github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into fix-typos

pull/6/head
bin liu 2016-07-04 11:20:47 +08:00
parent fd27cd47f7 feea382960
commit 426fdc431a
3744 changed files with 41155 additions and 14988 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.travis.yml
View File

@ -1,5 +0,0 @@
language: bash
script:
- echo "Travis is disabled on master. See issue 23611."
- echo "https://github.com/kubernetes/kubernetes/issues/23611"

167
CHANGELOG.md
View File

@ -1,5 +1,22 @@
<!-- BEGIN MUNGE: GENERATED_TOC -->
- [v1.3.0](#v130)
- [Downloads](#downloads)
- [Major Themes](#major-themes)
- [Other notable improvements](#other-notable-improvements)
- [Known Issues](#known-issues)
- [Provider-specific Notes](#provider-specific-notes)
- [Changelog since v1.3.0-beta.3](#changelog-since-v130-beta3)
- [Previous Releases Included in v1.3.0](#previous-releases-included-in-v130)
- [v1.3.0-beta.3](#v130-beta3)
- [Downloads](#downloads)
- [Changelog since v1.3.0-beta.2](#changelog-since-v130-beta2)
- [Action Required](#action-required)
- [Other notable changes](#other-notable-changes)
- [v1.2.5](#v125)
- [Downloads](#downloads)
- [Changes since v1.2.4](#changes-since-v124)
- [Other notable changes](#other-notable-changes)
- [v1.3.0-beta.2](#v130-beta2)
- [Downloads](#downloads)
- [Changes since v1.3.0-beta.1](#changes-since-v130-beta1)
@ -71,6 +88,156 @@
<!-- NEW RELEASE NOTES ENTRY -->
# v1.3.0
[Documentation](http://kubernetes.github.io) & [Examples](http://releases.k8s.io/release-1.3/examples)
## Downloads
binary | sha1 hash | md5 hash
------ | --------- | --------
[kubernetes.tar.gz](https://storage.googleapis.com/kubernetes-release/release/v1.3.0/kubernetes.tar.gz) | `88249c443d438666928379aa7fe865b389ed72ea` | `9270f001aef8c03ff5db63456ca9eecc`
## Highlights
* Authorization:
* **Alpha** RBAC authorization API group
* Federation
* federation api group is now **beta**
* Services from all federated clusters are now registered in Cloud DNS (AWS and GCP).
* Stateful Apps:
* **alpha** PetSets manage stateful apps
* **alpha** Init containers provide one-time setup for stateful containers
* Updating:
* Retry Pod/RC updates in kubectl rolling-update.
* Stop 'kubectl drain' deleting pods with local storage.
* Add `kubectl rollout status`
* Security/Auth
* L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
* Setting TLS1.2 minimum
* `kubectl create secret tls` command
* Webhook Token Authenticator
* **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
* Display line number on JSON errors
* Add flag -t as shorthand for --tty
* Resources
* **alpha**: NVIDIA GPU support ([#24836](https://github.com/kubernetes/kubernetes/pull/24836), [@therc](https://github.com/therc))
* Adding loadBalancer services and nodeports services to quota system
## Known Issues and Important Steps before Upgrading
* *Instructions coming soon*
## Provider-specific Notes
* AWS
* Support for ap-northeast-2 region (Seoul)
* Allow cross-region image pulling with ECR
* More reliable kube-up/kube-down
* Enable ICMP Type 3 Code 4 for ELBs
* ARP caching fix
* Use /dev/xvdXX names
* ELB:
* ELB proxy protocol support
* mixed plaintext/encrypted ports support in ELBs
* SSL support for ELB listeners
* Allow VPC CIDR to be specified (experimental)
* Fix problems with >2 security groups
* GCP:
* Enable using gcr.io as a Docker registry mirror.
* Make bigger master root disks in GCE for large clusters.
* Change default clusterCIDRs from /16 to /14 allowing 1000 Node clusters by default.
* Allow Debian Jessie on GCE.
* Node problem detector addon pod detects and reports kernel deadlocks.
* OpenStack
* Provider added.
* VSphere:
* Provider updated.
### Previous Releases Included in v1.3.0
- [v1.3.0-beta.3](CHANGELOG.md#v130-beta3)
- [v1.3.0-beta.2](CHANGELOG.md#v130-beta2)
- [v1.3.0-beta.1](CHANGELOG.md#v130-beta1)
- [v1.3.0-alpha.5](CHANGELOG.md#v130-alpha5)
- [v1.3.0-alpha.4](CHANGELOG.md#v130-alpha4)
- [v1.3.0-alpha.3](CHANGELOG.md#v130-alpha3)
- [v1.3.0-alpha.2](CHANGELOG.md#v130-alpha2)
- [v1.3.0-alpha.1](CHANGELOG.md#v130-alpha1)
# v1.3.0-beta.3
[Documentation](http://kubernetes.github.io) & [Examples](http://releases.k8s.io/release-1.3/examples)
## Downloads
binary | sha1 hash | md5 hash
------ | --------- | --------
[kubernetes.tar.gz](https://storage.googleapis.com/kubernetes-release/release/v1.3.0-beta.3/kubernetes.tar.gz) | `9d18964a294f356bfdc841957dcad8ff35ed909c` | `ee5fcdf86645135ed132663967876dd6`
## Changelog since v1.3.0-beta.2
### Action Required
* [kubelet] Allow opting out of automatic cloud provider detection in kubelet. By default kubelet will auto-detect cloud providers ([#28258](https://github.com/kubernetes/kubernetes/pull/28258), [@vishh](https://github.com/vishh))
* If you use one of the kube-dns replication controller manifest in `cluster/saltbase/salt/kube-dns`, i.e. `cluster/saltbase/salt/kube-dns/{skydns-rc.yaml.base,skydns-rc.yaml.in}`, either substitute one of `__PILLAR__FEDERATIONS__DOMAIN__MAP__` or `{{ pillar['federations_domain_map'] }}` with the corresponding federation name to domain name value or remove them if you do not support cluster federation at this time. If you plan to substitute the parameter with its value, here is an example for `{{ pillar['federations_domain_map'] }` ([#28132](https://github.com/kubernetes/kubernetes/pull/28132), [@madhusudancs](https://github.com/madhusudancs))
* pillar['federations_domain_map'] = "- --federations=myfederation=federation.test"
* where `myfederation` is the name of the federation and `federation.test` is the domain name registered for the federation.
* federation: Upgrading the groupversion to v1beta1 ([#28186](https://github.com/kubernetes/kubernetes/pull/28186), [@nikhiljindal](https://github.com/nikhiljindal))
* Set Dashboard UI version to v1.1.0 ([#27869](https://github.com/kubernetes/kubernetes/pull/27869), [@bryk](https://github.com/bryk))
### Other notable changes
* Build: Add KUBE_GCS_RELEASE_BUCKET_MIRROR option to push-ci-build.sh ([#28172](https://github.com/kubernetes/kubernetes/pull/28172), [@zmerlynn](https://github.com/zmerlynn))
* Image GC logic should compensate for reserved blocks ([#27996](https://github.com/kubernetes/kubernetes/pull/27996), [@ronnielai](https://github.com/ronnielai))
* Bump minimum API version for docker to 1.21 ([#27208](https://github.com/kubernetes/kubernetes/pull/27208), [@yujuhong](https://github.com/yujuhong))
* Adding lock files for kubeconfig updating ([#28034](https://github.com/kubernetes/kubernetes/pull/28034), [@krousey](https://github.com/krousey))
* federation service controller: fixing the logic to update DNS records ([#27999](https://github.com/kubernetes/kubernetes/pull/27999), [@quinton-hoole](https://github.com/quinton-hoole))
* federation: Updating KubeDNS to try finding a local service first for federation query ([#27708](https://github.com/kubernetes/kubernetes/pull/27708), [@nikhiljindal](https://github.com/nikhiljindal))
* Support journal logs in fluentd-gcp on GCI ([#27981](https://github.com/kubernetes/kubernetes/pull/27981), [@a-robinson](https://github.com/a-robinson))
* Copy and display source location prominently on Kubernetes instances ([#27985](https://github.com/kubernetes/kubernetes/pull/27985), [@maisem](https://github.com/maisem))
* Federation e2e support for AWS ([#27791](https://github.com/kubernetes/kubernetes/pull/27791), [@colhom](https://github.com/colhom))
* Copy and display source location prominently on Kubernetes instances ([#27840](https://github.com/kubernetes/kubernetes/pull/27840), [@zmerlynn](https://github.com/zmerlynn))
* AWS/GCE: Spread PetSet volume creation across zones, create GCE volumes in non-master zones ([#27553](https://github.com/kubernetes/kubernetes/pull/27553), [@justinsb](https://github.com/justinsb))
* GCE provider: Create TargetPool with 200 instances, then update with rest ([#27829](https://github.com/kubernetes/kubernetes/pull/27829), [@zmerlynn](https://github.com/zmerlynn))
* Add sources to server tarballs. ([#27830](https://github.com/kubernetes/kubernetes/pull/27830), [@david-mcmahon](https://github.com/david-mcmahon))
* Retry Pod/RC updates in kubectl rolling-update ([#27509](https://github.com/kubernetes/kubernetes/pull/27509), [@janetkuo](https://github.com/janetkuo))
* AWS kube-up: Authorize route53 in the IAM policy ([#27794](https://github.com/kubernetes/kubernetes/pull/27794), [@justinsb](https://github.com/justinsb))
* Allow conformance tests to run on non-GCE providers ([#26932](https://github.com/kubernetes/kubernetes/pull/26932), [@aaronlevy](https://github.com/aaronlevy))
* AWS kube-up: move to Docker 1.11.2 ([#27676](https://github.com/kubernetes/kubernetes/pull/27676), [@justinsb](https://github.com/justinsb))
* Fixed an issue that Deployment may be scaled down further than allowed by maxUnavailable when minReadySeconds is set. ([#27728](https://github.com/kubernetes/kubernetes/pull/27728), [@janetkuo](https://github.com/janetkuo))
# v1.2.5
[Documentation](http://kubernetes.github.io) & [Examples](http://releases.k8s.io/release-1.2/examples)
## Downloads
binary | sha1 hash | md5 hash
------ | --------- | --------
[kubernetes.tar.gz](https://storage.googleapis.com/kubernetes-release/release/v1.2.5/kubernetes.tar.gz) | `ddf12d7f37dfef25308798d71ad547761d0785ac` | `69d770df8fa4eceb57167e34df3962ca`
## Changes since v1.2.4
### Other notable changes
* Retry Pod/RC updates in kubectl rolling-update ([#27509](https://github.com/kubernetes/kubernetes/pull/27509), [@janetkuo](https://github.com/janetkuo))
* GCE provider: Create TargetPool with 200 instances, then update with rest ([#27865](https://github.com/kubernetes/kubernetes/pull/27865), [@zmerlynn](https://github.com/zmerlynn))
* GCE provider: Limit Filter calls to regexps rather than large blobs ([#27741](https://github.com/kubernetes/kubernetes/pull/27741), [@zmerlynn](https://github.com/zmerlynn))
* Fix strategic merge diff list diff bug ([#26418](https://github.com/kubernetes/kubernetes/pull/26418), [@AdoHe](https://github.com/AdoHe))
* AWS: Fix long-standing bug in stringSetToPointers ([#26331](https://github.com/kubernetes/kubernetes/pull/26331), [@therc](https://github.com/therc))
* AWS kube-up: Increase timeout waiting for docker start ([#25405](https://github.com/kubernetes/kubernetes/pull/25405), [@justinsb](https://github.com/justinsb))
* Fix hyperkube flag parsing ([#25512](https://github.com/kubernetes/kubernetes/pull/25512), [@colhom](https://github.com/colhom))
* kubectl rolling-update support for same image ([#24645](https://github.com/kubernetes/kubernetes/pull/24645), [@jlowdermilk](https://github.com/jlowdermilk))
* Return "410 Gone" errors via watch stream when using watch cache ([#25369](https://github.com/kubernetes/kubernetes/pull/25369), [@liggitt](https://github.com/liggitt))
# v1.3.0-beta.2
[Documentation](http://kubernetes.github.io) & [Examples](http://releases.k8s.io/release-1.3/examples)

