kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,860 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

618 Commits

Author SHA1 Message Date
Peter Rifel 0326ce4ad7
Dont generate the ssl_certificate_id field on TCP listeners in Terraform 2020-08-30 09:44:16 -05:00
Justin SB 786423f617 Expose JWKS via a feature-flag 
When the PublicJWKS feature-flag is set, we expose the apiserver JWKS
document publicly (including enabling anonymous access).  This is a
stepping stone to a more hardened configuration where we copy the JWKS
document to S3/GCS/etc.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 10:15:11 -04:00
Justin SB c63ce4b5ab Implement setter by reflection 
This means we no longer have to individually hard-code the `kops set`
fields, however we use the "language" we're now demonstrated.

We add tests to ensure we have parity with our existing (hard-coded)
setter logic.
 2020-08-30 09:59:52 -04:00
Peter Rifel 55f33c68b3
Cleanup old v1alpha1 test outputs 2020-08-27 14:30:10 -05:00
Peter Rifel 64f6f5e2cb
Add integration test for GCE private topology with bastion 2020-08-27 14:28:26 -05:00
Ciprian Hacman cd82550088 Update integration test for Calico after validation changes 2020-08-24 12:54:15 +03:00
Ciprian Hacman 3f8edd74fe Update integration test for Calico 2020-08-24 12:30:37 +03:00
Ciprian Hacman 2880e22bce Add flag for root volume encryption 2020-08-21 18:31:21 +03:00
Kubernetes Prow Robot 8a81d94c7b
Merge pull request #9773 from victorfrancax1/7286 
Adding support for permission boundaries for AWS IAM Roles
 2020-08-19 06:51:11 -07:00
Victor Ferreira 3aaa9a7c0f feat(aws): adding support to permission boundaries for IAM Roles 2020-08-19 01:16:13 -03:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
Ole Markus With 9890839cec Add an integration test for openstack floating ip 
* Integration test for floatingip cluster
* Implements mocking of floatingIP (only list for now)
* Expands various cloudmocks
* Fixes an NPR in openstack validation
* Fixes a bug where kops tries to use DNS even if the cluster is gossip
 2020-08-12 12:59:30 +02:00
Kubernetes Prow Robot 9b46e3fb9a
Merge pull request #9721 from hakman/ghw-win-2019 
Add windows job to GH workflows
 2020-08-11 11:20:18 -07:00
Ciprian Hacman f9f8ecfcf5 Fix API conversion tests for Windows 2020-08-11 14:28:37 +03:00
Ciprian Hacman 2359a25b84 Fix integration tests EOLs for Windows 2020-08-11 14:28:37 +03:00
Peter Rifel 6991655921
Add openstack integration test. 
This will create / update / update / delete an openstack cluster using cloudmock, ensuring there are no lingering changes reported or orphaned resources
 2020-08-10 15:22:49 -05:00
Ciprian Hacman 527b1eb36f ARM64 support - Update expected tests output 2020-08-10 12:05:24 +03:00
Kubernetes Prow Robot 2fbef78143
Merge pull request #9650 from johngmyers/update-notag 
Remove tags from NodeupConfig
 2020-07-31 02:27:08 -07:00
John Gardiner Myers d434733254 update-expected.sh 2020-07-30 19:42:07 -07:00
John Gardiner Myers cd2941b56c update-expected.sh 2020-07-29 17:24:39 -07:00
Peter Rifel f3e6ac874d
Update integration test outputs with new ssh key tags 2020-07-28 13:35:10 -05:00
John Gardiner Myers be3e311c12 update-expected.sh 2020-07-17 19:32:53 -07:00
John Gardiner Myers c0774d7ffa Stop using legacy IAM in integration tests 2020-07-17 19:32:48 -07:00
John Gardiner Myers d0b30cf771 update-expected.sh 2020-07-17 11:26:09 -07:00
Peter Rifel 4bcc1e1ffa
Remove old unused files 
The yaml files were most likely meant to live in tests/integration/update_cluster/minimal_gce but those files already exist.

