kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,395 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1194 Commits

Author SHA1 Message Date
Ole Markus With 57bd06b281 Bump Cert Manager for 1.22 2021-08-12 08:36:22 +02:00
Ole Markus With 6a1b58666c Set IRSA flag on scenarios where needed 2021-08-11 12:42:57 +02:00
Peter Rifel 0789a5ad9c
./hack/update-expected.sh 2021-08-08 15:54:27 -04:00
Kubernetes Prow Robot 64f00d71ae
Merge pull request #12109 from olemarkus/useserviceaccountexternalpermissions 
Remove UseServiceAccountIAM feature flag and rename feature to UseServiceAccountExternalPermissions
 2021-08-07 15:13:30 -07:00
Kubernetes Prow Robot a9a5865032
Merge pull request #12111 from rifelpet/os-lb-vipacl 
In-line openstack loadbalancer feature detection
 2021-08-07 12:31:29 -07:00
Ole Markus With 0439bb0d76 Remove UseServiceAccountIAM feature flag and rename feature to UseServiceAccountExternalPermissions 2021-08-07 21:20:03 +02:00
Ole Markus With 887439952a Add ccm integration tests 2021-08-07 10:31:31 +02:00
Ole Markus With ce86d851aa IRSA support for CCM 
Update pkg/model/components/addonmanifests/awscloudcontroller/iam.go

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-08-07 10:27:36 +02:00
Peter Rifel ce821a614f
In-line openstack loadbalancer feature detection 
This was our only reliance on cloud-provider-openstack which depends on k8s.io/kubernetes.

With the logic in-lined, kops no longer has any indirect dependencies of k/k
 2021-08-06 08:19:53 -04:00
Kubernetes Prow Robot c5a507d8f3
Merge pull request #12106 from rifelpet/skip-metricsgrabber 
Stop skipping MetricsGrabber tests on CI k8s versions
 2021-08-05 12:25:18 -07:00
Kubernetes Prow Robot c382408684
Merge pull request #12107 from olemarkus/fix-albc 
Revert most of #12023 and keep awslbc on CP nodes
 2021-08-05 11:23:19 -07:00
Ole Markus With 1839b1ac47 Revert most of #12023 and keep awslbc on CP nodes 2021-08-05 19:30:27 +02:00
Peter Rifel f10649f658
Stop skipping MetricsGrabber tests on CI k8s versions 2021-08-05 11:28:37 -04:00
Ciprian Hacman cf6ab7cd76 Skip GlusterFS tests 2021-08-05 07:26:24 +03:00
John Gardiner Myers 832e773324 Update Kubernetes dependencies to 1.22.0 2021-08-04 16:54:07 -07:00
Kubernetes Prow Robot 3ee3e30267
Merge pull request #12096 from hakman/docker-20.10.8 
Update Docker to v20.10.8
 2021-08-03 21:39:24 -07:00
Ciprian Hacman 92ab49cdfb Update Docker to v20.10.8 2021-08-04 06:19:43 +03:00
Peter Rifel 6c71c234b0
Also skip MetricsGrabber tests on 1.23 version marker 
ci/latest is already using 1.23 alpha tags so we need to skip these tests for 1.23 until the PR is merged
 2021-08-03 08:38:19 -04:00
Kubernetes Prow Robot 283080bc30
Merge pull request #12083 from CheyiLin/nth 
Add nth rebalance recommendation configs
 2021-08-02 21:40:48 -07:00
Cheyi Lin 844d16e870 hack/update-expected.sh 2021-08-03 11:23:15 +08:00
Peter Rifel 1e1db4d867
Kubetest2 scenarios - provide absolute path to kops binary 
This allows the rest of the scenario to change directories and the "down" step still uses the correct location of the kops binary

This should fix https://prow.k8s.io/view/gs/kubernetes-jenkins/pr-logs/directory/pull-kops-e2e-aws-ebs-csi-driver/1413601399341584384
 2021-08-02 22:10:08 -04:00
Peter Rifel 75b00eb2b2
Temporarily skip MetricsGrabber test 
The fix won't make it into 1.22.0, instead slated for 1.22.1.
