Dalton Hubble
018c5edc25
Update Kubernetes from v1.13.0 to v1.13.1
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1131
2018-12-15 11:44:57 -08:00
Dalton Hubble
d31f444fcd
Update Kubernetes from v1.12.3 to v1.13.0
2018-12-03 20:44:32 -08:00
Dalton Hubble
5b27d8d889
Update Kubernetes from v1.12.2 to v1.12.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md/#v1123
2018-11-26 21:06:09 -08:00
Dalton Hubble
8fd2978c31
Update bootkube image version from v0.13.0 to v0.14.0
...
* https://github.com/kubernetes-incubator/bootkube/releases/tag/v0.14.0
2018-11-06 23:35:11 -08:00
Dalton Hubble
f1da0731d8
Update Kubernetes from v1.12.1 to v1.12.2
...
* Update CoreDNS from v1.2.2 to v1.2.4
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1122
* https://coredns.io/2018/10/17/coredns-1.2.4-release/
* https://coredns.io/2018/10/16/coredns-1.2.3-release/
2018-10-27 15:47:57 -07:00
Dalton Hubble
99a6d5478b
Disable Kubelet read-only port 10255
...
* We can finally disable the Kubelet read-only port 10255!
* Journey: https://github.com/poseidon/typhoon/issues/322#issuecomment-431073073
2018-10-18 21:14:14 -07:00
Dalton Hubble
9b6113a058
Update Kubernetes from v1.11.3 to v1.12.1
...
* Mount an empty dir for the controller-manager to work around
https://github.com/kubernetes/kubernetes/issues/68973
* Update coreos/pod-checkpointer to strip affinity from
checkpointed pod manifests. Kubernetes v1.12.0-rc.1 introduced
a default affinity that appears on checkpointed manifests; but
it prevented scheduling and checkpointed pods should not have an
affinity, they're run directly by the Kubelet on the local node
* https://github.com/kubernetes-incubator/bootkube/issues/1001
* https://github.com/kubernetes/kubernetes/pull/68173
2018-10-16 20:28:13 -07:00
Dalton Hubble
5a283b6443
Update etcd from v3.3.9 to v3.3.10
...
* https://github.com/etcd-io/etcd/blob/master/CHANGELOG-3.3.md#v3310-2018-10-10
2018-10-13 13:14:37 -07:00
Dalton Hubble
ad871dbfa9
Update Kubernetes from v1.11.2 to v1.11.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1113
2018-09-13 18:50:41 -07:00
Dalton Hubble
f7ebdf475d
Update Kubernetes from v1.11.1 to v1.11.2
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1112
2018-08-07 21:57:25 -07:00
Dalton Hubble
db64ce3312
Update etcd from v3.3.8 to v3.3.9
...
* https://github.com/coreos/etcd/blob/master/CHANGELOG-3.3.md#v339-2018-07-24
2018-07-29 11:27:37 -07:00
Dalton Hubble
7c327b8bf4
Update from bootkube v0.12.0 to v0.13.0
2018-07-29 11:20:17 -07:00
Dalton Hubble
d8d524d10b
Update Kubernetes from v1.11.0 to v1.11.1
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1111
2018-07-20 00:41:27 -07:00
Dalton Hubble
8464b258d8
Update Kubernetes from v1.10.5 to v1.11.0
...
* Force apiserver to stop listening on 127.0.0.1:8080
* Remove deprecated Kubelet `--allow-privileged`. Defaults to
true. Use `PodSecurityPolicy` if limiting is desired
* https://github.com/kubernetes/kubernetes/releases/tag/v1.11.0
* https://github.com/poseidon/terraform-render-bootkube/pull/68
2018-06-27 22:47:35 -07:00
Dalton Hubble
f4d3059b00
Update Kubernetes from v1.10.4 to v1.10.5
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1105
2018-06-21 22:51:39 -07:00
Dalton Hubble
6e64634748
Update etcd from v3.3.7 to v3.3.8
...