The md file is very old and not relevant
 2020-07-13 12:48:28 -05:00
Peter Rifel f213854330
Update integration test outputs with filebase64 2020-07-08 23:24:11 -05:00
Ciprian Hacman 827d8c041f Update mock version to 1.19.0-alpha.1 2020-07-08 18:31:18 +03:00
Peter Rifel 69f2c71cc3
Add tag support to AWS launch templates 
In addition to TagSpecifications which allow tagging of instances and volumes, launch templates support tags of their own.

This adds the usual tags to LTs, as seen in the kubernetes.tf additions. Cloudformation does not yet support it [0], so only "api" and "terraform" targets are updated.

[0] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html
 2020-07-07 22:43:45 -05:00
Ciprian Hacman 69511a998e Use kubelet docker-specific flags only for Docker 2020-07-05 07:57:10 +03:00
Ole Markus With 53f670aeb0 Rebase with master 2020-07-03 08:39:43 +02:00
Ole Markus With 263172caac Use new templates for cilium 1.8 2020-07-03 07:56:35 +02:00
Kubernetes Prow Robot 734a0eb5f3
Merge pull request #9415 from johngmyers/refactor-nodeup-2 
Continue moving InstanceGroup data to NodeupConfig
 2020-07-02 20:50:47 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
John Gardiner Myers 56e5adc67e Move VPC setup into NewCluster() 2020-06-30 12:37:46 -07:00
John Gardiner Myers fe66b0011b Move CloudProvider determination into NewCluster() 2020-06-30 12:37:11 -07:00
John Gardiner Myers 5f45389124 update-expected.sh 2020-06-28 18:52:03 -07:00
John Gardiner Myers 35645b49c4 update-expected.sh 2020-06-28 18:51:42 -07:00
John Gardiner Myers 64167b7420 update-expected.sh 2020-06-28 18:51:16 -07:00
Peter Rifel 75ccf45eb7
Fold multiple integration test cases into the complex cluster test 
Each integration test cluster adds many LoC and some overhead in running the integration tests.
Since many of the tests are only testing a specific feature, it would be simpler to combine all of the non-mutually exclusive features into the complex cluster.
 2020-06-19 22:09:22 -05:00
Ciprian Hacman 80295961fb ARM64 support - Update tests output 2020-06-19 04:42:11 +03:00
John Gardiner Myers 91c741d8fb update-expected.sh 2020-06-17 09:09:24 -07:00
Peter Rifel c5882446c8
Only store launchtemplate userdata in plaintext for terraform 0.12+ 2020-06-16 17:16:41 -05:00
Peter Rifel 964d402eb5
Store terraform launchtemplate userdata in plaintext rather than b64 
This makes it easier to grok the userdata contents
 2020-06-16 16:53:49 -05:00
Ciprian Hacman d888b1f517 Update integration tests 2020-06-12 06:24:08 +03:00
John Gardiner Myers 1b03e7237b hack/update-expected.sh 2020-06-10 09:34:48 -07:00
Ciprian Hacman 3eda07aec0 Update tests output 2020-06-03 17:25:53 +03:00
Ciprian Hacman c0b62a74ca Remove all traces of utils.tar.gz 2020-06-03 09:55:45 +03:00
Kubernetes Prow Robot e6d73b5ba0
Merge pull request #9135 from justinsb/gce_no_hostname_no_worries 
GCE: don't rely on hostname being correct
 2020-05-22 17:43:10 -07:00
Peter Rifel 7228223781
Update integration test outputs 2020-05-22 18:48:20 -05:00
Kubernetes Prow Robot 2c899d859a
Merge pull request #9104 from hakman/containerd-kubenet 
Add support for Kubenet with containerd
 2020-05-21 22:20:38 -07:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
Kubernetes Prow Robot 204cf58c96
Merge pull request #9124 from johngmyers/bastion-private 
Don't put bastions in the utility subnets
 2020-05-19 21:26:18 -07:00
Kubernetes Prow Robot bda2a15ee6
Merge pull request #9024 from tomesm/support_launch_template 
Added Launch Template support for instance interruption behavior
 2020-05-17 15:35:36 -07:00
John Gardiner Myers ec4fe1e7e8 Don't put bastions in the utility subnets 2020-05-12 22:06:34 -07:00
Ciprian Hacman e608cd5265 Add support for Kubenet with containerd 2020-05-12 17:20:59 +03:00
Peter Rifel ef6abbcd5c
Don't use file references for single line strings in gce's metadata fields 2020-05-06 23:06:24 -05:00
John Gardiner Myers 843e5b9b16 Move GCEServiceAccount into CloudConfig 2020-05-03 20:35:32 -07:00
Ciprian Hacman 78de18a803 Update k8s.gcr.io/pause image to version 3.2 2020-05-01 22:12:42 +03:00
Ole Markus With 74732487d5 Fix various tests that used masters without etcd members 2020-04-30 18:32:28 +02:00
Martin Tomes c66180bc58 Added support for instance interruption behavior 2020-04-29 14:53:17 +02:00
Peter Rifel fd17a118f5
Remove irrelevant TODO comment from userdata 
This comment is from 2016, isn't clear, and I believe may be no longer relevant.

