af92896dc7
Don't start kubelet if we are warming
2021-04-14 11:05:50 +02:00
ecf03b1c27
Kubetest2 - Ensure the bucket path is the final gsutil arg
...
should fix this error: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1381650445893636096#1:build-log.txt%3A122
2021-04-12 09:58:23 -07:00
1597eac516
Kubetest2 - detect errors creating GCS bucket
...
The job seems to be failing to check if the bucket exists or not. This should cause the job to fail sooner and hopefully log more info about why it failed.
See https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1381529768943423488#1:build-log.txt%3A121
2021-04-12 05:33:24 -07:00
034bd351dd
Merge pull request #11195 from bmelbourne/update-docker-20.10.5
...
Update Docker to v20.10.5
2021-04-11 14:03:59 -07:00
d74651f39b
Update default stage location (and as a result, kops_base_url)
...
This matches the kubetest1 behavior: 675a42cb78/scenarios/kubernetes_e2e.py (L259-L267)
2021-04-11 11:34:02 -07:00
1a60629d38
Update Docker to v20.10.5
2021-04-11 19:26:46 +01:00
6f063c1c63
Kubetest2 - Set KOPS_BASE_URL to --build's stage location
...
Previously we would upload the custom kops build to the stage location but the kops commands would not have their KOPS_BASE_URL overridden.
This ensures that all kops commands have KOPS_BASE_URL correctly set.
2021-04-11 11:03:09 -07:00
6575b6113d
Update integration tests to k8s v1.21.0
2021-04-11 17:07:17 +01:00
ef5205cde7
Kubetest2 - Create project-specific state store buckets in GCP
...
Since we use boskos to get a random GCP project, we need to create a bucket per project so that permissions will be setup properly.
This matches the existing kubetest1 behavior.
2021-04-10 16:29:14 -07:00
ba4c6fadcb
Kubetest2 - Add flag to expose cluster validation wait time
...
The flatcar jobs are failing because the OS performs package updates and a reboot after initial launch, even with the latest AMI.
This causes the cluster to timeout on its validation.
Exposing a flag will allow us to conditionally extend the validation for the flatcar tests
2021-04-05 19:40:41 -10:00
dbd23473ef
Add irsa support for awslbcontroller
...
This commit also introduces support for adding token projection volumes for well-known SAs.
Slightly less complicated than explicitly parsing the objects for a manifest
2021-04-04 21:24:07 +02:00
f733db7e33
Merge pull request #11175 from olemarkus/aws-lb-controller-test
...
Add integration test for aws lb controller
2021-04-04 11:30:12 -07:00
1e3674e896
Add integration test for aws lb controller
2021-04-04 19:46:09 +02:00
b740123c1d
kubetest2 - Pass GOPATH when building kops
2021-04-01 21:20:17 -10:00
80ceb4200d
Update test outputs
2021-03-26 11:24:11 -07:00
088f342f28
Disable ap-northeast-3 zones for now
2021-03-24 21:19:21 -05:00
ac27e2edcd
kubetest2 - Specify GCE network name
...
Kops defaults to a network named "default" and has issues with network modes.
Apparently there is a "default" network within the projects that boskos issues,
causing `kops create cluster` to fail some cloudup validation.
By specifying a cluster-specific network, kops will create this new network with the non-deprecated settings.
2021-03-24 21:16:54 -05:00
462cfffb02
Kubetest2 - fix temp directory created for GCE SSH keys
...
Also update all ioutil references to their go 1.16 replacements
2021-03-24 06:17:56 -05:00
b2f2c61e69
Kubetest2 - Setup SSH keys for GCE
...
Originally I had thought we were relying on ssh keys mounted from a secret,
it turns out kubetest 1 generated the keys indirectly through gcloud.
This runs the same command as kubetest 1, creating and uploading the SSH keys.
2021-03-23 19:06:15 -05:00
05123faf5a
Update containerd to v1.3.10/v1.4.4
2021-03-23 17:02:01 +00:00
d523ba2ab4
Merge pull request #11109 from hakman/release-1.21.0-alpha.2
...
Release 1.21.0 alpha.2
2021-03-22 01:21:43 -07:00
fa72535f95
Release 1.21.0-alpha.2
2021-03-22 08:38:47 +02:00
c22565830b
Update AWS zones used by e2e tests
...
This adds zones that have been released since this list was updated.
This also reenables some that were disabled due to capacity for c4 instance types - we use c5 now so hopefully they'll have sufficient coverage.
We can disable them if we continue to run into availability issues.
Long term I could see us using the ec2.DescribeAvailabilityZones and ec2.DescribeInstanceTypeOfferings to pick random zone(s) in a random region and guarantee that it has the needed instance types.
2021-03-21 17:54:54 -05:00
d14ba1bba1
Merge pull request #11087 from justinsb/readd_jwks_tests
...
Re-add integration tests for jwks
2021-03-21 00:33:49 -07:00
d43fb1e807
Merge pull request #11083 from bmelbourne/update-ubuntu-20.04-ami
...
Update Ubuntu 20.04 to latest AMI
2021-03-21 00:33:42 -07:00
c75e084158
Re-add integration tests for jwks
...
We removed them from #10756 , but they can be re-added.
2021-03-20 22:55:11 -04:00
20bd724f5e
Add support for scaling out the control plane with dedicated apiserver nodes
...
