4514 Commits

Author	SHA1	Message	Date
justinsb	3027943dd2	Use etcd 3.5.3 instead of 3.5.1 ... 3.5.3 includes the fixes for the potential etcd 3.5.x corruption issues.	2022-04-17 17:04:46 -04:00
Ciprian Hacman	0643271a97	Revert "Enable etcd corruption check as mitigatio of 3.5 corruption issue" ... This reverts commit 6d75f8f9f0.	2022-04-17 18:34:49 +03:00
justinsb	74397b2a4f	Update to etcd-manager 3.0.20220417 ... In particular we want to pick up changes addressing the potential corruption found in 3.5.0 - 3.5.2: * Use etcd 3.5.3 * Pass the ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK for all 3.5 series	2022-04-17 10:29:01 -04:00
Ole Markus With	ce2e877aeb	Remove bazel files from vendor	2022-04-12 13:29:03 +02:00
Ole Markus With	bcbeb30d85	Remove explicit dependency on yamlv2 ... Update tests/e2e/kubetest2-kops/deployer/template.go Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>	2022-04-10 13:29:21 +02:00
Kubernetes Prow Robot	8120147889	Merge pull request #13326 from johngmyers/move-openstack ... Move Openstack settings to cloudProvider.openstack	2022-04-10 00:10:05 -07:00
DingGGu	24965f43b2	Run apimachinery for nth excludeLoadBalancers	2022-04-09 17:04:23 +09:00
DingGGu	1b9cf91684	Bump NTH to 1.16.1, use WithDefaultBool in gotemplate, set ExcludeLoadBalancers default true	2022-04-09 17:04:23 +09:00
DingGGu	c1042f4a3b	Bump NTH 1.16 and add excludeFromLoadBalancers option	2022-04-09 17:04:16 +09:00
John Gardiner Myers	6a621fcde5	Cleanup OpenStackOptionsBuilder	2022-04-07 14:52:25 -07:00
John Gardiner Myers	aff5f587f3	Move Openstack settings to cloudProvider.openstack	2022-04-07 10:04:19 -07:00
Kubernetes Prow Robot	5cbb338528	Merge pull request #13065 from johngmyers/move-azure ... Move Azure settings to cloudProvider.azure	2022-04-07 09:37:57 -07:00
Kubernetes Prow Robot	107fa6dcfb	Merge pull request #13454 from olemarkus/enable-etcd-corruption-check ... Enable etcd corruption check as mitigatio of 3.5 corruption issue	2022-04-07 08:50:08 -07:00
Kubernetes Prow Robot	f32503e413	Merge pull request #12919 from olemarkus/cilium-11-default ... Use Cilium 1.11 as default	2022-04-06 04:18:56 -07:00
Ciprian Hacman	42289b7faa	Update containerd to v1.6.2	2022-04-04 09:01:10 +03:00
Kubernetes Prow Robot	feb66910b1	Merge pull request #13318 from guillomep/allow_to_add_additional_routes ... Possibility to add additional routes in route tables of subnets	2022-04-03 13:46:09 -07:00
Ole Markus With	6d75f8f9f0	Enable etcd corruption check as mitigatio of 3.5 corruption issue	2022-04-03 14:11:15 +02:00
Kubernetes Prow Robot	7684da6eca	Merge pull request #13396 from anthonyhaussman/feat/tone/PodAnnotations_NodeLocalDNS ... Add possibility to set PodAnnotations into NodeLocalDNS	2022-04-01 10:56:47 -07:00
Ole Markus With	3d77ab6139	Use Cilium 1.11 as default	2022-03-29 12:58:24 +02:00
Guillaume Perrin	1235b63a0d	Only authorize additionalRoute for private subnets ... Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>	2022-03-28 15:49:03 +02:00
Guillaume Perrin	db27c00fa0	Apply suggestions from code review ... Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com> Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>	2022-03-28 14:57:21 +02:00
Guillaume Perrin	2b7f9a4aeb	Do not add additional routes for shared subnets ... Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>	2022-03-28 14:57:21 +02:00
Guillaume Perrin	e501ac62a4	Possibility to add additional routes in route tables of subnets ... Signed-off-by: Guillaume Perrin <guillaume28.perrin@gmail.com>	2022-03-28 14:57:21 +02:00
