kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,978 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

2549 Commits

Author SHA1 Message Date
Ciprian Hacman abba0261e8 Update containerd to v1.6.21 2023-05-08 07:55:23 +03:00
justinsb 9c73c341ae Don't pass env vars if not needed 2023-05-07 13:17:56 -04:00
Bronson Mirafuentes de171be079 set default runc version to 1.1.5 2023-05-03 08:55:32 -07:00
Bronson Mirafuentes f11fd88020 update runc to 1.1.7 2023-05-02 13:48:02 -07:00
Kubernetes Prow Robot 2875f70cb5
Merge pull request #15347 from justinsb/gce_icmpv6 
gce: fix icmpv6 in firewalls
 2023-04-25 23:06:15 -07:00
justinsb b835184ea4 gce: fix icmpv6 in firewalls 
IPv6 in firewalls must use icmpv6, not icmp.  Remap in our ipv6
generator for simplicity.
 2023-04-25 20:59:47 -04:00
Leïla MARABESE 1e20a4c629 unique instance names to comply with CCM 2023-04-25 16:01:42 +02:00
Jesse Haka c09b401b38 add csi cinder metrics 2023-04-20 14:40:44 +03:00
Kubernetes Prow Robot 2ef477f190
Merge pull request #15331 from justinsb/gce_address_family_ipalias 
gce: set ip address family on all FirewallRule tasks
 2023-04-19 10:11:11 -07:00
justinsb be588e830f gce: set ip address family on all FirewallRule tasks 
We had missed a few code paths previously.
 2023-04-18 03:45:09 -04:00
Anthony Hausman 5af9c30f32
Update containerd to v1.6.20 2023-04-16 12:32:49 +02:00
Jesse Haka 225e3f4b3f Upgrade k8s-dns-node-cache to 1.22.20 2023-04-13 16:23:46 +03:00
Kubernetes Prow Robot 69691eea23
Merge pull request #15266 from infonova/os-implement-etcd-manager-networkcidr 
OpenStack: Add network-cidr config for etcd-manager
 2023-04-13 02:48:36 -07:00
Steven E. Harris 9595c833ee
Allow Cluster Autoscaler to ignore daemon pods 
By default the cluster autoscaler takes DaemonSet-managed pods'
resource requests into consideration when computing a node's resource
utilization. Allow toggling its "--ignore-daemonsets-utilization"
command-line flag via a new field in the Cluster
spec—"clusterAutoscaler.ignoreDaemonSetsUtilization." Setting that
field to true causes the autoscaler to ignore such daemon pods'
requests, such that it will more likely judge a node running only
daemon pods as being underutilized and shut down its hosting machine.
 2023-04-05 10:03:24 -04:00
Kubernetes Prow Robot 4cbcbf251b
Merge pull request #15281 from justinsb/gce_ipv6_subnets 
gce: Add IPv6 support to subnet/instances
 2023-03-31 13:43:49 -07:00
Justin SB 98c1109cc6 gce: Add IPv6 support to subnet/instances 
We need to specify StackType & IPv6AccessType
 2023-03-31 09:33:47 -04:00
Justin SB f20e08cab9 GCE FirewallRule: Use an explicit field for ipv4 vs ipv6 
We were previously relying on the name, but the name was "fooled" by
cluster names like ipv6.example.com
 2023-03-31 09:33:29 -04:00
Justin SB d4f3573351 gce: Fix log message about bucket level IAM 
The parameters were the wrong way round.