191
Godeps/Godeps.json generated
View File

@ -1,7 +1,7 @@
{
"ImportPath": "k8s.io/kubernetes",
"GoVersion": "go1.6",
"GodepVersion": "v69",
"GodepVersion": "v74",
"Packages": [
"github.com/ugorji/go/codec/codecgen",
"github.com/onsi/ginkgo/ginkgo",
@ -927,203 +927,203 @@
},
{
"ImportPath": "github.com/google/cadvisor/api",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/cache/memory",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/collector",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/common",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/docker",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/libcontainer",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/raw",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/rkt",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/container/systemd",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/devicemapper",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/events",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/fs",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/healthz",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/http",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/http/mux",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/info/v1",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/info/v1/test",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/info/v2",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/machine",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/manager",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/manager/watcher",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/manager/watcher/raw",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/manager/watcher/rkt",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/metrics",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/pages",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/pages/static",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/storage",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/summary",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/cloudinfo",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/cpuload",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/cpuload/netlink",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/docker",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/oomparser",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/sysfs",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/sysinfo",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/utils/tail",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/validate",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/cadvisor/version",
"Comment": "v0.23.4",
"Rev": "7d22cf63253c17bad8ab64b8eef679718d00342e"
"Comment": "v0.23.2-25-g51574ec",
"Rev": "51574ec04ff12ca5a50f0935625ec02437191a06"
},
{
"ImportPath": "github.com/google/gofuzz",
@ -1319,7 +1319,7 @@
},
{
"ImportPath": "github.com/miekg/dns",
"Rev": "c2b278e70f35902fd68b54b69238cd10bb1b7451"
"Rev": "5d001d020961ae1c184f9f8152fdc73810481677"
},
{
"ImportPath": "github.com/mistifyio/go-zfs",
@ -1773,6 +1773,11 @@
"Comment": "v1.0.0-920-g934dbf8",
"Rev": "934dbf81977c67c521c75492dc1f55ca74dc5b04"
},
{
"ImportPath": "github.com/renstrom/dedent",
"Comment": "v1.0.0-3-g020d11c",
"Rev": "020d11c3b9c0c7a3c2efcc8e5cf5b9ef7bcea21f"
},
{
"ImportPath": "github.com/robfig/cron",
"Comment": "v1-16-g0f39cf7",
@ -1797,28 +1802,28 @@
},
{
"ImportPath": "github.com/skynetservices/skydns/cache",
"Comment": "2.5.3a-32-gf7b6fb7",
"Rev": "f7b6fb74bcfab300b4e7e0e27b1fe6c0ed555f78"
"Comment": "2.5.3a-41-g00ade30",
"Rev": "00ade3024f047d26130abf161900e0adb72a06f1"
},
{
"ImportPath": "github.com/skynetservices/skydns/metrics",
"Comment": "2.5.3a-32-gf7b6fb7",
"Rev": "f7b6fb74bcfab300b4e7e0e27b1fe6c0ed555f78"
"Comment": "2.5.3a-41-g00ade30",
"Rev": "00ade3024f047d26130abf161900e0adb72a06f1"
},
{
"ImportPath": "github.com/skynetservices/skydns/msg",
"Comment": "2.5.3a-32-gf7b6fb7",
"Rev": "f7b6fb74bcfab300b4e7e0e27b1fe6c0ed555f78"
"Comment": "2.5.3a-41-g00ade30",
"Rev": "00ade3024f047d26130abf161900e0adb72a06f1"
},
{
"ImportPath": "github.com/skynetservices/skydns/server",
"Comment": "2.5.3a-32-gf7b6fb7",
"Rev": "f7b6fb74bcfab300b4e7e0e27b1fe6c0ed555f78"
"Comment": "2.5.3a-41-g00ade30",
"Rev": "00ade3024f047d26130abf161900e0adb72a06f1"
},
{
"ImportPath": "github.com/skynetservices/skydns/singleflight",
"Comment": "2.5.3a-32-gf7b6fb7",
"Rev": "f7b6fb74bcfab300b4e7e0e27b1fe6c0ed555f78"
"Comment": "2.5.3a-41-g00ade30",
"Rev": "00ade3024f047d26130abf161900e0adb72a06f1"
},
{
"ImportPath": "github.com/spf13/cobra",
@ -1973,7 +1978,7 @@
},
{
"ImportPath": "golang.org/x/exp/inotify",
"Rev": "d00e13ec443927751b2bd49e97dea7bf3b6a6487"
"Rev": "292a51b8d262487dab23a588950e8052d63d9113"
},
{
"ImportPath": "golang.org/x/net/context",

33
Godeps/LICENSES generated
View File

@ -190,7 +190,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2014 The Kubernetes Authors All rights reserved.
Copyright 2014 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -204,7 +204,7 @@
See the License for the specific language governing permissions and
limitations under the License.
= LICENSE d6177d11bbe618cf4ac8a63a16d30f83 -
= LICENSE ad09685d909e7a9f763d2bb62d4bd6fb -
================================================================================
================================================================================
@ -57322,6 +57322,35 @@ specific language governing permissions and limitations under the License.
================================================================================
================================================================================
= vendor/github.com/renstrom/dedent licensed under: =
The MIT License (MIT)
Copyright (c) 2015 Peter Renström
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
= vendor/github.com/renstrom/dedent/LICENSE 285693e07a6e1fd790cb3f3b8b5127db -
================================================================================
================================================================================
= vendor/github.com/robfig/cron licensed under: =

2
LICENSE
View File

@ -187,7 +187,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2014 The Kubernetes Authors All rights reserved.
Copyright 2014 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

12
Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -45,6 +45,14 @@ all:
hack/build-go.sh $(WHAT)
.PHONY: all
# Build ginkgo
#
# Example:
# make ginkgo
ginkgo:
hack/build-go.sh vendor/github.com/onsi/ginkgo/ginkgo
.PHONY: ginkgo
# Runs all the presubmission verifications.
#
# Args:
@ -111,7 +119,7 @@ test_e2e:
# make test_e2e_node FOCUS=kubelet SKIP=container
# make test_e2e_node REMOTE=true DELETE_INSTANCES=true
# Build and run tests.
test_e2e_node:
test_e2e_node: ginkgo
hack/e2e-node-test.sh
.PHONY: test_e2e_node

4
README.md
View File

@ -1,13 +1,11 @@
# Kubernetes
[![Submit Queue Widget]][Submit Queue] [![GoReportCard Widget]][GoReportCard] [![GoDoc Widget]][GoDoc] [![Coverage Status Widget]][Coverage Status]
[![Submit Queue Widget]][Submit Queue] [![GoDoc Widget]][GoDoc] [![Coverage Status Widget]][Coverage Status]
[Submit Queue]: http://submit-queue.k8s.io/#/e2e
[Submit Queue Widget]: http://submit-queue.k8s.io/health.svg?v=1
[GoDoc]: https://godoc.org/k8s.io/kubernetes
[GoDoc Widget]: https://godoc.org/k8s.io/kubernetes?status.svg
[GoReportCard]: https://goreportcard.com/report/k8s.io/kubernetes
[GoReportCard Widget]: https://goreportcard.com/badge/k8s.io/kubernetes
[Coverage Status]: https://coveralls.io/r/kubernetes/kubernetes
[Coverage Status Widget]: https://coveralls.io/repos/kubernetes/kubernetes/badge.svg

110
api/swagger-spec/certificates.json Normal file
View File

@ -0,0 +1,110 @@
{
"swaggerVersion": "1.2",
"apiVersion": "",
"basePath": "https://10.10.10.10:6443",
"resourcePath": "/apis/certificates",
"apis": [
{
"path": "/apis/certificates",
"description": "get information of a group",
"operations": [
{
"type": "unversioned.APIGroup",
"method": "GET",
"summary": "get information of a group",
"nickname": "getAPIGroup",
"parameters": [],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"consumes": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
]
}
]
}
],
"models": {
"unversioned.APIGroup": {
"id": "unversioned.APIGroup",
"description": "APIGroup contains the name, the supported versions, and the preferred version of a group.",
"required": [
"name",
"versions",
"serverAddressByClientCIDRs"
],
"properties": {
"kind": {
"type": "string",
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
},
"apiVersion": {
"type": "string",
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources"
},
"name": {
"type": "string",
"description": "name is the name of the group."
},
"versions": {
"type": "array",
"items": {
"$ref": "unversioned.GroupVersionForDiscovery"
},
"description": "versions are the versions supported in this group."
},
"preferredVersion": {
"$ref": "unversioned.GroupVersionForDiscovery",
"description": "preferredVersion is the version preferred by the API server, which probably is the storage version."
},
"serverAddressByClientCIDRs": {
"type": "array",
"items": {
"$ref": "unversioned.ServerAddressByClientCIDR"
},
"description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP."
}
}
},
"unversioned.GroupVersionForDiscovery": {
"id": "unversioned.GroupVersionForDiscovery",
"description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensiblity.",
"required": [
"groupVersion",
"version"
],
"properties": {
"groupVersion": {
"type": "string",
"description": "groupVersion specifies the API group and version in the form \"group/version\""
},
"version": {
"type": "string",
"description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion."
}
}
},
"unversioned.ServerAddressByClientCIDR": {
"id": "unversioned.ServerAddressByClientCIDR",
"description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.",
"required": [
"clientCIDR",
"serverAddress"
],
"properties": {
"clientCIDR": {
"type": "string",
"description": "The CIDR with which clients can match their IP to figure out the server address that they should use."
},
"serverAddress": {
"type": "string",
"description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port."
}
}
}
}
}

1118
api/swagger-spec/certificates_v1alpha1.json Normal file
View File

File diff suppressed because it is too large Load Diff

8
api/swagger-spec/resourceListing.json
View File

@ -61,6 +61,14 @@
"path": "/apis/apps",
"description": "get information of a group"
},
{
"path": "/apis/certificates/v1alpha1",
"description": "API at /apis/certificates/v1alpha1"
},
{
"path": "/apis/certificates",
"description": "get information of a group"
},
{
"path": "/apis/rbac.authorization.k8s.io/v1alpha1",
"description": "API at /apis/rbac.authorization.k8s.io/v1alpha1"

