Kops Git Pack(TM)

Cache LaunchConfigurations On any given read operation for LCs, warm a thread-safe cache if needed. Continue to use this cache until a write operation is performed. Cache AMIs AMIs can often be the same across different ASGs. Cache on each fetch for faster lookup later. Cache autoscaling groups On any given read operation for ASGs, warm a thread-safe cache if needed. Continue to use this cache until a write operation is performed. Don't default adding MIMEBOUNDARY headers when a mixed instances policy is set Fixed "NeedsUpdate" status of nodes in mixedinstancegroups after rolling update kubernetes#7445 https://github.com/kubernetes/kops/pull/7445/files Upgrading k8s-srcdst to v.0.2.2 https://github.com/kubernetes/kops/pull/7388/files Align AWS and kops validation for spot allocation strategy https://github.com/kubernetes/kops/pull/7660/files add our calico changes calico-kube-controllers is required: https://github.com/kubernetes/kops/pull/7517/files calico-node patch: https://github.com/getoutreach/kube_factory/blob/master/patches/calico/calico-node.yaml calico-config patch: https://github.com/getoutreach/kube_factory/blob/master/patches/calico/calico-config.yaml calico-typha: https://github.com/getoutreach/kube_factory/blob/master/addons/calico/calico-typha.yaml calico-kube-controllers: https://github.com/getoutreach/kube_factory/blob/master/addons/calico/calico-kube-controllers.yaml Update aws_cloud.go Patching in capacity-optimized spot allocation strategy and updating AWS SDK Fix Handling of LaunchTemplate Versions for MixedInstancePolicy according to kubernetes#8047 Automated cherry pick of kubernetes#8261: Fix RollingUpdate behaviour when using LaunchTemplates for kubernetes#8567: Treat nil of LaunchTemplateSpecification.Version as from kubernetes#8808 Machine types update from - kubernetes#7947 A4-935 Make CircleCI build pipeline for kops fork [A4-935](https://outreach-io.atlassian.net/browse/A4-935) Adds a `.circleci/config.yml` to allow us to reproducibly build and upload assets for our fork of kops. This is used mainly to backport fixes and features into a 0.13-based branch. The management of this fork is complicated by the fact that kops configures nodes to go load the `nodeup` binary from a well known URL managed by vanilla upstream. We need to have our own S3 bucket with our own custom built binaries ready for download onto our nodes if we are to make changes to `nodeup` behavior, which is sometimes necesasry for the features we want to backport. So this CircleCI build goes through all the effort of building those assets and uploading them to S3. Tweak `Gopkg.toml` and run `make dep-ensure` Updates `Gopkg.toml` to attempt to work-around the fact that "goautoneg" no longer lives at bitbucket.org. The update process here was very finnicky. I had to make the update and delete some old generated files to get `make dep-ensure` to run to completion. Checks in the results of `make dep-ensure`. I suspect that last time there were changes to `Gopkg.toml` in [1] the changes to generated files were not fully committed and so we've partly lost the ability to build from this particular fork of kops. [1] 0984f14 Update gitignore preventing checkin of go-bindata vendor Upload to path without a `+` Upload a duplicate copy of our assets to a path that doesn't include a `+` sign. Although the S3 issue can be worked around by referencing the path as `%2B`, it seems `kops`, via the Go `url` package, will aggressively convert it back into a `+` and not re-encode it. The kops and Go behaviors would be fine if S3 followed the spec, but it doesn't. The easiest and safest work-around to this whole mess is to just not have any + signs in our path. Expose API Server flags needed for aws pod identities This adds the fields described in the documentation here: https://github.com/aws/amazon-eks-pod-identity-webhook/blob/master/SELF_HOSTED_SETUP.md#kubernetes-api-server-configuration Update k8s-1.12.yaml.template fix: calico Merge pull request #12 from getoutreach/fix-calico fix: calico
getoutreach · Apr 19, 2021 · 6032a5d · 6032a5d
1 parent 298c2fc
commit 6032a5d
Show file tree

Hide file tree

Showing 1,086 changed files with 72,234 additions and 60,242 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -0,0 +1,47 @@
+version: 2.1
+jobs:
+  build:
+    machine:
+      image: ubuntu-2004:202010-01
+    resource_class: medium
+
+    # It seems like CircleCI doesn't like it when I override GOPATH.  It just
+    # re-overrides my override with its own broken values.  Great.  We set the
+    # value inside each and every command so that it actually sticks.
+
+    steps:
+      - run:
+          command: |
+            export GOPATH="$HOME/project/gopath"
+            mkdir -p "$GOPATH"
+
+      - checkout:
+          path: "/home/circleci/project/gopath/src/k8s.io/kops"
+
+      - run:
+          command: |
+            export GOPATH="$HOME/project/gopath"
+            cd "$GOPATH/src/k8s.io/kops"
+            make -d echo-version
+
+      - run:
+          command: |
+            export GOPATH="$HOME/project/gopath"
+            export S3_BUCKET="s3://outreach-custom-kops-assets"
+            cd "$GOPATH/src/k8s.io/kops"
+            make version-dist CI=1
+
+      - run:
+          command: |
+            export GOPATH="$HOME/project/gopath"
+            cd "$GOPATH/src/k8s.io/kops"
+            ./hack/write_aws_creds.sh
+
+      - run:
+          command: |
+            export GOPATH="$HOME/project/gopath"
+            export S3_BUCKET="s3://outreach-custom-kops-assets"
+            cd "$GOPATH/src/k8s.io/kops"
+            if [[ "${CIRCLE_BRANCH}" == "master" ]]; then
+              make upload CI=1
+            fi
diff --git a/.gitignore b/.gitignore
@@ -62,7 +62,7 @@ network_closure.sh
 .bazelbuild
 
