profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/randomvariable/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Naadir Jeewa randomvariable @vmware London, United Kingdom https://www.vmware.com Kubernetes Engineer @ VMware

randomvariable/docker-postcodes.io 2

A docker image for postcodes.io

randomvariable/EmbeddedPowerShell 2

A port of ERB to PowerShell. For no apparent reason.

randomvariable/DHCPD-To-MicrosoftDHCP-Migrator 1

Migrates DHCPD to Microsoft DHCP for Windows Server 2012

randomvariable/go-rpmrepo 1

You know, go, for rpm repos

randomvariable/aws-arch-backoff-simulator 0

Simulator for AWS architecture blog (http://www.awsarchitectureblog.com/ ) about jitter and backoff.

randomvariable/aws-encryption-provider 0

APIServer encryption provider, backed by AWS KMS

randomvariable/aws-quickstart 0

AWS Kubernetes cluster via CloudFormation and kubeadm

randomvariable/boskos 0

Boskos is a resource management service that provides reservation and lifecycle management of a variety of different kinds of resources.

randomvariable/capi-dev 0

A development repo for working on cluster api

randomvariable/caseworker 0

Open source administration software for caseworkers

issue commentkubernetes-sigs/cluster-api-provider-aws

Refactor `EncryptionConfig` for AWSManagedControlPlane

Hii @richardcase, I am new to open source and will like to contribute to this project so can you assign it to me.

richardcase

comment created time in 39 minutes

pull request commentkubernetes-sigs/cluster-api-provider-aws

README: Note that v1alpha3 (v0.6) supports Kubernetes v1.21

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: <a href="https://github.com/kubernetes-sigs/cluster-api-provider-aws/pull/2542#issuecomment-867833733" title="Approved">randomvariable</a>

The full list of commands accepted by this bot can be found here.

The pull request process is described here

<details > Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment </details> <!-- META={"approvers":[]} -->

dlipovetsky

comment created time in an hour

pull request commentkubernetes-sigs/cluster-api-provider-aws

README: Note that v1alpha3 (v0.6) supports Kubernetes v1.21

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: To complete the pull request process, please assign randomvariable after the PR has been reviewed. You can assign the PR to them by writing /assign @randomvariable in a comment when ready.

The full list of commands accepted by this bot can be found here.

<details open> Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment </details> <!-- META={"approvers":["randomvariable"]} -->

dlipovetsky

comment created time in an hour

pull request commentkubernetes-sigs/cluster-api-provider-aws

README: Note that v1alpha3 (v0.6) supports Kubernetes v1.21

@dlipovetsky: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

<details>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. </details>

dlipovetsky

comment created time in an hour

PR opened kubernetes-sigs/cluster-api-provider-aws

README: Note that v1alpha3 (v0.6) supports Kubernetes v1.21

<!-- Thanks for this PR! If this is your first PR please read the contributing guide --> <!-- If this PR is still work-in-progress and is being open for visibility please prefix the title with WIP: -->

What type of PR is this? /kind documentation

<!-- Add one of the following kinds: /kind feature /kind bug /kind api-change /kind cleanup /kind deprecation /kind design /kind documentation /kind failing-test /kind flake /kind regression /kind support -->

What this PR does / why we need it: Corrects the version skew in the README.

<!-- Enter a description of the change and why this change is needed -->

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged): Fixes #

Special notes for your reviewer:

Checklist: <!-- Put an "X" character inside the brackets of each completed task. Some may be optional depending on the PR in which case these can be deleted -->

  • [ ] squashed commits
  • [ ] includes documentation
  • [ ] adds unit tests
  • [ ] adds or updates e2e tests

Release note: <!-- Write your release note:

  1. Enter your extended release note in the below block.
  2. If the PR requires additional action from users switching to the new release, include the string "action required".
  3. If no release note is required, just write "NONE"....however we encourage contributors to never use this as release notes are incredible useful. -->

+1 -1

0 comment

1 changed file

pr created time in an hour

issue commentkubernetes-sigs/cluster-api-provider-vsphere

Controller secrets not synchronized to worker cluster secrets

Is that thumbprint actually correct? It looks like an ssh publickey and not an SSL cert thumbprint.

