kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,946 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

52 Commits

Author SHA1 Message Date
Ole Markus With 2659a30280 Make get instances respect needs-update annotation 
Make it possible for addons to set needs-update annotation

Use onDelete update strategy for cilium and set needs-update annotation

Rename node roles
 2020-11-16 08:26:17 +01:00
John Gardiner Myers 2ac17bee69 Remove code for no-longer-supported k8s releases 2020-10-29 16:45:53 -07:00
AkiraFukushima 541dd7ee14 Fix cilium template by specifying boolean as a string for enable-metrics 2020-10-24 21:03:06 +09:00
Kubernetes Prow Robot 13cbd84886
Merge pull request #9967 from olemarkus/cilium-hubble-pointer 
Cilium hubble pointer
 2020-09-30 12:36:54 -07:00
Alexander Block 1bd219f790 Add missing permissions for cilium-operator 
These became required a few cilium versions ago.
 2020-09-22 16:19:07 +02:00
Ole Markus With b9111c78e7 Make hubbleSpec into a pointer 2020-09-18 09:23:52 +02:00
Ole Markus With 263172caac Use new templates for cilium 1.8 2020-07-03 07:56:35 +02:00
Ole Markus With 51235b2edc Deploy cilium etcd credentials if the cilium cluster exists 2020-06-27 07:11:19 +02:00
Ole Markus With e09365b6c2 Validate cilium version 2020-06-11 07:38:14 +02:00
Ole Markus With 39751cfe63 Set cilium defaults in code 2020-06-11 07:38:13 +02:00
Kubernetes Prow Robot c6dcaa8199
Merge pull request #9154 from MoShitrit/issue-9031 
Add support for encryption in Cilium
 2020-06-04 03:11:15 -07:00
Ole Markus With 972d7a3509 Don't make it possible to toggle ipv4/6. We only support ipv4 anyway 2020-06-03 06:58:13 +02:00
MoShitrit 316a0e2b00 Adding encryption support for Cilium 
Adding support for 'secret-name' flag

Adding instructions to enable encryption

Updating docs for cli

Addressing comments

Adding ciliumpassword subcommand to 'kops create secret'

Updating command to generate ciliumpassword secret
 2020-05-25 01:54:24 -04:00
Ole Markus With 7c49f283c4 Bump cilium to 1.7.3 2020-04-30 07:29:22 +02:00
Ole Markus With 3e3b2019dc Bump cilium to 1.7.2 2020-04-25 19:39:40 +02:00
Ole Markus With 869ab75dea Use etcd-manager for the cilium etcd cluster 2020-04-16 08:42:59 +02:00
Ole Markus With 7e87eddbea Make cilium operator health check go against localhost IP 
Health check will fail otherwise
 2020-03-25 08:38:47 +01:00
fentas 49b18cd3f7 Add cilium option tofqdns-dns-reject-response-code 2020-03-21 16:52:08 +01:00
Ole Markus With e77a7d495c Allow configuration of enable-remote-node-identity 2020-03-19 09:48:59 +01:00
John Gardiner Myers 63ccaa14d6 Add missing priorityClassName to addons 2020-03-15 13:51:10 -07:00
Kubernetes Prow Robot 88600407f4
Merge pull request #8629 from olemarkus/cilium-etcd-operator 
Add option to use etcd managed by cilium-etcd-operator as kvstore
 2020-03-14 17:18:34 -07:00
Ole Markus With 0c27aa3ce8
Update upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.12.yaml.template 
Co-Authored-By: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-03-14 21:44:44 +01:00
Ole Markus With a98666d05a Set kube-proxy-replacement to partial 
Fully relying on kube-proxy breaks network policies.
Setting kube-proxy-replacement to partial instead of disabled makes
cilium behave as in 1.6.
 2020-03-14 08:38:41 +01:00
Ole Markus With e5ecce6edb Remove conditional with only comments 2020-03-13 20:17:42 +01:00
Ole Markus With 2274045924 Add option to use etcd managed by cilium-etcd-operator as kvstore 2020-03-13 20:17:42 +01:00
Ole Markus With e92e70c7d0 When nodeport is enabled, use strict kube-proxy-replacement to ensure cilium fully replaces kube-proxy 2020-03-10 18:05:44 +01:00
Ilya Dmitrichenko c304d221a6
Bump Cilium to 1.7.1 for k8s 1.12+ 2020-03-10 11:05:12 +00:00
Ole Markus With 84837a81a4 Fix typo in the cilium default version 2020-02-20 08:07:07 +01:00
Ole Markus With d0d833144d Bump Cilium to 1.7 for k8s 1.12+ 
Cilium 1.7 requires K8s 1.12 minimum. Changed the templates so that we
can have different cilium versions for different k8s versions.

