kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,513 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

625 Commits

Author SHA1 Message Date
Ryan Bonham e7dc229f38 Make CoreDNS 1.12 addon support resource configuration 2019-04-01 08:11:13 -05:00
Justin SB 8abd0400ea
Add selector back to calico 1.12 deployment 
I had mistakenly removed it previously, which meant the manifest it
didn't apply on an update.
 2019-03-27 00:12:49 -04:00
Artem Yarmoliuk db6b29ba10
Update flannel manifest to v0.11.0 and add iptables-resync flag 2019-03-23 19:01:46 +02:00
Kubernetes Prow Robot 024749ec55
Merge pull request #6358 from justinsb/calico_with_crds 
kops 1.12 configuration for calico: use CRDs
 2019-03-18 00:25:11 -07:00
Kubernetes Prow Robot 04ccfb2f27
Merge pull request #6622 from justinsb/followup_6502 
Apply scope fix in #6502 to all manifest versions
 2019-03-15 09:47:12 -07:00
Kubernetes Prow Robot ae6cda7bb1
Merge pull request #6502 from tvi/fix-eni-yaml 
Fix amazon-vpc-routed-eni yaml template
 2019-03-15 00:21:08 -07:00
Justin SB 7f4dbb59ad
Apply scope fix in #6502 to all manifest versions 
In #6502 we fixed an invalid CRD, but we need to fix in all versions.
Also bump the manifest version so it applies correctly!
 2019-03-14 23:01:27 -04:00
Kubernetes Prow Robot 35679b5052
Merge pull request #6444 from zetaab/ccm 
External out-of-tree CloudControllerManager support for openstack
 2019-03-14 14:21:00 -07:00
Justin SB b4cb55db1f
kops 1.12 configuration for calico: use CRDs 2019-03-14 01:03:10 -04:00
JuanJo Ciarlante e85e4d48ad Update Weave Net to version 2.5.1 
This release fixes #6369 syslog flooding as reported at
weaveworks/weave#3449.

Release notes
https://github.com/weaveworks/weave/releases/tag/v2.5.1

Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
 2019-02-22 10:31:49 -03:00
Jesse Haka 99b86011c3 use ccm without privileged port 2019-02-20 23:57:22 +02:00
Jesse Haka d4fbc4f3c3 external out-of-tree cloudcontrollermanager to openstack 2019-02-20 20:05:25 +02:00
Tomas Virgl 11af79439b Fix amazon-vpc-routed-eni yaml template 
Current yaml structure is invalid.
Crosschecked with https://github.com/aws/amazon-vpc-cni-k8s/blob/master/config/v1.3/aws-k8s-cni.yaml

