kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,946 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

54 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 9bc1c0ed77
Merge pull request #10477 from justinsb/refactor_gce_instancetemplate 
Refactor GCE InstanceTemplate
 2020-12-21 17:48:28 -08:00
Justin SB 1945a656a0 Remove deprecated ResourceHolder 
Cleaning up what is now dead code.
 2020-12-19 23:15:37 -05:00
Justin SB f12c3f95f8 Refactor GCE InstanceTemplate 
Clearer, and for future cluster-api support.
 2020-12-19 17:14:51 -05:00
Justin SB 45d11ba12c Replace (some) deprecated ResourceHolder with Resource 
This removes more of the deprecated type, but it also simplifies
refactoring the GCE InstanceTemplate.
 2020-12-19 09:51:43 -05:00
Justin SB a61ecf4c58 Refactor to use interface for iam Subjects 
Hat-tip to johngmyers for the idea!
 2020-09-09 09:57:07 -04:00
Justin SB 8498ac9dbb Create PublicJWKS feature flag 
This should be much easier to start and to get under testing; it only
works with a load balancer, it sets the apiserver into anonymous-auth
allowed, it grants the anonymous auth user permission to read our jwks
tokens.  But it shouldn't need a second bucket or anything of that
nature.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-09-09 09:57:06 -04:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
Kubernetes Prow Robot f9262b91e7
Merge pull request #9450 from johngmyers/refactor-apiserver-lb 
Refactor how api-server addresses are exported from tasks
 2020-06-28 22:08:15 -07:00
John Gardiner Myers 86f157fa27 Refactor how api-server addresses are exported from tasks 2020-06-26 21:38:39 -07:00
John Gardiner Myers 013f9bf914 Create bootstrap script in a Task 2020-06-26 19:11:40 -07:00
John Gardiner Myers cef5b175c7 Rename BootstrapScript to BootstrapScriptBuilder 2020-06-26 10:57:36 -07:00
John Gardiner Myers 843e5b9b16 Move GCEServiceAccount into CloudConfig 2020-05-03 20:35:32 -07:00
eric-hole c59314a799 Adds some initial tests. Fixes some logic 
Need to fix service account implementation first

Fixing tests and iterating on the serviceaccount logic

Run the gce_byo_sa test
 2020-04-04 21:20:31 -07:00
eric-hole b3d65ffce0 Adds a gce-service-account flag so you BYO service-account 
Generated code and some cleanup

Not sure where that code went

Tests for service account

fixes case on gceserviceaccount
 2020-04-04 21:15:56 -07:00
eric-hole 1f508e7e17 Tweak the featureflag.GoogleCloudBucketACL.Enabled 2020-03-14 20:47:11 -07:00
Peter Rifel a999b3ea61 fix OWNERS labels format 
These need to be lists
 2020-03-10 22:47:50 -05:00
tanjunchen 52537053cc simplify code and remove unused code 2019-12-17 00:28:35 +08:00
hwdef b0c63b4cd9 pkg: fix static check 2019-10-24 14:16:41 +08:00
Justin SB 728e582360
Fill out kops controller functionality 
k8s 1.16 requires that we move label setting away from the kubelet, to
a central controller.  kops-controller is that controller.
 2019-09-25 12:04:34 -04:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 62f7c26f98
Support "gce" networking mode, which uses ip aliases 2019-07-19 07:54:13 -04:00
Justin SB 76d03b3f71
Generated files: glog -> klog 2019-05-06 12:56:03 -04:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Rohith b1aa7892c7 Launch Template Feature Flag 
- adding a feature flags to allow users to switch over to launch templates completely
 2019-02-26 10:17:10 +00:00
Justin Santa Barbara 168cf56ebe GCE: storage-rw scope for instances that need it 2018-06-14 17:50:26 -04:00
Justin Santa Barbara ba6d14d1a8 GCE: Grant bucket permissions for etcd-manager 
Unfortunately it has to be bucket level, because that is all that GCS
supports.
 2018-06-14 17:50:16 -04:00
Povilas Versockas 8bfa93c304 Add public ssh keys for GCE 2018-04-21 20:15:29 +03:00
Justin Santa Barbara e158f84e9f Set AWS_REGION into bootstrapscript 
Fix #4451
 2018-04-12 17:39:24 -04:00
Justin Santa Barbara 0872cb74d7 Allow GCE network to be reconfigured 2017-12-02 02:43:21 -05:00
chrislovecnm 609e268a1d gazelle updates with new bazel version 2017-11-05 17:41:53 -07:00
chrislovecnm 1e418c3e13 more goimport updates 2017-11-04 10:03:02 -06:00
chrislovecnm 8d1ee1fa16 updating files for goimports 2017-11-01 12:51:43 -06:00
Justin Santa Barbara d1ee8026ac GCE: Tasks for object & bucket level permissions 
We also switch to setting a bucket-level ACL permission, as this
requires less permissions.
 2017-10-29 18:08:08 -04:00
Justin Santa Barbara dbbe3f373b GCE: Set up permissions for cross-project configurations 
This ensures that the cluster can read the kops state store files, even
if the GCS bucket is in a different project.

