kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,128 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1877 Commits

Author SHA1 Message Date
Ciprian Hacman f51e347f99 Build and use cp replacement 2023-05-27 05:18:53 +03:00
Kubernetes Prow Robot e3a639cd73
Merge pull request #15373 from hakman/depup 
Update dependencies to K8s v1.27
 2023-05-08 02:27:17 -07:00
Ciprian Hacman 43dc946522 Hide s2a flags from --help output 2023-05-08 07:35:36 +03:00
justinsb 1faee9dd8c digitalocean: bootstrap nodes through kops-controller. 
We start with a simple node verifier.
 2023-05-07 13:17:56 -04:00
justinsb c89f434f1b Only use node challenge on hetzner 
DigitalOcean (and others) will follow shortly.

Also create a method for CloudProvider, so that we are more ambivalent
towards bootstrapping methods.
 2023-05-06 08:57:21 -04:00
Justin SB c67f895226 Perform challenge callbacks into a node 
In order to verify that the caller is running on the specified node,
we source the expected IP address from the cloud, and require that the
node set up a simple challenge/response server to answer requests.

Because the challenge server runs on a port outside of the nodePort
range, this also makes it harder for pods to impersonate their host
nodes - though we do combine this with TPM and similar functionality
where it is available.
 2023-05-06 08:03:21 -04:00
justinsb 868823bbcf Block bootstrap when the node already exists 
We now do this across all clouds, as it has been demonstrated on
OpenStack.
 2023-04-27 11:47:42 -04:00
Leïla MARABESE 1e20a4c629 unique instance names to comply with CCM 2023-04-25 16:01:42 +02:00
Leïla MARABESE b4d230f8c2 scaleway integration test 2023-03-28 16:58:54 +02:00
Ciprian Hacman dc92df3643 gcp: Add placeholder integration test for public load balancer 2023-03-16 07:49:47 +02:00
Jesse Haka a765191898 use http.StatusConflict 2023-02-20 13:01:43 +02:00
Jesse Haka 8e6199fa39 exit gracefully if server already exists in k8s 2023-02-12 16:52:13 +02:00
Justin SB 9b02017059 openstack verifier: support IPv6 
Add IPv6 support to the openstack verifier and polish up a few error messages.
 2023-01-28 10:54:48 -05:00
Jesse Haka b3c134be06 make openstack kops-controller boostrap auth better 2023-01-19 10:07:11 +02:00
Kubernetes Prow Robot 08f308232f
Merge pull request #15006 from zetaab/osnodeidentifier 
update OpenStack node identifier to use Identifier
 2023-01-15 23:20:51 -08:00
Jesse Haka eaa1a6836e update OpenStack node identifier to use Identifier instead of LegacyIdentifier 2023-01-15 10:14:51 +02:00
John Gardiner Myers 775ed65820 Run kops-controller server on non-leaders as well 2023-01-14 10:20:04 -08:00
Jesse Haka 3dab0eb807 Use kops-controller to boostrap nodes in OpenStack 2023-01-14 13:54:14 +02:00
Ciprian Hacman d884e5f4d9 Remove the SpecOverrideFlag feature flag 2023-01-13 20:40:17 +02:00
Kubernetes Prow Robot a1a0ce3f33
Merge pull request #14930 from zetaab/feature/openstacknodns 
OpenStack: Add support for clusters without DNS
 2023-01-12 07:52:54 -08:00
Kubernetes Prow Robot a7a77026e1
Merge pull request #14920 from dimamo5/replace-using-defaults 
Populate cluster with default values in `kops replace`
 2023-01-12 03:08:54 -08:00
Diogo Moura 05a0a96d8b
Wrap error using '%w' 
Co-authored-by: Ole Markus With <olemarkus@gmail.com>
 2023-01-12 10:22:23 +00:00
Jesse Haka cc8871eede no dns for OpenStack 2023-01-11 20:02:02 +02:00
Grégory SANCHEZ 1b35c353d3 test(cas): add integration tests for cluster autoscaler priority expander config 2023-01-11 08:26:33 +01:00
Kubernetes Prow Robot 7b4430ff61
Merge pull request #14885 from johngmyers/root-volume 
v1alpha3: Move IG root volume settings to sub-struct
 2023-01-04 18:11:58 -08:00
John Gardiner Myers c68be498c6 Refactor NewAssetBuilder to not take a Cluster 2023-01-01 13:37:52 -08:00
justinsb 6c2edaee7e Add Context arg to vfs ReadFile 
This is an "action" method, so should take a context.
 2023-01-01 09:51:44 -05:00
Diogo Moura 4ead1abd87
Populate cluster with default values in `kops replace` 2022-12-31 00:31:12 +00:00
