github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,623 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

528 Commits (793677e8e2af67f14ddd6da0b88b43dc3c330919)

Author SHA1 Message Date
Tim Hockin f24ea5ce59 Merge pull request #2592 from dchen1107/mirror-registry 
Enable Docker Cache for OSS on gce.
 2014-11-25 09:23:40 +08:00
Dawn Chen 1900f0db98 Enable Docker Cache for OSS on gce. 2014-11-24 16:51:17 -08:00
Brendan Burns ab3cfc5f75 Update the ubuntu AMI 2014-11-24 16:34:48 -08:00
Tim Hockin b6d8215f3a Merge pull request #2537 from dchen1107/mirror-registry 
Enable docker registry cache. By default it is off
 2014-11-25 03:46:35 +08:00
Dawn Chen e13ce48676 Enable docker registry cache. By default it is off 2014-11-21 17:13:22 -08:00
Joe Beda 802d214ed0 Merge pull request #2461 from MSOpenTech/deploy 
Bring Azure deploy scripts up to date
 2014-11-20 17:15:44 -08:00
Joe Beda 658c5cdaaa Check in default blank file for kubelet/kubernetes_auth 
This lets us eliminate some per-cloud stuff in our salt.  This is an alternate fix for #2475.
 2014-11-20 17:01:28 -08:00
Jeff Mendoza d0586ed066 Azure review fixes. 2014-11-20 16:40:35 -08:00
derekwaynecarr 1a894741b2 Fix vagrant regression 2014-11-20 10:39:09 -05:00
Brendan Burns 927088de83 Fix etcd unpack by adding a explicit x flag. 2014-11-19 11:33:50 -08:00
Jeff Mendoza 5d62ac1a56 Fix Azure util.sh boilerplate. 2014-11-19 10:25:27 -08:00
Jeff Mendoza 8b0f263c00 Rearrange cluster sanity checks for Azure. 2014-11-18 22:37:06 -08:00
Jeff Mendoza 9934a0ace4 Update cert generation for Azure. 2014-11-18 14:10:50 -08:00
Jeff Mendoza 1ee5ab5e5e Updates and formatting to azure scripts. 2014-11-18 14:10:18 -08:00
Eric Tune 67adf6473e Don't reference non-existent token file if not GCE. 2014-11-18 00:23:41 -08:00
Eric Tune 46dcacfa93 Kubelet talks securely to apiserver. 
Configure apiserver to serve Securely on port 6443.
Generate token for kubelets during master VM startup.
Put token into file apiserver can get and another file the kubelets can get.
Added e2e test.
 2014-11-18 00:23:41 -08:00
Brendan Burns 5122e4cc3a Remove deprecated nsinit from the node definition. 2014-11-17 22:20:57 -08:00
Brendan Burns cea52d7e4f Merge pull request #2409 from mattmoor/master 
Implements a credentialprovider library for use by DockerPuller.
 2014-11-17 21:53:25 -08:00
Matt Moore 0c5d9ed0d2 Implements a credentialprovider library for use by DockerPuller. 
This change refactors the way Kubelet's DockerPuller handles the docker config credentials to utilize a new credentialprovider library.

The credentialprovider library is based on several of the files from the Kubelet's dockertools directory, but supports a new pluggable model for retrieving a .dockercfg-compatible JSON blob with credentials.

With this change, the Kubelet will lazily ask for the docker config from a set of DockerConfigProvider extensions each time it needs a credential.

This change provides common implementations of DockerConfigProvider for:
 - "Default": load .dockercfg from disk
 - "Caching": wraps another provider in a cache that expires after a pre-specified lifetime.

GCP-only:
 - "google-dockercfg": reads a .dockercfg from a GCE instance's metadata
 - "google-dockercfg-url": reads a .dockercfg from a URL specified in a GCE instance's metadata.
 - "google-container-registry": reads an access token from GCE metadata into a password field.
 2014-11-17 21:46:54 -08:00
Richard Larocque 914c5eb1f1 Chmod the right file in cluster/vagrant/util.sh 
Most of platforms use ~/.kubernetes_auth, but Vagrant is different.
This commit fixes one instance where a setup script did not take this
difference into account.
 2014-11-17 17:14:35 -08:00
Abhishek Gupta 65a4041d26 Fixing systemd service files to point to correct config/executors 2014-11-17 12:24:10 -08:00
Joe Beda 7b5a77c56c Fix breakage when bringing down cluster. 2014-11-17 11:26:25 -08:00
Joe Beda 66d287f7e4 Merge branch 'rename-to-kube' of https://github.com/eparis/kubernetes into eparis-rename-to-kube 
* 'rename-to-kube' of https://github.com/eparis/kubernetes:
  rename kube server binaries to kube-