6
api/swagger-spec/v1.json
View File

@ -19090,6 +19090,10 @@
"type": "object",
"description": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4"
},
"stringData": {
"type": "object",
"description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API."
},
"type": {
"type": "string",
"description": "Used to facilitate programmatic handling of secret data."
@ -19226,7 +19230,7 @@
},
"selector": {
"type": "object",
"description": "This service will route traffic to pods having labels matching this selector. Label keys and values that must match in order to receive traffic for this service. If empty, all pods are selected, if not specified, endpoints must be manually specified. More info: http://releases.k8s.io/HEAD/docs/user-guide/services.md#overview"
"description": "This service will route traffic to pods having labels matching this selector. Label keys and values that must match in order to receive traffic for this service. If not specified, endpoints must be manually specified and the system will not automatically manage them. More info: http://releases.k8s.io/HEAD/docs/user-guide/services.md#overview"
},
"clusterIP": {
"type": "string",

2
build/build-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/build-image/cross/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/build-image/cross/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

49
build/common.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -170,10 +170,14 @@ function kube::build::verify_prereqs() {
function kube::build::docker_available_on_osx() {
if [[ -z "${DOCKER_HOST}" ]]; then
if [[ -S "/var/run/docker.sock" ]]; then
kube::log::status "Using Docker for MacOS"
return 0
fi
kube::log::status "No docker host is set. Checking options for setting one..."
if [[ -z "$(which docker-machine)" && -z "$(which boot2docker)" ]]; then
kube::log::status "It looks like you're running Mac OS X, and neither docker-machine or boot2docker are nowhere to be found."
kube::log::status "It looks like you're running Mac OS X, and neither Docker for Mac, docker-machine or boot2docker are nowhere to be found."
kube::log::status "See: https://docs.docker.com/machine/ for installation instructions."
return 1
elif [[ -n "$(which docker-machine)" ]]; then
@ -266,6 +270,9 @@ function kube::build::ensure_docker_daemon_connectivity {
echo " - Set your environment variables using: "
echo " - eval \$(docker-machine env ${DOCKER_MACHINE_NAME})"
echo " - \$(boot2docker shellinit)"
echo " - Update your Docker VM"
echo " - Error Message: 'Error response from daemon: client is newer than server (...)' "
echo " - docker-machine upgrade ${DOCKER_MACHINE_NAME}"
echo " - On Linux, user isn't in 'docker' group. Add and relogin."
echo " - Something like 'sudo usermod -a -G docker ${USER-user}'"
echo " - RHEL7 bug and workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1119282#c8"
@ -552,16 +559,6 @@ function kube::build::clean_images() {
}
function kube::build::ensure_data_container() {
# This is temporary, while last remnants of _workspace are obliterated. If
# the data container exists it might be from before the change from
# Godeps/_workspace/ to vendor/, and thereby still have a Godeps/_workspace/
# directory in it, which trips up godep (yay godep!). Once we are confident
# that this has run ~everywhere we care about, we can remove this.
# TODO(thockin): remove this after v1.3 is cut.
if "${DOCKER[@]}" inspect "${KUBE_BUILD_DATA_CONTAINER_NAME}" \
| grep -q "Godeps/_workspace/pkg"; then
docker rm -f "${KUBE_BUILD_DATA_CONTAINER_NAME}"
fi
if ! "${DOCKER[@]}" inspect "${KUBE_BUILD_DATA_CONTAINER_NAME}" >/dev/null 2>&1; then
kube::log::status "Creating data container"
local -ra docker_cmd=(
@ -1204,6 +1201,16 @@ function kube::release::gcs::copy_release_artifacts() {
fi
gsutil ls -lhr "${gcs_destination}" || return 1
if [[ -n "${KUBE_GCS_RELEASE_BUCKET_MIRROR:-}" ]]; then
local -r gcs_mirror="gs://${KUBE_GCS_RELEASE_BUCKET_MIRROR}/${KUBE_GCS_RELEASE_PREFIX}"
kube::log::status "Mirroring build to ${gcs_mirror}"
gsutil -q -m "${gcs_options[@]+${gcs_options[@]}}" rsync -d -r "${gcs_destination}" "${gcs_mirror}" || return 1
if [[ ${KUBE_GCS_MAKE_PUBLIC} =~ ^[yY]$ ]]; then
kube::log::status "Marking all uploaded mirror objects public"
gsutil -q -m acl ch -R -g all:R "${gcs_mirror}" >/dev/null 2>&1 || return 1
fi
fi
}
# Publish a new ci version, (latest,) but only if the release files actually
@ -1468,7 +1475,19 @@ function kube::release::gcs::verify_ci_ge() {
# If new version is greater than the GCS version
function kube::release::gcs::publish() {
local -r publish_file="${1-}"
local -r publish_file_dst="gs://${KUBE_GCS_RELEASE_BUCKET}/${publish_file}"
kube::release::gcs::publish_to_bucket "${KUBE_GCS_RELEASE_BUCKET}" "${publish_file}" || return 1
if [[ -n "${KUBE_GCS_RELEASE_BUCKET_MIRROR:-}" ]]; then
kube::release::gcs::publish_to_bucket "${KUBE_GCS_RELEASE_BUCKET_MIRROR}" "${publish_file}" || return 1
fi
}
function kube::release::gcs::publish_to_bucket() {
local -r publish_bucket="${1}"
local -r publish_file="${2}"
local -r publish_file_dst="gs://${publish_bucket}/${publish_file}"
mkdir -p "${RELEASE_STAGE}/upload" || return 1
echo "${KUBE_GCS_PUBLISH_VERSION}" > "${RELEASE_STAGE}/upload/latest" || return 1
@ -1481,7 +1500,7 @@ function kube::release::gcs::publish() {
gsutil acl ch -R -g all:R "${publish_file_dst}" >/dev/null 2>&1 || return 1
gsutil setmeta -h "Cache-Control:private, max-age=0" "${publish_file_dst}" >/dev/null 2>&1 || return 1
# If public, validate public link
local -r public_link="https://storage.googleapis.com/${KUBE_GCS_RELEASE_BUCKET}/${publish_file}"
local -r public_link="https://storage.googleapis.com/${publish_bucket}/${publish_file}"
kube::log::status "Validating uploaded version file at ${public_link}"
contents="$(curl -s "${public_link}")"
else

2
build/copy-output.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/debian-iptables/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/debian-iptables/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/json-extractor.py
View File

@ -1,6 +1,6 @@
#!/usr/bin/env python
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

6
build/kube-dns/Changelog
View File

@ -3,3 +3,9 @@
## Version 1.3 (Fri June 3 2016 Prashanth.B <beeps@google.com>)
- Fixed SRV record lookup (issue #26116)
## Version 1.4 (Tue June 21 2016 Nikhil Jindal <nikhiljindal@google.com>)
- Initialising nodesStore (issue #27820)
## Version 1.5 (Thu June 23 2016 Nikhil Jindal <nikhiljindal@google.com>)
- Adding support to return local service (pr #27708)

2
build/kube-dns/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

6
build/kube-dns/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -17,12 +17,12 @@
# If you update this image please bump the tag value before pushing.
#
# Usage:
# [ARCH=amd64] [TAG=1.3] [REGISTRY=gcr.io/google_containers] [BASEIMAGE=busybox] make (container|push)
# [ARCH=amd64] [TAG=1.6] [REGISTRY=gcr.io/google_containers] [BASEIMAGE=busybox] make (container|push)
# Default registry, arch and tag. This can be overwritten by arguments to make
PLATFORM?=linux
ARCH?=amd64
TAG?=1.3
TAG?=1.6
REGISTRY?=gcr.io/google_containers
GOLANG_VERSION=1.6

2
build/make-build-image.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/make-clean.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/make-release-notes.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/pause/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/pause/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/pause/pause.c
View File

@ -1,5 +1,5 @@
/*
Copyright 2016 The Kubernetes Authors All rights reserved.
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

3
build/push-ci-build.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -31,6 +31,7 @@ KUBE_GCS_MAKE_PUBLIC='y'
KUBE_GCS_UPLOAD_RELEASE='y'
KUBE_GCS_DELETE_EXISTING='n'
: ${KUBE_GCS_RELEASE_BUCKET:='kubernetes-release'}
: ${KUBE_GCS_RELEASE_BUCKET_MIRROR:='kubernetes-release-dev'}
KUBE_GCS_RELEASE_PREFIX="ci/${LATEST}"
KUBE_GCS_PUBLISH_VERSION="${LATEST}"

2
build/push-devel-build.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/push-federation-images.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/push-official-release.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/release.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/run.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/shell.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/util.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
build/versionize-docs.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/addon-manager/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

12
cluster/addons/addon-manager/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -15,26 +15,26 @@
IMAGE=gcr.io/google-containers/kube-addon-manager
ARCH?=amd64
TEMP_DIR:=$(shell mktemp -d)
VERSION=v3
VERSION=v5
# amd64 and arm has "stable" binaries pushed for v1.2, arm64 and ppc64le hasn't so they have to fetch the latest alpha
# however, arm64 and ppc64le are very experimental right now, so it's okay
ifeq ($(ARCH),amd64)
KUBECTL_VERSION?=v1.2.4
KUBECTL_VERSION?=v1.3.0-beta.2
BASEIMAGE?=python:2.7-slim
endif
ifeq ($(ARCH),arm)
KUBECTL_VERSION?=v1.2.4
KUBECTL_VERSION?=v1.3.0-beta.2
BASEIMAGE?=hypriot/rpi-python:2.7
QEMUARCH=arm
endif
ifeq ($(ARCH),arm64)
KUBECTL_VERSION?=v1.3.0-beta.0
KUBECTL_VERSION?=v1.3.0-beta.2
BASEIMAGE?=aarch64/python:2.7-slim
QEMUARCH=aarch64
endif
ifeq ($(ARCH),ppc64le)
KUBECTL_VERSION?=v1.3.0-alpha.4
KUBECTL_VERSION?=v1.3.0-beta.2
BASEIMAGE?=ppc64le/python:2.7-slim
QEMUARCH=ppc64le
endif

3
cluster/addons/addon-manager/kube-addon-update.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -477,6 +477,7 @@ function update-addons() {
reconcile-objects ${addon_path} ReplicationController "-" &
reconcile-objects ${addon_path} Deployment "-" &
reconcile-objects ${addon_path} DaemonSet "-" &
reconcile-objects ${addon_path} PetSet "-" &
# We don't expect names to be versioned for the following kinds, so
# we match the entire name, ignoring version suffix.