Ole Markus With	93e35adebc	update bazel	2022-03-26 18:50:14 +01:00
Ole Markus With	e053bf5635	Don't digest images in integration tests	2022-03-26 18:40:21 +01:00
Ole Markus With	0f3e3c793b	Create feature flag that is default on for image digests	2022-03-26 18:40:21 +01:00
Ole Markus With	e657a1a0f2	Remap images to add digest to them	2022-03-26 18:40:21 +01:00
Anthony Hausman	2b589d5914	FIX: Set default version into `model/components/nodeterminationhandler.go`	2022-03-23 11:56:38 +01:00
Anthony Hausman	308a886557	AWS-NODE-TERMINATION: Add possibility to set a tune image version ... Add the possibility into the AWS `node-termination-handler` addon to set a different image tag version. It can help to have last fixes if it's needed.	2022-03-23 10:59:51 +01:00
Anthony Hausman	7752cfc932	Add possibility to set PodAnnotations into NodeLocalDNS ... Annotations is pretty useful when you need third-party tool to add additional behavior for a k8s resource. Lots of auto-discovery tools are based on this annotations. This PR add the possibility to set tune pod annotations in the node-local-dns daemonsets.app.	2022-03-21 16:15:10 +01:00
srikiz	b0b7ca8992	Use available regions as per the latest DO documentation	2022-03-20 20:08:24 +05:30
Kubernetes Prow Robot	65694b20b8	Merge pull request #13234 from spotinst/feat-ocean-template ... Spotinst: Ocean as a template for VNGs	2022-03-19 00:45:08 -07:00
Bronson Mirafuentes	e112d81025	Release 1.24.0-alpha.3 (#13372) ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-03-18 21:09:12 -07:00
Ciprian Hacman	30404d64a2	Run hack/update-expected.sh ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-03-18 09:01:59 +02:00
Ciprian Hacman	a4ed2b0654	Migrate to registry.k8s.io ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-03-18 08:47:12 +02:00
Kubernetes Prow Robot	d751d0f056	Merge pull request #13364 from olemarkus/fix-long-role-names ... Fix long role names	2022-03-17 23:43:16 -07:00
Kubernetes Prow Robot	1fa84011f8	Merge pull request #13382 from srikiz/DO-Remove-SFO2-region ... [Digital Ocean] Remove sfo2 region from the list of supported DO regions	2022-03-17 21:45:16 -07:00
Kubernetes Prow Robot	6180ebc491	Merge pull request #13366 from olemarkus/allow-duplicate-taint-keys ... Allow duplicate taint keys	2022-03-17 20:51:16 -07:00
srikiz	f6072832cb	Remove sfo2 region from the list of supported DO regions	2022-03-18 00:03:43 +05:30
Kubernetes Prow Robot	6151a11e63	Merge pull request #13369 from olemarkus/lbc-permissions-2 ... Add missing permissions to aws lbc for IP targeting	2022-03-16 06:53:50 -07:00
Ole Markus With	b080abcd88	Add missing permissions to aws lbc for IP targeting	2022-03-16 13:28:20 +01:00
Kubernetes Prow Robot	404e411103	Merge pull request #13330 from zetaab/feature/openstackgpu ... Support GPU in OpenStack	2022-03-16 03:37:50 -07:00
Ole Markus With	1667d10833	Allow taints with unique key,value,effect	2022-03-16 07:18:12 +01:00
Ole Markus With	3fcb84ed6b	Truncate the standard role names	2022-03-15 21:31:04 +01:00
Kubernetes Prow Robot	aff109f9fc	Merge pull request #13343 from olemarkus/securitycontext ... Add user to container securityContext and remove command	2022-03-14 02:48:21 -07:00
Jesse Haka	a800218840	fixes	2022-03-11 12:01:20 +02:00
Jesse Haka	28caf02878	Support GPU in OpenStack	2022-03-11 09:19:09 +02:00
Ole Markus With	8524c3d320	Bump CCM 1.22 image. Use the 1.23 image for 1.24 due to latest being broken	2022-03-11 08:12:52 +01:00
Ole Markus With	d7cb3bb1f7	Add user to container securityContext and remove command	2022-03-07 15:09:51 +01:00