Ensure apiserver role can only be used on AWS (because of firewalling)
Apply api-server label to CP as well
Consolidate node not ready validation message
Guard apiserver nodes with a feature flag
Rename Apiserver role to APIServer
Add an integration test for apiserver nodes
Rename Apiserver role to APIServer
Enumerate all roles in rolling update docs
Apply suggestions from code review
Co-authored-by: Steven E. Harris <seh@panix.com>
2021-03-20 20:57:00 +01:00
d13b7407a0
Update Ubuntu 20.04 to latest AMI
2021-03-20 10:52:28 +00:00
08b263b8f6
Fix GCE channels version constraints
...
Previously k8s 1.17+ would always match with COS rather than Ubuntu 20.04 because of the unbound version range.
This updates 1.18+ clusters to use Ubuntu 20.04 to match AWS.
This should fix the failure to download logs via SSH here: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1373013584195358720
The instance groups confirm the use of COS rather than u2004: https://storage.googleapis.com/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1373013584195358720/artifacts/instancegroups.yaml
2021-03-19 22:34:31 -05:00
0a446b4cff
Kubetest2 - add more validation time for --target terraform
...
Some of the "beforeSuite" tests are failing because the e2e.test binary isn't resolving the API DNS.
This extends the validation time and also adds a sleep to wait for any negative TTLs to expire.
2021-03-19 20:02:55 -05:00
ac657c430e
Merge pull request #10756 from olemarkus/irsa
...
Instance roles for service accounts (IRSA) contd
2021-03-19 13:29:44 -07:00
7c900b7fae
Generate and upload keys.json + discovery.json to public store
...
Generate and upload keys.json + discovery.json to public store
Don't enable anonymous auth on publicjwks
Remove tests that won't work using FS VFS anymore
2021-03-19 20:03:26 +01:00
4d08a74d77
Kubetest2 - initialize boskos heartbeat channel
2021-03-19 12:18:09 -05:00
a3679b3efe
Kubetest2 - Add boskos for GCE support
2021-03-18 21:00:35 -05:00
44209fcae7
Kubetest2 - Add GCE default SSH key values from prow jobs
2021-03-17 22:14:19 -05:00
9dfbd03fa6
Merge pull request #11046 from hakman/channels-arm64
...
Add channels entries for image architecture
2021-03-15 12:16:34 -07:00
55f8c70779
Add channels entries for image architecture
2021-03-15 20:36:37 +02:00
e30bf1cf35
Update Go modules to latest versions
2021-03-14 15:08:27 +00:00
ae7e621bcf
Upgrade cluster first, then run tests
2021-03-13 09:30:18 -06:00
7c8eb0cb10
Revert upgrade script to build kops
...
There were too many issues with downloading kops from a version marker with this setup.
We'll need to move this logic into kubetest2 itself since it has sufficient knowledge for eg. KOPS_BASE_URL, where the kops binary was downloaded, etc.
2021-03-13 09:26:03 -06:00
2334ed13f6
Trim space on kops version markers
...
Fixes the extra newline character in this job failure: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-aws-misc-updown/1370242214826872832#1:build-log.txt%3A91
2021-03-12 17:11:59 -06:00
ed9da0075d
Merge pull request #11017 from rifelpet/kubetest2
...
Kubetest2 - use same kops binary for all commands in upgrade scenario
2021-03-11 19:34:18 -08:00
0bbaaa3742
Kubetest2 - use same kops binary for all commands in upgrade scenario
...
This ensures that the same binary is used for kubetest2-kops commands as well as the kops commands invoked directly in the scenario script.
Periodic jobs will create a temp file that will be used to save the kops binary from the provided version marker.
non-periodic jobs (local invocation) will use the bazel build binary, preserving original behavior but using this same binary for kops commands rather than relying on PATH.
2021-03-11 16:47:29 -06:00
47aed86a55
Merge pull request #11011 from rifelpet/kubetest2
...
Remove trailing newline from kubernetes version marker
2021-03-10 09:01:14 -08:00
3fb7cbbf0d
Remove trailing newline from kubernetes version marker
...
Should fix the trailing "%0A" here: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-aws-misc-arm64-ci/1369566440318832640#1:build-log.txt%3A90
2021-03-10 07:52:00 -06:00
ee600fa2dd
Remove extraneous field from integration test
...
The api design for using existing instance profiles must have changed during its PR and I never removed the old field from the integration test.
grep shows that this field doesn't exist anywhere else in the codebase.
2021-03-10 07:36:23 -06:00
de22989eda
Merge pull request #11005 from rifelpet/upgrade-periodic
...
Don't build kops during periodic upgrade tests
2021-03-09 21:57:13 -08:00
e7ef671e5a
Merge pull request #11007 from rifelpet/kubetest2-ci-version
...
Kubetest2 - Fix kops' --kubernetes-version with k8s version markers
2021-03-09 21:15:14 -08:00
a3f49646ac
actually build kops on kubetest2 presubmit
2021-03-09 21:28:04 -06:00
864039e606
Kubetest2 - Have kops' --kubernetes-version flag value include the bucket's url
...
This matches the kubetest1 behavior.
See an example kops create cluster command here: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-aws-misc-arm64-conformance/1369076996193128448#1:build-log.txt%3A174
The kubetest 1 logic is here: 37b80c5e3b/kubetest/kops.go (L390-L400)
2021-03-09 21:19:44 -06:00
9eca4115a3
Merge pull request #11006 from rifelpet/kubetest2-publish
...
Kubetest2 - Add support for publishing the kops version marker
2021-03-09 19:15:13 -08:00
10b30eff0e
Kubetest2 - Add support for publishing the kops version marker
...
