kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,296 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

101 Commits

Author SHA1 Message Date
Jesse Haka dd073d7c02 Support Authentication Config in APIserver 2024-05-04 14:51:45 +03:00
justinsb 371902700e validation: Allow overlap of pod/node CIDR and service CIDR 
We allowed this previously, so this is a regression for existing clusters.

These clusters are not obviously broken, and the
kube-controller-manager (for example) will exclude the service range
when issuing node CIDRs.  As such, remove validation until we can
determine if anything is actually broken by an overlap (and a path
forwards if so).

Issue #16340
 2024-02-10 16:07:03 -05:00
zadjadr 656b3a6956
Update to cilium 1.15 2024-02-02 19:37:04 +01:00
Kubernetes Prow Robot 165cbd5333
Merge pull request #15705 from zadjadr/feature/cilium-14 
Bump to Cilium 1.14
 2023-10-25 19:54:22 +02:00
justinsb 23ace87eb3 Add validation to help users move from experimentClusterSigningDuration 
We aren't aiming to do this in general, but if we can easily help
users find the new option for deprecated flags, that will save
everyone time.

Issue #15909
 2023-10-25 09:40:51 -04:00
zadjadr 30aa24f6de
Update to Cilium 1.14.3 2023-10-24 16:59:21 +02:00
zadjadr 4dfaba5242
Bump Cilium to v1.14.2 2023-10-24 16:55:37 +02:00
Feruzjon Muyassarov 0aeab5e523 containerd: introduce a new field containerd.nri to enable NRI 
Node Resource Interface (NRI) is a common framework for plugging
domain or vendor-specific custom logic into container runtime like
containerd. This commit introduces a new congiguration field
`containerd.nri`, providing cluster admins the flexibility to opt
in for this feature in containerd and tune some of its parameters.
By default, NRI is disabled here in accordance with the containerd's
default config file.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
 2023-10-21 00:26:54 +03:00
zadjadr 4807f2c0c6 Implement Cilium Ingress 2023-09-10 08:57:03 +02:00
Ciprian Hacman c43b48a8d8 Remove Docker config option 2023-09-05 07:22:33 +03:00
zadjadr d2358df1d7 feature: Add cluster-id for Cilium 
hack/update-expected.sh
 2023-08-06 18:08:39 +02:00
Ole Markus With a0d67fc475 Bump cilium to 1.13.5 
Bump to Cilium 1.14.0

hack/update-expected.sh
 2023-08-03 21:03:56 +02:00
Kubernetes Prow Robot d5c2458518
Merge pull request #15623 from johngmyers/service-ip-range 
Improve validation of PodCIDR and ServiceClusterIPRange
 2023-07-19 00:58:06 -07:00
John Gardiner Myers b0aaf3b3ab Deprecate Canal, Flannel, and Kube-router 2023-07-14 21:57:33 -07:00
John Gardiner Myers 36373b11ba Improve validation of PodCIDR and ServiceClusterIPRange 2023-07-11 21:16:03 -07:00
Justin SB 94c35804c9 validation cleanup: simplify signature of validateCIDR 
We split out the "add to a slice" logic, as this is then easier to
reason about.