Fixes #6499.
 2019-02-20 17:31:51 +01:00
Jordan Liggitt 1ca45141ea Update cluster-proportional-autoscaler to 1.4.0 to use apps/v1 2019-02-20 09:22:52 -05:00
Jordan Liggitt 9a06ff550c Update 1.12 addons to use apps/v1 2019-02-20 09:21:22 -05:00
Jordan Liggitt 3cef342dbe Copy latest addons to 1.12 2019-02-20 09:20:01 -05:00
Sandeep Rajan 42d6d9e888 Update the coredns manifest 2019-02-19 15:54:01 -05:00
Kubernetes Prow Robot 1d55996e29
Merge pull request #6469 from appvia/canal-v3.5 
Updated Canal manifest to v3.5.0 for k8s v1.12+
 2019-02-16 06:24:21 -08:00
Kubernetes Prow Robot 307ccd8556
Merge pull request #6468 from appvia/node-authorizer-proxy 
Allow NodeAuthorizer to speak via HTTP Proxy if configured
 2019-02-16 06:24:16 -08:00
Kubernetes Prow Robot 5d2ebfae92
Merge pull request #6424 from rajansandeep/proxytoforward 
Use the forward plugin instead of proxy plugin in CoreDNS
 2019-02-16 05:25:11 -08:00
Kashif Saadat 2e7229398e Update Canal manifest to v3.5.0 for k8s v1.12+ 2019-02-14 14:13:28 +00:00
Kashif Saadat 4484dd3591 Allow NodeAuthorizer to speak via HTTP Proxy if configured 2019-02-14 13:02:17 +00:00
Sandeep Rajan 57326d3493 Use the forward plugin instead of proxy 2019-01-31 13:44:44 -05:00
Wenhua Zhao 818490de2b upgrade calico to 2.6.12 to fix TTA-2018-001 2019-01-31 09:57:30 -08:00
Kubernetes Prow Robot 9c8b945e4e
Merge pull request #6257 from justinsb/mark_1_12_0_alpha_1 
Release 1.12.0-alpha.1
 2019-01-12 10:33:47 -08:00
Harshal Shah 1f33f9581f Upgrading coredns version to 1.3.0 
Signed-off-by: Harshal Shah <harshal2623@gmail.com>
 2019-01-11 18:59:42 +01:00
Rohith 2429997121 Kubelet API RBAC Manifest 
I was mistaken how the key in the namespace is used, looks like you can only have the one key per addon as the anonnotations on the namespace are addon_name -> version, so if you already have a old rbac.addons.k8s.io referenced it won't work. I didn't notice before as the cluster was new.
 2019-01-09 14:46:33 +00:00
Rohith 83ba980f40 - changing this to a default install and its a breaking change and won't effect unless the webhook is enabled 2019-01-08 15:38:44 +00:00
Rohith 4b08a05274 Kubelet API Admin for Webhook Mode 
- adding a default binding for the kubelet-api for when kubelet webhook is enabled
 2019-01-08 15:21:02 +00:00
Justin SB a246313c2e
Release 1.12.0-alpha.1 2019-01-03 19:00:33 -05:00
Christian Jantz b14c014ac3 update calico version to version 3.4.0 2018-12-23 14:44:31 +01:00
Erik Stidham d2e9fcbd7f Fix Calico upgrade job to use the correct version 2018-12-04 13:42:15 -06:00
Kubernetes Prow Robot e6d9545a6e
Merge pull request #6129 from spotinst/feature-spotinst-controller 
Spotinst: Bump controller image
 2018-12-03 06:43:08 -08:00
Liran Polak b3b3c8c71f feat: bump controller version to 1.0.18 2018-11-28 16:58:11 -08:00
mikesplain 6b44333ac5 Update amazon cni to 1.3.0 2018-11-28 17:01:31 -05:00
Sandeep Rajan 5943b13264 CoreDNS version 1.2.6 2018-11-19 11:25:41 -05:00
Justin SB d83fd29d0a
Fix typo in CRD: singuar 
The upstream file has the correct form singular, so this looks like our own error.
 2018-11-18 14:26:50 -05:00
k8s-ci-robot ea97194f0b
Merge pull request #5905 from adammw/adammw/update-aws-cni-1.2.0 
Update amazon-vpc-routed-eni to v1.2.1
 2018-11-17 12:32:58 -08:00
Alex Williams 18ed48e99b
Remove trailing comma from from k8s-1.7-v3.yaml.template 2018-11-16 13:41:18 +00:00
Casey Davenport 4c5f52b867 Update Calico to v3.3.1 2018-11-14 14:40:29 -08:00
k8s-ci-robot bac89b8de5
Merge pull request #5102 from tmjd/calico-v3-upgrade 
Calico v3 upgrade
 2018-11-13 12:55:18 -08:00
k8s-ci-robot e5b2d2c55d
Merge pull request #5917 from bhegazy/master 
coredns should not be running on master by default
 2018-11-10 17:13:27 -08:00
Justin SB d8a80a79ee
Bump kopeio-networking to latest version 
Also add the RBAC permissions needed for operation on GCE.
 2018-11-09 00:40:24 -05:00
Erik Stidham 3da3b415e0 Adding Calico V3 
- Add Calico configuration field to specify MajorVersion
- Add Calico V3 manifest
- Default new installations to Calico V3
  - Set etcd to V3 when calico is specified for networking
- Validate that etcd is V3 when Calico MajorVersion is v3
- Using Calico v3.2.1
 2018-11-07 14:00:54 -06:00
k8s-ci-robot 560a0a2a40
Merge pull request #6043 from bboreham/weave-net-2-5 
Update Weave Net to version 2.5.0
 2018-11-06 07:11:41 -08:00
Bryan Boreham c649312a4a Update Weave Net to version 2.5.0 
This release adds support for Kubernetes `hostPort` mapping and the
`ipBlock` NetworkPolicy feature, plus many other improvements.