Conflicts:
	docs/salt.md
 2014-11-17 09:52:10 -08:00
Vladimir Shcherbakov 6ea7191592 deploy update 2014-11-16 23:56:15 -08:00
Joe Beda c82bd2127f Fix up formatting and sed usage for heapster deploy. 
Also, 'sed -i' isn't supported well across BSD and GNU versions of sed.  See http://stackoverflow.com/questions/5694228/sed-in-place-flag-that-works-both-on-mac-bsd-and-linux.  And we were editing files that were checked in to git with a password.  Instead, do this with class sed redirection in a temp dir.

Fixes #2400.
 2014-11-16 17:13:02 -08:00
Joe Beda 06d838ffb1 Merge pull request #2369 from jbeda/vagrant-fix 
Vagrant fixes
 2014-11-14 16:43:06 -08:00
Eric Tune 13345953e3 Merge pull request #2371 from dchen1107/upstream 
Don't show Kubernetes username & password to console for heapster.
 2014-11-14 10:50:36 -08:00
Brendan Burns c2485a4056 Merge pull request #2147 from justinsb/ipv6 
Initial ipv6 / iptables work
 2014-11-14 10:34:37 -08:00
Dawn Chen a9defc413a Don't show Kubernetes username & password to console for heapster. 2014-11-13 23:08:55 -08:00
Joe Beda 5a0159ea00 Get Vagrant to start using TLS client certs. 
Also fix up cert generation. It was failing during the first salt highstate when trying to chown the certs as the apiserver user didn't exist yet.  Fix this by creating a 'kube-cert' group and chgrping the files to that.  Then make the apiserver a member of that group.

Fixes #2365
Fixes #2368
 2014-11-13 22:16:45 -08:00
Eric Paris a99c3c7963 rename kube server binaries to kube- 
apiserver becomes kube-apiserver
controller-manager -> kube-controller-manager
scheduler and proxy similarly.

Only thing I promise is that right now hack/build-go.sh and
build/release.sh exit with 0.  That's it.  Who knows if any of this
actually works....
 2014-11-13 20:08:26 -05:00
Richard Larocque 63d6e7cd9f make-cert.sh: Create directory before writing cert 
Adds a "mkdir -p" to the make-cert.sh.  This fixes an issue where the
script could fail if /srv/kubernetes did not exist previously.
 2014-11-13 16:39:09 -08:00
Dawn Chen 8c358f0cae Merge pull request #2357 from filbranden/monitoring 
Fix bugs and improve monitoring support
 2014-11-13 13:59:58 -08:00
Vishnu Kannan 46a22b3c44 Fix monitoring setup script. 
Remove the firewall rule created for monitoring as part of kube-down.
Reuse master auth for Grafana.
 2014-11-13 16:43:05 -05:00
Eric Tune 19ec2234f9 Make server certs accessible to apiserver user. 2014-11-13 13:02:48 -08:00
Joe Beda ee2f030623 Give the API server access to TLS certs. 
Moved the cert generation to a separate salt state and put it in a more appropriate sharable location (`/srv/kubernetes/`).
 2014-11-12 18:14:24 -08:00
Dawn Chen 5ab6947bdd Merge pull request #2307 from satnam6502/logbydefault 
Turn on Elasticsearch logging by default for GCE platform
 2014-11-12 10:03:06 -08:00
Dawn Chen d71408f465 Merge pull request #2321 from jimmydivvy/fix_linux_md5sum 
Strip extra '-' from md5sum output when creating S3 bucket
 2014-11-12 10:00:13 -08:00
James Davies ff5a425b67 Strip extra '-' from md5sum output when creating GCE projects 2014-11-12 17:04:01 +10:00
James Davies 945339362f Strip extra '-' from md5sum output when creating S3 bucket 
md5sum prints out the hash, followed by the filename. When piped in from
stdin, this equates to a '-' character.

cluster/aws/util.sh was incorrect including this '-' character as part
of the S3 bucket name, causing the script to fail on Linux machines with
the md5sum binary.

i.e. "s3://kubernetes-staging-0ac68d8c77915cc1069a9e2f5e1f1d2d -"

