kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,345 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

897 Commits

Author SHA1 Message Date
Kubernetes Prow Robot b71ba1d566
Merge pull request #11219 from johngmyers/refactor-keypair 
Refactor keypair code in preparation for secret rotation
 2021-06-12 14:25:00 -07:00
Kubernetes Prow Robot cfc93e5178
Merge pull request #9294 from johngmyers/refactor-nodeup-context 
Remove InstanceGroup from NodeupModelContext
 2021-06-12 13:43:01 -07:00
Ole Markus With 224cae1113 Only warm-pull images used by the CSI DS 
Pulling the Deployment images serves no purpose as they tend not to run on normal nodes
 2021-06-10 09:28:53 +02:00
Ole Markus With c162013a3c Use quay images for cilium 2021-06-08 23:01:08 +02:00
John Gardiner Myers e0915887ed Move asset copying out of apply_cluster 2021-06-05 21:17:50 -07:00
John Gardiner Myers 12465ac27c Simplify extraction of service-account public keys 2021-06-05 16:38:28 -07:00
John Gardiner Myers fa77f8b964 Rename fi.Keystore.StoreKeypair to StoreKeyset 2021-06-05 16:38:26 -07:00
John Gardiner Myers 2300d89591 Rename pki.FindKeypair to FindPrimaryKeypair 2021-06-05 16:38:26 -07:00
John Gardiner Myers ed1f6ff79e Refactor StoreKeypair and AddCert 2021-06-05 16:38:25 -07:00
John Gardiner Myers 0364a3af25 Refactor FindKeypair interfaces 2021-06-05 16:38:24 -07:00
John Gardiner Myers 6b2250a9af Have apiserver trust all service-account keys 2021-06-05 16:38:08 -07:00
John Gardiner Myers b45c0b4489 Remove InstanceGroup from NodeupModelContext 2021-06-03 21:27:01 -07:00
John Gardiner Myers 14ab4a3453 Move UpdatePolicy into NodeConfig 2021-06-03 21:20:56 -07:00
John Gardiner Myers 59c8826b17 Move FileAssets into the NodeupAuxConfig 2021-06-03 21:20:55 -07:00
John Gardiner Myers 06658c9d13 Move Hooks into the NodeupAuxConfig 2021-06-03 21:09:45 -07:00
John Gardiner Myers c3c1aca3c1 Include AuxConfig output in TestBootstrapUserData 2021-06-03 21:09:45 -07:00
John Gardiner Myers 2e1629c610 Introduce nodeup.AuxConfig 2021-06-03 20:37:22 -07:00
Kubernetes Prow Robot c62090fc6c
Merge pull request #11552 from hakman/etcd-events-tests 
Add etcd-server related tests
 2021-05-21 09:29:35 -07:00
Ciprian Hacman 48ef1555bb Add etcd-server related tests for kube-apiserver 2021-05-21 18:53:54 +03:00
Ciprian Hacman f4ec3df187 Prepare etcd-server related tests for kube-apiserver 2021-05-21 18:53:54 +03:00
Ole Markus With 46e13c0009 Bump snapshot-controller version 
Update upup/models/cloudup/resources/addons/storage-aws.addons.k8s.io/v1.15.0.yaml.template

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>

Update upup/models/cloudup/resources/addons/storage-aws.addons.k8s.io/v1.15.0.yaml.template

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-05-21 15:40:40 +02:00
Alexander Block bb52334222 Make the events etcd cluster optional 2021-05-20 08:05:42 +02:00
Peter Rifel 47add60546
Fix KCM livenessProbe to use secure port 2021-05-11 08:01:42 -05:00
John Gardiner Myers 36f93d0069 hack/update-expected.sh 2021-05-07 23:40:03 -07:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Peter Rifel cc4fae3f71
Remove unused k8s version parsing 2021-05-03 17:23:23 -05:00
dntosas 9481246e22
[csi/aws] Add support for warm pools 
Add pulling needed images as initial task for warming up instances for
csi driver resources.

