kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,269 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

229 Commits

Author SHA1 Message Date
Brian Choy c99c0d62d3
Fix incorrect URLs in kops cluster documentation 2020-11-19 14:14:04 -08:00
Frank Yang 93dcaddc48 feat(aws): add PolicyNames for ELB to change listener's security policy 2020-11-19 16:07:21 +08:00
Joel Carter da6b5d1bc4 Expose flags for HorizontalPodAutoscaler 
Enable setting of the
`horizontal-pod-autoscaler-initial-readiness-delay` and
`horizontal-pod-autoscaler-cpu-initialization-period` flags
 2020-11-15 07:53:58 -06:00
axpraka 3033caa5e7 Update kops as kOps and remove extra spaces from .md files 
- Updated kops as kOps in .md files.
- Remove extra spaces from .md files
 2020-11-13 20:09:51 -05:00
Ciprian Hacman ee39733542 Update docs related to audit logging 2020-11-13 07:36:08 +02:00
Dirk Jablonski 83f1fa872e Fix cluster autoscaler docs 2020-11-12 10:57:10 +01:00
Christian Joun e91ed11449
Implement API load balancer class with NLB and ELB support on AWS (#9011) 
* refactor TargetLoadBalancer to use DNSTarget interface instead of LoadBalancer

* add LoadBalancerClass fields into api

* make api machinery

* WIP: Implemented API loadbalancer class, allowing NLB and ELB support on AWS for new clusters.

* perform vendoring related tasks and apply fixes identified from hack/

dissallow spotinst + nlb
remove reflection in status_discovery.go
Add precreated additional security groups to the Master nodes in case of NLB
Remove support for attaching individual instances to NLB; only rely on ASG attachments
Don't specify Classic loadbalancer in GCE integration test

* add utility function to the kops model context to make LoadBalancer comparisons simpler

* use DNSTarget interface when locating DNSName of API ELB

* wip: create target group task

* Consolidate TargetGroup tasks

* Use context helper for determining api load balancer type to avoid nil pointers

* Update NLB creation to use target group ARN from separate task rather than creating a TG in-line

* Address staticcheck and bazel failures

* Removing NLB Attachment tasks because they're not used since we switched to defining them as a part of the ASGs

* Address PR review feedback

* Only set LB Class field for AWS clusters, fix nil pointer

* Move target group attributes from NLB task to TG task, removing unused attributes

* Add terraform and cloudformation support for NLBs, listeners, and target groups

* Update integration test for NLB support

* Fix NLB name format to pass terraform validation

* Preserve security group rule names when switching ELB to NLB to reduce destructive terraform changes

* Use elbv2 enums and address some TODOs

* Set healthcheck values in target group

* Find TG tags, fix NLB name detection

* Fix more spurious changes reported by lifecycle integration test

* Fix spotinst validation, more code cleanup

* Address more PR feedback

* ReconcileTargetGroups unit test + more code simplification

* Addressing PR feedback Renaming task 1. awstasks.LoadBalancer -> awstasks.ClassicLoadBalancer

* Addressing PR feedback Renaming task: ELBName() -> CLBName() / LinkToELB() -> LinkToCLB()

* Addressing PR feedback: Various text changes

* fix export of kubecfg

* address TargetGroup should have the same name as the NLB

* should address error when fetching tags due to missing ARN

* Update expected and crds

* Add feature table to NLB docs

* Address more feedback and remove some TODOs that arent applicable anymore

* Update spotinst validation error message

Co-authored-by: Peter Rifel <pgrifel@gmail.com>
 2020-11-02 05:28:52 -08:00
Ciprian Hacman c9cc319423 Rename _kops_ to kOps in the docs 2020-10-29 19:40:56 +02:00
Ciprian Hacman 61708eae6b Rename kops to kOps in the docs 2020-10-29 19:40:53 +02:00
Ciprian Hacman 6a4d86baf9 Rename Kops to kOps in the docs 2020-10-29 19:39:50 +02:00
Javi Polo c2684bcf7b Add nodeLocalDNSCache.kubeDnsOnly option 2020-10-27 10:46:25 +01:00
dntosas 66f42d8a9b
Add support for KubeAPIServer --request-timeout flag 
In this commit, we initialize the support of --request-timeout flag on
the configuration of KubeAPIServer so as to enable users for setting
timeout duration value for all kinds of handlers.

Signed-off-by: dntosas <ntosas@gmail.com>
 2020-10-11 14:17:44 +03:00
nareshku dca69323b7 enable kubelet --housekeeping-interval flag 2020-10-07 08:00:41 -07:00
Chris Loukas 65610dbcee Update NodeLocalDNSConfig with Mem/CPU requests 
Add NodeLocalDNS.CPURequest and NodeLocalDNS.MemoryRequest to
configure resource requests.

