kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,067 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

222 Commits

Author SHA1 Message Date
Jesse Haka 1bc330b0bb nameprefix -> groupname 2021-01-13 11:54:07 +02:00
Jesse Haka 185ccba246 Use random instance names in OpenStack 2021-01-12 14:52:39 +02:00
Justin SB 2f5ba0fbac Update OpenStack expected test output for removal of Members 
It is now an internal field.
 2021-01-10 11:11:11 -05:00
Justin SB d5294b0b7c Update test data for richer bootstrap script 2021-01-09 13:29:18 -05:00
Justin SB 4ac9d5c17b Boot nodes without state store access 
kops-controller can now serve the instance group & cluster config to
nodes, as part of the bootstrap process.

This enables nodes to boot without access to the state
store (i.e. without S3 / GCS / etc permissions)

Feature-flagged behind the KopsControllerStateStore feature-flag.
 2021-01-09 13:08:48 -05:00
Ole Markus With 2b3a8f133e Add control-plane node role annotation to cp nodes 
Update docs/releases/1.20-NOTES.md

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2021-01-08 12:39:42 +01:00
Kubernetes Prow Robot 8d3e42cd36
Merge pull request #10475 from justinsb/refactor_mirrored_asset 
Refactor MirroredAsset into mirrors package
 2020-12-19 23:12:25 -08:00
Justin SB 1945a656a0 Remove deprecated ResourceHolder 
Cleaning up what is now dead code.
 2020-12-19 23:15:37 -05:00
Justin SB 7d9ff3ba96 Refactor MirroredAsset into mirrors package 
This means we can use MirroredAsset for nodeup without circular
dependencies.  Also removes a duplicate constant that was declared
twice.
 2020-12-19 18:39:09 -05:00
Justin SB 2d143e6340 Update tests for ResourceHolder -> Resource 2020-12-19 09:51:58 -05:00
Jack Andersen 281e6140d9 Compare KubernetesAPIAccess to OpenStack allowedCIDRs deterministically 2020-11-07 00:29:24 -05:00
Kubernetes Prow Robot fbb172c08c
Merge pull request #9575 from johngmyers/node-labels 
Take node labels from cloud tags on AWS
 2020-10-23 04:01:45 -07:00
Jesse Haka 33e2de60e5 do not create egress rules when using vipacl octavia 2020-10-16 14:11:22 +03:00
Ole Markus With 7c8ff94631 Make setupmockopenstack standalone 2020-10-01 19:15:39 +02:00
John Gardiner Myers 54c280eed5 update-expected.sh 2020-09-10 20:59:28 -07:00
Ole Markus With 54ccc92829 Remove unused functions 2020-09-05 20:22:21 +02:00
Ole Markus With 0bd29dd4c7 Remove old servergroup test 2020-09-05 20:22:21 +02:00
Ole Markus With 4a21a532da Add golden tests for openstack servergroup 2020-09-05 20:22:21 +02:00
Kubernetes Prow Robot e5e8908cce
Merge pull request #9821 from olemarkus/openstack-newer-nova-3 
Reconcile ports and floating ips
 2020-08-27 07:15:53 -07:00
Kubernetes Prow Robot 6a33402702
Merge pull request #9820 from olemarkus/managed-sgs 
Remove unknown rules from managed security groups on openstack
 2020-08-27 03:43:03 -07:00
Ole Markus With 8e4f3b1458 Tags are never used 2020-08-26 14:17:24 +02:00
Ole Markus With 5cb63fb788 Fail if we find multiple sgs with same name 2020-08-26 13:41:15 +02:00
Ole Markus With 14a6f92f53 Delete SG rules that kops don't explicitly add to managed SGs 2020-08-26 11:09:22 +02:00
Ole Markus With 6cc7153bbe Don't fatal on non-fatal things in servergroup tests 2020-08-26 10:52:34 +02:00
Ole Markus With d6615e523d Remove some duplicate code 2020-08-26 10:52:34 +02:00
Justin SB b158ffab04 Refactor: KopsModelContext embeds IAMModelContext 
go syntax makes this an annoying change, unfortunately.
 2020-08-25 11:22:34 -04:00
Michael Wagner df5cc6a71b feat(openstack): propagate cloud labels to machines 2020-08-19 09:05:51 +02:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