To avoid additional jobs failing (those that use release/stable k8s version marker) we can ignore the test now that the issue is known and the fix is ready to be merged.
 2021-08-02 20:17:11 -04:00
Ciprian Hacman 966d2d6308 Update Calico to v3.20.0 2021-08-02 08:51:37 +03:00
Kubernetes Prow Robot a9207f4a6c
Merge pull request #12087 from johngmyers/sha256-manifest 
Use SHA-256 for manifest hashes
 2021-08-01 21:55:23 -07:00
John Gardiner Myers d6a159a258 hack/update-expected.sh 2021-08-01 16:42:14 -07:00
Ciprian Hacman 5d67753eeb Run ./hack/update-expected.sh 2021-07-31 04:46:57 +03:00
Ciprian Hacman 541d328812 Update containerd to v1.4.9 2021-07-30 07:30:42 +03:00
Kubernetes Prow Robot 5bd6a49b26
Merge pull request #12062 from hakman/coredns-1.8.4 
Update core-dns to v1.8.4
 2021-07-29 11:14:57 -07:00
Kubernetes Prow Robot 8c5c8018db
Merge pull request #12065 from MoShitrit/aws-cni-1.9.0 
Update AWS CNI to v1.9.0
 2021-07-28 23:04:19 -07:00
Ciprian Hacman fc3a103baf Update core-dns to v1.8.4 2021-07-29 08:23:35 +03:00
Kubernetes Prow Robot 05964b9375
Merge pull request #12059 from hakman/containerd-1.4.8 
Update containerd to v1.4.8
 2021-07-28 22:20:19 -07:00
Kubernetes Prow Robot 01d8541ada
Merge pull request #12061 from hakman/controller-runtime-0.9.5 
Update controller-runtime to v0.9.5
 2021-07-28 21:36:19 -07:00
Moshe Shitrit 13a489571b update auto-generated files after update-expected and verify-apimachinery 2021-07-29 00:19:44 -04:00
Kubernetes Prow Robot ec7bc20f16
Merge pull request #12060 from hakman/aws-sdk-go-1.40.10 
Update aws-sdk-go to v1.40.10
 2021-07-28 20:26:19 -07:00
Ciprian Hacman 61e40c00c9 Update controller-runtime to v0.9.5 2021-07-29 05:53:36 +03:00
Ciprian Hacman e6887bf163 Update k8s dependencies to v1.21.3 2021-07-29 05:52:13 +03:00
Ciprian Hacman c7c2191610 Update aws-sdk-go to v1.40.10 2021-07-29 05:31:01 +03:00
Ciprian Hacman b6464658d4 Update containerd to v1.4.8 2021-07-29 05:27:10 +03:00
John Gardiner Myers 56acf1cf22 hack/update-expected.sh 2021-07-26 22:05:01 -07:00
John Gardiner Myers 80eb3c42ac hack/update-expected.sh 2021-07-23 14:11:10 -07:00
Peter Rifel 5eace61cc5
keypair rotation - export new credentials between promote and distruts 2021-07-20 23:46:42 -04:00
Peter Rifel 0fd1399828
Fix whitespace to be consistent in file 2021-07-19 23:27:20 -04:00
Peter Rifel bcc61e6596
Assert the correct number of kubeconfig CAs during keypair rotation 2021-07-19 23:27:20 -04:00
Kubernetes Prow Robot 34ce86adf2
Merge pull request #12019 from johngmyers/catasks-nobootstrap 
Fix certificate bootstrap for non-kops-controller-bootstrap cloud providers
 2021-07-19 15:56:15 -07:00
Kubernetes Prow Robot 14d58a4e87
Merge pull request #12024 from olemarkus/irsa-nth 
Add irsa support for node termination handler
 2021-07-19 10:06:52 -07:00
Kubernetes Prow Robot d61061b159