Release notes https://github.com/weaveworks/weave/releases/tag/v2.5.0

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
 2018-11-05 17:29:03 +00:00
Kashif Saadat 1ada8a98e5 Canal v3.3.0 for Kubernetes v1.12+ 2018-11-02 15:47:37 +00:00
k8s-ci-robot 3ce38ca674
Merge pull request #5987 from rochacon/patch-1 
cilium: Fix Prometheus serve addr flag
 2018-10-27 07:52:29 -07:00
k8s-ci-robot f7a0b38610
Merge pull request #5985 from rajansandeep/1.2.4 
Bump CoreDNS version to 1.2.4 and update manifest
 2018-10-27 07:52:24 -07:00
k8s-ci-robot 32453888d9
Merge pull request #5950 from shrinandj/fix-calico-kube-controller 
Mount etc-hosts in calico-kube-controller
 2018-10-27 07:52:14 -07:00
k8s-ci-robot 9078a23561
Merge pull request #5946 from jhohertz/cni-taint-tolerations 
More CNI toleration for tainted nodes.
 2018-10-23 04:02:35 -07:00
Rodrigo Chacon dc2b6bef07
cilium: Fix Prometheus serve addr flag 2018-10-22 23:58:12 -03:00
Sandeep Rajan b6b6c6661c bump version to 1.2.4 and update manifest 2018-10-22 10:44:34 -04:00
Adam Malcontenti-Wilson a737a1be09 Update amazon-vpc-routed-eni to v1.2.1 2018-10-16 15:25:11 -07:00
Justin Santa Barbara 30e2adcf92 Mark release 1.11.0-alpha.1 2018-10-16 11:59:12 -04:00
Shri Javadekar fbad6a98df Mount etc-hosts in calico-kube-controller 
Testing done:

1. Verfied that when a new cluster is created, the `calico-kube-controllers` deployment bind mounts /etc/hosts from the host.

Refs #5934
 2018-10-15 14:57:52 -07:00
k8s-ci-robot 1fbc6331c6
Merge pull request #5922 from spotinst/feature-spotinst-aws 
New integration: Spotinst
 2018-10-15 09:26:13 -07:00
Joe Hohertz cae07120b1 More CNI toleration for tainted nodes. 2018-10-15 11:45:45 -04:00
Rohith 5a214c4cb6 - updating the manifest description at the top to indicate reverting to flannel v0.9.0 2018-10-15 09:43:02 +01:00
Liran Polak 7654a923f1 feature: new integration: spotinst 2018-10-14 11:37:31 +03:00
Rohith 9f526e9074 - reverting to flannel v0.9.0 due to issue https://github.com/coreos/flannel/issues/938 2018-10-12 22:13:50 +01:00
Rohith 5cf62dcda8 - fixing the versions by removing the deprecated apis 2018-10-12 19:22:50 +01:00
Rohith 87e587fa77 - removing the need for CALICO_IPV4POOL_CIDR environment variable 2018-10-12 13:59:52 +01:00
Rohith 19f50945f8 Canal v3.2.3 
Adding the manifests for kubernetes >=1.9 to move to canal version 3.2.3. Admittedly I don't like the fact the users are unable to override or select the version of canal they wish to use, but as none of the networking spec have this feature i'm reluctant to add it. The PR upgrades kops cluster running kubernetes >=1.9.0 to canal v3.2.3
 2018-10-12 13:29:03 +01:00
Bill Hegazy f234b3a0c0
coredns should not be running on master by default 2018-10-11 10:19:32 +07:00
k8s-ci-robot f4c1da63de
Merge pull request #5910 from gambol99/fix_canal_manifest 
Canal Manifest Fix (Kubernetes >= v1.12.0)
 2018-10-10 05:25:03 -07:00
Rohith d1ea6ad028 Canal Manifest Fix (Kubernetes >= v1.12.0) 
So the current canal manifest contains a 'description' field which as far as I can tell from the API documentation never existed (in apimachinery). Previous versions probably ignored the field but while testing v1.12.1 I noticed canal no longer deployed correctly due to the validation error. I've bumped the versions and removed the field from the manifest; this shouldn't have any impact on those already deployed, but as an alternative we could copy and paste 1.8 manifest, add an exclusion in the [bootstrapchannelbuilder.go](https://github.com/kubernetes/kops/blob/master/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go#L685-L699) to use >1.8.0 <=1.12.0 etc and use new manifest for >=1.12.0 (if you get what i know :-))

Post removing the `description` field the networking works again ..
 2018-10-10 11:49:10 +01:00
k8s-ci-robot cd3de8ee9d
Merge pull request #5845 from bboreham/weave-241 
Update Weave Net to version 2.4.1
 2018-10-08 23:38:11 -07:00
k8s-ci-robot 7b4133c823
Merge pull request #5812 from arturo-c/weave 
Add no_masq_local to weave network options.
 2018-10-05 16:55:53 -07:00
Rohith aa700961b5 - fixing up the prometheus metrics annotation to indicates a https scheme 2018-10-03 11:39:35 +01:00
Bryan Boreham e940e5d416 Update Weave Net to version 2.4.1 
Includes bug fixes to the deleted-node cleanup code.
Release notes https://github.com/weaveworks/weave/releases/tag/v2.4.1

