kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,015 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Rohith c8e4a1caf8 Kubernetes Calico TLS 
The current implementation when Etcd TLS was added does not support using calico as the configuration and client certificates are not present. This PR updates the calico manifests and adds the distribution of the client certificate
 2018-02-14 23:41:45 +00:00
Albert c52472cfa8 Add support for cn-northwest-1. 2017-12-27 15:37:09 +08:00
chrislovecnm 2e6b7eedb9 Revision to IAM Policies created by Kops, and wrapped in Cluster Spec 
IAM Legacy flag.
 2017-09-15 08:05:23 +01:00
Justin Santa Barbara 3dfe48e5ae Wiring up lifecycle 2017-07-15 22:03:54 -04:00
Justin Santa Barbara bde69b5b3e Rename RoleType to ExportWithID in IAMRole 
Tweaks for #2508
 2017-05-16 10:21:11 -04:00
Pierre-Alexandre St-Jean 347dccfa25 Added instance role as terraform output 
Added:
- Instance role name
- Instance role arn

as terraform outputs, this can then be references later on to
use as sts:assume role, create after this one
 2017-05-05 16:21:43 -04:00
Justin Santa Barbara 864a999602 Fix automatic private DNS zone creation 
We have to defer creation of the IAM policy until we have created the
hosted zone.

Fix #2444
 2017-04-29 17:01:18 -04:00
Jakub Paweł Głazik cd795d0c8c Resolve DNS Hosted Zone ID while building IAM policy 
Fixes #1949
 2017-02-23 11:45:58 +01:00
Justin Santa Barbara 2bfed0d2b1 Remove additional IAM policies that have been removed 
This uses an explicit deletion approach, where we set the policy to
empty, and use that to signal that the policy should be deleted.  This
is acceptable because IAM policies can't be empty anyway.

We probably should use a tag-based "garbage-collection" approach, but
IAM objects can't be tagged, so we're pretty much always going to be
doing something name based.

Fix #1642
 2017-01-31 10:46:45 -05:00
Justin Santa Barbara 4c92aa558f Attach additional IAM policies to same role 2017-01-30 09:52:48 -05:00
Yissachar Radcliffe 1981f42e69 Format 2017-01-11 11:05:36 -05:00
Yissachar Radcliffe 773335e342 Create separate IAM policies instead of editing existing one 2017-01-11 11:05:36 -05:00
Justin Santa Barbara 50296f1a30 Fix file headers 2016-12-19 00:23:20 -05:00
Justin Santa Barbara fed68310fa Schema v1alpha2 
* Zones are now subnets
* Utility subnet is no longer part of Zone
* Bastion InstanceGroup type added instead
* Etcd clusters defined in terms of InstanceGroups, not zones
* AdminAccess split into SSHAccess & APIAccess
* Dropped unused Multizone flag
 2016-12-18 21:56:57 -05:00