Merge pull request #12023 from olemarkus/aws-lbc-set-vpc-id 
Set vpc-id on aws lbc
 2021-07-19 08:38:51 -07:00
Ole Markus With d31c682506 Set vpc-id on aws lbc 2021-07-19 15:14:15 +02:00
Ole Markus With 28bd45a8fa Add irsa support for nth 2021-07-19 15:12:35 +02:00
Peter Rifel faee62daea
keypair rotation scenario - fix base64 decoding 2021-07-19 07:08:02 -04:00
John Gardiner Myers 1f705615c7 hack/update-expected.sh 2021-07-18 13:37:20 -07:00
Peter Rifel ee3a814850
Keypair rotation scenario - create report directory 2021-07-18 07:39:31 -07:00
Kubernetes Prow Robot 7b16695506
Merge pull request #12013 from rifelpet/rotate-scenario 
Fix keypair rotation scenario kops binary
 2021-07-17 23:12:51 -07:00
Ciprian Hacman 4d7ebd343c
Release 1.22.0-alpha.2 (#12012) 2021-07-17 21:42:51 -07:00
Peter Rifel 4048d0caf1
Fix keypair rotation scenario kops binary 2021-07-17 21:34:20 -07:00
Peter Rifel df8b3a750f
Fix kops binary references in keypair rotation scenario 2021-07-17 15:46:00 -07:00
John Gardiner Myers d446f8d9ab Accommodate older destination kops versions in upgrade-ab scenario 2021-07-17 14:54:13 -07:00
Kubernetes Prow Robot 2c6a57732e
Merge pull request #12005 from rifelpet/rotate-scenario 
Fix file permissions on new keypair rotation test scenario
 2021-07-17 10:52:51 -07:00
Peter Rifel 74ca85f0c8
Fix file permissions on new keypair rotation test scenario 2021-07-17 07:30:32 -07:00
Kubernetes Prow Robot 9fa413d0dc
Merge pull request #12001 from rifelpet/rotate-scenario 
Add keypair rotation test scenario
 2021-07-16 16:24:50 -07:00
Peter Rifel a938226efe
Add keypair rotation test scenario 2021-07-16 15:43:07 -07:00
Kubernetes Prow Robot 14de757bca
Merge pull request #11991 from olemarkus/refactor-iam 
Dedicated function for ccm permissons
 2021-07-16 13:06:10 -07:00
Ole Markus With f0390eda29 Dedicated function for ccm permissons 
Update pkg/model/iam/iam_builder.go

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-07-16 19:39:57 +02:00
Kubernetes Prow Robot f24f12f84c
Merge pull request #11982 from johngmyers/bootstrap-keypairid 
Verify CA keypair IDs for kops-controller-issued certs
 2021-07-15 12:31:03 -07:00
Kubernetes Prow Robot 2d40b76e1a
Merge pull request #11997 from spiffxp/rm-kubernetes-release-dev 
remove references to kubernetes-release-dev
 2021-07-15 09:28:46 -07:00
Aaron Crickenberger 7f1ec7001b remove references to kubernetes-release-dev 
this is mostly about getting kubernetes/kops out of search results for a
cs.k8s.io query that's looking for all repos that reference
kubernetes-release-dev in their default branch

if there's no compelling reason to keep the old value, use
k8s-release-dev instead
 2021-07-15 08:05:54 -07:00
Peter Rifel 98bed37ffa
Upgrade aws-sdk-go 2021-07-15 07:35:56 -07:00
Kubernetes Prow Robot e08fdb0c4e
Merge pull request #11987 from johngmyers/edit-set 
Change set and unset commands into flags on "kops edit cluster"