Fixed by using `awk` to return only the first column (up to the space)
 2014-11-12 16:56:50 +10:00
Brendan Burns 4faefda415 Really fix the gce turn up script. 2014-11-11 20:55:12 -08:00
Joe Beda 21ff53c70b Merge pull request #2311 from pietern/vsphere-curl 
Use curl exclusively in vSphere deployment
 2014-11-11 17:32:09 -08:00
Pieter Noordhuis 1df6f9ce6a Use curl exclusively in vSphere deployment 
This fixes #2295.
 2014-11-11 17:22:02 -08:00
Joe Beda 4f62efcc23 Fix kube-push.sh 2014-11-11 17:10:56 -08:00
Brendan Burns fa8e0f6a6f Merge pull request #2296 from brendandburns/fix 
Fix paths for kubectl
 2014-11-11 16:23:11 -08:00
Satnam Singh d837f16045 Turn on Elasticsearch logging by default for GCE platform 2014-11-11 14:49:42 -08:00
Haney Maxwell fae27e2f17 Clean up e2e test 2014-11-11 11:03:07 -08:00
Brendan Burns 0393212624 Fix paths for kubectl 2014-11-11 10:49:44 -08:00
Brendan Burns 48498cf9bb Fix docs somewhat, add monitoring hooks. 2014-11-10 17:17:25 -08:00
Brendan Burns 62bd634c07 Update the AWS config. 2014-11-10 13:33:43 -08:00
Andriy Yurchuk 1ff79fdeb0 AWS support draft 
Fix calling function before declaration

Set Name tags on instances

Hide import-key-pair error

Fix instances names resolution

Implement kube-down for AWS provider

Add cluster validation routines. Make changes according to #1255

Implement post-deployment cluster validation

Set proper master name in userdata scripts

Fix kube-down path in hint

Add getting started for AWS
 2014-11-10 13:32:52 -08:00
Joe Beda dba0f2d661 Fix typo in README 2014-11-10 13:09:58 -08:00
Brendan Burns bdc4ab62c7 Merge pull request #2245 from jbeda/gcs-deps 
Start pulling external dependencies from GCS where possible
 2014-11-10 11:00:41 -08:00
bgrant0607 6c70227a2e Merge pull request #2249 from satnam6502/salt 
Make Docker container dirs writable for pos file
 2014-11-08 11:56:48 -08:00
Satnam Singh 9fac9949b2 Make Docker container dirs writable for pos file 2014-11-07 17:42:48 -08:00
Joe Beda a839599883 Install client tools on master. 
We now include kubecfg and kubectl in "server binary" tar and place them into /usr/local/bin on the master.
 2014-11-07 17:13:18 -08:00
Daniel Smith d5c6499d93 Update scripts to expect versioned output in templates. 2014-11-07 16:47:22 -08:00
Joe Beda 887c9b18d6 Install Salt from debs on GCS. 
Also make downloading more reliable and run 'highstate' after install for good measure.  As part of this we no longer use gsutil to download and have to make 'staged' binaries in GCS publicly readable.
 2014-11-07 16:16:45 -08:00
Joe Beda d033dfcc2b Load etcd tarball from GCS. 
Also fix up comment about how to cache docker debs.
 2014-11-07 13:43:07 -08:00
Vishnu Kannan 37af9210ba Improve the monitoring setup script and fix bugs in the monitoring config. 2014-11-07 19:27:52 +00:00
Vishnu Kannan ad9cb982e5 Add an option for enabling monitoring in gce/config-default.sh and disable it 
for tests.
Updated heapster readme.
 2014-11-07 00:47:56 +00:00
Vishnu Kannan edf6d8ee3f Use Heapster as an in-built monitoring solution for Kubernetes in GCE. 
Users will have an option to enable it when they setup their cluster (kube-up).
 2014-11-07 00:47:56 +00:00
Justin SB ddaa716de1 Allow specification of docker daemon args 2014-11-04 14:12:59 -08:00
Justin SB 8e70a664e8 Extend container_bridge.py (salt lib) to support IPv6 2014-11-04 06:33:34 -08:00
Deyuan Deng a7bdb362da Fix local cluster scripts 2014-11-02 23:30:14 -05:00
Brendan Burns 8d34231381 Fix a bunch of places where the -machines flag was still attached to the apiserver. 2014-11-01 20:38:45 -07:00
Joe Beda bbb66af3db Merge pull request #2092 from jbeda/1729-hack-build 
Rationalize `build` and `hack` directories
 2014-11-01 18:02:12 -07:00
Joe Beda 5d33ce46cc Rework hack/ and build/ directories. 
* Rewrite a bunch of the hack/ directory with modular reusable bash libraries.
* Have 'build/*' build on 'hack/*'.  The stuff in build now just runs hack/* in a docker container.
* Use a docker data container to enable faster incremental builds.
* Standardize output to _output/{local,dockerized}/bin/OS/ARCH/*.  This regularized placement makes cross compilation work.
* Move travis specific scripts under hack/travis