4
cluster/addons/addon-manager/kube-addons.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -19,7 +19,7 @@
# managed result is of that. Start everything below that directory.
KUBECTL=${KUBECTL_BIN:-/usr/local/bin/kubectl}
ADDON_CHECK_INTERVAL_SEC=${TEST_ADDON_CHECK_INTERVAL_SEC:-10}
ADDON_CHECK_INTERVAL_SEC=${TEST_ADDON_CHECK_INTERVAL_SEC:-60}
SYSTEM_NAMESPACE=kube-system
trusty_master=${TRUSTY_MASTER:-false}

15
cluster/addons/cluster-monitoring/influxdb/influxdb-claim.yaml Normal file
View File

@ -0,0 +1,15 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: influxdb-claim
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
volumeName: influxdb-pv

12
cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml → cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-petset.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
kind: ReplicationController
apiVersion: apps/v1alpha1
kind: PetSet
metadata:
name: monitoring-influxdb-grafana-v3
namespace: kube-system
@ -9,9 +9,6 @@ metadata:
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
selector:
k8s-app: influxGrafana
version: v3
template:
metadata:
labels:
@ -68,7 +65,8 @@ spec:
mountPath: /var
volumes:
- name: influxdb-persistent-storage
emptyDir: {}
persistentVolumeClaim:
claimName: influxdb-claim
- name: grafana-persistent-storage
emptyDir: {}
serviceName: monitoring-influxdb

20
cluster/addons/cluster-monitoring/influxdb/influxdb-pv.yaml Normal file
View File

@ -0,0 +1,20 @@
{% set pd_prefix = pillar.get('master_name', '') -%}
{% set pd_name = pd_prefix + '-influxdb-pd') -%}
kind: PersistentVolume
apiVersion: v1
metadata:
name: influxdb-pv
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
- ReadOnlyMany
gcePersistentDisk:
pdName: {{ pd_name }}
fsType: ext4
persistentVolumeReclaimPolicy: Delete

8
cluster/addons/dashboard/dashboard-controller.yaml
View File

@ -2,11 +2,11 @@
apiVersion: v1
kind: ReplicationController
metadata:
name: kubernetes-dashboard-v1.1.0-beta3
name: kubernetes-dashboard-v1.1.0
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
version: v1.1.0-beta3
version: v1.1.0
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
@ -16,12 +16,12 @@ spec:
metadata:
labels:
k8s-app: kubernetes-dashboard
version: v1.1.0-beta3
version: v1.1.0
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: kubernetes-dashboard
image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.1.0-beta3
image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.1.0
resources:
# keep request = limit to keep this container in guaranteed class
limits:

2
cluster/addons/fluentd-elasticsearch/es-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/es-image/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

15
cluster/addons/fluentd-elasticsearch/es-image/elasticsearch_logging_discovery.go
View File

@ -1,5 +1,5 @@
/*
Copyright 2015 The Kubernetes Authors All rights reserved.
Copyright 2015 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -19,6 +19,7 @@ package main
import (
"flag"
"fmt"
"os"
"strings"
"time"
@ -45,12 +46,20 @@ func main() {
if err != nil {
glog.Fatalf("Failed to make client: %v", err)
}
namespace := api.NamespaceSystem
envNamespace := os.Getenv("NAMESPACE")
if envNamespace != "" {
if _, err := c.Namespaces().Get(envNamespace); err != nil {
glog.Fatalf("%s namespace doesn't exist: %v", envNamespace, err)
}
namespace = envNamespace
}
var elasticsearch *api.Service
// Look for endpoints associated with the Elasticsearch loggging service.
// First wait for the service to become available.
for t := time.Now(); time.Since(t) < 5*time.Minute; time.Sleep(10 * time.Second) {
elasticsearch, err = c.Services(api.NamespaceSystem).Get("elasticsearch-logging")
elasticsearch, err = c.Services(namespace).Get("elasticsearch-logging")
if err == nil {
break
}
@ -67,7 +76,7 @@ func main() {
// Wait for some endpoints.
count := 0
for t := time.Now(); time.Since(t) < 5*time.Minute; time.Sleep(10 * time.Second) {
endpoints, err = c.Endpoints(api.NamespaceSystem).Get("elasticsearch-logging")
endpoints, err = c.Endpoints(namespace).Get("elasticsearch-logging")
if err != nil {
continue
}

2
cluster/addons/fluentd-elasticsearch/es-image/run.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/fluentd-es-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/fluentd-es-image/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/kibana-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/kibana-image/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/fluentd-elasticsearch/kibana-image/run.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

19
cluster/addons/fluentd-gcp/fluentd-gcp-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -18,9 +18,9 @@
# Logging API. This configuration assumes that the host performning
# the collection is a VM that has been created with a logging.write
# scope and that the Logging API has been enabled for the project
# in the Google Developer Console.
# in the Google Developer Console.
FROM ubuntu:14.04
FROM ubuntu:16.04
MAINTAINER Alex Robinson "arob@google.com"
# Disable prompts from apt.
@ -30,17 +30,24 @@ ENV DO_NOT_INSTALL_CATCH_ALL_CONFIG true
RUN apt-get -q update && \
apt-get install -y curl && \
apt-get install -y gcc && \
apt-get install -y make && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
curl -s https://dl.google.com/cloudagents/install-logging-agent.sh | bash
# Install the record reformer plugin.
RUN /usr/sbin/google-fluentd-gem install fluent-plugin-record-reformer
# Install the record reformer and systemd plugins.
RUN /usr/sbin/google-fluentd-gem install fluent-plugin-record-reformer -v 0.8.1
RUN /usr/sbin/google-fluentd-gem install fluent-plugin-systemd -v 0.0.3
# Remove the misleading log file that gets generated when the agent is installed
RUN rm -rf /var/log/google-fluentd
# Copy the Fluentd configuration file for logging Docker container logs.
# Copy the Fluentd configuration files for logging Docker container logs.
# Either configuration file can be used by specifying `-c <file>` as a command
# line argument.
COPY google-fluentd.conf /etc/google-fluentd/google-fluentd.conf
COPY google-fluentd-journal.conf /etc/google-fluentd/google-fluentd-journal.conf
# Start Fluentd to pick up our config that watches Docker container logs.
CMD /usr/sbin/google-fluentd "$FLUENTD_ARGS"

4
cluster/addons/fluentd-gcp/fluentd-gcp-image/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -28,7 +28,7 @@
.PHONY: kbuild kpush
TAG = 1.20
TAG = 1.21
# Rules for building the test image for deployment to Dockerhub with user kubernetes.

249
cluster/addons/fluentd-gcp/fluentd-gcp-image/google-fluentd-journal.conf Normal file
View File

@ -0,0 +1,249 @@
# This configuration file for Fluentd / td-agent is used
# to watch changes to Docker log files that live in the
# directory /var/lib/docker/containers/ and are symbolically
# linked to from the /var/log directory using names that capture the
# pod name and container name. These logs are then submitted to
# Google Cloud Logging which assumes the installation of the cloud-logging plug-in.
#
# This configuration is almost identical to google-fluentd.conf, with the one
# difference being that this collects systemd journal logs.
#
# Example
# =======
# A line in the Docker log file might like like this JSON:
#
# {"log":"2014/09/25 21:15:03 Got request with path wombat\n",
# "stream":"stderr",
# "time":"2014-09-25T21:15:03.499185026Z"}
#
# The record reformer is used to write the tag to focus on the pod name
# and the Kubernetes container name. For example a Docker container's logs
# might be in the directory:
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b
# and in the file:
# 997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
# where 997599971ee6... is the Docker ID of the running container.
# The Kubernetes kubelet makes a symbolic link to this file on the host machine
# in the /var/log/containers directory which includes the pod name and the Kubernetes
# container name:
# synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
# ->
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
# The /var/log directory on the host is mapped to the /var/log directory in the container
# running this instance of Fluentd and we end up collecting the file:
# /var/log/containers/synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
# This results in the tag:
# var.log.containers.synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
# The record reformer is used is discard the var.log.containers prefix and
# the Docker container ID suffix and "kubernetes." is pre-pended giving the
# final tag which is ingested into Elasticsearch:
# kubernetes.synthetic-logger-0.25lps-pod_default-synth-lgr
# This makes it easier for users to search for logs by pod name or by
# the name of the Kubernetes container regardless of how many times the
# Kubernetes pod has been restarted (resulting in a several Docker container IDs).
# Do not directly collect fluentd's own logs to avoid infinite loops.
<match fluent.**>
type null
</match>
# Example:
# {"log":"[info:2016-02-16T16:04:05.930-08:00] Some log text here\n","stream":"stdout","time":"2016-02-17T00:04:05.931087621Z"}
<source>
type tail
format json
time_key time
path /var/log/containers/*.log
pos_file /var/log/gcp-containers.log.pos
time_format %Y-%m-%dT%H:%M:%S.%NZ
tag reform.*
read_from_head true
</source>
<match reform.**>
type record_reformer
enable_ruby true
tag kubernetes.${tag_suffix[4].split('-')[0..-2].join('-')}
</match>
# Example:
# 2015-12-21 23:17:22,066 [salt.state ][INFO ] Completed state [net.ipv4.ip_forward] at time 23:17:22.066081
<source>
type tail
format /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
time_format %Y-%m-%d %H:%M:%S
path /var/log/salt/minion
pos_file /var/log/gcp-salt.pos
tag salt
</source>
# Example:
# Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
<source>
type tail
format syslog
path /var/log/startupscript.log
pos_file /var/log/gcp-startupscript.log.pos
tag startupscript
</source>
# Examples:
# time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
# time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
<source>
type tail
format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
time_format %Y-%m-%dT%H:%M:%S.%NZ
path /var/log/docker.log
pos_file /var/log/gcp-docker.log.pos
tag docker
</source>
# Example:
# 2016/02/04 06:52:38 filePurge: successfully removed file /var/etcd/data/member/wal/00000000000006d0-00000000010a23d1.wal
<source>
type tail
# Not parsing this, because it doesn't have anything particularly useful to
# parse out of it (like severities).
format none
path /var/log/etcd.log
pos_file /var/log/gcp-etcd.log.pos
tag etcd
</source>
# Multi-line parsing is required for all the kube logs because very large log
# statements, such as those that include entire object bodies, get split into
# multiple lines by glog.
# Example:
# I0204 07:32:30.020537 3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/kubelet.log
pos_file /var/log/gcp-kubelet.log.pos
tag kubelet
</source>
# Example:
# I0204 07:00:19.604280 5 handlers.go:131] GET /api/v1/nodes: (1.624207ms) 200 [[kube-controller-manager/v1.1.3 (linux/amd64) kubernetes/6a81b50] 127.0.0.1:38266]
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/kube-apiserver.log
pos_file /var/log/gcp-kube-apiserver.log.pos
tag kube-apiserver
</source>
# Example:
# I0204 06:55:31.872680 5 servicecontroller.go:277] LB already exists and doesn't need update for service kube-system/kube-ui
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/kube-controller-manager.log
pos_file /var/log/gcp-kube-controller-manager.log.pos
tag kube-controller-manager
</source>
# Example:
# W0204 06:49:18.239674 7 reflector.go:245] pkg/scheduler/factory/factory.go:193: watch of *api.Service ended with: 401: The event in requested index is outdated and cleared (the requested history has been cleared [2578313/2577886]) [2579312]
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/kube-scheduler.log
pos_file /var/log/gcp-kube-scheduler.log.pos
tag kube-scheduler
</source>
# Example:
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/glbc.log
pos_file /var/log/gcp-glbc.log.pos
tag glbc
</source>
# Example:
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
<source>
type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
time_format %m%d %H:%M:%S.%N
path /var/log/cluster-autoscaler.log
pos_file /var/log/gcp-cluster-autoscaler.log.pos
tag cluster-autoscaler
</source>
# Logs from systemd-journal for interesting services.
<source>
type systemd
filters [{ "_SYSTEMD_UNIT": "docker.service" }]
pos_file /var/log/gcp-journald-docker.pos
read_from_head true
tag docker
</source>
<source>
type systemd
filters [{ "_SYSTEMD_UNIT": "kubelet.service" }]
pos_file /var/log/gcp-journald-kubelet.pos
read_from_head true
tag kubelet
</source>
# We use 2 output stanzas - one to handle the container logs and one to handle
# the node daemon logs, the latter of which explicitly sends its logs to the
# compute.googleapis.com service rather than container.googleapis.com to keep
# them separate since most users don't care about the node logs.
<match kubernetes.**>
type google_cloud
# Set the chunk limit conservatively to avoid exceeding the GCL limit
# of 10MiB per write request.
buffer_chunk_limit 2M
# Cap the combined memory usage of this buffer and the one below to
# 2MiB/chunk * (24 + 8) chunks = 64 MiB
buffer_queue_limit 24
# Never wait more than 5 seconds before flushing logs in the non-error case.
flush_interval 5s
# Never wait longer than 30 seconds between retries.
max_retry_wait 30
# Disable the limit on the number of retries (retry forever).
disable_retry_limit
</match>
# Keep a smaller buffer here since these logs are less important than the user's
# container logs.
<match **>
type google_cloud
detect_subservice false
buffer_chunk_limit 2M
buffer_queue_limit 8
flush_interval 5s
max_retry_wait 30
disable_retry_limit
</match>

