kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,627 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

4761 Commits

Author SHA1 Message Date
Kubernetes Prow Robot 1774e6cae3
Merge pull request #12321 from dezmodue/private_bastion 
Add option to create an internal load balancer for the bastion
 2021-09-24 07:23:24 -07:00
Ole Markus With fc9c86e778 Allow adding more subnets to an NLB 2021-09-24 14:21:45 +02:00
Anthony Hausman 5e814f465d
Add support to configure Cilium CNI chaining 
CNI chaining allows to use Cilium in combination with other CNI plugins.

With Cilium CNI chaining, the base network connectivity and IP address management is managed by the non-Cilium CNI plugin, but Cilium attaches eBPF programs to the network devices created by the non-Cilium plugin to provide L3/L4 network visibility, policy enforcement and other advanced features.

https://docs.cilium.io/en/v1.9/gettingstarted/cni-chaining/#cni-chaining

In our case, to be able to use the `HostPort` feature in our cluster, we need to enable the `portmap` plugin.
 2021-09-24 10:39:22 +02:00
Reilly Brogan 9c6bf83c93 Update Cilium to 1.10.4 
- Release notes available [here](https://github.com/cilium/cilium/releases/tag/v1.10.4)
 2021-09-23 13:08:57 -05:00
Reilly Brogan bce435da1c Add bidirectional BPF mount for Cilium >= 1.9.10 or >= 1.10.4 
- Cilium versions 1.10.4 and 1.9.10 now auto-mount the bpf file-system automatically
- Also remove redundant capabilities (these are already automatically granted by virtue of this being a privileged container)
 2021-09-23 13:01:58 -05:00
Kubernetes Prow Robot defcdedb68
Merge pull request #12366 from justinsb/zone_autocompletion 
Support zone autocompletion
 2021-09-22 17:45:10 -07:00
Ole Markus With f06fcc5af2 Add specific taints to dns-controller. 
Also set kops-controller as cluster critical, not node critical
 2021-09-22 16:40:08 +02:00
Kubernetes Prow Robot 6be5fa97d3
Merge pull request #12375 from hakman/go-1.17.1 
Update Go to v1.17.1
 2021-09-21 09:20:24 -07:00
Kubernetes Prow Robot 8f42a4a689
Merge pull request #12368 from justinsb/gce_firewall_rules_always_ipv6 
GCE: Always have IPv6 rules in "ipv6 mode"
 2021-09-20 20:38:23 -07:00
Kubernetes Prow Robot 06924c58b7
Merge pull request #12373 from justinsb/gce_no_utility_subnets 
GCE: Don't create utility subnets in private topology
 2021-09-20 15:32:23 -07:00
justinsb c7e6187493 Support zone completion 
Refactor cloud listing & zone guessing into its own package.
 2021-09-20 09:53:33 -04:00
Justin Santa Barbara 1db266f15a Move cidrmap to subnet package 
This will enable reuse outside of gce.
 2021-09-20 09:33:10 -04:00
justinsb 16fc5e8cec GCE: Don't create utility subnets in private topology 
We don't need them on GCE, and in fact we don't support them with IP Alias.
 2021-09-20 09:31:33 -04:00
justinsb 76f816f483 GCE: Always have IPv6 rules in "ipv6 mode" 
If we don't specify some SourceRanges, it defaults to 0.0.0.0/0, which
is IPv4 and confusing.
 2021-09-20 09:26:28 -04:00
justinsb 856a321a6f Better logging in setLifecycleOverride 
Remove the log message at V(8), it doesn't include any real
signal.  This method also gets called a lot!

Also differentiate between the expected and unexpected cases when a
task implements/does not implement HasLifecycle.
 2021-09-20 07:13:55 -04:00
Ciprian Hacman 19564888f4 Use "//go:build" lines together with "// +build" lines 
The go command now understands //go:build lines and prefers them over // +build lines. The new syntax uses boolean expressions, just like Go, and should be less error-prone. As of this release, the new syntax is fully supported, and all Go files should be updated to have both forms with the same meaning. To aid in migration, gofmt now automatically synchronizes the two forms. For more details on the syntax and migration plan, see https://golang.org/design/draft-gobuild.
 2021-09-20 07:35:31 +03:00
justinsb 8c66610b8d Fix nil pointer error where containerd is not in use 
We need to check for nil.