John Gardiner Myers 309c893ca1 Include SSHCredentials in create cluster dryrun output 2022-12-27 22:49:15 -08:00
John Gardiner Myers 92958f9966 v1alpha3: Move IG root volume settings to sub-struct 2022-12-26 20:35:26 -08:00
Ciprian Hacman b3a07ee83e Use short service name with discovery labels 2022-12-26 13:21:43 +02:00
John Gardiner Myers 005ec38972 Remove code for no-longer-supported k8s 1.21 2022-12-24 21:44:50 -08:00
John Gardiner Myers c0dff11230 Update min versions for 1.27 2022-12-24 21:44:49 -08:00
justinsb 817c1e63b3 FindKeyset can return nil 
We had missed a case in nodeup; add a Context argument to force us to
revisit the codepaths.
 2022-12-24 16:12:21 -05:00
Kubernetes Prow Robot 69c59af0f4
Merge pull request #14862 from justinsb/vfs_context_to_create_and_write 
VFS: Add context to CreateFile & WriteFile
 2022-12-23 10:25:26 -08:00
justinsb a69dc902c4 Add context to GetOrCreateSecret 
Continuing the wiring as needed.
 2022-12-23 10:48:50 -05:00
justinsb ae074bbc6b VFS: Add context to CreateFile & WriteFile 
As "request" methods, these should have context parameters.
 2022-12-23 10:39:52 -05:00
justinsb ba59d65bc9 Wire up context from cobra in cmd/kops 
Removes a lot of context.TODO() calls.
 2022-12-22 17:52:27 -05:00
justinsb 90cbf75584 Context threading: more wiring 
We're aiming to use this for testing immediately and better
logging/tracing in future, but to make the changes manageable breaking
them into a smaller series that don't directly achieve much.
 2022-12-22 17:52:22 -05:00
Ole Markus With d9e2490439 Add node local dns to many-addons irsa test 2022-12-20 22:11:44 +01:00
John Gardiner Myers 76fc186060 Remove nodeup's unused cloudinit target 2022-12-20 07:14:15 -08:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
Kubernetes Prow Robot 0f5fc06cec
Merge pull request #14771 from johngmyers/sqs-rebalance 
Don't drain on rebalance recommendations in SQS mode unless configured
 2022-12-17 07:15:42 -08:00
Kubernetes Prow Robot 0896ea246d
Merge pull request #14769 from hakman/gce_none_dns 
gce: Add support for clusters without DNS
 2022-12-15 19:29:36 -08:00
Ciprian Hacman cfa5a670d4 Add integration tests 2022-12-14 11:54:06 +02:00
Ciprian Hacman 0ff7c6f432 Update GCE integration tests 2022-12-14 11:48:51 +02:00
John Gardiner Myers 20b5241b84 Get AWS zones list from AWS SDK 2022-12-13 22:50:11 -08:00
Kubernetes Prow Robot 41fa042b89
Merge pull request #14768 from hakman/guess_cloud 
Guess cloud provider from state store path
 2022-12-13 22:29:40 -08:00
Kubernetes Prow Robot c9e6a915cc
Merge pull request #14736 from Mia-Cross/scaleway_nodeidentity 
scaleway : nodeidentity
 2022-12-13 22:29:34 -08:00
John Gardiner Myers 55b46073b7 Don't drain on rebalance recommendations in SQS mode unless configured 2022-12-11 18:21:43 -08:00
Ciprian Hacman bc2aa3072d Guess cloud provider from state store path 2022-12-11 12:30:10 +02:00
Ole Markus With 7375bbb487 kops-controller: increase verbosity level on logs in gossip controller 2022-12-08 20:18:31 +01:00
Ole Markus With 160941e1b5 Add openstack octavia integration test 2022-12-07 21:47:42 +01:00
Leïla MARABESE 3b9a57efb7 scaleway nodeidentity 2022-12-07 11:49:53 +01:00
Kubernetes Prow Robot f827ec7f54
Merge pull request #14721 from johngmyers/nth-default-queue 
Change default for NTH Queue Processor mode to enabled
 2022-12-06 03:18:36 -08:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Ciprian Hacman 141f6065f9 Don't pass region to ListResources 2022-12-05 09:40:38 +02:00
John Gardiner Myers 04d00927da Adjust integration tests for NTH default change 2022-12-04 15:56:20 -08:00
Kubernetes Prow Robot cc2bdfa2ab
Merge pull request #14719 from olemarkus/vs-cleanups 
A couple of static checks cleanups
 2022-12-04 08:20:01 -08:00
Ole Markus With 4e9e1aaabb Make it a bit more clear that toolbox commands may be experimental 2022-12-04 15:47:12 +01:00
Ole Markus With 27e206a264 Expose channels through kops toolbox cli 
Make the channels apply commmand a bit more clear

