kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,395 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1529 Commits

Author SHA1 Message Date
John Gardiner Myers 9cb7e75be5 Implement completion for "kops create instancegroup" 2021-07-08 12:26:14 -07:00
John Gardiner Myers ae9c7a66e7 Implement remaining completion for "kops create cluster" 2021-07-08 06:04:27 -07:00
John Gardiner Myers 6d16c13f24 Implement some completion for "kops create cluster" 2021-07-06 08:16:44 -07:00
John Gardiner Myers dbf4f23654 Fix completion of instancegroups when cluster argument provided 2021-07-06 07:36:54 -07:00
John Gardiner Myers 13bfa283cf Implement completion for "kops create -f" 2021-07-06 07:36:54 -07:00
Kubernetes Prow Robot 7a22c9c5fa
Merge pull request #11935 from olemarkus/manyaddons-no-oidc 
Remove unused golden files from manyaddons test
 2021-07-06 01:36:18 -07:00
Kubernetes Prow Robot 97cd19f2fd
Merge pull request #11927 from johngmyers/complete-validate 
Implement completion for validate and upgrade
 2021-07-06 00:54:18 -07:00
Ole Markus With 735d9a898c Remove unused golden files from manyaddons test 2021-07-06 08:52:56 +02:00
Kubernetes Prow Robot 118c9d7b61
Merge pull request #11932 from johngmyers/remove-dead-files 
Remove obsolete files
 2021-07-05 23:50:18 -07:00
John Gardiner Myers 9c83afb739 Remove obsolete files 2021-07-05 23:11:17 -07:00
John Gardiner Myers abf8e268cd Implement completion for "kops upgrade cluster" 2021-07-05 11:26:33 -07:00
John Gardiner Myers dedf53fd16 Implement completion for "kops validate cluster" 2021-07-05 11:26:33 -07:00
John Gardiner Myers 4771f606a0 Implement completion for "kops update cluster" 2021-07-05 09:18:37 -07:00
John Gardiner Myers e7407b1b56 Clean up "kops version" 2021-07-05 09:18:37 -07:00
Kubernetes Prow Robot 0e351edb4c
Merge pull request #11924 from johngmyers/more-completions 
Implement completion for "kops rolling-update cluster"
 2021-07-05 02:48:55 -07:00
John Gardiner Myers 75f3974f47 Use all-caps for metasyntactic arguments 2021-07-03 23:00:41 -07:00
John Gardiner Myers e3451030ff Implement completion for "kops rolling-update cluster" 2021-07-03 22:57:15 -07:00
John Gardiner Myers ba7641b97d Include completion descriptions for keypairs 2021-07-03 19:52:53 -07:00
John Gardiner Myers 921d09523e Rename the "ca" keyset to "kubernetes-ca" 2021-07-03 17:33:13 -07:00
Kubernetes Prow Robot f66081b414
Merge pull request #11904 from johngmyers/get-keypairs-times 
Improve "kops get keypairs"
 2021-07-02 04:58:12 -07:00
Kubernetes Prow Robot 6689850ebc
Merge pull request #11906 from johngmyers/refactor-aggregator 
Refactor apiserver-aggregator-ca
 2021-07-01 23:32:13 -07:00
John Gardiner Myers 1e0c6cb1aa Refactor apiserver-aggregator-ca 2021-07-01 22:25:47 -07:00
John Gardiner Myers 52fd5ac51a Use Cobra's built-in completion command 2021-07-01 13:04:39 -07:00
John Gardiner Myers d0f20f367d Improve "kops get keypairs" 2021-07-01 08:05:07 -07:00
Kubernetes Prow Robot 39b67210f8
Merge pull request #11897 from johngmyers/refactor-etcd-ca 
Refactor etcd-clients-ca keyset for api-server
 2021-06-30 23:37:55 -07:00
John Gardiner Myers ac1cf0b0ee Implement completion for "kops distrust keypair" 2021-06-30 21:25:47 -07:00