Ole Markus With	982463683d	Remove checks that doesn't work when we do not delete the node object	2022-03-06 07:34:52 +01:00
Ole Markus With	2ba9c1670f	Only delete node object on GCE	2022-03-06 07:34:52 +01:00
Kubernetes Prow Robot	fabfb3f4ab	Merge pull request #13310 from zetaab/fixgce ... Fix GCE service account creation	2022-03-04 11:02:52 -08:00
Ciprian Hacman	2ff86a6656	Update containerd to v1.6.1 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-03-04 07:51:46 +02:00
John Gardiner Myers	08ed25e7eb	Fix capitalization to match Go conventions	2022-03-03 15:18:25 -08:00
John Gardiner Myers	591dd1aba9	Move Azure settings to cloudProvider.azure	2022-03-03 15:18:23 -08:00
John Gardiner Myers	cac727c357	Make cloudProvider a struct in v1alpha3 API	2022-03-02 21:59:49 -08:00
John Gardiner Myers	70f7d9bdb2	Use function to get cloud provider from cluster spec	2022-03-02 21:59:47 -08:00
liranp	55de5a31bf	feat(spot): ocean as a template for vngs	2022-03-02 21:37:45 +02:00
Jake	191f54fa2f	add support for ed25519 keys	2022-03-02 09:21:05 +00:00
Kubernetes Prow Robot	2419eb7225	Merge pull request #13176 from h3poteto/iss-12436 ... Add support to install EKS Pod Identity Webhook	2022-03-01 05:37:48 -08:00
Jesse Haka	617b439b38	Fix GCE service account creation	2022-03-01 11:59:42 +02:00
Kubernetes Prow Robot	02dc9dd8b3	Merge pull request #13201 from zetaab/removesa ... cleanup GCP Cluster Service Accounts	2022-02-23 04:24:19 -08:00
Jesse Haka	67beb3fef5	add const	2022-02-23 10:52:08 +02:00
AkiraFukushima	e5cf940d53	Add managed-by label to addon pods	2022-02-20 18:33:51 +09:00
AkiraFukushima	c8710203ba	Add support to install EKS Pod Identity Webhook	2022-02-20 18:33:50 +09:00
Kubernetes Prow Robot	e29591e21e	Merge pull request #13060 from srikiz/DO-Add-New-VPC ... [DigitalOcean] Implement new VPC if network-cidr flag is specified	2022-02-18 12:44:23 -08:00
Ole Markus With	cd247f0b3a	Add missing permissions to aws lbc for irsa	2022-02-18 15:26:05 +01:00
Kubernetes Prow Robot	7714964963	Merge pull request #13266 from olemarkus/validate-taints ... Validate taints in IG spec	2022-02-17 21:44:22 -08:00
Ole Markus With	afcfd1b1e8	Prevent populate ig from adding nvidia taint if it has already been set	2022-02-17 10:42:21 +01:00
John Gardiner Myers	b41cca38d5	Enable RBN with AWS CCM 1.22.0-alpha.1	2022-02-16 22:21:30 -08:00
Kubernetes Prow Robot	156941d416	Merge pull request #13267 from olemarkus/lbc-124 ... Update LBC to 2.4.0	2022-02-16 22:07:36 -08:00
Ole Markus With	9431c0ab69	Update LBC to 2.4.0	2022-02-16 21:39:31 +01:00
Ole Markus With	61bcdd7d72	Validate taints in IG spec	2022-02-16 20:33:17 +01:00
Ciprian Hacman	843f89aedd	Update containerd to v1.6.0 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-02-16 08:25:40 +02:00
Kubernetes Prow Robot	e5f75e03b0	Merge pull request #13199 from zetaab/addhealthcheck ... GCP API health checks	2022-02-15 17:27:02 -08:00
Kubernetes Prow Robot	bffc60202c	Merge pull request #13113 from hierynomus/issue-12925 ... Allow PrefixList for sshAccess and kubernetesApiAccess	2022-02-15 07:20:03 -08:00
Jeroen van Erp	255a0322c9	Allow PrefixList for sshAccess and kubernetesApiAccess ... Signed-off-by: Jeroen van Erp <jeroen@hierynomus.com>	2022-02-15 14:37:28 +01:00
srikiz	97a3ef1566	Initial changes for vpc ... More changes for do vpc some more minor updates Fix PrivateIP check Bazel fixes Minor changes for vpc listing Minor fixes for DO VPC Add delete vpc logic More fixes for vpc usage with gossip based clusters Fix minor comments in code Fix mock DO interface to use missing functions Another fix for mock cloud do for missing interface function incorporate review comments incorporate review comments	2022-02-15 17:07:09 +05:30