This will unblock the remaining periodic e2e jobs that havent been migrated yet.
They run a test with the kops version from "latest-ci.txt" as published by the "postsubmit-push-to-staging" postsubmit job,
and if the tests succeed then they get published to "latest-ci-updown-green.txt" which is what all of the other periodic jobs rely on.
example job that uses this functionality: 37b80c5e3b/config/jobs/kubernetes/kops/kops-pipeline.yaml (L46-L48)
2021-03-09 20:31:10 -06:00
208a4a2bf7
Don't build kops during periodic upgrade tests
...
This updates the upgrade scenario script to support building kops when ran locally, or using the version markers when ran in a periodic prow job.
hoping to fix the upgrade tests here: https://testgrid.k8s.io/kops-kubetest2#kops-aws-upgrade
2021-03-09 20:17:37 -06:00
0c0767c0c9
Remove support for launch configurations
2021-03-09 09:04:15 +02:00
594cdc6ed1
kubetest2 - don't overwrite create args that use equals signs
...
Previously we would incorrectly append create cluster arguments if they had already been specified and used --foo=bar notation.
This resulted in arguments being specified multiple times causing undesired behavior.
We now check for both `--foo bar` and `--foo=bar` when attempting to add a `--foo` argument.
2021-03-08 11:35:36 -06:00
1d721c3ff8
Update integration tests
2021-03-06 00:33:20 +05:30
063e3f6c7b
Use internal api url for jwks when required
...
The public api url cannot be used by pods and nodes if access is restricted. So by default we need to use the internal one.
This should finally pass the OIDC e2e test
For public access, api server must be publically available and anonymous
auth must be enabled
2021-03-05 06:52:51 +01:00
d3cf552f37
Merge pull request #10978 from mmerrill3/feature/10786-Dedupe-terraform
...
Removing duplicate local and output values in terraform(#10786 )
2021-03-04 21:08:22 -08:00
1a3cb79d2d
Removing duplicate local and output values in terraform( #10786 )
...
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
2021-03-04 16:32:52 -05:00
1a6ff4efbf
Update Go to v1.16
2021-03-04 18:41:48 +00:00
fcefcb59cc
Merge pull request #10945 from olemarkus/exclude-cp-nodes-from-lbs
...
Exclude CP nodes from load balancers
2021-03-03 05:21:21 -08:00
dacfa7728e
Use CPUCredits in integration test
2021-03-02 22:54:30 -06:00
2ebd448602
Add integration test for transit gateway support
2021-02-28 13:02:11 -06:00
32fce0d59c
Exclude CP nodes from load balancers
2021-02-27 20:14:31 +01:00
a424958e83
Merge pull request #10872 from timothyclarke/feature/NLB-EIP
...
Adding Elastic IP Allocations to NLB API
2021-02-22 23:48:03 -08:00
a77233a843
Update Openstack Cloud Go module to v1.20.1
2021-02-21 12:19:05 +00:00
6123c85047
Merge pull request #10884 from hakman/fix-validate-instance-type-and-image
...
Improve machine type and image validation
2021-02-19 09:44:25 -08:00
dee13cecca
Improve machine type and image validation
2021-02-19 18:28:57 +02:00
9a13837629
Fix JWKS path for volume projection
2021-02-18 22:07:35 +01:00
1577b0a54b
Adding Elastic IP Allocations to NLB API
2021-02-18 12:27:28 +00:00
66ad2895f1
Merge pull request #10867 from rifelpet/kubetest-tf
...
kubetest2 - support terraform with `kops create cluster`
2021-02-18 02:42:51 -08:00
4d2df131f1
Merge pull request #10865 from MoShitrit/k8s-updates-2020-feb-17
...
K8s Version Updates February 2021
2021-02-17 21:34:51 -08:00
d6f3d3c690
kubetest2 - support terraform with `kops create cluster`
...
Previously we were only recognizing it with `kops create --filename`
2021-02-17 23:25:35 -06:00
6424867614
use go install to install `kubetest2`
2021-02-17 19:20:50 -06:00
8a5e95be0a
Pass --debug to ginkgo to enable node log files in presubmit test
2021-02-17 19:13:52 -06:00
fb0a29aaa6
Bump kubetest2 version to include --ginkgo-args
2021-02-17 19:13:52 -06:00
6f85895ac1
Update expected
2021-02-17 19:41:14 -05:00
16f3de29fb
Run ./hack/update-expected.sh
2021-02-16 18:46:00 +01:00
6e8a329f7d
Validate cluster 10 times to mimic kubetest1 and ensure nodes readiness is not flapping
2021-02-16 08:11:51 -06:00
68d2044b12
kubetest2 - add terraform support
2021-02-16 08:11:51 -06:00
1c4da19881
Update integration test outputs with new mock version
2021-02-16 14:21:15 +02:00
f4dfb43993
kubetest2: Call Test, not Execute
...
Execute will reparse the flags; we want to reuse the test execution
but not the flag setup.
2021-02-14 21:03:55 -05:00
cd10383fa0
Merge pull request #10741 from codablock/nlb-subnets
...
Allow to control which subnets and IPs get used for the API loadbalancer
2021-02-14 14:23:06 -08:00
9ab363dfb8
kubetest2: Add --host argument
...
This argument was required for the tests to pass prior to 1.18, so we
should still pass it if we want these tests to pass.
We can infer it from kubeconfig (that is the fix that was introduced in 1.18)
2021-02-13 18:16:13 -05:00
082bdc3878
Merge pull request #10780 from olemarkus/consistent-cp-labelling
...