kbreit

comment created time in an hour

issue commentkubernetes-sigs/cluster-api-provider-aws

v1alpha3 e2e conformance fails for k8s v1.22

/milestone v0.6.x /kind release-blocking

sedefsavas

comment created time in an hour

push eventkubernetes-sigs/cluster-api-provider-vsphere

Gab Satchi

commit sha b116203900e1fec071fdb619317e309a113974a8

- Multi tenancy support - VSphereCluster fetches secrete when verifying connectivity - VsphereVM utilizes identity when IdentityRef is specified in cluster - validates secret is stored in the correct namespace for the identity types - adds namespaces allowed logic - adds authentication related conditions to VSphereVM - adds vSphere secret to cluster templates - updates secrets with finalizers and ownerref when secret is meant to be used as the Identity - Adds VSphereClusterIdentity controller

view details

Gab Satchi

commit sha 54844606deadcb59b2d40a4e224644cebe7b68b9

vsphereclusteridentity returns early when secret isn't found

view details

Kubernetes Prow Robot

commit sha f9baaa9c5d081003f16a71fabb8ef4f79b5df581

Merge pull request #1181 from gab-satchi/multi-tenancy Add multi-tenancy support

view details

push time in 2 hours

PR merged kubernetes-sigs/cluster-api-provider-vsphere

Reviewers
Add multi-tenancy support approved cncf-cla: yes lgtm size/XXL
  • VSphereCluster fetches Secret (from cluster namespace) or VSphereIdentity that links to a Secret in the controller namespace when verifying connectivity
  • VsphereVM utilizes identity when IdentityRef is specified in cluster
  • validates secret is stored in the correct namespace for the identity types
  • adds namespaces allowed logic
  • adds authentication related conditions to VSphereVM
  • adds vSphere secret to generated cluster templates
  • updates secrets with finalizers and ownerref when secret is meant to be used as the Identity

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged): Fixes #1123

Release note:

- Multi-tenancy support. Clusters can either reference a Secret with credentials or a VSphereClusterIdentity
+2413 -43

4 comments

28 changed files

gab-satchi

pr closed time in 2 hours

issue closedkubernetes-sigs/cluster-api-provider-vsphere

Multi-tenant support with a single manager instance

/kind feature

Describe the solution you'd like CAPV manager currently requires credentials to a vcenter through its runtime options to operate. This issue is to track support for multi-tenancy through a single instance of the CAPV manager.

There are currently less than ideal ways to deploy to multiple vcenters:

  • Utilize the Server field in vsphere machine clone spec. This allows for machines to be deployed to vcenters other than the one the manager is configured for, but it requires the alternate vcenters to have the same credentials as the primary one.
  • Deploy multiple instances of the CAPV manager configured for each vcenter and have them watch a dedicated namespace. Not currently supported and may never be fully supported. CAPI's multi-tenancy contract implicitly calls for a single manager instance.

Anything else you would like to add: Each cluster will need to specify credentials to be used to deploy the cluster, if it's something other than what the CAPV manager is configured for. This could be done through a reference to a secret. If a cluster doesn't specify credentials, CAPV can fall back to using the credentials configured in the manager.

closed time in 2 hours

gab-satchi

pull request commentkubernetes-sigs/cluster-api-provider-vsphere

Add multi-tenancy support

/lgtm

gab-satchi

comment created time in 2 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

Update EKS clusters to enable encryption

There are numerous errors with the e2e tests:

https://storage.googleapis.com/kubernetes-jenkins/pr-logs/pull/kubernetes-sigs_cluster-api-provider-aws/2505/pull-cluster-api-provider-aws-e2e-eks/1408071070308634624/artifacts/clusters/bootstrap/controllers/capa-eks-control-plane-controller-manager/capa-eks-control-plane-controller-manager-79dfc4848d-f7lj6/manager.log

Ankitasw

comment created time in 2 hours

issue closedkubernetes-sigs/cluster-api-provider-aws

Upgrade to kind v0.11.0

Upgrade kind to v0.11.0 for less flakiness in e2e tests.

Corresponding cluster api issue: https://github.com/kubernetes-sigs/cluster-api/issues/4503

https://github.com/kubernetes-sigs/cluster-api/pull/4469

/milestone v0.7.0

closed time in 2 hours

sedefsavas

push eventkubernetes-sigs/cluster-api-provider-aws

XinYang

commit sha b7e36bf33505fbd136e7690cfcb5ece1fa96d606

update kind version Signed-off-by: XinYang <xinydev@gmail.com>

view details

Kubernetes Prow Robot

commit sha 1120730e11a33a50ef1336ab022de3c4aac1910f

Merge pull request #2541 from xinydev/update-kind upgrade to kind v0.11.0

view details

push time in 2 hours

PR merged kubernetes-sigs/cluster-api-provider-aws

Reviewers
upgrade to kind v0.11.0 approved cncf-cla: yes lgtm needs-priority ok-to-test release-note-none size/XS

<!-- Thanks for this PR! If this is your first PR please read the contributing guide --> <!-- If this PR is still work-in-progress and is being open for visibility please prefix the title with WIP: -->

What type of PR is this?

