kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,303 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

597 Commits

Author SHA1 Message Date
Ole Markus With 063e3f6c7b Use internal api url for jwks when required 
The public api url cannot be used by pods and nodes if access is restricted. So by default we need to use the internal one.
This should finally pass the OIDC e2e test

For public access, api server must be publically available and anonymous
auth must be enabled
 2021-03-05 06:52:51 +01:00
mmerrill3 1a3cb79d2d Removing duplicate local and output values in terraform(#10786) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2021-03-04 16:32:52 -05:00
Kubernetes Prow Robot fcefcb59cc
Merge pull request #10945 from olemarkus/exclude-cp-nodes-from-lbs 
Exclude CP nodes from load balancers
 2021-03-03 05:21:21 -08:00
Peter Rifel dacfa7728e
Use CPUCredits in integration test 2021-03-02 22:54:30 -06:00
Peter Rifel 2ebd448602
Add integration test for transit gateway support 2021-02-28 13:02:11 -06:00
Ole Markus With 32fce0d59c Exclude CP nodes from load balancers 2021-02-27 20:14:31 +01:00
Kubernetes Prow Robot a424958e83
Merge pull request #10872 from timothyclarke/feature/NLB-EIP 
Adding Elastic IP Allocations to NLB API
 2021-02-22 23:48:03 -08:00
Kubernetes Prow Robot 6123c85047
Merge pull request #10884 from hakman/fix-validate-instance-type-and-image 
Improve machine type and image validation
 2021-02-19 09:44:25 -08:00
Ciprian Hacman dee13cecca Improve machine type and image validation 2021-02-19 18:28:57 +02:00
Ole Markus With 9a13837629 Fix JWKS path for volume projection 2021-02-18 22:07:35 +01:00
Timothy Clarke 1577b0a54b
Adding Elastic IP Allocations to NLB API 2021-02-18 12:27:28 +00:00
MoShitrit 6f85895ac1 Update expected 2021-02-17 19:41:14 -05:00
Alexander Block 16f3de29fb Run ./hack/update-expected.sh 2021-02-16 18:46:00 +01:00
Ciprian Hacman 1c4da19881 Update integration test outputs with new mock version 2021-02-16 14:21:15 +02:00
Kubernetes Prow Robot cd10383fa0
Merge pull request #10741 from codablock/nlb-subnets 
Allow to control which subnets and IPs get used for the API loadbalancer
 2021-02-14 14:23:06 -08:00
Kubernetes Prow Robot 082bdc3878
Merge pull request #10780 from olemarkus/consistent-cp-labelling 
Make protokube CP label setting consistent with kops-controller
 2021-02-12 11:09:58 -08:00
Ole Markus With 783b6c0d6c Make protokube CP label setting consistent with kops-controller 2021-02-12 08:17:14 +01:00
Ciprian Hacman c0d02d7dc9 Update Docker to v19.03.15 2021-02-12 07:10:32 +02:00
Steven E. Harris d44612cc84 Capture outcome of "hack/update-expected.sh" run 2021-02-11 10:49:49 -05:00
Kubernetes Prow Robot 63baa5b579
Merge pull request #10752 from rifelpet/lifecycle-integration-test 
Add overrides testing in lifecycle integration tests
 2021-02-11 00:56:16 -08:00
Alexander Block 684ff3498e Add back "omitempty" to cloudformation SubnetMapping 2021-02-10 18:02:13 +01:00
Alexander Block 091a18a128 Add omitempty to Subnets and SubnetMappings for terraform and cloudformation 2021-02-10 10:29:48 +01:00
Peter Rifel 9f5e225424
Add integration test for one external CLB being attached to multiple ASGs 2021-02-07 10:47:55 -06:00
Peter Rifel dd1ebb8b77
Add overrides support in lifecycle integration tests 
This allows specific changes to be tested during an `update cluster --yes` and ensuring a subsequent `update cluster` dryrun correctly reports no changes.

To specify changes, create a cluster.overrides.txt or instancegroup.<name>.overrides.txt file in the update_cluster integration test's directory.
Each line is a field=value format, each batch of changes is separated by a `---` line.
Each batch will be ran through `update cluster --yes`
 2021-02-06 23:18:15 -06:00
Alexander Block 49e7ec8890 Use SubnetMappings for NLBs instead of Subnets 
SubnetMappings allow to explicitely set the private IPv4 address that
must be used for the NLB.

