kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,067 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

222 Commits

Author SHA1 Message Date
Gene Kuo 37beb4b73d Add Support for OVN Load Balancer 
OVN load balancer in OpenStack only supports SOURCE_IP_PORT as load
balancer method. This commits add support for OVN Octavia provider by

- Use SOURCE_IP_PORT as load balancer method when LB provider is OVN
- Disable allowed CIDR when LB provider is OVN
 2022-05-23 23:49:00 +09:00
Ole Markus With ba544eacce Add control-plane taint as kubetest2 non-blocking taint and fix OS tests 2022-04-18 13:56:13 +02:00
Ole Markus With ce2e877aeb Remove bazel files from vendor 2022-04-12 13:29:03 +02:00
John Gardiner Myers aff5f587f3 Move Openstack settings to cloudProvider.openstack 2022-04-07 10:04:19 -07:00
Kubernetes Prow Robot c9ad543dea
Merge pull request #13096 from zetaab/poolmonitor 
OpenStack - Add loadbalancer pool monitor to API LB
 2022-01-21 04:49:58 -08:00
Jesse Haka 0beb036d83 expose external ccm metrics for OpenStack 2022-01-20 15:22:30 +02:00
Kubernetes Prow Robot 85732b4c4d
Merge pull request #13030 from johngmyers/v6-topology 
Use IPv6-only subnets for worker nodes in private IPv6 topology
 2022-01-18 10:58:40 -08:00
Jesse Haka 6b32f79c18 OpenStack - Add loadbalancer pool monitor to API LB 2022-01-18 12:10:47 +02:00
Jesse Haka fbb8b1ff08 make gazelle 2022-01-12 15:13:08 +02:00
Jesse Haka acdca486e7 fix ipv4+ipv6 sec groups/listeners in OpenStack 2022-01-12 15:11:51 +02:00
John Gardiner Myers 5385381633 Use IPv6-only subnets for worker nodes in private IPv6 topology 2022-01-06 21:00:00 -08:00
Jesse Haka b88d110f58 Drain OpenStack loadbalancers 2021-12-31 13:16:02 +02:00
justinsb 994ac19b42 Use fi.Keyset instead of passing tasks around 
Using a task leads to layering complexity.  We could introduce a new
type, but fi.Keyset is the type we seem to want.

(We could move Keyset out of fi, but we don't need to yet)

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-12-20 23:24:32 -05:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers daca9fb2b8 Reissue client keypairs on issuer change 2021-11-27 15:24:36 -08:00
Michael Wagner e1f3c5dbf8 chore(openstack): make sure our port tags are short 
OpenStack limits the tag length to 60 characters.
 2021-08-09 08:49:12 +02:00
Michael Wagner 99330549e4 feat(openstack): enrich ports with more metadata 
The overall goal is to get rid of the specific port names and replace
them with hashed ones. This in turn allows us to introduce rolling
updates for Openstack in a later stage.
 2021-08-09 08:49:12 +02:00
Peter Rifel ce821a614f
In-line openstack loadbalancer feature detection 
This was our only reliance on cloud-provider-openstack which depends on k8s.io/kubernetes.

With the logic in-lined, kops no longer has any indirect dependencies of k/k
 2021-08-06 08:19:53 -04:00
Kubernetes Prow Robot 3a293781a6
Merge pull request #11784 from ederst/add-os-config-drive 
Launch Openstack instances with config drive
 2021-08-04 00:49:24 -07:00
John Gardiner Myers 1f705615c7 hack/update-expected.sh 2021-07-18 13:37:20 -07:00
John Gardiner Myers e9fc12b4f3 Fix certificate bootstrap for non-kops-controller-bootstrap cloud providers 2021-07-18 13:37:19 -07:00
John Gardiner Myers cdf26302b2 hack/update-expected.sh 2021-07-08 18:46:03 -07:00
John Gardiner Myers c35d101a89 Refactor keysets for etcd-manager 2021-07-08 18:46:03 -07:00
John Gardiner Myers 5834fc2690 hack/update-expected.sh 2021-07-03 17:33:13 -07:00
John Gardiner Myers 5c5969d102 hack/update-expected.sh 2021-07-01 22:25:51 -07:00
John Gardiner Myers 1e0c6cb1aa Refactor apiserver-aggregator-ca 2021-07-01 22:25:47 -07:00
John Gardiner Myers 3de05a500e Refactor etcd-clients-ca keyset for api-server 2021-06-30 18:55:30 -07:00
John Gardiner Myers 7dfe9d82ab hack/update-expected.sh 2021-06-27 08:45:06 -07:00
John Gardiner Myers e1df9f09dd Refactor service-account public keys 2021-06-27 08:45:06 -07:00
John Gardiner Myers 2faf28379a Refactor etcd-client-cilium secrets 2021-06-25 23:57:23 -07:00
John Gardiner Myers 89209df150 hack/update-expected.sh 2021-06-25 22:25:50 -07:00
John Gardiner Myers 1752f0f4db Move most of nodeup.Config out of userdata 2021-06-25 22:25:49 -07:00
John Gardiner Myers a83bf7b20f Mark nodes NeedsUpdate when keys they use change 2021-06-21 19:37:23 -07:00
John Gardiner Myers 0458fa74e4 hack/update-expected.sh 2021-06-19 10:50:53 -07:00
ederst fd2c7e87e0 Adapt tests for Openstack config drive option 2021-06-16 13:52:26 +02:00
ederst bb59f762a1 Add config drive option for Openstack instances 
This enables to use config drives instead of the metadata service as a
source for the user data (cloudinit).
 2021-06-16 13:32:50 +02:00
John Gardiner Myers 9cba5e345d hack/update-expected.sh 2021-06-03 21:09:15 -07:00
John Gardiner Myers 2e1629c610 Introduce nodeup.AuxConfig 2021-06-03 20:37:22 -07:00
John Gardiner Myers fc4f0888ac hack/update-expected.sh 2021-06-02 23:02:17 -07:00
John Gardiner Myers 7c9e7e9286 Make Lifecycle field non-pointer 2021-06-02 23:02:16 -07:00
John Gardiner Myers 7d4a8f6fa7 hack/update-expected.sh 2021-05-31 10:39:34 -07:00
John Gardiner Myers c8abc19bb5 Set Lifecycle in ServerGroupModelBuilder 2021-05-31 10:39:33 -07:00
Michael Wagner e4a2a5b86c feat(openstack): enable configuration of servergroup affinities 
This enables us to change the ServerGroup affinity policies using
annotations on instance groups.

