kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,164 Commits 116 Branches 250 Tags 531 MiB
Commit Graph

87 Commits

Author SHA1 Message Date
Peter Rifel 7b8bcc46d9
Migrate elbv2 to aws-sdk-go-v2 2024-03-30 13:53:40 -05:00
justinsb 4423b79959 aws: expose port 8443 when using NLB with a custom certificate 
We dropped the security group rules for this when moving to NLB
security groups; add them back.

Issue #16024
 2024-03-12 21:41:47 -04:00
justinsb 2a9343a168 Generate revisions of NLB objects, and introduce cleanup phase 
This lets us safely make changes to otherwise immutable fields, in
particular for adding security groups to NLBs created without them.

We detect the older versions, and create deletion tasks to remove
them.  These tasks can be deferred, and we expect them to be
deferred to a "prune" phase that runs after cluster apply.

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2024-02-17 11:41:15 -05:00
justinsb bd8cce06ae refactor: Drop TargetGroups from NetworkLoadBalancer task 
They are not needed, they were only used for dependency ordering (and
we now have that dependency on the split out listener task)
 2024-02-04 18:09:17 -05:00
justinsb c35c754eff Refactor: Split out NLB Listener into its own task 
This allows us to use more of our task machinery, including dependency
analysis.  The intent is that we'll be able to support multiple
LoadBalancers and TargetGroups.
 2024-02-04 15:52:25 -05:00
justinsb 086af6458e refactor: wait for load balancer readiness using a private field 
This approach is more explicit than looking at the names of the target
groups, and using a private field is simpler.
 2024-01-29 09:34:56 -05:00
Kubernetes Prow Robot b84ab1e0eb
Merge pull request #16289 from justinsb/nlb_should_set_scheme 
Tweak: Set Scheme on NLB tasks for public load balancers
 2024-01-28 21:13:35 -08:00
justinsb 0b8d3a52cb Tweak: Set Scheme on NLB tasks for public load balancers 
This avoids a spurious diff.
 2024-01-28 16:19:37 -05:00
justinsb 169c96ba11 refactor: NetworkLoadBalancer Name should match Name tag 
It was actually the terraform name, and didn't match the tag.

This change should have no externally-visible effect.
 2024-01-28 16:19:02 -05:00
justinsb 50776a7e92 Refactor ForAPIServer 
We instead return a list of the services we are supporting.

We can in future split out internal and external apiserver services.
 2024-01-12 15:53:41 -05:00
Ciprian Hacman 6dd31d9680 aws: Attach security group to NLBs for kops-controller 2023-10-08 09:16:35 +03:00
John Gardiner Myers 2fbc7cf979 aws: Attach security groups to NLBs 2023-10-06 22:33:31 -07:00
John Gardiner Myers 8cc617afd9 Make NLBs dualstack when they're in IPv6-capable subnets 2023-05-11 14:46:23 -07:00
justinsb b7d9319fff EnsureTask should panic on error 
This means that we automatically check the error code.  A linter could
detect errors here (maybe), but in practice we can't recover from
errors here anyway.
 2023-01-04 08:29:20 -05:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
John Gardiner Myers b024338768 Always include load balancer domain in APIServer certificate 2022-12-17 16:14:08 -08:00
Ciprian Hacman 3a046ded6b aws: Add support for managing target group attributes 2022-12-07 18:56:14 +02:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
John Gardiner Myers 5fca16aa30 v1alpha3: Move API-related settings under API 2022-11-19 10:27:12 -08:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Kubernetes Prow Robot f982934ae2
Merge pull request #14499 from johngmyers/delete-clb 
aws: delete CLBs after migration to NLB
 2022-11-06 10:20:15 -08:00
John Gardiner Myers 66eb76ada5 aws: delete CLBs after migration to NLB 2022-11-05 14:34:57 -07:00
Ciprian Hacman edb44610f7 aws: Create cluster without DNS or Gossip 2022-11-02 12:54:27 +02:00
Kubernetes Prow Robot 2c4808c5bd
Merge pull request #14440 from hakman/hetzner_no-dns_master 
hetzner: Create cluster without DNS or Gossip
 2022-11-02 02:02:47 -07:00
Ciprian Hacman 1d53eba4b3 aws: Set the target group health check interval to 10s 2022-10-29 10:30:50 +03:00
Ciprian Hacman 4e5ded6dc3 hetzner: Create cluster without DNS or Gossip 2022-10-27 11:29:37 +03:00
Ciprian Hacman dc98c74428 Move Gossip check to cluster struct 2022-10-21 09:48:07 +03:00
Ciprian Hacman 85026145a1 Always infer gossip DNS from cluster name 2022-10-02 12:54:37 +03:00
Ciprian Hacman ff40d18a7d Avoid spurious changes with NLB due to access log config 2022-09-23 20:57:57 +03:00
Kubernetes Prow Robot bffc60202c
Merge pull request #13113 from hierynomus/issue-12925 
Allow PrefixList for sshAccess and kubernetesApiAccess
 2022-02-15 07:20:03 -08:00
Jeroen van Erp 255a0322c9
Allow PrefixList for sshAccess and kubernetesApiAccess 
Signed-off-by: Jeroen van Erp <jeroen@hierynomus.com>
 2022-02-15 14:37:28 +01:00
John Gardiner Myers 5385381633 Use IPv6-only subnets for worker nodes in private IPv6 topology 2022-01-06 21:00:00 -08:00
John Gardiner Myers 3314c18e89 Support creating dualstack internal NLBs 2021-12-19 21:52:56 -08:00
Bronson Mirafuentes 95c520f4af enable connection-draining for aws classic lb 2021-12-03 10:00:45 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
AkiraFukushima 2fd69ba3a3
Remove access log attributes when the spec is removed from cluster spec 2021-08-03 17:45:20 +09:00
AkiraFukushima 226cbe5561
Support AWS LB access log configuration for NetworkLoadBalancer 2021-08-03 12:12:16 +09:00
AkiraFukushima 50ab82ed04
Support AWS LB access log configuration in cluster spec 2021-07-29 22:39:23 +09:00
Ciprian Hacman 7969f57d07 Address review comments 2021-06-26 21:27:00 +03:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 7c9e7e9286 Make Lifecycle field non-pointer 2021-06-02 23:02:16 -07:00
John Gardiner Myers 2b146d31d6 Set Lifecycle in APILoadBalancerBuilder 2021-05-31 10:39:33 -07:00
Ciprian Hacman cedbe1f360 Add initial support for configuring IPv6 with AWS 2021-05-19 06:21:07 +03:00
Ciprian Hacman 137fe6c2bb Move firewall to awsmodel 2021-04-30 14:50:46 +03:00
Timothy Clarke 1577b0a54b
Adding Elastic IP Allocations to NLB API 2021-02-18 12:27:28 +00:00
Alexander Block 295fb11ac2 Better readable modification assigning of PrivateIPv4Address 2021-02-10 09:39:32 +01:00
Alexander Block 2c0f9809eb Move validation of ClusterSubnetSpec into pkg/apis/kops/validation 2021-02-10 09:36:39 +01:00
Alexander Block c6eca9db81 Fix check for empty privateIPv4Address 2021-02-10 08:21:22 +01:00
Alexander Block 6facd1b8ab Allow to explicitely choose subnets and private IPs for the API loadbalancer 2021-02-05 17:53:20 +01:00