kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,698 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

27 Commits

Author SHA1 Message Date
Ciprian Hacman a23282b0f7 Always use load balancer address in kubeconfig 2022-12-16 08:53:22 +02:00
John Gardiner Myers 5fca16aa30 v1alpha3: Move API-related settings under API 2022-11-19 10:27:12 -08:00
John Gardiner Myers 8473e8b2e7 Stop making MasterInternalName configurable 2022-11-16 22:06:02 -08:00
Ole Markus With 014f3d3e68 Remove CAS 1.19 2022-06-07 15:47:26 +02:00
Jesse Haka b88d110f58 Drain OpenStack loadbalancers 2021-12-31 13:16:02 +02:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers 5a2aac4cfd Add "all" variants of key rotation commands 2021-07-10 05:51:31 -07:00
John Gardiner Myers f93ac8730a Include multiple CA certs in exported kubeconfigs 2021-06-21 07:36:33 -07:00
John Gardiner Myers 896330be88 Create fi.NewKeyset() 2021-06-20 14:09:46 -07:00
John Gardiner Myers fa77f8b964 Rename fi.Keystore.StoreKeypair to StoreKeyset 2021-06-05 16:38:26 -07:00
John Gardiner Myers 2300d89591 Rename pki.FindKeypair to FindPrimaryKeypair 2021-06-05 16:38:26 -07:00
John Gardiner Myers ed1f6ff79e Refactor StoreKeypair and AddCert 2021-06-05 16:38:25 -07:00
John Gardiner Myers 0364a3af25 Refactor FindKeypair interfaces 2021-06-05 16:38:24 -07:00
John Gardiner Myers dd605fdbc3 Subsume StatusStore into fi.Cloud 2021-05-15 17:39:32 -07:00
Peter Rifel 30f3d14979
Use the secondary ELB port when exporting kubecfg w/ --admin and sslCertificate 2020-11-06 11:09:37 -06:00
Ole Markus With 6797998ac1 Consolidate all buildMinimalClusters into a generic test cluster builder 2020-09-19 19:55:19 +02:00
Justin SB 8757a2ce2a kubeconfig generation: add tests for kops plugin 
Also slightly simplify the tests and Kubecfg Builder signature by
passing in the ConfigAccess only when needed.
 2020-08-30 15:17:36 -04:00
Peter Rifel d0b8c654bd
Add --internal flag for export kubecfg that targets the internal dns name 
Kops creates an "api.internal.$clustername" dns A record that points to the master IP(s)

This adds a flag that will use that name and force the CA cert to be included.
This is a workaround for client certificate authentication not working on API ELBs with ACM certificates.
The ELB has a TLS listener rather than TCP, so the client certificate is not passed through to the apiserver.
Using --internal will bypass the API ELB so that the client certificate will be passed directly to the apiserver.
This also requires that the masters' security groups allow 443 access from the client which this does not handle automatically.
 2020-08-26 21:15:18 -05:00
John Gardiner Myers a45b07c156 Reduce the lifetime of exported kubecfg credentials 2020-07-17 22:39:01 -07:00
Ole Markus With 72fd007acf Don't export admin user by default. Allow specifying existing user when exporting context 2020-06-24 19:54:25 +02:00
John Gardiner Myers a96f7963a6 Pull cert issuance code up into fitasks.Keypair 2020-06-04 10:26:41 -07:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
John Gardiner Myers 704f41dbf1 Use supported kubernetes versions in tests 2020-02-21 22:24:29 -08:00
Kashif Saadat 3b9305f002 Canal v3.7.2 for k8s v1.12+ 2019-05-13 14:57:42 +01:00
Srikanth e4cabe7b5f Format GO code 2019-04-26 14:26:20 -05:00
Srikanth 230cfdf686 Add more unit tests for kubeconfig build 2019-04-25 01:42:12 -05:00
Srikanth 672dc61c5b Add tests for updating kube config 2019-04-24 16:19:24 -05:00