kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,424 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

4713 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 93dc3b907c
Merge pull request #12412 from olemarkus/nlb-add-subnet 
Allow adding more subnets to an NLB
 2021-09-25 17:32:21 -07:00
Kubernetes Prow Robot ef22270b3f
Merge pull request #12394 from ReillyBrogan/reilly/ciliumBidirectionalMount 
Add bidirectional BPF mount for Cilium >= 1.9.10 or >= 1.10.4
 2021-09-25 09:42:21 -07:00
Kubernetes Prow Robot 1774e6cae3
Merge pull request #12321 from dezmodue/private_bastion 
Add option to create an internal load balancer for the bastion
 2021-09-24 07:23:24 -07:00
Ole Markus With fc9c86e778 Allow adding more subnets to an NLB 2021-09-24 14:21:45 +02:00
Anthony Hausman 5e814f465d
Add support to configure Cilium CNI chaining 
CNI chaining allows to use Cilium in combination with other CNI plugins.

With Cilium CNI chaining, the base network connectivity and IP address management is managed by the non-Cilium CNI plugin, but Cilium attaches eBPF programs to the network devices created by the non-Cilium plugin to provide L3/L4 network visibility, policy enforcement and other advanced features.

https://docs.cilium.io/en/v1.9/gettingstarted/cni-chaining/#cni-chaining

In our case, to be able to use the `HostPort` feature in our cluster, we need to enable the `portmap` plugin.
 2021-09-24 10:39:22 +02:00
Reilly Brogan 9c6bf83c93 Update Cilium to 1.10.4 
- Release notes available [here](https://github.com/cilium/cilium/releases/tag/v1.10.4)
 2021-09-23 13:08:57 -05:00
Reilly Brogan bce435da1c Add bidirectional BPF mount for Cilium >= 1.9.10 or >= 1.10.4 
- Cilium versions 1.10.4 and 1.9.10 now auto-mount the bpf file-system automatically
- Also remove redundant capabilities (these are already automatically granted by virtue of this being a privileged container)
 2021-09-23 13:01:58 -05:00
Kubernetes Prow Robot defcdedb68
Merge pull request #12366 from justinsb/zone_autocompletion 
Support zone autocompletion
 2021-09-22 17:45:10 -07:00
Ole Markus With f06fcc5af2 Add specific taints to dns-controller. 
Also set kops-controller as cluster critical, not node critical
 2021-09-22 16:40:08 +02:00
Kubernetes Prow Robot 6be5fa97d3
Merge pull request #12375 from hakman/go-1.17.1 
Update Go to v1.17.1
 2021-09-21 09:20:24 -07:00
Kubernetes Prow Robot 8f42a4a689
Merge pull request #12368 from justinsb/gce_firewall_rules_always_ipv6 
GCE: Always have IPv6 rules in "ipv6 mode"
 2021-09-20 20:38:23 -07:00
Kubernetes Prow Robot 06924c58b7
Merge pull request #12373 from justinsb/gce_no_utility_subnets 
GCE: Don't create utility subnets in private topology
 2021-09-20 15:32:23 -07:00
justinsb c7e6187493 Support zone completion 
Refactor cloud listing & zone guessing into its own package.
 2021-09-20 09:53:33 -04:00
Justin Santa Barbara 1db266f15a Move cidrmap to subnet package 
This will enable reuse outside of gce.
 2021-09-20 09:33:10 -04:00
justinsb 16fc5e8cec GCE: Don't create utility subnets in private topology 
We don't need them on GCE, and in fact we don't support them with IP Alias.
 2021-09-20 09:31:33 -04:00
justinsb 76f816f483 GCE: Always have IPv6 rules in "ipv6 mode" 
If we don't specify some SourceRanges, it defaults to 0.0.0.0/0, which
is IPv4 and confusing.
 2021-09-20 09:26:28 -04:00
justinsb 856a321a6f Better logging in setLifecycleOverride 
Remove the log message at V(8), it doesn't include any real
signal.  This method also gets called a lot!

Also differentiate between the expected and unexpected cases when a
task implements/does not implement HasLifecycle.
 2021-09-20 07:13:55 -04:00
Ciprian Hacman 19564888f4 Use "//go:build" lines together with "// +build" lines 
The go command now understands //go:build lines and prefers them over // +build lines. The new syntax uses boolean expressions, just like Go, and should be less error-prone. As of this release, the new syntax is fully supported, and all Go files should be updated to have both forms with the same meaning. To aid in migration, gofmt now automatically synchronizes the two forms. For more details on the syntax and migration plan, see https://golang.org/design/draft-gobuild.
 2021-09-20 07:35:31 +03:00
justinsb 8c66610b8d Fix nil pointer error where containerd is not in use 
We need to check for nil.

