kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,395 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

579 Commits

Author SHA1 Message Date
Kubernetes Prow Robot bb38a3e52e
Merge pull request #12067 from h3poteto/iss-11608 
Support AWS LB access log configuration in cluster spec
 2021-08-25 16:51:23 -07:00
AkiraFukushima 73f7307844
Add AccessLog attribute to CloudFormation and Terraform renderer 2021-08-25 22:55:53 +09:00
Peter Rifel bf20cef86f
Add terraform outputs OIDC provider ARN and issuer 
These fields are valuable because their fields are used in the assume role policies of service account IAM roles, based on the docs here:

https://docs.aws.amazon.com/eks/latest/userguide/create-service-account-iam-policy-and-role.html#aws-cli
 2021-08-23 21:48:59 -05:00
Kubernetes Prow Robot 20e472eded
Merge pull request #12170 from justinsb/gce_ipv6 
Initial IPv6 support for GCE
 2021-08-22 00:31:59 -07:00
Kubernetes Prow Robot cf2b0febf1
Merge pull request #12183 from rifelpet/consolidate-iam 
Consolidate statements in control plane IAM role
 2021-08-21 19:09:59 -07:00
justinsb 144c841d39 Update test data 2021-08-21 20:09:31 -04:00
Kubernetes Prow Robot 022452a61b
Merge pull request #12189 from olemarkus/bump-cm-2211 
Bump cert-manager to 1.5.2
 2021-08-21 13:49:59 -07:00
Ole Markus With 11ffa653cb Bump cert-manager to 1.5.2 2021-08-21 21:12:23 +02:00
Amit Prasad 48fa73f3bb Add option in Cluster Autoscaler AddOn for AWS EC2 Static instance list 2021-08-21 22:44:31 +05:30
Peter Rifel 3db20bed01
./hack/update-expected.sh 2021-08-20 08:41:25 -05:00
Kubernetes Prow Robot 181f278218
Merge pull request #12176 from olemarkus/bump-snapshot-controller-22 
Bump snapshot-controller
 2021-08-18 14:19:45 -07:00
Ole Markus With 7f4066a909 Bump snapshot-controller 2021-08-18 20:39:16 +02:00
Ole Markus With 2288900ae6 Bump cert-manager to 1.5.1 2021-08-18 20:34:05 +02:00
justinsb 0214c81c89 Update kopeio test to test kopeio networking also 2021-08-15 01:08:59 -04:00
Ole Markus With caf46fef6a Bump AWS CSI Driver to 1.2.0 2021-08-13 11:14:05 +02:00
Kubernetes Prow Robot b1e6064501
Merge pull request #12141 from olemarkus/cilium-bump-211 
Bump cilium to 1.10.3
 2021-08-12 13:11:50 -07:00
Ole Markus With 133eb1f7ba Bump cilium to 1.10.3 2021-08-12 21:12:25 +02:00
Ole Markus With 57bd06b281 Bump Cert Manager for 1.22 2021-08-12 08:36:22 +02:00
Peter Rifel 0789a5ad9c
./hack/update-expected.sh 2021-08-08 15:54:27 -04:00
Ole Markus With 0439bb0d76 Remove UseServiceAccountIAM feature flag and rename feature to UseServiceAccountExternalPermissions 2021-08-07 21:20:03 +02:00
Ole Markus With 887439952a Add ccm integration tests 2021-08-07 10:31:31 +02:00
Ole Markus With ce86d851aa IRSA support for CCM 
Update pkg/model/components/addonmanifests/awscloudcontroller/iam.go