Jiahui Feng	84dc7ca908	generated: make apimachinery && make crds	2022-02-14 10:49:45 -08:00
Jiahui Feng	1c030508af	add Controllers to ccm config.	2022-02-14 10:43:05 -08:00
Ciprian Hacman	5746093297	Install contained from the release package ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-02-14 11:27:26 +02:00
Ole Markus With	8b71cedccc	Do not enable graceful shutdown if k8s version < 1.21	2022-02-12 19:13:52 +01:00
Ole Markus With	65c3a63d5d	KCM should not run with leader migraton when aws ccm is enabled ... AWS CCM is enabled by default in k8s 1.24, and KCM builder is now aware of that	2022-02-12 11:35:30 +01:00
Ole Markus With	2625264fe5	Add support for graceful node shutdown ... Update docs/cluster_spec.md Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>	2022-02-11 20:51:02 +01:00
Kubernetes Prow Robot	95fc0ac5b8	Merge pull request #13212 from olemarkus/irsa-119 ... Fix irsa for k8s < 1.20	2022-02-09 12:25:49 -08:00
Ole Markus With	d7944b1021	Refactor serviceaccountissuerdiscovery validation	2022-02-09 20:15:12 +01:00
Ole Markus With	74e9a6cd18	Fix irsa for k8s < 1.20	2022-02-09 08:52:06 +01:00
Kubernetes Prow Robot	147052818b	Merge pull request #13203 from olemarkus/csi-featuregates ... Fix CSI migration feature gates	2022-02-07 21:36:53 -08:00
Jiahui Feng	b1dde24433	always enable Leader Election ... for openstack CCM.	2022-02-07 15:31:21 -08:00
Ciprian Hacman	f6d2502b85	Update containerd to v1.6.0-rc.3 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-02-08 20:03:10 +02:00
Jiahui Feng	c57ed0c053	fix KCM logLevel not honored.	2022-02-07 14:34:35 -08:00
Jesse Haka	3e505a559e	add missing import	2022-02-07 21:35:01 +02:00
Jesse Haka	180c3ae475	Update pkg/model/gcemodel/api_loadbalancer.go ... Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>	2022-02-07 21:32:05 +02:00
Ole Markus With	6f6196c2b9	Remove snapshot controller dependency on ebs csi driver ... There is no such dependency, and snapshot controller works on other cloud providers and with a host of other CSI drivers	2022-02-07 15:51:37 +01:00
Kubernetes Prow Robot	70f3a2ec7f	Merge pull request #13187 from jiahuif-forks/feature/enable-leader-election ... Always enable Leader Election for cloud-controller-manager	2022-02-05 06:30:50 -08:00
Jesse Haka	0a19533410	remove GCE Cluster Service Accounts	2022-02-04 16:46:27 +02:00
Ole Markus With	66e3202f34	Fix CSI migration feature gates ... We had a bug for KCM feature gate, and the scheuler and apiserver gate was missing entirely.	2022-02-04 15:29:28 +01:00
Kubernetes Prow Robot	2fbc3e0671	Merge pull request #13198 from hakman/containerd-1.6.0-rc.2 ... Update containerd to v1.6.0-rc.2	2022-02-03 18:28:11 -08:00
Jesse Haka	d3fac0c1be	GCP API health checks	2022-02-03 21:02:21 +02:00
Ciprian Hacman	b961e03296	Update containerd to v1.6.0-rc.2 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-02-03 19:31:16 +02:00
justinsb	4f89c2e689	Update expected test output for etcd-manager bump	2022-02-03 11:21:54 -05:00
justinsb	97b7b90226	Update to etcd-manager v3.0.20220203 ... Relevant changes: * Only emit GOMAXPROCS if non-zero [justinsb](https://github.com/justinsb) [284](https://github.com/kubernetes-sigs/etcdadm/pull/284) * Set ETCD_STRICT_RECONFIG_CHECK [justinsb](https://github.com/justinsb) [286](https://github.com/kubernetes-sigs/etcdadm/pull/286) * environment: ignore empty lines when converting to map [justinsb](https://github.com/justinsb) [285](https://github.com/kubernetes-sigs/etcdadm/pull/285) * Fix ipv6 detection [olemarkus](https://github.com/olemarkus) [291](https://github.com/kubernetes-sigs/etcdadm/pull/291) * Test for nil in to not found check [olemarkus](https://github.com/olemarkus) [292](https://github.com/kubernetes-sigs/etcdadm/pull/292)	2022-02-03 11:21:09 -05:00