 2023-03-30 17:16:03 -04:00
ederst 3ccb8746cf OpenStack: Add network-cidr config for etcd-manager 2023-03-27 11:14:25 +02:00
Kubernetes Prow Robot b202130d8f
Merge pull request #15221 from infonova/os-set-allowed-addresses 
OpenStack: Allow setting allowed address pairs for ports
 2023-03-26 23:35:56 -07:00
ederst a63328fc5b Run hack/update-expected.sh 2023-03-23 15:01:10 +01:00
ederst 37c2cf56d2 OpenStack: Allow setting allowed address pairs for ports 2023-03-23 15:01:10 +01:00
idanshoham 222e138683
feat(spot): Setting the VNG Size Limits in Launch Spec 2023-03-19 10:30:34 +02:00
Kubernetes Prow Robot 9d05f3d59c
Merge pull request #15238 from hakman/fix_additional_policies 
aws: Use `control-plane` for additional policies instead of `master`
 2023-03-16 19:31:16 -07:00
Ciprian Hacman 3a8d11c01f aws: Use `control-plane` for additional policies instead of `master` 2023-03-16 10:49:08 +02:00
Ciprian Hacman 88fd444987 gcp: Update terraform rendering for Target Pool 2023-03-16 08:55:15 +02:00
Ciprian Hacman 1db17ab949 gcp: Update terraform rendering for HTTP Health Check 2023-03-16 08:10:25 +02:00
Peter Rifel 3ce30fff48
Don't set CSIMigrationAWS for k8s >=1.27 2023-03-10 21:19:21 -06:00
Justin SB 03af1c7272 gce: Don't reconcile routes when running with "gce" networking. 
If running with GCE "native" networking, we do not need the route
controller (and it causes problems); we turn it off by setting
--configure-cloud-routes=false.

In general we do not need the gkenetworkparams controller (and it
complains about missing CRDs).  We will turn it off in future, but it
isn't in the images we are using currently.
 2023-03-03 10:07:09 -05:00
Justin SB eb7d3c958c gce: When using network native pod IPs, open firewall to apiserver 
If we're not masquerading the pod IPs, we need an explicit firewall
rule for the pods to reach the kube-apiserver.  Normally this is
permitted anyway, but if the apiserver has a locked-down CIDR range
(as the e2e tests do) then we need our own rule.
 2023-03-02 13:15:58 -05:00
Jesse Haka 3f9a1b6462 set node status update freq to 60min in OpenStack 2023-02-27 20:38:30 +02:00
Kubernetes Prow Robot b5dc9f6371
Merge pull request #15122 from Mia-Cross/scw_profiles 
scaleway: get credentials from Scaleway profile
 2023-02-24 07:43:34 -08:00
Ciprian Hacman 8d6a809d10 Update containerd to v1.6.18 2023-02-18 04:38:08 +02:00
Rafael da Fonseca bc37c7408c Add terraform target support for configuring Warm Pool 2023-02-14 14:27:46 +00:00
Kubernetes Prow Robot 9ec9d42910
Merge pull request #15131 from hakman/containerd-v1.6.17 
Update containerd to v1.6.17
 2023-02-13 02:27:29 -08:00
Jesse Haka ff557a9cf1 remove cadvisor and etcd client fw rule 2023-02-13 09:31:37 +02:00
Jesse Haka 382855d7d1 remove s3 access from nodes if using none dns 2023-02-12 21:51:16 +02:00
justinsb 150a98e258 DigitalOcean: Support SSH key provisioning 
This means we don't need to pre-upload our SSH keys.
 2023-02-12 10:34:40 -05:00
Ciprian Hacman 0d39e0920e Update containerd to v1.6.17 2023-02-12 12:27:24 +02:00
Leïla MARABESE 9f950f4a3a scaleway profiles feature 2023-02-10 17:02:45 +01:00
Ciprian Hacman 884fded69e hack/update-expected.sh 2023-02-01 09:37:37 +02:00
Ciprian Hacman bdd7ff49da Update etcd-manager to v3.0.20230201 2023-02-01 09:35:32 +02:00
Kubernetes Prow Robot ebebbe8b76
Merge pull request #15068 from hakman/etcd-v3.5.7 
Update etcd to v3.5.7
 2023-01-31 01:54:49 -08:00