This also mean that this addon will behave similar to other addons wrt
upgrades. Cilium used to add a fixed version to the cluster spec on cluster creation so
upgrades were slightly more manual. Now, for new clusters, upgrades will
happen implicitly with kops updates unless the .Version is added
manually to the cluster spec.
 2020-02-19 18:26:07 +01:00
Ole Markus With ced8f00201 Add option to use ENI as IPAM mode for Cilium 
* Force cilium-operator run on master nodes
* Add option for setting cilium ipam mode
* If cilium ipam mode is eni, add additional permissions to master nodes
* Allow NonMasqueradeCIDR overlap with NetworkCIDR when Cilium ENI is enabled
 2020-02-16 19:11:01 +01:00
Ole Markus With eee672f293 Fixes some issues with running Cilium nodeport 
* Cilium need to talk to the internal cluster API on  public IPs instead of the internal service
* Tell people explicitly they have to disable kubeproxy so it won't conflict with nodeport
 2020-02-11 10:14:59 +01:00
Ole Markus With eed15b471a Make it possible to enable Prometheus metrics for Cilium 2020-02-03 19:11:34 +01:00
David Dyball cd470b1487 Cilium - Add missing Identity Allocation Mode to Operator Template 2020-01-30 14:33:08 +00:00
John Gardiner Myers 38aafc7cdc Add missing priorityClassName for critical pods 2020-01-21 21:03:07 -08:00
Ole Markus With 5a5508aa37 Add Cilium.EnablePolicy back into templates 
This may have dropped out when we bumped Cilium to 1.6
It is possible to set this value in the cluster spec, but it isn't used anywhere
 2020-01-21 08:11:04 +01:00
tanjunchen 3aa31b6d5f remove the repeat word 2019-10-02 11:05:49 +08:00
Ole Markus With 28584a5207 Disable wait-for-bpf 
The addon is applied automatically, while bpf is mounted on nodeup. So updating cilium will
make cilium hang until the nodes are rolled. There is no need for this flag to be true
since bpf will anyways be available after roll.
 2019-09-21 14:23:09 +02:00
Ole Markus With 10f40d5d32 Add networking label to all cilium resources 2019-09-21 14:23:08 +02:00
Maciej Kwiek 7fd24b9417 Fix remaining Cilium manifests and update hashes 
Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
 2019-09-16 16:49:36 +02:00
Ole Markus With 2ad696372d Sync the cilium-operator ClusterRole with quick-start.yaml 2019-09-16 16:49:36 +02:00
Ole Markus With e7ff69a4a3 Mount BPF for cilium as part of nodeup instead of using a daemonset 2019-09-16 16:49:36 +02:00
Maciej Kwiek 004cc3cf5c Add configuration options for Cilium 1.6 
Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
 2019-09-16 16:49:26 +02:00
Maciej Kwiek 74e10dadec Change Cilium templates to standalone version 
This commit doesn't include any Cilium configuration, just takes the
quick install yaml from
https://github.com/cilium/cilium/blob/v1.6.0/install/kubernetes/quick-install.yaml

Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
 2019-09-12 17:23:50 +02:00
Jordan Liggitt 9a06ff550c Update 1.12 addons to use apps/v1 2019-02-20 09:21:22 -05:00
Jordan Liggitt 3cef342dbe Copy latest addons to 1.12 2019-02-20 09:20:01 -05:00
Rodrigo Chacon dc2b6bef07
cilium: Fix Prometheus serve addr flag 2018-10-22 23:58:12 -03:00
Joe Hohertz 46d36823c0 Update tolerations in Cilium spec so the pods can run on all nodes 2018-09-18 13:24:16 -04:00
Maciej Kwiek e1a0f4a73e Etcd TLS support for Cilium 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-06-20 14:27:24 +02:00
Maciej Kwiek ca52ad5685 More configuration options for cilium 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-06-15 11:48:12 +02:00
Maciej Kwiek 0c987d4dbd Bump Cilium version 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-05-30 12:26:16 +02:00