John Gardiner Myers 3de05a500e Refactor etcd-clients-ca keyset for api-server 2021-06-30 18:55:30 -07:00
Kubernetes Prow Robot 6e9b108d16
Merge pull request #11892 from johngmyers/complete-promote 
Implement completion for "kops promote keypair"
 2021-06-29 20:43:03 -07:00
John Gardiner Myers d8e592c421 Implement completion for "kops promote keypair" 2021-06-29 19:47:05 -07:00
Kubernetes Prow Robot 52afacd05c
Merge pull request #9621 from johngmyers/tf-managed 
Render managed files with Terraform
 2021-06-29 19:27:03 -07:00
John Gardiner Myers 22b8ad2d48 Implement completion for "kops create keypair" 2021-06-28 23:26:47 -07:00
John Gardiner Myers 3981711af8 Adjust integration tests 2021-06-28 13:48:34 -07:00
Kubernetes Prow Robot 1bed90a030
Merge pull request #11877 from johngmyers/rotate-cilium 
Allow rotation of etcd-clients-ca-cilium
 2021-06-28 10:42:08 -07:00
Kubernetes Prow Robot ee048e89e7
Merge pull request #11872 from johngmyers/refactor-serviceaccount 
Refactor nodeup APIServer builder, part one
 2021-06-28 10:42:01 -07:00
Ciprian Hacman c8860412f0 Add support for darwin/arm64 on the client-side 2021-06-28 10:18:28 +03:00
John Gardiner Myers 26a5aa179b Improve completion for kops root command 2021-06-27 21:51:15 -07:00
John Gardiner Myers 97583261f8 Allow rotation of etcd-clients-ca-cilium 2021-06-27 12:49:08 -07:00
John Gardiner Myers 3caa6ef5b8 Improve "kops distrust keypair" command 2021-06-27 11:16:34 -07:00
Kubernetes Prow Robot 61778b1fd9
Merge pull request #11845 from johngmyers/mark-deleted 
Retain deleted keypairs
 2021-06-27 10:11:24 -07:00
John Gardiner Myers e1df9f09dd Refactor service-account public keys 2021-06-27 08:45:06 -07:00
Kubernetes Prow Robot 22c11c10f1
Merge pull request #11848 from johngmyers/cilium-etcd-client 
Refactor etcd-client-cilium secrets
 2021-06-27 04:01:24 -07:00
John Gardiner Myers 4a47614e62 Simplify config server protocol 2021-06-26 09:56:47 -07:00
John Gardiner Myers 2faf28379a Refactor etcd-client-cilium secrets 2021-06-25 23:57:23 -07:00
John Gardiner Myers 1752f0f4db Move most of nodeup.Config out of userdata 2021-06-25 22:25:49 -07:00
Ole Markus With 0588986841 Make it simpler to spot missing files in integration tests 2021-06-25 13:25:32 +02:00
John Gardiner Myers cd48f10de5 Rename "kops delete keypair" to "kops distrust keypair" 2021-06-24 19:19:43 -07:00
John Gardiner Myers 584aa56b6b Retain deleted keypairs 2021-06-24 19:03:29 -07:00
Kubernetes Prow Robot d5119c0338
Merge pull request #11833 from johngmyers/update-on-primary-change 
Mark nodes NeedsUpdate when keys they use change
 2021-06-22 08:11:58 -07:00
Kubernetes Prow Robot d869f2d5ea
Merge pull request #11835 from johngmyers/promote 
Add 'kops promote keypair' command
 2021-06-22 00:31:57 -07:00
Kubernetes Prow Robot 364fe4ca86
Merge pull request #11708 from johngmyers/refactor-assets 
Limit concurrency of asset copy tasks
 2021-06-21 23:13:58 -07:00
John Gardiner Myers 5423e18b56 Add 'kops promote keypair' command 2021-06-21 20:58:51 -07:00
John Gardiner Myers d5cea85f7c Use stable keyset IDs 2021-06-21 16:10:06 -07:00
John Gardiner Myers ca8c6d6828 Extract duplicated code to method 2021-06-21 13:35:33 -07:00
John Gardiner Myers c904c743da Remove 'kops import' 2021-06-21 07:34:29 -07:00