<!-- Add one of the following kinds: /kind feature /kind bug /kind api-change /kind cleanup /kind deprecation /kind design /kind documentation /kind failing-test /kind flake /kind regression /kind support -->

What this PR does / why we need it:

Upgrade kind to v0.11.0 for less flakiness in e2e tests. the kind is already v0.11.1 in go.sum

<!-- Enter a description of the change and why this change is needed -->

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):

Fixes https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/2413

Special notes for your reviewer:

Checklist: <!-- Put an "X" character inside the brackets of each completed task. Some may be optional depending on the PR in which case these can be deleted -->

  • [ ] squashed commits
  • [ ] includes documentation
  • [ ] adds unit tests
  • [ ] adds or updates e2e tests

Release note: <!-- Write your release note:

  1. Enter your extended release note in the below block.
  2. If the PR requires additional action from users switching to the new release, include the string "action required".
  3. If no release note is required, just write "NONE"....however we encourage contributors to never use this as release notes are incredible useful. -->
NONE

+1 -1

5 comments

1 changed file

xinydev

pr closed time in 2 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: <a href="https://github.com/kubernetes-sigs/cluster-api-provider-aws/pull/2541#issuecomment-867795076" title="Approved">sedefsavas</a>

The full list of commands accepted by this bot can be found here.

The pull request process is described here

<details > Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment </details> <!-- META={"approvers":[]} -->

xinydev

comment created time in 2 hours

pull request commentkubernetes-sigs/cluster-api-provider-vsphere

WIP: Failure Domain implementation

@srm09: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
pull-cluster-api-provider-vsphere-e2e 06911aca08425567a9ec78a9087967210fca44b9 link /test pull-cluster-api-provider-vsphere-e2e

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

<details>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. </details> <!-- test report -->

srm09

comment created time in 2 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

/lgtm /approve

xinydev

comment created time in 2 hours

issue closedkubernetes-sigs/cluster-api-provider-vsphere

Secrets and ConfigMaps used for CRS collide when deploying clusters in the same namespace

/kind bug The default cluster templates create a new Cluster Resource Set (CRS) per cluster but the resources referenced in the CRS don't have unique names. There are things like: Secrets named csi-vsphere-config ConfigMaps named vsphere-csi-node and vsphere-csi-controller

What steps did you take and what happened:

  • deploy a cluster to Datacenter 1
  • notice the csi-vsphere-config with data that references Datacenter 1
  • deploy another cluster to Datastore 2
  • csi-vsphere-config is now updated to reference Datastore 2
  • If either one of the cluster is deleted, the CRS resources are also deleted.

What did you expect to happen: CRS resources that are unique to a cluster that won't get affected by other clusters' lifecycle.

Environment:

  • Cluster-api-provider-vsphere version:
  • Kubernetes version: (use kubectl version):
  • OS (e.g. from /etc/os-release):

closed time in 2 hours

gab-satchi

issue commentkubernetes-sigs/cluster-api-provider-vsphere

Secrets and ConfigMaps used for CRS collide when deploying clusters in the same namespace

closing since quickstart templates are meant for testing and are expected to be customized by users.

gab-satchi

comment created time in 2 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

Update EKS clusters to enable encryption

@Ankitasw: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
pull-cluster-api-provider-aws-e2e-eks 29630114adb8ae87dc97e465554a11986c752c53 link /test pull-cluster-api-provider-aws-e2e-eks

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

<details>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. </details> <!-- test report -->

Ankitasw

comment created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

/ok-to-test

xinydev

comment created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

Hi @xinydev. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

<details>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. </details>

xinydev

comment created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

Welcome @xinydev! <br><br>It looks like this is your first PR to <a href='https://github.com/kubernetes-sigs/cluster-api-provider-aws'>kubernetes-sigs/cluster-api-provider-aws</a> 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval. <br><br>You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation. <br><br>You can also check if kubernetes-sigs/cluster-api-provider-aws has its own contribution guidelines. <br><br>You may want to refer to our testing guide if you run into trouble with your tests not passing. <br><br>If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs! <br><br>Thank you, and welcome to Kubernetes. :smiley:

xinydev

comment created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: To complete the pull request process, please assign justinsb after the PR has been reviewed. You can assign the PR to them by writing /assign @justinsb in a comment when ready.