Signed-off-by: Bryan Boreham <bryan@weave.works>
 2018-09-28 08:29:47 +00:00
Rohith d784db094a - removing the liveness and readiness probes for now until i figure a better way of performing the rollout while not getting hit by the cluster validation code. 
perhaps we could add a label no the master and control the deployment of the daemonset via the label.
 2018-09-26 23:05:13 +01:00
Rohith 8c11ecf108 - adding the waitForCertificates method to wait for the certificates to arrive (this fixes the rollout on a in-place cluster) 2018-09-25 19:24:27 +01:00
Rohith 16904444b4 Node Authorizer Directory 
- creating the directory incase it's not there, is fixes an issue on a rolling update
 2018-09-25 19:24:07 +01:00
Arturo Contreras c105541053 Autogen code for weave no_masq_local. 2018-09-21 13:26:53 -06:00
Arturo Contreras e44572a40a Add no_masq_local to weave options. 2018-09-21 10:29:56 -06:00
k8s-ci-robot 403a22a750
Merge pull request #5290 from ripta/avpc-k8s-1.8 
Amazon VPC CNI: Kubernetes 1.8+ Manifests
 2018-09-21 08:27:48 -07:00
Joe Hohertz 3f6df6fde6 Update tolerations in Amazon VPC CNI spec so the pods can run on all nodes 2018-09-18 13:24:16 -04:00
Joe Hohertz 46d36823c0 Update tolerations in Cilium spec so the pods can run on all nodes 2018-09-18 13:24:16 -04:00
Will Thames 142d71f33f Update k8s-ec2-srcdst to v0.2.2 
v0.2.2 fixes a bug where k8s-ec2-srcdst can crash on node deletion.
This crash causes SourceDestinationCheck to remain set to true on
nodes created after this check. Such nodes cannot talk to calico
destinations in the *same* subnet.

Fixes kubernetes/kubernetes#66432
 2018-09-06 09:46:21 +10:00
Sandeep Rajan 0bdf97897f update version and manifest 2018-08-30 14:51:43 -04:00
Justin Santa Barbara 4d216cb001 Release 1.10.0 2018-08-18 07:06:02 -04:00
Benjamin Goldberg b080089a8c AWS VPC Daemonset Correctly Tolerate Node Taints 2018-08-17 08:26:38 -05:00
andrewsykim 063ebca9de upgrade DigitalOcean CCM to v0.1.7 2018-08-17 00:19:21 -04:00
k8s-ci-robot 5ec34189d9
Merge pull request #5608 from rajansandeep/updatedeployment 
Update CoreDNS deployment
 2018-08-15 10:02:00 -07:00
Sandeep Rajan 7a262f7e6f update deployment 
update version
 2018-08-15 11:16:31 -04:00
k8s-ci-robot 5f13be3741
Merge pull request #5552 from brb/weave-2.4.0 
Bump Weave Net to v2.4.0
 2018-08-14 15:41:51 -07:00
k8s-ci-robot 15dc672b2a
Merge pull request #5595 from Andrey9kin/master 
Enable weave network encryption for k8s 1.6
 2018-08-14 14:10:47 -07:00
Rohith 42e48e5fcb Node Authorizer Promethues Metrics 
- adding the prometheus metrics annotations to the deployment
 2018-08-13 14:13:38 +01:00
Andrey Devyatkin 3dc8020457
Missing {{- end }} statement 2018-08-10 16:06:50 +01:00
Andrey Devyatkin ffe8824f42 Enable weave network encryption for k8s 1.6 
Signed-off-by: Andrey Devyatkin <andrey.a.devyatkin@gmail.com>
 2018-08-10 14:12:53 +01:00
Martynas Pumputis 6026498e4b Bump Weave Net to v2.4.0 
- New manifest for k8s 1.8.0 due to FileOrCreate mount type.
- RBAC for updating NetworkUnavailable node status.
- Dropped support for legacy NetworkPolicy (k8s pre-1.7).