This will cleanup the TODO comment from everyone's userdata.
 2020-04-18 08:54:35 -05:00
Nicolas Vanheuverzwijn bcb141ab74 bastion: add test for loadbalancer.additionalSecurityGroups 2020-04-16 12:04:59 -04:00
Ole Markus With d174faf116 Add some integration tests for cilium 2020-04-16 16:22:58 +02:00
Ole Markus With a7f631e7c9 Apply suggestions from code review 
Co-Authored-By: Peter Rifel <rifelpet@users.noreply.github.com>
 2020-04-16 08:42:59 +02:00
Ole Markus With 869ab75dea Use etcd-manager for the cilium etcd cluster 2020-04-16 08:42:59 +02:00
Peter Rifel 460cdbfc67 Add CloudLabels tags to additional AWS resources 
This adds any labels defined in the Cluster spec's CloudLabels to the tags of the following AWS resource types:

Elastic IP
Internet Gateway
NAT Gateway
Route Table
Security Group
Subnet
VPC DHCP Options
VPC
 2020-04-11 13:25:52 -05:00
Peter Rifel fb7fba0152 Update GCE integration test output 2020-04-08 22:16:57 -05:00
Peter Rifel fa2d64c3a3 Update expected outputs of terraform tests 2020-04-05 21:24:49 -05:00
eric-hole c59314a799 Adds some initial tests. Fixes some logic 
Need to fix service account implementation first

Fixing tests and iterating on the serviceaccount logic

Run the gce_byo_sa test
 2020-04-04 21:20:31 -07:00
eric-hole b3d65ffce0 Adds a gce-service-account flag so you BYO service-account 
Generated code and some cleanup

Not sure where that code went

Tests for service account

fixes case on gceserviceaccount
 2020-04-04 21:15:56 -07:00
Kubernetes Prow Robot 759e24a490
Merge pull request #8802 from thejasbabu/feature/spot-block 
Add support for Spot block in launch template
 2020-04-01 10:15:27 -07:00
Peter Rifel a0e1672cdc add terraform testing 2020-03-31 14:50:45 -05:00
Thejas B dda8dc3f37 Add support for Spot block in launch template 
- Launch configuration does not support the field SpotDurationInMinutes which is used to reserve the spot instances, but however Launch Template does
 2020-03-31 20:07:01 +05:30
Peter Rifel ee86488d98 Don't set terraform's user_data if it is an empty string 
Bastion hosts have no user_data by default.
This is not valid in terraform, based on the error messages reported here [0]

The Terraform provider code says user_data is optional for both LaunchConfigurations and LaunchTemplates [1] [2]

This change prevents the user_data property from being added to aws_launch_configuration and aws_launch_template resources unless the string is not empty.