Make protokube CP label setting consistent with kops-controller
2021-02-12 11:09:58 -08:00
d2d9af4fba
Merge pull request #10802 from hakman/docker-19.03.15
...
Update Docker to v19.03.15
2021-02-11 23:22:47 -08:00
783b6c0d6c
Make protokube CP label setting consistent with kops-controller
2021-02-12 08:17:14 +01:00
c0d02d7dc9
Update Docker to v19.03.15
2021-02-12 07:10:32 +02:00
7111ae164f
Merge pull request #10799 from rifelpet/kubetest2-pod-logs
...
kubetest2 - Dump all pod logs in addition to host logs
2021-02-11 20:52:47 -08:00
47b0551014
kubetest2 - Dump all pod logs in addition to host logs
2021-02-11 20:00:36 -06:00
d44612cc84
Capture outcome of "hack/update-expected.sh" run
2021-02-11 10:49:49 -05:00
63baa5b579
Merge pull request #10752 from rifelpet/lifecycle-integration-test
...
Add overrides testing in lifecycle integration tests
2021-02-11 00:56:16 -08:00
684ff3498e
Add back "omitempty" to cloudformation SubnetMapping
2021-02-10 18:02:13 +01:00
091a18a128
Add omitempty to Subnets and SubnetMappings for terraform and cloudformation
2021-02-10 10:29:48 +01:00
e325d8b72a
Kubetest2 - Fix splitting of --create-args
2021-02-09 07:07:25 -06:00
144d038b76
Kubetest2 - Use a shell lexer for passing extra args to `create cluster`
...
This way any spaces within a quoted value wont cause the value to be broken up into multiple arguments.
The CentOS image in AWS has spaces in its name which is what exposed this issue.
2021-02-08 22:12:30 -06:00
9f5e225424
Add integration test for one external CLB being attached to multiple ASGs
2021-02-07 10:47:55 -06:00
dd1ebb8b77
Add overrides support in lifecycle integration tests
...
This allows specific changes to be tested during an `update cluster --yes` and ensuring a subsequent `update cluster` dryrun correctly reports no changes.
To specify changes, create a cluster.overrides.txt or instancegroup.<name>.overrides.txt file in the update_cluster integration test's directory.
Each line is a field=value format, each batch of changes is separated by a `---` line.
Each batch will be ran through `update cluster --yes`
2021-02-06 23:18:15 -06:00
49e7ec8890
Use SubnetMappings for NLBs instead of Subnets
...
SubnetMappings allow to explicitely set the private IPv4 address that
must be used for the NLB.
SubnetMappings and Subnets in the AWS API are compatible as long as the
address settings are not changes, making this commit backwards compatible.
2021-02-05 17:53:20 +01:00
364b0ce9bf
Fix additional tests
2021-02-04 18:22:40 +01:00
dd035fa2bc
Revert "Set IMDSv2 to "required" only for new clusters"
...
This reverts commit 12cb288df1
2021-02-04 17:57:35 +01:00
a4c36af9de
Revert "Increse imdv2 hop limit on control plane nodes"
...
This reverts commit 4e00e29fc3
2021-02-04 17:57:23 +01:00
2787218fa6
Update the skipped tests in the upgrade job to help the test stage pass
...
We'll look into these failures separately but for now we just want to get to the upgrade process
2021-02-02 12:09:52 -06:00
1ce2352646
Fix create args for upgrade test
2021-02-02 09:16:13 -06:00
dd41a2f8fe
Update upgrade test to use 1.18->1.19
2021-02-02 07:41:45 -06:00
72ae782c04
Dont overwrite default feature flags when appending more flags
2021-02-01 12:27:33 -06:00
044cba7a7a
Kubetest2 - refactor how `kops create cluster` arguments are set
...
This allows kubetest's --create-args to take precedence over arguments we were otherwise hardcoding.
Specifically this will be used to hardcode the list of zones for some prow jobs with `--create-args="--zones us-east-1a"`.
2021-02-01 12:27:19 -06:00
942c48c04b
Remove unnecessary --networking flag from kubetest2.
...
this can be specified in --create-args
2021-02-01 12:27:18 -06:00
4e00e29fc3
Increse imdv2 hop limit on control plane nodes
...
Non-hostNetworking fails to talk to the instance metadata otherwise. Breaking e.g CSI controller
2021-01-31 19:35:07 +01:00
46aa146b31
Add integration tests for older Kubernetes versions
2021-01-29 14:33:36 +02:00
12cb288df1
Set IMDSv2 to "required" only for new clusters
2021-01-29 14:07:52 +02:00
f8d3b76556
Default IMDSv2 to "optional" for AWS
2021-01-29 14:02:14 +02:00
3d39be7721
Merge pull request #10661 from hakman/etcd-manager-defaults
...
Update AWS etcd-manager volumes defaults
2021-01-28 22:01:41 -08:00
accbf7986d
kubetest2 - Use --ssh-user to dump logs
2021-01-28 19:45:06 -06:00
bcc3c98cfb
Bump Ubuntu images for AWS and GCE
2021-01-28 08:31:59 +02:00
5fcd4e4b28
Allow attaching same external load balancer to multiple instance groups
2021-01-27 16:25:39 +02:00
4c5d7ddabf
Remove workaround for volume throughput when using Terraform
2021-01-27 06:33:15 +02:00
ca408f7e8f
Set default volume type to "gp3" for etcd-manager volumes in AWS
2021-01-27 06:23:27 +02:00
fcea4f5b08
Set default volume encryption to "true" for etcd-manager volumes in AWS
2021-01-26 11:29:27 +02:00
cf12fe4efd
Support additional feature flags specified via --env=KOPS_FEATURE_FLAGS=foo
2021-01-25 21:50:30 -06:00
39537d7190
Add --create-args kubetest2 flag
...
