kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,067 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

5512 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 868e1855f0
Merge pull request #16257 from hakman/containerd-1.7.12 
Update containerd to v1.7.12
 2024-01-18 06:38:12 +01:00
Ciprian Hacman 9f7c59236b Update containerd to v1.7.12 2024-01-18 05:27:41 +02:00
Ciprian Hacman fd86a0cb9d aws: Ignore InvalidRouteTableID.NotFound errors during cluster deletion 2024-01-15 06:04:30 +02:00
Ciprian Hacman d71879f023 aws: Terminate ASG instances in batches of 100 instances 2024-01-13 11:01:30 +02:00
Kubernetes Prow Robot baf021b484
Merge pull request #16248 from justinsb/prefer_external_endpoints_kubeconfig 
Prefer external endpoints when building kubeconfig
 2024-01-13 00:13:29 +01:00
justinsb ae226db932 autogen: update expected test values for WellKnownServices 2024-01-12 16:06:43 -05:00
justinsb 50776a7e92 Refactor ForAPIServer 
We instead return a list of the services we are supporting.

We can in future split out internal and external apiserver services.
 2024-01-12 15:53:41 -05:00
justinsb 573c410846 Prefer external endpoints when building kubeconfig 
This means that if/when we have multiple load balancers, we will go
through the external one by default.
 2024-01-12 11:29:25 -05:00
Ciprian Hacman 005b693943 Revert "aws: Skip deleting ASG instances without volumes" 2024-01-12 18:07:10 +02:00
Kubernetes Prow Robot c7ad6e9f22
Merge pull request #16239 from hakman/aws-ebs-csi-zone 
aws: Update EBS CSI driver
 2024-01-09 13:17:39 +01:00
Ciprian Hacman 26a424bcd7 validation: Use constants for validating node labels 2024-01-09 12:31:20 +02:00
Ciprian Hacman 437f7a83d3 aws: Add option to set host network for EBS CSI node driver 2024-01-09 12:30:35 +02:00
Ciprian Hacman 4ebda3e955 aws: Update EBS CSI driver to v1.26.1 2024-01-09 12:28:32 +02:00
Ciprian Hacman 41d4e54920 Replace `k8s.io/utils/strings/slices` with `golang.org/x/exp/slices` 2024-01-09 08:40:57 +02:00
Ciprian Hacman 03c109b74b Make cluster deletion configurable 2024-01-07 07:15:25 +02:00
Ciprian Hacman 793086a01a aws: Skip deleting ASG instances without volumes 2024-01-06 09:31:23 +02:00
Ciprian Hacman f447849a8b Add option for setting CCM ConcurrentNodeSyncs 2024-01-06 07:07:28 +02:00
Ciprian Hacman 37a184601b aws: Update EBS CSI driver to v1.26.0 2024-01-05 19:13:01 +02:00
Kubernetes Prow Robot 120220913d
Merge pull request #16219 from ameukam/servicelinkrole-elasticlb 
Add permission needed for service-linked role creation
 2024-01-05 02:08:56 +01:00
Arnaud Meukam 282ae1335d
hack/update-expected.sh execution results 
Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2024-01-04 23:55:55 +01:00
Arnaud Meukam ce340c6059
Add permission needed for service-linked role creation 
Attempting to fix:
  - https://github.com/kubernetes/kops/issues/16218

by adding the permission needed for the AWS CCM to create a service-linked role for the elastic lb service.