[0] https://travis-ci.org/github/kubernetes/kops/jobs/662472020
[1] 04d24f80f3/aws/resource_aws_launch_configuration.go (L74-L76)
[2] 04d24f80f3/aws/resource_aws_launch_template.go (L510-L512)
 2020-03-31 09:33:16 -05:00
Peter Rifel 833b22575f Disable anonymous auth in integration test clusters 
This silences the anonymousAuth warning printed during `update cluster`, reducing the integration test output by >500 lines.
 2020-03-29 22:21:10 -05:00
John Gardiner Myers b645dac752 Remove support for v1alpha1 and before 2020-03-24 19:49:15 -07:00
John Gardiner Myers d9e999d377 Convert TestMinimal_json to v1alpha2 API 2020-03-24 19:49:07 -07:00
Ciprian Hacman 5c8cc493af Set default log level to "info" for containerd 2020-03-22 20:53:58 +02:00
eric-hole 31285f921b Adds a minimal GCE integration test 2020-03-17 01:19:49 -07:00
Ciprian Hacman 576e546b5e Update integration tests for launch templates 2020-03-16 18:41:39 +02:00
Ciprian Hacman 59a6b065a0 Add root volume tags for CF and TF targets 2020-03-16 18:41:39 +02:00
Ciprian Hacman 7398f9bd47 Add LaunchTemplate integration tests 2020-03-16 16:01:57 +02:00
eric-hole 0daa5388ba Fixing gce integration tests (thanks Peter) with nodeLabels 2020-03-14 12:18:05 -07:00
Peter Rifel cd66f93a97 Remove unused integration test files, make complex cluster spec consistent 2020-03-13 23:24:48 -05:00
Ciprian Hacman 661bd6dfbd Add "owned" tag for all instance groups related resources 2020-03-02 10:39:50 +02:00
Matt Ouille f025ff0e70
Add External Policies (AWS managed policy attachments) 2020-02-16 21:54:12 -08:00
Ole Markus With 98ea9119a3 Fix tests 2020-02-06 19:41:47 +01:00
Justin SB 5d7fc87102
Update expected output to include v in github URLs 2020-02-05 20:58:03 -05:00
Christian van der Leeden 549f54de48 Enabling JSON output for Terraform instead of writing the HCL syntax tf file. JSON syntax is officially supported in 0.12 and a terraform version requirement will be set. For previous installations you need to delete the .tf file by hand. JSON generation will fail if kubernetes.tf is present. 
Added Integration Test using minimal test setup

Added documentation. For terraform 0.12 support the resource names need to be changed still
 2020-01-17 22:03:19 +01:00
Peter Rifel e0cebf30e5 Update terraform resource names to be 0.12 compatible. 
According to the upgrade guide [0] resource names cannot start with digits.
Currently both routes and VPC CIDR associations start with digits, so this adds prefixes to them so that they are valid resource identifiers in 0.12.

This is a significant change because on its own, terraform will destroy and recreate the route which impact the cluster networking.
To avoid this, existing clusters this will require moving the resources within the terraform state prior to the next `apply`.

```
kops update cluster --target terraform --out ./
terraform state mv aws_route.0-0-0-0--0 aws_route.route-0-0-0-0--0 # repeat for all aws_route resources
terraform plan
terraform apply
```

The exact terraform state command may vary depending on how Kops' terraform output is used.
See the command documentation [1] for more details.
Always run a terraform plan first to ensure the `aws_route` and `aws_vpc_ipv4_cidr_block_association` resources are not getting recreated.

Due to the potential impact, this notice should be very prominant in the Kops release notes

[0] https://www.terraform.io/upgrade-guides/0-12.html
[1] https://www.terraform.io/docs/commands/state/mv.html
 2020-01-17 07:51:39 -06:00
Austin Moore 4a88f7b5a5
Add ability to specify no ssh key by setting sshKeyName to empty 
Add tests for no ssh key functionality