4
cluster/addons/fluentd-gcp/fluentd-gcp-image/google-fluentd.conf
View File

@ -5,6 +5,10 @@
# pod name and container name. These logs are then submitted to
# Google Cloud Logging which assumes the installation of the cloud-logging plug-in.
#
# This configuration is almost identical to google-fluentd-journal.conf, with
# the one difference being that this doesn't try to collect systemd journal
# logs.
#
# Example
# =======
# A line in the Docker log file might like like this JSON:

7
cluster/addons/gci/README.md Normal file
View File

@ -0,0 +1,7 @@
Some addons need to be configured slightly differently when running on the
Google ContainerVM Image (GCI). This directory serves as a place to store yaml
manifests that need to differ slightly from the ones under
`cluster/saltbase/salt`.
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/gci/README.md?pixel)]()

53
cluster/addons/gci/fluentd-gcp.yaml Normal file
View File

@ -0,0 +1,53 @@
# This config should be kept as similar as possible to the one at
# cluster/saltbase/salt/fluentd-gcp/fluentd-gcp.yaml
apiVersion: v1
kind: Pod
metadata:
name: fluentd-cloud-logging
namespace: kube-system
labels:
k8s-app: fluentd-logging
spec:
dnsPolicy: Default
containers:
- name: fluentd-cloud-logging
image: gcr.io/google_containers/fluentd-gcp:1.21
command:
- '/bin/sh'
- '-c'
# This is pretty hacky, but ruby relies on libsystemd's native code, and
# the ubuntu:16.04 libsystemd doesn't play nice with the journal on GCI
# hosts. Work around the problem by copying in the host's libsystemd.
- 'rm /lib/x86_64-linux-gnu/libsystemd* && cp /host/lib/libsystemd* /lib/x86_64-linux-gnu/ && /usr/sbin/google-fluentd -q -c /etc/google-fluentd/google-fluentd-journal.conf'
resources:
limits:
memory: 200Mi
requests:
# Any change here should be accompanied by a proportional change in CPU
# requests of other per-node add-ons (e.g. kube-proxy).
cpu: 80m
memory: 200Mi
volumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
- name: journaldir
mountPath: /var/log/journal
- name: libsystemddir
mountPath: /host/lib
terminationGracePeriodSeconds: 30
volumes:
- name: varlog
hostPath:
path: /var/log
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
- name: journaldir
hostPath:
path: /var/log/journal
- name: libsystemddir
hostPath:
path: /usr/lib64

2
cluster/addons/python-image/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/python-image/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/registry/images/Dockerfile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/registry/images/Makefile
View File

@ -1,4 +1,4 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/addons/registry/images/run_proxy.sh
View File

@ -1,5 +1,5 @@
#!/usr/bin/env bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/aws/common/common.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

3
cluster/aws/config-default.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -66,6 +66,7 @@ EXTRA_DOCKER_OPTS="${EXTRA_DOCKER_OPTS:-}"
INSTANCE_PREFIX="${KUBE_AWS_INSTANCE_PREFIX:-kubernetes}"
CLUSTER_ID=${INSTANCE_PREFIX}
AWS_SSH_KEY=${AWS_SSH_KEY:-$HOME/.ssh/kube_aws_rsa}
CONFIG_CONTEXT="${KUBE_CONFIG_CONTEXT:-aws_${INSTANCE_PREFIX}}"
IAM_PROFILE_MASTER="kubernetes-master"
IAM_PROFILE_NODE="kubernetes-minion"

3
cluster/aws/config-test.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -52,6 +52,7 @@ DOCKER_STORAGE=${DOCKER_STORAGE:-aufs}
EXTRA_DOCKER_OPTS="${EXTRA_DOCKER_OPTS:-}"
INSTANCE_PREFIX="${KUBE_AWS_INSTANCE_PREFIX:-e2e-test-${USER}}"
CONFIG_CONTEXT="${KUBE_CONFIG_CONTEXT:-aws_${INSTANCE_PREFIX}}"
CLUSTER_ID=${INSTANCE_PREFIX}
AWS_SSH_KEY=${AWS_SSH_KEY:-$HOME/.ssh/kube_aws_rsa}
IAM_PROFILE_MASTER="kubernetes-master"

2
cluster/aws/jessie/util.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/aws/templates/configure-vm-aws.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/aws/templates/format-disks.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

28
cluster/aws/util.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -535,22 +535,24 @@ function ensure-master-ip {
fi
}
# Creates a new DHCP option set configured correctly for Kubernetes
# Creates a new DHCP option set configured correctly for Kubernetes when DHCP_OPTION_SET_ID is not specified
# Sets DHCP_OPTION_SET_ID
function create-dhcp-option-set () {
case "${AWS_REGION}" in
us-east-1)
OPTION_SET_DOMAIN=ec2.internal
;;
if [[ -z ${DHCP_OPTION_SET_ID-} ]]; then
case "${AWS_REGION}" in
us-east-1)
OPTION_SET_DOMAIN=ec2.internal
;;
*)
OPTION_SET_DOMAIN="${AWS_REGION}.compute.internal"
esac
*)
OPTION_SET_DOMAIN="${AWS_REGION}.compute.internal"
esac
DHCP_OPTION_SET_ID=$($AWS_CMD create-dhcp-options --dhcp-configuration Key=domain-name,Values=${OPTION_SET_DOMAIN} Key=domain-name-servers,Values=AmazonProvidedDNS --query DhcpOptions.DhcpOptionsId)
DHCP_OPTION_SET_ID=$($AWS_CMD create-dhcp-options --dhcp-configuration Key=domain-name,Values=${OPTION_SET_DOMAIN} Key=domain-name-servers,Values=AmazonProvidedDNS --query DhcpOptions.DhcpOptionsId)
add-tag ${DHCP_OPTION_SET_ID} Name kubernetes-dhcp-option-set
add-tag ${DHCP_OPTION_SET_ID} KubernetesCluster ${CLUSTER_ID}
add-tag ${DHCP_OPTION_SET_ID} Name kubernetes-dhcp-option-set
add-tag ${DHCP_OPTION_SET_ID} KubernetesCluster ${CLUSTER_ID}
fi
$AWS_CMD associate-dhcp-options --dhcp-options-id ${DHCP_OPTION_SET_ID} --vpc-id ${VPC_ID} > $LOG
@ -1224,7 +1226,7 @@ function build-config() {
export KUBE_CERT="${CERT_DIR}/pki/issued/kubecfg.crt"
export KUBE_KEY="${CERT_DIR}/pki/private/kubecfg.key"
export CA_CERT="${CERT_DIR}/pki/ca.crt"
export CONTEXT="aws_${INSTANCE_PREFIX}"
export CONTEXT="${CONFIG_CONTEXT}"
(
umask 077

2
cluster/aws/wily/util.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/azure-legacy/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
_deployments
config-real.sh

60
cluster/azure-legacy/config-default.sh Normal file
View File

@ -0,0 +1,60 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
INSTANCE_PREFIX=kubernetes
AZ_LOCATION='West US'
TAG=testing
AZ_CS_PREFIX=kube
AZ_VNET=${AZ_VNET:-MyVnet}
AZ_SUBNET=${AZ_SUBNET:-Subnet-1}
AZ_IMAGE=b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_1-LTS-amd64-server-20140927-en-us-30GB
AZ_CS="" # is set in azure-legacy/util.sh verify-prereqs
AZ_SSH_KEY=$HOME/.ssh/azure_rsa
AZ_SSH_CERT=$HOME/.ssh/azure.pem
NUM_MINIONS=${NUM_MINIONS:-4}
MASTER_SIZE='Medium'
MINION_SIZE='Medium'
MASTER_NAME="${INSTANCE_PREFIX}-master"
MASTER_TAG="${INSTANCE_PREFIX}-master"
MINION_TAG="${INSTANCE_PREFIX}-minion"
MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${NUM_MINIONS}}))
MINION_IP_RANGES=($(eval echo "10.244.{1..${NUM_MINIONS}}.0/24"))
MINION_SCOPES=""
SERVICE_CLUSTER_IP_RANGE="10.244.244.0/16" # formerly PORTAL_NET
# Optional: Install node logging
ENABLE_NODE_LOGGING=false
LOGGING_DESTINATION=elasticsearch # options: elasticsearch, gcp
# Optional: When set to true, Elasticsearch and Kibana will be setup as part of the cluster bring up.
ENABLE_CLUSTER_LOGGING=false
ELASTICSEARCH_LOGGING_REPLICAS=1
# Optional: Cluster monitoring to setup as part of the cluster bring up:
# none - No cluster monitoring setup
# influxdb - Heapster, InfluxDB, and Grafana
# google - Heapster, Google Cloud Monitoring, and Google Cloud Logging
ENABLE_CLUSTER_MONITORING="${KUBE_ENABLE_CLUSTER_MONITORING:-influxdb}"
# Optional: Install Kubernetes UI
ENABLE_CLUSTER_UI="${KUBE_ENABLE_CLUSTER_UI:-true}"
# Admission Controllers to invoke prior to persisting objects in cluster
ADMISSION_CONTROL=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota

58
cluster/azure-legacy/templates/common.sh Normal file
View File

@ -0,0 +1,58 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Retry a download until we get it.
#
# $1 is the URL to download
download-or-bust() {
local -r url="$1"
local -r file="${url##*/}"
rm -f "$file"
until [[ -e "${file}" ]]; do
curl --ipv4 -Lo "$file" --connect-timeout 20 --retry 6 --retry-delay 10 "$url"
md5sum "$file"
done
}
# Install salt from GCS. See README.md for instructions on how to update these
# debs.
#
# $1 If set to --master, also install the master
install-salt() {
apt-get update
mkdir -p /var/cache/salt-install
cd /var/cache/salt-install
TARS=(
libzmq3_3.2.3+dfsg-1~bpo70~dst+1_amd64.deb
python-zmq_13.1.0-1~bpo70~dst+1_amd64.deb
salt-common_2014.1.13+ds-1~bpo70+1_all.deb
salt-minion_2014.1.13+ds-1~bpo70+1_all.deb
)
if [[ ${1-} == '--master' ]]; then
TARS+=(salt-master_2014.1.13+ds-1~bpo70+1_all.deb)
fi
URL_BASE="https://storage.googleapis.com/kubernetes-release/salt"
for tar in "${TARS[@]}"; do
download-or-bust "${URL_BASE}/${tar}"
dpkg -i "${tar}"
done
# This will install any of the unmet dependencies from above.
apt-get install -f -y
}

30
cluster/azure-legacy/templates/create-dynamic-salt-files.sh Normal file
View File