With new dockerized incremental builds, I can do a no-op `make quick-release` in ~30s.  This is a significant improvement.
 2014-11-01 17:56:41 -07:00
Brendan Burns f44bb9d673 Merge pull request #2104 from jbeda/gcs-docker-install 
Get docker deb from GCS
 2014-10-31 21:15:06 -07:00
Joe Beda 29455398e6 Get docker deb from GCS. 
Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889)
 2014-10-31 16:27:00 -07:00
Deyuan Deng 019b7fc74c Separate minion controller from master. 2014-10-30 20:24:15 -04:00
Joe Beda 4c8dbbc346 Use the Container VM image in the google-cloud project. 
Fixes #2078
 2014-10-30 11:29:25 -07:00
Joe Beda 78df01172a Merge pull request #1747 from pietern/vsphere-binary-deploy 
vSphere support for binary deploys
 2014-10-29 16:52:12 -07:00
Filipe Brandenburger 5619fb2f45 Merge pull request #2046 from dchen1107/containervm 
Using containervm image for gce by default
 2014-10-29 14:49:17 -07:00
Pieter Noordhuis 918c8e2b96 Limit GCE specific mods to GCE 2014-10-29 12:39:07 -07:00
Pieter Noordhuis 5b22dd7631 Move customizations of /srv/salt to overlay 
Also see #1783.
 2014-10-29 11:30:09 -07:00
Pieter Noordhuis 5ba3a551f9 Fix kube-push 2014-10-29 11:30:09 -07:00
Pieter Noordhuis fa24face8c Add 'portal_net' parameter to pillar 
In preparation for #1402.
 2014-10-29 11:30:09 -07:00
Pieter Noordhuis 4a13d752ed Copy release tars with scp 
This displays a progress report, so any slowness can be attributed.
 2014-10-29 11:30:09 -07:00
Pieter Noordhuis a1c40922e0 Rely on ssh-agent for key management 2014-10-29 11:30:09 -07:00
Pieter Noordhuis 1152471db7 Split reactor files 
There now are reactor files to run highstate on:

