kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,395 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1194 Commits

Author SHA1 Message Date
Ole Markus With aad2912710 Add sets for the remaining addons 2021-07-01 10:37:57 +02:00
Ole Markus With df5b58b1b3 Add sets for the typical default role perms 2021-07-01 10:28:01 +02:00
Ole Markus With 37271998e1 Use sets for aws lbc permissions 2021-07-01 10:19:40 +02:00
Ole Markus With c7bd1c1529 Add s3 policies to integration tests 2021-07-01 09:26:58 +02:00
Ole Markus With 9885714957 Use NewPolicy for the non-master roles 2021-07-01 09:19:35 +02:00
Ole Markus With 19833e6b73 Use sets for ebscsidriver permissions 2021-07-01 09:02:04 +02:00
Ole Markus With 73850bb390 Build kops for the lb controller presubmit 2021-07-01 08:27:01 +02:00
John Gardiner Myers 0f1de5cfc8 hack/update-expected.sh 2021-06-30 18:55:35 -07:00
Kubernetes Prow Robot 52afacd05c
Merge pull request #9621 from johngmyers/tf-managed 
Render managed files with Terraform
 2021-06-29 19:27:03 -07:00
srikiz 8e68cca9eb Increase droplet size 2021-06-29 11:07:38 +05:30
John Gardiner Myers e90f2cc834 hack/update-expected.sh 2021-06-28 13:48:35 -07:00
Kubernetes Prow Robot ee048e89e7
Merge pull request #11872 from johngmyers/refactor-serviceaccount 
Refactor nodeup APIServer builder, part one
 2021-06-28 10:42:01 -07:00
Peter Rifel 6f00d07192
Kubetest2 - set --node-os-arch flag instead of skipping kubectl test on arm64 2021-06-27 23:16:56 -04:00
Kubernetes Prow Robot 917c965c8f
Merge pull request #11873 from hakman/avoid_spurious_changes 
Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring
 2021-06-27 19:59:24 -07:00
John Gardiner Myers 7dfe9d82ab hack/update-expected.sh 2021-06-27 08:45:06 -07:00
John Gardiner Myers fdf034058d hack/update-expected.sh 2021-06-27 08:45:05 -07:00
Kubernetes Prow Robot 22c11c10f1
Merge pull request #11848 from johngmyers/cilium-etcd-client 
Refactor etcd-client-cilium secrets
 2021-06-27 04:01:24 -07:00
Ciprian Hacman 348eed772a Avoid spurious changes for ASG InstanceProtection and LT InstanceMonitoring 2021-06-27 10:08:13 +03:00
Ciprian Hacman 7bc629b683 Use DualStack API NLB for IPv6 2021-06-26 19:16:46 +03:00
John Gardiner Myers 91fff31697 Control plane nodes need the etcd-clients-ca-cilium keypair 2021-06-26 00:04:52 -07:00
John Gardiner Myers 2ef765bbcb hack/update-expected.sh 2021-06-26 00:01:34 -07:00
John Gardiner Myers 89209df150 hack/update-expected.sh 2021-06-25 22:25:50 -07:00
Ciprian Hacman d7f405f65a Decrease default values for net.ipv4.tcp_rmem and net.ipv4.tcp_wmem 2021-06-25 21:27:56 +03:00
Moshe Shitrit 47ef8e32cc update-expected 2021-06-25 13:02:40 +03:00
Kubernetes Prow Robot 89ad2bc453
Merge pull request #11810 from hakman/ipv6_disable_calico_awssrcdstcheck 
Enable cross-subnet mode with Calico by default
 2021-06-25 01:08:45 -07:00
Ciprian Hacman a12b3145ee Enable cross-subnet mode with Calico by default 2021-06-25 07:13:20 +03:00
Ole Markus With a66fe95f58 Update helm to v3.6.1 2021-06-24 21:40:06 +02:00
John Gardiner Myers dcf973a898 Improve image copying 2021-06-23 23:51:09 -07:00
Kubernetes Prow Robot 1123b552df
Merge pull request #11851 from rifelpet/kubetest2 
Escape --skip-regex pattern
 2021-06-23 06:40:10 -07:00
Peter Rifel 397d52d508
Escape --skip-regex pattern 2021-06-23 07:42:21 -05:00
Kubernetes Prow Robot 9b0489bcb2
Merge pull request #11842 from rifelpet/kubetest2 
Only set default --skip-regex if it hasn't been set
 2021-06-22 08:51:58 -07:00
Kubernetes Prow Robot d5119c0338
Merge pull request #11833 from johngmyers/update-on-primary-change 
Mark nodes NeedsUpdate when keys they use change
 2021-06-22 08:11:58 -07:00
Kubernetes Prow Robot 4e1e199993
Merge pull request #11840 from olemarkus/fix-ebs-csi-regex 
Fix skip regex for ebs csi test
 2021-06-22 07:07:58 -07:00
Peter Rifel 3897799f6a
Only set default --skip-regex if it hasn't been set 2021-06-22 08:50:24 -05:00
Peter Rifel 5f13d2d945
Kubetest2 - Add --skip-regex logic 
This will move the logic from build_jobs.py into kubetest2 itself.