@ -0,0 +1,30 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Create the overlay files for the salt tree. We create these in a separate
# place so that we can blow away the rest of the salt configs on a kube-push and
# re-apply these.
mkdir -p /srv/salt-overlay/pillar
cat <<EOF >/srv/salt-overlay/pillar/cluster-params.sls
instance_prefix: '$(echo "$INSTANCE_PREFIX" | sed -e "s/'/''/g")'
node_instance_prefix: $NODE_INSTANCE_PREFIX
service_cluster_ip_range: $SERVICE_CLUSTER_IP_RANGE
admission_control: '$(echo "$ADMISSION_CONTROL" | sed -e "s/'/''/g")'
EOF
mkdir -p /srv/salt-overlay/salt/nginx
echo $MASTER_HTPASSWD > /srv/salt-overlay/salt/nginx/htpasswd

77
cluster/azure-legacy/templates/create-kubeconfig.sh Normal file
View File

@ -0,0 +1,77 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Create the kube config file for kubelet and kube-proxy in minions.
# password and username required
function create-salt-kubelet-auth() {
local -r kubelet_kubeconfig_file="/srv/salt-overlay/salt/kubelet/kubeconfig"
mkdir -p /srv/salt-overlay/salt/kubelet
(umask 077;
cat > "${kubelet_kubeconfig_file}" <<EOF
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://${KUBE_MASTER_IP}
name: azure_kubernetes
contexts:
- context:
cluster: azure_kubernetes
user: kubelet
name: azure_kubernetes
current-context: azure_kubernetes
kind: Config
preferences: {}
users:
- name: kubelet
user:
password: ${KUBE_PASSWORD}
username: ${KUBE_USER}
EOF
)
}
function create-salt-kube-proxy-auth() {
local -r kube_proxy_kubeconfig_file="/srv/salt-overlay/salt/kube-proxy/kubeconfig"
mkdir -p /srv/salt-overlay/salt/kube-proxy
(umask 077;
cat > "${kubelet_kubeconfig_file}" <<EOF
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://${KUBE_MASTER_IP}
name: azure_kubernetes
contexts:
- context:
cluster: azure_kubernetes
user: kube-proxy
name: azure_kubernetes
current-context: azure_kubernetes
kind: Config
preferences: {}
users:
- name: kube-proxy
user:
password: ${KUBE_PASSWORD}
username: ${KUBE_USER}
EOF
)
}
create-salt-kubelet-auth
create-salt-kube-proxy-auth

35
cluster/azure-legacy/templates/download-release.sh Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Download and install release
# This script assumes that the environment variable MASTER_RELEASE_TAR contains
# the release tar to download and unpack. It is meant to be pushed to the
# master and run.
echo "Downloading binary release tar ($SERVER_BINARY_TAR_URL)"
download-or-bust "$SERVER_BINARY_TAR_URL"
echo "Downloading binary release tar ($SALT_TAR_URL)"
download-or-bust "$SALT_TAR_URL"
echo "Unpacking Salt tree"
rm -rf kubernetes
tar xzf "${SALT_TAR_URL##*/}"
echo "Running release install script"
sudo kubernetes/saltbase/install.sh "${SERVER_BINARY_TAR_URL##*/}"

92
cluster/azure-legacy/templates/salt-master.sh Normal file
View File

@ -0,0 +1,92 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-master
cloud: azure-legacy
EOF
# Helper that sets a salt grain in grains.conf, if the upper-cased key is a non-empty env
function env_to_salt {
local key=$1
local env_key=`echo $key | tr '[:lower:]' '[:upper:]'`
local value=${!env_key}
if [[ -n "${value}" ]]; then
# Note this is yaml, so indentation matters
cat <<EOF >>/etc/salt/minion.d/grains.conf
${key}: '$(echo "${value}" | sed -e "s/'/''/g")'
EOF
fi
}
env_to_salt docker_opts
env_to_salt docker_root
env_to_salt kubelet_root
env_to_salt master_extra_sans
env_to_salt runtime_config
# Auto accept all keys from minions that try to join
mkdir -p /etc/salt/master.d
cat <<EOF >/etc/salt/master.d/auto-accept.conf
auto_accept: True
EOF
cat <<EOF >/etc/salt/master.d/reactor.conf
# React to new minions starting by running highstate on them.
reactor:
- 'salt/minion/*/start':
- /srv/reactor/highstate-new.sls
EOF
mkdir -p /srv/salt/nginx
echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
mkdir -p /etc/openvpn
umask=$(umask)
umask 0066
echo "$CA_CRT" > /etc/openvpn/ca.crt
echo "$SERVER_CRT" > /etc/openvpn/server.crt
echo "$SERVER_KEY" > /etc/openvpn/server.key
umask $umask
cat <<EOF >/etc/salt/minion.d/log-level-debug.conf
log_level: debug
log_level_logfile: debug
EOF
cat <<EOF >/etc/salt/master.d/log-level-debug.conf
log_level: debug
log_level_logfile: debug
EOF
echo "Sleep 150 to wait minion to be up"
sleep 150
install-salt --master
# Wait a few minutes and trigger another Salt run to better recover from
# any transient errors.
echo "Sleeping 180"
sleep 180
salt-call state.highstate || true

75
cluster/azure-legacy/templates/salt-minion.sh Normal file
View File

@ -0,0 +1,75 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
mkdir -p /etc/openvpn
umask=$(umask)
umask 0066
echo "$CA_CRT" > /etc/openvpn/ca.crt
echo "$CLIENT_CRT" > /etc/openvpn/client.crt
echo "$CLIENT_KEY" > /etc/openvpn/client.key
umask $umask
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
cat <<EOF >/etc/salt/minion.d/log-level-debug.conf
log_level: debug
log_level_logfile: debug
EOF
hostnamef=$(uname -n)
apt-get install -y ipcalc
netmask=$(ipcalc $MINION_IP_RANGE | grep Netmask | awk '{ print $2 }')
network=$(ipcalc $MINION_IP_RANGE | grep Address | awk '{ print $2 }')
cbrstring="$network $netmask"
# Our minions will have a pool role to distinguish them from the master.
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-pool
cbr-cidr: $MINION_IP_RANGE
cloud: azure-legacy
hostnamef: $hostnamef
cbr-string: $cbrstring
EOF
if [[ -n "${DOCKER_OPTS}" ]]; then
cat <<EOF >>/etc/salt/minion.d/grains.conf
docker_opts: '$(echo "$DOCKER_OPTS" | sed -e "s/'/''/g")'
EOF
fi
if [[ -n "${DOCKER_ROOT}" ]]; then
cat <<EOF >>/etc/salt/minion.d/grains.conf
docker_root: '$(echo "$DOCKER_ROOT" | sed -e "s/'/''/g")'
EOF
fi
if [[ -n "${KUBELET_ROOT}" ]]; then
cat <<EOF >>/etc/salt/minion.d/grains.conf
kubelet_root: '$(echo "$KUBELET_ROOT" | sed -e "s/'/''/g")'
EOF
fi
install-salt
# Wait a few minutes and trigger another Salt run to better recover from
# any transient errors.
echo "Sleeping 180"
sleep 180
salt-call state.highstate || true

