-
Notifications
You must be signed in to change notification settings - Fork 40k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS: run k8s master in different account or different provider #39996
Conversation
Hi @scheeles. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
1 similar comment
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
I signed it!
Von: k8s-ci-robot <[email protected]>
Antworten an: kubernetes/kubernetes <[email protected]>
Datum: Montag, 16. Januar 2017 um 23:53
An: kubernetes/kubernetes <[email protected]>
Cc: Sebastian <[email protected]>, Mention <[email protected]>
Betreff: Re: [kubernetes/kubernetes] AWS: run k8s master in different account or on a provider (#39996)
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA.
Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
…________________________________
* If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits<https://help.github.com/articles/setting-your-email-in-git/>.
* If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
Instructions for interacting with me using PR comments are available here<https://github.com/kubernetes/community/blob/master/contributors/devel/pull-request-commands.md>. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra<https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:> repository. I understand the commands that are listed here<https://github.com/kubernetes/test-infra/blob/master/prow/commands.md>.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#39996 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AJlO0PMpvue1nsUXYHnZvZP_DIcv3jhvks5rTHOCgaJpZM4LlU7b>.
|
// Maybe if we're not running on AWS, e.g. bootstrap; for now it is not very useful | ||
// This flag enables the possibility to run the master components on a different | ||
// aws account, on a different cloud provider or on premise. | ||
// If the flag is set also Zone, VPCID and KubernetesClusterTag must be provided |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: If the flag is set
} else if cfg.Global.ExternalMaster == true && (cfg.Global.VPCID == "" || cfg.Global.Zone == "" || cfg.Global.KubernetesClusterTag == "") { | ||
// For the external master the Zone, VPCID and KubernetesClusterTag must be set. | ||
// It is not possible to detect it | ||
return nil, fmt.Errorf("Run with eternal Master but Zone: %s or VPCID: %s or KubernetesClusterTag: %s is not set", cfg.Global.Zone, cfg.Global.VPCID, cfg.Global.KubernetesClusterTag) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
external
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we want to remove the AZ specification
metadata EC2Metadata | ||
cfg *CloudConfig | ||
region string | ||
availabilityZone string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is odd, because we can be multi-AZ
@@ -1090,7 +1112,7 @@ func (c *Cloud) getAllZones() (sets.String, error) { | |||
// GetZone implements Zones.GetZone | |||
func (c *Cloud) GetZone() (cloudprovider.Zone, error) { | |||
return cloudprovider.Zone{ | |||
FailureDomain: c.selfAWSInstance.availabilityZone, | |||
FailureDomain: c.availabilityZone, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is what we want. It appears to be used in two places:
pkg/controller/service/servicecontroller.go: zone, err := zones.GetZone()
pkg/kubelet/kubelet_node_status.go: zone, err := zones.GetZone()
For kubelet node status, we want to continue to label with the node's zone, not the master's zone.
For servicecontroller, zone is actually unused since be9ce30 I believe. I have proposed it for removal in #40060
Hence I think we want to keep it returning selfAWSInstance.
@@ -389,6 +390,11 @@ type CloudConfig struct { | |||
// Maybe if we're not running on AWS, e.g. bootstrap; for now it is not very useful | |||
Zone string | |||
|
|||
// The aws VPC flag enables the possibility to run the master components |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: AWS
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED The following people have approved this PR: justinsb, k8s-merge-robot, scheeles, sttts Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
@k8s-bot gci gce e2e test this |
Automatic merge from submit-queue |
@scheeles: The following test(s) failed:
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Automatic merge from submit-queue (batch tested with PRs 43925, 42512) AWS: add KubernetesClusterID as additional option when VPC is set This is a small enhancement after the PRs #41695 and #39996 ## Release Notes ```release-note AWS cloud provider: allow to set KubernetesClusterID or KubernetesClusterTag in combination with VPC. ```
…bnetid-routetableid Automatic merge from submit-queue Specify subnetid and routetableid via cloud provider config **What this PR does / why we need it**: This is a fix for #39996 which is needed since 1.6 Changes introduced from 1.6 broke partially(LoadBalancer) the support for running the master components in a different environment (different aws account/on premise). This PR will add support for specifying the Subnet & RouteTable to use via the cloud provider config. **Release note**: ```release-note AWS cloud provider: fix support running the master with a different AWS account or even on a different cloud provider than the nodes. ```
Automatic merge from submit-queue (batch tested with PRs 40060, 44860, 44865, 44825, 44162) servicecontroller: remove unused zone field The zone field was unused, and this complicated e.g. #39996 ```release-note NONE ```
The zone field was unused, and this complicated e.g. kubernetes#39996
Automatic merge from submit-queue (batch tested with PRs 43925, 42512) AWS: add KubernetesClusterID as additional option when VPC is set This is a small enhancement after the PRs kubernetes/kubernetes#41695 and kubernetes/kubernetes#39996 ## Release Notes ```release-note AWS cloud provider: allow to set KubernetesClusterID or KubernetesClusterTag in combination with VPC. ```
Currently the master and the nodes must run in the same account. With this change the master can run in a different AWS account, on a different cloud provider or on premise.
Release Notes