This allows us to customize the images, instance types, etc.
kubetest (1) named this --kops-args, I think --create-args is more appropriate because its only passed to `create cluster`
2021-01-25 20:48:38 -06:00
1d76a15f69
Set the tcp_rmem sysctl in bootstrap script
...
This ensures that we're using our settings for downloading nodeup
itself and any assets that nodeup downloads. This is a workaround for
reported problems with the initial download on some kernels otherwise.
Issue #10206
2021-01-24 21:50:45 -05:00
6114c4fbfa
Use the same package marker for kubectl as for e2e binary
2021-01-23 19:21:47 -06:00
c3eda853a8
Merge pull request #10646 from rifelpet/kubetest-upgrade
...
Update kubetest2 library
2021-01-23 10:53:39 -08:00
f492f3d82e
Update kubetest2 library
...
This picks up the --test-package-marker support used by the kops grid jobs
2021-01-23 12:10:53 -06:00
3d03968083
Merge pull request #10622 from srikiz/DO-SupportCorrectRegions
...
[Digital Ocean] Add SFO3 region. Also update e2e tests to use full list of supported zones
2021-01-22 11:15:27 -08:00
dd5c386564
Fix trailing characters
2021-01-22 22:44:36 +05:30
bbe692486d
Revert go.mod and go.sum
2021-01-22 21:19:30 +05:30
b04af61a4b
Add SFO3 region for DO. Also update e2e tests to use the full list of supported zones
2021-01-22 21:19:30 +05:30
9e0bd463ad
Fix phony make target for setting up kubetest2
2021-01-22 07:04:23 -06:00
7c93c3e7b1
Merge pull request #10632 from hakman/kubetest2-validation-timeout
...
kubetest2 - increase validation timeout for the upgrade scenario
2021-01-21 22:49:28 -08:00
f124a19740
kubetest2 - increase validation timeout for the upgrade scenario
2021-01-22 07:35:19 +02:00
a466832896
Merge pull request #10631 from rifelpet/kubetest-upgrade
...
Fix unbound variable in upgrade scenario script
2021-01-21 18:25:26 -08:00
17eed0ead2
Fix unbound variable in upgrade scenario script
2021-01-21 14:58:02 -06:00
43d294f4bd
Merge pull request #10628 from rifelpet/kubetest-upgrade
...
Ensure SpecOverrideFlag is set in upgrade test
2021-01-21 10:03:03 -08:00
aa47981f07
Ensure SpecOverrideFlag is set in upgrade test
2021-01-21 11:21:43 -06:00
def4bcffa6
Merge pull request #10626 from rifelpet/kubetest-upgrade
...
kubetest2 - update the skip regex for the upgrade scenario
2021-01-21 04:57:01 -08:00
127d3bb712
kubetest2 - update the skip regex for the upgrade scenario
2021-01-21 06:17:37 -06:00
d889d61ddb
Set default IMDS v2 to "required" for instances in AWS
2021-01-21 11:35:41 +02:00
c8a9b2fb3e
Set default volume encryption to "true" for instances in AWS
2021-01-21 11:27:02 +02:00
18bb14ffed
Set default volume type to "gp3" for instances in AWS
2021-01-21 11:27:02 +02:00
6da7c2ac33
kubetest 2 - fix parsing of k8s version semver values
...
it turns out "v1.2.3" parses as a URL, so try parsing values as a semver first before URL
2021-01-20 21:46:27 -06:00
631e0fe235
Add support for specifying a kubernetes version marker file
2021-01-20 19:18:55 -06:00
c5664f7363
kubetest2 upgrade script - PATH needs to be a directory
...
another attempt at fixing https://prow.k8s.io/view/gcs/kubernetes-jenkins/logs/e2e-kops-aws-misc-upgrade/1351855654456791040
2021-01-20 06:21:24 -06:00
90a15a7977
Set --ssh-{private,public}-key-path defaults in all kubetest2-kops commands
...
Previously the default was only used in invocations using --up.
2021-01-19 22:10:01 -06:00
9e6218bcb4
Use kops binary built by kubetest2-kops in upgrade script
2021-01-19 22:07:11 -06:00
53c80ebae3
Merge pull request #10602 from justinsb/terraform_renamed
...
Require KOPS_TERRAFORM_0_12_RENAMED, to guard against tf breakage
2021-01-19 00:05:46 -08:00
3799d135a3
Fix tests and spelling
2021-01-19 09:06:02 +02:00
c2bfc3b2ac
update skip listo
2021-01-18 22:39:58 -06:00
9b7f3fb54e
Use calico in upgrade test
2021-01-18 21:37:59 -06:00
18c684590f
Temporarily set kops-version-marker on presubmit job
...
This should have kubetest use the kops binary and base url used in periodic jobs rather than building it using the PR's HEAD
2021-01-18 21:37:59 -06:00
2235496423
revert kubernetes version marker support in upgrade test
2021-01-18 21:33:10 -06:00
3d31c1aa11
Add --kops-version-marker for specifying an existing kops version to download
...