Signed-off-by: dntosas <ntosas@gmail.com>
 2021-04-25 16:59:57 +03:00
Ole Markus With df2f66e1e5 Make API servers provision themselves. 
API servers also have access to secret store, so there is no need to go through kops-controller.
This lets API server only depend on etcd from the CP nodes, which should make it easier to scale out API servers under pressure
 2021-04-23 06:59:15 +02:00
Ole Markus With 769c6e584f Add install section to kubelet unit 2021-04-19 19:19:46 +02:00
Ole Markus With df4f429ceb Apply suggestions from code review 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-04-19 07:25:42 +02:00
Ole Markus With 202e440920 Pre-pull cilium and kube-proxy in warming mode 2021-04-18 18:42:59 +02:00
Ole Markus With aac4741b0e Add a golden test for warmpool mode 2021-04-15 07:01:33 +02:00
Ole Markus With af92896dc7 Don't start kubelet if we are warming 2021-04-14 11:05:50 +02:00
Ciprian Hacman 1737925c44 Replace k8s.io/utils/mount with k8s.io/mount-utils 2021-04-14 07:01:43 +03:00
Ole Markus With bd731ce989 Use secure kubelet auth 
Without secure node auth enabled, commands like `kubectl logs` may fail
with certain configurations.

Previously, we checked if anonymousAuth was enabled on the kubelet
before securing node communication, but this isn't really relevant. We
can still authenticate even if anonymous access is allowed.
 2021-04-13 08:59:39 +02:00
John Gardiner Myers fdc61b4bdb Rename the service account key 2021-04-11 08:11:27 -07:00
Kenji Kaneda baff30d66e Add an option to skip NTP installation 
Add NTPConfig to ClusterSpec. NTPConfig has the SkipInstall option.

https://github.com/kubernetes/kops/issues/9661
 2021-03-31 12:33:32 -07:00
Peter Rifel e2ea5f8a95
Update protokube systemd unit docs link 2021-03-24 20:57:00 -05:00
Barry Melbourne 05123faf5a Update containerd to v1.3.10/v1.4.4 2021-03-23 17:02:01 +00:00
Ciprian Hacman 1b57bfbb8f Load env vars from file for kops-configuration service 2021-03-23 04:32:34 +02:00
Kubernetes Prow Robot 8b5be9baf9
Merge pull request #11082 from bharath-123/task/remove-dbus 
Remove dbus dependency
 2021-03-21 21:31:43 -07:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Bharath Vedartham 26319c6e96 Remove dbus dependency 2021-03-20 15:06:10 +05:30
Peter Rifel b57318fc3d
Download kubectl to /opt/kops/bin on Flatcar OS 
Also add it to protokube's PATH.

Our flatcar job is currently failing because channels arent being applied.
A newly added error log reports that kubectl isn't in protokube's PATH.

This adds the kubectl's location (/opt/bin) to protokube's PATH.

See https://storage.googleapis.com/kubernetes-jenkins/logs/e2e-kops-aws-distro-imageflatcar/1371379886664454144/artifacts/54.206.100.130/protokube.log
 2021-03-18 22:26:38 -05:00
Bharath Vedartham 368f3e94f2 Create an environment file for kops-configuration systemd process 2021-03-13 16:25:04 +05:30
Kubernetes Prow Robot ad7c793050
Merge pull request #10913 from seh/scope-os-update-policy-to-instance-group-too 
Honor OS update policy at InstanceGroup level too
 2021-03-12 22:03:03 -08:00
Ciprian Hacman 79a0720143 Fix rendering of multiple Docker insecure registries 2021-03-12 16:30:15 +02:00
Ciprian Hacman 77b72efe1d Fix various nits when changing Protokube to run as service 2021-03-08 07:19:48 +02:00
Bharath Vedartham d45514cff3 Make protokube a systemd process 2021-03-06 00:32:44 +05:30
Steven E. Harris e39c985ee7 Honor OS update policy at InstanceGroup level too 
As with the Cluster-level "spec.updatePolicy" field, add a similar
field at the InstanceGroup level, allowing overriding of the
cluster-level choice in each InstanceGroup.

Introduce a new value for the field ("automatic") as equivalent to the
default value applied when the field is absent. Honoring this new
value allows disabling automatic updates at the cluster level, but
then enabling them again for particular InstanceGroups. Without such a
positive affirmation, it's not possible to override a cluster-level
"external" policy at the InstanceGroup level, as there's no way to
specify positively that you want to recover the default
value. Instead, expressing the explicit "automatic" value is clear and
unambiguous.
 2021-03-05 08:53:07 -05:00