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2024-01-04 23:19:14 +01:00
Kubernetes Prow Robot a8305d2a17
Merge pull request #16214 from hakman/cilium-1.14.5 
Update to Cilium 1.14.5
 2024-01-04 09:06:02 +01:00
Kubernetes Prow Robot 8b8c2c4c18
Merge pull request #16211 from rifelpet/dumpk8ssecrets 
Dump and redact secrets
 2024-01-04 07:21:51 +01:00
Ciprian Hacman 5277835620 Update to Cilium 1.14.5 2024-01-04 06:49:21 +02:00
Peter Rifel 349de70cda
Add comment to remove unused IAM permissions in the future 2024-01-03 21:19:05 -06:00
Peter Rifel a97ac7d8ff
Dump and redact secrets 
This will help with troubleshooting some cert-manager issues where secrets aren't being created
 2024-01-03 19:53:04 -06:00
Vincent Carlos 5e13815d4e feat: add us-west zone for hetzner 2024-01-03 15:01:45 +00:00
Ciprian Hacman 55a6a94169 aws: Add option for setting QPS and Burst for EBS CSI Driver 2024-01-03 14:12:58 +02:00
Kubernetes Prow Robot 5b15753ad0
Merge pull request #16200 from hakman/pod_logs 
Dump previous and current container logs separately
 2024-01-02 20:26:19 +01:00
Ciprian Hacman 997b1fd308 scale-test: Add feature flag for creating a single nodes instance group 2024-01-02 14:06:08 +02:00
Ciprian Hacman 5c2c0c0671 Dump previous and current container logs separately 2024-01-02 09:01:47 +02:00
Peter Rifel f731080867
Update podlogs.go 
Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
 2024-01-01 21:51:26 -06:00
Peter Rifel 8ad0661975
Dump pod logs in parallel 2024-01-01 13:11:25 -06:00
Peter Rifel db32f982d1
Remove unused cluster name param 
Signed-off-by: Peter Rifel <pgrifel@gmail.com>
 2024-01-01 13:10:37 -06:00
Peter Rifel 8524175f86
Dump k8s resources with kops toolbox dump 
Signed-off-by: Peter Rifel <pgrifel@gmail.com>
 2023-12-30 19:22:53 -08:00
Ciprian Hacman 0be02417df gce: Remove custom resolver 2023-12-23 08:17:47 +02:00
Justin Santa Barbara 0300a3b858
Release 1.29.0-alpha.3 (#16183) 2023-12-21 14:24:27 +01:00
Peter Rifel 6e337da7f0
Always set the paginated instance group field 2023-12-20 20:05:48 -06:00
Ciprian Hacman e95dab5408 aws: Add KMS to EBS CSI Driver 2023-12-13 03:13:04 +02:00
Ciprian Hacman 24a8bc39d5 aws: Always add KMS permissions to control plane 2023-12-13 02:56:23 +02:00
Peter Rifel a2aa4f0bdd
Ignore HPA status when applying addons 2023-12-08 18:57:46 -06:00
Peter Rifel 5ce66a9d28
Upgrade Karpenter to v0.31.3 2023-12-07 19:12:06 -06:00
upodroid 1a593e4f6f fix the gce info shown in kops get cmd and set node-tag ginkgo flag 2023-12-03 11:41:45 +00:00
Kubernetes Prow Robot 4d0875569b
Merge pull request #16147 from justinsb/metal_enroll 
feat: "enroll" command to add nodes to a bare-metal cluster
 2023-12-03 07:53:15 +01:00
Kubernetes Prow Robot a4bd641630
Merge pull request #16050 from sl1pm4t/gcp-sa-issuer 
gce: Add support for publishing Service Account Issuer documents to GCS
 2023-12-03 01:41:43 +01:00
justinsb d5e55e4f8e feat: kops toolbox enroll command 
Implement the enroll command, to add a node to an existing cluster.
This is intended to be used with (experimental) metal support.
 2023-12-02 17:48:34 -05:00
justinsb 010a0d5e4c feat: Support PKI bootstrap 
Similar to the TPM bootstrapping on GCE (indeed, a lot of the code is
modified from there), but we verify the PKI signature against a public
key in a Host CRD object.
 2023-11-30 18:35:58 -05:00
justinsb d103a4f11a feat: Create CRD for Host 
This holds the public key for a bare-metal machine.  The alternative
is to store this in a secret, but a dedicated CRD works better with
RBAC - we would rather not grant permissions on secrets if we have an
alternative.
 2023-11-30 18:28:49 -05:00
Kubernetes Prow Robot 928d7e04da
Merge pull request #16140 from justinsb/multiple_verifiers 
feat: Support multiple token verifiers in kops-controller
 2023-11-30 18:50:21 +01:00
justinsb 592b575412 feat: Support multiple token verifiers in kops-controller 
This will allow us to support nodes running in multiple clouds.  If we
don't configure multiple verifiers, this should be a no-op.