Full changelog: https://github.com/weaveworks/weave/releases/tag/v2.4.0
 2018-07-30 09:57:43 +02:00
Zivago Lee f4002a2143 add wider tolerations to the kube-router daemonset 2018-07-26 00:35:39 -07:00
Justin Santa Barbara 9320948a8a Mark 1.10.0-beta.1 2018-07-23 11:16:03 -04:00
k8s-ci-robot 56ccfac26d
Merge pull request #5317 from gambol99/node_registration 
Node Authorization Service
 2018-07-19 05:17:41 -07:00
k8s-ci-robot 423ef6e78d
Merge pull request #5441 from kampka/weave-network-encryption 
Add weave network encryption secret
 2018-07-18 07:32:31 -07:00
k8s-ci-robot 00d7237b19
Merge pull request #5426 from aleerizw/update-kube-router-manifest 
Added metrics port and health check to kube-router
 2018-07-15 12:15:05 -07:00
k8s-ci-robot c3608afa06
Merge pull request #5392 from rajansandeep/scrape 
Add prometheus scrape port to CoreDNS service
 2018-07-15 12:14:55 -07:00
k8s-ci-robot bfafff1310
Merge pull request #5380 from shrinandj/fix-calico-mtu 
Allow setting MTU for calico networking.
 2018-07-15 10:54:56 -07:00
Christian Kampka 3bf8a8fcd2 Add weave network encryption secret 2018-07-13 16:57:48 +02:00
Ali Rizwan 100674e1bf Added metrics port and health check to kube-router 2018-07-10 16:20:19 +02:00
Rodrigo Menezes 414b3a780b Rename hept.io authenticator to aws authenticator 2018-07-08 10:10:19 -07:00
Rohith 92115b2341 - dropping the specific flags and using a genenic --feature gate model for the authorizers, meaning i don't need to come back to the API whenever we want to make changes 2018-07-06 20:15:18 +01:00
Rohith fd6cef8180 Requested Changes 
- switching to using code rather than a template for the systemd unit creation as requested in review
- as part of the review, changing the name of the ca from tls-ca to tls-client-ca
- changing the api from DisableAddressCheck to EnableAddressCheck and defaulting to true if no set
- fixing up the test for node-authorizer and shifting the parsing of the certificates as suggested in reviews to a method
 2018-07-06 20:14:35 +01:00
Rohith 338a6d721c Changes 
- including the config only when there is something to include i.e. no nulls please
- fixing up the pod security policies for system:nodes groups, needs a mapping to permit manifests
 2018-07-06 20:14:35 +01:00
Rohith cfc55c942c - just fixing up the yaml object 2018-07-06 20:14:35 +01:00
Rohith 342d577fb6 - adding the node authorization addon deployment manifest 2018-07-06 20:14:35 +01:00
Ripta Pasay 106eb3861c Add amazon-vpc-routed-eni manifest for k8s >=1.10 without the use of k8s-ec2-srcdst 2018-07-02 23:24:59 +00:00
Ripta Pasay 6b8331f42b Add new amazon-vpc-routed-eni manifest for k8s >=1.8 using rbac.authorization.k8s.io/v1 instead of v1beta1 2018-07-02 23:16:43 +00:00
Shri Javadekar 3c4239645f Override mtu only if explicitly specified. 
Testing Done:

1. Created a cluster without explicitly setting MTU. Verified that the calico nodes came up. The config map didn't have any mtu setting. The FELIX_IPINIPMTU env variable was not set.

2. Created a cluster by explicitly setting the MTU in the kops config. Verified that calico nodes came up. Config map had correct value for "mtu". The FELIX_IPINIPMTU env variable was set to correct value.
 2018-06-28 23:30:51 -07:00
Sandeep Rajan 9506ebd58f add prometheus scrape port 2018-06-28 17:01:01 -04:00
Shri Javadekar e4638de5f4 Allow setting MTU for calico networking 
This commit does the following two changes:

1. Changes the default calico mtu to 8198.
2. Enables setting the mtu explicitly in the config as:
```
  networking:
    calico:
      mtu: 2048
```

Testing done:

1. Created cluster on AWS with networking set to calico. No additional details were provided. Verified that the mtu was set to 8198. Also verified that the FELIX_IPINIPMTU environment variable was set to 8198.
2. Created a cluster explicitly setting the calico mtu to 2048. Verified that the mtu for the 'cali*' interfaces inside the pods was set to 2048. Also, verified that the FELIX_IPINIPMTU environment variable was set to 2048.
3. make test passed.

