This patch updates the `kops rolling-update` command which should be
run after making changes to the API server topology.
Signed-off-by: M S Vishwanath Bhat <msvbhat@gmail.com>
This adds a well-known secret name `nodedockercfg` which will automatically
be used if present to create /root/.docker/config.json on all nodes. This will
allow private registries to be used for kops hooks as well as any k8s images
without the need to define `imagePullSecrets` in every namespace.
closes https://github.com/kubernetes/kops/issues/2505
Automatic merge from submit-queue
Striking unnecessary conversion-gen instruction
Spoke with @chrislovecnm about this. go2idl is installed out of vendor/k8s.io/kubernetes/cmd/libs/go2idl/conversion-gen in the Makefile. It is not necessary to install it explicitly and the current instruction is incorrect.
- fixed any of the vettting / formatting issues that i'm came across on the update
- removed the commented out lines from the componentconfig as it make its increasingly difficult to find what is supported, what is not and the difference between them.
- added SerializeImagePulls, RegisterSchedulable to kubelet (by default they are ignored)
- added FeatureGates to the kube-proxy
Out of interest can someone point me to where these multi-versioned componentconfig are being used?
Automatic merge from submit-queue
Node Secrets
As present a number of secrets are downloaded to the /src/kubernetes directory regardless of role (master, node). This limits the the node role to only donwload the ca.crt. The rest are for master nodes only
- removes basic_auth.csv, ca.key, known_tokens.csv, server.cert and server.key leaving only the ca.crt
```shell
core@ip-10-250-33-77 /srv/kubernetes $ ls
basic_auth.csv ca.crt ca.key known_tokens.csv server.cert server.key
```
relates to https://github.com/kubernetes/kops/issues/2832
Amazon's dhcp service supports returning a space separated list of
hostnames. This patch makes sure to split the domains first before
picking the hostname override.
Closes#3060.
As present a number of secrets are downloaded to the /src/kubernetes directory regardless of role (master, node). This limits the
the node role to only donwload the ca.crt. The rest are for master nodes only
- removes basic_auth.csv, ca.key, known_tokens.csv, server.cert and server.key leaving only the ca.crt
Automatic merge from submit-queue
Updating flannel to use RBAC in 1.6 so its not broken when deploying
Should address: https://github.com/kubernetes/kops/issues/2863
Clusters spawned with --networking=flannel and --autorization=rbac aren't functional as we are missing the ClusterRole and ClusterRoleBinding
Automatic merge from submit-queue
Fix migration script to take ipip mode into account
Fixes#3018. Thank you @blakebarnett for the report!
The migration manifest was assuming that everyone was using cross-subnet mode, which is a big no-no. :(
This script removes the cross-subnet line from the manifest file if `crossSubnet` is not set to be `true`.
Once merged, people will be able to pull the latest version without a release since the migration README points to master for the script.
Markus Padourek
Kubernetes Submit Queue
Justin Santa Barbara
Ionut Craciunescu
Paul Capestany
Igor Canadi
M S Vishwanath Bhat
Blake
AlexB138
Rohith
Erick Tryzelaar
Jean-Pierre Huynh
Alexander Brandstedt
chrislovecnm
craigmonson