Leonard Cohnen
e5c4171a14
fix cilium encryption in gcp
2022-06-04 18:43:42 +02:00
Leonard Cohnen
791d5564ba
replace flannel with cilium
2022-06-02 13:08:25 +02:00
Christoph Meyer
db5468a886
Deploy KMS server image in Constellation
...
Add image pull secret for ghcr.io
2022-05-31 11:13:26 +02:00
Malte Poll
1331ee4077
Install kubernetes on init / join and restart kubelet after reboot
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-23 11:40:22 +02:00
Malte Poll
f67cf2d31f
k8s binary components version map and install directives
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-23 11:40:22 +02:00
Malte Poll
14f6985fe3
Implement binary file installer & extractor
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-23 11:40:22 +02:00
Moritz Eckert
6dc97590fe
Enable and configure k8s audit-log ( #160 )
...
* Enable and configure k8s audit-log
* Update coordinator/kubernetes/k8sapi/kubeadm_config.go
Co-authored-by: Malte Poll <mp@edgeless.systems>
* add mount point for audit log dir in kubeadm conf
* Mount audit policy into kube-apiserver static pod
* Write default auditpolicy on cluster init / cluster join
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-05-20 17:30:37 +02:00
Moritz Eckert
5ad34e0425
Apply CIS benchmark to kubelet conf
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: Moritz Eckert <me@edgeless.systems>
2022-05-12 17:25:45 +02:00
Moritz Eckert
adda637609
Apply CIS benchmark for kubeadm clusterconf
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-12 17:25:45 +02:00
Malte Poll
c9226de9ab
Create kubernetes join token on demand
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-06 12:12:44 +02:00
Malte Poll
ddcb4dc95f
Pin kubernetes version deployed by kubeadm init
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-05 09:15:41 +02:00
katexochen
7614c53142
Remove checks for leaking flushDaemon
2022-05-04 17:16:40 +02:00
Daniel Weiße
29206ac845
Use any instead of interface
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-04 08:48:31 +02:00
Daniel Weiße
d9940fddae
Only set cloud-provider as external if supported by the CSP
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-28 14:46:24 +02:00
datosh
51068abc27
Ref/want err from err expected ( #82 )
...
consistent naming for test values using 'want' instead of 'expect/ed'
2022-04-26 16:54:05 +02:00
katexochen
482f675dac
Capitalize Kubernetes
2022-04-26 12:02:17 +02:00
Benedict Schlueter
0ac9617dac
kubernetes: support for certKey request / support for control-plane join
...
Signed-off-by: Benedict Schlueter <bs@edgeless.systems>
2022-04-25 17:39:18 +02:00
Malte Poll
f77536b38b
Use containerd CRI socket in kubernetes
2022-04-04 10:57:54 +02:00
Malte Poll
1e7794b4c2
Add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment
2022-03-29 15:13:30 +02:00
Malte Poll
391e36c0ac
create and use kubeadm join token with no expiry
2022-03-28 13:58:09 +02:00
Malte Poll
78d2358b9c
k8s: Use cloud provider ip as kubelet node-ip (if available)
2022-03-28 13:35:21 +02:00
Malte Poll
f5eddf8af0
Cloud providers: Add CloudNodeManager
2022-03-28 13:35:21 +02:00
Malte Poll
2158377f9f
Cloud providers: Extend CCM with ExtraArgs / ConfigMaps / Secrets / Volumes / VolumeMounts and provide CloudServiceAccountURI
2022-03-28 13:35:21 +02:00
Malte Poll
bf726ebd87
k8s resource marshaler tests
2022-03-28 13:35:21 +02:00
Malte Poll
2ab846dd1a
Extend k8s resource marshaling to slices
2022-03-28 13:35:21 +02:00
Leonard Cohnen
2d8fcd9bf4
monorepo
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00