kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,934 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

2640 Commits

Author SHA1 Message Date
Justin SB 0351590512 IAM: Refactor vfs-access logic so we can see the required readable paths 
This will enable us to apply similar restricted permissions on GCE and
other clouds.
 2020-06-11 00:41:57 -04:00
Kubernetes Prow Robot 98d1f7b05b
Merge pull request #9313 from johngmyers/refactor-scheduler-cert 
Issue kube-scheduler and kube-controller-manager certs in nodeup
 2020-06-10 21:00:57 -07:00
Kubernetes Prow Robot 1076eec7c6
Merge pull request #9324 from bertinatto/selinux 
Allow docker options to be specified by create cluster overrides
 2020-06-10 12:56:19 -07:00
Fabio Bertinatto 0d5a565920 Allow docker options to be specified by create cluster overrides 
This will allow our end-to-end testing to enable SELinux.
 2020-06-10 15:55:58 +02:00
John Gardiner Myers d8970b93e1 Issue kube-controller-manager cert in nodeup 2020-06-09 22:45:19 -07:00
Kubernetes Prow Robot cc45d02dbe
Merge pull request #9317 from hakman/docker-19.03.11-k8s-1.17 
Use Docker 19.03.11 for Kubernetes 1.17+
 2020-06-09 22:10:05 -07:00
John Gardiner Myers b0694300df Issue kube-scheduler cert in nodeup 2020-06-09 20:23:33 -07:00
Kubernetes Prow Robot 10bb3cf334
Merge pull request #9217 from johngmyers/refactor-validation 
Refactor and improve API validation
 2020-06-09 20:04:07 -07:00
Peter Rifel d923354d4f
Address review comments 2020-06-09 17:07:44 -05:00
Peter Rifel 95b6a3f837
Address feedback 2020-06-09 10:58:24 -05:00
Ciprian Hacman dc79e31a2c Use Docker 19.03.11 for Kubernetes 1.17+ 2020-06-09 18:16:06 +03:00
Peter Rifel 807cbcb1a0
fix new validation unit test 2020-06-09 10:13:01 -05:00
Peter Rifel bc074e857c
Use ec2.DescribeInstanceTypes in awsup.GetMachineTypeInfo 
This requires passing a cloud object in additional places throughout the validation package and originating mostly from cmd/kops