We could consider using Getters.
 2021-09-19 21:59:22 -04:00
justinsb e21a20e863 Only configure IMDSv2 on AWS 
These aren't used on other clouds.
 2021-09-19 14:00:54 -04:00
Ciprian Hacman faa66c6597 Update Calico to v3.20.1 2021-09-19 09:31:39 +03:00
Simone Sciarrati 61763d488a Add option to create an internal load balancer for the bastion 2021-09-18 20:47:55 +02:00
Kubernetes Prow Robot 7f7a78a285
Merge pull request #12322 from rifelpet/managed-files2 
Create a second Terraform provider for managed files
 2021-09-18 10:30:08 -07:00
Ciprian Hacman fa853add24 Fix EC2 IPv6 endpoint for EBS CSI Driver controller 2021-09-18 18:34:13 +03:00
Kubernetes Prow Robot e1d8d12efb
Merge pull request #12351 from eddycharly/clean-comment 
fix: remove inconsistent comment
 2021-09-18 05:50:09 -07:00
Charles-Edouard Brétéché 1353039fac fix: remove inconsistent comment 2021-09-18 14:04:22 +02:00
Ciprian Hacman bc6705c956 Use EC2 and Metadata IPv6 endpoints in IPv6 mode for EBS CSI Driver 2021-09-18 14:22:22 +03:00
Peter Rifel 476eb96970
./hack/update-expected.sh 2021-09-17 18:08:59 -05:00
Peter Rifel 0449d6e36f
Upgrade TF to 0.15 and include the provider's configuration_aliases 2021-09-17 18:08:59 -05:00
Peter Rifel 0f67cb1edb
Include second tf provider when ConfigBase implements TerraformPath 2021-09-17 18:08:58 -05:00
Peter Rifel ff50a52ae0
Add API field for managed files terraform provider config 2021-09-17 18:08:58 -05:00
Peter Rifel 3ec1295cf0
Add support for writing lists of terraform literals 2021-09-17 18:08:57 -05:00
Peter Rifel eaea60ff07
Disallow TerraformJSON + TerraformManagedFiles and deprecate TerraformJSON 2021-09-17 06:42:07 -05:00
Peter Rifel 5247bb8cc2
./hack/update-expected.sh 2021-09-16 20:04:36 -05:00
Peter Rifel 0bcd39e905
Add IPv6 IMDS terraform support 
This requires bumping the minimum aws provider version to the version that includes the support
 2021-09-16 20:02:03 -05:00
Ole Markus With 1323ed9040 Add more tolerations to kops-controller and CCM . 
CCM and kops-controller taint each other out. This will make them
schedule, and schedule earlier.
 2021-09-16 21:09:45 +02:00
Ole Markus With a3a2a9c3bf Have nodeup assign an ipv6 prefix 2021-09-16 19:28:07 +02:00
Ole Markus With 88bd1953ce Have kops-controller assign instance ipv6 prefix to node 2021-09-16 19:25:19 +02:00
Yadnesh Kulkarni 14dbc68aa7 Report the power state of cloud instances 2021-09-15 15:35:58 +05:30
Kubernetes Prow Robot b4ba59993e
Merge pull request #12316 from rifelpet/managed-files 
Allow arbitrary length terraform literals
 2021-09-13 06:58:07 -07:00
Kubernetes Prow Robot 7a67dce053
Merge pull request #12314 from olemarkus/sgr-ids 
Use sg rule ids and tags where possible
 2021-09-12 07:10:07 -07:00
Ole Markus With d98994686a Use sg rule ids and tags where possible 2021-09-12 14:32:58 +02:00
Kubernetes Prow Robot 2645e8410a
Merge pull request #12308 from olemarkus/lb-dns-no-precreate 
Do not precreate dns record for api lbs
 2021-09-12 05:18:06 -07:00
Peter Rifel c04f9e0a6a
Allow arbitrary length terraform literals 
Terraform provider aliases are referenced with two "tokens": `aws.files`

