* Limit each CNI provider to 100m
* Remove CPU limits - they cause serious problems
(https://github.com/kubernetes/kubernetes/issues/51135), but this also
makes the CPU allocation less problematic.
* Bump versions and start introducing the `-kops.1` suffix preemptively.
* Upgrade flannel to 0.9.0 as it fixes a lot.
Automatic merge from submit-queue.
kube-router: remove beta annotation versions (deprectated in 1.8) of init container
kube-router: remove beta annotation versions (deprectated in 1.8) of init container and move init container to spec section
Automatic merge from submit-queue.
Add Cloud Controller Manager addon
This adds the CCM addon for the Kubernetes cluster.
This is a follow-up PR to https://github.com/kubernetes/kops/pull/3408.
cc @chrislovecnm @andrewsykim
Automatic merge from submit-queue.
Add Calico v2.5 support for Kubernetes v1.8+
Added support for Canal (Calico) v2.5.1, which is required to work with Kubernetes v1.8.0+.
Older versions of Calico relied on ThirdPartyResources API to store it's config data, however this is now fully deprecated in Kubernetes v1.8 and has moved over to CustomResourceDefinitions (CRD). Calico v2.5+ has been updated to use CRD, however there is a manual upgrade process involved to migrate the configuration data across: https://github.com/projectcalico/calico/blob/master/upgrade/v2.5/README.md
including a Weave Net template for Kubernetes 1.7 and above which adds
a volume-mount for the iptables lock file, which avoids collisions
between Weave components and kube-proxy that would result in a
half-configured Weave network.
This is only for version 1.7 and above because it requires the change
in https://github.com/kubernetes/kubernetes/issues/47212
Automatic merge from submit-queue.
Use system:kube-router User for clusterrole binding
Kube-router as it provides service proxy as well, it has a chicken-egg problem (can not
access api server till it can setup service proxy), so service account are not usable. certificate generated for kube-router has CN `system:kube-router`, so user `system:kube-router` need to be given necessary RBAC permissions
Fixes#3463
Automatic merge from submit-queue. .
Add external-dns as addon.
This superseeds route53mapper as it has multicloud support documentation and YAML taken from https://github.com/kubernetes-incubator/external-dns
Automatic merge from submit-queue. .
Support for using hostPort when using calico
For enabling hostPort we need to turn on portmap cni plugin.
In this PR I updated calico and calico-cni images to latest version which already includes the portmap binary, and then I only needed to modify the cni config file to enable it and change its extension from .conf to .conflist.
This is related to:
https://github.com/kubernetes/kops/issues/3132
I think we should do the same for kube-router, flannel and weave (are there any other cni plugin supported by kops?)
Kube-router was using --cluster-cidr flag to get the subnet allocated
for pod CIDR's. But now kube-router has the ability internally to infer
the CIDR allocated for the pod's by getting the information from
kubernetes API server node spec's
Justin Santa Barbara
Kubernetes Submit Queue
Kashif Saadat
Manatsawin Hanmongkolchai
Mike Splain
wlan0
Bryan Boreham
Murali Reddy
Adam Hamsik
Caleb Gilmour
Bradley
Felipe Cavalcanti
Erik Stidham
Derek VerLee
Prachetas Prabhu
Igor Canadi
Chris Love