If not explicitly set, fall back to 25m and 5Mi
 2020-09-09 18:40:14 +03:00
Ole Markus With 6cfd50a07a Deprecate the old cas addon 2020-09-09 12:13:32 +02:00
Ole Markus With a0e9fab104 Implement cluster autoscaler as bootstrap addon 
Use provider-agnostic node definition for cas instead of aws auto-discovery

Validate clusterAutoscalerSpec

Add spec documentation

Add cas docs

Make CRDs

Apply suggestions from code review

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>

Add enabled flag to cas config

Apply suggestions from code review

Co-authored-by: Guy Templeton <guyjtempleton@googlemail.com>

Add support for custom cas image

Support more k8s versions

Use full image names
 2020-09-03 09:52:13 +02:00
Peter Rifel d0b8c654bd
Add --internal flag for export kubecfg that targets the internal dns name 
Kops creates an "api.internal.$clustername" dns A record that points to the master IP(s)

This adds a flag that will use that name and force the CA cert to be included.
This is a workaround for client certificate authentication not working on API ELBs with ACM certificates.
The ELB has a TLS listener rather than TCP, so the client certificate is not passed through to the apiserver.
Using --internal will bypass the API ELB so that the client certificate will be passed directly to the apiserver.
This also requires that the masters' security groups allow 443 access from the client which this does not handle automatically.
 2020-08-26 21:15:18 -05:00
John Gardiner Myers 171791aae2 De-emphasize bootstrap tokens and document node authorization as deprecated 2020-08-20 21:11:23 -07:00
Ciprian Hacman f452ebf9da Document Docker iptables settings 
Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-17 08:09:38 +03:00
Ciprian Hacman dcef2ff689 Update example for Resources Reservation 2020-08-08 11:08:26 +03:00
Peter Rifel 485f95a88b
Add the new kops feature table to a handful of feature sections 2020-07-19 18:01:18 -05:00
John Gardiner Myers 004f7b578f Default ClusterDNS appropriately when NodeLocalDNS is enabled 2020-07-03 16:57:03 -07:00
Michal Schott 9002b385c3
Adding extra link to docs re cgroups. 2020-06-17 21:49:13 +02:00
Michal Schott 60faf9579c
Updating cluster_spec doc. 2020-06-17 14:14:43 +02:00
Ole Markus With edb414aa39 Add nodelocal dns cache to release notes and add kops version to docs 2020-06-12 15:50:02 +02:00
Peter Rifel 9f67420120
Cleanup syntax highlighting and misc markdown cleanup 2020-06-08 22:12:32 -05:00
Kubernetes Prow Robot 6830cf6d44
Merge pull request #9065 from johngmyers/remove-distro 
Remove support for CoreOS and Jessie
 2020-05-27 23:22:01 -07:00
Ciprian Hacman 3957c7ce33 Document etcd-manager backups retention settings 2020-05-27 19:04:12 +03:00
John Gardiner Myers 2d98e5609c Remove/fix more CoreOS references 2020-05-22 20:54:41 -07:00
Ryan Bonham 82def095ff
Minor doc fix. __address__ is not valid to use, will cuase etcd failing to start.. Should pass in 0.0.0.0 as address. 2020-05-22 12:55:13 -04:00
Michal Schott 367f8856e3
Update docs/cluster_spec.md 
Co-Authored-By: Ciprian Hacman <ciprianhacman@gmail.com>
 2020-04-25 14:33:02 +02:00
Michal Schott cd258f8d3f
Added protect-kernel-defaults flag. 2020-04-23 23:45:24 +02:00
Michal Schott f45c702643
Added profiling flag. 2020-04-23 23:29:59 +02:00
Ole Markus With bb9b842a7a
Apply suggestions from code review 
Co-Authored-By: Peter Rifel <rifelpet@users.noreply.github.com>
 2020-04-15 18:41:47 +02:00
Ole Markus With b3ed808ac6 More clear split between IG specs and operations docs 2020-04-12 09:02:11 +02:00
Ole Markus With bc7b45f41c Clean up the cluster spec documentation 2020-04-12 09:02:11 +02:00
Ole Markus With d5019a6c11 Simplify the spec and templates a bit 2020-04-10 10:48:21 +02:00
Salvatore Mazzarino f754cbda7d NodeLocal DNSCache 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2020-04-10 10:44:53 +02:00
Ciprian Hacman ad8e1ceff7 Remove basic authentication support for k8s 1.19+ 2020-04-05 17:47:26 +03:00
Michal Schott 92b1f4685d
cluster_spec doc update about etcd metrics exposure. 2020-03-16 13:22:23 +01:00
David Medinets 2d7afe681d
Changed "you cache" to "your cache" 
Fixed typo.
 2020-03-04 08:10:28 -05:00
Ciprian Hacman fc8c9e82bb Add release notes and docs for containerd 2020-02-21 11:00:55 +02:00
Jin Hase c637ad7104 Fix typos in cluster_spec.md 2020-02-05 21:13:02 +09:00
Peter Rifel 1df957e354 Update godoc.org references to use pkg.go.dev 2020-02-01 11:11:42 -06:00
Austin Moore 4a88f7b5a5
Add ability to specify no ssh key by setting sshKeyName to empty 
Add tests for no ssh key functionality

