github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,389 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

514 Commits (5f021cfc3e424c73b82064829f650f84d7abbccd)

Author SHA1 Message Date
Brendan Burns c29f5db81c Revert "Revert "Add optional validation to kubecfg/kubectl."" 
This reverts commit 6590c66dd4.
 2014-12-09 12:37:48 -08:00
Jordan Liggitt 09ba404fb7 x509 request authenticator 2014-12-09 09:34:16 -05:00
Abhishek Gupta 6b712cc700 Scheduler changes for extensibility 2014-12-08 14:47:05 -08:00
Mike Danese 722abf1a95 - make cadvisor port configurable on the kubelet. 
- added cadvisor port documentation.
 2014-12-06 09:48:08 -08:00
Daniel Smith 24a1497d5c reenable update test 2014-12-04 15:13:11 -08:00
Daniel Smith 7d9a721852 Merge pull request #2736 from erictune/register_race 
Fix race that drops the first event on restart.
 2014-12-02 22:57:55 -08:00
Eric Tune 0c2a4302f5 Fix race that drops the first event on restart. 
RegisterHandlers was called after the listening for events had already begun.
So, there was a race where sometimes the first update would, with the
initial state, would notify an empty list of listeners.
This showed up in services.sh e2e test as empty service and endpoint maps
after the test step which restarts the kube-proxy.

Perhaps due to timing, this doesn't show up with etcd source, but does
show up with apiserver as a source.  A separate PR makes APIserver
the source as a default, and depends on this.

This took me several days to debug.
 2014-12-02 22:04:45 -08:00
Daniel Smith c3f03e556f Merge pull request #2704 from brendandburns/e2e 
e2e for "important URLs"
 2014-12-02 17:53:46 -08:00
Brendan Burns bf9d4a483d Merge pull request #2717 from erictune/event_e2e_flake 
Fix e2e failure of events test.
 2014-12-02 11:33:48 -08:00
Eric Tune a7718054a8 Fix e2e failure of events test. 2014-12-02 11:20:23 -08:00
Brendan Burns d43343db5e Add a test for important URLs on the apiserver. 2014-12-02 11:08:31 -08:00
Daniel Smith d927031aec Merge pull request #2705 from brendandburns/fix 
Fix a logic error in the events e2e test.
 2014-12-02 10:49:26 -08:00
Brendan Burns 92e8ebcb55 Fix a logic error in the events e2e test. 2014-12-01 22:40:00 -08:00
Brendan Burns 993ef88eec Merge pull request #2689 from brendandburns/standalone 
Refactor kubelet, standalone k8s and integration test to all use the same code.
 2014-12-01 21:53:41 -08:00
Brendan Burns 203e76020e Add a test for important URLs. 2014-12-01 15:54:30 -08:00
Brendan Burns d47b510104 Refactor kubelet, standalone k8s and integration test to all use the same code. 2014-12-01 15:37:21 -08:00
deads2k 2dbfb80349 add utility for binding flags and building api server clients 2014-11-26 07:50:51 -05:00
Joe Beda 6590c66dd4 Revert "Add optional validation to kubecfg/kubectl." 
This reverts commit acf6d82800.
 2014-11-25 14:45:00 -08:00
Clayton Coleman a67912f937 Merge pull request #2517 from brendandburns/kubecfg 
Add client side validation to kubecfg and kubectl.
 2014-11-25 13:46:52 -06:00
Brendan Burns acf6d82800 Add optional validation to kubecfg/kubectl. 2014-11-24 22:25:22 -08:00
Joe Beda a25d865f06 Merge pull request #2555 from erictune/cleanup4 
Do not use nginx image in e2e test
 2014-11-24 08:49:59 -08:00
Brendan Burns 4b2a5cdb11 Merge pull request #2520 from mikedanese/proxy-healthz 
add health check to kube-proxy
 2014-11-24 08:44:33 -08:00
Brendan Burns 428cbcd799 Merge pull request #2531 from jbeda/32bit-fix 
Fix 32bit build
 2014-11-24 08:43:43 -08:00
Eric Tune b67b359a1b Do not use nginx image in e2e test 2014-11-23 09:22:45 -08:00
Mike Danese 5bda95f9fe added healthz check to the proxy with configurable port 2014-11-23 09:07:19 -08:00
Joe Beda e5b988393d Fix 32bit build 2014-11-21 14:58:17 -08:00
markturansky 8159c8fd25 Refactor PodCondition to PodPhase 2014-11-21 15:28:38 -05:00
Tim Hockin ea960711ff Clean up error logs. 
Use %v for errors, tidy some messages, make error messages start lowe-case
(as per go guidelines).  Just accumulated nits.
 2014-11-21 09:45:26 +08:00
Jordan Liggitt c895331277 Make master take authenticator.Request interface instead of tokenfile 2014-11-19 15:07:51 -05:00
Clayton Coleman 1c524607d8 Merge pull request #2097 from markturansky/v1beta3_podrefactor 
Refactor internal API for Pods to match v1beta3
 2014-11-18 15:28:58 -05:00
Eric Tune 057d78e471 Treat unset KUBERNETES_PROVIDER as gce. 
Should fix jenkins failure.
 2014-11-18 10:13:45 -08:00
markturansky 8af4ccb111 v1beta3 Pod refactor 2014-11-18 09:25:42 -05:00
Eric Tune 4dbdfd7935 Only test events on GCE. 2014-11-18 00:23:41 -08:00
Eric Tune 46dcacfa93 Kubelet talks securely to apiserver. 
Configure apiserver to serve Securely on port 6443.
Generate token for kubelets during master VM startup.
Put token into file apiserver can get and another file the kubelets can get.
Added e2e test.
 2014-11-18 00:23:41 -08:00
Brendan Burns cea52d7e4f Merge pull request #2409 from mattmoor/master 
Implements a credentialprovider library for use by DockerPuller.
 2014-11-17 21:53:25 -08:00
Matt Moore 0c5d9ed0d2 Implements a credentialprovider library for use by DockerPuller. 
This change refactors the way Kubelet's DockerPuller handles the docker config credentials to utilize a new credentialprovider library.

