kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,603 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

1421 Commits

Author SHA1 Message Date
Ciprian Hacman f3c6558fd0 Release 1.21.0-alpha.3 2021-04-14 09:13:04 +03:00
Ciprian Hacman 4746f6d00c Fix etcd volume validation logic 2021-04-13 12:03:38 +03:00
Kubernetes Prow Robot c573d9d449
Merge pull request #11207 from johngmyers/rename-sa-key 
Rename the service account key
 2021-04-11 14:04:06 -07:00
Barry Melbourne 1a60629d38 Update Docker to v20.10.5 2021-04-11 19:26:46 +01:00
John Gardiner Myers fdc61b4bdb Rename the service account key 2021-04-11 08:11:27 -07:00
liranp 97370b0adc
fix(spot/ocean): configure headroom resources only at the vng level 2021-04-06 23:41:40 +03:00
Ole Markus With dbd23473ef Add irsa support for awslbcontroller 
This commit also introduces support for adding token projection volumes for well-known SAs.
Slightly less complicated than explicitly parsing the objects for a manifest
 2021-04-04 21:24:07 +02:00
Kubernetes Prow Robot a01ee1d0fe
Merge pull request #11140 from jurriaanpro/cluster-autoscaler-add-scale-down-delay-after-add 
Add scaleDownDelayAfterAdd to clusterAutoscaler spec
 2021-03-25 05:57:29 -07:00
jurriaanpro 25955ceb6b Add scaleDownDelayAfterAdd to clusterAutoscaler spec 2021-03-25 11:23:48 +01:00
Kubernetes Prow Robot 42fbb1c1c5
Merge pull request #11119 from guydog28/11074-pr 
replace hard coded aws region checks with aws sdk calls
 2021-03-24 09:14:08 -07:00
guydog28 bd80c3f2b4 replace hard coded aws region checks with aws sdk calls 2021-03-24 15:31:05 +00:00
Kubernetes Prow Robot 1bf4fd744f
Merge pull request #11102 from srikiz/Fix-DO-Tag-Index-Match-Issue 
[DigitalOcean] Fix DO Tag issue
 2021-03-23 13:14:42 -07:00
Barry Melbourne 05123faf5a Update containerd to v1.3.10/v1.4.4 2021-03-23 17:02:01 +00:00
Ciprian Hacman fa72535f95 Release 1.21.0-alpha.2 2021-03-22 08:38:47 +02:00
srikiz 94d8a6f748 Fix DO Tag issue 2021-03-22 00:47:28 +05:30
Kubernetes Prow Robot a99668db1e
Merge pull request #10843 from lichuan0620/fix-iops-error 
Add additional IOPS validation for AWS EBS gp3 volumes
 2021-03-21 09:17:43 -07:00
Justin SB c75e084158 Re-add integration tests for jwks 
We removed them from #10756, but they can be re-added.
 2021-03-20 22:55:11 -04:00
Kubernetes Prow Robot 15e4028c81
Merge pull request #10722 from olemarkus/apiserver-nodes 
Apiserver nodes
 2021-03-20 16:43:42 -07:00
Ole Markus With 20bd724f5e Add support for scaling out the control plane with dedicated apiserver nodes 
Ensure apiserver role can only be used on AWS (because of firewalling)

Apply api-server label to CP as well

Consolidate node not ready validation message

Guard apiserver nodes with a feature flag

Rename Apiserver role to APIServer

Add an integration test for apiserver nodes

Rename Apiserver role to APIServer

Enumerate all roles in rolling update docs

Apply suggestions from code review

Co-authored-by: Steven E. Harris <seh@panix.com>
 2021-03-20 20:57:00 +01:00
Kubernetes Prow Robot 2b46042241
Merge pull request #11086 from justinsb/controlplane_should_not_need_dns_permissions 
Don't add control-plane DNS permissions with UseServiceAccountIAM
 2021-03-20 12:29:42 -07:00
Justin SB d7683d85ce Don't add control-plane DNS permissions with UseServiceAccountIAM 
Should not be needed; dns-controller should run on the control-plane
node so there should not be a bootstrapping problem with the nodes.

Reverts #10529
 2021-03-20 14:00:46 -04:00
Justin SB 48ebac6892 Improve error messages around PublicJWKS 
I left off the publicDataStore (must pass --overwrite on create, I
believe), and the error message was a type-cast failure.
 2021-03-20 13:59:14 -04:00
Ole Markus With 397f58deb4 Fix comments from review 2021-03-19 20:51:18 +01:00
Ole Markus With 5178571db5 Comment where the CA sha1s come from 2021-03-19 20:07:57 +01:00
Ole Markus With 1900548213 Upload JWKS files as world readable 2021-03-19 20:07:38 +01:00
Ole Markus With 2c1f88f40e Do not need thumbprints to be resources 2021-03-19 20:05:37 +01:00
Ole Markus With ed166313d2 Use well-known s3 fingerprints 2021-03-19 20:03:28 +01:00
Peter Rifel 7c900b7fae Generate and upload keys.json + discovery.json to public store 
Generate and upload keys.json + discovery.json to public store