Add docs for setting no ssh key

Disable sshKey rendering for cloudformation if nosshkey is set

Fix broken test

make goimports

Fix

Formatting fix

Update kubernetes version for tests

Update expected test output

Fix imports in mesh.pb.go

Run hack/update-expected.sh

Change digital ocean logic to handle *string for SSHKeyName

Fix expected output

Missed a few
 2020-01-15 15:24:32 -05:00
Kubernetes Prow Robot afb4ecb883
Merge pull request #7730 from ripta/custom-sysctls 
Custom sysctl Parameters
 2020-01-03 07:35:41 -08:00
Ripta Pasay 4a32fbbc06 Add sysctl documentation to cluster and instance group specs 2019-12-05 00:47:40 -08:00
Kubernetes Prow Robot 482fce5d54
Merge pull request #7424 from mmerrill3/feature/dynamic-audit-config 
Implementing audit dynamic configuration (#7392)
 2019-11-26 01:01:10 -08:00
John Gardiner Myers c22dc15467 Change doc cross-references from absolute to relative links 2019-11-10 10:40:11 -08:00
Gabriel Tiossi 173085e567 Document eventTTL 
Add and example and explain that you should fill empty units of time
with zeros.
 2019-10-26 21:26:36 -03:00
mmerrill3 5cf94c8ddf Implementing audit dynamic configuration (#7392) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2019-10-24 10:21:27 -04:00
GuyTempleton e87b1fddbe
Allow for override of CoreDNS version 
Allow users to override the CoreDNS image version to take advantage of local image registries or differing versions of the image to allow quicker access to new/improved CoreDNS plugins.
 2019-10-15 21:07:12 +01:00
Jesse Haka 4ccad007ce mountcerts -> usehostcerts 2019-09-30 11:36:32 +03:00
Jesse Haka 352bc1eaa2 Allow to use custom rootCAs 2019-09-30 11:35:58 +03:00
Kubernetes Prow Robot 30c6f65300
Merge pull request #6957 from austinmoore-/skip-docker-install 
Skip Docker install
 2019-09-18 14:55:00 -07:00
Austin Moore e50b2dd2cc
Update readme with skipinstall instructions 2019-09-17 11:58:16 -04:00
mikesplain 6cbaed5aec Add horizontalPodAutoscalerDownscaleStabilization 2019-09-12 09:02:01 -04:00
GuyTempleton 2040856255
Correct example externalCoreFile casing 2019-08-03 16:43:35 +01:00
GuyTempleton 9f124e3aa1
Clarify docs around CoreDNS version changes 2019-08-03 16:41:34 +01:00
GuyTempleton a7d30267b5
[Feature] CoreDNS: Allow for Specification of external CoreFile 
Allow users to provide entirely custom CoreFile for CoreDNS to provide improved flexibility.
 2019-08-03 16:38:14 +01:00
Kashif Saadat 4514215656 Set and mount the correct volume plugin dir based on OS 2019-08-01 17:54:08 +01:00
Austin Moore 08957a0856
Add docs for API ELB cross-zone configuration 2019-07-26 12:21:43 -04:00
Austin Moore 3175ade73f
Add docs for skipInstall 2019-06-12 14:16:11 -04:00
Thomas Peitz 11c4e6fcc7
Add docs for cpuCFSQuota / cpuCFSQuotaPeriod 2019-05-27 13:08:46 +02:00
Peter Rifel 01ce8de068 Mention version of Kops that introduced new features 
I'm hoping this will cut down on the confusion when reading the master branch's docs and seeing features not included in the latest stable Kops release..