The full list of commands accepted by this bot can be found here.

<details open> Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment </details> <!-- META={"approvers":["justinsb"]} -->

xinydev

comment created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

@xinydev: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

<details>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. </details>

xinydev

comment created time in 4 hours

PR opened kubernetes-sigs/cluster-api-provider-aws

upgrade to kind v0.11.0

<!-- Thanks for this PR! If this is your first PR please read the contributing guide --> <!-- If this PR is still work-in-progress and is being open for visibility please prefix the title with WIP: -->

What type of PR is this?

<!-- Add one of the following kinds: /kind feature /kind bug /kind api-change /kind cleanup /kind deprecation /kind design /kind documentation /kind failing-test /kind flake /kind regression /kind support -->

What this PR does / why we need it:

Upgrade kind to v0.11.0 for less flakiness in e2e tests. the kind is already v0.11.1 in go.sum

<!-- Enter a description of the change and why this change is needed -->

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):

Fixes https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/2413

Special notes for your reviewer:

Checklist: <!-- Put an "X" character inside the brackets of each completed task. Some may be optional depending on the PR in which case these can be deleted -->

  • [ ] squashed commits
  • [ ] includes documentation
  • [ ] adds unit tests
  • [ ] adds or updates e2e tests

Release note: <!-- Write your release note:

  1. Enter your extended release note in the below block.
  2. If the PR requires additional action from users switching to the new release, include the string "action required".
  3. If no release note is required, just write "NONE"....however we encourage contributors to never use this as release notes are incredible useful. -->

+1 -1

0 comment

1 changed file

pr created time in 4 hours

issue commentkubernetes-sigs/cluster-api-provider-aws

Refactor `EncryptionConfig` for AWSManagedControlPlane

@richardcase: This request has been marked as needing help from a contributor.

Please ensure the request meets the requirements listed here.

If this request no longer meets these requirements, the label can be removed by commenting with the /remove-help command.

<details>

In response to this:

/area provider/eks /kind api-change /kind refactor /milestone v0.7.0 /help /priority important-soon

Describe the solution you'd like You can optionally enable encryption for EKS by supplying details in AWSManagedControlPlane.Spec.EncryptionConfig. As its optional, it is a pointer and marked as optional and omitempty.

If you want to enable encryption, then you must supply the provider and resources. Currently, these are pointers and not marked as required. We should mark these as required using kubebuilder validation and remove the pointers/omitempty.

This was noticed whilst making a change for #2505

Anything else you would like to add: So perhaps something like this:

// EncryptionConfig specifies the encryption configuration for the EKS clsuter.
type EncryptionConfig struct {
	// Provider specifies the ARN or alias of the CMK (in AWS KMS)
	// +kubebuilder:validation:Required
	Provider string `json:"provider"`
	// Resources specifies the resources to be encrypted
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinItems=1
	Resources []string `json:"resources"`
}

This will cause problems with the generated deepcopy and conversion functions which will need to be fixed.

Environment:

  • Cluster-api-provider-aws version: 0.6.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. </details>

richardcase

comment created time in 4 hours

issue openedkubernetes-sigs/cluster-api-provider-aws

Refactor `EncryptionConfig` for AWSManagedControlPlane

/area provider/eks /kind api-change /kind refactor /milestone v0.7.0 /help /priority important-soon

Describe the solution you'd like You can optionally enable encryption for EKS by supplying details in AWSManagedControlPlane.Spec.EncryptionConfig. As its optional, it is a pointer and marked as optional and omitempty.

If you want to enable encryption, then you must supply the provider and resources. Currently, these are pointers and not marked as required. We should mark these as required using kubebuilder validation and remove the pointers/omitempty.

This was noticed whilst making a change for #2505

Anything else you would like to add: So perhaps something like this:

// EncryptionConfig specifies the encryption configuration for the EKS clsuter.
type EncryptionConfig struct {
	// Provider specifies the ARN or alias of the CMK (in AWS KMS)
	// +kubebuilder:validation:Required
	Provider string `json:"provider"`
	// Resources specifies the resources to be encrypted
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinItems=1
	Resources []string `json:"resources"`
}

This will cause problems with the generated deepcopy and conversion functions which will need to be fixed.

Environment:

  • Cluster-api-provider-aws version: 0.6.6

created time in 4 hours

pull request commentkubernetes-sigs/cluster-api-provider-aws

Update EKS clusters to enable encryption

/test pull-cluster-api-provider-aws-e2e-eks

Ankitasw

comment created time in 5 hours