* https://github.com/coreos/etcd/releases/tag/v3.3.8
2018-06-19 21:56:21 -07:00
Dalton Hubble
51906bf398
Update etcd from v3.3.6 to v3.3.7
2018-06-14 22:46:16 -07:00
Dalton Hubble
79260c48f6
Update Kubernetes from v1.10.3 to v1.10.4
2018-06-06 23:23:11 -07:00
Dalton Hubble
589c3569b7
Update etcd from v3.3.5 to v3.3.6
...
* https://github.com/coreos/etcd/releases/tag/v3.3.6
2018-06-06 23:19:30 -07:00
Dalton Hubble
4ea1fde9c5
Update Kubernetes from v1.10.2 to v1.10.3
...
* https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1103
* Update Calico from v3.1.1 to v3.1.2
2018-05-21 21:38:43 -07:00
Dalton Hubble
37981f9fb1
Allow bearer token authn/authz to the Kubelet
...
* Require Webhook authorization to the Kubelet
* Switch apiserver X509 client cert org to systems:masters
to grant the apiserver admin and satisfy the authorization
requirement. kubectl commands like logs or exec that have
the apiserver make requests of a kubelet continue to work
as before
* https://kubernetes.io/docs/admin/kubelet-authentication-authorization/
* https://github.com/poseidon/typhoon/issues/215
2018-05-13 23:20:42 -07:00
Dalton Hubble
8b8e364915
Update etcd from v3.3.4 to v3.3.5
...
* https://github.com/coreos/etcd/releases/tag/v3.3.5
2018-05-10 02:12:53 -07:00
Dalton Hubble
32ddfa94e1
Update Kubernetes from v1.10.1 to v1.10.2
...
* https://github.com/kubernetes/kubernetes/releases/tag/v1.10.2
2018-04-28 00:27:00 -07:00
Dalton Hubble
681450aa0d
Update etcd from v3.3.3 to v3.3.4
...
* https://github.com/coreos/etcd/releases/tag/v3.3.4
2018-04-27 23:57:26 -07:00
Dalton Hubble
a54f76db2a
Update Calico from v3.0.4 to v3.1.1
...
* https://github.com/projectcalico/calico/releases/tag/v3.1.1
* https://github.com/projectcalico/calico/releases/tag/v3.1.0
2018-04-21 18:30:36 -07:00
Dalton Hubble
77c0a4cf2e
Update Kubernetes from v1.10.0 to v1.10.1
...
* Use kubernetes-incubator/bootkube v0.12.0
2018-04-12 20:57:31 -07:00
Dalton Hubble
6b08bde479
Use k8s.gcr.io instead of gcr.io/google_containers
...
* Kubernetes recommends using the alias to fetch images
from the nearest GCR regional mirror, to abstract the use
of GCR, and to drop names containing 'google'
* https://groups.google.com/forum/#!msg/kubernetes-dev/ytjk_rNrTa0/3EFUHvovCAAJ
2018-04-08 12:57:52 -07:00
Dalton Hubble
ce001e9d56
Update etcd from v3.3.2 to v3.3.3
...
* https://github.com/coreos/etcd/releases/tag/v3.3.3
2018-04-04 20:32:24 -07:00
Dalton Hubble
d770393dbc
Add etcd metrics, Prometheus scrapes, and Grafana dash
...
* Use etcd v3.3 --listen-metrics-urls to expose only metrics
data via http://0.0.0.0:2381 on controllers
* Add Prometheus discovery for etcd peers on controller nodes
* Temporarily drop two noisy Prometheus alerts
2018-04-03 20:31:00 -07:00
Dalton Hubble
1cc043d1eb
Update Kubernetes from v1.9.6 to v1.10.0
2018-03-30 22:14:07 -07:00
Dalton Hubble
a04ef3919a
Update Kubernetes from v1.9.5 to v1.9.6
2018-03-21 20:29:52 -07:00
Dalton Hubble
758c09fa5c
Update Kubernetes from v1.9.4 to v1.9.5
2018-03-19 00:25:44 -07:00
Dalton Hubble
efa90d8b44
Add a new key=value label to controller nodes
...
* Add a node-role.kubernetes.io/controller="true" node label
to controllers so Prometheus service discovery can filter to
services that only run on controllers (i.e. masters)
* Leave node-role.kubernetes.io/master="" untouched as its
a Kubernetes convention
2018-03-18 16:39:10 -07:00
Dalton Hubble
931e311786
Update Kubernetes from v1.9.3 to v1.9.4
2018-03-12 18:07:50 -07:00
Dalton Hubble
9fb1e1a0e2
Update etcd from v3.3.1 to v3.3.2
...