John Gardiner Myers 002a1f7fd3 Remove 'kops toolbox convert-imported' 2021-06-21 07:34:29 -07:00
Kubernetes Prow Robot ab0ee8a2a9
Merge pull request #11823 from johngmyers/get-keypairs-2 
Improve the output of 'kops get keypairs'
 2021-06-21 02:19:10 -07:00
Kubernetes Prow Robot 21488a164d
Merge pull request #11822 from johngmyers/rotate-issue 
Support creating new service-account keypairs
 2021-06-21 01:32:59 -07:00
Kubernetes Prow Robot eb7ba5e943
Merge pull request #9229 from johngmyers/version-fullcluster 
Put versioned API of cluster into state store
 2021-06-21 01:32:52 -07:00
John Gardiner Myers 1ed3619362 Improve the output of 'kops get keypairs' 2021-06-20 15:51:09 -07:00
John Gardiner Myers 12d536d3a3 Refactor 'kops delete keypair' 2021-06-20 15:09:15 -07:00
John Gardiner Myers 896330be88 Create fi.NewKeyset() 2021-06-20 14:09:46 -07:00
John Gardiner Myers 3ca8b95005 Support creating new service-account keypairs 2021-06-20 14:09:24 -07:00
John Gardiner Myers bf5176e1bf Remove create_keypair.go to make following diff readable 2021-06-20 14:06:44 -07:00
Ciprian Hacman e347841aa3 Add integration test for Warm Pool images 2021-06-20 23:01:52 +02:00
Kubernetes Prow Robot e4eff07c81
Merge pull request #11809 from johngmyers/rotate-5 
Include multiple cluster CAs in trust stores
 2021-06-20 13:20:51 -07:00
John Gardiner Myers 72ba687744 Split out get, describe, and delete keypairs commands 2021-06-19 13:36:11 -07:00
John Gardiner Myers c337d217ba Refactor kops-controller to use FindPrimaryKeypair and use consistent filenames 2021-06-19 10:56:29 -07:00
John Gardiner Myers 07474c6d30 Fix CA keys for all integration tests 2021-06-19 10:50:53 -07:00
Ole Markus With 507402e315 Fail early if policy size is too large 
This will then also be caught by integration tests
 2021-06-19 10:04:11 +02:00
John Gardiner Myers 42dc659aaa Allow "create keypair ca" to omit certificate 2021-06-18 10:41:54 -07:00
John Gardiner Myers ae6950711f Allow omitting private key for secondary certs 2021-06-18 10:41:40 -07:00
John Gardiner Myers af74e75382 Allow adding secondary keyset items 2021-06-18 10:41:37 -07:00
John Gardiner Myers 9861009759 Extract receiver for keyset item addition 2021-06-18 10:36:35 -07:00
John Gardiner Myers 3793c92b94 Remove "secret" from "kops create secret keypair ca" 2021-06-18 10:36:19 -07:00
John Gardiner Myers 53695fc183 Put versioned API of cluster into state store 2021-06-16 19:33:46 -07:00
Kubernetes Prow Robot 4cd3b58e37
Merge pull request #11763 from johngmyers/ipv6-access 
Make the AdminAccess default inclusive of IPv6
 2021-06-14 23:30:01 -07:00
John Gardiner Myers 1356818d83 Make the AdminAccess default inclusive of IPv6 2021-06-14 21:51:17 -07:00
John Gardiner Myers cab389f2f5 Rename --override to --set 2021-06-14 14:01:18 -07:00
John Gardiner Myers 76fc012f96 Allow unsetting fields from the command line 2021-06-14 08:52:32 -07:00
Ciprian Hacman 2a11fa7dde Add --ipv6 experimental cli flag 2021-06-13 21:48:46 +02:00
Ciprian Hacman fcfba36b14 Pre-add integration test for creating an IPv6 cluster 2021-06-13 13:09:40 +02:00
John Gardiner Myers 09259ad30f Remove unused field 2021-06-12 16:05:53 -07:00
Kubernetes Prow Robot b71ba1d566