The credentialprovider library is based on several of the files from the Kubelet's dockertools directory, but supports a new pluggable model for retrieving a .dockercfg-compatible JSON blob with credentials.

With this change, the Kubelet will lazily ask for the docker config from a set of DockerConfigProvider extensions each time it needs a credential.

This change provides common implementations of DockerConfigProvider for:
 - "Default": load .dockercfg from disk
 - "Caching": wraps another provider in a cache that expires after a pre-specified lifetime.

GCP-only:
 - "google-dockercfg": reads a .dockercfg from a GCE instance's metadata
 - "google-dockercfg-url": reads a .dockercfg from a URL specified in a GCE instance's metadata.
 - "google-container-registry": reads an access token from GCE metadata into a password field.
 2014-11-17 21:46:54 -08:00
Joe Beda 66d287f7e4 Merge branch 'rename-to-kube' of https://github.com/eparis/kubernetes into eparis-rename-to-kube 
* 'rename-to-kube' of https://github.com/eparis/kubernetes:
  rename kube server binaries to kube-

Conflicts:
	docs/salt.md
 2014-11-17 09:52:10 -08:00
Victor Marmol 6908c9ca4a Merge pull request #2407 from eparis/cadvisor-0.5.0 
Cadvisor 0.5.0
 2014-11-17 08:53:36 -08:00
Eric Paris 630acf221c alias cadvisor/client to cadvisor 
cadvisor 0.5.0 changes the package from cadvisor to client.  Which of
course conflicts with our own client.  Alias it back to cadvisor.
 2014-11-16 21:44:34 -05:00
Daniel Smith c412540cf2 Remove confusing function; add TODO and explanation for (nonfatal) error message in integration test. 2014-11-14 17:16:05 -08:00
Eric Tune c770e70495 Factor to function. 2014-11-14 14:09:51 -08:00
Eric Tune 6430250ce8 Send events from kubelet. 
Accept argument specifying file with kubernetes_auth file.
Make an api client in kubelet.
Send events to apiserver.
 2014-11-14 13:37:20 -08:00
Clayton Coleman c95b8694d6 Merge pull request #2340 from erictune/refactor_kube_auth 
Refactor kube auth
 2014-11-14 14:10:53 -05:00
Eric Tune 0727219c83 New package defines .kubernetes_auth format. 
Refactored common code to that package.
Subsequent PRs will load and emit these files.
 2014-11-14 10:36:25 -08:00
Brendan Burns c2485a4056 Merge pull request #2147 from justinsb/ipv6 
Initial ipv6 / iptables work
 2014-11-14 10:34:37 -08:00
Daniel Smith 7df0f6d3bd Merge pull request #2343 from erictune/tokens_need_private_comms 
Use https when Insecure is selected.
 2014-11-14 09:51:59 -08:00
Eric Tune 5c24855349 Rename Secure -> TLS; we may use TLS insecurely. 2014-11-13 21:42:36 -08:00
Eric Paris a99c3c7963 rename kube server binaries to kube- 
apiserver becomes kube-apiserver
controller-manager -> kube-controller-manager
scheduler and proxy similarly.