This allows us to use kubetest2-kops in periodic jobs without rebuilding kops every time
2021-01-18 21:33:10 -06:00
0ca76f91f8
Move http utils to pkg/util
2021-01-18 21:11:02 -06:00
3f0fb7f80d
Only require --kubernetes-version for --up not --test
2021-01-18 20:57:47 -06:00
2d365b4543
Add --networking flag
2021-01-18 20:56:52 -06:00
470ff01ec0
Merge pull request #10600 from rifelpet/kubetest-upgrade
...
Provide required --kubernetes-version flags to kubetest2-kops --up
2021-01-18 08:59:44 -08:00
6f2260bee4
Provide required --kubernetes-version flags to kubetest2-kops --up
...
Also use version markers rather than hard-coded patch versions
Also dropping the --kubenretes-version requirement for kubetest2-kops --test because it is never used. Initially I was thinking we could use it to determine the e2e.test version to pull down but the ginkgo tester has its own --test-package-* flags for that. Perhaps in the future we can consolidate them into just the --kubernetes-version flag
Hoping to fix this periodic job: https://prow.k8s.io/view/gcs/kubernetes-jenkins/logs/e2e-kops-aws-misc-upgrade/1351188585260257280
```
Error: missing required --kubernetes-version flag
```
No
2021-01-18 10:19:28 -06:00
337c9c4c66
Set default container runtime to containerd
2021-01-16 14:55:35 +00:00
b0cb0c77d4
Update integration tests for "update cluster"
2021-01-15 15:51:02 +02:00
19514f431c
Update integration tests for "create cluster"
2021-01-15 15:40:33 +02:00
65ebf4760d
Update integration test for gp3 with etcd volumes
2021-01-15 09:53:10 +02:00
e20900a2de
Add CF integration test for gp3 volumes
2021-01-15 09:53:10 +02:00
d441149cd0
Merge pull request #10575 from srikiz/DO-Add-E2E-Tests
...
[DigitalOcean] add e2e tests
2021-01-14 06:39:04 -08:00
afbd057286
Use consistent naming for the remaining SGRs
2021-01-14 12:57:33 +01:00
6eda2a4d7f
Update tests/e2e/kubetest2-kops/do/zones.go
...
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
2021-01-14 13:40:05 +05:30
59c312ff5f
Give kubetest2 its own makefile
...
Use GOOS and GOARCH for running the kops binary
Also try deploying and testing against k8s 1.20.2
2021-01-13 21:59:15 -06:00
d2aa454465
Add zones for DO
2021-01-14 01:24:50 +05:30
8e5f71702d
Merge pull request #10559 from rifelpet/kubetest2-tester
...
kubetest2 - Add manifest template support
2021-01-13 10:50:36 -08:00
09bf333433
Merge pull request #10567 from rifelpet/nlb-listener-order
...
Fix NLB listener -> target group association for TF & CF
2021-01-13 01:04:35 -08:00
580d73bdc7
Fix NLB listener -> target group association for TF & CF
...
The old code made the incorrect assumption that the NLB's list of TargetGroup tasks is in the same order as the NLB's list of listeners for their associations.
Because the model adds them in opposite orders this resulted in the TLS listener being forwarded to the TCP TG and vice versa.
This updates the terraform and cloudformation generation code to search the NLB's list of target groups by name for the target group that should be associated with the listener.
This matches the logic used in the "direct" target.
2021-01-12 23:21:55 -06:00
2cff487a6d
export admin credentials after creating cluster
2021-01-12 22:52:09 -06:00
cef43d2002
Use kops create -f for creating clusters via manifest
2021-01-12 19:58:58 -06:00
a8d709acf2
Default cgroup driver to systemd from k8s 1.20
...
Currently, kOps uses cgroupfs cgroup driver for the kubelet and CRIs. This PR defaults
the cgroup driver to systemd for clusters created with k8s versions >= 1.20.
Using systemd as the cgroup-driver is the recommended way as per
https://kubernetes.io/docs/setup/production-environment/container-runtimes/
2021-01-12 20:39:25 +05:30
196e678205
kubetest2 - Add manifest template support
...
I'm updating the test-e2e make target as I go to make the presubmit job use it but soon I'll work on how we'll actually configure and invoke kubetest2 from our variety of jobs
2021-01-11 21:53:21 -06:00
f671acc5d6
Use anonymous struct for wrapping ginkgo.Tester
2021-01-10 18:41:40 -06:00
720dcb6428
Add troubleshooting statements
2021-01-10 18:41:40 -06:00
5074f327a2
Ensure pretestSetup is ran
...
I was wrapping the ginkgo tester functions in a way that pretestSetup was never actually being called
2021-01-10 11:34:40 -06:00
1ffc565526
Fix kubectl PATH element, add logging verbosity
2021-01-10 11:18:38 -06:00
17468d496f
Kubetest2 - use our own tester that wraps kubetest2's ginkgo tester
...
This allows us to share tester flags (package version and bucket) for downloading kubectl while passing them to the ginkgo tester
2021-01-09 23:44:26 -06:00
7df2521a09
Merge pull request #10523 from justinsb/test_upgrade
...
Simple upgrade test using kubetest2 framework
2021-01-09 15:51:05 -08:00
116f81c5c9
Simple upgrade test using kubetest2 framework
...
Starting very simple and hard-coded!
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
2021-01-09 17:06:08 -05:00
b04b5f556c
kubetest2: support specifying admin-access value
...
Otherwise I was getting my IPv6 address, which doesn't work well.
2021-01-09 13:12:37 -05:00
d0d41fa649
Rebase deployer changes
2021-01-09 00:45:29 +05:30
6e507478b5
Add DO for e2e tests
2021-01-08 23:58:19 +05:30
2b3a8f133e
Add control-plane node role annotation to cp nodes
...