Update cmd/kops/toolbox_addons.go

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>

Update cmd/kops/toolbox_addons.go

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>

fix docs
 2022-12-04 15:47:09 +01:00
Ole Markus With cd24f58c3f Remove unused function 2022-12-04 14:43:08 +01:00
Ole Markus With 7c64d9ba0d Fix double imports 2022-12-04 14:43:08 +01:00
Ole Markus With dc80fc2c63 Fix casing in error strings 2022-12-04 14:43:08 +01:00
Ciprian Hacman bbf638334a Add metrics-server addon to integration tests with many addons 2022-12-03 09:51:39 +02:00
Ciprian Hacman 170df2fa5b gce: Add integration test for updating a cluster with many addons 2022-12-03 09:00:49 +02:00
Ciprian Hacman cad72f9c38 gce: Add integration test for creating a minimal cluster 2022-12-03 08:46:50 +02:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
Kubernetes Prow Robot 8b268b1439
Merge pull request #14696 from johngmyers/fix-extrafields 
Fix edit.HasExtraFields()
 2022-11-30 23:26:26 -08:00
John Gardiner Myers 47b6f4f383 Fix edit.HasExtraFields() 2022-11-30 21:05:37 -08:00
Ciprian Hacman dbef6209c2 Remove support for using Vault as state store 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2022-11-30 18:38:21 +02:00
Leïla MARABESE 26895294ae added id_ed25519 to autoloaded ssh keys 2022-11-28 11:49:11 +01:00
Kubernetes Prow Robot 03c3c4131f
Merge pull request #14621 from johngmyers/terraform-subnet 
Implement subnet "/64#N" notation in Terraform
 2022-11-24 09:02:04 -08:00
John Gardiner Myers dd5340775c Update cmd/kops/create_instancegroup.go 
Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-11-23 22:12:27 -08:00
John Gardiner Myers de9055b588 Update control-plane terminology in CLI output strings 2022-11-23 21:32:10 -08:00
John Gardiner Myers 0358d4fdbd Add shared_vpc_ipv6 integration test 2022-11-23 15:55:01 -08:00
John Gardiner Myers 14e2864f4a Implement subnet "/64#N" notation in Terraform 2022-11-23 15:55:01 -08:00
John Gardiner Myers 18ab0b9965 Use new terminology in rolling-update flags 2022-11-23 14:11:20 -08:00
Ole Markus With 01590c03b0 Add a create cluster integration test for openstack 
Fix various openstack nprs. Also add create cluster integration test
 2022-11-23 10:25:29 +01:00
Ole Markus With 7a1f0f4bda Add bare networking flag option for cilium in eni mode 2022-11-23 09:10:16 +01:00
John Gardiner Myers 6c0603991b Create new clusters with updated control plane IG names 2022-11-22 22:09:08 -08:00
John Gardiner Myers 87925bf0ca Remove CloudFormation support 2022-11-22 21:02:50 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
John Gardiner Myers cd88c293e1 Switch IPv6 integration tests to private topology 2022-11-21 21:35:44 -08:00
Kubernetes Prow Robot a9c6c4e5fa
Merge pull request #14504 from johngmyers/v1alpha3-aws 
v1alpha3: Move API-related settings under API
 2022-11-20 06:34:31 -08:00
Ciprian Hacman 0207d94201 Add integration test 2022-11-20 07:09:45 +02:00