Only thing I promise is that right now hack/build-go.sh and
build/release.sh exit with 0.  That's it.  Who knows if any of this
actually works....
 2014-11-13 20:08:26 -05:00
Daniel Smith 1be56fa91b Merge pull request #2279 from brendandburns/integration 
Added some etcd retries to try to work around some flakes we see in Travis
 2014-11-12 13:51:39 -08:00
Brendan Burns bcec212c37 Added some etcd retries to try to work around some flakes we see in Travis. 2014-11-12 12:59:19 -08:00
Daniel Smith 0348a67413 Merge pull request #2195 from smarterclayton/prepare_pod_template_v1beta3 
Allow an internal pod template reference or object
 2014-11-12 10:55:08 -08:00
Clayton Coleman d97f6cd0d8 Integration test was not decoding using api.Scheme 2014-11-11 17:03:20 -05:00
Clayton Coleman 94c873e7a4 Remaining refactor for PodTemplateSpec and fixing test cases 2014-11-11 17:03:20 -05:00
Brendan Burns ffcdb9dfb7 Fix build on 32 bit processors. 2014-11-11 09:51:45 -08:00
Dawn Chen 30fcf24131 Merge pull request #2121 from brendandburns/standalone 
Create a standalone k8s binary, capable of running a full cluster
 2014-11-10 22:04:28 -08:00
Daniel Smith c67083572b Merge pull request #2268 from erictune/kubelet_local_log_event 
Locally log kubelet events
 2014-11-10 15:57:07 -08:00
Daniel Smith 626eb2700e Merge pull request #2261 from erictune/aux_port 
Add a third port which has HTTPS and auth(n,z)
 2014-11-10 15:31:49 -08:00
Eric Tune 53f9d42ed3 Add a third port which has HTTPS and auth(n,z) 
It is disabled by default.
Document all the various and sundry (3) ports.
 2014-11-10 15:16:46 -08:00
Eric Tune c5d1782c00 Add local logging of kubelet events. 2014-11-10 13:57:13 -08:00
Eric Tune 08c8f2cde1 Record event of kubelet restart re: minion obj. 2014-11-10 13:46:48 -08:00
Brendan Burns 2c1221864d Make a standalone binary. 2014-11-10 13:34:11 -08:00
Daniel Smith 66d62229f6 Fix kubecfg -template to be versioned 2014-11-07 16:47:21 -08:00
Eric Tune c068b56919 Return InsecureHandler from master. 
Subsequent changes will make use of both
m.Handler and m.InsecureHandler for different ports.
 2014-11-06 09:11:31 -08:00
Eric Tune 6e81e8c896 Basic ACL file. 
Added function to read basic ACL from a CSV file.
Added implementation of Authorize based on that file's policies.
Added docs on authentication and authorization.
Added example file and tested it.
 2014-11-05 16:06:22 -08:00
Daniel Smith c163535563 Allow (delayed) apiserver starting when network interface isn't available immediately. 2014-11-05 12:07:33 -08:00
bgrant0607 fc0dab630c Merge pull request #2086 from markturansky/v1beta3_refactor 
Refactor internal API for Services to match v1beta3
 2014-11-04 21:48:02 -08:00
Daniel Smith e4dcd4a131 Merge pull request #2122 from erictune/moar_attribs 
Moar authorization attributes
 2014-11-04 13:17:47 -08:00
markturansky bd7643c033 refactor services to v1beta3 2014-11-04 14:23:53 -05:00
Clayton Coleman 09cfa364c5 Refactor Get and Describe to allow extension of types 
Get should use ResourceMapper, allow Printer to be abstracted,
and extract Describe as *Describer types.
 2014-11-04 10:44:56 -05:00
Eric Tune 1668c6f107 Authorization based on namespace, kind, readonly. 
Also, pass Authorizer into master.Config.
 2014-11-03 17:45:15 -08:00
