kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,196 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1298 Commits

Author SHA1 Message Date
Ole Markus With 5d82e52c48 Use external ECR credential provider as of Kubernetes 1.27 2023-04-29 10:21:57 +02:00
Šimon Mišenčík 4f7f5dff4e
Increase max_map_count in sysctls.go 2023-04-13 09:14:17 +02:00
Justin SB d48d86f4a9 gce ipv6: nodeup should only run the AWS prefix assigner on AWS 
The Prefix task is specific to AWS, and is not needed on GCE.
 2023-03-31 09:36:50 -04:00
Peter Rifel 106e2f75cf
Dont try to install curl and python2 on AL2023 
```
W0317 01:46:07.374788   27111 executor.go:139] error running task "Package/python2" (6m1s remaining to succeed): error installing package "python2": exit status 1: Last metadata expiration check: 0:14:55 ago on Fri Mar 17 01:31:12 2023.
No match for argument: python2
Error: Unable to find a match: python2
W0317 01:46:07.374820   27111 executor.go:139] error running task "Package/curl" (6m1s remaining to succeed): error installing package "curl": exit status 1: Last metadata expiration check: 0:14:55 ago on Fri Mar 17 01:31:12 2023.
Error:
 Problem: problem with installed package curl-minimal-7.88.1-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.88.1-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.87.0-2.amzn2023.0.2.x86_64
  - package curl-minimal-7.87.0-2.amzn2023.0.2.x86_64 conflicts with curl provided by curl-7.87.0-2.amzn2023.0.2.x86_64
  - package curl-minimal-7.88.0-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.87.0-2.amzn2023.0.2.x86_64
  - conflicting requests
  - package curl-minimal-7.88.1-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.88.0-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.87.0-2.amzn2023.0.2.x86_64 conflicts with curl provided by curl-7.88.0-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.88.0-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.88.0-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.88.1-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.88.1-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.87.0-2.amzn2023.0.2.x86_64 conflicts with curl provided by curl-7.88.1-1.amzn2023.0.1.x86_64
  - package curl-minimal-7.88.0-1.amzn2023.0.1.x86_64 conflicts with curl provided by curl-7.88.1-1.amzn2023.0.1.x86_64
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages)
```
 2023-03-16 20:53:29 -05:00
Kubernetes Prow Robot b5dc9f6371
Merge pull request #15122 from Mia-Cross/scw_profiles 
scaleway: get credentials from Scaleway profile
 2023-02-24 07:43:34 -08:00
Kubernetes Prow Robot 553270a06a
Merge pull request #15134 from hakman/registry.k8s.io 
Update remaining references from k8s.gcr.io to registry.k8s.io
 2023-02-12 05:33:30 -08:00
Ciprian Hacman 56900bcbad hack/update-expected.sh 2023-02-12 13:48:44 +02:00
Ciprian Hacman e6e4324b85 Remove compatibility with k8s.gcr.io 2023-02-12 13:46:48 +02:00
Ciprian Hacman 0321150ae1
Revert "disable kops-configuration.service after successful execution" 2023-02-12 12:29:06 +02:00
justinsb 29d3a6f2f9 Refactor authenticator building 
Prefer explicit error checking to the "fallthrough" pattern.
 2023-02-11 11:04:32 -05:00
Justin SB 0b699832ec Use cloud-discovery on GCE in gossip mode 
It's a little simpler and should speed up our boot.
 2023-02-11 11:03:12 -05:00
Leïla MARABESE 9f950f4a3a scaleway profiles feature 2023-02-10 17:02:45 +01:00
Ciprian Hacman 48404f87fd hack/update-expected.sh 2023-02-06 08:12:15 +02:00
Ciprian Hacman 96115de2eb Switch contained config file path to `/etc/containerd/config.toml` 2023-02-06 08:12:15 +02:00
Evan Lezar 02adbc7335 Install nvidia-container-toolkit as top-level package 
As of the NVIDIA Container Toolkit v1.6.0 release the nvidia-container-toolkit
is the top-level package for installing the NVIDIA container stack with the
nvidia-container-runtime provided as a meta-package to support "legacy"
workflows such as this.

This change installs the nvidia-container-toolkit package directly instead.

Note that the nvidia-container-runtime binary is included in this package.

See https://github.com/NVIDIA/nvidia-container-toolkit/releases/tag/v1.6.0

Signed-off-by: Evan Lezar <evanlezar@gmail.com>
 2023-02-02 14:47:18 +01:00
Evan Lezar cf066cfa0f Use gpgkey from libnvidia-container repository 
The same gpgkey is served from both the nvidia-container-runtime and
libnvidia-container repos.