Ole Markus With	6327cc378f	Fix etcd-manager for ipv6	2022-02-03 12:59:26 +01:00
Jiahui Feng	0dfa8614b1	always enable Leader Election ... for GCP cloud-controller-manager	2022-02-02 11:40:57 -08:00
Jiahui Feng	d4b5742b5d	always enable Leader Election ... for AWS cloud-controller-manager	2022-02-02 11:40:34 -08:00
Ole Markus With	af4d69cab3	Use etcd-manager pre-release until final release has been cut	2022-02-02 13:10:32 +01:00
Kubernetes Prow Robot	d6cb49747c	Merge pull request #13158 from olemarkus/bump-etcd-manager ... Bump etcd-manager to v3.0.20220128	2022-01-30 00:26:23 -08:00
Ole Markus With	994588c0fd	Bump etcd-manager to v3.0.20220128	2022-01-30 07:13:32 +01:00
Kubernetes Prow Robot	9023720a08	Merge pull request #13103 from heybronson/set-eviction-timeout ... add node-drain-timeout flag to rolling-update	2022-01-28 01:40:31 -08:00
Kubernetes Prow Robot	3b8727de06	Merge pull request #13143 from olemarkus/ccm-bump-123 ... Bump CCM images	2022-01-21 07:45:59 -08:00
Kubernetes Prow Robot	c9ad543dea	Merge pull request #13096 from zetaab/poolmonitor ... OpenStack - Add loadbalancer pool monitor to API LB	2022-01-21 04:49:58 -08:00
Ole Markus With	71a144136e	Bump CCM images	2022-01-21 13:24:40 +01:00
Kubernetes Prow Robot	ba837c0680	Merge pull request #13135 from olemarkus/metrics-server-bump-123 ... Bump metrics-server to 0.6.0 and enable HA mode	2022-01-21 01:27:59 -08:00
Ole Markus With	59dc424eae	Bump metrics-server to 0.6.0 and enable HA mode	2022-01-21 09:28:50 +01:00
Kubernetes Prow Robot	fd242709f3	Merge pull request #12911 from olemarkus/tag-on-create ... Tag on create for remaining CCM privileges	2022-01-21 00:11:59 -08:00
Bronson Mirafuentes	86b0ef0d0c	add drain-timeout flag to rolling-update cluster	2022-01-20 14:05:55 -08:00
Ole Markus With	9d476c0e9c	Add CreateSecurityGroup permission for vpcs	2022-01-20 17:49:36 +01:00
Ole Markus With	666cf710a2	Push partition into the policy struct	2022-01-20 17:49:36 +01:00
Ole Markus With	0a082fed12	Require tag on create for external AWS CCM	2022-01-20 15:32:46 +01:00
Jesse Haka	0beb036d83	expose external ccm metrics for OpenStack	2022-01-20 15:22:30 +02:00
Ciprian Hacman	68b4611066	Clean up kubelet networking flags for dockershim ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-01-19 17:36:18 +02:00
Ciprian Hacman	bf82a8f260	Update pause image to v3.6 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-01-19 13:00:36 +02:00
Kubernetes Prow Robot	4b1ea96448	Merge pull request #13111 from olemarkus/no-kubelet-section ... Don't set unsupported configs by default	2022-01-19 01:10:05 -08:00
Kubernetes Prow Robot	ef8c74f5fc	Merge pull request #12788 from hakman/ipv6_remove_featureflag ... Remove featureflag for creating IPv6 clusters	2022-01-18 22:58:05 -08:00
Kubernetes Prow Robot	4eb54f2260	Merge pull request #13114 from olemarkus/nodeup-describe-regions ... Add DescribeRegions to nodeup privs	2022-01-18 22:14:05 -08:00
Kubernetes Prow Robot	fda6210e29	Merge pull request #13104 from olemarkus/tag-on-create-func ... Create helper function for ec2 create/tag-on-create IAM permissions	2022-01-18 19:30:06 -08:00
Ole Markus With	3f265a43bb	Remove networking flags as of k8s 1.24	2022-01-18 22:15:16 +01:00