The default affinity policy still is "anti-affinity".
 2021-05-19 13:11:08 +02:00
Ole Markus With 32fce0d59c Exclude CP nodes from load balancers 2021-02-27 20:14:31 +01:00
Ole Markus With 783b6c0d6c Make protokube CP label setting consistent with kops-controller 2021-02-12 08:17:14 +01:00
Kubernetes Prow Robot 4507be8e13
Merge pull request #10469 from justinsb/boot_nodes_from_kops_controller 
Boot nodes without state store access
 2021-02-08 11:28:19 -08:00
Jesse Haka 034dad258c modify names 2021-02-05 09:57:54 +02:00
Jesse Haka 41d04d8d4b add user agent to openstack api requests 2021-02-04 23:04:06 +02:00
Otto Sulin 46a8a00adc Fix broken tests 2021-01-20 14:24:49 +02:00
Otto Sulin c66a079e3e Add network and router availability zone hints to OpenStack 
This pull request makes it possible to add availability zone hints to routers and networks if the hints are supported.
 2021-01-20 13:34:08 +02:00
Jesse Haka 1bc330b0bb nameprefix -> groupname 2021-01-13 11:54:07 +02:00
Jesse Haka 185ccba246 Use random instance names in OpenStack 2021-01-12 14:52:39 +02:00
Justin SB 2f5ba0fbac Update OpenStack expected test output for removal of Members 
It is now an internal field.
 2021-01-10 11:11:11 -05:00
Justin SB d5294b0b7c Update test data for richer bootstrap script 2021-01-09 13:29:18 -05:00
Justin SB 4ac9d5c17b Boot nodes without state store access 
kops-controller can now serve the instance group & cluster config to
nodes, as part of the bootstrap process.

This enables nodes to boot without access to the state
store (i.e. without S3 / GCS / etc permissions)

Feature-flagged behind the KopsControllerStateStore feature-flag.
 2021-01-09 13:08:48 -05:00
Ole Markus With 2b3a8f133e Add control-plane node role annotation to cp nodes 
Update docs/releases/1.20-NOTES.md