Signed-off-by: Evan Lezar <evanlezar@gmail.com>
 2023-02-02 14:47:10 +01:00
Evan Lezar 1f0b2eb0bf Use ubuntu18.04 repos for nvidia-container-toolkit 
The ubuntu20.04 and ubunut22.04 repositories are "mirrors" of the
ubuntu18.04 repository. This change ensures that the ubuntu18.04 repository
is used regardless of the Ubuntu distribution.

Signed-off-by: Evan Lezar <evanlezar@gmail.com>
 2023-02-02 14:46:52 +01:00
Jesse Haka 8f061dbc8e disable kops-configuration.service after successful execution 2023-01-31 11:37:36 +02:00
Ciprian Hacman 5e7b5ddd9a TMP 2023-01-25 16:08:54 +02:00
Ciprian Hacman 6f5eeb2e39 Always disable the reboot manager for Flatcar 2023-01-25 08:49:39 +02:00
Kubernetes Prow Robot b2bdd43dc4
Merge pull request #15024 from zetaab/fixauth 
make openstack kops-controller boostrap auth better
 2023-01-22 23:20:10 -08:00
John Gardiner Myers c7d0fd7dad Don't set up masquerade if NonMasqueradeCIDR is /0 2023-01-21 22:58:08 -08:00
Justin SB 89125664ef nodeup: don't set up masquerade if nonMasqueradeCIDR not set 
If the non-masquerade CIDR is not set, take that as an indication that
we don't want masquerade, rather than failing nodeup.

Not setting a non-masquerade CIDR means that we likely won't preserve
pod IPs for pod-to-pod traffic, but likely just means that more
NATting is done than might be needed.

