kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,756 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

19756 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 68dcc7ad48
Merge pull request #15125 from justinsb/node_challenge 
Perform challenge callbacks into a node
 2023-05-07 09:13:16 -07:00
Kubernetes Prow Robot d1b0f2f6fd
Merge pull request #15316 from ltellesfl/public-aws-cloud-instance-var 
Create func to reset awsCloudInstances
 2023-05-07 07:27:17 -07:00
Kubernetes Prow Robot 6fb1f28d59
Merge pull request #15376 from kubernetes/dependabot/github_actions/peter-evans/create-pull-request-5.0.1 
Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1
 2023-05-07 00:43:16 -07:00
dependabot[bot] 19839a8a1f
Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](5b4a9f6a9e...284f54f989)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-07 06:57:02 +00:00
Kubernetes Prow Robot ef4caee73a
Merge pull request #15374 from hakman/gcp-pd-csi 
Update gcp-compute-persistent-disk-csi-driver to v1.10.1
 2023-05-06 07:37:16 -07:00
justinsb c89f434f1b Only use node challenge on hetzner 
DigitalOcean (and others) will follow shortly.

Also create a method for CloudProvider, so that we are more ambivalent
towards bootstrapping methods.
 2023-05-06 08:57:21 -04:00
justinsb bd956f2226 Update expected test output 2023-05-06 08:03:21 -04:00
justinsb 79ca2600fb Add generated code 2023-05-06 08:03:21 -04:00
Justin SB c67f895226 Perform challenge callbacks into a node 
In order to verify that the caller is running on the specified node,
we source the expected IP address from the cloud, and require that the
node set up a simple challenge/response server to answer requests.

Because the challenge server runs on a port outside of the nodePort
range, this also makes it harder for pods to impersonate their host
nodes - though we do combine this with TPM and similar functionality
where it is available.
 2023-05-06 08:03:21 -04:00
Ciprian Hacman bf749010ee hack/update-expected.sh 2023-05-06 13:04:47 +03:00
Ciprian Hacman 57582fba8d Update gcp-compute-persistent-disk-csi-driver to v1.10.1 2023-05-06 13:04:47 +03:00
Kubernetes Prow Robot b8a6bd474e
Merge pull request #15372 from johngmyers/release-process 
Update release-process.md for registry.k8s.io change
 2023-05-05 23:27:19 -07:00
John Gardiner Myers 71346e17fd Update release-process.md for registry.k8s.io change 2023-05-05 21:44:23 -07:00
Kubernetes Prow Robot de132e86db
Merge pull request #15366 from justinsb/exclude_do_token_during_update_expected 
hack/update-expected: exclude DIGITALOCEAN_ACCESS_TOKEN
 2023-05-04 09:34:43 -07:00
justinsb 3425d9dc52 upload helper: support upload to S3 buckets that block ACLs 
Similar to GCS with UBLA, S3 is now encouraging buckets that block
ACLs.  When we upload to one of these buckets, we cannot set ACLs.