Closes #4042
 2018-06-25 15:18:15 -07:00
Maciej Kwiek e1a0f4a73e Etcd TLS support for Cilium 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-06-20 14:27:24 +02:00
Maciej Kwiek ca52ad5685 More configuration options for cilium 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-06-15 11:48:12 +02:00
Sandeep Rajan e92de7951c correct deployment yaml 2018-06-12 11:29:24 -04:00
k8s-ci-robot e27656b821
Merge pull request #5308 from mikesplain/kube_dns_prometheus_scrape 
Add prometheus scrape to kube-dns
 2018-06-11 12:12:26 -07:00
Mike Splain 24c6b3343f Add prometheus scrape to kube-dns 2018-06-11 14:22:42 -04:00
Rohith 2d5bd2cfd9 - update the IAM policy to ensure the kubelet permision is skipped 
- update the PKI to ensure on new clusters the certificate it not created
 2018-06-11 09:57:26 +01:00
Rohith 96eb0fbf0e - adding the fix for the psp for kubelet manifest since the kubelet no longer exists 2018-06-11 09:57:26 +01:00
k8s-ci-robot 02daea62ae
Merge pull request #5119 from ripta/avpc-custom-image 
Amazon VPC CNI: Upgrade to v1.0 and Allow Custom Images
 2018-06-10 22:40:27 -07:00
k8s-ci-robot aef1afbc02
Merge pull request #4724 from gambol99/custom_kube_dns 
Customize KubeDNS
 2018-06-10 18:52:01 -07:00
Ripta Pasay 32ddcc74bb Update the kops amazon-vpc-routed-eni manifest from the official v1.0 release 2018-06-06 17:33:00 -07:00
Rodrigo Menezes 991cd3e27c Do not generate heptio-authenticator config 2018-06-05 17:21:22 -07:00
Ripta Pasay 3610bf20d0 Upgrade default Amazon VPC Networking image to v1.0.0 2018-06-05 15:39:36 -07:00
Rodrigo Menezes 1fdbb2fe47 Update heptio authenticator 2018-06-05 11:45:08 -07:00
Ripta Pasay ebe8889234 Add ImageName to AmazonVPCNetworkingSpec to allow configurable plugin images 2018-06-04 18:49:22 -07:00
Sandeep Rajan f82024e6ed coredns image from gcr.io 2018-06-04 16:54:11 -04:00
k8s-ci-robot 53b2715413
Merge pull request #5095 from martinhoefling/upgrade_flannel_v0.10.0 
Upgrade to flannel v0.10.0 and explicitly specify amd64 arch
 2018-06-01 23:04:57 -07:00
Kashif Saadat 1b9162b7b6 Correct PSP RoleBinding with namespace for kube-system 2018-06-01 17:52:42 +01:00
k8s-ci-robot 775b877a10
Merge pull request #5197 from rdrgmnzs/heptio_authenticator 
Setup heptio authenticator
 2018-06-01 07:12:55 -07:00
k8s-ci-robot 56310f2783
Merge pull request #5208 from nebril/bump-cilium 
Bump Cilium version to released
 2018-05-31 19:06:59 -07:00
Kashif Saadat e9dae6121b PSP Updates, new apiGroup for k8s v1.10 and limit kube-system SA access to its own namespace 2018-05-30 12:30:03 +01:00
Maciej Kwiek 0c987d4dbd Bump Cilium version 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-05-30 12:26:16 +02:00
Sandeep Rajan f173476007 update manifest 2018-05-24 08:20:41 -04:00
Rodrigo Menezes 5ce8f9e712 Setup heptio authenticator 2018-05-23 17:48:33 -07:00
Rohith de977e627e Customize KubeDNS 
This PR adds the ability for users to customize the kubedns upstream nameservers and provider stubdomains, as per [here](https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/)
 2018-05-13 17:08:56 +01:00
k8s-ci-robot cc25a5a977
Merge pull request #4041 from rajansandeep/corednskops 
CoreDNS in Kops as an addon
 2018-05-10 15:26:54 -07:00
Martin Hoefling e5d954398d Upgrade to flannel v0.10.0 and explicitly specify amd64 arch 2018-05-02 22:31:37 +02:00
Kashif Saadat 0057405d3b Make LogSeveritySys configurable for Canal Networking 2018-04-26 15:47:29 +01:00
Sandeep Rajan eaac019e34 CoreDNS in kops as an addon 
fix test
 2018-04-20 17:03:17 -04:00
JuanJo Ciarlante 01ca06ef2b upgrade kube-dns to 1.14.10, fixes #4986 2018-04-18 08:58:15 -03:00
Justin Santa Barbara a5e58b243e Release 1.9.0 2018-04-11 10:07:36 -04:00
k8s-ci-robot 063afb28d7
Merge pull request #4954 from brb/weave-net-2.3.0 
Bump Weave Net to 2.3.0
 2018-04-10 22:24:55 -07:00
k8s-ci-robot 22a34586cc
Merge pull request #3498 from gambol99/psp 
Pod Security Policies
 2018-04-10 07:43:09 -07:00
Rohith cc695c3805 - changing the version to >= 1.9 as it only really makes sense on theses versions 2018-04-10 14:20:41 +01:00
Martynas Pumputis 85758f8909 Bump Weave Net to 2.3.0 2018-04-10 10:57:38 +02:00
k8s-ci-robot a8ca362e6b
Merge pull request #4851 from sergeylanzman/bump-kube-dns 
Update kube-dns to 1.14.9
 2018-04-09 15:50:08 -07:00
k8s-ci-robot 5d2e730051
Merge pull request #4919 from jamesmcminn96/feature/dnsmasq-extra-config-options 
Add configurable dnsmasq params to KubeDNS
 2018-04-09 15:01:19 -07:00
k8s-ci-robot 7b4bef0e8f
Merge pull request #4928 from edmeister/master 
Configurable log level for calico
 2018-04-09 13:46:35 -07:00
k8s-ci-robot 3f2e77e166
Merge pull request #4935 from andrewsykim/fix-kube-router-version 
fix version of kube-router at v0.1.0
 2018-04-09 13:46:30 -07:00
andrewsykim c072340cda digitalocean: external cloud controller manager should connect to apiserver using 127.0.0.1:443 to avoid circular dependencies 2018-04-09 09:04:20 -04:00
andrewsykim 42b72e475a fix version of kube-router at v0.1.0 2018-04-07 09:28:44 -04:00
Jeroen Schepens cd00575501 Add LogSeverityScreen property to Calico spec. 2018-04-07 09:47:30 +02:00
James McMinn 458f59d5d8 Add dnsmasq parameteres to kubeDNS config 2018-04-06 09:09:54 +10:00
Rohith e8e3ac0c91 Pod Security Policies 
The current implementation doesn't work with PodSecurityPolicies enabled due to no psp policies. This PR adds a default psp policy for the kubelet users and and the kube-system namespace
 2018-04-04 17:43:11 +01:00
Justin Santa Barbara 367f534f89 Release 1.9.0-beta.2 2018-04-04 06:21:12 -07:00
Justin Santa Barbara 98ff1bf726 Release 1.9.0-beta.1 2018-04-02 06:12:53 -07:00
k8s-ci-robot 7d2b1cb5b0
Merge pull request #4698 from andrewsykim/digitalocean-addons 
digitalocean: external cloud controller addon
 2018-04-01 19:02:02 -07:00
Sergey Lanzman 4df6c29828 Update kube-dns to 1.14.9 2018-04-02 00:39:19 +03:00
Justin Santa Barbara 4fc3e7114d kops release 1.9.0 alpha.3 2018-03-26 13:07:59 -04:00
k8s-ci-robot fc1bed4353
Merge pull request #4224 from nebril/cilium-support 
Add Cilium as CNI plugin
 2018-03-26 07:49:02 -07:00
Justin Santa Barbara d49ac2268a Release 1.9.0-alpha.2 2018-03-22 01:23:06 -04:00
Maciej Kwiek 84b522dad0 Update Cilium template to working state 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-03-20 13:08:49 +01:00
Maciej Kwiek bca52dede9 Add Cilium as CNI plugin 
Signed-off-by: Maciej Kwiek <maciej@covalent.io>
 2018-03-20 13:07:26 +01:00
Justin Santa Barbara bf588f925d Update kopeio-networking to 1.0.20180319 2018-03-19 23:36:24 -04:00
andrewsykim b6bdc29d01 digitalocean: external cloud controller addon 2018-03-19 11:14:08 -04:00
Felipe Cavalcanti e9ef618b14 apply a rolling strategy to calico-node daemonset, improve docs 2018-03-12 15:16:08 -03:00
Felipe Cavalcanti 468d941d99 [Calico] Activate node controller in calico-kube-controllers and add CALICO_K8S_NODE_REF in calico-node, this commit fixes #3224 and #4533 2018-03-06 12:33:26 -03:00
Justin Santa Barbara 16f7b31e1a Release 1.9.0-alpha.1 2018-03-01 01:23:22 -05:00
Justin Santa Barbara 5809592f35
Merge branch 'master' into canal-n-calico-to-2-6-7 2018-02-28 22:06:28 -05:00
Erik Stidham 3484febe0d Update Calico and Canal to use calico node v2.6.7 
- Canal updated cni to v1.11.2
 2018-02-28 09:54:39 -06:00
Aleksandar Topuzovic dd5713d5b4
Expose Felix metrics 
* Exposes Felix prometheus endpoint
* Same as `networking.projectcalico.org.canal`
 2018-02-27 11:04:22 +00:00
k8s-ci-robot 8d5da313af
Merge pull request #4479 from justinsb/kubedns_no_negcache 
kube-dns: turn off negcache
 2018-02-20 20:59:39 -08:00
Justin Santa Barbara fe0f2f2c77 kube-dns: turn off negcache 
The equivalent of https://github.com/kubernetes/kubernetes/pull/53604

