88ed9f68bd
After upgrading Cilium to 1.8 via kops one of our clusters had a total outage due to cilium reporting errors as below: ``` level=error msg="endpoint regeneration failed" containerID= datapathPolicyRevision=0 desiredPolicyRevision=1 endpointID=592 error="Failed to load tc filter: exit status 1" identity=40147 ipv4= ipv6= k8sPodName=/ subsys=endpoint ``` upon searching Cilium slack we found the below thread: https://cilium.slack.com/archives/C1MATJ5U5/p1616400216167600 which recommended setting `enable-host-reachable-services` to true will address the problems. We set the field and it fixed our issues too, however we observed that kops does not have a means to configure this hence this PR. We will like to have this backported after it has been merged. |
||
|---|---|---|
| .github | ||
| addons | ||
| channels | ||
| cloudmock | ||
| cmd | ||
| dns-controller | ||
| dnsprovider | ||
| docs | ||
| examples | ||
| hack | ||
| hooks | ||
| images/mkdocs | ||
| k8s/crds | ||
| nodeup | ||
| permalinks | ||
| pkg | ||
| protokube | ||
| tests | ||
| tools | ||
| upup | ||
| util/pkg | ||
| vendor | ||
| .bazelrc | ||
| .bazelversion | ||
| .dockerignore | ||
| .gitattributes | ||
| .gitignore | ||
| .kazelcfg.json | ||
| .shipbot.yaml | ||
| BUILD.bazel | ||
| CHANGELOG.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| Makefile | ||
| OWNERS | ||
| README-ES.md | ||
| README.md | ||
| ROADMAP.md | ||
| SECURITY.md | ||
| SECURITY_CONTACTS | ||
| WORKSPACE | ||
| cloudbuild.yaml | ||
| code-of-conduct.md | ||
| doc.go | ||
| go.mod | ||
| go.sum | ||
| mkdocs.yml | ||
| netlify.toml | ||
| version.go | ||
README.md
kOps - Kubernetes Operations
The easiest way to get a production grade Kubernetes cluster up and running.
2020-05-06 etcd-manager Certificate Expiration Advisory
kOps versions released today contain a critical fix to etcd-manager: 1 year after creation (or first adopting etcd-manager), clusters will stop responding due to expiration of a TLS certificate. Upgrading kOps to 1.15.3, 1.16.2, 1.17.0-beta.2, or 1.18.0-alpha.3 is highly recommended. Please see the advisory for the full details.
What is kOps?
We like to think of it as kubectl for clusters.
kops will not only help you create, destroy, upgrade and maintain production-grade, highly
available, Kubernetes cluster, but it will also provision the necessary cloud infrastructure.
AWS (Amazon Web Services) is currently officially supported, with DigitalOcean, GCE, and OpenStack in beta support, and Azure and AliCloud in alpha.
Can I see it in action?
Installing and launching a Kubernetes cluster hosted on AWS, GCE, DigitalOcean or OpenStack
See Getting Started
Documentation
Documentation is in the /docs directory, and can be seen at kops.sigs.k8s.io.
Releases and kubernetes Release Compatibility
Getting Involved and Contributing
See Contributing
Office Hours
kOps maintainers set aside one hour every other week for public office hours. This time is used to gather with community members interested in kOps. This session is open to both developers and users.
We do maintain an agenda and stick to it as much as possible. If you want to hold the floor, put your item in this doc. Bullet/note form is fine. Even if your topic gets in late, we do our best to cover it.
For more information about the office hours and how to join, see Office Hours