This way we can rely on this logic from scenario scripts and other places that arent directly set by build_jobs.py.
 2021-06-22 08:23:44 -05:00
Ole Markus With 7e74c02a5d Fix skip regex 2021-06-22 15:04:46 +02:00
Ole Markus With f49e0f856f Don't copy kops if binary path is not set 2021-06-22 13:09:02 +02:00
Ole Markus With 56aa339f2c Avoid using subshells that swallow env vars 2021-06-22 13:09:02 +02:00
John Gardiner Myers 7dea5af9be hack/update-expected.sh 2021-06-21 19:37:24 -07:00
John Gardiner Myers 48c42fe37f hack/update-expected.sh 2021-06-21 16:10:07 -07:00
John Gardiner Myers d5cea85f7c Use stable keyset IDs 2021-06-21 16:10:06 -07:00
Peter Rifel c6bdce3b98
Ignore failing tests in upgrade scenario 
These are being skipped in certain k8s versions. Until we can dynamically determine which tests to skip based on k8s version (like build_jobs.py generates) we can just skip these two tests for all k8s versions.
 2021-06-21 17:31:13 -05:00
Ole Markus With 3c7b92e56c Run scenarios as presubmit tests 2021-06-21 11:36:05 +02:00
Ole Markus With 79a2c111f2 Remove redundant permissions 2021-06-21 08:59:54 +02:00
Ole Markus With 14fb35d0d0 Bump EBS Driver to 1.1.0 2021-06-21 08:56:11 +02:00
Ole Markus With b3f274e140 Apply permissions to master role when irsa is not used 2021-06-21 08:56:11 +02:00
Kubernetes Prow Robot f1b718db68
Merge pull request #11821 from olemarkus/skip-ebs-csi-flakes 
skip flaking ebs csi flakes
 2021-06-20 16:36:51 -07:00
Ciprian Hacman 65d21ee463 Pre-pull container images from list of desired prefixes 2021-06-20 23:01:52 +02:00
Ciprian Hacman e347841aa3 Add integration test for Warm Pool images 2021-06-20 23:01:52 +02:00
Kubernetes Prow Robot e4eff07c81
Merge pull request #11809 from johngmyers/rotate-5 
Include multiple cluster CAs in trust stores
 2021-06-20 13:20:51 -07:00
Ole Markus With c52241e1e0 skip flaking ebs csi flakes 2021-06-20 21:41:45 +02:00
Ole Markus With 778323eec9 Add missing lbc permission 2021-06-19 20:03:40 +02:00
John Gardiner Myers 0700ef64a0 hack/update-expected.sh 2021-06-19 10:56:24 -07:00
John Gardiner Myers 07474c6d30 Fix CA keys for all integration tests 2021-06-19 10:50:53 -07:00
Ole Markus With cc24bbb3c1 Remove some bashism 2021-06-19 13:46:42 +02:00
Ole Markus With b37bc7578e Reduce master policy size for lb controller 2021-06-19 10:12:22 +02:00
Ole Markus With 507402e315 Fail early if policy size is too large 
This will then also be caught by integration tests
 2021-06-19 10:04:11 +02:00
Kubernetes Prow Robot 23ab07e7b8
Merge pull request #11788 from cardoe/fix-swift 
bump the version of gophercloud
 2021-06-18 22:42:50 -07:00
Kubernetes Prow Robot 135cdf3461
Merge pull request #11789 from johngmyers/seed-rng 
Seed the random number generator on AWS
 2021-06-18 08:48:06 -07:00
Ole Markus With 33a7de60a7 Enable IRSA for EBS CSI Driver 2021-06-18 08:05:59 +02:00
John Gardiner Myers b1e77af664 hack/update-expected.sh 2021-06-17 23:03:52 -07:00
Doug Goldstein 80da992275
bump the version of gophercloud 
Since the v1.19.0 release of kOps the OpenStack integration has been
broken because gophercloud made a change to start escaping all path
names for files stored in swift. kOps used a file with a slash in it
which was getting escaped and then not handled correctly. This has been
fixed in upstream gophercloud with gophercloud/gophercloud#2160 which
was included in gophercloud v0.18.0. Bump is for issue #9933.
 2021-06-16 11:50:13 -05:00
Ole Markus With 6e8e027aff Enable IRSA for Cluster Autoscaler 2021-06-16 18:03:11 +02:00
Ciprian Hacman 8c5484945d Update github.com/spf13/viper to v1.8.0 2021-06-16 08:12:42 +02:00
Kubernetes Prow Robot fd0fc2febc
Merge pull request #11758 from olemarkus/e2e-irsa 
Make it easy to run scenarios with irsa enabled
 2021-06-15 16:51:45 -07:00
Kubernetes Prow Robot 847040de53
Merge pull request #11750 from olemarkus/containerd-per-ig 
Set containerd config on nodeup.Config instead of clusterspec
 2021-06-15 15:13:43 -07:00
Ole Markus With e7fa3fa82c Set containerd config on nodeup.Config instead of clusterspec 
This allows us to set a default containerd config per IG (e.g add a different config for GPU IGs)