Kubernetes Prow Robot 94affad3a4
Merge pull request #15050 from anthonyhaussman/feat/tone/cilium_unreachable_routes_pod_deletion 
Cilium: Add unreachable route for pod IP on deletion option
 2023-01-30 05:26:51 -08:00
Kubernetes Prow Robot 254fd0ca39
Merge pull request #14933 from Mia-Cross/scaleway_load_balancer 
scaleway: load-balancer support
 2023-01-30 00:12:51 -08:00
Ciprian Hacman ae042e7499 Update containerd to v1.6.16 2023-01-29 08:01:37 +02:00
Ciprian Hacman 4ebc882a70 hack/update-expected.sh 2023-01-28 16:29:53 +02:00
Ciprian Hacman 1d8114dd8c Update etcd to v3.5.7 2023-01-28 16:28:07 +02:00
Leïla MARABESE e2a6207ea1 added dependencies between LB, LBbackend and LBfrontend tasks 2023-01-26 17:12:47 +01:00
Leïla MARABESE 43f8f8b29b separated back/front-end tasks from LB task 2023-01-26 17:12:46 +01:00
Leïla MARABESE 3dece51a3a migrated LB regionalized API to zoned API 2023-01-26 17:12:46 +01:00
Leïla MARABESE ea2f7123e1 use of cloud tags + improved error checking and messages 2023-01-26 17:12:46 +01:00
Leïla MARABESE e9f2694061 load-balancer model + tasks 2023-01-26 17:12:46 +01:00
John Gardiner Myers b47babf808 Upgrade AWS CCM to 1.25.3 2023-01-24 12:35:24 -08:00
Anthony Hausman 484bde5b9b
cilium: Add unreachable route for pod IP on deletion option 
When a pod is deleted, the route to its IP is replaced with an unreachable route.
When a pod is created, the route is replaced with a route to the pod veth (so if an unreachable existed, it's replaced).

Ref:
 - https://github.com/cilium/cilium/pull/18505
 2023-01-24 14:08:24 +01:00
Ciprian Hacman b1ef66f136 etcd-manager: Add option to set backup retention 2023-01-23 09:43:09 +02:00
Ciprian Hacman fef8eb4a9b Run hack/update-expected.sh 2023-01-21 09:24:33 +02:00
Ciprian Hacman 61acbe72fa Update etcd-manager to v3.0.20230119 2023-01-21 09:24:33 +02:00
Ciprian Hacman 971c655ecb Run hack/update-expected.sh 2023-01-21 09:24:33 +02:00
Ciprian Hacman 40bf0b9f52 Load etcd binaries dynamically from container images 2023-01-21 09:24:33 +02:00
Kubernetes Prow Robot ddd1583244
Merge pull request #15022 from Mia-Cross/scw_refacto_instance_and_tags 
scaleway: refactoring: instance and tags
 2023-01-18 21:50:34 -08:00
Kubernetes Prow Robot 6b04c3e9f5
Merge pull request #15020 from johngmyers/nth 
Upgrade Node Termination Handler to 1.18.3
 2023-01-18 10:12:34 -08:00
John Gardiner Myers 56092cd2b7 Upgrade Node Termination Handler to 1.18.3 2023-01-18 08:12:59 -08:00
Leïla MARABESE e52af91e34 scaleway: refactoring: instance and tags 2023-01-18 15:50:37 +01:00
Kubernetes Prow Robot e88fbf5d7d
Merge pull request #15016 from johngmyers/nodeup-network2 
Move more networking settings into nodeup.Config
 2023-01-18 02:04:35 -08:00
John Gardiner Myers 0c323445fb Move UsesKubenet to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers aec9075087 Upgrade AWS CCM to 1.25.2 2023-01-15 21:46:24 -08:00
John Gardiner Myers 2eb24107fd hack/update-expected.sh 2023-01-15 17:20:32 -08:00
John Gardiner Myers f6debfd658 Move ServiceClusterIPRange to nodeup.Config 2023-01-15 17:19:18 -08:00
Jesse Haka 3dab0eb807 Use kops-controller to boostrap nodes in OpenStack 2023-01-14 13:54:14 +02:00
John Gardiner Myers 2365980281 openstack: use subnet type instead of topology 2023-01-12 19:33:10 -08:00
John Gardiner Myers 5f41e04088 Use consistent topology in Openstack TestServerGroupBuilder 2023-01-12 19:27:51 -08:00