Ciprian Hacman f60df9b955 Add option for setting Kubernetes feature gates 2022-11-20 07:09:42 +02:00
John Gardiner Myers 5fca16aa30 v1alpha3: Move API-related settings under API 2022-11-19 10:27:12 -08:00
John Gardiner Myers e0ee3eda2a Remove CloudFormation tests 2022-11-19 10:25:20 -08:00
Kubernetes Prow Robot 6132c8d9e2
Merge pull request #14592 from hakman/generics 
Use generics to refactor fi.Bool/Float*/Int*/String*()
 2022-11-19 10:08:31 -08:00
John Gardiner Myers 26cec727ab New IPv6 clusters now default to private topology 2022-11-18 22:47:28 -08:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
Kubernetes Prow Robot 306dd51565
Merge pull request #14572 from olemarkus/cp-max-hop-1 
Set IMDS max hop limit to 1 for control plane nodes if IRSA is enabled
 2022-11-17 18:02:30 -08:00
Ole Markus With 2f59911458 Add create cluster test with irsa 2022-11-17 19:25:19 +01:00
Ciprian Hacman 211c82d8ad aws: Fix SIGSEGV when using instance selector 2022-11-17 12:22:22 +02:00
Kubernetes Prow Robot c592a02bb4
Merge pull request #14532 from johngmyers/kops-get 
Add "kops get all" command
 2022-11-16 18:40:39 -08:00
Ciprian Hacman 61eaeddb9b Serve secrets from kops-controller for nodes without state store access 2022-11-15 14:51:54 +02:00
John Gardiner Myers 1380f1d2dd Add --bastion-image flag to "kops create cluster" 2022-11-12 11:59:32 -08:00
John Gardiner Myers 7e83f8e385 Add "kops get all" command 2022-11-11 20:58:11 -08:00
John Gardiner Myers 71017f0307 Use bastion to dump private instances 2022-11-09 21:34:04 -08:00
Kubernetes Prow Robot 96acfc4ceb
Merge pull request #14452 from hakman/aws_none-dns_nlb 
aws: Create cluster without DNS or Gossip
 2022-11-05 22:30:15 -07:00
Kubernetes Prow Robot de45957b70
Merge pull request #14454 from johngmyers/revert-deprecation 
Revert deprecation of positional clustername args
 2022-11-04 21:22:17 -07:00
Ciprian Hacman 72d3669b07 aws: Switch integration test from Public DNS to None DNS 2022-11-02 12:54:27 +02:00
Ciprian Hacman c8f32621b7 Run hack/update-expected.sh 2022-11-02 12:47:03 +02:00
Ciprian Hacman c9d1eb9761 hetzner: Use kops-controller for node bootstrap 2022-11-02 12:43:25 +02:00
Ciprian Hacman 231ce799bd aws: Add integration test placeholder for None DNS 2022-11-02 11:25:05 +02:00
Kubernetes Prow Robot 2c4808c5bd
Merge pull request #14440 from hakman/hetzner_no-dns_master 
hetzner: Create cluster without DNS or Gossip
 2022-11-02 02:02:47 -07:00
John Gardiner Myers 81ce39006f hack/update-expected.sh 2022-11-01 17:04:43 -07:00
John Gardiner Myers 6d467ba8ff Inform user about progress of cluster deletion 2022-10-27 11:07:17 -07:00
Ciprian Hacman 4e5ded6dc3 hetzner: Create cluster without DNS or Gossip 2022-10-27 11:29:37 +03:00
John Gardiner Myers ac2bbf8712 Revert deprecation of positional clustername args 2022-10-25 21:43:27 -07:00
Steven E. Harris 95f98896c7
promote-keypair: Block items without certificates 
Forbid the "kops promote keypair" command from promoting a key pair
item that lacks an associated X.509 certificate.