Kubernetes Prow Robot	85732b4c4d	Merge pull request #13030 from johngmyers/v6-topology ... Use IPv6-only subnets for worker nodes in private IPv6 topology	2022-01-18 10:58:40 -08:00
Jesse Haka	6b32f79c18	OpenStack - Add loadbalancer pool monitor to API LB	2022-01-18 12:10:47 +02:00
Ole Markus With	b80488906f	Add DescribeRegions to nodeup privs	2022-01-17 09:34:29 +01:00
Kubernetes Prow Robot	7e645187bc	Merge pull request #13110 from olemarkus/no-dns-irsa-on-gossip ... Do not create an IAM role for dns-controller on gossip clusters	2022-01-16 11:29:28 -08:00
Ole Markus With	da31a1198f	Don't set legacy IAM by default	2022-01-16 14:54:56 +01:00
Kubernetes Prow Robot	b82a5d917e	Merge pull request #13093 from zetaab/fixmaster ... fix ipv4+ipv6 sec groups/listeners in OpenStack	2022-01-16 03:37:27 -08:00
Ole Markus With	0ef596dd49	Do not create an IAM role for dns-controller on gossip clusters	2022-01-16 10:31:11 +01:00
John Gardiner Myers	f2ae352d21	Add validation for subnet type values	2022-01-14 17:53:09 -08:00
Ole Markus With	f4e538508f	Create helper function for ec2 create/tag-on-create IAM permissions	2022-01-14 18:41:28 +01:00
Ciprian Hacman	678366b916	Update containerd to v1.6.0-rc.0 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-01-13 07:39:37 +02:00
Jesse Haka	fbb8b1ff08	make gazelle	2022-01-12 15:13:08 +02:00
Jesse Haka	acdca486e7	fix ipv4+ipv6 sec groups/listeners in OpenStack	2022-01-12 15:11:51 +02:00
Kubernetes Prow Robot	1db71ca34c	Merge pull request #13081 from danports/price-priority-autoscaler-expanders ... Support price and priority cluster-autoscaler expanders	2022-01-11 02:25:17 -08:00
Dan Ports	71a2e26983	Fix StringValue nit ... Co-authored-by: Ole Markus With <olemarkus@gmail.com>	2022-01-07 13:37:45 -05:00
Ciprian Hacman	3f6db14e89	Update containerd to v1.6.0-beta.5 ... Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2022-01-07 10:18:10 +02:00
John Gardiner Myers	5385381633	Use IPv6-only subnets for worker nodes in private IPv6 topology	2022-01-06 21:00:00 -08:00
Dan Ports	2cc26b57cb	Less crashing when validating.	2022-01-05 22:50:37 -05:00
Dan Ports	7a52896fdc	Warn that the price expander is only supported on GCE in the docs.	2022-01-05 22:47:34 -05:00
Dan Ports	8672d9b219	Fix CRDs, clarify docs, and add cloud provider check for price expander.	2022-01-05 22:39:21 -05:00
Dan Ports	1d9996b4ad	Support price and priority cluster-autoscaler expanders.	2022-01-05 14:10:06 -05:00
Kubernetes Prow Robot	af7e6a4aeb	Merge pull request #12983 from zetaab/feature/drainos ... Drain OpenStack loadbalancers	2022-01-03 02:23:00 -08:00
John Gardiner Myers	d5ac8862d5	Release 1.24.0-alpha.2	2022-01-01 10:35:11 -08:00
John Gardiner Myers	4d4a4a9e01	Use latest GCP CCM for k8s 1.24	2021-12-31 17:31:12 -08:00
Kubernetes Prow Robot	3e5e929423	Merge pull request #12727 from justinsb/kopeio_networking_operator ... addons: support for kopeio-networking addon	2021-12-31 13:12:53 -08:00
justinsb	45ad8b50ae	Enhance AddHostPathMapping to support a fluent style ... This allows for the helper to be used in more places.	2021-12-31 13:26:12 -05:00
Jesse Haka	b88d110f58	Drain OpenStack loadbalancers	2021-12-31 13:16:02 +02:00
Ole Markus With	ea9d0de847	Handle default in templating instead of ig population	2021-12-30 09:01:43 +01:00
Ole Markus With	dd06cd337f	Bump Cluster Autoscaler and update manifest	2021-12-29 18:06:27 +01:00
justinsb	9840a27f52	Add support for addons to filter based on kOps/k8s versions ... This is hard to add later, for compatibility reasons.	2021-12-29 09:30:20 -05:00