 2023-11-30 10:44:53 -05:00
justinsb fbf3556772 Thread context through kubectl-auth 2023-11-30 09:08:52 -05:00
Kubernetes Prow Robot 6977243608
Merge pull request #16117 from zetaab/skipfilerepository 
skip file remapping if same host
 2023-11-26 22:05:13 +01:00
Kubernetes Prow Robot 7c17b16a96
Merge pull request #16099 from spotinst/feat/add_multi_arch_base127_rebase 
Spotinst: Feature/add multi arch in VNG and resource tag specification
 2023-11-23 15:59:58 +01:00
Peter Rifel e108c3b1c5
Fix parsing of newer kubernetes version URLs 2023-11-22 20:02:38 -06:00
Peter Rifel 386352ea17
Upgrade AWS EBS CSI Driver to v1.25.0 2023-11-20 22:35:27 -06:00
Kubernetes Prow Robot bcbf6c79a4
Merge pull request #16113 from h3poteto/iss-16027 
Replace * in IAM tags when IRSA namespace has wildcard
 2023-11-20 18:43:09 +01:00
AkiraFukushima 91d3e89313
Replace * in IAM tags when IRSA namespace has wildcard 2023-11-20 21:48:10 +09:00
Jesse Haka 9f383f93cc skip file remapping if same host 2023-11-20 09:18:55 +02:00
Kubernetes Prow Robot c39025b611
Merge pull request #16115 from zetaab/allowlocalfile 
allow local file VFS in asset copy
 2023-11-19 23:58:32 +01:00
Jesse Haka 0d3f3710a4 allow local file VFS in asset copy 2023-11-19 23:26:33 +02:00
Aaron U'Ren 6903c6cb0e
Remove deprecation of kube-router 2023-11-18 15:36:56 -06:00
justinsb d8c449a4f8 Basic OpenTelemetry support 
We initially support capturing to a file (in our own format, as it
doesn't appear a suitable format exists).  This means we don't need a
server to capture the traces, and can start capturing through prow
without a lot of infrastructure changes.

Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
 2023-11-18 09:12:19 -05:00
yehielnetapp af19ad5664 add feature base 2023-11-12 14:19:37 +02:00
yehielnetapp 00fc4e78e8 add Label Resource Tag Specification Volumes 2023-11-12 14:19:15 +02:00
Ciprian Hacman 8916d1e547
Release 1.29.0-alpha.2 (#16095) 2023-11-11 13:29:12 +01:00
justinsb 49dfdabb79 cloudmock: Add context functions to mock 2023-11-09 08:17:10 -05:00
Ciprian Hacman 65c24a9f3d Add missing mock functions 2023-11-09 08:17:10 -05:00
justinsb f79d2da6f6 Thread context through some slower AWS tasks 
There are still too many context.TODOs here for this to join all the
way up, but we should be able to better understand the slowest tasks.
 2023-11-09 08:17:10 -05:00
justinsb cffd473eb0 dump: include AWS route table objects 2023-11-06 07:50:35 -05:00
Ciprian Hacman 3597bddeaf Fix vet error 2023-11-04 05:57:08 +02:00
justinsb a6b963b127 dump: actually dump the gateway objects 
I had forgotten to populate the object itself, so it was not appearing
in the raw dump.
 2023-10-29 08:13:43 -04:00
justinsb 094b57aa8e dump: include the various gateways on AWS 
I think we were leaking egress-only-internet-gateways, it would be
helpful to see their status in the dump.