* https://github.com/coreos/etcd/releases/tag/v3.3.2
2018-03-10 13:44:35 -08:00
Dalton Hubble
73126eb7f8
Add support for worker pools on AWS
...
* Allow groups of workers to be defined and joined to
a cluster (i.e. worker pools)
* Move worker resources into a Terraform submodule
* Output variables needed for passing to worker pools
* Add usage docs for AWS worker pools (advanced)
2018-02-27 18:31:42 -08:00
Dalton Hubble
486fdb6968
Simplify CLC kubeconfig templating on AWS and GCP
...
* Template terraform-render-bootkube's multi-line kubeconfig
output using the right indentation
* Add `kubeconfig` variable to google-cloud controllers and
workers Terraform submodules
* Remove `kubeconfig_*` variables from google-cloud controllers
and workers Terraform submodules
2018-02-26 12:49:01 -08:00
Dalton Hubble
13f3745093
Add kubelet --volume-plugin-dir flag
...
* Set Kubelet search path for flexvolume plugins
to /var/lib/kubelet/volumeplugins
* Add support for flexvolume plugins on AWS, GCE, and DO
* See 9548572d98
which added flexvolume support for bare-metal
2018-02-22 22:11:45 -08:00
Dalton Hubble
c4914c326b
Update bootkube and terraform-render-bootkube to v0.11.0
2018-02-22 21:53:26 -08:00
Dalton Hubble
195d902ab6
Upgrade etcd from v3.2.15 to v3.3.1
2018-02-15 19:29:46 -08:00
Dalton Hubble
a41691b222
Update Kubernetes from v1.9.2 to v1.9.3
...
* Add flannel service account and limited RBAC cluster role
* Change DaemonSets to tolerate NoSchedule and NoExecute taints
* Remove deprecated apiserver --etcd-quorum-read flag
* Update Calico from v3.0.1 to v3.0.2
* Add Calico GlobalNetworkSet CRD
* https://github.com/poseidon/terraform-render-bootkube/pull/44
2018-02-10 13:37:07 -08:00
Dalton Hubble
3e6e4ea339
Update etcd from 3.2.14 to 3.2.15
...
* https://github.com/coreos/etcd/releases/tag/v3.2.15
2018-01-23 23:50:04 -08:00
Dalton Hubble
868265988b
Update bootkube and terraform-render-bootkube to v0.10.0
2018-01-19 23:10:45 -08:00
Dalton Hubble
6adffcb778
Update Kubernetes from v1.9.1 to v1.9.2
2018-01-19 08:40:09 -08:00
Dalton Hubble
388ac08492
Update etcd from 3.2.13 to 3.2.14
...
* https://github.com/coreos/etcd/releases/tag/v3.2.14
2018-01-12 07:20:55 -08:00
Dalton Hubble
fc455c8624
Remove old mention of ACIs in bootkube.service description
2018-01-06 16:20:34 -08:00
Dalton Hubble
e1f2125f02
Update etcd from 3.2.0 to 3.2.13
...
* https://github.com/coreos/etcd/releases/tag/v3.2.13
2018-01-06 14:01:18 -08:00
Dalton Hubble
9329b775f6
Update Kubernetes from v1.8.6 to v1.9.1
2018-01-06 14:01:16 -08:00
Dalton Hubble
fbdd946601
Update Kubernetes from v1.8.5 to v1.8.6
2017-12-21 11:20:37 -08:00
Barak Michener
e79088baa0
Add optional cluster_domain_suffix variable
...
* Allow kube-dns to respond to DNS queries with a custom
suffix, instead of the default 'cluster.local'
* Useful when multiple clusters exist on the same local
network and wish to query services on one another
2017-12-15 01:45:52 -08:00
Dalton Hubble
495e33e213
Update bootkube and terraform-render-bootkube to v0.9.1
2017-12-15 01:45:02 -08:00
Dalton Hubble
63f5a26a72
Eliminate steps to move self-hosted etcd assets
...
