kubernetes mount code with utils 
This will remove one of the main dependencies on the
kubernetes/kubernetes repo.
 2020-01-04 17:34:31 -05:00
tanjunchen 7e25f9831d nodeup/pkg/ pkg/ staticcheck 2019-12-31 15:03:39 +08:00
tanjunchen 28fdb358f8 fix-up staticcheck error 2019-10-08 13:53:04 +08:00
tanjunchen 8fe36dc72c fix-up some staticcheck error 2019-10-06 10:40:13 +08:00
Kubernetes Prow Robot 942c8915db
Merge pull request #7496 from justinsb/label_controller 
kops-controller
 2019-09-27 03:43:35 -07:00
Justin SB 728e582360
Fill out kops controller functionality 
k8s 1.16 requires that we move label setting away from the kubelet, to
a central controller.  kops-controller is that controller.
 2019-09-25 12:04:34 -04:00
Peter Rifel c8d424dd87 Fix some staticcheck warnings 2019-09-25 06:35:25 -07:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Thomas Jackson ea61fb8de0 Replace behavior for aws hostnameOverride 
If the cluster's VPC includes DHCP options the local-hostname includes
the DHCP zone instead of the private DNS name from AWS (which is what
k8s uses regardless of flags). This patch simply makes the
hostnameOverride implementation match by using the AWS api to get the
private DNS name

Related to #7172
 2019-07-17 10:30:07 -07:00
Salvatore Mazzarino c7381f9a34 Flatcar support 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-05-31 12:20:27 +02:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Justin SB 31f408c978
Support etcd-manager in kops 1.12 
In 1.12 (kops & kubenetes):

* We default etcd-manager on
* We default to etcd3
* We default to full TLS for etcd (client and peer)
* We stop allowing external access to etcd
 2019-03-14 23:13:06 -04:00
Justin SB dd7533398d
Support etcd-manager v3, suitable for backporting 
Add etcd-manager v3 in a way that we can safely backport.
 2019-01-29 23:51:26 -05:00
Rohith 6c814f3e73 Changes 
- removed all the systemd unit creation and use the volume mount code from kubele (SafeFormatAndMount)
- added some documentation to highlight the feature and show how it might be used in both ebs and ephemeral storage
 2019-01-18 22:49:54 +00:00
Rohith 0e155b4c78 - changed tack and making them two separate features for now, one adding additional volumes and two mounting them. This should always allow for user to use epherimal devices as well 
- updated the api specs and machinery
- adding the dependecies on the services when the volume mounts are enable (should probably false this if they don't effect the docker filesystem)
 2019-01-18 22:49:38 +00:00
Justin SB 26bd75aecb
Bulk spelling fixes 
Experimenting with my own spelling checker, these are the typos it caught.
 2018-12-20 17:43:56 -05:00