Automatic merge from submit-queue.
Support for hostPort when using canal
Similar to: https://github.com/kubernetes/kops/pull/3206
Without this, we are unable to get `hostPort` working with `canal`. The same is true for `flannel`, but this does add support for plain flannel.
Automatic merge from submit-queue.
Update Weave Net to version 2.1.3
This version supports 'v1' NetworkPolicy semantics.
Also includes a feature to clear down data for deleted nodes, which is probably the most-requested fix.
Renamed the k8s-1.8 manifest to a k8s-1.7. This is required because of config
change that occurs between k8s 1.6 and k8s 1.7. This refactor will also
be re-used when Calico Kubernetes data source support is added to kops.
Updated bootstrapchannelbuilder with the new Calico version numbers.
* Limit each CNI provider to 100m
* Remove CPU limits - they cause serious problems
(https://github.com/kubernetes/kubernetes/issues/51135), but this also
makes the CPU allocation less problematic.
* Bump versions and start introducing the `-kops.1` suffix preemptively.
* Upgrade flannel to 0.9.0 as it fixes a lot.
Automatic merge from submit-queue.
kube-router: remove beta annotation versions (deprectated in 1.8) of init container
kube-router: remove beta annotation versions (deprectated in 1.8) of init container and move init container to spec section
Automatic merge from submit-queue.
Add Cloud Controller Manager addon
This adds the CCM addon for the Kubernetes cluster.
This is a follow-up PR to https://github.com/kubernetes/kops/pull/3408.
cc @chrislovecnm @andrewsykim
Automatic merge from submit-queue.
Add Calico v2.5 support for Kubernetes v1.8+
Added support for Canal (Calico) v2.5.1, which is required to work with Kubernetes v1.8.0+.
Older versions of Calico relied on ThirdPartyResources API to store it's config data, however this is now fully deprecated in Kubernetes v1.8 and has moved over to CustomResourceDefinitions (CRD). Calico v2.5+ has been updated to use CRD, however there is a manual upgrade process involved to migrate the configuration data across: https://github.com/projectcalico/calico/blob/master/upgrade/v2.5/README.md
including a Weave Net template for Kubernetes 1.7 and above which adds
a volume-mount for the iptables lock file, which avoids collisions
between Weave components and kube-proxy that would result in a
half-configured Weave network.
This is only for version 1.7 and above because it requires the change
in https://github.com/kubernetes/kubernetes/issues/47212
Automatic merge from submit-queue.
Use system:kube-router User for clusterrole binding
Kube-router as it provides service proxy as well, it has a chicken-egg problem (can not
access api server till it can setup service proxy), so service account are not usable. certificate generated for kube-router has CN `system:kube-router`, so user `system:kube-router` need to be given necessary RBAC permissions
Fixes#3463
Automatic merge from submit-queue. .
Add external-dns as addon.
This superseeds route53mapper as it has multicloud support documentation and YAML taken from https://github.com/kubernetes-incubator/external-dns
Automatic merge from submit-queue. .
Support for using hostPort when using calico
For enabling hostPort we need to turn on portmap cni plugin.
In this PR I updated calico and calico-cni images to latest version which already includes the portmap binary, and then I only needed to modify the cni config file to enable it and change its extension from .conf to .conflist.
This is related to:
https://github.com/kubernetes/kops/issues/3132
I think we should do the same for kube-router, flannel and weave (are there any other cni plugin supported by kops?)
Manuel de Brito Fontes
Kubernetes Submit Queue
Justin Santa Barbara
Rajiv Makhijani
Kashif Saadat
Bryan Boreham
Mike Splain
chrislovecnm
Caleb Gilmour
Tom Denham
marshallbrekka
Giacomo Tagliabue
Manatsawin Hanmongkolchai
wlan0
Bryan Boreham
Murali Reddy