github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
43,751 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

109 Commits (66529d51bac1fb2e3d19f41428751cc8422303cf)

Author SHA1 Message Date
Robert Bailey 8df33bc1a7 Register the kubelet on the master node with an apiserver. This option is 
separated from the apiserver running locally on the master node so that it
can be optionally enabled or disabled as needed.

Also, fix the healthchecking configuration for the master components, which
was previously only working by coincidence:

If a kubelet doesn't register with a master, it never bothers to figure out
what its local address is. In which case it ends up constructing a URL like
http://:8080/healthz for the http probe. This happens to work on the master
because all of the pods are using host networking and explicitly binding to
127.0.0.1. Once the kubelet is registered with the master and it determines
the local node address, it tries to healthcheck on an address where the pod
isn't listening and the kubelet periodically restarts each master component
when the liveness probe fails.
 2015-08-06 13:39:32 -07:00
Mike Danese fe6b15ba2f rewrite all links to issues to k8s links 2015-08-05 21:11:11 -07:00
gmarek 5bb7eec5ab Use salt pillars to pass test arguments during cluster creation. 2015-07-31 09:32:01 +02:00
Yu-Ju Hong 1e0a16392d Merge pull request #10780 from cjcullen/testfix 
Hacky workaround for #9822
 2015-07-06 15:00:35 -07:00
CJ Cullen edd419790e Hacky workaround for #9822 2015-07-06 10:02:53 -07:00
Dawn Chen 9ce11545c0 Explicitly configure master component containers and nginx with 200m each. 2015-07-02 10:46:39 -07:00
nikhiljindal 274792d7bb Stop exposing v1beta3 by default 2015-07-01 14:38:02 -07:00
Brendan Burns d2334d60c8 Merge pull request #10328 from dchen1107/cleanup 
Add dependencies on docker and kubelet service when copying master co…
 2015-06-24 21:32:35 -07:00
Dawn Chen e7d217d941 Add dependencies on docker and kubelet service when copying master components manifests 
to /etc/kubernetes/manifest
 2015-06-24 21:15:08 -07:00
derekwaynecarr db202d4904 Remove nginx from vagrant 2015-06-23 13:07:50 -04:00
Mike Danese 491eb5e583 add livenessProbe to kube-apiserver.manifest 2015-06-15 23:22:56 -07:00
CJ Cullen 04cd9b3c75 Make sshproxy use a hostmount on master PD (don't spam sshKeys on upgrade/reboot). 
Add comment describing what SSHTunnelList.Close() does.
Simplify util.FileExists.
 2015-06-05 15:03:03 -07:00
CJ Cullen cb317604ab Some refactoring. Only selectively use ssh proxy. 
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
 2015-06-05 14:55:16 -07:00
CJ Cullen de9a5f43bc Specify sshUser, sshKeyfile in kube-apiserver manifest. 
Trim space on ssh key so GCE doesn't treat it as 2 lines.
A couple other minor fixes.
 2015-06-05 14:55:15 -07:00
CJ Cullen 82afaaf31d Mount cloud-config files for cloudproviders in kube-apiserver & kube-controllermanager. 2015-06-05 14:54:20 -07:00
Daniel Smith 1690617ee6 remove ro service 2015-06-03 16:45:54 -07:00
Prashanth Balasubramanian f7c0f1c1e3 Set min-request-timeout in test clusters 2015-06-03 08:46:28 -07:00
CJ Cullen 934c553c04 Clarify description/usage of --advertise-address, Master.PublicAddress 2015-06-02 15:23:32 -07:00
CJ Cullen 085a48a70e Add an advertise-address flag. This allows the address that the apiserver binds 
to (possibly 0.0.0.0) to be different than the address on which members of the cluster
can reach the apiserver (possibly not a local interface).
 2015-06-02 14:33:15 -07:00
Tim Hockin ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin 3005471100 Add new apiserver flags for clusterIP (nee portal) 
Leave old flags but marked as deprecated
 2015-05-28 16:10:44 -07:00
Robert Bailey e3ff2dc02d Merge pull request #7678 from justinsb/aws_api_on_443 
AWS: Change apiserver to listen on 443 directly, not through nginx
 2015-05-04 13:52:57 -07:00
Justin Santa Barbara 57f7b658bb AWS: Change apiserver to listen on 443 directly, not through nginx 
Mirrors changes in GCE.  I think the same changes will be needed for vagrant.
 2015-05-02 16:59:04 -04:00
Abhishek Shah 96439b5a52 logs for master components 2015-04-29 09:51:09 -07:00
Robert Bailey 8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
derekwaynecarr 81e9395533 Fix vagrant regression due to #7326 2015-04-27 17:18:30 -04:00
Robert Bailey 846ffcff83 Pass the CA root cert into the apiserver so that the apiserver will 
perform client cert checks for authorization. Only enable on GCE where
the apiserver is terminating SSL connections from end users.
 2015-04-24 22:01:56 -07:00
Robert Bailey dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
litian54 b5e4111234 Fix Jinja render bug if 'portal_net' or 'cluster_name' is undefined 2015-04-15 17:17:38 -07:00
Abhishek Shah a908bb78ea kube-scheduler in a pod 2015-04-14 17:53:12 -07:00
Justin Santa Barbara 72687184b9 Don't always use aws.conf 
We don't usually need it, and it makes it harder to put apiserver into a container.
 2015-04-14 09:30:00 -07:00
Abhishek Shah c9d7010461 kube-apiserver in a pod. 2015-04-13 15:15:45 -07:00
Dawn Chen 7f2f165797 Revert "kube-apiserver in a pod." 2015-04-10 22:54:52 -07:00
Abhishek Shah 2f70395396 kube-apiserver in a pod. 2015-04-10 15:46:49 -07:00
Abhishek Shah fb665ede4c Run etcd on localhost for all providers. 2015-04-03 14:00:44 -07:00
Abhishek Shah 23c42cd8b2 Etcd listens on localhost for GCE 2015-04-03 11:40:09 -07:00
Filip Grzadkowski 65c2942a82 Increase ulimit -n for apiserver. 2015-04-02 17:01:23 +02:00
CJ Cullen 5e6e67ba59 Add an alternative TokenSource to the GCE CloudProvider. 2015-04-01 17:52:30 -07:00
Zach Loafman b581320bf7 Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack 
This variable can be entirely derived from grains.cloud, and it
simplifies the configuration somewhat. (Or someone convince me I'm
wrong. I'm happy to be wrong here.)
 2015-04-01 08:32:32 -07:00
derekwaynecarr 468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
Zach Loafman 120dba474e Change GCE to use standalone Saltstack config: 
Change provisioning to pass all variables to both master and node. Run
Salt in a masterless setup on all nodes ala
http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html,
which involves ensuring Salt daemon is NOT running after install. Kill
Salt master install. And fix push to actually work in this new flow.