Ole Markus With fbcdeb2ed6 Respect Topology when assigning floating ips or not 2020-08-08 12:23:09 +02:00
Ole Markus With 84d2dcb624 Use SG to SG rule for cni tcp/udp rules 2020-08-07 09:39:44 +02:00
Ole Markus With c5ddd3885c Add support for cilium on openstack 2020-08-07 09:39:44 +02:00
Ole Markus With 6b81916a5d Fix potential npr 2020-08-04 08:22:00 +02:00
Ole Markus With 7e2366ac64 Determine fixedip for api cert directly in nodeup 2020-08-04 08:22:00 +02:00
Ole Markus With 460c0f3801 If there is no external network specified, no router is needed 2020-08-04 08:22:00 +02:00
Ole Markus With ecca2fda82 When using bastion and expecting no floating IPs, topology should be private 2020-07-12 22:08:30 +02:00
Ole Markus With fd7490e3e2 Only add floating IPs to nodes if we have a public topology for nodes 2020-07-12 21:08:13 +02:00
Ole Markus With b508696cf2 Make Instance task depend on floating ip 
Originally, floating ips depended on instances, but this causes a dependency cycle now that bootstrap scripts require all IPs for the API cert.
This also requires using networking API for creating floating ips instead of compute so that we can name (and later tag) the floating IPs, which is necessary to know which floating IP belongs to which instance prior to association
 2020-07-12 21:08:13 +02:00
Ole Markus With 4a16223361 Create master API security group unconditionally 
Needed somewhere anyway. Failing to create this one errors with missing task
 2020-07-12 21:08:13 +02:00
John Gardiner Myers f4f4763dc2 Refactor more certs to be issued by nodeup 2020-06-28 23:12:13 -07:00
Kubernetes Prow Robot f9262b91e7
Merge pull request #9450 from johngmyers/refactor-apiserver-lb 
Refactor how api-server addresses are exported from tasks
 2020-06-28 22:08:15 -07:00
John Gardiner Myers 86f157fa27 Refactor how api-server addresses are exported from tasks 2020-06-26 21:38:39 -07:00
John Gardiner Myers 013f9bf914 Create bootstrap script in a Task 2020-06-26 19:11:40 -07:00
John Gardiner Myers cef5b175c7 Rename BootstrapScript to BootstrapScriptBuilder 2020-06-26 10:57:36 -07:00
John Gardiner Myers 87446f8894 Make all users of userdata declare it as a dependency 2020-06-26 10:31:52 -07:00
John Gardiner Myers 304476cebf Refactor BootstrapScript 2020-06-18 22:17:39 -07:00
Ciprian Hacman 95aca3def5 ARM64 support - Update bazel files 2020-06-19 04:42:11 +03:00
Ciprian Hacman 602cb825e7 ARM64 support - Update bootstrap script for multi-arch 2020-06-19 04:42:11 +03:00
Ole Markus With 991549a5f4 Remove support for Romana 2020-06-03 08:23:53 +02:00
John Gardiner Myers ec4fe1e7e8 Don't put bastions in the utility subnets 2020-05-12 22:06:34 -07:00
Jesse Haka facd12dd32
Revert "feat(openstack): propagate cloud labels to machines" 2020-05-07 12:06:58 +03:00
Michael Wagner fc5807d374 feat(openstack): propagate cloud labels to machines 2020-04-27 15:58:02 +02:00
Jesse Haka d694a6f66d add support for AllowedCIDRs 2020-03-17 17:33:11 +02:00
Peter Rifel a999b3ea61 fix OWNERS labels format 
These need to be lists
 2020-03-10 22:47:50 -05:00
tanjunchen 977f987d65 fix-pkg-staticcheck and remove the repeat code 2019-12-03 10:32:37 +08:00
Jesse Haka b77a58a896 add protocol4 as allowed to master 2019-10-28 11:57:51 +02:00
Jesse Haka a09a920e92 fix firewalls for openstack 2019-10-27 21:58:40 +02:00
Jesse Haka f65b0f3bda return fatal if no network found 2019-10-27 08:22:52 +02:00
Jesse Haka 5e3b94ae17 use existing network and subnet 2019-10-27 08:21:25 +02:00
Justin SB b6862103bb
Change default port for memberlist from 3997 
We had a port collision on 3997; change the default memberlist ports
to avoid the collision (we haven't shipped a release with this in it).

Also create a go file so that we can use constants to keep track of
our port numbers, rather than magic values.
 2019-10-14 07:26:27 -04:00
tanjunchen 8fe36dc72c fix-up some staticcheck error 2019-10-06 10:40:13 +08:00
Kubernetes Prow Robot f671873629
Merge pull request #7652 from OpenSource-THG/master 
Openstack block device mapping support
 2019-10-03 14:27:56 -07:00
Michael Wagner 044e05cbe7 chore(openstack): use InstanceGroup zones as AV 2019-09-27 09:45:34 +02:00
chentanjun 3d1966df84 fix-up some spelling mistakes in /pkg 2019-09-26 10:15:44 +08:00
Teodor Todorov 8d28efb50f
Merge branch 'master' into master 2019-09-25 10:07:50 +01:00
Michael Wagner 8e156c7eb1 chore(openstack): also propagate additional sgs to ports 2019-09-24 13:39:29 +02:00
Michael Wagner f6b6bc5e90 feat(openstack): propagate additional security groups 
This uses the specified additional security groups and adds them to the
instance port
 2019-09-24 13:39:29 +02:00
Teodor Todorov fac5969001
Allow OS instances to boot from volume 2019-09-23 18:04:25 +01:00
Michael Wagner d8eccfd45b feat(openstack): value public IP association from IG spec 2019-09-23 14:17:25 +02:00
Michael Wagner 9cdba4d391 tests(openstack): refine user data comparison 2019-09-23 14:09:07 +02:00
Kubernetes Prow Robot 5fa9425802
Merge pull request #7644 from zetaab/feature/floatingtype 
Use without external router (OpenStack)
 2019-09-21 06:45:24 -07:00
Jesse Haka 026e258105 fix tests 2019-09-21 12:36:27 +03:00
Jesse Haka c0759525fc Use without external router 2019-09-21 11:21:21 +03:00
Jesse Haka 25623d91f1 fix instance name 2019-09-20 21:45:28 +03:00
Kubernetes Prow Robot 3b9821d5c5
Merge pull request #7474 from nebril/cilium-standalone 
Change Cilium templates to standalone version
 2019-09-18 14:01:00 -07:00
Kubernetes Prow Robot 4b490d0b54
Merge pull request #7561 from zetaab/feature/cleansecgroup 
Clean security groups if api/ssh ips are removed from config
 2019-09-16 07:26:40 -07:00
Michael Wagner b2f3963cdb chore(provider/openstack): use ips from associated subnets 
This changes values the provided instance group subnet and uses the IPs
from that subnet.
 2019-09-13 12:21:10 +02:00
Michael Wagner cf8cfbe9ba chore(openstack): add tests to server group model builder 2019-09-13 12:21:04 +02:00
Maciej Kwiek 74e10dadec Change Cilium templates to standalone version 
This commit doesn't include any Cilium configuration, just takes the
quick install yaml from
https://github.com/cilium/cilium/blob/v1.6.0/install/kubernetes/quick-install.yaml

Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
 2019-09-12 17:23:50 +02:00
Jesse Haka 6278fec373 fix kubelet sg rules 2019-09-12 18:05:03 +03:00
Jesse Haka 9f2f3ccf25 clean security groups 2019-09-12 18:05:03 +03:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Jesse Haka 74bf559afa open ports for etcd-manager 2019-08-13 16:48:59 +03:00
Jesse Haka ad3a14f994 move getserver floatingip to common function 2019-06-25 10:00:07 +03:00
Jesse Haka 97301ebf30 add api sg group only to masters 2019-06-24 10:15:32 +03:00
Jesse Haka ddaa0dd502 Possibility to use openstack without lbaas 2019-06-24 08:56:34 +03:00
Derek Lemon (delemon) 2f25db8abc Simple generation check to see if instance groups may need updated 
Ignoring replace with no spec changes

Updating replace cancellation to only not set generation, instead of not performing the update