A stopgap until we can properly version our documentation.
 2019-05-14 22:20:57 -07:00
Will Thames ec3216126c Document kubeAPIServer featureGates 2019-04-05 11:11:13 +10:00
Charles 5db03f5f05 fix spelling typo 
apparently I can spell management correctly everywhere except here
 2019-03-29 08:49:17 -07:00
Charles 345e468926 Add cpu management policy config 
This adds the --cpu-manager-policy to the kubelet config
 2019-03-29 08:49:17 -07:00
Alex Williams 834a63973d
Use EnsureTask for internal api route53 record 2019-03-16 17:43:31 +00:00
pgdagenais 78a4021719 Add cluster signing duration flag 2019-02-24 16:35:27 +00:00
Eric Greer 31a4c40131 merge conflict resolution 2019-02-21 15:20:05 -08:00
Eric Greer 8362b1260e etcd memory requests can now be specified 2019-02-21 15:14:51 -08:00
Jeremy Mathevet 893742fb32
kube-apiserver: Add oidc-required-claim flag 2019-02-08 17:45:32 +00:00
Moustafa Baiou cd95ebc11c
add documentation for external egress management 2019-01-27 15:53:22 -05:00
Josh Branham c9371add5c Add comment for resetting autoscaling 2019-01-17 11:52:23 -05:00
Josh Branham 30e35a293e Refactor 2019-01-15 18:39:36 -05:00
Josh Branham f1e62c3cc7 Add note regarding upgrading to CoreDNS 2019-01-15 15:54:53 -05:00
Aaron Walker 37d1070e26
Included type in SSL certificate documentation 2019-01-02 16:16:19 -08:00
Rich Lees 15f0fb7187 Enable HPA tolerance configuration pass 1 2018-11-29 15:59:57 +00:00
k8s-ci-robot 67f1cc8aba
Merge pull request #5586 from fernandocarletti/feature/flags 
Add flag to disable Basic Auth.
 2018-11-18 18:01:05 -08:00
Vlad Ionescu b2b07cf045
Document etcd volume options 
This commit adds documentation around the options for the etcd volumes:
volumeType and volumeIops, in addition to the already existing documentation for
volumeSize

Fixes https://github.com/kubernetes/kops/issues/4557
 2018-11-02 16:01:30 +02:00
fernando.carletti 4b27e6c8ee
Add flag to disable Basic Auth. 2018-10-16 19:04:38 -05:00
Justin Santa Barbara 26ed46e0be
Merge pull request #5890 from captainkerk/add-target-ram-mb-option 
add targetRamMb to kubeAPIServer spec
 2018-10-09 00:45:36 -04:00
k8s-ci-robot 5c5ed1da6f
Merge pull request #5888 from posquit0/patch-3 
Fix mis-typings in docs
 2018-10-08 20:02:26 -07:00
captainkerk d132577e21 add targetRamMb to kubeAPIServer spec 2018-10-09 01:46:18 +00:00
Byungjin Park d7cab40f3d
Fix mis-typings in docs 2018-10-07 17:33:28 +09:00
captainkerk beb8aebe06 add support for max-mutating-requests-inflight parameter 2018-10-04 05:40:28 +00:00
k8s-ci-robot a300c2aa4c
Merge pull request #5106 from ExtraHop/hook-raw-manifest 
Add `useRawManifest` hook option to install `manifest` as a hook unmodified
 2018-09-21 09:23:00 -07:00
Fernando Carletti a8185a91fd
Added documentation for Api server LB Certificate 
This feature was added by the PR #5414 and it is available at release 1.10.0 but there's no related documentation yet available.
 2018-09-16 13:35:02 -05:00
sunlintong 2cba1ef69e specificied--specified 2018-09-03 10:42:03 +08:00
sunlintong 5cb854fee2 desiginated-->designated 2018-09-03 10:38:10 +08:00
Mike Splain efe5f8862f Add etcd volumeSize docs 2018-08-23 09:59:35 -04:00
Andrea Sosso 30f23e29f5
Fix cpu unit measurement 2018-08-09 16:03:24 +02:00
Rajat Sharma b97c1bcbb4
Spell Fix: Fixing spelling of "Kubernetes" in doc 2018-07-30 12:21:13 +05:30
k8s-ci-robot c342df1392
Merge pull request #5390 from kampka/add-container-proxy 
Add pull-through proxy cache for asset docker images
 2018-07-19 11:55:16 -07:00
k8s-ci-robot 56ccfac26d
Merge pull request #5317 from gambol99/node_registration 
Node Authorization Service
 2018-07-19 05:17:41 -07:00
Julien Senon 880f1c718b
Update Audit file example 
Update Audit file example
 2018-07-12 11:55:28 +02:00
Rohith 52fbbe13fc - adding documentation for bootstrap tokens and node authorizer 2018-07-06 20:15:18 +01:00
Christian Kampka f422e660eb Add documentation for containerRegisty and containerProxy spec 2018-07-06 14:56:05 +02:00
kimxogus 641b3d226d fix broken compute resource reservation docs for storage 2018-07-03 19:07:42 +09:00