As part of this, the GCE Salt config no longer has access to the Salt
mine, which is primarily obnoxious for two reasons: - The minions
can't use Salt to see the master: this is easily fixed by static
config. - The master can't see the list of all the minions: this is
fixed temporarily by static config in util.sh, but later, by other
means (see
https://github.com/GoogleCloudPlatform/kubernetes/issues/156, which
should eventually remove this direction).

As part of it, flatten all of cluster/gce/templates/* into
configure-vm.sh, using a single, separate piece of YAML to drive the
environment variables, rather than constantly rewriting the startup
script.
 2015-03-10 09:04:29 -07:00
derekwaynecarr 35ab4ccc6d Further vagrant reliability improvements. 2015-03-03 06:55:34 -08:00
Satnam Singh 19b927ea57 Name a cluster and use it to make forwarding rules for GCE 2015-02-23 17:04:33 -08:00
derekwaynecarr 4dd50a18c3 Fix vagrant regression, add flag to easily enable v1beta3 2015-01-30 12:16:24 -05:00
Justin Santa Barbara 5d864b006a Add aws to list of clouds that use tokens 2015-01-29 20:35:36 -05:00
Justin Santa Barbara 2f195578cc Create /srv/kuberentes/known_tokens.csv on AWS 2015-01-29 20:35:35 -05:00
Justin Santa Barbara bb0431dce8 Pass cloud & cloud_config to kube-apiserver for AWS 2015-01-29 20:35:35 -05:00
Joe Beda 7ee327146a Fix typo in initd scripts 2015-01-15 09:12:20 -08:00
Joe Beda 228659a177 Fix up for posix flags 2015-01-15 09:12:19 -08:00
derekwaynecarr 520ae3ef27 Implement basic admission control framework 2015-01-07 14:42:31 -05:00
Brendan Burns 878d85df0c Add a log level flag. 2014-12-15 12:00:29 -08:00
Richard Larocque 7d37b24cc7 Implement apiserver communication for Vagrant 
This implementation is based on the GCE impementation from
618a367dbb48dbaa9c3b50e877858d854322fd0b.
 2014-12-05 12:49:51 -08:00
Alen Komljen d83d269c27 Remove empty lines when file is generated from jinja template 2014-12-02 15:00:58 +01:00
Joe Beda 2b712a744a Fix up salt ordering dependencies in kube-apiserver/init.sls. 2014-11-25 14:46:25 -08:00
derekwaynecarr 1a894741b2 Fix vagrant regression 2014-11-20 10:39:09 -05:00
Eric Tune 67adf6473e Don't reference non-existent token file if not GCE. 2014-11-18 00:23:41 -08:00
Eric Tune 46dcacfa93 Kubelet talks securely to apiserver. 
Configure apiserver to serve Securely on port 6443.
Generate token for kubelets during master VM startup.
Put token into file apiserver can get and another file the kubelets can get.
Added e2e test.
 2014-11-18 00:23:41 -08:00
Joe Beda 66d287f7e4 Merge branch 'rename-to-kube' of https://github.com/eparis/kubernetes into eparis-rename-to-kube 
* 'rename-to-kube' of https://github.com/eparis/kubernetes:
  rename kube server binaries to kube-

Conflicts:
	docs/salt.md
 2014-11-17 09:52:10 -08:00
Eric Paris a99c3c7963 rename kube server binaries to kube- 
apiserver becomes kube-apiserver
controller-manager -> kube-controller-manager
scheduler and proxy similarly.

Only thing I promise is that right now hack/build-go.sh and
build/release.sh exit with 0.  That's it.  Who knows if any of this
actually works....
 2014-11-13 20:08:26 -05:00