Justin SB 9a053a4b59 Initial ipv6 / iptables work 2014-11-03 15:23:04 -08:00
Erik St. Martin f75f2bbc0f Fixes #1612 kubelet should fail to start if it cannot create rootDir 2014-11-03 14:44:46 -05:00
bgrant0607 2ab2911856 Merge pull request #2083 from lavalamp/eventing2 
Add events to kubecfg's list of resource types
 2014-10-31 13:40:58 -07:00
Eric Tune 55c2d6bbbb Add basic Authorization. 
Added basic interface for authorizer implementations.
Added default "authorize everything" and "authorize nothing
implementations.
Added authorization check immediately after authentication check.
Added an integration test of authorization at the HTTP level of
abstraction.
 2014-10-31 12:04:33 -07:00
Brendan Burns 893291d81d Merge pull request #1997 from ddysher/split-master 
Separate minion controller from master.
 2014-10-31 11:23:58 -07:00
Brendan Burns c6df93d76e Merge pull request #2082 from lavalamp/fix 
Fix self linking of objects returned in lists.
 2014-10-30 21:43:31 -07:00
Deyuan Deng 019b7fc74c Separate minion controller from master. 2014-10-30 20:24:15 -04:00
Clayton Coleman 41f0929384 Merge pull request #2044 from erictune/fix_mux 
Allocate mux in master.New()
 2014-10-30 20:15:57 -04:00
Daniel Smith b6dd5d4cff Add events to kubecfg's list of resource types (kubectl appears to be correct already) 2014-10-30 15:34:01 -07:00
Daniel Smith b28234fac6 Fix self linking of objects returned in lists. 2014-10-30 15:04:11 -07:00
Clayton Coleman 2c10dd85c3 Merge pull request #2047 from smarterclayton/make_request_testable 
Make client.Request/RESTClient more testable and fakeable
 2014-10-29 19:33:36 -04:00
Eric Tune 9713b58caa Allocate mux in master.New() 
Callsites no longer allocate a mux.
Master now exposes method to install handlers
which use the master's auth code.  Not used
but forks (openshift) are expected to use these
methods.  These methods will later be a point
for additional plug-in functionality.
Integration tests now use the master-provided
handler which has auth, rather than using the mux,
which didn't.  Fix TestWhoAmI now that /_whoami
sits behind auth.
 2014-10-29 14:31:07 -07:00
Daniel Smith 070c6c0440 Fix missing portalNets in tests once and for all by adding a default. 2014-10-29 12:27:35 -07:00
Daniel Smith a036ebc1be Switch models. No master election. 2014-10-29 11:38:45 -07:00
Daniel Smith 35bd8d4a11 Add e2e and integration tests. 2014-10-29 11:29:57 -07:00
Daniel Smith 7146ec9d49 Implement kubernetes & kubernetes-ro services 2014-10-29 11:29:28 -07:00
Clayton Coleman 71fecef6f6 Add test coverage and fix a few minor problems 2014-10-29 14:08:37 -04:00
Daniel Smith dca7363459 Serve API version list, test with an integration test. 2014-10-28 17:35:56 -07:00
Brendan Burns 51bf451932 Add container garbage collection. 2014-10-28 12:52:06 -07:00
bgrant0607 ddea4ff709 Merge pull request #1977 from lavalamp/fix4 
Start running e2e go tests. Disable broken test.
 2014-10-27 16:27:11 -07:00
Eric Tune 245585f364 Move handler setup: cmd/apiserver -> pkg/master 
Moved CORS handler setup and authorizer setup.
Will allow for integration test of authorization.
 2014-10-27 11:43:12 -07:00
Eric Tune 40a5ca034d Integration test on master, not just apiserver. 
Moved code from cmd/apiserver to pkg/master.

