Automatic merge from submit-queue.
Add --subnets and --utility-subnets to kops create cluster
This change adds two new options to `kops create cluster`
When specifying `--vpc`, `--subnets` can be specified as an unordered array of subnet ids. Kops will then look up the zones of the subnets to find which zone to add the subnet id to.
If `--topology private` is also specified, `--utility-subnets` can similarly be specified.
~If a zone was specified but a subnet wasn't given that matches the zone, then the subnet will be allocated a CIDR with the current behaviour.~ This case fails validation here 7bd0a6a703/pkg/apis/kops/validation/validation.go (L151)
I can add unit tests and docs changes if required, but I am keen to get feedback before I proceed much further.
I have only added support for AWS.
I have tested this by running a command similar to this:
```bash
kops create cluster \
--zones=us-east-1a,us-east-1b,us-east-1c \
--topology private \
--master-zones=us-east-1a,us-east-1b,us-east-1c \
--vpc $vpc_id \
--subnets subnet-111111,subnet-222222,subnet-333333 \
--utility-subnets subnet-444444,subnet-555555,subnet-666666 \
$cluster_hosted_zone_name
```
And the cluster spec was as expected.
This will allow us to set CIDRs for nodeport access, which in turn will
allow e2e tests that require nodeport access to pass.
Then add a feature-flagged flag to `kops create cluster` to allow
arbitrary setting of spec values; currently the only value supported is
cluster.spec.nodePortAccess
- new property is only used when KubernetesVersion is 1.6 or greater
- taints are passed to kubelet via --register-with-taints flag
- Set a default NoSchedule taint on masters
- Set --register-schedule=true when --register-with-taints is used
- Changed the log message in taints.go to be less alarming if taints are
found - since they are expected on 1.6.0+ clusters
- Added Taints section to the InstanceGroup docs
- Only default taints are allowed in the spec pre-1.6
- Custom taint validation happens as soon as IG specs are edited.
- --cloud-labels will be applied to every kops-created resource
- Also ran apimachinery to regenerated the conversions for the new
Cluster.ClusterLabels property.
We probably should use a canned channel, but in the interim this is
probably the best option, otherwise every time we update the stable
channel we break the tests.
* The master zones are the default set of zones unless explicitly set
* The master count is the number of master zones unless explicitly set
* We then round-robin around the zones
* We append a suffix -1, -2, -3 if there are more masters than zones
* We trim prefixes to keep etcd member names short
Fix#1653
Rather than always setting it (incorrectly in many cases), we infer it
from the subnets.
Users can still set it, we just don't default it to a value we then
ignore.
Fix#1582
bastion-<clustername> is not necessarily in the same hosted zone, nor is
bastion-<dnszone>, and bastion-<dnszone> is not necessarily unique
across clusters.
Justin Santa Barbara
k8s-ci-robot
chrislovecnm
Kubernetes Submit Queue
Henry Muru Paenga
georgebuckerfield
Kashif Saadat
dima
Robin Percy
Kris Nova
Thomas Peitz
Eric Hole
Eric Hole