justinsb	8e34e4d101	addons: support for kopeio-networking addon ... Adding support for the kopeio-networking addon. We load the operator manifest (which changes rarely) from the channels directory for now. We follow the same structure as operators themselves use so that we can support other backends in future. The channels file includes the current versions of the operators. During cluster creation, we create these additional objects.	2021-12-29 09:16:15 -05:00
John Gardiner Myers	dae281d30e	Migrate to GCE CCM in k8s 1.24	2021-12-28 19:33:07 -08:00
Jiahui Feng	f3ca669141	generated: ./hack/update-bazel.sh	2021-12-20 17:19:34 -08:00
Jiahui Feng	733f4d524f	external CCM for GCE	2021-12-20 17:15:17 -08:00
justinsb	93a6871e9b	gce: don't set per-IG permissions when using shared account ... If we're using a cluster-level service-account, we shouldn't try to set bucket permissions on a per-IG level. For compatibility with the existing behavior, we simply don't set any permissions in this case.	2021-12-28 10:10:16 -05:00
Ole Markus With	70345699e7	Identify pending instances	2021-12-27 21:35:11 +01:00
Kubernetes Prow Robot	13243b5add	Merge pull request #13029 from rifelpet/remove-tf-json ... Remove TerraformJSON feature flag	2021-12-25 06:33:15 -08:00
Ole Markus With	b09241122f	Support specifying instance requirements per IG ... Update docs/instance_groups.md Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>	2021-12-24 21:19:58 +01:00
Peter Rifel	e31dd982ac	Remove TerraformJSON feature flag and functionality	2021-12-24 14:17:23 -06:00
John Gardiner Myers	f9071dd0d5	Allow IPv6-only subnets	2021-12-23 19:50:46 -08:00
Ole Markus With	66e6ed0850	Delete ENIs tagged with k8s tags	2021-12-22 21:45:01 +01:00
Kubernetes Prow Robot	2f31054e19	Merge pull request #13007 from hakman/skip_non-masquerade-cidr ... Use kubelet --non-masquerade-cidr only for Docker with kubenet	2021-12-21 18:49:36 -08:00
justinsb	994ac19b42	Use fi.Keyset instead of passing tasks around ... Using a task leads to layering complexity. We could introduce a new type, but fi.Keyset is the type we seem to want. (We could move Keyset out of fi, but we don't need to yet) Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>	2021-12-20 23:24:32 -05:00
Kubernetes Prow Robot	4a6bc37dbe	Merge pull request #13011 from olemarkus/validate-etcd-names ... Prevent creation of unsupported etcd clusters	2021-12-20 10:55:33 -08:00
justinsb	e8ddfa4328	Update test data for bash return change	2021-12-20 10:12:07 -05:00
justinsb	fdf412cdf5	nodeup bash script: use explicit return code ... In bash, `return` returns the exit code of the last statement. Being explicit here is safer, and I believe in the first case (the cached download) the value was actually incorrect.	2021-12-20 10:08:06 -05:00
Ole Markus With	a82d06d3fb	Prevent creation of unsupported etcd clusters	2021-12-20 15:23:50 +01:00
Ole Markus With	00f8808ab1	Log the specific yaml segment that fails. Also remove redundant full manifest logging	2021-12-20 15:04:52 +01:00
Kubernetes Prow Robot	928d15b8b0	Merge pull request #12660 from olemarkus/validate-ig-strict ... Validate IGs more strictly after defaults have applied	2021-12-20 02:51:25 -08:00
Kubernetes Prow Robot	219cadb2ab	Merge pull request #13002 from olemarkus/karpenter-rbn ... Bump karpenter to 0.5.3 and RBN support	2021-12-20 02:09:25 -08:00
Ole Markus With	e2ba020b7f	Karpenter does not require min/max set	2021-12-20 10:03:19 +01:00