Add docs for setting no ssh key

Disable sshKey rendering for cloudformation if nosshkey is set

Fix broken test

make goimports

Fix

Formatting fix

Update kubernetes version for tests

Update expected test output

Fix imports in mesh.pb.go

Run hack/update-expected.sh

Change digital ocean logic to handle *string for SSHKeyName

Fix expected output

Missed a few
 2020-01-15 15:24:32 -05:00
Nicolas Vanheuverzwijn 6db1b185e6 run hack/update-expected.sh 2020-01-13 16:12:47 -05:00
Nicolas Vanheuverzwijn eaa025effd run hack/update-expected.sh: we now consistenly output an empty user-data for bastion node 2020-01-13 15:28:20 -05:00
Kubernetes Prow Robot 7116d80467
Merge pull request #8284 from johngmyers/validate-cidr 
Improve CIDR validation
 2020-01-11 21:21:45 -08:00
John Gardiner Myers bbf85d0a15 Improve CIDR validation 2020-01-06 22:27:34 -08:00
Kubernetes Prow Robot 63930904c3
Merge pull request #8269 from justinsb/ops_kops_writeable 
Make /opt/kops writeable on COS
 2020-01-06 01:33:34 -08:00
Kubernetes Prow Robot e4da659509
Merge pull request #8196 from justinsb/dont_preload_unused_images 
For dev, don't preload docker images on nodes
 2020-01-04 16:15:40 -08:00
Justin Santa Barbara 6c41748640
Download nodeup into a writeable path on COS 
/opt/ isn't writeable on COS, so we download to /var/lib/toolbox/kops
instead.
 2020-01-04 18:16:08 -05:00
Kubernetes Prow Robot 78267482bf
Merge pull request #8212 from hakman/move-nodeup 
Move nodeup to /opt/kops/bin
 2020-01-04 14:49:40 -08:00
Justin SB 976724dfec
Update tests for leaner configuration 2020-01-04 14:25:21 -05:00
Peter Rifel 21c5a82ed3 Update mock kops version 2020-01-03 08:17:02 -06:00
Ciprian Hacman 474cb76827 Update tests 2019-12-28 22:17:16 +02:00
Kubernetes Prow Robot 8664fa69c4
Merge pull request #8172 from hakman/container-runtime-cli-flag 
containerd: Add --container-runtime cli flag
 2019-12-27 09:29:59 -08:00
Ciprian Hacman 760c7b06b4 Use containerd 1.2.4 with Docker 18.09.3 2019-12-23 19:26:38 +02:00
Ciprian Hacman 8523dd8d9d Update tests for --container-runtime 2019-12-22 22:16:08 +02:00
Peter Rifel cf43c53f4d Update kubernetes versions used in integration tests 2019-12-21 08:12:48 -06:00
Ciprian Hacman f1ffd9a7f6 Rename config option contained.configFile to containerd.configOverride 2019-12-16 00:59:26 +02:00
Ciprian Hacman 6363289103 Update tests after rebase 2019-12-16 00:59:26 +02:00
Ciprian Hacman 1a4d8bf49c Add support for containerd container runtime - tests 2019-12-15 21:37:57 +02:00
Christian van der Leeden 118300a876 setting google provider to at least 3.0.0 2019-12-14 19:35:32 +01:00
Christian van der Leeden ddc0879e6d some resources upgraded to google provider 3.0 2019-12-13 19:13:59 +01:00
Ciprian Hacman a27db809c9 Update integration test output after #8053 2019-12-07 06:08:23 +02:00
Peter Rifel bb3140deba Update integration test to cover CloudFormation output of NAT gateways 2019-12-06 14:04:35 -06:00
Gabriel Tiossi 35071ccaff test: Volume integration in update_cluster/complex 
Add rootVolumeDeleteOnTermination and deleteOnTermination to test if