Can also be considered a cleanup as we no longer use containerd.overrideConfig as a mechanism for bringing the default containerd config from cloudup to nodeup.
 2021-06-15 11:08:22 +02:00
Kubernetes Prow Robot 4cd3b58e37
Merge pull request #11763 from johngmyers/ipv6-access 
Make the AdminAccess default inclusive of IPv6
 2021-06-14 23:30:01 -07:00
John Gardiner Myers 9d531edb85 hack/update-expected.sh 2021-06-14 21:51:40 -07:00
John Gardiner Myers cab389f2f5 Rename --override to --set 2021-06-14 14:01:18 -07:00
Ole Markus With bc5c97ea95 Make it easy to run scenarios with irsa enabled 2021-06-14 09:09:09 +02:00
John Gardiner Myers 74a44c2270 Don't restrict nodeup download to IPv4 2021-06-13 21:46:58 -07:00
Ciprian Hacman 2a11fa7dde Add --ipv6 experimental cli flag 2021-06-13 21:48:46 +02:00
Ciprian Hacman fcfba36b14 Pre-add integration test for creating an IPv6 cluster 2021-06-13 13:09:40 +02:00
Kubernetes Prow Robot cfc93e5178
Merge pull request #9294 from johngmyers/refactor-nodeup-context 
Remove InstanceGroup from NodeupModelContext
 2021-06-12 13:43:01 -07:00
Kubernetes Prow Robot 562200bb5c
Merge pull request #11739 from olemarkus/e2e-channels-scenario 
Add test scenario for if channels is able to delete dangling resources
 2021-06-11 17:18:59 -07:00
Ole Markus With bd8815eefd Add test scenario for if channels is able to delete dangling resources 2021-06-11 15:02:47 +02:00
Kubernetes Prow Robot f5176c57ae
Merge pull request #11738 from olemarkus/remove-k8s-upgrade-script 
Remove k8s-upgrade script as upgrade-ab is now used instead
 2021-06-11 00:58:59 -07:00
Ole Markus With f255993ef2 Remove k8s-upgrade script as upgrade-ab is now used instead 2021-06-11 08:46:02 +02:00
Kubernetes Prow Robot 92af7b88f4
Merge pull request #11523 from hakman/ipv6_cidr_subnet 
Calculate IPv6 subnet CIDR based on cluster CIDR
 2021-06-10 21:40:13 -07:00
Ole Markus With d3416aac60 Add support for setting latest k8s in ab scenario 2021-06-10 14:45:42 +02:00
Matthew Wong b6266ce5f0 Run hack/update-expected.sh 2021-06-09 13:53:07 -07:00
Ciprian Hacman 13104ec6ea Calculate IPv6 subnet CIDR based on cluster CIDR 2021-06-09 09:57:53 +03:00
Ole Markus With 6582235312 Make AWS EBS CSI Driver default as of k8s 1.22 2021-06-08 22:29:16 +02:00
Kubernetes Prow Robot 424ed25f25
Merge pull request #11716 from hakman/awsebscsi_driver 
Generate AWSEBSCSIDriver model only when using AWS
 2021-06-07 23:05:12 -07:00
Ciprian Hacman 47bb825061 Generate AWSEBSCSIDriver model only when using AWS 2021-06-08 08:20:21 +03:00
Ciprian Hacman e4dd36714f Update controller-runtime to v0.9.0 2021-06-08 03:18:45 +03:00
Ciprian Hacman 1177f66d1e Update k8s dependencies to v1.21.1 2021-06-08 03:17:42 +03:00
Kubernetes Prow Robot 8c2d84e6e0
Merge pull request #11697 from olemarkus/cilium-connectivity-test 
add e2e scenario script for testing cilium connectivity
 2021-06-06 04:48:38 -07:00
Ole Markus With f8cc8ba59b
Update tests/e2e/scenarios/cilium-connectivity-test/run-test.sh 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-06-06 11:12:01 +02:00
Kubernetes Prow Robot 83cd195aa2
Merge pull request #11329 from olemarkus/ig-max-hop-limit 
Set IMDSv2 on by default for nodes and apiservers
 2021-06-05 01:14:38 -07:00
Ole Markus With b3a60d3bc2 Set IMDSv2 on by default for nodes 
Bastion, nodes, and api servers get limit of 1
API servers tend to run pods requiring metadata access. The hop limit
depends on CNI, but all should work with a limit of 3.
 2021-06-05 08:17:12 +02:00
Ole Markus With 1ced3defc9 add e2e scenario script for testing cilium connectivity 2021-06-05 08:14:30 +02:00
John Gardiner Myers 1db6e318a1 hack/update-expected.sh 2021-06-03 21:30:06 -07:00