When we detect one of these buckets, we simply skip setting the ACL,
assuming the object ACLs are instead managed at the bucket level, when
the bucket was created.
 2023-05-04 10:15:10 -04:00
justinsb 453e99a4eb hack/update-expected: exclude DIGITALOCEAN_ACCESS_TOKEN 
We don't want this env var (which contains the user's digitalocean
access token) to get into the expected output.
 2023-05-04 07:49:21 -04:00
Kubernetes Prow Robot c7b5e706ce
Merge pull request #15358 from heybronson/runc-1.1.7 
update default runc to 1.1.5, add 1.1.6 and 1.1.7
 2023-05-03 12:24:43 -07:00
Bronson Mirafuentes d819068026 run ./hack/update-expected.sh 2023-05-03 09:00:40 -07:00
Bronson Mirafuentes de171be079 set default runc version to 1.1.5 2023-05-03 08:55:32 -07:00
Kubernetes Prow Robot 101ad83161
Merge pull request #15361 from spotinst/feature/bump_spotinst-sdk-go_to_1.145.0 
Spotinst: bump spotinst-sdk-go to v1.145.0
 2023-05-03 03:00:12 -07:00
yehielnetapp fd2702481f after run: make gomod 2023-05-03 11:24:34 +03:00
yehielnetapp a5936f9e57 update github.com/spotinst/spotinst-sdk-go@v1.145.0 2023-05-03 10:36:11 +03:00
Tim Colbert 033585cb2c
If the Cluster Name is not default the hubble relay shows TLS errors on request from the hubble UI 
Updated Files
 * Update: upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.16-v1.12.yaml.template
 2023-05-03 03:03:36 +00:00
Bronson Mirafuentes b25432314f run ./hack/update-expected.sh 2023-05-02 14:21:30 -07:00
Bronson Mirafuentes f11fd88020 update runc to 1.1.7 2023-05-02 13:48:02 -07:00
Kubernetes Prow Robot 8f4fd41e3a
Merge pull request #15357 from spotinst/feature/update_help_wanted_in_release_doc 
Spotinst: update  help wanted in release doc
 2023-05-02 07:02:17 -07:00
Kubernetes Prow Robot 0f13866b01
Merge pull request #15342 from olemarkus/ecr-credentials-provider 
Switch to using external ECR credential provider for k8s 1.27
 2023-05-02 04:50:13 -07:00
yehiel etah ed95afe948
Update 1.27-NOTES.md 2023-05-02 10:37:12 +03:00
yehiel etah 466bb8f6db
Update 1.26-NOTES.md 2023-05-02 10:35:51 +03:00
Ole Markus With d7ba6112e6 Add notes about external ECR credential provider 2023-04-29 10:29:25 +02:00
Ole Markus With 5d82e52c48 Use external ECR credential provider as of Kubernetes 1.27 2023-04-29 10:21:57 +02:00
Kubernetes Prow Robot 6d1837a4a0
Merge pull request #15351 from justinsb/aws_no_double_node 
Block bootstrap when the node already exists
 2023-04-28 15:34:16 -07:00
Kubernetes Prow Robot c21b1c36ff
Merge pull request #15350 from scaleway/scw_doc_temporary_patch 
scaleway: doc: temporary env var to pull protokube
 2023-04-27 09:36:16 -07:00
justinsb 868823bbcf Block bootstrap when the node already exists 
We now do this across all clouds, as it has been demonstrated on
OpenStack.
 2023-04-27 11:47:42 -04:00
Lucas Telles 39639f9a32
fix typo 2023-04-27 11:53:52 -03:00
Lucas Telles 0bacc2b6da
Create func to reset awsCloudInstances 2023-04-27 11:52:49 -03:00
Leïla MARABESE f2335b8517 temporary env var to pull protokube 2023-04-27 14:35:52 +02:00
Kubernetes Prow Robot 2875f70cb5
Merge pull request #15347 from justinsb/gce_icmpv6 
gce: fix icmpv6 in firewalls
 2023-04-25 23:06:15 -07:00
Kubernetes Prow Robot b6fe79ab36
Merge pull request #15348 from justinsb/run_ko 
makefile: use go run to execute ko
 2023-04-25 22:06:16 -07:00
justinsb b618866727 makefile: use go run to execute ko 
This saves having to install it and worry about execution paths etc.
 2023-04-25 21:27:07 -04:00
justinsb b835184ea4 gce: fix icmpv6 in firewalls 
IPv6 in firewalls must use icmpv6, not icmp.  Remap in our ipv6
generator for simplicity.
 2023-04-25 20:59:47 -04:00
Kubernetes Prow Robot 53d6be3e4f
Merge pull request #15333 from scaleway/scw_refactoring_tags 
scaleway: downgrade CCM + refactoring tags
 2023-04-25 11:12:17 -07:00
Leïla MARABESE 1e20a4c629 unique instance names to comply with CCM 2023-04-25 16:01:42 +02:00
Leïla MARABESE dc6e6b41de print small fix 2023-04-25 14:31:37 +02:00
Leïla MARABESE 499cc1be95 downgrade CCM 2023-04-25 14:31:37 +02:00
Leïla MARABESE c2654188b0 added noprefix to tags 2023-04-25 14:31:37 +02:00
Kubernetes Prow Robot 5d9ce2716a
Merge pull request #15341 from zetaab/csimetrics 
add csi cinder metrics
 2023-04-24 21:50:36 -07:00
Kubernetes Prow Robot 3566e28980
Merge pull request #15338 from spotinst/feature/spot-updateControllerVersion 
Spot: Update Spot Ocean controller to the latest version (1.0.90)
 2023-04-24 21:50:24 -07:00
Anthony Hausman 2283d620e8
fix(cilium): install CNI plugin binary in an InitContainer 
Starting cilium version `1.12.8` and to reduces the potential security surface of the agent, Cilium removes the bind-mount of `/opt/cni/bin` into the template.
Instead, write the binaries once in an initContainer.

Ref:
 - https://github.com/cilium/cilium/pull/24075
 2023-04-24 14:21:17 +02:00
Kubernetes Prow Robot e9c7b52164
Merge pull request #15346 from zetaab/updos 
add openstack ccm + csi versions to 1.27
 2023-04-24 00:56:48 -07:00