test/integration/client_test made to use a master object,
instead of an apiserver.Handle.

Subsequent PRs will move more handler-installation into
pkg/master, with the goal that every http.Handler of a
standalone apiserver process can also be tested
in a "testing"-style go test.

In particular, a subsequent PR will test
authorization.
 2014-10-27 09:14:58 -07:00
derekwaynecarr ce30b2657a Fix integration tests 2014-10-24 11:49:04 -04:00
derekwaynecarr 580cb5ea4f Rework client.Interface 2014-10-24 11:47:30 -04:00
Clayton Coleman 644eb70085 Refactor tests to split ObjectMeta from TypeMeta 2014-10-24 11:22:21 -04:00
Daniel Smith 1e249be99d Start running e2e go tests. Disable broken test. 2014-10-23 16:13:46 -07:00
Clayton Coleman 3df1c2f29d Use meta.Interface and meta.Accessor 2014-10-23 18:01:25 -04:00
Clayton Coleman 1ccb86c760 Rename methods in api/meta to be cleaner 2014-10-22 22:59:12 -04:00
Clayton Coleman 64d98cba73 Move typemeta.go to api/meta/meta.go 
Prepares for the meta object to front multiple underlying types
when TypeMeta and ObjectMeta is split in internal and v1beta3, but
combined in v1beta1 and v1beta2
 2014-10-22 22:28:06 -04:00
Clayton Coleman dd8c49fc47 Merge pull request #1746 from hmrm/refactor-kubelet-access 
Refactor kubelet access and add SSL
 2014-10-22 19:44:43 -04:00
Daniel Smith 6ef6ff5bc5 Merge pull request #1893 from crhym3/fix-1149-req-body 
Replace custom ProxyServer (kubecfg/kubectl -proxy) with httputil.ReverseProxy
 2014-10-22 15:29:59 -07:00
Haney Maxwell 3160500940 Refactor kubelet access and add SSL 2014-10-22 14:53:59 -07:00
Clayton Coleman bb77a5d15f Rename ID -> Name 2014-10-22 15:00:26 -04:00
Clayton Coleman fa4e186e54 Merge pull request #1911 from erictune/token_client 
Handle auth files with BearerToken sections.
 2014-10-21 14:08:42 -04:00
alex fb2b15a797 Replace custom proxy with httputil.ReverseProxy for kubecfg/kubectl. 
Fixes #1149 - kubecfg proxy "411 Length Required" error on POST/PUT.
 2014-10-21 18:52:18 +01:00
Eric Tune 21dae01005 Handle auth files with BearerToken sections. 2014-10-20 17:02:03 -07:00
Tim Hockin e8686429c4 Merge pull request #1916 from lavalamp/fix 
Add read-only, rate limited endpoint
 2014-10-20 16:42:46 -07:00
Daniel Smith 9356ed7fe7 Add read-only, rate limited endpoint 2014-10-20 16:32:52 -07:00
Daniel Smith 82bbcee8d9 Move port definitions to their own package 2014-10-20 11:28:12 -07:00
derekwaynecarr 085ca40291 Enforce unique constraint at namespace boundary in etcd, make client and server namespace aware 2014-10-16 13:02:52 -04:00
Tim Hockin e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Eric Tune 6f577aa321 Merge pull request #1789 from lavalamp/eventing4 
Add event creation library and implement in scheduler.
 2014-10-15 15:55:26 -07:00
Sam Ghods 4b220f8b0a kubectl: kubecfg rewrite for better modularity and improved UX 2014-10-15 15:29:54 -07:00
Daniel Smith 595d4b4abd Merge pull request #1676 from anguslees/openstack-provider 
Add OpenStack cloud provider
 2014-10-15 12:05:33 -07:00
Daniel Smith d4c750a878 Fix vet-go.sh and some things it complained about 2014-10-15 11:56:19 -07:00
Daniel Smith 68a784439b Add event listing and printing to kubecfg 2014-10-15 11:42:06 -07:00
Angus Lees a8ab55b413 Add skeleton for new OpenStack cloud provider 2014-10-15 13:52:12 +11:00
Brendan Burns 8d38f8890e Add an e2e test in go. Also adjust validation logic a little to make it more reasonable. 
Not integrated into existing e2e yet.
 2014-10-14 16:43:00 -07:00
Tim Hockin 6820e068f1 Merge pull request #1700 from lavalamp/eventing2 
Add Event Registry/REST types
 2014-10-13 16:16:29 -07:00
Daniel Smith 8007614085 Remove untested and unused code 2014-10-13 16:06:44 -07:00
Daniel Smith 0431f2430d Use cache for minion lookups, don't hammer apiserver 2014-10-13 14:46:31 -07:00
Daniel Smith 15680731f7 Add event endpoint to apiserver 2014-10-10 15:47:34 -07:00
Daniel Smith a292d8c416 Merge pull request #1667 from hmrm/add-kubelet-disable-flags 
Allow disabling non-necessary kubelet and apiserver endpoints
 2014-10-10 13:38:11 -07:00
derekwaynecarr 9e60bf1e43 Pod cache needs to be namespace-aware 2014-10-10 09:35:31 -04:00
Haney Maxwell c0bf974871 Allow disabling non-necessary kubelet and apiserver endpoints 2014-10-09 16:49:27 -07:00
Brendan Burns 227311a05d Add URL opening to kubecfg. 2014-10-09 12:26:24 -07:00
Daniel Smith 1fc92bef53 Load cadvisor connection in background. 2014-10-08 17:06:41 -07:00
Daniel Smith 5d24820dd5 Merge pull request #1464 from hmrm/add-etcd-config 
Allow etcd config file to be passed to apiserver, kubelet, and proxy
 2014-10-08 16:29:46 -07:00
Clayton Coleman 82bcdd3b3b Make ResourceVersion a string internally instead of uint64 
Allows us to define different watch versioning regimes in the future
as well as to encode information with the resource version.