John Gardiner Myers 91d81e5a1a hack/update-expected.sh 2021-06-03 21:26:51 -07:00
John Gardiner Myers 4bf9150ab6 hack/update-expected.sh 2021-06-03 21:20:43 -07:00
John Gardiner Myers 1d44ee3116 hack/update-expected.sh 2021-06-03 20:41:05 -07:00
Kubernetes Prow Robot bc49d9958d
Merge pull request #11679 from olemarkus/e2e-ab-export-kubeconfig 
Use release markers instead of releases
 2021-06-03 06:09:38 -07:00
Kubernetes Prow Robot 0c61bcaca4
Merge pull request #11674 from hakman/docker-20.10.7 
Add support for Docker v20.10.7
 2021-06-03 05:15:38 -07:00
Ole Markus With ae8d8be192
Update tests/e2e/scenarios/upgrade-ab/run-test.sh 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-06-03 13:34:07 +02:00
Ole Markus With 9e5c298706 Use release markers instead of releases 2021-06-03 13:26:36 +02:00
Ciprian Hacman 62f54d1401 Run hack/update-expected.sh 2021-06-03 11:16:08 +03:00
Ole Markus With cf8f99137f Explicitly set kubeconfig flag where we want to use it 2021-06-03 10:12:06 +02:00
Peter Rifel ecbbe005b3
Fix kubetest2 upgrade scripts 2021-06-02 21:16:26 -05:00
Ole Markus With 150efaf006 Move common stuff in e2e scenarios to common.sh 2021-06-02 15:33:44 +02:00
Peter Rifel 6aec6005ee
Use upstream LBC repo now that the required PR has been merged 
Signed-off-by: Peter Rifel <pgrifel@gmail.com>
 2021-06-01 22:17:17 -05:00
Peter Rifel 894c26bf67
ebs-csi scenario - move --kops-binary-path into common kubetest2 args 2021-06-01 22:11:14 -05:00
Peter Rifel b8193a73d4
silence kops wget output in upgrade scenario 2021-06-01 22:10:38 -05:00
Peter Rifel c09517b6dd
set -x in all scenario scripts 2021-06-01 22:10:17 -05:00
Kubernetes Prow Robot 04db0c9507
Merge pull request #11648 from olemarkus/e2e-merge-ab 
Use version marker for kops ab scenario
 2021-06-01 11:59:51 -07:00
Kubernetes Prow Robot 3c4b6068b9
Merge pull request #11649 from h3poteto/fix-jwks-location 
Fix jwks object path in S3 for IRSA
 2021-06-01 08:26:27 -07:00
AkiraFukushima 361b02fa44
Fix integration test for oidc because the object path is changed 2021-06-01 23:35:21 +09:00
Ole Markus With 1fb58b9087 Use version marker for kops ab scenario 2021-05-31 18:07:54 +02:00
John Gardiner Myers 0a48b9050f Protokube needs dns-controller IAM permissions 2021-05-31 06:58:59 -07:00
Ciprian Hacman 80ee477727 Update Go to v1.16.4 2021-05-29 11:31:22 +03:00
Ole Markus With 120773a464 Remove debug code and copy kops to PATH 2021-05-29 08:10:12 +02:00
Ole Markus With 9bba5773cb
Update tests/e2e/scenarios/kops-upgrade/run-test.sh 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-05-28 16:21:53 +02:00
Ole Markus With 80d706b0c4 Dump all CP node logs to artifacts 2021-05-27 22:10:25 +02:00
Kubernetes Prow Robot 1f869ce21c
Merge pull request #11612 from olemarkus/e2e-marker 
Use version marker for kops upgrade scenario
 2021-05-27 04:00:23 -07:00
Ole Markus With 1be2d1605c Use version marker for kops upgrade scenario 2021-05-27 11:54:09 +02:00
Ciprian Hacman 3b80de3bcc Convert all indents to spaces in node bootstrap script 2021-05-27 11:21:52 +03:00
Kubernetes Prow Robot 46e1616467
Merge pull request #11605 from olemarkus/enable-aws-csi-by-default 
Enable AWS EBS CSI driver by default
 2021-05-26 21:34:23 -07:00
Ole Markus With 04b15e404e Enable AWS EBS CSI driver by default 2021-05-26 08:47:14 +02:00
Ole Markus With e0651f1b74 Use the downloaded kops version for awslbc test 2021-05-24 20:36:51 +02:00
Ole Markus With 5c50d1502c Use latest CI build instead of building in the test 2021-05-24 09:27:14 +02:00
Ole Markus With 0c59576a72 Enable cert-manager in the ebs csi e2e test 2021-05-23 07:24:20 +02:00
Ole Markus With 46e13c0009 Bump snapshot-controller version 
Update upup/models/cloudup/resources/addons/storage-aws.addons.k8s.io/v1.15.0.yaml.template