Merge pull request #11219 from johngmyers/refactor-keypair 
Refactor keypair code in preparation for secret rotation
 2021-06-12 14:25:00 -07:00
Kubernetes Prow Robot cfc93e5178
Merge pull request #9294 from johngmyers/refactor-nodeup-context 
Remove InstanceGroup from NodeupModelContext
 2021-06-12 13:43:01 -07:00
John Gardiner Myers a983c65a48 Move assettasks to pkg/assets 2021-06-06 23:16:02 -07:00
John Gardiner Myers 3622ee3c14 Move asset copying logic to pkg 2021-06-06 21:17:50 -07:00
John Gardiner Myers e0915887ed Move asset copying out of apply_cluster 2021-06-05 21:17:50 -07:00
John Gardiner Myers fa77f8b964 Rename fi.Keystore.StoreKeypair to StoreKeyset 2021-06-05 16:38:26 -07:00
John Gardiner Myers 2300d89591 Rename pki.FindKeypair to FindPrimaryKeypair 2021-06-05 16:38:26 -07:00
John Gardiner Myers ed1f6ff79e Refactor StoreKeypair and AddCert 2021-06-05 16:38:25 -07:00
John Gardiner Myers 0364a3af25 Refactor FindKeypair interfaces 2021-06-05 16:38:24 -07:00
John Gardiner Myers eb09d31a3c Pass AuxConfig to nodeup 2021-06-03 21:04:21 -07:00
John Gardiner Myers 326a4beb49 Don't describe CloudLabels as being AWS-specific 2021-06-01 23:32:22 -07:00
John Gardiner Myers 0e775023ac Use more consistent terminology 2021-05-30 10:06:25 -07:00
John Gardiner Myers e498c33da3 More "container" to "image" renaming 2021-05-29 16:44:10 -07:00
John Gardiner Myers 95aa3fd13e Rename "DockerImage" to "DownloadLocation" 2021-05-29 16:40:56 -07:00
John Gardiner Myers 34c6f7f295 Rename "ContainerAssets" to "ImageAssets" 2021-05-29 16:36:55 -07:00
John Gardiner Myers 4c2508b6ec Add "kops get assets" command 2021-05-28 21:33:46 -07:00
John Gardiner Myers 3f24a29cca Change toolbox template flag for consistency 2021-05-27 20:42:16 -07:00
Kubernetes Prow Robot fe7d6e5516
Merge pull request #11442 from hakman/ipv6 
Add initial support for configuring IPv6 with AWS
 2021-05-18 21:02:50 -07:00
Ciprian Hacman c08d0e2bdf Pre-add AWS IPv6 integration test 2021-05-18 08:56:16 +03:00
John Gardiner Myers dd605fdbc3 Subsume StatusStore into fi.Cloud 2021-05-15 17:39:32 -07:00
Peter Rifel 640fd531c6
Add gossip integration test 2021-05-12 17:21:01 -05:00
Ciprian Hacman 54961e4ae5 Create new clusters without forcing a container runtime 
Decide which container runtime to use later in model, based on Kubernetes version and other settings.
 2021-05-09 21:43:58 +03:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
John Gardiner Myers 8823f30ad7 Recognize the ServiceAccountIssuerDiscovery featue gate 2021-05-06 08:57:37 -07:00
John Gardiner Myers a79da8ee86 Don't use PublicJWKS in TestAWSLBController 2021-05-06 00:11:23 -07:00
Kubernetes Prow Robot b054fb37b7
Merge pull request #11016 from olemarkus/irsa-custom 
user-configurable IAM roles for ServiceAccounts
 2021-05-02 11:16:01 -07:00
Ciprian Hacman 62c47d23d4 Add integration test for etcd 2021-05-02 08:48:46 +03:00
Ole Markus With 6f8b3647cf Add support for IRSA in he api 
Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-05-01 16:03:42 +02:00
Ole Markus With 5ca7c9b5d7 Use VFS as service account issuer if configured 
Also add an integration test that uses VFS
 2021-04-30 21:02:30 +02:00
Kenji Kaneda 71f52363f8 Add a lifecycle test for GCE 
- Move MockGCECloud to cloudmock/gce.
