kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
654 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

308 Commits

Author SHA1 Message Date
Justin Santa Barbara a3eda654db Revert "Revert "include change to node policy to cover #363"" 
This reverts commit ca1a52ff3e.
 2016-08-27 17:38:01 -04:00
Justin Santa Barbara 4df50773c1 Revert "Revert "Restrict master access to state store bucket"" 
This reverts commit c11a370c9a.
 2016-08-27 17:37:55 -04:00
Justin Santa Barbara c11a370c9a Revert "Restrict master access to state store bucket" 
This reverts commit 369a6ea1db.
 2016-08-27 16:31:53 -04:00
Justin Santa Barbara ca1a52ff3e Revert "include change to node policy to cover #363" 
This reverts commit 969af97b60.
 2016-08-27 16:31:38 -04:00
Justin Santa Barbara 65f73ec0d3 Merge pull request #365 from weargoggles/patch-1 
Restrict access to state store bucket
 2016-08-27 16:15:28 -04:00
Justin Santa Barbara 99a5d2b5a8 Merge pull request #288 from chrislovecnm/s3-serverside-encryption 
Enabled server side encryption
 2016-08-27 15:32:59 -04:00
Justin Santa Barbara 9d7a7fc6e8 Merge pull request #349 from justinsb/govet_fixes 
govet fixes
 2016-08-26 02:16:12 -04:00
Pete Wildsmith 969af97b60 include change to node policy to cover #363 2016-08-24 17:19:54 +01:00
Pete Wildsmith 369a6ea1db Restrict master access to state store bucket 
This change increases the specificity of the master's state store bucket contents permission to only the top-level folder named after the cluster.

Fixes #365
 2016-08-24 17:03:10 +01:00
Justin Santa Barbara dc63e307df Allow pluggable networking: classic, kubenet, external 2016-08-22 12:32:15 -04:00
Justin Santa Barbara 637a10be12 govet fixes 2016-08-20 01:09:19 -04:00
Justin Santa Barbara a7ece228fb Fix issue with deleting DNS records when multiple matching zones found 
We were accidentally reusing the variable we were closing over, I
believe
 2016-08-19 23:55:38 -04:00
Justin Santa Barbara c56b7a5423 Merge pull request #340 from justinsb/docker_args 
Don't pass empty options to Docker
 2016-08-19 00:35:50 -04:00
Justin Santa Barbara 9829eb8579 Make it easy to run a custom build 
We introduce two env vars:

* NODEUP_URL url to nodeup that we want to run
* PROTOKUBE_IMAGE specifies the protokube Docker image to run
 2016-08-19 00:13:56 -04:00
Justin Santa Barbara d0f6ff86a7 Don't pass empty options to Docker 2016-08-18 01:28:55 -04:00
Justin Santa Barbara 4545352c00 Don't rolling-update all masters at once 
Also add force command to rolling-update, for testing sanity.

Fix #284
 2016-08-16 12:53:37 -04:00
Justin Santa Barbara 9b7291ab24 A few nodeup cleanups 
* Correctly identify user tasks as a dependency for services
* Cleaned up flag-walking
 2016-08-16 10:10:44 -04:00
Justin Santa Barbara 5d8c170360 Rename old upgrade command; make new upgrade intuitive 
The old upgrade command (which was only called as part of a kube-up ->
kops upgrade) is now `kops toolbox convert-imported`.  The docs are
updated, but this is only normally called once per import so this should
not be high impact.

The upgrade command now looks for things that need upgrading.  Currently
only `upgrade cluster` is implemented; it currently only checks the
KubernetesVersion.  If KubernetesVersion is out of date, it will be
printed, and if --yes is specified the cluster spec will be set to the
next value.
 2016-08-16 09:28:36 -04:00
Justin Santa Barbara 6f52c099ef Merge pull request #316 from justinsb/lock_k8s_version 
Set KubernetesVersion on cluster creation
 2016-08-15 23:12:05 -04:00
Justin Santa Barbara 201e6c05a9 Set KubernetesVersion on cluster creation 
This is the only remaining "magic" setting, which changes externally
- when new versions of k8s are released.  (The AMIs are locked in the
instance groups)

We now record the current version of KubernetesVersion in the cluster
spec.  It can still easily be changed if needed, but this also means we
don't need to make "fake" changes.
 2016-08-15 22:02:44 -04:00
Justin Santa Barbara 6aee9528e1 Validate that the cluster name is a valid DNS name 
This should help users avoid the common mistake of just specifying the
name, not a fully-qualified domain name.