This changes /watch/resources?resourceVersion=3 to start the watch at
4 instead of 3, which means clients can read a resource version and
then send it back to the server. Clients should no longer do math on
resource versions.
 2014-10-07 19:00:26 -04:00
Haney Maxwell 4d87159eda Allow etcd config file to be passed to apiserver, kubelet, and proxy 2014-10-07 14:25:54 -07:00
Daniel Smith cf203f1304 Fix build error in integration test 2014-10-07 13:10:58 -07:00
erictune 5503e95c1d Merge pull request #1529 from smarterclayton/add_auth_interfaces 
Add simple Bearer authenticator filter for Kube
 2014-10-07 11:23:41 -07:00
Clayton Coleman 897c59a713 Merge pull request #1598 from brendandburns/nginx 
Add UX documentation, link into the apiserver, add a missing file.
 2014-10-07 14:06:20 -04:00
Clayton Coleman c8ef4b8230 Add simple Bearer authenticator filter for Kube 
* Default file based implementation
* Define some simple interfaces
* Add -token_auth_file to apiserver that will start the apiserver
  with a request filter for tokens
 2014-10-07 13:25:12 -04:00
Brendan Burns 414473607a Update the UX, add documentation. 2014-10-07 09:49:49 -07:00
Clayton Coleman d3e51a0f24 Rename JSONBase -> TypeMeta in preparation for v1beta3 
Will make subsequent refactor much easier
 2014-10-07 11:12:16 -04:00
Tim Hockin eb24c997e4 Merge pull request #1606 from lavalamp/fix 
Try to fix flakiness by increasing timeouts
 2014-10-06 17:22:51 -07:00
Daniel Smith a744623948 Try to fix flakiness by increasing timeouts, because that is always the best way to perform such a fix. 2014-10-06 17:14:34 -07:00
Brendan Burns ab6065944c Merge pull request #1584 from thockin/net 
Flag-compatible IP type
 2014-10-06 13:35:48 -07:00
Daniel Smith cc086908aa Merge pull request #1578 from brendandburns/controller 
Extract the service controller from the apiserver.
 2014-10-06 12:44:41 -07:00
Tim Hockin 0ad0a247c4 Flag-compatible IP type 2014-10-06 11:29:22 -07:00
Johan Euphrosine f91162cf78 kubelet: add --runonce flag, exits after starting pod from the manifest 2014-10-03 18:02:30 -07:00
Deyuan Deng a9e7cf8e40 Fix integration test read volume dir error. 2014-10-03 19:51:07 -04:00
Brendan Burns e6991d0a66 Extract the service controller from the apiserver, put it in the controller manager for now. 2014-10-03 15:27:22 -07:00
Brendan Burns 1551b48347 Add a resource fit scheduler predicate. Set sensible defaults. 2014-10-03 15:09:59 -07:00
Brendan Burns f00fd8d2e3 Add an integration test for services. 2014-10-02 21:07:06 -07:00
Tim Hockin f7db0bc674 Merge pull request #1546 from smarterclayton/allow_configurable_net_image 
Allow configurable Kubelet net image for isolated networks
 2014-10-02 17:11:32 -07:00
Clayton Coleman 6881db64a9 Allow configurable Kubelet net image for isolated networks 
Public access to the DockerHub is not guaranteed in all environments,
add a flag to the kubelet that allows it to use a different image (like
one on a private registry) as well as only pull the first time the
image is needed.