Along with that prohibition, refuse to store a key set in a VFS whose
primary key pair lacks a certificate. This allows us to continue
storing such key pairs, but we will never allow them to serve as the
primary key pair within the containing key set.
 2022-10-17 12:13:45 -04:00
Steven E. Harris a6ee86d1f7
get-keypairs: Tolerate items without certificates 
Allow the "kops get keypairs" command to consume key sets with old key
pair items that lack an associated X.509 certificate. When the command
is invoked without the "--distrusted" flag set to true, omit these old
items as if they're distrusted. Conversely, when the command is
invoked with the "--distrusted" flag set to true, include these items,
but omit their details that would be contingent on the nonexistent
certificate.

In order to supply only information that is known to be true, treat
the following fields in the output as newly optional:

- issuer
- notAfter
- notBefore
- subject

With no certificate present, it's not possible to present concrete
values for those fields.
 2022-10-17 11:39:16 -04:00
Ciprian Hacman 4c6368d7aa Deprecate `--api-loadbalancer-class` flag 2022-10-12 15:12:23 +03:00
Ole Markus With 8c12d5b035 When using kops create, set the provided machinetype in the written IG spec 2022-09-28 12:16:03 +02:00
Ole Markus With 466a7e6989 Add create cluster test for arm64 2022-09-28 12:16:03 +02:00
Kubernetes Prow Robot cd4a8d3ad5
Merge pull request #14295 from hakman/cli_network-id 
Replace --vpc flag with --network-id
 2022-09-23 11:00:25 -07:00
Ciprian Hacman 81b4bb0717 hetzner: Move out of alpha and drop feature flag 2022-09-19 10:35:19 +03:00
Ciprian Hacman b193a3d35c Replace --vpc flag with --network-id 2022-09-18 14:34:53 +03:00
Ole Markus With c7cfcd1af8 User IG without image should be allowed 
This is technically a regression. kOps had the behavior where empty image meant use from channel. But this got removed due to strict validation of user input
 2022-09-17 17:44:48 +02:00
Ole Markus With 4f2b5655bb Don't write populated IG state after editing IG 2022-09-17 13:15:44 +02:00
Ole Markus With 24d359ddc1 Create edit instancegroup test 2022-09-17 13:14:36 +02:00
justinsb 4b2f773748 rolling-update: don't deregister our only apiserver 
If we do, we can't drain the node afterwards.  We also are going to
have dropped connections in this case anyway.
 2022-09-15 09:16:57 -04:00
Kubernetes Prow Robot 75f541172d
Merge pull request #14226 from hakman/flannel-0.19.2 
Update Flannel to v0.19.2
 2022-09-05 12:17:01 -07:00
Ciprian Hacman fb776d1c43 Run hack/update-expected.sh 2022-09-03 12:18:08 +03:00
Ciprian Hacman 178eb55725 Run hack/update-expected.sh 2022-09-03 11:26:57 +03:00
Ole Markus With 8a40c544d2 Bump kubernetes version in karpenter e2e test 2022-08-25 11:37:10 +02:00
Ciprian Hacman 272ded0187 Add integration tests for Hetzner 2022-08-25 08:14:39 +03:00
Kubernetes Prow Robot 50e61eeeef
Merge pull request #14168 from hakman/ssh-key_trim_space 
Trim space around SSH public key
 2022-08-23 23:13:49 -07:00
Ciprian Hacman 407ee77041 Trim space around SSH public key 2022-08-24 08:32:01 +03:00
Kubernetes Prow Robot 8f20d22ef7
Merge pull request #14127 from olemarkus/write-ig-input 
Write the user provided IG spec to state store instead of the full spec
 2022-08-20 03:29:35 -07:00
Kubernetes Prow Robot 91639d99bb
Merge pull request #14148 from olemarkus/cu-more 
Add more cluster_update tests
 2022-08-19 22:25:35 -07:00
Ole Markus With 8c1bc03f42 Don't write the populated IG spec to state store 2022-08-20 07:15:10 +02:00
Ole Markus With 8f8765be0d Add more cluster_update tests 2022-08-19 20:31:38 +02:00
Ole Markus With fdb72f2c34 Add create cluster test that includes apiserver 2022-08-19 18:57:43 +02:00
Ole Markus With 29a7268442 Add more create_cluster integration tests 2022-08-19 18:57:17 +02:00
Ole Markus With 7d7780bad9 Revert "Remove passing cluster name as positional argument" 
This reverts commit 824eb9cabb.
 2022-08-18 07:26:42 +02:00
Ciprian Hacman cb99db0757 Run make goimports 2022-08-17 07:03:33 +03:00
Ciprian Hacman a32cf690bb Create etcd-manager config for each instance group 2022-08-10 11:04:36 +03:00
Kubernetes Prow Robot 9661894261
Merge pull request #13618 from justinsb/kubescheduler_config 
Support kube-scheduler config
 2022-08-03 21:53:46 -07:00
Kubernetes Prow Robot 2706b05af3
Merge pull request #14089 from justinsb/positional_to_stderr 
Positional deprecation warning should go to stderr
 2022-08-03 13:13:46 -07:00
justinsb 85fb99c75d Positional deprecation warning should go to stderr 
Otherwise we break piped output with -ojson etc.
 2022-08-03 15:24:06 -04:00
justinsb ed21b27c5c Hide klog flags from --help output 
The klog flags just clutter the output and often push the most
important output off of smaller screens.

The flags are still supported, just hidden.
 2022-08-03 10:19:07 -04:00
justinsb c82c30d8aa Support kops create with addditional objects 
Not all additional objects support metadata, so when additional
objects are passed, we can only support a single cluster.
 2022-08-03 09:51:16 -04:00
justinsb d1fc0b9f88 Create goldentest for additional objects 2022-08-03 09:51:16 -04:00
Ole Markus With 824eb9cabb Remove passing cluster name as positional argument 
Apply suggestions from code review

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2022-07-31 15:54:35 +02:00
Ole Markus With 0bd3160bbc Merge channels and kops cli factories 2022-07-31 06:32:57 +02:00
Ole Markus With 2bb0b16e53 Rename ClientSet to KopsClient in cmd factory interface 2022-07-30 20:41:13 +02:00
Ciprian Hacman 8b33646b5b Fix SIGSEGV when deleting a Hetzner instance 2022-07-28 18:39:46 +03:00
Eric Bailey b1c5460282 Check keyset existence before attempting to distrust 2022-07-27 19:23:08 -05:00