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>

Update upup/models/cloudup/resources/addons/storage-aws.addons.k8s.io/v1.15.0.yaml.template

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-05-21 15:40:40 +02:00
Kubernetes Prow Robot 72a5618b05
Merge pull request #11330 from codablock/etcd-events 
Make events etcd cluster optional
 2021-05-21 06:30:46 -07:00
Ole Markus With c541139eee Run the tests requiring snapshotcontroller again 2021-05-21 08:11:32 +02:00
Alexander Block 5306e27646 Run ./hack/update-expected.sh 2021-05-20 08:11:35 +02:00
Peter Rifel c9f810d57e
Support terraform 0.12+'s filebase64() in json output 
Originally the JSON output was meant as a bridge between the 0.11 and 0.12 support.
Now that we've dropped support for 0.11, we can use filebase64() instead of encoding the userdata in the file ourselves.
 2021-05-19 17:42:50 -05:00
Ciprian Hacman c0e71d802d Run hack/update-expected.sh 2021-05-19 20:31:13 +03:00
Kubernetes Prow Robot ab86bdf7cb
Merge pull request #11524 from johngmyers/nodeup-prebake 
Don't download nodeup if already in the AMI
 2021-05-19 09:24:52 -07:00
John Gardiner Myers 65711d05c0 hack/update-expected.sh 2021-05-19 08:02:10 -07:00
Ole Markus With f9658d5301 Skip feature tests for ebs csi e2e 2021-05-19 14:05:25 +02:00
John Gardiner Myers fbd7663606 hack/update-expected.sh 2021-05-18 21:49:39 -07:00
Kubernetes Prow Robot fe7d6e5516
Merge pull request #11442 from hakman/ipv6 
Add initial support for configuring IPv6 with AWS
 2021-05-18 21:02:50 -07:00
Ciprian Hacman 57feaa65c3 Run hack/update-expected.sh 2021-05-19 06:21:07 +03:00
Ciprian Hacman cedbe1f360 Add initial support for configuring IPv6 with AWS 2021-05-19 06:21:07 +03:00
srikiz 2c581a7449 Increase droplet size 2021-05-18 23:06:09 +05:30
Ole Markus With cbecb27c82 Split genkgo in two 
With the way the two e2e suites are implemented, the last suite will overwrite the junit report of the former suites. So we need to split this in order to capture the output from both suites
 2021-05-18 18:16:30 +02:00
Ciprian Hacman c08d0e2bdf Pre-add AWS IPv6 integration test 2021-05-18 08:56:16 +03:00
Kubernetes Prow Robot 3b9c8cb5ad
Merge pull request #11508 from rifelpet/upgrade-scenario 
Cleanup some of the scenario scripts
 2021-05-17 17:57:30 -07:00
Peter Rifel 1104046adc
Cleanup some of the scenario scripts 
This makes them a bit more consistent.
 2021-05-17 19:14:28 -05:00
Ole Markus With 3ce7c108c1 AWS LB controller requires multiple subnets to work 2021-05-17 19:35:06 +02:00
Ole Markus With d80165ff68 Fix override flags on aws lb controller scenario 2021-05-17 11:58:17 +02:00
Ole Markus With 7df35fa06a Add e2e test for aws-lb-controller 2021-05-16 18:26:23 +02:00
Ole Markus With d3581ebb84 bump aws lb controller to 2.2.0 2021-05-16 18:26:23 +02:00
Kubernetes Prow Robot f7e6786d86
Merge pull request #11486 from hakman/canonical_downloads_location 
Set canonical location for downloads to artifacts.k8s.io
 2021-05-13 16:42:04 -07:00
Ciprian Hacman a39d829f1f Set canonical location for downloads to artifacts.k8s.io 
And remove the legacy location for downloads.
 2021-05-14 00:41:56 +03:00
Ole Markus With f3421fccd9 Set the test cluster-tag 2021-05-13 20:21:58 +02:00
Peter Rifel de292c8ad0
Kubetest2 - Increase validation time for DO jobs 2021-05-13 08:37:41 -05:00
Ole Markus With c04bd5fa99 Use ginkgo to run the tests so we can run things in parallel 2021-05-13 13:29:09 +02:00
Kubernetes Prow Robot 7b0487066e
Merge pull request #11472 from olemarkus/csi-test-known-zone 
Discover what zone the cluster is in for the aws-ebs-csi driver tests
 2021-05-13 01:04:27 -07:00
Ole Markus With eb0d999ee7
Update tests/e2e/scenarios/aws-ebs-csi/run-test.sh 
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-05-13 08:20:17 +02:00
Peter Rifel 640fd531c6
Add gossip integration test 2021-05-12 17:21:01 -05:00
Ole Markus With 0f3d70f433 Discover what zone the cluster is in 2021-05-12 21:41:08 +02:00
Ole Markus With 0f4a53fe4a Add test scenario for aws ebs csi driver 2021-05-10 20:48:27 +02:00
Kubernetes Prow Robot 0e1a65bd5a
Merge pull request #11428 from hakman/container-runtime_default 
Create new clusters without forcing a container runtime
 2021-05-09 13:16:48 -07:00
Kubernetes Prow Robot fb86a54dfd
Merge pull request #11432 from justinsb/fix_upgrade_ab_2 
e2e upgrade-ab: a few more fixes and notes on how to run locally
 2021-05-09 12:32:55 -07:00
Ciprian Hacman 54961e4ae5 Create new clusters without forcing a container runtime 
Decide which container runtime to use later in model, based on Kubernetes version and other settings.
 2021-05-09 21:43:58 +03:00
Justin SB 63a27b7b96 e2e upgrade-ab: a few more fixes and notes on how to run locally 
While trying to reproduce #11370.
 2021-05-09 13:48:37 -04:00
Justin SB 2f5e653069 e2e: only get ExternalIPRange if we need it 
ExternalIPRange doesn't currently support IPv6 machines, so only call
it if we need to.  This allows local testing even with IPv6 enabled
machines.
 2021-05-09 13:47:33 -04:00
Kubernetes Prow Robot 56bbc0d6ac
Merge pull request #10963 from srikiz/DO-Add-e2e-job 
[Digital Ocean] Add an e2e job for DO
 2021-05-08 06:30:47 -07:00
srikiz 7e366ff678 use create-args for specifying additional argments for kops create cluster command 
Add create-args parameter only once with spaces separating multiple arguments

Add kops state store

Another fix to check if environment variable are used correctly

Add state store for digital ocean

Add env variables for do related job

check if env is empty

tmp check 1

Revert changes

Use a smaller droplet size

Update make file

Add SSH key for DO

Add private key path

update ssh user

Another fix

try with v1.18

use 1.20

Rebase with master

Fix merge issues

Add DO droplet dump support

I'm hoping this allows our e2e tests to dump system logs into the job artifacts for easier troubleshooting