volumes are being retained properly in direct, terraform and
cloudformation
 2019-12-04 13:13:23 -03:00
John Gardiner Myers f1068e5c8c Update apiVersion in docs and tests 2019-11-09 14:14:24 -08:00
Justin SB 098b348d6a
stable channel: promote default AMIs from alpha -> stable 
Promoting the 2019-09-26 AMIs
 2019-11-07 22:42:03 -05:00
Kubernetes Prow Robot 1bb829bb4a
Merge pull request #7378 from justinsb/add_artifacts_k8s_io 
Add artifacts.k8s.io to mirror list
 2019-10-12 11:18:37 -07:00
Justin SB 1a7bb9d21e
Update expected test output 2019-10-05 16:40:31 -04:00
Justin SB 4e1e596fc9
Add artifacts.k8s.io to mirror list 
The official mirror is coming!
 2019-09-30 12:03:53 -04:00
Justin SB b094fc0f29
Add test for the float -> resource.Quantity switch 
Check that we produce values that can still be parsed
 2019-09-29 13:50:47 -04:00
Justin SB e5d710616a
Add test for float args 
We likely need to change from floats to resource.Quantity, so we need
to estabilsh more test coverage before we can safely make the change.
 2019-09-29 13:14:21 -04:00
Justin SB 97f552778f
Add env vars, update tests 2019-09-25 12:48:13 -04:00
Justin SB 1580d4c82b
Update tests to use k8s >= 1.14 
Where tests are using a version of k8s that is now really deprecated,
replace it with k8s 1.14.0.
 2019-09-14 13:58:50 -04:00
Justin SB fafa283e02
Promote 2019-08-16 AMIs from alpha -> stable 
As discussed in office hours.
 2019-09-14 11:32:38 -04:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 21cb8ece06
Label AWS ASGs with kops.k8s.io/instancegroup 
We will use this to map an AWS instance to the instance group.
 2019-09-02 09:26:23 -07:00
Kubernetes Prow Robot a957428446
Merge pull request #7470 from justinsb/update_to_k115 
Update to kubernetes 1.15
 2019-08-27 10:24:43 -07:00
Justin SB 4733317a64
Update expected test for new script 2019-08-25 21:15:14 -04:00
Justin SB 79bf0a05ac
Fix golden output: creationTimestamp is now quoted 2019-08-25 16:00:40 -04:00
Kubernetes Prow Robot 675eeaa07b
Merge pull request #7447 from justinsb/use_mirrors 
nodeup download should try all mirrors
 2019-08-22 07:10:43 -07:00
Justin SB 05bbf9cbcc
bash script: don't assume nodeup filename 
We were previously assuming that the name of the URL matched the name
we wanted to download to, but also assuming that the name of the file
was nodeup.  Change to download to a known file location, whatever the
mirror url.
 2019-08-22 01:13:47 -04:00
Justin SB 2462ab1c02
nodeup download should try all mirrors 
On an error, we were bailing out early!
 2019-08-22 01:05:16 -04:00
Justin SB 330ccfcd55
Support mirroring for nodeup also 
We weren't using mirrors for nodeup (just protokube), though the
existing bash script supports mirrors.
 2019-08-04 01:34:39 -04:00
Kashif Saadat 290997464b Update integration tests 2019-08-02 11:56:37 +01:00
Austin Moore 4485b115f4
Default CrossZoneLoadBalancing to false if not set 2019-07-26 12:21:43 -04:00
Austin Moore 66a8d1de90
Add integration test for cross-zone-load-balancing 2019-07-26 12:21:43 -04:00
Justin SB 512378b335
Rationalize golden-output comparison 
Create a single helper function: AssertMatchesFile