Not backporting to 1.5 at this point.
 2018-02-20 21:13:45 -05:00
Justin Santa Barbara 7b647431b1 Update kube-dns to 1.14.8 2018-02-20 21:09:16 -05:00
k8s-ci-robot 4b8db1eee0
Merge pull request #4137 from thockin-tmp/gcr-vanity 
Convert registry to k8s.gcr.io
 2018-02-20 08:54:39 -08:00
Rohith c8e4a1caf8 Kubernetes Calico TLS 
The current implementation when Etcd TLS was added does not support using calico as the configuration and client certificates are not present. This PR updates the calico manifests and adds the distribution of the client certificate
 2018-02-14 23:41:45 +00:00
Tim Hockin 79d5f793e7 Convert registry to k8s.gcr.io 2018-02-14 10:08:41 -08:00
Ilya Dmitrichenko 4e495dc2ab
Update Weave Net to version 2.2.0 2018-02-09 13:42:40 +00:00
k8s-ci-robot 357eadd244
Merge pull request #4405 from romana/romana-v2.0.2 
Update versions for romana container images
 2018-02-07 18:00:43 -08:00
Caleb Gilmour d132c0c1a0 Update versions for romana container images. 2018-02-07 23:06:08 +00:00
Chris Phillips b620deba0f adds CONN_LIMIT to the WeaveNetworkingSpec 
Weave limits the number of connections between peers and the default is 30.
As described here: ce9c5162bd/site/kubernetes/kube-addon.md
Setting the CONN_LIMIT environment variable controls this setting. Adding a field in the
WeaveNetworkingSpec and adding the env var to the associated templates lets users
have clusters larger than 30 nodes and still use weave's peer discovery