Use root ssh user

use 2 nodes to reduce cost

another minor fix

Skip services test

Increase master size

Skip flaky tests

Remove pod status test that belongs to v1.20

Add do test file and revert changes to make file

Update make file

Include DigitalOcean in the supported provider flags

incorporate review comments

Update tests/e2e/pkg/tester/tester.go

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>

Fix formatting

Add higher resource master and nodes for running e2e tests

Revert back to use lower size masters
 2021-05-08 12:54:18 +05:30
John Gardiner Myers 36f93d0069 hack/update-expected.sh 2021-05-07 23:40:03 -07:00
John Gardiner Myers d3469d6ec2 Remove code for no-longer-supported k8s versions 2021-05-07 23:40:03 -07:00
Kubernetes Prow Robot 001c5ca796
Merge pull request #11409 from justinsb/fix_upgrade_ab 
e2e upgrade-ab: fix a few errors
 2021-05-07 21:21:18 -07:00
Kubernetes Prow Robot 2e4bb2f98a
Merge pull request #11407 from johngmyers/release-1.22-alpha-1 
Release 1.22.0-alpha.1
 2021-05-07 20:39:18 -07:00
Justin SB a736a170b6 e2e upgrade-ab: fix a few errors 2021-05-07 21:11:25 -04:00
John Gardiner Myers 81956f622c Prepare for kOps 1.22 2021-05-07 13:44:58 -07:00
Justin SB c8f8938cae Create upgrade_ab e2e scenario for complex upgrades 
The intent is that we'll be able to perform arbitrary
upgrades/downgrades; creating a new scenario to avoid breaking
existing tests.

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2021-05-07 11:15:38 -04:00
Peter Rifel d46732164e
Add another update cluster dryrun to upgrade tests 
This way we can confirm that no changes are reported after update cluster --yes
 2021-05-07 08:08:02 -04:00
Kubernetes Prow Robot f0307cdcc9
Merge pull request #11393 from olemarkus/fix-lb-controller-nlb-permissions 
Add elasticloadbalancing:ModifyTargetGroupAttributes to aws lb controller
 2021-05-07 03:57:03 -07:00
John Gardiner Myers 8823f30ad7 Recognize the ServiceAccountIssuerDiscovery featue gate 2021-05-06 08:57:37 -07:00
Ole Markus With cd9ddd6716 Add elasticloadbalancing:ModifyTargetGroupAttributes to aws lb controller 2021-05-06 15:27:39 +02:00
John Gardiner Myers d21cb0f306 Use consistent ServiceAccountJWKSURI default for PublicJWKS 2021-05-06 00:15:15 -07:00
John Gardiner Myers a79da8ee86 Don't use PublicJWKS in TestAWSLBController 2021-05-06 00:11:23 -07:00
Peter Rifel fe9bcc4a0b
kubetest2 - remove unnecessary flags from upgrade scripts 
The test arg logic is now handled internally within kubetest2-tester-kops so we don't need these flags
 2021-05-05 20:42:45 -05:00
Peter Rifel 9c94ff23cf
Kubetest2 - fix wget flag in kops download 2021-05-05 08:42:54 -05:00
Peter Rifel 4d1794cd04
Kubetest2 - Fix GNU mktemp syntax 
apparently it is significantly different from BSD.
 2021-05-05 07:14:49 -05:00
Peter Rifel 1f9de34c03
Add a new kops upgrade test 2021-05-04 18:31:35 -05:00
Peter Rifel c9aefe6e16
Move existing upgrade test and fix shellcheck errors 
Also updating the k8s versions used in the upgrade and testing
 2021-05-04 18:31:35 -05:00
Peter Rifel b0b625d46f
Rename upgrade scenario to k8s-upgrade 2021-05-04 18:31:35 -05:00
John Gardiner Myers 5c4f1c4f6c Adjust sorting of resources in hcl2 2021-05-02 19:39:23 -07:00
Kubernetes Prow Robot b054fb37b7
Merge pull request #11016 from olemarkus/irsa-custom 
user-configurable IAM roles for ServiceAccounts
 2021-05-02 11:16:01 -07:00
Ciprian Hacman 689b76d0ff Mark control-plane node for update when etcd manager config changes 2021-05-02 08:50:42 +03:00
Ciprian Hacman 62c47d23d4 Add integration test for etcd 2021-05-02 08:48:46 +03:00
Ole Markus With 6f8b3647cf Add support for IRSA in he api 
Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-05-01 16:03:42 +02:00
Ciprian Hacman d64cfba365 Mark control-plane node for update when etcd volume size changes 
etcd-manager expands the data volume on restart to the max available.
 2021-05-01 12:06:22 +03:00
Ole Markus With 5ca7c9b5d7 Use VFS as service account issuer if configured 
Also add an integration test that uses VFS
 2021-04-30 21:02:30 +02:00
Ole Markus With 460586833b Add toggle for AWS OIDC provider. Free it from any feature flag 2021-04-30 19:19:06 +02:00
Ole Markus With 25b5f0cfb2 Move publicDataStore to serviceAccountIssuerDiscovery.discoveryStore 2021-04-30 19:19:06 +02:00
Jesse Haka 960a52d6b2 Update deps 2021-04-30 11:39:01 +03:00
srikiz d2f6175898 Add an e2e job for DO 2021-04-30 09:50:14 +05:30
Peter Rifel 6afaaa3161
Fix kubetest2 panic inheriting env vars 
Fixes `panic: runtime error: slice bounds out of range [:-1]` found here: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-grid-scenario-aws-cloud-controller-manager/1387534126441041920