Fix #46
 2016-08-15 01:21:12 -04:00
Justin Santa Barbara d9fb3812cb Merge pull request #307 from justinsb/fix_208 
If no changes are needed in an update, don't print a confusing message
 2016-08-14 23:43:06 -04:00
Justin Santa Barbara daed90728f Merge pull request #305 from justinsb/dns_replicas 
DNS is a SPOF; make sure there are replicas
 2016-08-14 23:43:01 -04:00
Justin Santa Barbara 5fb39913cc If no changes are needed in an update, don't print a confusing message 
Fix #208
 2016-08-14 23:40:18 -04:00
Justin Santa Barbara 37199e4849 Sanitize tf SSH keypair name 
Fix #299
 2016-08-14 23:23:44 -04:00
Justin Santa Barbara 10fe716125 DNS is a SPOF; make sure there are replicas 
Change the default to a more sensible starting point.
 2016-08-14 22:47:40 -04:00
Justin Santa Barbara 62fc3cfd69 Merge pull request #302 from justinsb/hints_on_update 
Provide hints after update cluster
 2016-08-14 22:21:51 -04:00
Justin Santa Barbara e778c792fe Provide hints after update cluster 
This should make kops more discoverable

Issue #166

Issue #263
 2016-08-14 22:19:52 -04:00
Justin Santa Barbara 7cde6890a4 Export admin password in kubecfg 
This is where users expects to find it, because it is how kube-up does
it.

Issue #166
 2016-08-14 22:18:58 -04:00
Justin Santa Barbara 7699dc8fd2 Merge pull request #294 from justinsb/use_ssh_key 
SSH key improvements
 2016-08-11 22:28:41 -04:00
Justin Santa Barbara 1f68107ded Merge pull request #292 from justinsb/run_ci_versions 
Run CI versions of k8s
 2016-08-11 22:28:33 -04:00
Justin Santa Barbara 5f98402e2a Merge pull request #275 from justinsb/hi1_instance_types 
Add support for hi1 instance type
 2016-08-11 22:26:29 -04:00
Justin Santa Barbara a3cfec6c24 Support changing the SSH public key 
This requires that we include the OpenSSH fingerprint in the AWS key
name.
 2016-08-11 12:00:52 -04:00
Justin Santa Barbara 219c6e4308 Use the SSH key from the secret store 
It is an error if there is not exactly one, but we have commands to
manage it now.
 2016-08-11 12:00:46 -04:00
Justin Santa Barbara 93a3c344ed Add another eventual consistency error code 2016-08-11 02:45:02 -04:00
Justin Santa Barbara 8fb4215e17 Run CI versions of k8s 
CI versions are not pushed to gcr.io, so we need to preload the images
by downloading them and doing a docker load.
 2016-08-11 01:32:42 -04:00
chrislovecnm f65f1200a4 starting working on SSE for s3 2016-08-09 13:52:21 -06:00
Justin Santa Barbara 6f1341dd04 Add docker flags: insecure-registry and mtu 
Also add tests

Issue #42
 2016-08-08 13:55:34 -04:00
Justin Santa Barbara 5c6a22538b Add instance types: cc2, cg1, cr1, d2 2016-08-06 02:04:33 -04:00
Justin Santa Barbara 7f6ea78730 Add support for hi1 instance type 2016-08-06 00:00:48 -04:00
Justin Santa Barbara de0482a411 More consistency in publickey CLI 
Also docs skeleton
 2016-08-05 01:23:13 -04:00
Justin Santa Barbara 05c724f780 Support for deleting secrets 2016-08-05 00:58:11 -04:00
Justin Santa Barbara af841d50c0 Create more consistent secret CLI 2016-08-04 22:18:29 -04:00
Justin Santa Barbara 4e2a4cda1e Fix flag name in error message: zone-name -> dns-zone 2016-08-04 21:39:37 -04:00
Justin Santa Barbara 928fd6161d Remove addons command 
Encourage users to use kubectl instead
 2016-08-03 00:42:42 -04:00
Justin Santa Barbara 3c85fd1cba Document standalone-monitoring addon 2016-08-03 00:34:44 -04:00
Justin Santa Barbara 6dbe900887 First docs on creating addons: dashboard 2016-08-03 00:14:59 -04:00
Justin Santa Barbara 5bbe399558 Merge pull request #248 from justinsb/fix_238 
Better output when kubectl not in PATH
 2016-08-02 23:55:56 -04:00
Justin Santa Barbara a9922d0a07 Fix concurrent map write bug in TF creation 
Thanks for reporting @azell

Fix #235
 2016-08-02 23:12:53 -04:00
Justin Santa Barbara 45dd1da4a1 Better output when kubectl not in PATH 
Also add to README

Fix #238
 2016-08-02 23:06:51 -04:00