- Change Compute() and CloudDNS() of GCECloud to return interfaces
  for mocking
 2021-04-26 13:05:27 -07:00
Kubernetes Prow Robot 0d9e2e7bb4
Merge pull request #11184 from cloudnatix/kenji/gcp 
Add GCE Router task
 2021-04-24 00:37:15 -07:00
Kenji Kaneda f37330f53d Add GCE Router task 
This commit picks up the change from the previous attempt
(https://github.com/kubernetes/kops/pull/6828).

- Add Router to GCE tasks
- Add the HasExternalIP field to InstanceTemplate
- Create a RouterTask and set HasExternalIP to false when
  a private topology is specified.

https://github.com/kubernetes/kops/issues/6827
 2021-04-23 23:03:38 -07:00
ebarped 44500b5b8d create.go: add --name to kops update cluster command 2021-04-23 10:57:18 +02:00
Jason Haugen cceb9dd296 lifecycle integ test, docs, & small cleanup 2021-04-19 15:43:06 -05:00
Jason Haugen 10df4a9a14 integ tests 2021-04-19 15:43:05 -05:00
Kubernetes Prow Robot 5aa8a31819
Merge pull request #11227 from olemarkus/warm-roll 
Give kOps CLI knowledge about ASG warm pools
 2021-04-15 09:46:07 -07:00
Kubernetes Prow Robot 2f1c8f3969
Merge pull request #11186 from integrii/patch-1 
Update kops_create_secret_dockerconfig.md
 2021-04-15 05:55:50 -07:00
Ole Markus With 09615935fd Make kOps CLI handle ASG warm pools 2021-04-15 11:10:23 +02:00
Ciprian Hacman 6c284a886b Apply suggestions from code review 2021-04-15 11:42:27 +03:00
Eric Greer 21c6007e71 Update kops_create_secret_dockerconfig.md 
Today we were implementing an authenticated docker user, but it was unclear how exactly to do that.  We learned that simply making this secret within kops was all that was needed for the docker config to start appearing on newly built nodes.  It would be nice if the documentation here reflected that.  It would have saved us some time.
 2021-04-15 11:30:54 +03:00
Barry Melbourne 1a60629d38 Update Docker to v20.10.5 2021-04-11 19:26:46 +01:00
Ole Markus With dbd23473ef Add irsa support for awslbcontroller 
This commit also introduces support for adding token projection volumes for well-known SAs.
Slightly less complicated than explicitly parsing the objects for a manifest
 2021-04-04 21:24:07 +02:00
Kubernetes Prow Robot f733db7e33
Merge pull request #11175 from olemarkus/aws-lb-controller-test 
Add integration test for aws lb controller
 2021-04-04 11:30:12 -07:00
Ole Markus With 1e3674e896 Add integration test for aws lb controller 2021-04-04 19:46:09 +02:00
Kubernetes Prow Robot 6bb9355361
Merge pull request #11152 from olemarkus/apiserver-cli-flags 
Allow setting dedicated apiserver node count from create cluster cmd
 2021-04-03 22:32:14 -07:00
Justin Santa Barbara e34d9bb579 Expand flag help on --user flags 
It wasn't entirely clear to me that this had to be the name of a user
kubeconfig section.
 2021-03-27 13:41:10 -04:00
Ole Markus With c6e5c4364d Allow setting dedicated apiserver node count from create cluster cmd 2021-03-27 08:59:45 +01:00
Kubernetes Prow Robot 155b765083
Merge pull request #11048 from bharath-123/fix/toolbox-cmd 
Remove instance-selector label
 2021-03-24 04:36:08 -07:00
Justin SB c75e084158 Re-add integration tests for jwks 
We removed them from #10756, but they can be re-added.