Don't enable anonymous auth on publicjwks

Remove tests that won't work using FS VFS anymore
 2021-03-19 20:03:26 +01:00
liranp dc1ee9402a
feat(spot/ocean): support for block device mappings in launchspec 2021-03-10 15:30:39 +02:00
Steven E. Harris 44061601da Test default StorageClass management choice 2021-03-09 11:08:33 -05:00
Steven E. Harris 50e89c1c6a Honor an OpenStack StorageClass management choice 
When choosing a default value for the Cluster spec's
"cloudConfig.manageStorageClasses" field, first check whether a user
specified a concrete value for the related OpenStack
"blockStorage.createStorageClass" field. If so, use that value as the
effective default value for the former field as well, so as to avoid
an unnecessary conflict between the field values on the second
validation pass.
 2021-03-09 09:10:56 -05:00
Bharath Vedartham 0c0767c0c9 Remove support for launch configurations 2021-03-09 09:04:15 +02:00
Ole Markus With c6a741a148 Move dns and external_access to awsmodel 2021-03-07 22:07:17 +01:00
Ole Markus With d415fdf1a1 Move bastion model to awsmodel 2021-03-07 22:06:20 +01:00
Ole Markus With 896f1740c6 Rename spotinst symbols and merge spotinstmodel with awsmodel 2021-03-07 22:06:12 +01:00
Kubernetes Prow Robot ef7c934b9a
Merge pull request #10975 from ottosulin/feature/etcdmanagerconfs 
Add etcd-manager discoveryPollInterval option
 2021-03-05 22:11:43 -08:00
Ole Markus With 063e3f6c7b Use internal api url for jwks when required 
The public api url cannot be used by pods and nodes if access is restricted. So by default we need to use the internal one.
This should finally pass the OIDC e2e test

For public access, api server must be publically available and anonymous
auth must be enabled
 2021-03-05 06:52:51 +01:00
Otto Sulin 8fa6be1b03 Add etcd-manager discoveryPollInterval option 2021-03-04 09:35:05 +02:00
Kubernetes Prow Robot fcefcb59cc
Merge pull request #10945 from olemarkus/exclude-cp-nodes-from-lbs 
Exclude CP nodes from load balancers
 2021-03-03 05:21:21 -08:00
Peter Rifel ce51ec44bc
Use new CPUCredits IG spec field in launch templates 2021-03-02 22:54:29 -06:00
liranp 2abdb90c54
fix: don't skip lb attachments when hybrid is enabled 2021-03-01 14:07:22 +02:00
Kubernetes Prow Robot c802127528
Merge pull request #10935 from cloudnatix/kenji/fix_node_name_conversion 
Fix node label conversion in Azure
 2021-03-01 00:38:40 -08:00
Kubernetes Prow Robot f294793e44
Merge pull request #10948 from rifelpet/tgw 
Add AWS Transit Gateway support
 2021-02-28 23:46:50 -08:00
Kenji Kaneda a2bfbdd4cb Fix node label conversion in Azure 
As Azure doesn't allow "/" in label keys, we used to convert "/" to
"_", but we didn't convert back "_" to "/" in kops-controller.

Change the code to store a label key in a tag value so that we don't
need to worry about escaping.
 2021-02-28 22:35:12 -08:00
Justin SB 09f7f6f039 Update etcd-manager to 3.0.20210228 
Changes:

* Add user agent to etcd-manager requests [#395](https://github.com/kopeio/etcd-manager/pull/395)
* Add etcd-manager metrics, add openstack API metrics [#396](https://github.com/kopeio/etcd-manager/pull/396)
* Make discovery poll interval configurable [#397](https://github.com/kopeio/etcd-manager/pull/397)
* Add log levels to prevent too verbose logging [#394](https://github.com/kopeio/etcd-manager/pull/394)
 2021-02-28 20:41:30 -05:00
Peter Rifel 577df0addf
Add support for defining a transit gateway for a default route 
I opted to just use a *string for the TGW ID in the route task rather than a full TGW task because kops will never be creating TGWs itself, they will always be defined by ID.
 2021-02-28 12:38:29 -06:00
Ole Markus With bca857326f Add standard labels to all resources 2021-02-28 07:43:58 +01:00
Ole Markus With 32fce0d59c Exclude CP nodes from load balancers 2021-02-27 20:14:31 +01:00
Kubernetes Prow Robot 6e7f635edb
Merge pull request #10940 from hakman/sort-external-policies 
Sort external policies when checking for changes
 2021-02-27 10:06:38 -08:00
Ciprian Hacman 925350f836 Sort external policies when checking for changes 2021-02-27 11:36:07 +02:00