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-08-07 10:27:36 +02:00
Ole Markus With 1839b1ac47 Revert most of #12023 and keep awslbc on CP nodes 2021-08-05 19:30:27 +02:00
Kubernetes Prow Robot 3ee3e30267
Merge pull request #12096 from hakman/docker-20.10.8 
Update Docker to v20.10.8
 2021-08-03 21:39:24 -07:00
Ciprian Hacman 92ab49cdfb Update Docker to v20.10.8 2021-08-04 06:19:43 +03:00
Kubernetes Prow Robot 283080bc30
Merge pull request #12083 from CheyiLin/nth 
Add nth rebalance recommendation configs
 2021-08-02 21:40:48 -07:00
Cheyi Lin 844d16e870 hack/update-expected.sh 2021-08-03 11:23:15 +08:00
Ciprian Hacman 966d2d6308 Update Calico to v3.20.0 2021-08-02 08:51:37 +03:00
Kubernetes Prow Robot a9207f4a6c
Merge pull request #12087 from johngmyers/sha256-manifest 
Use SHA-256 for manifest hashes
 2021-08-01 21:55:23 -07:00
John Gardiner Myers d6a159a258 hack/update-expected.sh 2021-08-01 16:42:14 -07:00
Ciprian Hacman 541d328812 Update containerd to v1.4.9 2021-07-30 07:30:42 +03:00
Kubernetes Prow Robot 5bd6a49b26
Merge pull request #12062 from hakman/coredns-1.8.4 
Update core-dns to v1.8.4
 2021-07-29 11:14:57 -07:00
Kubernetes Prow Robot 8c5c8018db
Merge pull request #12065 from MoShitrit/aws-cni-1.9.0 
Update AWS CNI to v1.9.0
 2021-07-28 23:04:19 -07:00
Ciprian Hacman fc3a103baf Update core-dns to v1.8.4 2021-07-29 08:23:35 +03:00
Moshe Shitrit 13a489571b update auto-generated files after update-expected and verify-apimachinery 2021-07-29 00:19:44 -04:00
Ciprian Hacman b6464658d4 Update containerd to v1.4.8 2021-07-29 05:27:10 +03:00
John Gardiner Myers 80eb3c42ac hack/update-expected.sh 2021-07-23 14:11:10 -07:00
Kubernetes Prow Robot 34ce86adf2
Merge pull request #12019 from johngmyers/catasks-nobootstrap 
Fix certificate bootstrap for non-kops-controller-bootstrap cloud providers
 2021-07-19 15:56:15 -07:00
Kubernetes Prow Robot 14d58a4e87
Merge pull request #12024 from olemarkus/irsa-nth 
Add irsa support for node termination handler
 2021-07-19 10:06:52 -07:00
Ole Markus With d31c682506 Set vpc-id on aws lbc 2021-07-19 15:14:15 +02:00
Ole Markus With 28bd45a8fa Add irsa support for nth 2021-07-19 15:12:35 +02:00
John Gardiner Myers 1f705615c7 hack/update-expected.sh 2021-07-18 13:37:20 -07:00
Ciprian Hacman 4d7ebd343c
Release 1.22.0-alpha.2 (#12012) 2021-07-17 21:42:51 -07:00
Kubernetes Prow Robot 14de757bca
Merge pull request #11991 from olemarkus/refactor-iam 
Dedicated function for ccm permissons
 2021-07-16 13:06:10 -07:00
Ole Markus With f0390eda29 Dedicated function for ccm permissons 
Update pkg/model/iam/iam_builder.go