Kubernetes Prow Robot a1a0ce3f33
Merge pull request #14930 from zetaab/feature/openstacknodns 
OpenStack: Add support for clusters without DNS
 2023-01-12 07:52:54 -08:00
Ciprian Hacman 0f7bd5dc5e Infer the dns suffix from the cluster name for etcd-manager 2023-01-12 12:45:33 +02:00
Kubernetes Prow Robot 8b8b4eeab1
Merge pull request #14884 from johngmyers/cp-hop-1 
AWS: set IMDS hop limit 1 on all new clusters
 2023-01-11 23:48:55 -08:00
John Gardiner Myers 0a419953d3 Expand TestPolicyGeneration to cover gossip/no-gossip cases 2023-01-11 22:06:01 -08:00
John Gardiner Myers c1c75ca340 hack/update-expected.sh 2023-01-11 21:19:24 -08:00
John Gardiner Myers 1de02c56f1 Use state store for nodeup.Config in Gossip clusters 2023-01-11 21:19:24 -08:00
John Gardiner Myers 6caaff50cd AWS: set IMDS hop limit 1 on all new clusters 2023-01-11 20:04:53 -08:00
Jesse Haka cc8871eede no dns for OpenStack 2023-01-11 20:02:02 +02:00
Grégory SANCHEZ 6fdf54ff34 feat(cluster-autoscaler): autogenerate priority-expander configMap 2023-01-11 08:26:33 +01:00
Kubernetes Prow Robot b9c2bbea5d
Merge pull request #14974 from hakman/containerd-v1.6.15 
Update containerd to v1.6.15
 2023-01-10 23:19:45 -08:00
Kubernetes Prow Robot d247c0b37d
Merge pull request #14879 from hakman/aws_imds_all_clusters 
aws: Set IMDS defaults for existing clusters
 2023-01-10 22:25:19 -08:00
Ciprian Hacman 086d74605f Update containerd to v1.6.15 2023-01-11 06:32:22 +02:00
Leïla MARABESE 543d59758a removed SCW_DEFAULT_REGION and SCW_DEFAULT_ZONE env vars 2023-01-10 16:11:23 +01:00
Kubernetes Prow Robot 0b8ccf2c9e
Merge pull request #14951 from johngmyers/kube-dns 
Upgrade k8s-dns-node-cache to 1.22.16
 2023-01-09 08:21:29 -08:00
Ole Markus With 07c77b1e5f Bump EBS CSI driver to 1.14.1 2023-01-09 13:01:23 +01:00
justinsb cca919dcde gce: KCM should not allocate IPs when CCM is in use. 
When the GCE cloud-controller-controlller is in use, it allocates node
IPs, and so the kube-controller-manager should not allocate node IPs.
 2023-01-07 17:24:24 -05:00
justinsb 132a805972 Allow built-in manifests to be replaced by external addons 
We identify the external manifests by checking for our labels.
Currently that label is kOps specific, and we'll likely have to evolve
that to something ecosystem-netural.

We only support the GCE CCM addon and the kopeio-networking addon at
first.

For the GCE CCM addon, we need to replace the arguments, in particular
we likely need the Pod CIDR.  Here we need to work with the GCE CCM to
find a mechanism that can allow some of these flags to be communicated
via a more extensible mechanism (env vars or config maps, likely,
though possibly CRDs).

This is all behind the ClusterAddons feature flag at the moment, so we
can figure this out with other projects safely.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2023-01-05 20:29:56 -05:00
Ole Markus With 517da72ff5 Bump cluster autoscaler to 1.26.1 2023-01-05 13:40:26 +01:00
Kubernetes Prow Robot 7b4430ff61
Merge pull request #14885 from johngmyers/root-volume 
v1alpha3: Move IG root volume settings to sub-struct
 2023-01-04 18:11:58 -08:00
John Gardiner Myers c55cc836db Upgrade k8s-dns-node-cache to 1.22.16 2023-01-04 17:49:50 -08:00
justinsb b7d9319fff EnsureTask should panic on error 
This means that we automatically check the error code.  A linter could
detect errors here (maybe), but in practice we can't recover from
errors here anyway.