Update docs/releases/1.20-NOTES.md
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
2021-01-08 12:39:42 +01:00
0ca0e38518
Merge pull request #10424 from rifelpet/ebs-tf-012
...
Don't allow ebs volume TF resource names to begin with digit
2021-01-05 09:19:58 -08:00
2e202badc5
Merge pull request #10361 from hakman/single-az-multi-master
...
Prefix etcd cluster names with letters
2021-01-05 07:51:58 -08:00
551a805ebd
Merge pull request #10530 from hakman/gp3-throughput
...
Add possibility to set volume throughput for gp3 volumes
2021-01-05 04:53:58 -08:00
a7bb949936
Add possibility to set volume throughput for gp3 volumes
2021-01-05 13:18:32 +02:00
a15957da2f
IRSA - continue adding route53 permisions to masters
...
These are needed by protokube to create the kops-controller DNS record to allow nodes to bootstrap.
See these logs: https://storage.googleapis.com/kubernetes-jenkins/logs/e2e-kops-grid-scenario-public-jwks/1345956556562239488/artifacts/ip-172-20-48-1.sa-east-1.compute.internal/protokube.log
```
I0104 05:03:51.264472 6482 dnscache.go:74] querying all DNS zones (no cached results)
I0104 05:03:51.264570 6482 route53.go:53] AWS request: route53 ListHostedZones
W0104 05:03:51.389485 6482 dnscontroller.go:124] Unexpected error in DNS controller, will retry: error querying for zones: error querying for DNS zones: AccessDenied: User: arn:aws:sts::768319786644:assumed-role/masters.e2e-kops-scenario-public-jwks.test-cncf-aws.k8s.io/i-05b1db10d1a5b8637 is not authorized to perform: route53:ListHostedZones
```
and the nodeup logs on nodes that couldn't join the cluster:
```
Jan 04 04:55:53.500187 ip-172-20-38-84 nodeup[2070]: W0104 04:55:53.500117 2070 executor.go:131] error running task "BootstrapClient/BootstrapClient" (9m52s remaining to succeed): Post "https://kops-controller.internal.e2e-kops-scenario-public-jwks.test-cncf-aws.k8s.io:3988/bootstrap ": dial tcp: lookup kops-controller.internal.e2e-kops-scenario-public-jwks.test-cncf-aws.k8s.io on 127.0.0.53:53: no such host
```
2021-01-04 21:03:53 -06:00
22c5975591
Merge pull request #10519 from seh/restrict-api-server-security-groups-to-masters
...
Only include API server additional security groups in InstanceGroups for masters
2021-01-04 14:15:58 -08:00
137c8368d3
Merge pull request #10524 from justinsb/kubetest2_gce
...
kubetest2: add initial support for GCE
2021-01-04 10:51:56 -08:00
28261a5dcc
kubetest2: Pass through some AWS env vars
...
To run directly, I need to specify AWS_PROFILE.
2021-01-04 11:34:31 -05:00
28184756c3
kubetest2: add initial support for GCE
...
Filling in some of the GCE-equivalents to the AWS code.
2021-01-04 11:32:12 -05:00
76feb2e637
Correct integration test to reflect SG restriction
2021-01-04 08:38:25 -05:00
cf74053426
Dump cluster and IG manifests into artifacts
2021-01-03 21:49:32 -06:00
d8abaa77fd
cleanup some input validation error messages
2021-01-03 19:50:53 -06:00
0ac86d13e3
Support a --kubernetes-version flag that is passed to `kops create cluster`
2021-01-03 19:50:53 -06:00
66fe512b69
Merge pull request #10504 from rifelpet/kubetest2-test
...
Run k/k's e2e suite via new kubetest2 make target
2020-12-31 09:17:51 -08:00
22a9a13abf
Merge pull request #10488 from rifelpet/iam-role-tag
...
AWS IAM Role Tagging
2020-12-29 22:33:48 -08:00
01019f09ed
Update integration tests
2020-12-28 21:11:34 +02:00
66039f150e
Add containerd option for registry mirrors
2020-12-28 19:32:06 +02:00
95b7210e27
Dump cluster logs to artifacts directory
2020-12-28 11:29:39 -06:00
38215210c6
Run k/k's e2e suite via new kubetest2 make target
2020-12-27 13:25:27 -06:00
c02e5a20ea
Remove support for Kubenet with containerd
2020-12-27 18:21:16 +02:00
5406744c55
Update integration test output
2020-12-23 15:13:45 -06:00
ff6a782303
Add config options for container runtime package URL and Hash
2020-12-23 13:29:22 +02:00
eff2af2fe2
Update CNI plugins to v0.8.7
2020-12-21 11:07:57 +02:00
472faf82d2
Drop support for containerd 1.2
2020-12-21 10:08:24 +02:00
d89a7a55ce
Add template function for upgrade version
2020-12-15 09:00:28 +01:00
2b0e84b432
Move mock channel to own package
2020-12-15 08:48:13 +01:00
a5071e08cf
Don't allow ebs volume TF resource names to begin with digit
2020-12-14 23:15:36 -06:00
cebe171805
Explicitly specify http_endpoint in launch_template terraform
...
http_endpoint has to be explicitly specified in the metadata_options block
of the launch template terraform according to issue
https://github.com/hashicorp/terraform-provider-aws/issues/12564
2020-12-10 01:37:15 +05:30
bee16c052d
Merge pull request #10324 from bharath-123/feature/aws-imdv2
...