Also fixes a logging statement to include the cluster name (empty cluster name is seen in those same logs)
 2021-04-28 21:47:17 -05:00
Peter Rifel 7cb31fb500
Fix upgrade scenario kubetest2 install 2021-04-28 17:20:04 -05:00
Kubernetes Prow Robot 021f0e5f55
Merge pull request #11338 from rifelpet/kubetest2 
Update kubetest2 dependency and fix install method for upgrade scenario
 2021-04-28 00:40:49 -07:00
Kubernetes Prow Robot f79d6b43d5
Merge pull request #11342 from hakman/controller-runtime-0.9.0-beta.0 
Update controller-runtime to v0.9.0-beta.0
 2021-04-27 23:12:50 -07:00
Ciprian Hacman 39fe0175aa Update controller-runtime to v0.9.0-beta.0 2021-04-28 07:49:24 +03:00
Peter Rifel 0f9a04e0c7
Update kubetest2 dependency and fix install method for upgrade scenario 2021-04-27 17:58:48 -05:00
Ole Markus With 849ff56c96 Fix SQS resource flapping 
* one case of AWS returning different JSON than we passed
* AWS returning a field we do not (and can not) build an expected value of
 2021-04-27 20:47:24 +02:00
Peter Rifel 038baef420
Set --gce-project flag too 2021-04-27 10:12:34 -05:00
Peter Rifel e3f5409375
fix go.sum 2021-04-27 10:12:34 -05:00
Peter Rifel 3eab38f968
If using boskos, always create a new GCS bucket 
Previously we were setting KOPS_STATE_STORE before knowing its value, resulting in an empty string
 2021-04-27 10:12:34 -05:00
Peter Rifel 7f09dcab06
Add more cloud provider flags to e2e.test 2021-04-27 10:12:33 -05:00
Peter Rifel d36f65e0fb
Copy the kops binary from --kops-binary-path into RunDir for tester's PATH 2021-04-27 10:12:33 -05:00
Peter Rifel 8d326656a1
Always download kops into the test's RunDir so that it is in the tester's PATH 2021-04-27 10:12:32 -05:00
Justin SB b21df766fc
kubetest2: Infer the provider and zones from the kops cluster 
This means we don't need to pass these flags explicitly.
 2021-04-27 10:12:31 -05:00
Kenji Kaneda 71f52363f8 Add a lifecycle test for GCE 
- Move MockGCECloud to cloudmock/gce.
- Change Compute() and CloudDNS() of GCECloud to return interfaces
  for mocking
 2021-04-26 13:05:27 -07:00
Ciprian Hacman 55e154a526 Update Ubuntu images to latest version 2021-04-25 09:24:20 +03:00
Kubernetes Prow Robot b0664176bc
Merge pull request #11259 from olemarkus/warm-life-cycle-hook 
Make nodeup able to complete the warming life cycle hook
 2021-04-24 02:05:15 -07:00
Ole Markus With 1ec0bd18e8 Enable support for the ASG WarmPool lifecycle hook 
Update pkg/model/iam/iam_builder.go

Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
 2021-04-24 09:40:52 +02:00
Kenji Kaneda f37330f53d Add GCE Router task 
This commit picks up the change from the previous attempt
(https://github.com/kubernetes/kops/pull/6828).

- Add Router to GCE tasks
- Add the HasExternalIP field to InstanceTemplate
- Create a RouterTask and set HasExternalIP to false when
  a private topology is specified.

https://github.com/kubernetes/kops/issues/6827
 2021-04-23 23:03:38 -07:00
Jason Haugen 36722afb0f change casing Asg->ASG 2021-04-22 13:07:01 -05:00
Jason Haugen 7e48dad4d2 add ManagedAsgTag, merge templates, improve docs 2021-04-19 16:51:08 -05:00
Jason Haugen cceb9dd296 lifecycle integ test, docs, & small cleanup 2021-04-19 15:43:06 -05:00
Jason Haugen 211c77f224 rebase & update tf output 2021-04-19 15:43:05 -05:00
Jason Haugen f91a71d901 update cloudformation test output 2021-04-19 15:43:05 -05:00
Jason Haugen fb3f317e42 fix cloudformation verify 2021-04-19 15:43:05 -05:00
Jason Haugen 318a116ba6 fix staticcheck 2021-04-19 15:43:05 -05:00
Jason Haugen 10df4a9a14 integ tests 2021-04-19 15:43:05 -05:00
Ciprian Hacman 6759431152 Run tests in all regions with increased limits 2021-04-18 17:16:44 +03:00
Peter Rifel 949b72d633
Kubetest2 - Use PULL_NUMBER in cluster name for presubmits 
This should force the same e2e job in one PR's presubmits to use the same cluster name on every job invocation.

Mimics the kubetest1 logic here: f7e21a3c18/scenarios/kubernetes_e2e.py (L242-L251)
 2021-04-17 13:06:44 -05:00
Peter Rifel e53af99ed1
Kubetest2 - Cleanup leaked resources from previous clusters 
If --up is specified then we always delete any previous cluster with the same name since it would conflict otherwise and ensures leaked resources are cleaned up.