Fixes #1545
 2014-10-02 15:56:03 -04:00
erictune 0a2e208e8f Merge pull request #1538 from smarterclayton/allow_skip_tls_verify 
Allow clients to skip TLS verification
 2014-10-02 11:49:40 -07:00
derekwaynecarr 0a290506c2 Fix integration tests 2014-10-02 12:56:42 -04:00
derekwaynecarr fc67d822c6 Add context as parameter to client interface functions 2014-10-02 12:51:36 -04:00
Clayton Coleman 7af3c7d75e Allow clients to skip TLS verification 
Adds -skip_tls_verify to any API server client. Also store in auth
 2014-10-02 12:08:58 -04:00
Brendan Burns c3d2517371 Re-add the ability to load certs from the config file. 2014-10-01 17:10:07 -07:00
Clayton Coleman ff2eca97d9 Refactor the client (again) to better support auth 
* Allows consumers to provide their own transports for common cases.
* Supports KUBE_API_VERSION on test cases for controlling which
  api version they test against
* Provides a common flag registration method for CLIs that need
  to connect to an API server (to avoid duplicating flags)
* Ensures errors are properly returned by the server
* Add a Context field to client.Config
 2014-10-01 15:23:37 -04:00
derekwaynecarr de1f94cbc7 Fix integration test 2014-09-30 14:31:17 -04:00
derekwaynecarr b7b1193919 Add context object to kubecfg/client 2014-09-30 14:27:19 -04:00
Dawn Chen a208fbfcf4 Merge pull request #1476 from brendandburns/print 
Add the ability to print objects that are parsed in, without sending them anywhere.
 2014-09-29 09:12:53 -07:00
Tim Hockin 1c02af3d16 Kill LivenessProbe.Type 2014-09-27 21:16:30 -07:00
Brendan Burns 8f1643bc0c Add the ability to print objects that are parsed in, without sending them anywhere. 2014-09-26 20:35:12 -07:00
Brendan Burns 3ac706a32e Add a rate limiter, use it to rate limit docker pulls. 2014-09-26 11:55:21 -07:00
Daniel Smith bb0cd95a83 fix non-gofmt'd things 2014-09-24 14:27:10 -07:00
Tim Hockin 8b6de5af83 Merge pull request #1390 from smarterclayton/allow_stdin 
Allow STDIN to kubecfg via `-c -`.
 2014-09-22 16:49:55 -07:00
Clayton Coleman b9028753b0 Merge pull request #1387 from lavalamp/fix4 
Don't pass empty labels (looks weird to POST with a label set)
 2014-09-22 16:41:01 -04:00
Clayton Coleman de9dc08e55 Allow STDIN to kubecfg via `-c -`. 
Follows the `tar xvf -` convention (because all the other conventions
are crazier?)
 2014-09-20 18:40:00 -04:00
Daniel Smith 4aecdce258 Don't pass empty labels (looks weird to POST with a label set) 2014-09-19 16:04:55 -07:00
Brendan Burns 8dff6f12d7 Add authenticated TLS support to the client. 2014-09-19 15:43:23 -07:00
Clayton Coleman 5483333e29 Allow server and client to take api version as argument 
* Defaults to v1beta1
* apiserver takes -storage_version which controls etcd storage version
  and the version of the client used to connect to other apiservers
* Changed signature of client.New to add version parameter
* All controller code and component code prefers the oldest (most common)
  server version
 2014-09-18 23:27:28 -04:00
Clayton Coleman ca5355908f Expose v1beta2 API group 2014-09-18 23:24:05 -04:00
Brendan Burns dc5a4a8c3f Refactor to clean up names. 2014-09-16 15:19:02 -07:00
erictune 506f51b186 Merge pull request #1330 from brendandburns/privilege 
Only allow privileged containers if API server flag set.  Adds capabilities package.
 2014-09-16 15:12:26 -07:00
Clayton Coleman 61e3ce7ddc Make runtime less global for Codec 
* Make Codec separate from Scheme
* Move EncodeOrDie off Scheme to take a Codec
* Make Copy work without a Codec
* Create a "latest" package that imports all versions and
  sets global defaults for "most recent encoding"
  * v1beta1 is the current "latest", v1beta2 exists
  * Kill DefaultCodec, replace it with "latest.Codec"
  * This updates the client and etcd to store the latest known version
* EmbeddedObject is per schema and per package now
* Move runtime.DefaultScheme to api.Scheme
* Split out WatchEvent since it's not an API object today, treat it
like a special object in api
* Kill DefaultResourceVersioner, instead place it on "latest" (as the
  package that understands all packages)
* Move objDiff to runtime.ObjectDiff
 2014-09-16 16:26:43 -04:00
Clayton Coleman fe614aeda2 Simple refactor for ease of readability 
runtime.DefaultCodec -> latest.Codec
 2014-09-16 16:12:35 -04:00
Brendan Burns 5b9e2a55b5 Add a flag to reject privileged containers in the apiserver. 2014-09-16 11:22:32 -07:00
Kelsey Hightower 9cd0fc70f1 apiserver does not require a cloud provider or machine list 
Currently the apiserver will not start unless a machine list or a
valid cloud provider is specified. This prevents a workflow that
manages machines solely through the minions API.

Fix the issue by changing the apiserver to only log a message that
the apiserver is being started with an empty machine list.