We could consider using Getters.
 2021-09-19 21:59:22 -04:00
justinsb e21a20e863 Only configure IMDSv2 on AWS 
These aren't used on other clouds.
 2021-09-19 14:00:54 -04:00
Ciprian Hacman faa66c6597 Update Calico to v3.20.1 2021-09-19 09:31:39 +03:00
Simone Sciarrati 61763d488a Add option to create an internal load balancer for the bastion 2021-09-18 20:47:55 +02:00
Kubernetes Prow Robot 7f7a78a285
Merge pull request #12322 from rifelpet/managed-files2 
Create a second Terraform provider for managed files
 2021-09-18 10:30:08 -07:00
Ciprian Hacman fa853add24 Fix EC2 IPv6 endpoint for EBS CSI Driver controller 2021-09-18 18:34:13 +03:00
Kubernetes Prow Robot e1d8d12efb
Merge pull request #12351 from eddycharly/clean-comment 
fix: remove inconsistent comment
 2021-09-18 05:50:09 -07:00
Charles-Edouard Brétéché 1353039fac fix: remove inconsistent comment 2021-09-18 14:04:22 +02:00
Ciprian Hacman bc6705c956 Use EC2 and Metadata IPv6 endpoints in IPv6 mode for EBS CSI Driver 2021-09-18 14:22:22 +03:00
Peter Rifel 476eb96970
./hack/update-expected.sh 2021-09-17 18:08:59 -05:00
Peter Rifel 0449d6e36f
Upgrade TF to 0.15 and include the provider's configuration_aliases 2021-09-17 18:08:59 -05:00
Peter Rifel 0f67cb1edb
Include second tf provider when ConfigBase implements TerraformPath 2021-09-17 18:08:58 -05:00
Peter Rifel ff50a52ae0
Add API field for managed files terraform provider config 2021-09-17 18:08:58 -05:00
Peter Rifel 3ec1295cf0
Add support for writing lists of terraform literals 2021-09-17 18:08:57 -05:00
Peter Rifel eaea60ff07
Disallow TerraformJSON + TerraformManagedFiles and deprecate TerraformJSON 2021-09-17 06:42:07 -05:00
Peter Rifel 5247bb8cc2
./hack/update-expected.sh 2021-09-16 20:04:36 -05:00
Peter Rifel 0bcd39e905
Add IPv6 IMDS terraform support 
This requires bumping the minimum aws provider version to the version that includes the support
 2021-09-16 20:02:03 -05:00
Ole Markus With 1323ed9040 Add more tolerations to kops-controller and CCM . 
CCM and kops-controller taint each other out. This will make them
schedule, and schedule earlier.
 2021-09-16 21:09:45 +02:00
Ole Markus With a3a2a9c3bf Have nodeup assign an ipv6 prefix 2021-09-16 19:28:07 +02:00
Ole Markus With 88bd1953ce Have kops-controller assign instance ipv6 prefix to node 2021-09-16 19:25:19 +02:00
Yadnesh Kulkarni 14dbc68aa7 Report the power state of cloud instances 2021-09-15 15:35:58 +05:30
Kubernetes Prow Robot b4ba59993e
Merge pull request #12316 from rifelpet/managed-files 
Allow arbitrary length terraform literals
 2021-09-13 06:58:07 -07:00
Kubernetes Prow Robot 7a67dce053
Merge pull request #12314 from olemarkus/sgr-ids 
Use sg rule ids and tags where possible
 2021-09-12 07:10:07 -07:00
Ole Markus With d98994686a Use sg rule ids and tags where possible 2021-09-12 14:32:58 +02:00
Kubernetes Prow Robot 2645e8410a
Merge pull request #12308 from olemarkus/lb-dns-no-precreate 
Do not precreate dns record for api lbs
 2021-09-12 05:18:06 -07:00
Peter Rifel c04f9e0a6a
Allow arbitrary length terraform literals 
Terraform provider aliases are referenced with two "tokens": `aws.files`

This adds support for literal references with an arbitrary number of tokens
 2021-09-12 07:32:30 -04:00
Kubernetes Prow Robot 1b431b4c9c
Merge pull request #11628 from olemarkus/gpu-runtime 
Pre-install nvidia container runtime + drivers on GPU instances
 2021-09-11 13:00:07 -07:00
Ole Markus With bba3c3abfe Bump aws ebs csi driver to 1.2.1 2021-09-11 14:15:31 +02:00
Ole Markus With 7cdfd6553d Do not precreate dns record for api lbs 
Precreating DNS records that kops cli will overwrite shortly after doesn't provide much benefit. It is also hard to say to external-dns it doesn't own those records.
 2021-09-11 10:39:05 +02:00
Ole Markus With e44d0061f3 Bump snapshot-controller to 4.2.1 2021-09-11 08:37:54 +02:00
Kubernetes Prow Robot 39eb930646
Merge pull request #12290 from rifelpet/imds-ipv6 
Enable IMDS IPv6 endpoint
 2021-09-09 06:04:11 -07:00
Peter Rifel 60c86e1a44
Enable IMDS IPv6 endpoint when IPv6AddressCount > 0 2021-09-09 07:24:14 -05:00