SubnetMappings and Subnets in the AWS API are compatible as long as the
address settings are not changes, making this commit backwards compatible.
 2021-02-05 17:53:20 +01:00
Ole Markus With 364b0ce9bf Fix additional tests 2021-02-04 18:22:40 +01:00
Ole Markus With dd035fa2bc Revert "Set IMDSv2 to "required" only for new clusters" 
This reverts commit 12cb288df1.
 2021-02-04 17:57:35 +01:00
Ole Markus With a4c36af9de Revert "Increse imdv2 hop limit on control plane nodes" 
This reverts commit 4e00e29fc3.
 2021-02-04 17:57:23 +01:00
Ole Markus With 4e00e29fc3 Increse imdv2 hop limit on control plane nodes 
Non-hostNetworking fails to talk to the instance metadata otherwise. Breaking e.g CSI controller
 2021-01-31 19:35:07 +01:00
Ciprian Hacman 46aa146b31 Add integration tests for older Kubernetes versions 2021-01-29 14:33:36 +02:00
Ciprian Hacman 12cb288df1 Set IMDSv2 to "required" only for new clusters 2021-01-29 14:07:52 +02:00
Ciprian Hacman f8d3b76556 Default IMDSv2 to "optional" for AWS 2021-01-29 14:02:14 +02:00
Kubernetes Prow Robot 3d39be7721
Merge pull request #10661 from hakman/etcd-manager-defaults 
Update AWS etcd-manager volumes defaults
 2021-01-28 22:01:41 -08:00
Ciprian Hacman bcc3c98cfb Bump Ubuntu images for AWS and GCE 2021-01-28 08:31:59 +02:00
Ciprian Hacman 5fcd4e4b28 Allow attaching same external load balancer to multiple instance groups 2021-01-27 16:25:39 +02:00
Ciprian Hacman 4c5d7ddabf Remove workaround for volume throughput when using Terraform 2021-01-27 06:33:15 +02:00
Ciprian Hacman ca408f7e8f Set default volume type to "gp3" for etcd-manager volumes in AWS 2021-01-27 06:23:27 +02:00
Ciprian Hacman fcea4f5b08 Set default volume encryption to "true" for etcd-manager volumes in AWS 2021-01-26 11:29:27 +02:00
Justin SB 1d76a15f69 Set the tcp_rmem sysctl in bootstrap script 
This ensures that we're using our settings for downloading nodeup
itself and any assets that nodeup downloads.  This is a workaround for
reported problems with the initial download on some kernels otherwise.

Issue #10206
 2021-01-24 21:50:45 -05:00
Ciprian Hacman d889d61ddb Set default IMDS v2 to "required" for instances in AWS 2021-01-21 11:35:41 +02:00
Ciprian Hacman c8a9b2fb3e Set default volume encryption to "true" for instances in AWS 2021-01-21 11:27:02 +02:00
Ciprian Hacman 18bb14ffed Set default volume type to "gp3" for instances in AWS 2021-01-21 11:27:02 +02:00
Ciprian Hacman 3799d135a3 Fix tests and spelling 2021-01-19 09:06:02 +02:00
Barry Melbourne 337c9c4c66 Set default container runtime to containerd 2021-01-16 14:55:35 +00:00
Ciprian Hacman b0cb0c77d4 Update integration tests for "update cluster" 2021-01-15 15:51:02 +02:00
Ciprian Hacman 19514f431c Update integration tests for "create cluster" 2021-01-15 15:40:33 +02:00
Ciprian Hacman 65ebf4760d Update integration test for gp3 with etcd volumes 2021-01-15 09:53:10 +02:00
Ciprian Hacman e20900a2de Add CF integration test for gp3 volumes 2021-01-15 09:53:10 +02:00
Ole Markus With afbd057286 Use consistent naming for the remaining SGRs 2021-01-14 12:57:33 +01:00
Kubernetes Prow Robot 09bf333433
Merge pull request #10567 from rifelpet/nlb-listener-order 
Fix NLB listener -> target group association for TF & CF
 2021-01-13 01:04:35 -08:00