 2023-01-04 08:29:20 -05:00
Kubernetes Prow Robot 5096ea5182
Merge pull request #14947 from johngmyers/k8s-version 
Miscellaneous NodeupConfig refactoring
 2023-01-03 23:13:59 -08:00
John Gardiner Myers fea27074aa hack/update-expected.sh 2023-01-03 22:16:20 -08:00
Kubernetes Prow Robot 2a29412931
Merge pull request #14943 from johngmyers/kube-proxy 
Use NodeupConfig for kube-proxy config
 2023-01-03 19:35:58 -08:00
John Gardiner Myers 7419620b80 hack/update-expected.sh 2023-01-03 12:29:07 -08:00
John Gardiner Myers b5eef1c129 Use NodeupConfig for kube-proxy config 2023-01-03 12:29:07 -08:00
John Gardiner Myers 2439193a8a Don't tag public subnets for internal LBs in IPv6 clusters 2023-01-03 11:04:52 -08:00
Ciprian Hacman 62f1d20c96 aws: Set IMDS defaults for existing clusters 2023-01-03 11:03:44 +02:00
John Gardiner Myers e44ce84f78 hack/update-expected.sh 2023-01-02 13:58:23 -08:00
John Gardiner Myers fe448ef906 Use NodeupConfig for DockerConfig 2023-01-02 13:58:21 -08:00
John Gardiner Myers 3fe4ee9b84 hack/update-expected.sh 2023-01-02 13:42:11 -08:00
John Gardiner Myers 125866792d Use NodeupConfig for ContainerdConfig 2023-01-02 13:42:11 -08:00
John Gardiner Myers 768299134c hack/update-expected.sh 2023-01-02 12:50:24 -08:00
John Gardiner Myers 25a897b691 Use NodeupConfig for ContainerRuntime 2023-01-02 12:50:23 -08:00
John Gardiner Myers c68be498c6 Refactor NewAssetBuilder to not take a Cluster 2023-01-01 13:37:52 -08:00
John Gardiner Myers 1be8be233f Reduce use of cluster topology field 2022-12-30 14:28:47 -08:00
John Gardiner Myers 92958f9966 v1alpha3: Move IG root volume settings to sub-struct 2022-12-26 20:35:26 -08:00
Ciprian Hacman b3a07ee83e Use short service name with discovery labels 2022-12-26 13:21:43 +02:00
John Gardiner Myers 5c69274317 Simplify pointers to maps in API 2022-12-25 20:29:51 -08:00
John Gardiner Myers b3dfcea95f v1alpha3: Move AWS-specific CloudConfig settings to AWSSpec 2022-12-25 16:12:02 -08:00
Kubernetes Prow Robot e13c51968b
Merge pull request #14869 from johngmyers/upd-min-version 
Update min versions for 1.27
 2022-12-24 23:59:27 -08:00
Kubernetes Prow Robot b97662c6a3
Merge pull request #14837 from johngmyers/gce-cloudconfig 
v1alpha3: Move GCE-specific CloudConfig settings to GCESpec
 2022-12-24 22:31:26 -08:00
John Gardiner Myers 3823c13633 hack/update-expected.sh 2022-12-24 21:44:50 -08:00
John Gardiner Myers 005ec38972 Remove code for no-longer-supported k8s 1.21 2022-12-24 21:44:50 -08:00
John Gardiner Myers 70389e6398
Release 1.27.0-alpha.1 (#14866) 2022-12-24 21:43:27 -08:00
justinsb ae074bbc6b VFS: Add context to CreateFile & WriteFile 
As "request" methods, these should have context parameters.