Ole Markus With	aa493a3273	Validate IGs more strictly after defaults have applied ... This commit will ensure IGs are validated in clientset prior to write similar to clusters. Also introduces strict flag similar to cluster, which only validate values where we have defaults after defaults have been applied.	2021-12-20 10:03:04 +01:00
Ciprian Hacman	cb6d424675	Use kubelet --non-masquerade-cidr only for Docker with kubenet	2021-12-20 08:47:02 +02:00
John Gardiner Myers	3314c18e89	Support creating dualstack internal NLBs	2021-12-19 21:52:56 -08:00
Kubernetes Prow Robot	7ab4f43500	Merge pull request #12864 from johngmyers/rbn-subnet ... Set Resource Based Naming on managed subnets	2021-12-19 21:03:25 -08:00
Kubernetes Prow Robot	e0d22ce2f7	Merge pull request #12973 from olemarkus/karpenter-npr ... Various nill pointer fixes for karpenter	2021-12-19 16:19:24 -08:00
Ole Markus With	b2104ab274	Bump karpenter to 0.5.3 and RBN support	2021-12-19 21:53:07 +01:00
Ole Markus With	2f3b683ca0	Do not allow docker on k8s 1.24+ ... Update pkg/apis/kops/validation/validation.go Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>	2021-12-19 12:40:11 +01:00
Kubernetes Prow Robot	942d80801d	Merge pull request #12998 from justinsb/apiserver_advertise_address ... componentconfig: expose advertise-address flag for kube-apiserver	2021-12-19 01:47:24 -08:00
Kubernetes Prow Robot	c5ba4b0ad9	Merge pull request #12987 from justinsb/gce_network_cleanup ... gce: clean up networking objects by reference	2021-12-19 00:51:25 -08:00
justinsb	71e5a21786	componentconfig: expose advertise-address flag for kube-apiserver ... This flag determines which IPs are advertised inside the cluster, in the "kubernetes" service in the "default" namespace.	2021-12-18 21:30:58 -05:00
justinsb	aa04046ad0	Create helper functions for parsing public keys ... These are useful when verifying and creating PKI signatures.	2021-12-18 19:42:39 -05:00
Kubernetes Prow Robot	43027b9998	Merge pull request #12988 from justinsb/gce_use_per_ig_serviceaccounts ... gce: use per InstanceGroup serviceaccounts	2021-12-18 04:25:24 -08:00
justinsb	e2c28b062b	Refactor nodeup script to avoid action-at-a-distance	2021-12-17 18:33:44 -05:00
justinsb	61e2cb2b73	gce: Fix google_project_iam_binding member -> members	2021-12-17 18:29:29 -05:00
justinsb	0e1bbd58bd	Avoid double-encoding templates ... We were previously passing the template (with placeholders) through MIME encoding. This seems like it might fail rarely in hard-to-understand ways.	2021-12-17 16:28:09 -05:00
justinsb	8b3372ec76	Need to truncate gce serviceaccounts to max 30 characters	2021-12-17 12:57:14 -05:00
justinsb	2f1ce3fa14	Move string truncation to its own package	2021-12-17 12:57:14 -05:00
justinsb	746f886718	gce: use per instancegroup serviceaccounts ... We no longer set the cloudconfig serviceaccount on new clusters, and instead use a per-IG setting if this is not set.	2021-12-17 12:57:14 -05:00
justinsb	1eedb7ddee	gce: clean up networking objects by reference ... We try to avoid cleaning up by name, and prefer checking references to (e.g. targeting) a known resource, like an instancegroup.	2021-12-17 10:08:09 -05:00
Kubernetes Prow Robot	8019c88b47	Merge pull request #12978 from justinsb/gce_use_serviceaccount_task ... gce: Use ServiceAccount task when building model	2021-12-15 08:49:52 -08:00
justinsb	63e3d98443	gce: Use ServiceAccount task when building model ... The next step towards supporting custom ServiceAccounts per IG	2021-12-15 11:08:51 -05:00
Ole Markus With	5e944f1a15	Do not try to detach karpenter nodes from ASGs	2021-12-15 09:56:33 +01:00
Ciprian Hacman	991eb70c71	Update containerd to v1.6.0-beta.4	2021-12-15 08:33:30 +02:00