Omitting the value can also be useful if we're using something like
the ip-masq-agent to manage masquerade rules for us.
 2023-01-21 23:13:31 -05:00
Jesse Haka cb4b796496 hack/update-expected.sh 2023-01-19 10:18:20 +02:00
Jesse Haka b3c134be06 make openstack kops-controller boostrap auth better 2023-01-19 10:07:11 +02:00
John Gardiner Myers 0c323445fb Move UsesKubenet to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers 68c4ef1a93 Move networking-related tests to nodeup.Config 2023-01-15 23:12:00 -08:00
John Gardiner Myers cc49461849 Move several CNI tests to nodeup.Config 2023-01-15 23:11:58 -08:00
John Gardiner Myers f6debfd658 Move ServiceClusterIPRange to nodeup.Config 2023-01-15 17:19:18 -08:00
John Gardiner Myers 2e6e022eca Move EgressProxy to nodeup.Config 2023-01-15 17:19:18 -08:00
John Gardiner Myers da881fb320 Move NonMasqueradeCIDR to nodeup.Config 2023-01-15 17:19:18 -08:00
Kubernetes Prow Robot 1c8f9c8a35
Merge pull request #14894 from johngmyers/v1alpha3-oidc 
v1alpha3: Move most OIDC settings to authentication.oidc
 2023-01-15 08:40:31 -08:00
Jesse Haka 3dab0eb807 Use kops-controller to boostrap nodes in OpenStack 2023-01-14 13:54:14 +02:00
John Gardiner Myers 2365980281 openstack: use subnet type instead of topology 2023-01-12 19:33:10 -08:00
John Gardiner Myers 24841f79e3 hack/update-expected.sh 2023-01-11 19:27:42 -08:00
John Gardiner Myers d009928883 v1alpha3: Move most OIDC settings to authentication.oidc 2023-01-11 19:26:18 -08:00
Jesse Haka cc8871eede no dns for OpenStack 2023-01-11 20:02:02 +02:00
Leïla MARABESE 543d59758a removed SCW_DEFAULT_REGION and SCW_DEFAULT_ZONE env vars 2023-01-10 16:11:23 +01:00
Jesse Haka 4383f40af7 move openstack cloud config to k8s secrets 2023-01-06 19:56:35 +02:00
justinsb b7d9319fff EnsureTask should panic on error 
This means that we automatically check the error code.  A linter could
detect errors here (maybe), but in practice we can't recover from
errors here anyway.
 2023-01-04 08:29:20 -05:00
John Gardiner Myers 447220ef4e Use NodeupConfig for NTP-managed setting 2023-01-03 22:16:20 -08:00
John Gardiner Myers 4179fcce58 Use NodeupConfig for KubernetesVersion 2023-01-03 22:16:20 -08:00
John Gardiner Myers b5eef1c129 Use NodeupConfig for kube-proxy config 2023-01-03 12:29:07 -08:00
John Gardiner Myers fe448ef906 Use NodeupConfig for DockerConfig 2023-01-02 13:58:21 -08:00
John Gardiner Myers 125866792d Use NodeupConfig for ContainerdConfig 2023-01-02 13:42:11 -08:00
John Gardiner Myers b4f04a6d13 Simplify test setup 2023-01-02 12:50:24 -08:00
John Gardiner Myers 768299134c hack/update-expected.sh 2023-01-02 12:50:24 -08:00
John Gardiner Myers 25a897b691 Use NodeupConfig for ContainerRuntime 2023-01-02 12:50:23 -08:00
Jesse Haka 357e2a6a06 fix cloud config in normal nodes 2023-01-02 17:25:30 +02:00
John Gardiner Myers 99d36bd9f2 Extract NodeupModelContext.APIInternalName() 2023-01-01 13:48:01 -08:00
John Gardiner Myers 8aeefe23ed Use NodeupConfig for cluster name 2023-01-01 13:48:01 -08:00
John Gardiner Myers c08326e8c0 Separate out a VFSSecretStoreReader 2023-01-01 13:47:05 -08:00
John Gardiner Myers c68be498c6 Refactor NewAssetBuilder to not take a Cluster 2023-01-01 13:37:52 -08:00
justinsb 6c2edaee7e Add Context arg to vfs ReadFile 
This is an "action" method, so should take a context.
 2023-01-01 09:51:44 -05:00
John Gardiner Myers 08ba7918d0 etcd domains are now under .internal. 2022-12-29 13:24:03 -08:00
John Gardiner Myers 355f9e4bd2 Kubelet needs cloudconfig for in-tree cloudprovider 2022-12-26 11:25:24 -08:00
John Gardiner Myers d32a0fb3cc APIServer nodes need cloudconfig 2022-12-26 10:56:30 -08:00
John Gardiner Myers b3dfcea95f v1alpha3: Move AWS-specific CloudConfig settings to AWSSpec 2022-12-25 16:12:02 -08:00
Kubernetes Prow Robot e13c51968b
Merge pull request #14869 from johngmyers/upd-min-version 
Update min versions for 1.27
 2022-12-24 23:59:27 -08:00
Kubernetes Prow Robot b97662c6a3
Merge pull request #14837 from johngmyers/gce-cloudconfig 
v1alpha3: Move GCE-specific CloudConfig settings to GCESpec
 2022-12-24 22:31:26 -08:00
John Gardiner Myers 3823c13633 hack/update-expected.sh 2022-12-24 21:44:50 -08:00
John Gardiner Myers 005ec38972 Remove code for no-longer-supported k8s 1.21 2022-12-24 21:44:50 -08:00
justinsb 817c1e63b3 FindKeyset can return nil 
We had missed a case in nodeup; add a Context argument to force us to
revisit the codepaths.
 2022-12-24 16:12:21 -05:00
Ciprian Hacman aa04f56545 Update test for audit config 2022-12-24 07:23:10 +02:00
Ciprian Hacman e3dbff95d0 Add placeholder for the audit config test 2022-12-24 07:23:10 +02:00
Ciprian Hacman bb6d4d6c17 Mount the audit config dir for kube-apiserver 2022-12-24 07:23:10 +02:00
justinsb 90cbf75584 Context threading: more wiring 
We're aiming to use this for testing immediately and better
logging/tracing in future, but to make the changes manageable breaking
them into a smaller series that don't directly achieve much.
 2022-12-22 17:52:22 -05:00
John Gardiner Myers b38c55a2b9 Simplify nodeup references to CloudProvider 2022-12-20 19:44:32 -08:00
John Gardiner Myers 0e11075012 v1alpha3: Move GCE-specific CloudConfig settings to GCESpec 2022-12-20 19:44:32 -08:00
Kubernetes Prow Robot 5fb80f8e41
Merge pull request #14836 from justinsb/debian_logspam 
Fix logspam on debian
 2022-12-20 16:25:36 -08:00
justinsb a28ef27776 Fix logspam on debian 2022-12-20 17:49:04 -05:00
John Gardiner Myers 7d14a5ac17 Mark access to cluster as deprecated in nodeup 2022-12-20 12:00:37 -08:00
John Gardiner Myers d916596c32 Give nodeup a read-only Keystore 2022-12-20 12:00:37 -08:00
Kubernetes Prow Robot 9aa2a5104a
Merge pull request #14814 from johngmyers/nodeup-install 
Separate out a fi.InstallContext
 2022-12-20 06:45:51 -08:00
John Gardiner Myers 9b22483ab2 Separate out a fi.InstallContext 2022-12-19 17:18:58 -08:00
Kubernetes Prow Robot 3f05fa4f73
Merge pull request #14727 from justinsb/refactor_kops_controller_client 
Move kops-controller client into its own package
 2022-12-19 09:09:44 -08:00
John Gardiner Myers f4afab9dc3 Remove dead code 2022-12-19 08:29:31 -08:00
Kubernetes Prow Robot bf7b2c5d94
Merge pull request #14809 from johngmyers/trim-nodeup 
Trim some fields from fi.Context
 2022-12-19 08:17:44 -08:00
Justin SB d18e663397 Move kops-controller client into its own package 
This should allow more reuse.
 2022-12-19 10:30:13 -05:00
John Gardiner Myers 40f0d35373 cloudConfig is never nil in a completed cluster spec 2022-12-18 22:46:22 -08:00
John Gardiner Myers f7383b29da Move Cloud into CloudupSubContext 2022-12-18 13:40:02 -08:00
John Gardiner Myers 0aba1a24b9 Move ClusterConfigBase into CloudupSubContext 2022-12-18 13:40:02 -08:00
John Gardiner Myers 7fcd55737a Remove unused fields from fi.Context 2022-12-18 13:40:02 -08:00
John Gardiner Myers 7c3e32369a Refactor Context into separate cloudup and nodeup types 2022-12-17 17:42:46 -08:00
justinsb 5fde739814 Introduce context.Context into some of our "Context" objects 
The rule of thumb is that we shouldn't be embedding a context.Context,
but it is reasonable when the lifetime is similar and when the
refactor would otherwise be unacceptably large.