 2021-03-20 22:55:11 -04:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Peter Rifel 7c900b7fae Generate and upload keys.json + discovery.json to public store 
Generate and upload keys.json + discovery.json to public store

Don't enable anonymous auth on publicjwks

Remove tests that won't work using FS VFS anymore
 2021-03-19 20:03:26 +01:00
Bharath Vedartham 90ea91b5cb remove instance-selector label 2021-03-16 23:59:56 +05:30
Kubernetes Prow Robot 9dfbd03fa6
Merge pull request #11046 from hakman/channels-arm64 
Add channels entries for image architecture
 2021-03-15 12:16:34 -07:00
Ciprian Hacman 55f8c70779 Add channels entries for image architecture 2021-03-15 20:36:37 +02:00
Peter Rifel ce073593da
cluster validation - allow flapping of validation errors 
Previously with --wait if a cluster successfully validated and then a subsequent validation failed
(perhaps due to a new critical pod being scheduled and not being ready) we would previously fail the `validate cluster` command immediately.

This will now reset the success counter that approaches --count, allowing validation attempts to continue until we timeout from --wait.

I'm hoping this fixes prow job failures like this: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-grid-u1804-k18-containerd/1370875829445201920

where `kops validate cluster --count 10 --wait 15m` was invoked at `23:15:48` but exited with failure at `23:22:59`.
In my opinion, `kops validate cluster --count 10 --wait 15m` should only ever exit with failure if the 15 minute timeout has been reached.
 2021-03-14 09:05:58 -05:00
Bharath Vedartham 0c0767c0c9 Remove support for launch configurations 2021-03-09 09:04:15 +02:00
Barry Melbourne 659bfa0daf Update Controller Runtime Go module to v0.8.2 2021-02-25 20:34:12 +00:00
Ciprian Hacman 4f70c4237c Update mock to v1.21.0-alpha.1 2021-02-16 14:19:58 +02:00
Ole Markus With 73a9ec7372 Fix kdi 'must specify' error 2021-02-15 11:36:11 +01:00
Kubernetes Prow Robot 63baa5b579
Merge pull request #10752 from rifelpet/lifecycle-integration-test 
Add overrides testing in lifecycle integration tests
 2021-02-11 00:56:16 -08:00
Kubernetes Prow Robot 4507be8e13
Merge pull request #10469 from justinsb/boot_nodes_from_kops_controller 
Boot nodes without state store access
 2021-02-08 11:28:19 -08:00
Peter Rifel dd1ebb8b77
Add overrides support in lifecycle integration tests 
This allows specific changes to be tested during an `update cluster --yes` and ensuring a subsequent `update cluster` dryrun correctly reports no changes.

To specify changes, create a cluster.overrides.txt or instancegroup.<name>.overrides.txt file in the update_cluster integration test's directory.
Each line is a field=value format, each batch of changes is separated by a `---` line.
Each batch will be ran through `update cluster --yes`
 2021-02-06 23:18:15 -06:00
Bharath Vedartham 515fbf1c1c set_cluster: Remove unused instanceGroup parameter from setClusterFields 2021-01-30 14:31:49 +05:30
Ciprian Hacman 46aa146b31 Add integration tests for older Kubernetes versions 2021-01-29 14:33:36 +02:00
Kubernetes Prow Robot 3d39be7721
Merge pull request #10661 from hakman/etcd-manager-defaults 
Update AWS etcd-manager volumes defaults
 2021-01-28 22:01:41 -08:00
Peter Rifel 2d8bfc040b
Allow SSH user to be overridden for `toolbox dump` 2021-01-28 19:47:22 -06:00
Ciprian Hacman fcea4f5b08 Set default volume encryption to "true" for etcd-manager volumes in AWS 2021-01-26 11:29:27 +02:00
Kubernetes Prow Robot f055dd561c
Merge pull request #10593 from gabrieljackson/set-instancegroup-cmd-redux 
Add `set instancegroup` command
 2021-01-25 05:16:54 -08:00