 2021-07-14 14:04:40 -07:00
John Gardiner Myers 3e87b61c2b Update references to "kops set" in tests and documentation 2021-07-14 12:43:19 -07:00
John Gardiner Myers 10692bc2f4 hack/update-expected.sh 2021-07-14 08:19:10 -07:00
Kubernetes Prow Robot 2526a35962
Merge pull request #11986 from olemarkus/nodeup-containerd 
Move containerd config from cloudup to nodeup
 2021-07-14 02:10:27 -07:00
Ole Markus With c17ec3a7e7 Move containerd config from cloudup to nodeup 2021-07-14 10:28:37 +02:00
Ole Markus With a13cdb38f3 Add region to aws lbc 2021-07-14 08:23:53 +02:00
John Gardiner Myers e185c8148d hack/update-expected.sh 2021-07-11 11:16:11 -07:00
John Gardiner Myers 61606868ab hack/update-expected.sh 2021-07-10 23:23:13 -07:00
Kubernetes Prow Robot a397a881a1
Merge pull request #11974 from johngmyers/refactor-sakey 
Refactor service-account signing key
 2021-07-10 23:18:46 -07:00
John Gardiner Myers a63e65038f hack/update-expected.sh 2021-07-10 17:31:59 -07:00
Kubernetes Prow Robot edf278d382
Merge pull request #11961 from olemarkus/cilium-etcd-fixes 
Cilium etcd fixes
 2021-07-10 14:20:46 -07:00
Kubernetes Prow Robot 0bc00046ad
Merge pull request #11964 from johngmyers/rotate-etcd 
Refactor keysets for etcd-manager
 2021-07-10 01:16:46 -07:00
Ole Markus With 97a41c66f4 Enable k8s event handover when kvstore is used 2021-07-09 15:46:43 +02:00
Peter Rifel 7d665022e3
Unconditionally reenable KMS and Volume Limit tests 
Fixes for these tests have now been released in all applicable k8s version markers
 2021-07-09 07:22:42 -04:00
John Gardiner Myers 86c9ee5506 hack/update-expected.sh 2021-07-09 00:20:18 -07:00
John Gardiner Myers cdf26302b2 hack/update-expected.sh 2021-07-08 18:46:03 -07:00
Ciprian Hacman fd08e2b047 Run hack/update-expected.sh 2021-07-08 22:12:12 +03:00
Ole Markus With 2d56558efe Run cert-manager cainjector on CP nodes as well 2021-07-06 16:05:41 +02:00
Kubernetes Prow Robot 0e458331b0
Merge pull request #11934 from olemarkus/cm-webhook-cp 
Schedule certmanager webhook on control plane
 2021-07-06 02:18:20 -07:00
Ole Markus With 735d9a898c Remove unused golden files from manyaddons test 2021-07-06 08:52:56 +02:00
Ole Markus With 561161291f Schedule certmanager webhook on control plane 2021-07-06 08:45:12 +02:00
John Gardiner Myers 9c83afb739 Remove obsolete files 2021-07-05 23:11:17 -07:00
Kubernetes Prow Robot 2e4a1ae143
Merge pull request #11921 from johngmyers/rename-k8s-ca 
Rename the "ca" keyset to "kubernetes-ca"
 2021-07-03 21:48:18 -07:00
Kubernetes Prow Robot 98465174cb
Merge pull request #11923 from rifelpet/upgrade-scenario 
Set KOPS_RUN_TOO_NEW_VERSION in scenario scripts
 2021-07-03 19:16:18 -07:00
Peter Rifel aaf5054138
Set KOPS_RUN_TOO_NEW_VERSION in scenario scripts 
We already do this in kubetest2-kops. This sets it in scenario scripts so that any `kops` commands behave identically.