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-01-08 12:39:42 +01:00
Kubernetes Prow Robot 8d3e42cd36
Merge pull request #10475 from justinsb/refactor_mirrored_asset 
Refactor MirroredAsset into mirrors package
 2020-12-19 23:12:25 -08:00
Justin SB 1945a656a0 Remove deprecated ResourceHolder 
Cleaning up what is now dead code.
 2020-12-19 23:15:37 -05:00
Justin SB 7d9ff3ba96 Refactor MirroredAsset into mirrors package 
This means we can use MirroredAsset for nodeup without circular
dependencies.  Also removes a duplicate constant that was declared
twice.
 2020-12-19 18:39:09 -05:00
Justin SB 2d143e6340 Update tests for ResourceHolder -> Resource 2020-12-19 09:51:58 -05:00
Jack Andersen 281e6140d9 Compare KubernetesAPIAccess to OpenStack allowedCIDRs deterministically 2020-11-07 00:29:24 -05:00
Kubernetes Prow Robot fbb172c08c
Merge pull request #9575 from johngmyers/node-labels 
Take node labels from cloud tags on AWS
 2020-10-23 04:01:45 -07:00
Jesse Haka 33e2de60e5 do not create egress rules when using vipacl octavia 2020-10-16 14:11:22 +03:00
Ole Markus With 7c8ff94631 Make setupmockopenstack standalone 2020-10-01 19:15:39 +02:00
John Gardiner Myers 54c280eed5 update-expected.sh 2020-09-10 20:59:28 -07:00
Ole Markus With 54ccc92829 Remove unused functions 2020-09-05 20:22:21 +02:00
Ole Markus With 0bd29dd4c7 Remove old servergroup test 2020-09-05 20:22:21 +02:00
Ole Markus With 4a21a532da Add golden tests for openstack servergroup 2020-09-05 20:22:21 +02:00
Kubernetes Prow Robot e5e8908cce
Merge pull request #9821 from olemarkus/openstack-newer-nova-3 
Reconcile ports and floating ips
 2020-08-27 07:15:53 -07:00
Kubernetes Prow Robot 6a33402702
Merge pull request #9820 from olemarkus/managed-sgs 
Remove unknown rules from managed security groups on openstack
 2020-08-27 03:43:03 -07:00
Ole Markus With 8e4f3b1458 Tags are never used 2020-08-26 14:17:24 +02:00
Ole Markus With 5cb63fb788 Fail if we find multiple sgs with same name 2020-08-26 13:41:15 +02:00
Ole Markus With 14a6f92f53 Delete SG rules that kops don't explicitly add to managed SGs 2020-08-26 11:09:22 +02:00
Ole Markus With 6cc7153bbe Don't fatal on non-fatal things in servergroup tests 2020-08-26 10:52:34 +02:00
Ole Markus With d6615e523d Remove some duplicate code 2020-08-26 10:52:34 +02:00
Justin SB b158ffab04 Refactor: KopsModelContext embeds IAMModelContext 
go syntax makes this an annoying change, unfortunately.
 2020-08-25 11:22:34 -04:00
Michael Wagner df5cc6a71b feat(openstack): propagate cloud labels to machines 2020-08-19 09:05:51 +02:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
Ole Markus With fbcdeb2ed6 Respect Topology when assigning floating ips or not 2020-08-08 12:23:09 +02:00
Ole Markus With 84d2dcb624 Use SG to SG rule for cni tcp/udp rules 2020-08-07 09:39:44 +02:00
Ole Markus With c5ddd3885c Add support for cilium on openstack 2020-08-07 09:39:44 +02:00
Ole Markus With 6b81916a5d Fix potential npr 2020-08-04 08:22:00 +02:00
Ole Markus With 7e2366ac64 Determine fixedip for api cert directly in nodeup 2020-08-04 08:22:00 +02:00
Ole Markus With 460c0f3801 If there is no external network specified, no router is needed 2020-08-04 08:22:00 +02:00
Ole Markus With ecca2fda82 When using bastion and expecting no floating IPs, topology should be private 2020-07-12 22:08:30 +02:00
Ole Markus With fd7490e3e2 Only add floating IPs to nodes if we have a public topology for nodes 2020-07-12 21:08:13 +02:00
Ole Markus With b508696cf2 Make Instance task depend on floating ip 
Originally, floating ips depended on instances, but this causes a dependency cycle now that bootstrap scripts require all IPs for the API cert.
This also requires using networking API for creating floating ips instead of compute so that we can name (and later tag) the floating IPs, which is necessary to know which floating IP belongs to which instance prior to association
 2020-07-12 21:08:13 +02:00
Ole Markus With 4a16223361 Create master API security group unconditionally 
Needed somewhere anyway. Failing to create this one errors with missing task
 2020-07-12 21:08:13 +02:00
John Gardiner Myers f4f4763dc2 Refactor more certs to be issued by nodeup 2020-06-28 23:12:13 -07:00
Kubernetes Prow Robot f9262b91e7
Merge pull request #9450 from johngmyers/refactor-apiserver-lb 
Refactor how api-server addresses are exported from tasks
 2020-06-28 22:08:15 -07:00
John Gardiner Myers 86f157fa27 Refactor how api-server addresses are exported from tasks 2020-06-26 21:38:39 -07:00
John Gardiner Myers 013f9bf914 Create bootstrap script in a Task 2020-06-26 19:11:40 -07:00
John Gardiner Myers cef5b175c7 Rename BootstrapScript to BootstrapScriptBuilder 2020-06-26 10:57:36 -07:00
John Gardiner Myers 87446f8894 Make all users of userdata declare it as a dependency 2020-06-26 10:31:52 -07:00
John Gardiner Myers 304476cebf Refactor BootstrapScript 2020-06-18 22:17:39 -07:00
Ciprian Hacman 95aca3def5 ARM64 support - Update bazel files 2020-06-19 04:42:11 +03:00
Ciprian Hacman 602cb825e7 ARM64 support - Update bootstrap script for multi-arch 2020-06-19 04:42:11 +03:00
Ole Markus With 991549a5f4 Remove support for Romana 2020-06-03 08:23:53 +02:00
John Gardiner Myers ec4fe1e7e8 Don't put bastions in the utility subnets 2020-05-12 22:06:34 -07:00
Jesse Haka facd12dd32
Revert "feat(openstack): propagate cloud labels to machines" 2020-05-07 12:06:58 +03:00