This adds support for literal references with an arbitrary number of tokens
 2021-09-12 07:32:30 -04:00
Kubernetes Prow Robot 1b431b4c9c
Merge pull request #11628 from olemarkus/gpu-runtime 
Pre-install nvidia container runtime + drivers on GPU instances
 2021-09-11 13:00:07 -07:00
Ole Markus With bba3c3abfe Bump aws ebs csi driver to 1.2.1 2021-09-11 14:15:31 +02:00
Ole Markus With 7cdfd6553d Do not precreate dns record for api lbs 
Precreating DNS records that kops cli will overwrite shortly after doesn't provide much benefit. It is also hard to say to external-dns it doesn't own those records.
 2021-09-11 10:39:05 +02:00
Ole Markus With e44d0061f3 Bump snapshot-controller to 4.2.1 2021-09-11 08:37:54 +02:00
Kubernetes Prow Robot 39eb930646
Merge pull request #12290 from rifelpet/imds-ipv6 
Enable IMDS IPv6 endpoint
 2021-09-09 06:04:11 -07:00
Peter Rifel 60c86e1a44
Enable IMDS IPv6 endpoint when IPv6AddressCount > 0 2021-09-09 07:24:14 -05:00
Kubernetes Prow Robot 5a917b5186
Merge pull request #12104 from rifelpet/ccm-tag 
Update AWS CCM tags
 2021-09-09 02:54:11 -07:00
Peter Rifel e5bb1f5800
./hack/update-expected.sh 2021-09-08 20:57:49 -05:00
Peter Rifel 6a53285ffe
Move AWS CCM image logic into pkg/model and add 1.21 and 1.22 images 2021-09-08 20:56:39 -05:00
Ole Markus With ff714b2359 Ensure heritage record exists 2021-09-08 13:15:48 +02:00
Peter Rifel 24e463adba
Include kops- prefix in external-dns TXT record 
This matches the --txt-owner-id flag we specify in the external-dns pod
 2021-09-07 20:58:58 -05:00
Jesse Haka bb35842eba use ipip Always by default in OpenStack 2021-09-07 17:08:54 +03:00
Antti Paloposki e1ddf87c55 Set explicit fsType to be able to mount volumes 2021-09-06 13:34:09 +03:00
Ole Markus With f5fed2a08d Move nvidia config under containerd 2021-09-05 20:28:07 +02:00
Ole Markus With dae4b123ba Add labels and taints to gpu nodes 2021-09-05 20:17:06 +02:00
Ole Markus With b144304240 Install nvidia device driver addon 2021-09-05 20:09:04 +02:00
Ole Markus With b852a804d9 Don't allow IGs with both GPU and non-GPU types 2021-09-05 20:09:04 +02:00
Ole Markus With 4ab75b01cb Have instances learn about their GPU capabilities 2021-09-05 20:09:04 +02:00
Ole Markus With 2d013e460c Install nvidia container runtime 2021-09-05 20:09:04 +02:00
Kubernetes Prow Robot 543e9c40e1
Merge pull request #12273 from hakman/break_for_non-placeholder_ip 
Fix bootstrap when at least one IP is available
 2021-09-05 02:47:27 -07:00
Kubernetes Prow Robot 75bd1b1f5a
Merge pull request #12251 from zetaab/updatecsios 
update openstack CSI
 2021-09-05 02:47:20 -07:00
Kubernetes Prow Robot d06394def8
Merge pull request #12268 from olemarkus/fix-core 
Fix core manifest
 2021-09-05 00:57:19 -07:00
Ciprian Hacman 053595ad3d Fix bootstrap when at least one IP is available 2021-09-05 10:11:17 +03:00
Ciprian Hacman a8b1b7f0f4 Try to bootstrap when at least one IP is available 2021-09-04 16:42:03 +03:00
Ole Markus With dac7002b39 Fix core manifest 2021-09-04 12:49:59 +02:00
Kubernetes Prow Robot c98d0b54e4
Merge pull request #12265 from olemarkus/cilium-masq-ipv6 
Disable masquerade means disable masquerade if ipv6 too
 2021-09-04 01:27:19 -07:00
Kubernetes Prow Robot 0463fa7ffd
Merge pull request #12258 from olemarkus/ipv6-cloudconfig 
Set NodeIPFamilies in ipv6 mode
 2021-09-04 00:19:19 -07:00
Ole Markus With 1c53e37491 Disable masquerade means disable masquerade if ipv6 too 2021-09-04 08:54:16 +02:00
Ole Markus With bf96c42a60 Use node internal IP for metrics-server 2021-09-03 13:03:35 +02:00
Ole Markus With ec2dcfca48 Set NodeIPFamilies in ipv6 mode 2021-09-03 08:31:09 +02:00
Jesse Haka 0d9ebd5b0e use k8s.gcr.io 2021-09-02 12:08:54 +03:00
Jesse Haka 744d27189f update openstack CSI 2021-09-02 11:37:47 +03:00
Kubernetes Prow Robot c70ced2f66
Merge pull request #12219 from dntosas/nodelocaldns-bump-version 
[addons/node-local-dns] Bump version and make image field configurable
 2021-09-01 04:54:59 -07:00
Ole Markus With e2fd94d104 Make json logging on deployment and enable k8s events 2021-08-31 22:59:30 +02:00
Ole Markus With b52008d9b6 Add instance state change notification to nth 2021-08-31 22:54:21 +02:00
Kubernetes Prow Robot fc91d0d459
Merge pull request #12229 from olemarkus/bump-cm-2212 
Bump cert-manager to 1.5.3
 2021-08-31 07:23:37 -07:00
Kubernetes Prow Robot 5f7b4d7838
Merge pull request #12232 from zetaab/checknilinterface 
check does iface has associations
 2021-08-31 05:53:36 -07:00
Jesse Haka 0cfcd418e7 check does iface has associations 2021-08-31 14:27:55 +03:00
Ole Markus With 4bde644786 Bump cert-manager to 1.5.3 2021-08-31 13:12:58 +02:00
dntosas f558f2441a
[addons/nodelocaldns] Bump image to latest stable v1.20.0 
As per
 3b17e06879,
 node-local-dns addon is now builded with latest coreDNS base v1.8 and
 that brings great consistency between cache and upstream servers in a
 manner of configuration, metrics name convention, etc.