 2021-07-03 21:36:18 -04:00
Kubernetes Prow Robot cf834ce5fc
Merge pull request #11843 from olemarkus/reduce-policy-size-further 
Reduce policy size further
 2021-07-03 17:58:18 -07:00
John Gardiner Myers 5834fc2690 hack/update-expected.sh 2021-07-03 17:33:13 -07:00
John Gardiner Myers 04943c8e3b Upgrade Cobra to 1.2.1 2021-07-02 10:39:53 -07:00
Peter Rifel c5fbcccfa6
Update pause image to 3.5 2021-07-02 06:40:27 -04:00
Kubernetes Prow Robot 6689850ebc
Merge pull request #11906 from johngmyers/refactor-aggregator 
Refactor apiserver-aggregator-ca
 2021-07-01 23:32:13 -07:00
John Gardiner Myers 5c5969d102 hack/update-expected.sh 2021-07-01 22:25:51 -07:00
John Gardiner Myers 186aaf6d96 hack/update-expected.sh 2021-07-01 14:45:32 -07:00
John Gardiner Myers cfe22f814e Upgrade cobra and viper 2021-07-01 12:59:43 -07:00
Peter Rifel 13f4305b9c
Include GCP Project in terraform HCL2 output 
This has been included in the JSON output but was missing from HCL2
 2021-07-01 09:23:37 -04:00
Ole Markus With aad2912710 Add sets for the remaining addons 2021-07-01 10:37:57 +02:00
Ole Markus With df5b58b1b3 Add sets for the typical default role perms 2021-07-01 10:28:01 +02:00
Ole Markus With 37271998e1 Use sets for aws lbc permissions 2021-07-01 10:19:40 +02:00
Ole Markus With c7bd1c1529 Add s3 policies to integration tests 2021-07-01 09:26:58 +02:00
Ole Markus With 9885714957 Use NewPolicy for the non-master roles 2021-07-01 09:19:35 +02:00
Ole Markus With 19833e6b73 Use sets for ebscsidriver permissions 2021-07-01 09:02:04 +02:00
Ole Markus With 73850bb390 Build kops for the lb controller presubmit 2021-07-01 08:27:01 +02:00
John Gardiner Myers 0f1de5cfc8 hack/update-expected.sh 2021-06-30 18:55:35 -07:00
Kubernetes Prow Robot 52afacd05c
Merge pull request #9621 from johngmyers/tf-managed 
Render managed files with Terraform
 2021-06-29 19:27:03 -07:00
srikiz 8e68cca9eb Increase droplet size 2021-06-29 11:07:38 +05:30
John Gardiner Myers e90f2cc834 hack/update-expected.sh 2021-06-28 13:48:35 -07:00
Kubernetes Prow Robot ee048e89e7
Merge pull request #11872 from johngmyers/refactor-serviceaccount 
Refactor nodeup APIServer builder, part one
 2021-06-28 10:42:01 -07:00
Peter Rifel 6f00d07192
Kubetest2 - set --node-os-arch flag instead of skipping kubectl test on arm64 2021-06-27 23:16:56 -04:00
Kubernetes Prow Robot 917c965c8f
Merge pull request #11873 from hakman/avoid_spurious_changes 
Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring
 2021-06-27 19:59:24 -07:00
John Gardiner Myers 7dfe9d82ab hack/update-expected.sh 2021-06-27 08:45:06 -07:00
John Gardiner Myers fdf034058d hack/update-expected.sh 2021-06-27 08:45:05 -07:00
Kubernetes Prow Robot 22c11c10f1
Merge pull request #11848 from johngmyers/cilium-etcd-client 
Refactor etcd-client-cilium secrets
 2021-06-27 04:01:24 -07:00
Ciprian Hacman 348eed772a Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring 2021-06-27 10:08:13 +03:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 91fff31697 Control plane nodes need the etcd-clients-ca-cilium keypair 2021-06-26 00:04:52 -07:00
John Gardiner Myers 2ef765bbcb hack/update-expected.sh 2021-06-26 00:01:34 -07:00
John Gardiner Myers 89209df150 hack/update-expected.sh 2021-06-25 22:25:50 -07:00
Ciprian Hacman d7f405f65a Decrease default values for net.ipv4.tcp_rmem and net.ipv4.tcp_wmem 2021-06-25 21:27:56 +03:00