Also a few output files that weren't consistent.
 2019-07-21 23:08:48 -04:00
mikesplain 0e4c1080e7 Add docs and test 2019-06-21 14:00:37 -04:00
Peter Rifel adef332fe3 Add integration test for mixed instances / launch templates 2019-06-07 14:29:34 -07:00
Justin SB ba9a4afc43
apigroup -> kops.k8s.io: Tests & supporting changes 
Autogenerated code, docs & test changes

Also a new test for the older "kops" apiGroup, to make sure that
continues to work.
 2019-05-06 22:26:29 -04:00
Ryan Bonham 54ef99ef54 Update Tests 2019-04-30 09:15:08 -05:00
mikesplain d6c02d3d72 Fix tests 2019-03-29 13:29:11 -04:00
Rodrigo Menezes 4b1e92617a Add terraform support for additional CIDR blocks now that it has support. 2019-03-28 00:47:08 -07:00
Justin SB 4f469fab9a
Support mirrors with restricted characters 
Github doesn't allow us to have slashes in our release artifact names;
we therefore support a configurable per-mirror set of substitutions.
We use that to map `/` to `-` for github.
 2019-03-26 01:02:31 -04:00
Justin SB 7bd4a7e262
Support download protokube from mirror 2019-03-26 00:45:54 -04:00
ryan-dyer e131f67b39 Add additional tags to expected TF output 2019-03-20 10:19:10 -05:00
Michael Taufen 798044b720 Stop setting deprecated --allow-privileged Kubelet flag in 1.14 2019-03-04 13:28:41 -08:00
Kubernetes Prow Robot b922aa5a85
Merge pull request #6503 from justinsb/simple_mirror 
Simple mirror support
 2019-02-26 08:34:11 -08:00
Eric Greer 31a4c40131 merge conflict resolution 2019-02-21 15:20:05 -08:00
Eric Greer 8362b1260e etcd memory requests can now be specified 2019-02-21 15:14:51 -08:00
Justin SB ec2151f229
Update tests for mirrors 2019-02-20 14:32:00 -05:00
Moustafa Baiou ec43c4a6c0
update test case 2019-01-27 16:01:04 -05:00
Moustafa Baiou 2028841338
fix integration test for unmanaged egress 
gofmt
 2019-01-27 15:53:21 -05:00
Justin Santa Barbara fab5f7f878
Fix integration test to highlight changes 
Split out to show the actual changes
 2019-01-27 15:53:21 -05:00
Justin Santa Barbara f9f7eb628e
Create integration test for unmanaged networking 2019-01-27 15:53:21 -05:00
David Archer 36d2282d6b AWS: Enable ICMP Type 3 Code 4 for API server ELBs 2019-01-12 07:20:17 -05:00
Kubernetes Prow Robot 38076b3f91
Merge pull request #6296 from justinsb/gce_labels 
GCE terraform: support labels
 2019-01-09 02:05:29 -08:00
Justin SB d145e1fe6f GCE terraform: map source tags in firewallrule 2019-01-03 23:28:44 -05:00
Justin SB 9494dfeb8c GCE terraform: support labels 2019-01-03 23:22:54 -05:00
Justin SB 4aa2498203
Rationalize deserialiation code 
Put it all through kopscodecs.Decode, so that we can rewrite the API
group more easily in a subsequent PR.
 2018-12-21 13:59:50 -05:00
Justin SB 26bd75aecb
Bulk spelling fixes 
Experimenting with my own spelling checker, these are the typos it caught.
 2018-12-20 17:43:56 -05:00
Jared Allard fee9bb1f90
fix(tests/integration/create_cluster): fix up minimal <-> ing mixup 2018-11-24 17:12:04 -08:00
Jared Allard 4c4dd466da
fix(tests/integration/update_cluster): accidentally broke test earlier 2018-11-24 17:09:57 -08:00
Jared Allard c54222bdb8
chore(tests): use minimal as the test not dedicated security one 2018-11-24 17:07:19 -08:00
Jared Allard 19811d9759
chore(tests): fix them up 2018-11-24 17:03:50 -08:00
Jared Allard f4de628519
chore(tests): fix some find and replace issues 2018-11-24 16:23:05 -08:00
Jared Allard 49ceb0a8dc
feat: fix tests and ref link in apply_cluster 2018-11-24 16:17:32 -08:00
Jared Allard 2182b879d9
fix(cmd/kops/create_cluster): set anonymousAuth to false not true, whoops 2018-11-24 11:08:09 -08:00
Jared Allard 2336498467
chore(tests/integration/create_cluster): finalize tests 2018-11-16 23:11:00 -08:00
Jared Allard 19f9d2f4d1
Merge branch 'master' into master 2018-11-16 23:03:38 -08:00
Jared Allard b075964a1d
chore(tests/integration/create_cluster): move test defns lower 2018-11-16 23:02:05 -08:00
Jared Allard 9b5b56aa63
chore(tests/integration/create_cluster): add new field 2018-11-16 22:40:25 -08:00
Ariel Mashraki d63c47149d integration: Fix broken test in externallb 
Running `terraform validate` on `externallb/kubernetes.tf` was failing
because resource name can't contain ":".
 2018-10-20 18:27:41 +03:00
Ariel Mashraki 7dca8a78d2 terraform: Fix resource formatting for IPv6 CIDRs 
Solved #5976
 2018-10-20 15:58:42 +03:00
Justin Santa Barbara e119068480 Update tests for channel bump 2018-10-15 16:56:34 -04:00
k8s-ci-robot 646fee8a9d
Merge pull request #5857 from justinsb/strict_cloudformation_output_checking 
Stop cloudformation output switching to literal quotes
 2018-10-02 22:53:19 -07:00
k8s-ci-robot 3fe0287ff8
Merge pull request #5862 from justinsb/follow_on_5744 
Follow on for #5744
 2018-10-02 17:22:03 -07:00
k8s-ci-robot b3d61542cd
Merge pull request #5820 from justinsb/etcd_manager_channels_step1 
etcd: introduce field to specify whether we are using etcd-manager or legacy mode
 2018-10-02 14:20:37 -07:00
Justin Santa Barbara 1e2a62992b Use JoinSuffixes for node->master traffic, also fix AmazonVPC rule 
This ensures we are consistently naming our rules
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 1906bcdf5d We need to create the cross-product of rules for SG overrides 
e.g. each master SGs need to be configured to talk to each master SG
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 1f2a8042b5 Test case where we mix override & default SGs 2018-10-02 11:53:41 -07:00
Justin Santa Barbara bfb54935ff Build security groups along with suffixes 
Fixes the case where we mix use of specified & default SGs.
 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 076742f528 Still materialize terraform output in tests 
If we skip it, we can't test it.  We do expect that most users will
use a lifecycle that only warns though.
 2018-10-02 11:53:39 -07:00
Rodrigo Menezes 4cd8dbae3f Update tests 2018-10-02 01:42:46 -07:00
Rodrigo Menezes a82f548ff8 Allow using existing/shared Security Groups 
Verbosely log when a user overwrites LB or IG security groups