 So in this commit, we bump node-local-dns image to latest v1.20.0 which
 is build upon latest coreDNS and also add support for overriding this
 field.

Signed-off-by: dntosas <ntosas@gmail.com>
 2021-08-31 14:07:19 +03:00
Jesse Haka 5896479b8f fix parse semver 2021-08-31 13:56:08 +03:00
Kubernetes Prow Robot 6403de580c
Merge pull request #12221 from johngmyers/kube-proxy-rbac 
Move bootstrap RBAC from protokube to core bootstrap addon
 2021-08-30 05:38:54 -07:00
Kubernetes Prow Robot 9cc3ffffe3
Merge pull request #12215 from burntcarrot/fix-staticcheck-errors 
Fix new staticcheck errors
 2021-08-30 04:56:53 -07:00
burntcarrot 208ae1eebd Update instance.go 
Signed-off-by: burntcarrot <aadhav.n1@gmail.com>
 2021-08-30 09:18:02 +05:30
John Gardiner Myers 01dd7d562e hack/update-expected.sh 2021-08-29 14:19:02 -07:00
John Gardiner Myers 62c4ce4d93 Move bootstrap RBAC from protokube to core bootstrap addon 2021-08-29 12:36:21 -07:00
John Gardiner Myers be8933b577 Remove code for unsupported features 2021-08-28 13:49:55 -07:00
John Gardiner Myers 6655022ce1 Remove support for the Lyft CNI 2021-08-28 11:54:39 -07:00
burntcarrot 7a6e1c1e68 Fix new staticcheck errors 
Signed-off-by: burntcarrot <aadhav.n1@gmail.com>
 2021-08-28 19:48:17 +05:30
Kubernetes Prow Robot bf559f042d
Merge pull request #12198 from dntosas/metrics-server-bump-minor-version 
[addons/metrics-server] Bump minor version
 2021-08-28 02:38:52 -07:00
John Gardiner Myers 1ea4168cab Release 1.23.0-alpha.1 2021-08-27 21:12:45 -07:00
John Gardiner Myers fa053ffba5 Prepare 1.23 branch 2021-08-27 21:07:14 -07:00
Peter Rifel bfb58af697
Prefix terraform resource names when they'd otherwise begin with a digit 2021-08-27 12:57:56 -05:00
Ole Markus With 67b1ace14f Validate external-dns spec 2021-08-27 06:32:25 +02:00
Ole Markus With 0152c23c1e Remove externaldns feature flag 2021-08-27 06:30:01 +02:00
Ole Markus With 41c3ff2aac Make external dns provider configurable 2021-08-27 06:28:02 +02:00
Ole Markus With 38f805c5ef Make external-dns a drop-in for dns-controller 
Support TXT records
 2021-08-27 06:24:47 +02:00
Kubernetes Prow Robot 446aea1d62
Merge pull request #12188 from olemarkus/kubelet-ip-altnames 
Add ip addresses into kubelet certs
 2021-08-26 21:09:00 -07:00