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-07-16 19:39:57 +02:00
John Gardiner Myers 10692bc2f4 hack/update-expected.sh 2021-07-14 08:19:10 -07:00
Kubernetes Prow Robot 2526a35962
Merge pull request #11986 from olemarkus/nodeup-containerd 
Move containerd config from cloudup to nodeup
 2021-07-14 02:10:27 -07:00
Ole Markus With c17ec3a7e7 Move containerd config from cloudup to nodeup 2021-07-14 10:28:37 +02:00
Ole Markus With a13cdb38f3 Add region to aws lbc 2021-07-14 08:23:53 +02:00
John Gardiner Myers e185c8148d hack/update-expected.sh 2021-07-11 11:16:11 -07:00
John Gardiner Myers 61606868ab hack/update-expected.sh 2021-07-10 23:23:13 -07:00
Kubernetes Prow Robot a397a881a1
Merge pull request #11974 from johngmyers/refactor-sakey 
Refactor service-account signing key
 2021-07-10 23:18:46 -07:00
John Gardiner Myers a63e65038f hack/update-expected.sh 2021-07-10 17:31:59 -07:00
Kubernetes Prow Robot edf278d382
Merge pull request #11961 from olemarkus/cilium-etcd-fixes 
Cilium etcd fixes
 2021-07-10 14:20:46 -07:00
Ole Markus With 97a41c66f4 Enable k8s event handover when kvstore is used 2021-07-09 15:46:43 +02:00
John Gardiner Myers 86c9ee5506 hack/update-expected.sh 2021-07-09 00:20:18 -07:00
John Gardiner Myers cdf26302b2 hack/update-expected.sh 2021-07-08 18:46:03 -07:00
Ciprian Hacman fd08e2b047 Run hack/update-expected.sh 2021-07-08 22:12:12 +03:00
Ole Markus With 2d56558efe Run cert-manager cainjector on CP nodes as well 2021-07-06 16:05:41 +02:00
Kubernetes Prow Robot 0e458331b0
Merge pull request #11934 from olemarkus/cm-webhook-cp 
Schedule certmanager webhook on control plane
 2021-07-06 02:18:20 -07:00
Ole Markus With 735d9a898c Remove unused golden files from manyaddons test 2021-07-06 08:52:56 +02:00
Ole Markus With 561161291f Schedule certmanager webhook on control plane 2021-07-06 08:45:12 +02:00
John Gardiner Myers 9c83afb739 Remove obsolete files 2021-07-05 23:11:17 -07:00
Kubernetes Prow Robot 2e4a1ae143
Merge pull request #11921 from johngmyers/rename-k8s-ca 
Rename the "ca" keyset to "kubernetes-ca"
 2021-07-03 21:48:18 -07:00
Kubernetes Prow Robot cf834ce5fc
Merge pull request #11843 from olemarkus/reduce-policy-size-further 
Reduce policy size further
 2021-07-03 17:58:18 -07:00
John Gardiner Myers 5834fc2690 hack/update-expected.sh 2021-07-03 17:33:13 -07:00
Peter Rifel c5fbcccfa6
Update pause image to 3.5 2021-07-02 06:40:27 -04:00
John Gardiner Myers 5c5969d102 hack/update-expected.sh 2021-07-01 22:25:51 -07:00
John Gardiner Myers 186aaf6d96 hack/update-expected.sh 2021-07-01 14:45:32 -07:00
Peter Rifel 13f4305b9c
Include GCP Project in terraform HCL2 output 
This has been included in the JSON output but was missing from HCL2
 2021-07-01 09:23:37 -04:00
Ole Markus With aad2912710 Add sets for the remaining addons 2021-07-01 10:37:57 +02:00
Ole Markus With df5b58b1b3 Add sets for the typical default role perms 2021-07-01 10:28:01 +02:00
Ole Markus With 37271998e1 Use sets for aws lbc permissions 2021-07-01 10:19:40 +02:00
Ole Markus With c7bd1c1529 Add s3 policies to integration tests 2021-07-01 09:26:58 +02:00
Ole Markus With 9885714957 Use NewPolicy for the non-master roles 2021-07-01 09:19:35 +02:00
Ole Markus With 19833e6b73 Use sets for ebscsidriver permissions 2021-07-01 09:02:04 +02:00
John Gardiner Myers 0f1de5cfc8 hack/update-expected.sh 2021-06-30 18:55:35 -07:00
John Gardiner Myers e90f2cc834 hack/update-expected.sh 2021-06-28 13:48:35 -07:00
Kubernetes Prow Robot ee048e89e7
Merge pull request #11872 from johngmyers/refactor-serviceaccount 
Refactor nodeup APIServer builder, part one
 2021-06-28 10:42:01 -07:00
Kubernetes Prow Robot 917c965c8f
Merge pull request #11873 from hakman/avoid_spurious_changes 
Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring
 2021-06-27 19:59:24 -07:00
John Gardiner Myers 7dfe9d82ab hack/update-expected.sh 2021-06-27 08:45:06 -07:00
John Gardiner Myers fdf034058d hack/update-expected.sh 2021-06-27 08:45:05 -07:00
Kubernetes Prow Robot 22c11c10f1
Merge pull request #11848 from johngmyers/cilium-etcd-client 
Refactor etcd-client-cilium secrets
 2021-06-27 04:01:24 -07:00
Ciprian Hacman 348eed772a Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring 2021-06-27 10:08:13 +03:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 91fff31697 Control plane nodes need the etcd-clients-ca-cilium keypair 2021-06-26 00:04:52 -07:00
John Gardiner Myers 2ef765bbcb hack/update-expected.sh 2021-06-26 00:01:34 -07:00
John Gardiner Myers 89209df150 hack/update-expected.sh 2021-06-25 22:25:50 -07:00
Ciprian Hacman d7f405f65a Decrease default values for net.ipv4.tcp_rmem and net.ipv4.tcp_wmem 2021-06-25 21:27:56 +03:00
Kubernetes Prow Robot 89ad2bc453
Merge pull request #11810 from hakman/ipv6_disable_calico_awssrcdstcheck 
Enable cross-subnet mode with Calico by default
 2021-06-25 01:08:45 -07:00
Ciprian Hacman a12b3145ee Enable cross-subnet mode with Calico by default 2021-06-25 07:13:20 +03:00
John Gardiner Myers 7dea5af9be hack/update-expected.sh 2021-06-21 19:37:24 -07:00
John Gardiner Myers 48c42fe37f hack/update-expected.sh 2021-06-21 16:10:07 -07:00
John Gardiner Myers d5cea85f7c Use stable keyset IDs 2021-06-21 16:10:06 -07:00
Ole Markus With 79a2c111f2 Remove redundant permissions 2021-06-21 08:59:54 +02:00
Ole Markus With b3f274e140 Apply permissions to master role when irsa is not used 2021-06-21 08:56:11 +02:00
Ciprian Hacman 65d21ee463 Pre-pull container images from list of desired prefixes 2021-06-20 23:01:52 +02:00
Ciprian Hacman e347841aa3 Add integration test for Warm Pool images 2021-06-20 23:01:52 +02:00
Kubernetes Prow Robot e4eff07c81
Merge pull request #11809 from johngmyers/rotate-5 
Include multiple cluster CAs in trust stores
 2021-06-20 13:20:51 -07:00
Ole Markus With 778323eec9 Add missing lbc permission 2021-06-19 20:03:40 +02:00