Add support for AWS IMDS v2
2020-12-07 22:55:11 -08:00
174f405e39
Update expected outputs of integration tests
2020-12-08 07:08:32 +02:00
265bf4d106
Add option for setting the volume encryption key in AWS
2020-12-08 07:08:09 +02:00
ee5d8a3435
update integration tests
2020-12-07 02:57:32 +05:30
e11d934268
Add option to reuse existing Elastic IPs for NAT gateways
2020-12-06 09:37:17 +02:00
82eee758e0
Update expected outputs of integration tests
2020-12-05 05:16:55 +02:00
0f9c0c03ef
Merge pull request #10365 from hakman/test-ha-shared-zone
...
Add integration test for creating an HA cluster in shared zone
2020-12-04 14:15:26 -08:00
ec691116a9
Merge pull request #10357 from rdrgmnzs/gzip-nodeup-heredocs
...
Give users the option to gzip and base64 encode the heredocs in the nodeup.sh user-data
2020-12-04 13:37:38 -08:00
3fb12c66ae
gzip and base64 encode the heredocs in the nodeup.sh portion of user-data
2020-12-04 10:46:18 -08:00
afbb6475fe
Add integration test for creating an HA cluster in shared zone
2020-12-04 20:16:38 +02:00
5ccbcb3056
Merge pull request #10326 from AdamKorcz/fuzz3
...
Add fuzzer and OSS-fuzz build script
2020-12-04 06:57:59 -08:00
5a1f13d123
Added fuzzer to integrate with OSS-fuzz
2020-12-04 10:53:48 +00:00
1b45f876a4
Merge pull request #10335 from hakman/same-tg-multiple-igs
...
Allow attaching same external target group to multiple instance groups
2020-12-02 21:38:59 -08:00
e57cd534b5
Allow attaching same external target group to multiple instance groups
2020-12-03 06:59:59 +02:00
c86e509dbc
Merge pull request #10341 from hakman/docker-19.03.13
...
Update containerd and Docker versions
2020-12-02 04:22:50 -08:00
5510d946e9
Update expected outputs of integration tests
2020-12-02 10:11:27 +02:00
c8b2d7b9cd
update-expected.sh
2020-12-01 22:12:18 -05:00
c9af4de9cf
Remove copywrite from nodeup scripts to reduce the user-data size
2020-11-30 12:49:25 -08:00
e789c24c3a
Merge pull request #10275 from rdrgmnzs/kubeapi-mem-cpu-request-limit
...
Allow setting CPU limit and Mem request / limit for kube API server
2020-11-23 11:23:02 -08:00
da773ba35c
Allow setting CPU limit and Mem request / limit for kube API
2020-11-23 10:03:34 -08:00
d5bee0b867
Update integration test for ExternalLoadBalancers
2020-11-21 21:45:57 +02:00
93dcaddc48
feat(aws): add PolicyNames for ELB to change listener's security policy
2020-11-19 16:07:21 +08:00
4579a1bcdc
Validate external IAM policies
2020-11-12 14:34:35 +02:00
9b3f13d93f
Merge pull request #10151 from hakman/launch-template-versions
...
Use LaunchTemplate versions instead of timestamped LaunchTemplates
2020-11-10 23:23:48 -08:00
e43efbe102
Merge pull request #10157 from rifelpet/acm-nlb
...
Setup a second NLB listener when an AWS ACM certificate is used
2020-11-10 10:36:41 -08:00
0c3e3784c8
Use LaunchTemplate name instead of name_prefix for Terraform
2020-11-09 21:40:36 +02:00
6a57543f6e
Merge pull request #10179 from olemarkus/sgr-consistent-naming
...
Consistent naming of security group rules
2020-11-07 02:07:37 -08:00
fab694d290
Add ability to consistently name sgrs
...
In order to let kops fully control the rules for each security group we need to be able to generate names from the info in AWS. This is similar to the approach we used for openstack
Update pkg/model/firewall.go
Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
2020-11-07 10:27:19 +01:00
54decbc479
Always use TCP health check protocol for target groups
2020-11-06 11:09:38 -06:00
370092cb5a
Update TG ports rather than protocols when adding/removing ACM certs from listeners
...
This also renames the TGs to be more descriptive, with tcp and tls prefixes.
2020-11-06 11:09:38 -06:00
316c1eec8a
Update complex integration test for ACM cert and second listener
2020-11-06 11:09:37 -06:00
a3a0b91b5f
Order policy document sections alphabetically
2020-11-04 16:15:00 +02:00
b5e4b7ad48
Add missing instance monitoring for CF and TF
2020-11-04 16:15:00 +02:00
51e70083f8
Add missing resource names for CF
2020-11-04 16:15:00 +02:00
578920e921
Merge pull request #10162 from rifelpet/nlb-sg
...
Fix additionalSecurityGroups support for NLB
2020-11-03 08:02:16 -08:00
860249f6b7
Fix additionalSecurityGroups support for NLB
...
We were correctly adding the security groups to the master ASGs but identified them incorrectly.
2020-11-03 08:22:24 -06:00
Ole Markus With
Peter Rifel
Kubernetes Prow Robot
Barry Melbourne
Peter Rifel
Ciprian Hacman
Justin SB
Bharath Vedartham
mmerrill3
Timothy Clarke
MoShitrit
Alexander Block
Steven E. Harris
Ciprian Hacman
srikiz
Rodrigo Menezes
AdamKorcz
Frank Yang