Change SecurityGroup to SecurityGroupOverride

Allow using existing/shared Security Groups

Update tests
 2018-10-02 00:51:39 -07:00
Justin Santa Barbara 1ad7a84d53 Stop cloudformation output switching to literal quotes 
yaml can't store the \r character, so we strip the \r characters in
the expected output to keep the yaml output in block-quote style.

Also don't Fatalf out of an error, rather Errorf so we print all
problems.
 2018-10-01 20:44:19 -07:00
Justin Santa Barbara 54c499fe9b Introduce field to specify whether we are using etcd-manager or legacy mode 
Splitting this out from the bigger bundle PR
 2018-10-01 15:36:24 -07:00
Rohith 2fc634c556 Revert "Apply cloud labels into ELB" 
This reverts commit b52c945f9f.
 2018-09-25 13:53:38 +01:00
Justin Santa Barbara e6bf6b9f32 Field names are case-sensitive again 
There was a regression in apimachinery which meant that kubernetes
tolerated field names with incorrect case.  Upstream bug is
https://github.com/kubernetes/kubernetes/issues/64612

Syncing up with latest kubernetes will mean we get the same breaking
change as kubernetes has/had.  It should only affect people that are
manually building YAML / JSON.

Added as a significant item to release notes.
 2018-09-23 19:23:28 -04:00
Justin Santa Barbara 237043dded Update expected test output for script changes 2018-09-21 14:51:45 -04:00
k8s-ci-robot b1c446f8f3
Merge pull request #5503 from mikesplain/fix_suspendprocess 
Fix suspendprocess
 2018-09-03 16:28:31 -07:00
k8s-ci-robot 2319db8f59
Merge pull request #4797 from justinsb/check_no_legacy_tags_on_shared 
lifecycle tests: check no legacy tags on shared resources
 2018-09-03 15:28:26 -07:00
k8s-ci-robot c61fb537ac
Merge pull request #5593 from wingyplus/elb_cloud_labels 
Apply cloud labels into ELB
 2018-08-18 02:00:01 -07:00
Justin Santa Barbara 16985c3abc Remove _kubernetes_master tag 
We can get the master role just as readily from the InstanceGroup spec
 2018-08-14 21:01:07 -04:00
Justin Santa Barbara 1c3949bdfe Don't assume that we only have one subnet per AZ 
I made a mistaken assumption in
dde2100a19 that we only had one subnet
per AZ, but as demonstrated in #5587 this was not the case.

What I was trying to achieve was not to include the cluster name, so
for the case of subnets this commit just uses the subnet name from the
cluster spec, which should be unique and stable.  That is hopefully at
least as meaningful.

Thankfully we hadn't released a version with the erroneous naming.

Fix #5587
 2018-08-13 13:15:03 -04:00
Thanabodee Charoenpiriyakij b52c945f9f Apply cloud labels into ELB 
Fixes #2048
 2018-08-11 00:43:19 +07:00
Justin Santa Barbara a7b22b4876 Remove GetAsgForInstance IAM permission 
It isn't a valid IAM permission - it was introduced in error, but IAM
is kind enough to ignore it.

Fixes #5549
 2018-08-02 11:27:29 -04:00
Justin Santa Barbara 38fd71605e Add test for additionalPolicies 2018-07-27 00:18:53 -04:00
Mike Splain a93ca798ec Fix tests 2018-07-23 20:55:44 -04:00
Christian Kampka 00cd85d73e Add autoscaling group ids to terraform module output 2018-07-20 13:15:03 +02:00