This patch results in a change in behavior. The apiserver will no
longer exit non-zero if a cloud provider or machine list is not
configured.
 2014-09-15 11:13:17 -07:00
Clayton Coleman 24b5b7e8d3 Merge pull request #1296 from brendandburns/healthz 
Add healthz handlers to the controller manager and scheduler
 2014-09-15 11:28:02 -04:00
Brendan Burns 99f7a4f25d Add healthz handlers to the controller manager and scheduler 2014-09-12 21:13:33 -07:00
Daniel Smith 6eeb967d3d Merge pull request #1229 from ragnard/aws-provider 
Initial impl. of cloud provider for AWS
 2014-09-12 15:16:47 -07:00
Daniel Smith 1853c66ddf Merge pull request #1298 from jwforres/cors_fixup 
Remove unused enable_cors flag and allow localhost without a port as an ...
 2014-09-12 10:51:25 -07:00
Jessica Forrester 2dc30aa932 Remove unused enable_cors flag and allow localhost without a port as an origin in local-up-cluster 2014-09-12 13:01:32 -04:00
Brendan Burns 46d0cbd645 Add a global flag to enable/disable privileged containers 2014-09-12 09:56:45 -07:00
Tim Hockin bc9a290241 Merge pull request #1218 from bcwaldon/docker-auth 
Authenticated docker pulls, pt. I
 2014-09-11 22:53:36 -07:00
Ragnar Dahlén b548465adf Initial impl. of cloud provider interface for AWS 2014-09-11 22:28:56 +01:00
Daniel Smith 6757b402d5 Merge pull request #1133 from jwforres/enable_cors 
Add option to enable a simple CORS implementation for the api server
 2014-09-11 13:59:14 -07:00
Brian Waldon 0bf4fabc19 kubelet: move docker-related code into sub-package 2014-09-11 13:12:28 -07:00
Daniel Smith b5c6edcd79 Merge pull request #1189 from simon3z/ovirt-cloud 
Add support for oVirt cloud provider
 2014-09-11 09:50:31 -07:00
Federico Simoncelli 320fd528e2 Add support for oVirt cloud provider 
This patch adds the initial support for the oVirt cloud provider.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
 2014-09-11 13:08:46 +00:00
brendandburns 4f8536dd80 Merge pull request #1211 from derekwaynecarr/kubecfg_improve_c_option 
Add support to fetch config file from network
 2014-09-10 13:06:03 -07:00
Filipe Brandenburger b849d65b32 Uniformize handling of -server_version flag of kubecfg to match -version. 
In particular, add support for -server_version=raw and use matching
format for the output of -version and -server_version.

The "normal" format is essentially defined by (version.Info) String()
method, so future updates to that method will be reflected on both.

Full version information is still available by using the "raw" flag.

Tested:
- Used cluster/kubecfg.sh to query local build and the server.

    $ cluster/kubecfg.sh -version
    Kubernetes version 0.2+, build 9316edfc0d2b28923fbb6eafa38458350859f926
    $ cluster/kubecfg.sh -server_version
    Server: Kubernetes version 0.2, build a0abb38157
    $ cluster/kubecfg.sh -version=raw
    version.Info{Major:"0", Minor:"2+", GitVersion:"v0.2-25-g9316edfc0d2b28", GitCommit:"9316edfc0d2b28923fbb6eafa38458350859f926", GitTreeState:"clean"}
    $ cluster/kubecfg.sh -server_version=raw
    version.Info{Major:"0", Minor:"2", GitVersion:"v0.2", GitCommit:"a0abb3815755d6a77eed2d07bb0aa7d255e4e769", GitTreeState:"clean"}

Fixes: #1092

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
 2014-09-09 15:25:41 -07:00
derekwaynecarr 35a50a94da Add support to fetch config file from network 2014-09-09 17:50:38 -04:00
Jessica Forrester 0cac1c5f79 Switch LogOf from panicking when logger is missing to creating logger with the defaults. 
Update CORS tests to a table-based test and cover more cases.
 2014-09-09 17:50:18 -04:00
Jessica Forrester becf6ca4e7 Move RecoverPanics to be the top level wrapped handler. Add new method to be sure a logger has been generated instead of assuming one has. Move regexp list compilation into a utility and pass regexp list into CORS. 2014-09-09 17:50:18 -04:00
Jessica Forrester 8b4ca9c2a7 Move CORS handler wrapping into cmd/apiserver and switch config flag to a list of allowed origins 2014-09-09 17:50:18 -04:00
Jessica Forrester 8723eece49 Add option to enable a simple CORS implementation for the api server 2014-09-09 17:50:18 -04:00
csrwng 6551f4e0f0 Use codec to encode/decode api objects in client and kubecfg parser 2014-09-09 08:45:53 -04:00
Brian Ketelsen 83d3da1436 changed address variable to bindAddress. Used net.JoinHostPort() instead of fmt.Sprintf() 2014-09-07 23:50:36 -07:00
Brian Ketelsen 34922226fd allow proxy to accept a listen address. fixes #1220 2014-09-07 23:27:43 -07:00
Federico Simoncelli 6add1993c9 Support configurations for cloudproviders 
Cloud providers may need specific configurations to run properly (e.g.
authentication parameters, uri, etc.).

This patch adds the simplest implementation for passing configurations
to cloudproviders: a new apiserver -cloud_config flag to specify the
path to an arbitrary configuration file.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
 2014-09-08 21:46:53 +00:00
Daniel Smith fc09f988b4 Make tests pass again 2014-09-07 22:26:42 -07:00
Daniel Smith 1c2b65788d Rename Codec and ResourceVersioner to add Default in front, to allow for types of those names 2014-09-07 22:19:24 -07:00
Joe Beda e5fe8270a1 Improve 'Usage' for kubecfg 2014-09-04 13:25:39 -07:00