 # autogenerated code we don't want to check in
-./go-bindata
+/go-bindata
 upup/models/bindata.go
 
 # Ignore all Exhuberant Ctags files

diff --git a/Makefile b/Makefile
@@ -139,6 +139,12 @@ endif
 kops-install: gobindata-tool ${BINDATA_TARGETS}
 	go install ${GCFLAGS} ${EXTRA_BUILDFLAGS} ${LDFLAGS}"-X k8s.io/kops.Version=${VERSION} -X k8s.io/kops.GitVersion=${GITSHA} ${EXTRA_LDFLAGS}" k8s.io/kops/cmd/kops/
 
+.PHONY: echo-version
+echo-version:
+	echo VERSION ${VERSION}
+	echo KOPS_RELEASE_VERSION ${KOPS_RELEASE_VERSION}
+	echo ALTERNATE VERSION ${KOPS_CI_VERSION}+${GITSHA}
+
 .PHONY: channels-install # Install channels to local $GOPATH/bin
 channels-install: ${CHANNELS}
 	cp ${CHANNELS} ${GOPATH_1ST}/bin
@@ -352,6 +358,10 @@ vsphere-version-dist: nodeup-dist protokube-export
 
 .PHONY: upload
 upload: version-dist # Upload kops to S3
+	# S3 doesn't handle + very well so we create a symlink to make
+	# `aws s3 sync` upload a redundant copy to an alternate, safer name.
+	# See also: https://forums.aws.amazon.com/thread.jspa?threadID=55746
+	ln -sf ${UPLOAD}/kops/${VERSION} ${UPLOAD}/kops/$(subst +,-,${VERSION})
 	aws s3 sync --acl public-read ${UPLOAD}/ ${S3_BUCKET}
 
 # gcs-upload builds kops and uploads to GCS

diff --git a/cloudmock/aws/mockautoscaling/group.go b/cloudmock/aws/mockautoscaling/group.go
@@ -139,6 +139,8 @@ func (m *MockAutoscaling) DescribeAutoScalingGroups(input *autoscaling.DescribeA
 					match = true
 				}
 			}
+		} else {
+			match = true
 		}
 
 		if match {
@@ -179,9 +181,6 @@ func (m *MockAutoscaling) DescribeAutoScalingGroupsRequest(*autoscaling.Describe
 }
 
 func (m *MockAutoscaling) DescribeAutoScalingGroupsPages(request *autoscaling.DescribeAutoScalingGroupsInput, callback func(*autoscaling.DescribeAutoScalingGroupsOutput, bool) bool) error {
-	if request.MaxRecords != nil {
-		klog.Fatalf("MaxRecords not implemented")
-	}
 	if request.NextToken != nil {
 		klog.Fatalf("NextToken not implemented")
 	}

diff --git a/cloudmock/aws/mockautoscaling/launchconfigurations.go b/cloudmock/aws/mockautoscaling/launchconfigurations.go
@@ -46,9 +46,6 @@ func (m *MockAutoscaling) DescribeLaunchConfigurationsPages(request *autoscaling
 	if request.LaunchConfigurationNames != nil {
 		klog.Fatalf("LaunchConfigurationNames not implemented")
 	}
-	if request.MaxRecords != nil {
-		klog.Fatalf("MaxRecords not implemented")
-	}
 	if request.NextToken != nil {
 		klog.Fatalf("NextToken not implemented")
 	}