Bazel updates

Setting generation in common clientset code

Bazel updates
 2019-05-28 12:42:13 -06:00
Jesse Haka 3e9b768600 add kops instancegroup tag to metadata 2019-05-16 12:35:54 +03:00
Kubernetes Prow Robot f2bd5a5ef2
Merge pull request #6944 from zetaab/allow_node_exporter 
add node-exporter to allowed ports
 2019-05-14 10:35:19 -07:00
Derek Lemon (delemon) 59fb88775d Subnet Update Consistency 
Executing gofmt
 2019-05-13 08:06:28 -06:00
Jesse Haka 53834635ad add node-exporter to allowed ports 2019-05-13 13:13:28 +03:00
Justin SB 76d03b3f71
Generated files: glog -> klog 2019-05-06 12:56:03 -04:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Kashif Saadat 4b40a24695 Canal manifest updates for k8s v1.12+ 2019-04-24 17:37:28 +01:00
Sergiu Marsavela (smarsave) ac0b62680f Omit protocols in Openstack CNI Rules 2019-03-13 18:28:15 +01:00
Kubernetes Prow Robot 288d253a4a
Merge pull request #6521 from cisco-sso/openstack_sg_hardening 
Openstack Security Group hardening
 2019-03-07 07:26:59 -08:00
Jesse Haka 1b55c87b6f spread instances equally to all AZs 2019-02-27 18:44:06 +02:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) ec8091294a Removing unnecessary 443 ingress on nodes 2019-02-26 08:33:23 -07:00
Jesse Haka 71452d0ddd specify dns servers to openstack subnet 2019-02-25 22:54:07 +02:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) f8a5abac56 Removing Egress rules as they are defaulted. Adding workaround for octavia 2019-02-25 09:45:31 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 648328d520 Openstack Security Group Update 2019-02-22 14:43:58 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 08b6269537 Openstack Security Group Update Dependencies 2019-02-22 14:43:33 -07:00
Kubernetes Prow Robot 36ea1610dd
Merge pull request #6421 from zetaab/scaledown 
Ability to scale down instancegroup in openstack
 2019-02-19 13:17:26 -08:00
Kubernetes Prow Robot ced14aa57e
Merge pull request #6442 from zetaab/fixhostnames 
fix hostnames in kops openstack
 2019-02-18 13:34:00 -08:00
Jesse Haka 26a12c75e8 scaledown instances if current number is higher than maxsize 2019-02-18 22:56:31 +02:00
Kubernetes Prow Robot 7f93a102d9
Merge pull request #6367 from zetaab/os_owner 
add OWNERS file to openstack spesific folders
 2019-02-18 10:44:03 -08:00
Jesse Haka 0a2d375c7b removing dims from reviewer and add drekle as reviewer 2019-02-05 17:09:22 +02:00
Jesse Haka ad43fb0eea fix new name 2019-02-05 11:44:23 +02:00
Jesse Haka 7aeee4ac11 replace dots with - 2019-02-05 10:42:34 +02:00
Jesse Haka 44b5b4d57d fix hostnames in kops 2019-02-03 23:26:18 +02:00
Jan Wozniak f930ec3138 suffix openstack subnet name with cluster name 2019-01-23 23:12:45 +01:00
Jesse Haka c989dd52f5 add OWNERS file to openstack spesific folders 
bootstrap
 2019-01-20 19:29:09 +02:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 4f0169bb79 codegen 2019-01-16 09:30:40 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 64b63ba6ae Removing references to drekle repo 2019-01-15 14:21:11 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) fb0939af9b Openstack Model, tasks, and cloud ops refactor 2019-01-15 14:16:08 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) af91543345 Checking in model and task dependencies 2019-01-15 14:13:53 -07:00
Jon Perritt 3064f6be15 server groups, lb, instance, and dns tasks, models and resources 2019-01-15 14:06:54 -07:00
Justin Santa Barbara 89dc7b22f9
Merge branch 'master' into sshkey 2018-06-11 11:23:28 -04:00
Jesse Haka ed8d03d402 add keypair role 2018-06-11 09:54:54 +03:00
zengchen1024 f5f1ae8c3c implement router interface task 2018-04-12 18:01:09 +08:00
zengchen1024 9dbf73ec63 implement subnet task 2018-04-09 18:04:35 +08:00
zengchen1024 a2cfb70285 build openstack router task 2018-04-02 18:03:29 +08:00
zengchen1024 280e775466 add network builder 2018-04-02 14:18:26 +08:00