551
cluster/azure-legacy/util.sh Normal file
View File

@ -0,0 +1,551 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A library of helper functions and constant for the local config.
# Use the config file specified in $KUBE_CONFIG_FILE, or default to
# config-default.sh.
set -e
SOURCE="${BASH_SOURCE[0]}"
while [ -h "$SOURCE" ]; do
DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
SOURCE="$(readlink "$SOURCE")"
[[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE"
done
DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../..
source "${KUBE_ROOT}/cluster/azure-legacy/${KUBE_CONFIG_FILE-"config-default.sh"}"
source "${KUBE_ROOT}/cluster/common.sh"
function prepare-e2e() {
# (e2e script runs detect-project, I don't think we need to anything)
# Note: we can't print anything here, or else the test tools will break with the extra output
return
}
function azure_call {
local -a params=()
local param
# the '... in "$@"' is implicit on a for, so doesn't need to be stated.
for param; do
params+=("${param}")
done
local rc=0
local stderr
local count=0
while [[ count -lt 10 ]]; do
stderr=$(azure "${params[@]}" 2>&1 >&3) && break
rc=$?
if [[ "${stderr}" != *"getaddrinfo ENOTFOUND"* ]]; then
break
fi
count=$(($count + 1))
done 3>&1
if [[ "${rc}" -ne 0 ]]; then
echo "${stderr}" >&2
return "${rc}"
fi
}
function json_val () {
python -c 'import json,sys;obj=json.load(sys.stdin);print obj'$1'';
}
# Verify prereqs
function verify-prereqs {
if [[ -z "$(which azure)" ]]; then
echo "Couldn't find azure in PATH"
echo " please install with 'npm install azure-cli'"
exit 1
fi
if [[ -z "$(azure_call account list | grep true)" ]]; then
echo "Default azure account not set"
echo " please set with 'azure account set'"
exit 1
fi
account=$(azure_call account list | grep true)
if which md5 > /dev/null 2>&1; then
AZ_HSH=$(md5 -q -s "$account")
else
AZ_HSH=$(echo -n "$account" | md5sum)
fi
AZ_HSH=${AZ_HSH:0:7}
AZ_STG=kube$AZ_HSH
echo "==> AZ_STG: $AZ_STG"
AZ_CS="$AZ_CS_PREFIX-$AZ_HSH"
echo "==> AZ_CS: $AZ_CS"
CONTAINER=kube-$TAG
echo "==> CONTAINER: $CONTAINER"
}
# Create a temp dir that'll be deleted at the end of this bash session.
#
# Vars set:
# KUBE_TEMP
function ensure-temp-dir {
if [[ -z ${KUBE_TEMP-} ]]; then
KUBE_TEMP=$(mktemp -d -t kubernetes.XXXXXX)
trap 'rm -rf "${KUBE_TEMP}"' EXIT
fi
}
# Take the local tar files and upload them to Azure Storage. They will then be
# downloaded by the master as part of the start up script for the master.
#
# Assumed vars:
# SERVER_BINARY_TAR
# SALT_TAR
# Vars set:
# SERVER_BINARY_TAR_URL
# SALT_TAR_URL
function upload-server-tars() {
SERVER_BINARY_TAR_URL=
SALT_TAR_URL=
echo "==> SERVER_BINARY_TAR: $SERVER_BINARY_TAR"
echo "==> SALT_TAR: $SALT_TAR"
echo "+++ Staging server tars to Azure Storage: $AZ_STG"
local server_binary_url="${SERVER_BINARY_TAR##*/}"
local salt_url="${SALT_TAR##*/}"
SERVER_BINARY_TAR_URL="https://${AZ_STG}.blob.core.windows.net/$CONTAINER/$server_binary_url"
SALT_TAR_URL="https://${AZ_STG}.blob.core.windows.net/$CONTAINER/$salt_url"
echo "==> SERVER_BINARY_TAR_URL: $SERVER_BINARY_TAR_URL"
echo "==> SALT_TAR_URL: $SALT_TAR_URL"
echo "--> Checking storage exists..."
if [[ -z "$(azure_call storage account show $AZ_STG 2>/dev/null | \
grep data)" ]]; then
echo "--> Creating storage..."
azure_call storage account create -l "$AZ_LOCATION" $AZ_STG --type LRS
fi
echo "--> Getting storage key..."
stg_key=$(azure_call storage account keys list $AZ_STG --json | \
json_val '["primaryKey"]')
echo "--> Checking storage container exists..."
if [[ -z "$(azure_call storage container show -a $AZ_STG -k "$stg_key" \
$CONTAINER 2>/dev/null | grep data)" ]]; then
echo "--> Creating storage container..."
azure_call storage container create \
-a $AZ_STG \
-k "$stg_key" \
-p Blob \
$CONTAINER
fi
echo "--> Checking server binary exists in the container..."
if [[ -n "$(azure_call storage blob show -a $AZ_STG -k "$stg_key" \
$CONTAINER $server_binary_url 2>/dev/null | grep data)" ]]; then
echo "--> Deleting server binary in the container..."
azure_call storage blob delete \
-a $AZ_STG \
-k "$stg_key" \
$CONTAINER \
$server_binary_url
fi
echo "--> Uploading server binary to the container..."
azure_call storage blob upload \
-a $AZ_STG \
-k "$stg_key" \
$SERVER_BINARY_TAR \
$CONTAINER \
$server_binary_url
echo "--> Checking salt data exists in the container..."
if [[ -n "$(azure_call storage blob show -a $AZ_STG -k "$stg_key" \
$CONTAINER $salt_url 2>/dev/null | grep data)" ]]; then
echo "--> Deleting salt data in the container..."
azure_call storage blob delete \
-a $AZ_STG \
-k "$stg_key" \
$CONTAINER \
$salt_url
fi
echo "--> Uploading salt data to the container..."
azure_call storage blob upload \
-a $AZ_STG \
-k "$stg_key" \
$SALT_TAR \
$CONTAINER \
$salt_url
}
# Detect the information about the minions
#
# Assumed vars:
# MINION_NAMES
# ZONE
# Vars set:
#
function detect-minions () {
if [[ -z "$AZ_CS" ]]; then
verify-prereqs-local
fi
ssh_ports=($(eval echo "2200{1..$NUM_MINIONS}"))
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
MINION_NAMES[$i]=$(ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net hostname -f)
done
}
# Detect the IP for the master
#
# Assumed vars:
# MASTER_NAME
# ZONE
# Vars set:
# KUBE_MASTER
# KUBE_MASTER_IP
function detect-master () {
if [[ -z "$AZ_CS" ]]; then
verify-prereqs-local
fi
KUBE_MASTER=${MASTER_NAME}
KUBE_MASTER_IP="${AZ_CS}.cloudapp.net"
echo "Using master: $KUBE_MASTER (external IP: $KUBE_MASTER_IP)"
}
# Instantiate a kubernetes cluster
#
# Assumed vars
# KUBE_ROOT
# <Various vars set in config file>
function kube-up {
# Make sure we have the tar files staged on Azure Storage
find-release-tars
upload-server-tars
ensure-temp-dir
gen-kube-basicauth
python "${KUBE_ROOT}/third_party/htpasswd/htpasswd.py" \
-b -c "${KUBE_TEMP}/htpasswd" "$KUBE_USER" "$KUBE_PASSWORD"
local htpasswd
htpasswd=$(cat "${KUBE_TEMP}/htpasswd")
# Generate openvpn certs
echo "--> Generating openvpn certs"
echo 01 > ${KUBE_TEMP}/ca.srl
openssl genrsa -out ${KUBE_TEMP}/ca.key
openssl req -new -x509 -days 1095 \
-key ${KUBE_TEMP}/ca.key \
-out ${KUBE_TEMP}/ca.crt \
-subj "/CN=openvpn-ca"
openssl genrsa -out ${KUBE_TEMP}/server.key
openssl req -new \
-key ${KUBE_TEMP}/server.key \
-out ${KUBE_TEMP}/server.csr \
-subj "/CN=server"
openssl x509 -req -days 1095 \
-in ${KUBE_TEMP}/server.csr \
-CA ${KUBE_TEMP}/ca.crt \
-CAkey ${KUBE_TEMP}/ca.key \
-CAserial ${KUBE_TEMP}/ca.srl \
-out ${KUBE_TEMP}/server.crt
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
openssl genrsa -out ${KUBE_TEMP}/${MINION_NAMES[$i]}.key
openssl req -new \
-key ${KUBE_TEMP}/${MINION_NAMES[$i]}.key \
-out ${KUBE_TEMP}/${MINION_NAMES[$i]}.csr \
-subj "/CN=${MINION_NAMES[$i]}"
openssl x509 -req -days 1095 \
-in ${KUBE_TEMP}/${MINION_NAMES[$i]}.csr \
-CA ${KUBE_TEMP}/ca.crt \
-CAkey ${KUBE_TEMP}/ca.key \
-CAserial ${KUBE_TEMP}/ca.srl \
-out ${KUBE_TEMP}/${MINION_NAMES[$i]}.crt
done
KUBE_MASTER_IP="${AZ_CS}.cloudapp.net"
# Build up start up script for master
echo "--> Building up start up script for master"
(
echo "#!/bin/bash"
echo "CA_CRT=\"$(cat ${KUBE_TEMP}/ca.crt)\""
echo "SERVER_CRT=\"$(cat ${KUBE_TEMP}/server.crt)\""
echo "SERVER_KEY=\"$(cat ${KUBE_TEMP}/server.key)\""
echo "mkdir -p /var/cache/kubernetes-install"
echo "cd /var/cache/kubernetes-install"
echo "readonly MASTER_NAME='${MASTER_NAME}'"
echo "readonly INSTANCE_PREFIX='${INSTANCE_PREFIX}'"
echo "readonly NODE_INSTANCE_PREFIX='${INSTANCE_PREFIX}-minion'"
echo "readonly SERVER_BINARY_TAR_URL='${SERVER_BINARY_TAR_URL}'"
echo "readonly SALT_TAR_URL='${SALT_TAR_URL}'"
echo "readonly MASTER_HTPASSWD='${htpasswd}'"
echo "readonly SERVICE_CLUSTER_IP_RANGE='${SERVICE_CLUSTER_IP_RANGE}'"
echo "readonly ADMISSION_CONTROL='${ADMISSION_CONTROL:-}'"
echo "readonly KUBE_USER='${KUBE_USER}'"
echo "readonly KUBE_PASSWORD='${KUBE_PASSWORD}'"
echo "readonly KUBE_MASTER_IP='${KUBE_MASTER_IP}'"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/common.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/create-dynamic-salt-files.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/create-kubeconfig.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/download-release.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/salt-master.sh"
) > "${KUBE_TEMP}/master-start.sh"
if [[ ! -f $AZ_SSH_KEY ]]; then
ssh-keygen -f $AZ_SSH_KEY -N ''
fi
if [[ ! -f $AZ_SSH_CERT ]]; then
openssl req -new -x509 -days 1095 -key $AZ_SSH_KEY -out $AZ_SSH_CERT \
-subj "/CN=azure-ssh-key"
fi
if [[ -z "$(azure_call network vnet show "$AZ_VNET" 2>/dev/null | grep data)" ]]; then
echo error create vnet $AZ_VNET with subnet $AZ_SUBNET
exit 1
fi
echo "--> Starting VM"
azure_call vm create \
-z "$MASTER_SIZE" \
-w "$AZ_VNET" \
-n $MASTER_NAME \
-l "$AZ_LOCATION" \
-t $AZ_SSH_CERT \
-e 22000 -P \
-d ${KUBE_TEMP}/master-start.sh \
-b $AZ_SUBNET \
$AZ_CS $AZ_IMAGE $USER
ssh_ports=($(eval echo "2200{1..$NUM_MINIONS}"))
#Build up start up script for minions
echo "--> Building up start up script for minions"
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
(
echo "#!/bin/bash"
echo "MASTER_NAME='${MASTER_NAME}'"
echo "CA_CRT=\"$(cat ${KUBE_TEMP}/ca.crt)\""
echo "CLIENT_CRT=\"$(cat ${KUBE_TEMP}/${MINION_NAMES[$i]}.crt)\""
echo "CLIENT_KEY=\"$(cat ${KUBE_TEMP}/${MINION_NAMES[$i]}.key)\""
echo "MINION_IP_RANGE='${MINION_IP_RANGES[$i]}'"
echo "readonly KUBE_USER='${KUBE_USER}'"
echo "readonly KUBE_PASSWORD='${KUBE_PASSWORD}'"
echo "readonly KUBE_MASTER_IP='${KUBE_MASTER_IP}'"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/common.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/create-kubeconfig.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/azure-legacy/templates/salt-minion.sh"
) > "${KUBE_TEMP}/minion-start-${i}.sh"
echo "--> Starting VM"
azure_call vm create \
-z "$MINION_SIZE" \
-c -w "$AZ_VNET" \
-n ${MINION_NAMES[$i]} \
-l "$AZ_LOCATION" \
-t $AZ_SSH_CERT \
-e ${ssh_ports[$i]} -P \
-d ${KUBE_TEMP}/minion-start-${i}.sh \
-b $AZ_SUBNET \
$AZ_CS $AZ_IMAGE $USER
done
echo "--> Creating endpoint"
azure_call vm endpoint create $MASTER_NAME 443
detect-master > /dev/null
echo "==> KUBE_MASTER_IP: ${KUBE_MASTER_IP}"
echo "Waiting for cluster initialization."
echo
echo " This will continually check to see if the API for kubernetes is reachable."
echo " This might loop forever if there was some uncaught error during start"
echo " up."
echo
until curl --insecure --user "${KUBE_USER}:${KUBE_PASSWORD}" --max-time 5 \
--fail --output /dev/null --silent "https://${KUBE_MASTER_IP}/healthz"; do
printf "."
sleep 2
done
printf "\n"
echo "Kubernetes cluster created."
export CONTEXT="azure_${INSTANCE_PREFIX}"
create-kubeconfig
export KUBE_CERT="/tmp/$RANDOM-kubecfg.crt"
export KUBE_KEY="/tmp/$RANDOM-kubecfg.key"
export CA_CERT="/tmp/$RANDOM-kubernetes.ca.crt"
# TODO: generate ADMIN (and KUBELET) tokens and put those in the master's
# config file. Distribute the same way the htpasswd is done.
(umask 077
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p 22000 $AZ_CS.cloudapp.net \
sudo cat /srv/kubernetes/kubecfg.crt >"${KUBE_CERT}" 2>/dev/null
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p 22000 $AZ_CS.cloudapp.net \
sudo cat /srv/kubernetes/kubecfg.key >"${KUBE_KEY}" 2>/dev/null
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p 22000 $AZ_CS.cloudapp.net \
sudo cat /srv/kubernetes/ca.crt >"${CA_CERT}" 2>/dev/null
)
echo "Sanity checking cluster..."
echo
echo " This will continually check the minions to ensure docker is"
echo " installed. This is usually a good indicator that salt has"
echo " successfully provisioned. This might loop forever if there was"
echo " some uncaught error during start up."
echo
# Basic sanity checking
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
# Make sure docker is installed
echo "--> Making sure docker is installed on ${MINION_NAMES[$i]}."
until ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} \
$AZ_CS.cloudapp.net which docker > /dev/null 2>&1; do
printf "."
sleep 2
done
done
sleep 60
KUBECONFIG_NAME="kubeconfig"
KUBECONFIG="${HOME}/.kube/config"
echo "Distributing kubeconfig for kubelet to master kubelet"
scp -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -P 22000 ${KUBECONFIG} \
$AZ_CS.cloudapp.net:${KUBECONFIG_NAME}
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p 22000 $AZ_CS.cloudapp.net \
sudo cp ${KUBECONFIG_NAME} /var/lib/kubelet/${KUBECONFIG_NAME}
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p 22000 $AZ_CS.cloudapp.net \
sudo service kubelet restart
echo "Distributing kubeconfig for kubelet to all minions"
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
scp -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -P ${ssh_ports[$i]} ${KUBECONFIG} \
$AZ_CS.cloudapp.net:${KUBECONFIG_NAME}
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net \
sudo cp ${KUBECONFIG_NAME} /var/lib/kubelet/${KUBECONFIG_NAME}
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net \
sudo cp ${KUBECONFIG_NAME} /var/lib/kube-proxy/${KUBECONFIG_NAME}
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net \
sudo service kubelet restart
ssh -oStrictHostKeyChecking=no -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net \
sudo killall kube-proxy
done
# ensures KUBECONFIG is set
get-kubeconfig-basicauth
echo
echo "Kubernetes cluster is running. The master is running at:"
echo
echo " https://${KUBE_MASTER_IP}"
echo
echo "The user name and password to use is located in ${KUBECONFIG}."
echo
}
# Delete a kubernetes cluster
function kube-down {
echo "Bringing down cluster"
set +e
azure_call vm delete $MASTER_NAME -b -q
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
azure_call vm delete ${MINION_NAMES[$i]} -b -q
done
wait
}
# Update a kubernetes cluster with latest source
#function kube-push {
# detect-project
# detect-master
# Make sure we have the tar files staged on Azure Storage
# find-release-tars
# upload-server-tars
# (
# echo "#! /bin/bash"
# echo "mkdir -p /var/cache/kubernetes-install"
# echo "cd /var/cache/kubernetes-install"
# echo "readonly SERVER_BINARY_TAR_URL='${SERVER_BINARY_TAR_URL}'"
# echo "readonly SALT_TAR_URL='${SALT_TAR_URL}'"
# grep -v "^#" "${KUBE_ROOT}/cluster/azure/templates/common.sh"
# grep -v "^#" "${KUBE_ROOT}/cluster/azure/templates/download-release.sh"
# echo "echo Executing configuration"
# echo "sudo salt '*' mine.update"
# echo "sudo salt --force-color '*' state.highstate"
# ) | gcutil ssh --project "$PROJECT" --zone "$ZONE" "$KUBE_MASTER" sudo bash
# get-kubeconfig-basicauth
# echo
# echo "Kubernetes cluster is running. The master is running at:"
# echo
# echo " https://${KUBE_MASTER_IP}"
# echo
# echo "The user name and password to use is located in ${KUBECONFIG:-$DEFAULT_KUBECONFIG}."
# echo
#}
# -----------------------------------------------------------------------------
# Cluster specific test helpers used from hack/e2e-test.sh
# Execute prior to running tests to build a release if required for env.
#
# Assumed Vars:
# KUBE_ROOT
function test-build-release {
# Make a release
"${KUBE_ROOT}/build/release.sh"
}
# SSH to a node by name ($1) and run a command ($2).
function ssh-to-node {
local node="$1"
local cmd="$2"
ssh --ssh_arg "-o LogLevel=quiet" "${node}" "${cmd}"
}
# Restart the kube-proxy on a node ($1)
function restart-kube-proxy {
ssh-to-node "$1" "sudo /etc/init.d/kube-proxy restart"
}
# Restart the kube-proxy on the master ($1)
function restart-apiserver {
ssh-to-node "$1" "sudo /etc/init.d/kube-apiserver restart"
}
function test-setup {
"${KUBE_ROOT}/cluster/kube-up.sh"
}
function test-teardown {
"${KUBE_ROOT}/cluster/kube-down.sh"
}