* bootkube/assets/experimental/* assets corresponded to self-hosted
etcd manifests, which are no longer an option in Typhoon
2017-12-13 01:06:56 -08:00
Lars Fenneberg
eea79e895d
Fix manifest consolidation in bootkube start wrapper
...
* Fix manifest existence test in /opt/bootkube/bootkube-start
to also work with more than one directory
2017-12-12 23:08:22 -08:00
Dalton Hubble
165396d6aa
Update Kubernetes from v1.8.4 to v1.8.5
2017-12-09 21:28:31 -08:00
Vincent Palmer
ce49a93d5d
Fix issue with etcd-member failing to resolve peers
...
* When restarting masters, `etcd-member.service` may fail to lookup peers if
/etc/resolv.conf hasn't been populated yet. Require the wait-for-dns.service.
2017-12-09 20:12:49 -08:00
Dalton Hubble
5f5eec1175
Update bootkube and terraform-render-bootkube to v0.9.0
2017-12-01 22:27:48 -08:00
Dalton Hubble
6483f613c5
Update Kubernetes from v1.8.3 to v1.8.4
2017-11-28 21:52:11 -08:00
Dalton Hubble
5f6b0728c5
Update bootkube and terraform-render-bootkube to v0.8.2
2017-11-10 20:01:37 -08:00
Dalton Hubble
d774c51297
Update Kubernetes from v1.8.2 to v1.8.3
2017-11-08 23:34:19 -08:00
Dalton Hubble
f6a8fb363e
Remove deprecated kubelet --require-kubeconfig flag
...
* https://github.com/kubernetes/kubernetes/pull/40050
2017-11-08 23:34:19 -08:00
Dalton Hubble
805dd772a8
Run etcd cluster on-host, across controllers on AWS
...
* Change controllers ASG to heterogeneous EC2 instances
* Create DNS records for each controller's private IP for etcd
* Change etcd to run on-host, across controllers (etcd-member.service)
* Reduce time to bootstrap a cluster
* Deprecate self-hosted-etcd on the AWS platform
2017-11-06 01:03:53 -08:00
Dalton Hubble
878f5a3647
Bump bootkube and terraform-render-bootkube to v0.8.1
...
* Use the v0.8.1 tagged terraform-render-bootkube module
* Use the v0.8.1 quay.io/coreos/bootkube image to bootstrap
2017-10-28 12:50:37 -07:00
Dalton Hubble
60bc8957c9
Update Kubernetes from v1.8.1 to v1.8.2
...
* Kubernetes v1.8.2 fixes a memory leak in the v1.8.1 apiserver
* Switch to using the `gcr.io/google_containers/hyperkube` for the
on-host kubelet and shutdown drains
* Update terraform-render-bootkube manifests generation
* Update flannel from v0.8.0 to v0.9.0
* Add `hairpinMode` to flannel CNI config
* Add `--no-negcache` to kube-dns dnsmasq
2017-10-24 21:44:26 -07:00
Dalton Hubble
e4c479554c
Update AWS, DO, BM Kubernetes from v1.7.7 to v1.8.1
...
* Update from bootkube v0.7.0 to v0.8.0
* Leave Google Cloud update to a followup commit
2017-10-19 21:10:04 -07:00
Dalton Hubble
1bc25c1036
Update Kubernetes from v1.7.5 to v1.7.7
...
* Update from bootkube v0.6.2 to v0.7.0
* Use renamed terraform-render-bootkube. Renamed from
bootkube-terraform to meet Terraform Module requirements
2017-10-03 21:03:15 -07:00
Dalton Hubble
1b5caef4c1
Add Wants=rpc-statd.service to Kubelet
...
* Mounting NFS exports as volumes from some NFS servers fails because
the kubelet isn't starting rpc-statd as expected. Describing pods
that are stuck creating shows rpc.statd is required for remote locking
* Starting rpc-statd.service resolves the issue and all NFS mounts
seem to be working.
* Recommended approach https://github.com/coreos/bugs/issues/2074
2017-09-24 18:23:55 -07:00
Dalton Hubble
d8e4ac172a
Add dghubble/pegasus AWS Kubernetes Terraform module
2017-09-17 21:40:33 -07:00