Should be a no-op in terms of valid inputs, might avoid some crashes
with invalid inputs.
 2023-02-24 11:09:49 -05:00
John Gardiner Myers a6bd29b2ae Move more networking validations out of legacy.go 2023-01-13 19:36:55 -08:00
John Gardiner Myers 8e96aa1acd Move networking validations inside validateNetworking() 2022-12-26 10:09:41 -08:00
John Gardiner Myers 5c69274317 Simplify pointers to maps in API 2022-12-25 20:29:51 -08:00
Ole Markus With a5684f969f Bump cilium to 1.12.4 2022-12-07 18:33:03 +01:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
Ole Markus With f0b0c76821 Fix Cilium ENI IPAM 
The simplest working configuratin right now seems to be to enable BPF
masquerade and masquerade ipv4 traffic. The old setup with disabling
masquerade entirely no longer works.
 2022-11-30 14:31:05 +01:00
John Gardiner Myers 0424c474a3 Don't disable AWS src/dst checks in Calico IPv6 2022-11-25 20:57:48 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
John Gardiner Myers bc36f5b022 Rename ClusterSubnetSpec's ProviderID field to ID 2022-11-20 15:36:54 -08:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Reilly Brogan f3a421d600 Update Cilium to 1.11.6 2022-06-29 13:18:21 -05:00
Ole Markus With 4029d2bf33 Remove support for older cilium versions 2022-06-07 20:39:25 +02:00
Ole Markus With 921d1b8ce0 OIDC flags are no longer optional 2022-06-07 15:45:56 +02:00
John Gardiner Myers aff5f587f3 Move Openstack settings to cloudProvider.openstack 2022-04-07 10:04:19 -07:00
Jesse Haka 28caf02878 Support GPU in OpenStack 2022-03-11 09:19:09 +02:00
John Gardiner Myers cac727c357 Make cloudProvider a struct in v1alpha3 API 2022-03-02 21:59:49 -08:00
John Gardiner Myers f2ae352d21 Add validation for subnet type values 2022-01-14 17:53:09 -08:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers 5a60d34e14 Change sense of Cilium IPTablesRulesNoinstall in v1alpha3 2021-11-25 18:45:13 -08:00
John Gardiner Myers 837176340d Change sense of Cilium DisableMasquerade in v1alpha3 2021-11-25 18:45:13 -08:00
John Gardiner Myers b9ac79ec6e Rename fields in v1alpha3 networking API to fit acronym convention 2021-11-22 08:07:55 -08:00
John Gardiner Myers a50047cacb Fix Calico encapsulationMode validation error types 2021-10-30 17:16:06 -07:00
Ciprian Hacman b6565d86a2 Apply suggestions from code review 2021-10-30 20:57:40 +03:00
John Gardiner Myers 8e6214c046 Stop requiring the cluster IAM substruct be present 2021-10-02 20:18:46 -07:00
Ole Markus With f5fed2a08d Move nvidia config under containerd 2021-09-05 20:28:07 +02:00
Ole Markus With 528807c4ec Add validation rules for nvidia 2021-09-05 20:09:04 +02:00
Kubernetes Prow Robot 4df9da09d0
Merge pull request #11583 from dntosas/json-logging 
Add support for logging-format option (text/json)
 2021-06-21 02:18:51 -07:00
dntosas 43dc375ced
Add support for logging-format option (text/json) 
Signed-off-by: dntosas <ntosas@gmail.com>
 2021-06-21 10:10:56 +03:00
dntosas 7bf65ff7ef
[cni/cilium] Add support for additional config options 
In this commit, we enable users define their setup with following
additional fields:

- DisableEndpointCRD
- EnableEndpointHealthChecking
- IdentityAllocationMode
- IdentityChangeGracePeriod
- BPFLBAlgorithm
- BPFLBMaglevTableSize
- BPFNATGlobalMax
- BPFNeighGlobalMax
- BPFPolicyMapMax
- EnableBPFMasquerade
- EnableL7Proxy

Added also validation tests to prevent conflicting value combinations to
reach actual cluster state.

Signed-off-by: dntosas <ntosas@gmail.com>
Co-authored-by: hwoarang <markos@chandras.me>
Signed-off-by: dntosas <ntosas@gmail.com>
 2021-06-16 09:35:42 +03:00
John Gardiner Myers 3cf8234d01 Cilium: disable masquerade by default when in ENI IPAM mode 2021-06-13 21:36:56 -07:00
Ciprian Hacman cedbe1f360 Add initial support for configuring IPv6 with AWS 2021-05-19 06:21:07 +03:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Ole Markus With 6f8b3647cf Add support for IRSA in he api 
Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-05-01 16:03:42 +02:00
Ole Markus With 7c0be997e1 Expose hubble agent when hubble is enabled 
Also enables PKI for the addon
 2021-04-30 17:52:19 +02:00