 2022-12-23 10:39:52 -05:00
Ciprian Hacman f5b72742b4
Release 1.26.0-beta.1 (#14858) 2022-12-23 01:13:27 -08:00
Ciprian Hacman 0c88d881a2 openstack: Stop passing cluster tags 2022-12-22 08:08:19 +02:00
Ciprian Hacman d9d78df5e7 openstack: Refactor DNS client initialization 2022-12-22 07:41:25 +02:00
Ole Markus With 171b2d0a5d Bump cilium to 1.12.5 2022-12-21 11:40:39 +01:00
Kubernetes Prow Robot 70efe5dd08
Merge pull request #14829 from olemarkus/ebs-csi-114 
Bump EBS CSI driver to 1.14.0
 2022-12-21 00:49:25 -08:00
John Gardiner Myers 17b926fdeb hack/update-expected.sh 2022-12-20 19:44:32 -08:00
John Gardiner Myers 0e11075012 v1alpha3: Move GCE-specific CloudConfig settings to GCESpec 2022-12-20 19:44:32 -08:00
Kubernetes Prow Robot 7854e036aa
Merge pull request #14828 from olemarkus/cas-bump-126 
Use cluster autoscaler 1.26 on k8s 1.26 clusters
 2022-12-20 13:15:32 -08:00
Ole Markus With 08a9657cfb Bump EBS CSI driver to 1.14.0 2022-12-20 20:37:53 +01:00
Ole Markus With 8511b18b16 Use cluster autoscaler 1.26 on k8s 1.26 clusters 2022-12-20 20:29:58 +01:00
John Gardiner Myers 4d309b0b36 Move Cluster into CloudupSubContext 2022-12-20 08:11:01 -08:00
Kubernetes Prow Robot 728fbabe6c
Merge pull request #14813 from johngmyers/gcp-csi 
v1alpha3: Move some GCE-specific fields to CloudProvider.GCE
 2022-12-20 06:45:44 -08:00
Kubernetes Prow Robot bc4b351946
Merge pull request #14818 from johngmyers/nodelocaldns 
Upgrade k8s-dns-node-cache to 1.22.15
 2022-12-19 22:31:43 -08:00
John Gardiner Myers 936790e953 Upgrade k8s-dns-node-cache to 1.22.15 2022-12-19 19:26:21 -08:00
Ciprian Hacman a38e3f403a Update containerd to v1.6.14 2022-12-20 00:59:07 +02:00
John Gardiner Myers 34d7507f78 v1alpha3: Move some GCE-specific fields to CloudProvider.GCE 2022-12-19 08:28:28 -08:00
John Gardiner Myers dec7d33be6 v1alpha3: Move AWS EBS CSI spec under CloudProvider.AWS 2022-12-19 00:10:16 -08:00
John Gardiner Myers ca7d82b02a v1alpha3: move AWS-specific fields to AWSSpec 2022-12-18 15:16:49 -08:00
Kubernetes Prow Robot 741ca8faa2
Merge pull request #14444 from johngmyers/task-generic 
Refactor Context into separate cloudup and nodeup types
 2022-12-18 13:37:43 -08:00
Ole Markus With c10841eba3 Base OpenStack API resources on cluster name if public name is not set 2022-12-18 10:57:21 +01:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
John Gardiner Myers b024338768 Always include load balancer domain in APIServer certificate 2022-12-17 16:14:08 -08:00
John Gardiner Myers 1b590f5111 Simplify 2022-12-17 10:16:22 -08:00
justinsb f4984dafab Support public buckets for serviceAccountIssuers on S3 
S3 is also nudging towards bucket level permissions, so don't set an ACL when bucket is public.
 2022-12-17 09:57:45 -08:00
Kubernetes Prow Robot ae9fd8c344
Merge pull request #14795 from johngmyers/aws-ccm-old 
Upgrade older AWS CCM minor versions
 2022-12-17 07:15:49 -08:00
Kubernetes Prow Robot 0f5fc06cec
Merge pull request #14771 from johngmyers/sqs-rebalance 
Don't drain on rebalance recommendations in SQS mode unless configured
 2022-12-17 07:15:42 -08:00
John Gardiner Myers 9de1ee9459 Upgrade older AWS CCM minor versions 2022-12-16 15:33:09 -08:00
John Gardiner Myers 30011e9f28 Upgrade AWS CCM to v1.26.0 2022-12-16 15:24:12 -08:00
Ciprian Hacman 5927c506d0 Update containerd to v1.6.13 2022-12-16 06:00:04 +02:00
Ciprian Hacman b9f7c2619b gce: Add support for clusters without DNS 2022-12-14 11:09:54 +02:00
Ciprian Hacman e622a5b6ce Update containerd to v1.6.12 2022-12-13 08:22:22 +02:00
Ciprian Hacman 41ada58944 Rename field from `ManagedFile.Public` to `ManagedFile.PublicACL` 2022-12-12 13:21:55 +02:00