This is a minimal way to introduce it, based on adding the support
needed in the GCS support for serviceAccountIssuerDiscovery.  We will
need to plumb through the context in many more places over time.
 2022-12-12 09:56:09 -05:00
Kubernetes Prow Robot e5a835d287
Merge pull request #14706 from johngmyers/v1alpha3-networking 
v1alpha3: move networking fields under networking
 2022-12-05 21:34:38 -08:00
Leïla MARABESE 1bacbd591a fixed etcd + added machine type 2022-12-05 14:40:28 +01:00
John Gardiner Myers 235aa61594 v1alpha3: move networking fields under networking 2022-12-02 19:19:59 -08:00
John Gardiner Myers 76f71512cc v1alpha3: fix miscellaneous capitalization 2022-11-28 21:37:21 -08:00
John Gardiner Myers 6536c0b301 v1alpha3: use new terminology for kubelet config 2022-11-25 16:53:23 -08:00
John Gardiner Myers d39ba74bd7 Change the control-plane IG role to "ControlPlane" in v1alpha3 API 2022-11-22 17:05:29 -08:00
John Gardiner Myers 5fca16aa30 v1alpha3: Move API-related settings under API 2022-11-19 10:27:12 -08:00
Ciprian Hacman d29812fc6e Replace fi.Bool/Float*/Int*/StringValue() with fi.ValueOf 2022-11-19 03:45:23 +02:00
Ciprian Hacman 8f79c9bd68 Replace fi.Bool/Float*/Int*/String() with fi.PtrTo() 2022-11-19 03:45:22 +02:00
John Gardiner Myers 8473e8b2e7 Stop making MasterInternalName configurable 2022-11-16 22:06:02 -08:00
Kubernetes Prow Robot 6f2ded7fb2
Merge pull request #14501 from hakman/kops-controller_for_config 
Boot nodes without state store access
 2022-11-16 08:32:50 -08:00
John Gardiner Myers 0e981b1728 Remove dead code 2022-11-15 12:40:43 -08:00
Ciprian Hacman 18b5dcd297 Boot nodes without state store access 2022-11-15 14:40:14 +02:00
Ciprian Hacman 0e2cc7e0cc Rename BootConfig.APIServer to BootConfig.APIServerIP 2022-11-15 14:40:14 +02:00
Ciprian Hacman 22f73d0384 Use local API server on control plane nodes for clusters without DNS 2022-11-13 08:52:53 +02:00