Moshe Shitrit 47ef8e32cc update-expected 2021-06-25 13:02:40 +03:00
Kubernetes Prow Robot 89ad2bc453
Merge pull request #11810 from hakman/ipv6_disable_calico_awssrcdstcheck 
Enable cross-subnet mode with Calico by default
 2021-06-25 01:08:45 -07:00
Ciprian Hacman a12b3145ee Enable cross-subnet mode with Calico by default 2021-06-25 07:13:20 +03:00
Ole Markus With a66fe95f58 Update helm to v3.6.1 2021-06-24 21:40:06 +02:00
John Gardiner Myers dcf973a898 Improve image copying 2021-06-23 23:51:09 -07:00
Kubernetes Prow Robot 1123b552df
Merge pull request #11851 from rifelpet/kubetest2 
Escape --skip-regex pattern
 2021-06-23 06:40:10 -07:00
Peter Rifel 397d52d508
Escape --skip-regex pattern 2021-06-23 07:42:21 -05:00
Kubernetes Prow Robot 9b0489bcb2
Merge pull request #11842 from rifelpet/kubetest2 
Only set default --skip-regex if it hasn't been set
 2021-06-22 08:51:58 -07:00
Kubernetes Prow Robot d5119c0338
Merge pull request #11833 from johngmyers/update-on-primary-change 
Mark nodes NeedsUpdate when keys they use change
 2021-06-22 08:11:58 -07:00
Kubernetes Prow Robot 4e1e199993
Merge pull request #11840 from olemarkus/fix-ebs-csi-regex 
Fix skip regex for ebs csi test
 2021-06-22 07:07:58 -07:00
Peter Rifel 3897799f6a
Only set default --skip-regex if it hasn't been set 2021-06-22 08:50:24 -05:00
Peter Rifel 5f13d2d945
Kubetest2 - Add --skip-regex logic 
This will move the logic from build_jobs.py into kubetest2 itself.
This way we can rely on this logic from scenario scripts and other places that arent directly set by build_jobs.py.
 2021-06-22 08:23:44 -05:00
Ole Markus With 7e74c02a5d Fix skip regex 2021-06-22 15:04:46 +02:00
Ole Markus With f49e0f856f Don't copy kops if binary path is not set 2021-06-22 13:09:02 +02:00
Ole Markus With 56aa339f2c Avoid using subshells that swallow env vars 2021-06-22 13:09:02 +02:00
John Gardiner Myers 7dea5af9be hack/update-expected.sh 2021-06-21 19:37:24 -07:00
John Gardiner Myers 48c42fe37f hack/update-expected.sh 2021-06-21 16:10:07 -07:00
John Gardiner Myers d5cea85f7c Use stable keyset IDs 2021-06-21 16:10:06 -07:00
Peter Rifel c6bdce3b98
Ignore failing tests in upgrade scenario 
These are being skipped in certain k8s versions. Until we can dynamically determine which tests to skip based on k8s version (like build_jobs.py generates) we can just skip these two tests for all k8s versions.
 2021-06-21 17:31:13 -05:00
Ole Markus With 3c7b92e56c Run scenarios as presubmit tests 2021-06-21 11:36:05 +02:00
Ole Markus With 79a2c111f2 Remove redundant permissions 2021-06-21 08:59:54 +02:00
Ole Markus With 14fb35d0d0 Bump EBS Driver to 1.1.0 2021-06-21 08:56:11 +02:00
Ole Markus With b3f274e140 Apply permissions to master role when irsa is not used 2021-06-21 08:56:11 +02:00
Kubernetes Prow Robot f1b718db68
Merge pull request #11821 from olemarkus/skip-ebs-csi-flakes 
skip flaking ebs csi flakes
 2021-06-20 16:36:51 -07:00
Ciprian Hacman 65d21ee463 Pre-pull container images from list of desired prefixes 2021-06-20 23:01:52 +02:00
Ciprian Hacman e347841aa3 Add integration test for Warm Pool images 2021-06-20 23:01:52 +02:00
Kubernetes Prow Robot e4eff07c81
Merge pull request #11809 from johngmyers/rotate-5 
Include multiple cluster CAs in trust stores
 2021-06-20 13:20:51 -07:00