diff --git a/hack/machine_types/vpc_ip_resource_limit.go b/hack/machine_types/vpc_ip_resource_limit.go
@@ -74,6 +74,8 @@ var InstanceENIsAvailable = map[string]int{
 	"c5n.9xlarge":   8,
 	"c5n.large":     3,
 	"c5n.metal":     15,
+	"c5n.large":     3,
+	"c5n.metal":     15,
 	"c5n.xlarge":    4,
 	"cc2.8xlarge":   8,
 	"cr1.8xlarge":   8,
@@ -119,6 +121,8 @@ var InstanceENIsAvailable = map[string]int{
 	"i3en.6xlarge":  8,
 	"i3en.large":    3,
 	"i3en.metal":    15,
+	"i3en.large":    3,
+	"i3en.metal":    15,
 	"i3en.xlarge":   4,
 	"m1.large":      3,
 	"m1.medium":     2,
@@ -338,6 +342,8 @@ var InstanceIPsAvailable = map[string]int64{
 	"c5n.9xlarge":   30,
 	"c5n.large":     10,
 	"c5n.metal":     50,
+	"c5n.large":     10,
+	"c5n.metal":     50,
 	"c5n.xlarge":    15,
 	"cc2.8xlarge":   30,
 	"cr1.8xlarge":   30,
@@ -383,6 +389,8 @@ var InstanceIPsAvailable = map[string]int64{
 	"i3en.6xlarge":  30,
 	"i3en.large":    10,
 	"i3en.metal":    50,
+	"i3en.large":    10,
+	"i3en.metal":    50,
 	"i3en.xlarge":   15,
 	"m1.large":      10,
 	"m1.medium":     6,

diff --git a/hack/write_aws_creds.sh b/hack/write_aws_creds.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+mkdir -p ~/.aws
+cat > ~/.aws/credentials <<EOF
+[default]
+aws_access_key_id=${AWS_ACCESS_KEY_ID}
+aws_secret_access_key=${AWS_SECRET_ACCESS_KEY}
+EOF
+
diff --git a/pkg/apis/kops/instancegroup.go b/pkg/apis/kops/instancegroup.go
@@ -154,14 +154,16 @@ type InstanceGroupSpec struct {
 }
 
 const (
-	// SpotAllocationStrategyLowestPrices indicates a lowest-price strategy
+	// SpotAllocationStrategyLowestPrices indicates a lowest price strategy
 	SpotAllocationStrategyLowestPrices = "lowest-price"
 	// SpotAllocationStrategyDiversified indicates a diversified strategy
 	SpotAllocationStrategyDiversified = "diversified"
+	// SpotAllocationStrategyCapacityOptimized indicates a capacity optimized strategy
+	SpotAllocationStrategyCapacityOptimized = "capacity-optimized"
 )
 
 // SpotAllocationStrategies is a collection of supported strategies
-var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified}
+var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified, SpotAllocationStrategyCapacityOptimized}
 
 // MixedInstancesPolicySpec defines the specification for an autoscaling backed by a ec2 fleet
 type MixedInstancesPolicySpec struct {

diff --git a/pkg/apis/kops/v1alpha1/instancegroup.go b/pkg/apis/kops/v1alpha1/instancegroup.go
@@ -141,14 +141,16 @@ type InstanceGroupSpec struct {
 }
 
 const (
-	// SpotAllocationStrategyLowestPrices indicates a lowest-price strategy
+	// SpotAllocationStrategyLowestPrices indicates a lowest price strategy
 	SpotAllocationStrategyLowestPrices = "lowest-price"
 	// SpotAllocationStrategyDiversified indicates a diversified strategy
 	SpotAllocationStrategyDiversified = "diversified"
+	// SpotAllocationStrategyCapacityOptimized indicates a capacity optimized strategy
+	SpotAllocationStrategyCapacityOptimized = "capacity-optimized"
 )
 
 // SpotAllocationStrategies is a collection of supported strategies
-var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified}
+var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified, SpotAllocationStrategyCapacityOptimized}
 
 // MixedInstancesPolicySpec defines the specification for an autoscaling backed by a ec2 fleet
 type MixedInstancesPolicySpec struct {

diff --git a/pkg/apis/kops/v1alpha2/instancegroup.go b/pkg/apis/kops/v1alpha2/instancegroup.go
@@ -148,14 +148,16 @@ type InstanceGroupSpec struct {
 }
 
 const (
-	// SpotAllocationStrategyLowestPrices indicates a lowest-price strategy
+	// SpotAllocationStrategyLowestPrices indicates a lowest price strategy
 	SpotAllocationStrategyLowestPrices = "lowest-price"
 	// SpotAllocationStrategyDiversified indicates a diversified strategy
 	SpotAllocationStrategyDiversified = "diversified"
+	// SpotAllocationStrategyCapacityOptimized indicates a capacity optimized strategy
+	SpotAllocationStrategyCapacityOptimized = "capacity-optimized"
 )
 
 // SpotAllocationStrategies is a collection of supported strategies
-var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified}
+var SpotAllocationStrategies = []string{SpotAllocationStrategyLowestPrices, SpotAllocationStrategyDiversified, SpotAllocationStrategyCapacityOptimized}
 
 // MixedInstancesPolicySpec defines the specification for an autoscaling backed by a ec2 fleet
 type MixedInstancesPolicySpec struct {

diff --git a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7.yaml.template b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7.yaml.template
@@ -527,7 +527,7 @@ spec:
         operator: Exists
       serviceAccountName: k8s-ec2-srcdst
       containers:
-        - image: ottoyiu/k8s-ec2-srcdst:v0.2.2
+        - image: gcr.io/outreach-docker/k8s-ec2-srcdst:v0.2.2
           name: k8s-ec2-srcdst
           resources:
             requests: