kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,445 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

862 Commits

Author SHA1 Message Date
Peter Rifel 83e3d3c75d
Lengthen NTH integration test cluster name 2021-09-29 19:10:04 -05:00
Ole Markus With 39178703c8 Mount cgroupv2 for cilium at a custom location 2021-09-27 19:29:36 +02:00
Kubernetes Prow Robot ef22270b3f
Merge pull request #12394 from ReillyBrogan/reilly/ciliumBidirectionalMount 
Add bidirectional BPF mount for Cilium >= 1.9.10 or >= 1.10.4
 2021-09-25 09:42:21 -07:00
Kubernetes Prow Robot 92ea7d58cb
Merge pull request #12398 from rifelpet/scheduler-critical 
Remove critical-pod scheduler annotation.
 2021-09-24 08:07:23 -07:00
Kubernetes Prow Robot 1774e6cae3
Merge pull request #12321 from dezmodue/private_bastion 
Add option to create an internal load balancer for the bastion
 2021-09-24 07:23:24 -07:00
Reilly Brogan 9c6bf83c93 Update Cilium to 1.10.4 
- Release notes available [here](https://github.com/cilium/cilium/releases/tag/v1.10.4)
 2021-09-23 13:08:57 -05:00
Reilly Brogan bce435da1c Add bidirectional BPF mount for Cilium >= 1.9.10 or >= 1.10.4 
- Cilium versions 1.10.4 and 1.9.10 now auto-mount the bpf file-system automatically
- Also remove redundant capabilities (these are already automatically granted by virtue of this being a privileged container)
 2021-09-23 13:01:58 -05:00
Peter Rifel ca044455a3
Remove critical-pod scheduler annotation. 
This is no longer recognized in all supported k8s versions (1.16+)

