github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
45,956 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

22 Commits (2ac23cd46a248b722dfef985d09e4826771270cf)

Author SHA1 Message Date
Kubernetes Submit Queue 4159cb57b6 Merge pull request #42835 from deads2k/server-01-remove-insecure 
Automatic merge from submit-queue (batch tested with PRs 42835, 42974)

remove legacy insecure port options from genericapiserver

The insecure port has been a source of problems and it will prevent proper aggregation into a cluster, so the genericapiserver has no need for it.  In addition, there's no reason for it to be in the main kube-apiserver flow either.  This pull removes it from genericapiserver and removes it from the shared kube-apiserver code.  It's still wired up in the command, but its no longer possible for someone to mess up and start using in mainline code.

@kubernetes/sig-api-machinery-misc @ncdc
 2017-03-27 17:00:21 -07:00
deads2k cd29754680 move legacy insecure options out of the main flow 2017-03-27 14:07:54 -04:00
deads2k 3414231672 proxy to IP instead of name, but still use host verification 2017-03-27 12:33:03 -04:00
deads2k 8e26fa25da wire in aggregation 2017-03-27 09:44:10 -04:00
deads2k b27de102cb add local option to APIService 2017-03-13 10:10:50 -04:00
Maru Newby 82dc083016 test/integration: Make localPort reusable as FindFreeLocalPort 2017-03-08 06:32:10 -08:00
deads2k 037f51ae89 get fresh ports on startup failure for integration test 2017-03-01 14:45:21 -05:00
deads2k 3d039f60cf allow incluster authentication info lookup 2017-02-28 13:29:59 -05:00
deads2k 5cfe26dece add aggregation integration test 2017-02-28 08:42:06 -05:00
Aaron Crickenberger b367f33bc2 Allow `make test-integration` to pass on OSX 
`/var/run` is not world-writable on my OSX 10.11.x setup, so tests that
standup a secure apiserver fail with the default cert dir.  Use a
tempdir instead.
 2017-02-16 12:14:40 -08:00
deads2k 7cb5463b26 create sample-apiserver repo for people to inspect 2017-02-08 10:35:29 -05:00
deads2k 6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Jeff Grafton 20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
Mike Danese c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
Clayton Coleman 5df8cc39c9
refactor: generated 2016-12-03 19:10:46 -05:00
deads2k 56b7a8b02b remove some options from mega-struct 2016-11-29 10:59:43 -05:00
deads2k 18074d7606 split insecure serving options 2016-11-29 10:59:42 -05:00
deads2k a08f3ba521 split secure serving options 2016-11-29 10:59:42 -05:00
Dr. Stefan Schimanski d0b3981f07 Make GenericApiServer.Run interruptable and fail on first listen 2016-11-01 09:50:56 +01:00
Chao Xu 850729bfaf include multiple versions in clientset 
update client-gen to use the term "internalversion" rather than "unversioned";
leave internal one unqualified;
cleanup client-gen
 2016-10-29 13:30:47 -07:00
Davanum Srinivas 25d4a70827 Allow secure access to apiserver from Admission Controllers 
* Allow options.InsecurePort to be set to 0 to switch off insecure access
* In NewSelfClient, Set the TLSClientConfig to the cert and key files
  if InsecurePort is switched off
* Mint a bearer token that allows the client(s) created in NewSelfClient
  to talk to the api server
* Add a new authenticator that checks for this specific bearer token

Fixes #13598
 2016-09-20 10:42:21 -04:00
Timothy St. Clair d6606a6aa9 etcd3 validation showed that several unit tests that depend on apiserver being fully 
stood up should be integration tests, not unit tests.
 2016-08-18 14:12:24 -05:00