We don't do this if --terraform is specified because Down() will run `terraform destroy` but each kubetest2 invocation uses a random temp directory for its terraform state, so it wouldn't know of any resources to destroy
 2021-04-17 11:49:29 -05:00
Ciprian Hacman d33508d51f Update kOps recommended versions and images 2021-04-17 08:52:50 +03:00
Ciprian Hacman 2ff317a8b7 Run tests only on accounts with increased limits 2021-04-15 18:29:01 +03:00
xiaorunkun df908fbed8 Correct typos 2021-04-15 10:31:02 +03:00
Kubernetes Prow Robot c771b7622e
Merge pull request #11216 from olemarkus/warm-nodeup 
Don't start kubelet if instance is entering the warm pool
 2021-04-15 00:07:49 -07:00
Ciprian Hacman 27e102bd04 Add support for Docker v20.10.6 2021-04-15 07:01:36 +03:00
Ole Markus With af92896dc7 Don't start kubelet if we are warming 2021-04-14 11:05:50 +02:00
Peter Rifel ecf03b1c27
Kubetest2 - Ensure the bucket path is the final gsutil arg 
should fix this error: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1381650445893636096#1:build-log.txt%3A122
 2021-04-12 09:58:23 -07:00
Peter Rifel 1597eac516
Kubetest2 - detect errors creating GCS bucket 
The job seems to be failing to check if the bucket exists or not. This should cause the job to fail sooner and hopefully log more info about why it failed.
See https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/e2e-kops-gce-kubetest2/1381529768943423488#1:build-log.txt%3A121
 2021-04-12 05:33:24 -07:00
Kubernetes Prow Robot 034bd351dd
Merge pull request #11195 from bmelbourne/update-docker-20.10.5 
Update Docker to v20.10.5
 2021-04-11 14:03:59 -07:00
Peter Rifel d74651f39b
Update default stage location (and as a result, kops_base_url) 
This matches the kubetest1 behavior: 675a42cb78/scenarios/kubernetes_e2e.py (L259-L267)
 2021-04-11 11:34:02 -07:00
Barry Melbourne 1a60629d38 Update Docker to v20.10.5 2021-04-11 19:26:46 +01:00
Peter Rifel 6f063c1c63
Kubetest2 - Set KOPS_BASE_URL to --build's stage location 
Previously we would upload the custom kops build to the stage location but the kops commands would not have their KOPS_BASE_URL overridden.
This ensures that all kops commands have KOPS_BASE_URL correctly set.
 2021-04-11 11:03:09 -07:00
Barry Melbourne 6575b6113d Update integration tests to k8s v1.21.0 2021-04-11 17:07:17 +01:00
Peter Rifel ef5205cde7
Kubetest2 - Create project-specific state store buckets in GCP 
Since we use boskos to get a random GCP project, we need to create a bucket per project so that permissions will be setup properly.
This matches the existing kubetest1 behavior.
 2021-04-10 16:29:14 -07:00
Peter Rifel ba4c6fadcb
Kubetest2 - Add flag to expose cluster validation wait time 
The flatcar jobs are failing because the OS performs package updates and a reboot after initial launch, even with the latest AMI.
This causes the cluster to timeout on its validation.

Exposing a flag will allow us to conditionally extend the validation for the flatcar tests
 2021-04-05 19:40:41 -10:00
Ole Markus With dbd23473ef Add irsa support for awslbcontroller 
This commit also introduces support for adding token projection volumes for well-known SAs.
Slightly less complicated than explicitly parsing the objects for a manifest
 2021-04-04 21:24:07 +02:00
Kubernetes Prow Robot f733db7e33
Merge pull request #11175 from olemarkus/aws-lb-controller-test 
Add integration test for aws lb controller
 2021-04-04 11:30:12 -07:00
Ole Markus With 1e3674e896 Add integration test for aws lb controller 2021-04-04 19:46:09 +02:00
Peter Rifel b740123c1d
kubetest2 - Pass GOPATH when building kops 2021-04-01 21:20:17 -10:00
Peter Rifel 80ceb4200d
Update test outputs 2021-03-26 11:24:11 -07:00
Peter Rifel 088f342f28
Disable ap-northeast-3 zones for now 2021-03-24 21:19:21 -05:00
Peter Rifel ac27e2edcd
kubetest2 - Specify GCE network name 
Kops defaults to a network named "default" and has issues with network modes.
Apparently there is a "default" network within the projects that boskos issues,
causing `kops create cluster` to fail some cloudup validation.

By specifying a cluster-specific network, kops will create this new network with the non-deprecated settings.
 2021-03-24 21:16:54 -05:00
Peter Rifel 462cfffb02
Kubetest2 - fix temp directory created for GCE SSH keys 
Also update all ioutil references to their go 1.16 replacements
 2021-03-24 06:17:56 -05:00
Peter Rifel b2f2c61e69
Kubetest2 - Setup SSH keys for GCE 
Originally I had thought we were relying on ssh keys mounted from a secret,
it turns out kubetest 1 generated the keys indirectly through gcloud.

This runs the same command as kubetest 1, creating and uploading the SSH keys.
 2021-03-23 19:06:15 -05:00
Barry Melbourne 05123faf5a Update containerd to v1.3.10/v1.4.4 2021-03-23 17:02:01 +00:00