ea07644522/CHANGELOG/CHANGELOG-1.16.md (deprecations-and-removals)
 2021-09-22 21:14:50 -05:00
Kubernetes Prow Robot 74f9a8e2fb
Merge pull request #12342 from eddycharly/irsa-wildcard 
feat: add support for wildcard in roles generated for IRSA
 2021-09-22 16:09:10 -07:00
Charles-Edouard Brétéché 5f523366d6 feat: add support for wildcard in roles generated for IRSA 2021-09-23 00:24:45 +02:00
Ole Markus With f06fcc5af2 Add specific taints to dns-controller. 
Also set kops-controller as cluster critical, not node critical
 2021-09-22 16:40:08 +02:00
justinsb 3e83b771d6 GCE: For IPAlias or Custom Routes, we must recognize source by CIDR 
SourceTags are not recognized when using IPAlias or custom routes (aka
kubenet), so we must recognize by CIDR instead.
 2021-09-21 08:20:17 -04:00
Kubernetes Prow Robot be2676076c
Merge pull request #12334 from dntosas/bump-amis 
[channels] Bump AWS/GCP/Azure Ubuntu AMIs to latest
 2021-09-21 04:52:24 -07:00
Kubernetes Prow Robot 8f42a4a689
Merge pull request #12368 from justinsb/gce_firewall_rules_always_ipv6 
GCE: Always have IPv6 rules in "ipv6 mode"
 2021-09-20 20:38:23 -07:00
justinsb 16fc5e8cec GCE: Don't create utility subnets in private topology 
We don't need them on GCE, and in fact we don't support them with IP Alias.
 2021-09-20 09:31:33 -04:00
justinsb 76f816f483 GCE: Always have IPv6 rules in "ipv6 mode" 
If we don't specify some SourceRanges, it defaults to 0.0.0.0/0, which
is IPv4 and confusing.
 2021-09-20 09:26:28 -04:00
Kubernetes Prow Robot 34bad9bfc9
Merge pull request #12360 from hakman/calico-3.20.1 
Update Calico to v3.20.1
 2021-09-19 07:54:08 -07:00
Kubernetes Prow Robot 8ab1f8bbc4
Merge pull request #12355 from justinsb/gate_ipv6_permissions 
Only add IPv6 IAM permissions if using IPv6
 2021-09-19 00:54:08 -07:00
dntosas dc5926520d
[channels] Bump AWS/GCP/Azure Ubuntu AMIs to latest 
Signed-off-by: dntosas <ntosas@gmail.com>
 2021-09-19 10:03:52 +03:00
Ciprian Hacman faa66c6597 Update Calico to v3.20.1 2021-09-19 09:31:39 +03:00
Simone Sciarrati 61763d488a Add option to create an internal load balancer for the bastion 2021-09-18 20:47:55 +02:00
justinsb db1ba01e94 Only add IPv6 IAM permissions if using IPv6 
This avoids users wondering what these permissions are for until we
need them.
 2021-09-18 13:49:40 -04:00
Peter Rifel 476eb96970
./hack/update-expected.sh 2021-09-17 18:08:59 -05:00
Peter Rifel 3cc7162089
Remove TerraformJSON test 
The FF is deprecated and would require a lot of effort to support disabling TerraformManagedFiles (which is required) in this one integration test case
 2021-09-17 06:42:27 -05:00
Peter Rifel 9a193d4001
Fix example permissions boundary ARN 2021-09-16 20:11:33 -05:00
Peter Rifel 5247bb8cc2
./hack/update-expected.sh 2021-09-16 20:04:36 -05:00
Ole Markus With dc4c559d41 Set some needed defaults for cloud ipam 2021-09-16 21:11:09 +02:00
Ole Markus With 1323ed9040 Add more tolerations to kops-controller and CCM . 
CCM and kops-controller taint each other out. This will make them
schedule, and schedule earlier.
 2021-09-16 21:09:45 +02:00
Ole Markus With a3a2a9c3bf Have nodeup assign an ipv6 prefix 2021-09-16 19:28:07 +02:00
Ole Markus With 384b9796f7 Don't set cluster ip if we use cloud ipam 2021-09-16 19:26:48 +02:00
Ole Markus With 88bd1953ce Have kops-controller assign instance ipv6 prefix to node 2021-09-16 19:25:19 +02:00
Ole Markus With 02f29bdfe7 Add test for cloudipam 2021-09-16 19:25:16 +02:00
Kubernetes Prow Robot 1b431b4c9c
Merge pull request #11628 from olemarkus/gpu-runtime 
Pre-install nvidia container runtime + drivers on GPU instances
 2021-09-11 13:00:07 -07:00
Ole Markus With bba3c3abfe Bump aws ebs csi driver to 1.2.1 2021-09-11 14:15:31 +02:00
Kubernetes Prow Robot 900e4e15c7
Merge pull request #12303 from olemarkus/bump-snapshot-controller-221 
Bump snapshot-controller to 4.2.1
 2021-09-11 01:14:05 -07:00
Ole Markus With e44d0061f3 Bump snapshot-controller to 4.2.1 2021-09-11 08:37:54 +02:00
Peter Rifel 0d13da839a
Use MasterInternalName for gossip cluster SA issuer 
This reverts a change introduced earlier in 1.22 that resulted in existing service account tokens becoming invalid after a kops upgrade.
 2021-09-10 14:40:07 -04:00
Peter Rifel e5bb1f5800
./hack/update-expected.sh 2021-09-08 20:57:49 -05:00
Peter Rifel 37d8c5a996
Fix cluster spec typo in CCM integration tests 2021-09-08 20:52:52 -05:00
Ole Markus With f5fed2a08d Move nvidia config under containerd 2021-09-05 20:28:07 +02:00
Ole Markus With dae4b123ba Add labels and taints to gpu nodes 2021-09-05 20:17:06 +02:00
Ole Markus With b144304240 Install nvidia device driver addon 2021-09-05 20:09:04 +02:00
Ole Markus With 4ab75b01cb Have instances learn about their GPU capabilities 2021-09-05 20:09:04 +02:00
Kubernetes Prow Robot d06394def8
Merge pull request #12268 from olemarkus/fix-core 
Fix core manifest
 2021-09-05 00:57:19 -07:00
Ole Markus With dac7002b39 Fix core manifest 2021-09-04 12:49:59 +02:00
Kubernetes Prow Robot c98d0b54e4
Merge pull request #12265 from olemarkus/cilium-masq-ipv6 
Disable masquerade means disable masquerade if ipv6 too
 2021-09-04 01:27:19 -07:00
Ole Markus With 1c53e37491 Disable masquerade means disable masquerade if ipv6 too 2021-09-04 08:54:16 +02:00
Ole Markus With ec2dcfca48 Set NodeIPFamilies in ipv6 mode 2021-09-03 08:31:09 +02:00
Kubernetes Prow Robot c70ced2f66
Merge pull request #12219 from dntosas/nodelocaldns-bump-version 
[addons/node-local-dns] Bump version and make image field configurable
 2021-09-01 04:54:59 -07:00
Ole Markus With e2fd94d104 Make json logging on deployment and enable k8s events 2021-08-31 22:59:30 +02:00