The weave authors have indicated that 100 is not an unreasonable setting.
https://github.com/weaveworks/weave/issues/1621#issuecomment-152713060
 2018-02-07 09:52:12 -08:00
Justin Santa Barbara 712144a84a Update kopeio-networking to 1.0.20180203 
No major changes, just version updates.
 2018-02-03 13:14:23 -05:00
wlan0 a7668f17fb fix ccm startup wrt dns controller (set dnsPolicy to Default and hostNetwork: true) 2018-02-01 20:38:58 -08:00
k8s-ci-robot 752c7bd96d
Merge pull request #4306 from justinsb/update_kopeio_networking 
Bump kopeio-networking to 1.0.20180120
 2018-01-21 12:45:25 -08:00
Justin Santa Barbara 54af8e41b9 Bump kopeio-networking to 1.0.20180120 2018-01-20 16:33:09 -05:00
Blake 93fb66c223 Upgrade to calico v2.6.6 2018-01-18 13:23:56 -08:00
Manuel de Brito Fontes cb9859719d Update ottoyiu/k8s-ec2-srcdst docker image 2017-12-19 09:46:09 -03:00
Manuel de Brito Fontes 2e05dd17aa Add support for Amazon VPC CNI plugin 2017-12-17 18:08:24 -03:00
Kubernetes Submit Queue 96ee92a4b3
Merge pull request #4063 from rajivm/fix-canal-hostport 
Automatic merge from submit-queue.

Support for hostPort when using canal

Similar to: https://github.com/kubernetes/kops/pull/3206

Without this, we are unable to get `hostPort` working with `canal`. The same is true for `flannel`, but this does add support for plain flannel.
 2017-12-15 07:00:22 -08:00
Kubernetes Submit Queue 3fc8ddd471
Merge pull request #3952 from mikesplain/fix_flannel_nonMasqueradeCIDR 
Automatic merge from submit-queue.

Fix Flannel nonMasqueradeCIDR

Fixes https://github.com/kubernetes/kops/issues/3950

~~And looks like we forgot to bump the version in `bootstrapchannelbuilder.go`~~(moved to https://github.com/kubernetes/kops/pull/3953) (thanks @jkemp101)
 2017-12-13 23:25:41 -08:00
Kubernetes Submit Queue 291edf329a
Merge pull request #3944 from bboreham/weave-212 
Automatic merge from submit-queue.

Update Weave Net to version 2.1.3

This version supports 'v1' NetworkPolicy semantics.

Also includes a feature to clear down data for deleted nodes, which is probably the most-requested fix.
 2017-12-13 22:25:41 -08:00
Justin Santa Barbara 3e236283f3 Tag 1.8.0 2017-12-13 22:13:27 -05:00
Rajiv Makhijani 05f06bea5c Update canal configuration to support portmap plugin (for hostport) 2017-12-13 18:35:16 -08:00
Kashif Saadat 4f15273d49 Downgrade Flannel in Canal deployment to v0.9.0 2017-12-12 11:09:23 +00:00
Bryan Boreham 1b9486a7af Bump to v2.1.3 2017-12-04 15:11:15 +00:00
Mike Splain 1417f9eebe Fix Flannel nonMasqueradeCIDR 2017-11-29 09:34:37 -05:00
Mike Splain 96aefac318 Fix flannel error on starting 2017-11-28 21:39:08 -05:00
Justin Santa Barbara b8b7287e4a Bump versions to 1.8.0-beta.2 2017-11-28 13:27:58 -05:00
Bryan Boreham f1c8d89e55 Update Weave Net to version 2.1.2 
This version supports 'v1' NetworkPolicy semantics.
Also includes a feature to clear down data for deleted nodes.
 2017-11-28 17:13:31 +00:00