 2023-10-28 16:23:38 -04:00
Kubernetes Prow Robot b9c89c42a5
Merge pull request #16067 from hakman/keep-validating 
Add option to provide additional config entries for containerd
 2023-10-27 13:43:47 +02:00
Ciprian Hacman 7a1af66152 Add option to provide additional config entries for containerd 2023-10-27 08:56:34 +03:00
upodroid ecf212d736 add --node-instance-group flag to ginkgo 2023-10-26 23:08:18 +01:00
Kubernetes Prow Robot 165cbd5333
Merge pull request #15705 from zadjadr/feature/cilium-14 
Bump to Cilium 1.14
 2023-10-25 19:54:22 +02:00
Kubernetes Prow Robot cb6b73ea04
Merge pull request #16060 from shapirus/master 
Support setting CAS skip-nodes-with-custom-controller-pods parameter
 2023-10-25 18:14:37 +02:00
Kubernetes Prow Robot b93b3f3ac9
Merge pull request #16062 from justinsb/validate_kube_controller_manager 
Add validation to help users move from experimentClusterSigningDuration
 2023-10-25 17:15:49 +02:00
justinsb 23ace87eb3 Add validation to help users move from experimentClusterSigningDuration 
We aren't aiming to do this in general, but if we can easily help
users find the new option for deprecated flags, that will save
everyone time.

Issue #15909
 2023-10-25 09:40:51 -04:00
shapirus dd665fbe1e Support setting cluster-autoscaler's skip-nodes-with-custom-controller-pods parameter 2023-10-25 14:03:57 +03:00
Ciprian Hacman 3a06d1225f Update codegen to v0.28.3 2023-10-25 07:49:14 +03:00
zadjadr 30aa24f6de
Update to Cilium 1.14.3 2023-10-24 16:59:21 +02:00
zadjadr 4dfaba5242
Bump Cilium to v1.14.2 2023-10-24 16:55:37 +02:00
Matt Morrison 811f7d0420
Push issuer documents to GCS 2023-10-24 07:57:21 +13:00
Kubernetes Prow Robot 1f6d49217b
Merge pull request #16043 from hakman/containerd-1.7.7 
Update containerd to v1.7.7
 2023-10-23 14:13:34 +02:00
Ciprian Hacman ab05ebb28f Update containerd to v1.7.7 2023-10-22 13:45:12 +03:00
Ciprian Hacman 7d7a9105d6 Add support for --cluster-signing-duration KCM flag 2023-10-21 07:59:47 +03:00
Kubernetes Prow Robot f7bd516b79
Merge pull request #15994 from fmuyassarov/add-nri-support 
containerd: introduce a new field to enable NRI
 2023-10-21 04:52:02 +02:00
Feruzjon Muyassarov 0aeab5e523 containerd: introduce a new field containerd.nri to enable NRI 
Node Resource Interface (NRI) is a common framework for plugging
domain or vendor-specific custom logic into container runtime like
containerd. This commit introduces a new congiguration field
`containerd.nri`, providing cluster admins the flexibility to opt
in for this feature in containerd and tune some of its parameters.
By default, NRI is disabled here in accordance with the containerd's
default config file.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
 2023-10-21 00:26:54 +03:00
Kubernetes Prow Robot dd7a3a667e
Merge pull request #16013 from sl1pm4t/enable-gcp-cloud-platform-scope 
Add cloud-platform GCP VM scope
 2023-10-20 18:42:17 +02:00
justinsb 27dd371c08 Refactor: Add context.Context to more VFS methods 
This allows for propagation of opentelemetry traces.
 2023-10-14 14:31:05 -04:00
Kubernetes Prow Robot c24e575c26
Merge pull request #16010 from borg-land/dumping-logic 
Dump nodes even if controlplane is broken
 2023-10-12 09:44:59 +02:00
Victor Oriol 10da4519f0 make apimachinery 2023-10-11 09:31:44 +02:00
Victor Oriol dce72a585a update kops apis components 2023-10-11 09:12:38 +02:00
Matt Morrison 0be24991da
Add cloud-platform GCP VM scope 2023-10-11 19:59:25 +13:00
voriol 722fb08eff add webhookURL 2023-10-11 08:58:55 +02:00
Kubernetes Prow Robot 5840216c45
Merge pull request #15974 from borg-land/kubelet-cred-provider 
Configure GCP Kubelet Credentials Provider
 2023-10-10 13:19:29 +02:00
upodroid 6828213063 dump nodes even if controlplane is broken 2023-10-10 10:32:44 +01:00
upodroid 2b056b9b17 add support for auth-provider-gcp cred provider 2023-10-10 10:29:16 +01:00
Ciprian Hacman 6dd31d9680 aws: Attach security group to NLBs for kops-controller 2023-10-08 09:16:35 +03:00