This means that some kops commands now require valid cloud provider credentials, but I don't think this is an issue because the vast majority of use-cases already require the same cloud provider credentials in order to interact with the state store.
 2020-06-09 10:13:01 -05:00
Peter Rifel cebb708fdb
Move MixedInstancesPolicy validation to aws.go 2020-06-09 10:13:01 -05:00
ZouYu 2fc52ec6be fix some go-lint warning 
Signed-off-by: ZouYu <zouy.fnst@cn.fujitsu.com>
 2020-06-09 08:52:50 +08:00
Kubernetes Prow Robot 7650a988ce
Merge pull request #9284 from johngmyers/remove-export-password 
Don't export basic auth credentials if basic auth is disabled
 2020-06-08 08:39:47 -07:00
Ciprian Hacman 87ad779c76 Disable disk based evictions for Kubernetes 1.19 2020-06-08 11:13:23 +03:00
Ciprian Hacman f34a13a8f0 Disable disk based evictions for Kubernetes 1.19 2020-06-08 11:11:44 +03:00
John Gardiner Myers 49ea71dec9 Don't export basic auth credentials if basic auth is disabled 2020-06-05 21:12:37 -07:00
John Gardiner Myers 898f9fa198 Refactor and improve API validation 2020-06-05 11:43:42 -07:00
John Gardiner Myers 9466893436 Refactor api validation code out of legacy.go 2020-06-05 11:43:09 -07:00
John Gardiner Myers d27c733332 Refactor api validation code out of legacy.go 2020-06-05 11:42:50 -07:00
John Gardiner Myers 1d7027895f Refactor and improve API validation 2020-06-05 11:12:34 -07:00
John Gardiner Myers 8b26165030 Refactor api validation code out of legacy.go 2020-06-05 11:08:08 -07:00
Kubernetes Prow Robot d18e97140e
Merge pull request #9130 from johngmyers/pki-refactor 
Refactor cert issuance code
 2020-06-05 01:43:43 -07:00
Kubernetes Prow Robot 7b8a9a5802
Merge pull request #9274 from justinsb/make_sure_permissions_on_all_s3_buckets 
Ensure we have IAM bucket permissions to other S3 buckets
 2020-06-04 22:13:44 -07:00
Kubernetes Prow Robot 9e4bf1699a
Merge pull request #9216 from hakman/prepare-multi-arch 
Prepare Kops for multi-architecture support
 2020-06-04 21:35:43 -07:00
Justin SB e472ed7271 gce: log bucket-policy-only message at a level that always appears 
It's a pretty important message when permissions aren't set correctly;
let's re-enable it and then figure out more accurate conditions for
if it matters.
 2020-06-04 23:08:20 -04:00
Justin SB 1e559618f5 Ensure we have IAM bucket permissions to other S3 buckets 
If we are expected to write to other buckets, we need to have suitable
permissions to e.g. determine their location.
 2020-06-04 22:37:17 -04:00
Kubernetes Prow Robot 6d6db96aef
Merge pull request #9265 from olemarkus/validate-rootvolumetype 
Validate IG RootVolumeType
 2020-06-04 17:47:44 -07:00
Kubernetes Prow Robot c05457e16a
Merge pull request #9221 from spotinst/feat-draining-timeout 
Spotinst: Allow a user specifiable node draining timeout
 2020-06-04 16:59:44 -07:00
John Gardiner Myers 2b81bad20e Remove reference to Jessie 2020-06-04 12:13:54 -07:00
John Gardiner Myers e88e0cf7ec Remove code supporting dropped k8s versions 2020-06-04 12:11:51 -07:00
John Gardiner Myers 7f050ee44a Address review comment 2020-06-04 10:34:48 -07:00
John Gardiner Myers 7ed41a6d5a Improve comments 2020-06-04 10:26:45 -07:00
John Gardiner Myers d64e760d5b Use pki.IssueCert() for nodeup client certs 2020-06-04 10:26:45 -07:00
John Gardiner Myers 08cdee1de2 Add test for pki.IssueCert() 2020-06-04 10:26:42 -07:00
John Gardiner Myers c142483cfa Move cert issuance code to pki module 2020-06-04 10:26:42 -07:00
John Gardiner Myers a96f7963a6 Pull cert issuance code up into fitasks.Keypair 2020-06-04 10:26:41 -07:00
Kubernetes Prow Robot 5762f659c1
Merge pull request #9137 from olemarkus/cni-package 
Move networking in nodeup to dedicated subpackage
 2020-06-04 10:19:15 -07:00
Ole Markus With b62f6aa894 Move networking in nodeup to dedicated subpackage 2020-06-04 17:32:41 +02:00
Ole Markus With 9732179d40 Tag all cilium keys with omitempty 2020-06-04 15:46:32 +02:00
Kubernetes Prow Robot c6dcaa8199
Merge pull request #9154 from MoShitrit/issue-9031 
Add support for encryption in Cilium
 2020-06-04 03:11:15 -07:00
Kubernetes Prow Robot c8674f23a0
Merge pull request #9253 from olemarkus/cilium-ipv4 
Don't make it possible to toggle ipv4/6. We only support ipv4 anyway
 2020-06-03 14:02:43 -07:00
Kubernetes Prow Robot 4fe5ad03f8
Merge pull request #9255 from olemarkus/romana-remove 
Remove romana support
 2020-06-03 13:24:59 -07:00
Ole Markus With 4b6b200377 Only validate root volume types if on aws 2020-06-03 22:03:44 +02:00
Ole Markus With e271ffa561 Validate ig rootvolumetype 2020-06-03 19:37:51 +02:00
Ole Markus With 1a9de4511e Remove unecessary optionTaken validation 2020-06-03 17:06:23 +02:00
Ciprian Hacman 3eda07aec0 Update tests output 2020-06-03 17:25:53 +03:00
Ciprian Hacman d049862cff Make architecture related decisions to nodeup 2020-06-03 17:24:01 +03:00