We automatically set up an IAM access policy that grants access.
 2017-10-28 03:24:18 -04:00
Justin Santa Barbara d71bd09a6c GCE: Limit length of InstanceTemplate 
We explicitly set a separate prefix for the names, and we ensure it is
not too long
 2017-10-10 09:48:38 -04:00
Kubernetes Submit Queue 518e97d97b Merge pull request #3510 from justinsb/bazel 
Automatic merge from submit-queue.

Initial bazel support

Builds on the 1.8 version bump

The "trick" is to strip the BUILD & BUILD.bazel files from the vendor-ed deps.

Will rebase after 1.8 version bump merges.
 2017-10-03 01:19:27 -07:00
Kubernetes Submit Queue 48e61b9523 Merge pull request #3507 from justinsb/gce_rolling_update 
Automatic merge from submit-queue.

rolling-update - initial GCE support
 2017-10-03 00:05:03 -07:00
Justin Santa Barbara 737f2fcd80 rolling-update - initial GCE support 2017-10-02 23:07:35 -04:00
Justin Santa Barbara 0143be7c4f autogen: BUILD and BUILD.bazel 2017-10-02 14:27:21 -04:00
Justin Santa Barbara 66b174321f Cleanup signature of default volume-size method 
Because the default doesn't depend on the user-specified value, it's
misleading to pass it in.
 2017-09-30 21:24:51 -04:00
Justin Santa Barbara 7fd1196708 Add Zones field to InstanceGroup 
The Zones field can specify zones where they are not specified on a
Subnet, for example on GCE where we have regional subnets.
 2017-09-30 19:44:35 -04:00
chrislovecnm c4c63b2b0c using same disk sizes for gce 2017-09-29 16:07:38 -06:00
Justin Santa Barbara ecc78c06bd Create GCE networks in auto mode, not legacy mode 
auto mode allows for conversion to custom mode at the API level, and
legacy mode is deprecated.
 2017-09-23 16:32:52 -04:00
Justin Santa Barbara 1eb2bed921 GCE: Don't open NodePort range to all by default 
We set a redundant SourceTag filter if there are no SourceRanges set.
 2017-09-17 15:22:20 -04:00
Justin Santa Barbara b29f3a7505 Honor ServiceNodePortRange when opening NodePort access 2017-09-15 00:39:41 -04:00
Justin Santa Barbara 9d31ed1b08 nodePortAccess, experimental spec override flag 
This will allow us to set CIDRs for nodeport access, which in turn will
allow e2e tests that require nodeport access to pass.

Then add a feature-flagged flag to `kops create cluster` to allow
arbitrary setting of spec values; currently the only value supported is
cluster.spec.nodePortAccess
 2017-09-04 14:27:31 -04:00
Kashif Saadat e0461b92a9 Add ability to store partial cluster and instancegroup spec in userdata, 
so component config changes are detected and causes nodes to be updated
 2017-08-09 14:15:02 +01:00
Derek VerLee ffa95b8112 Add support for cluster using http forward proxy 2017-08-07 14:30:42 -04:00
Justin Santa Barbara 3dfe48e5ae Wiring up lifecycle 2017-07-15 22:03:54 -04:00
Justin Santa Barbara be9a40e42c Fixes per code review 2017-03-28 00:58:13 -04:00