2
cluster/azure/config-default.sh
View File

@ -1,6 +1,6 @@
#!/usr/bin/env bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/azure/util.sh
View File

@ -1,6 +1,6 @@
#!/usr/bin/env bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/build.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/config-build.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/config-default.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/config-test.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2016 The Kubernetes Authors All rights reserved.
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/master/scripts/apiserver.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/master/scripts/controller-manager.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/master/scripts/etcd.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/master/scripts/scheduler.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/bin/mk-docker-opts.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/bin/remove-docker0.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/scripts/docker.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/scripts/flannel.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/scripts/kubelet.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/node/scripts/proxy.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2014 The Kubernetes Authors All rights reserved.
# Copyright 2014 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
cluster/centos/util.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

55
cluster/common.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2015 The Kubernetes Authors All rights reserved.
# Copyright 2015 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -31,12 +31,14 @@ source "${KUBE_ROOT}/cluster/lib/logging.sh"
# NOTE This must match the version_regex in build/common.sh
# kube::release::parse_and_validate_release_version()
KUBE_RELEASE_VERSION_REGEX="^v(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(-(beta|alpha)\\.(0|[1-9][0-9]*))?$"
KUBE_RELEASE_VERSION_DASHED_REGEX="v(0|[1-9][0-9]*)-(0|[1-9][0-9]*)-(0|[1-9][0-9]*)(-(beta|alpha)-(0|[1-9][0-9]*))?"
# KUBE_CI_VERSION_REGEX matches things like "v1.2.3-alpha.4.56+abcdefg" This
#
# NOTE This must match the version_regex in build/common.sh
# kube::release::parse_and_validate_ci_version()
KUBE_CI_VERSION_REGEX="^v(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)-(beta|alpha)\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*)\\+[-0-9a-z]*)?$"
KUBE_CI_VERSION_DASHED_REGEX="^v(0|[1-9][0-9]*)-(0|[1-9][0-9]*)-(0|[1-9][0-9]*)-(beta|alpha)-(0|[1-9][0-9]*)(-(0|[1-9][0-9]*)\\+[-0-9a-z]*)?"
# Generate kubeconfig data for the created cluster.
# Assumed vars:
@ -290,7 +292,7 @@ function detect-master-from-kubeconfig() {
# Sets KUBE_VERSION variable to the proper version number (e.g. "v1.0.6",
# "v1.2.0-alpha.1.881+376438b69c7612") or a version' publication of the form
# <bucket>/<version> (e.g. "release/stable",' "ci/latest-1").
# <path>/<version> (e.g. "release/stable",' "ci/latest-1").
#
# See the docs on getting builds for more information about version
# publication.
@ -301,7 +303,12 @@ function detect-master-from-kubeconfig() {
# KUBE_VERSION
function set_binary_version() {
if [[ "${1}" =~ "/" ]]; then
KUBE_VERSION=$(gsutil cat gs://kubernetes-release/${1}.txt)
IFS='/' read -a path <<< "${1}"
if [[ "${path[0]}" == "release" ]]; then
KUBE_VERSION=$(gsutil cat "gs://kubernetes-release/${1}.txt")
else
KUBE_VERSION=$(gsutil cat "gs://kubernetes-release-dev/${1}.txt")
fi
else
KUBE_VERSION=${1}
fi
@ -332,8 +339,8 @@ function tars_from_version() {
KUBE_MANIFESTS_TAR_URL="${SERVER_BINARY_TAR_URL/server-linux-amd64/manifests}"
KUBE_MANIFESTS_TAR_HASH=$(curl ${KUBE_MANIFESTS_TAR_URL} | sha1sum | awk '{print $1}')
elif [[ ${KUBE_VERSION} =~ ${KUBE_CI_VERSION_REGEX} ]]; then
SERVER_BINARY_TAR_URL="https://storage.googleapis.com/kubernetes-release/ci/${KUBE_VERSION}/kubernetes-server-linux-amd64.tar.gz"
SALT_TAR_URL="https://storage.googleapis.com/kubernetes-release/ci/${KUBE_VERSION}/kubernetes-salt.tar.gz"
SERVER_BINARY_TAR_URL="https://storage.googleapis.com/kubernetes-release-dev/ci/${KUBE_VERSION}/kubernetes-server-linux-amd64.tar.gz"
SALT_TAR_URL="https://storage.googleapis.com/kubernetes-release-dev/ci/${KUBE_VERSION}/kubernetes-salt.tar.gz"
# TODO: Clean this up.
KUBE_MANIFESTS_TAR_URL="${SERVER_BINARY_TAR_URL/server-linux-amd64/manifests}"
KUBE_MANIFESTS_TAR_HASH=$(curl ${KUBE_MANIFESTS_TAR_URL} | sha1sum | awk '{print $1}')
@ -473,8 +480,19 @@ function yaml-quote {
# Builds the RUNTIME_CONFIG var from other feature enable options (such as
# features in alpha)
function build-runtime-config() {
# There is nothing to do here for now. Just using this function as a placeholder.
:
# If a policy provider is specified, enable NetworkPolicy API.
if [[ -n "${NETWORK_POLICY_PROVIDER}" ]]; then
appends="extensions/v1beta1=true,extensions/v1beta1/networkpolicies=true"
fi
# Generate the RUNTIME_CONFIG.
if [[ -n ${appends} ]]; then
if [[ -n ${RUNTIME_CONFIG} ]]; then
RUNTIME_CONFIG="${RUNTIME_CONFIG},${appends}"
else
RUNTIME_CONFIG="${appends}"
fi
fi
}
# Writes the cluster name into a temporary file.
@ -551,6 +569,7 @@ HAIRPIN_MODE: $(yaml-quote ${HAIRPIN_MODE:-})
OPENCONTRAIL_TAG: $(yaml-quote ${OPENCONTRAIL_TAG:-})
OPENCONTRAIL_KUBERNETES_TAG: $(yaml-quote ${OPENCONTRAIL_KUBERNETES_TAG:-})
OPENCONTRAIL_PUBLIC_SUBNET: $(yaml-quote ${OPENCONTRAIL_PUBLIC_SUBNET:-})
NETWORK_POLICY_PROVIDER: $(yaml-quote ${NETWORK_POLICY_PROVIDER:-})
E2E_STORAGE_TEST_ENVIRONMENT: $(yaml-quote ${E2E_STORAGE_TEST_ENVIRONMENT:-})
KUBE_IMAGE_TAG: $(yaml-quote ${KUBE_IMAGE_TAG:-})
KUBE_DOCKER_REGISTRY: $(yaml-quote ${KUBE_DOCKER_REGISTRY:-})
@ -696,6 +715,28 @@ EOF
cat >>$file <<EOF
ENABLE_CLUSTER_AUTOSCALER: $(yaml-quote ${ENABLE_CLUSTER_AUTOSCALER})
AUTOSCALER_MIG_CONFIG: $(yaml-quote ${AUTOSCALER_MIG_CONFIG})
EOF
fi
# Federation specific environment variables.
if [[ -n "${FEDERATION:-}" ]]; then
cat >>$file <<EOF
FEDERATION: $(yaml-quote ${FEDERATION})
EOF
fi
if [ -n "${FEDERATIONS_DOMAIN_MAP:-}" ]; then
cat >>$file <<EOF
FEDERATIONS_DOMAIN_MAP: $(yaml-quote ${FEDERATIONS_DOMAIN_MAP})
EOF
fi
if [ -n "${FEDERATION_NAME:-}" ]; then
cat >>$file <<EOF
FEDERATION_NAME: $(yaml-quote ${FEDERATION_NAME})
EOF
fi
if [ -n "${DNS_ZONE_NAME:-}" ]; then
cat >>$file <<EOF
DNS_ZONE_NAME: $(yaml-quote ${DNS_ZONE_NAME})
EOF
fi
}

Some files were not shown because too many files have changed in this diff Show More