* New nodes only
* Master nodes
* Minion nodes
 2014-10-29 11:30:09 -07:00
Pieter Noordhuis e90f98a52c Make vSphere scripts work for binary deploys 
Fixes #1732.
 2014-10-29 11:30:08 -07:00
Brendan Burns 74998eead4 Merge pull request #2061 from brendandburns/master 
Fix the etcd md5 since they uploaded a new binary.
 2014-10-29 11:20:49 -07:00
Brendan Burns c4d6f3a1cd Fix the etcd md5 since they uploaded a new binary. 2014-10-29 11:18:37 -07:00
Dawn Chen 18685d49ed Using containervm image for gce by default 2014-10-29 09:42:50 -07:00
Dawn Chen 03503a5627 Always check default-internal firewall absent or not; if not, create it 
anyway.
 2014-10-28 13:55:52 -07:00
Joe Beda 8100c063b8 Turn on auto security updates for debian based systems. 
Fixes #2008
 2014-10-27 13:49:51 -07:00
Clayton Coleman bd1b3fb245 Vagrant util has minion query for ID, not Name 
Related to the ID->Name refactor, noticed while running e2e
 2014-10-23 23:12:04 -04:00
Daniel Smith bfabb41604 New e2e script (in go this time) that doesn't completely suck 2014-10-23 11:03:30 -07:00
Joe Beda 33763d07b2 Fix e2e test for .ID->.Name change 2014-10-22 17:19:53 -07:00
Joe Beda 25b1eea116 Merge pull request #1832 from doublerr/rackspace_switch_to_coreos 
Rackspace - Switch to CoreOS for standard cluster
 2014-10-22 09:30:55 -07:00
derekwaynecarr b836e31cf4 Fixup docker configuration for sdn 2014-10-22 11:32:38 -04:00
Brendan Burns 86e67c0fe2 Fix GCE since KUBE_ADMIN_TOKEN is never set, since get-admin-token is never called. 2014-10-21 21:13:24 -07:00
Satnam Singh 605314ff62 Second attempt at correctly unspecting FLUENTD_GCP 2014-10-21 14:58:03 -07:00
Joe Beda da6866c720 Merge pull request #1931 from derekwaynecarr/fix_kubectl_for_vagrant 
Fix kubectl flags for vagrant
 2014-10-21 14:43:46 -07:00
derekwaynecarr c929ec5a44 Fix kubectl flags for vagrant 2014-10-21 15:29:35 -04:00
Satnam Singh ed58d024ca Check to see if FLUENTD_GCP is defined before use 2014-10-21 12:18:42 -07:00
Clayton Coleman fa4e186e54 Merge pull request #1911 from erictune/token_client 
Handle auth files with BearerToken sections.
 2014-10-21 14:08:42 -04:00
Satnam Singh 39212f5e2e Flunentd to GCP logging node level configuration 2014-10-20 18:05:00 -07:00
Eric Tune 21dae01005 Handle auth files with BearerToken sections. 2014-10-20 17:02:03 -07:00
Satnam Singh b7722a631d Adjust test in salt file to use boolean value 2014-10-20 15:52:28 -07:00
Joe Beda 893e897d9b Merge pull request #1913 from derekwaynecarr/move_network_closure 
Do not require a writeable /vagrant
 2014-10-20 15:04:43 -07:00
Joe Beda 60a8249bdf Merge pull request #1891 from jbeda/vagrant-bash-fix 
Make vagrant scripts work with bash 3
 2014-10-20 14:52:12 -07:00
Joe Beda ea95cefb91 Make vagrant scripts work with bash 3 
Fixes #1890
 2014-10-20 14:50:09 -07:00
derekwaynecarr 0d86be680b Do not require a writeable /vagrant 2014-10-20 16:59:15 -04:00
Robert Bailey 216cc64975 Bump up the default machine size on GCP. 2014-10-20 13:02:28 -07:00
Daniel Smith bf942e859f remove old proxy code. 2014-10-20 11:28:12 -07:00
Ryan Richard d513854851 Remove extra newline and update comments in util.sh 2014-10-20 12:18:34 -05:00
Ryan Richard a26aefaa2e Migrate Rackspace upload scripts to util.sh 
The functions to upload built k8s tars to Cloud Files were incorrectly
placed in build/common.sh. These have been migrated to
cluster/rackspace/util.sh
 2014-10-20 12:14:20 -05:00
Ryan Richard 0bfb5ae772 remove hardcoded cloudfiles path and fix PORTAL_NET 2014-10-20 12:14:20 -05:00
Ryan Richard f2838483a1 Add Rackspace to build/release.sh 
Updates to the build/release.sh scripts to upload build binaries to
Cloud Files.
 2014-10-20 12:14:20 -05:00
Ryan Richard a8bae68865 Rackspace - Switch to CoreOS for standard cluster 
The Rackspace setup for Kubernetes now leverages CoreOS instead of Ubuntu. We've dropped Salt completely for our cluster.
 2014-10-20 12:14:20 -05:00
bgrant0607 75e2cf8e12 Merge pull request #1826 from thockin/kubectl 
add kubectl.sh
 2014-10-16 13:02:13 -07:00
Mrunal Patel f8845147f6 Need not add --ip-masq flag till fedora ships docker 1.3 2014-10-16 12:40:01 -07:00
Tim Hockin bad0b72926 add kubectl.sh 2014-10-16 12:30:08 -07:00
Dawn Chen a8a036a9e6 Disable --ip-masq for vagrand. 2014-10-16 12:17:18 -07:00
Dawn Chen baf3bea79a Set --ip-masq to false 2014-10-16 12:17:18 -07:00
Tim Hockin 5c4bd55273 Add vagrant support 2014-10-16 08:36:47 -07:00
Tim Hockin 1c2f04b8b7 Add e2e test 2014-10-16 08:36:47 -07:00
Tim Hockin e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Joe Beda 3701c2ac0e Add kubectl to build/release scripts. 
Also Refactor build helpers into client/cross and server/linux.  This make it easier to tell users what to build to get just the client binaries.
 2014-10-15 16:50:17 -07:00
Joe Beda 81635a2549 Remove duplicate code for GCE cluster start 2014-10-15 10:21:22 -07:00
Joe Beda 9bb20b41ee Break out dynamic salt files to enable clean kube-push. 
This lets us blow away salt files and replace them with a new version while keeping a tree of "overlay" files that are cluster specific and generated at cluster up time.

Fixes #1783
 2014-10-14 15:01:43 -07:00
derekwaynecarr b8d2f08192 Fix race condition in start-up of salt-minion and salt-master 2014-10-14 12:41:45 -04:00
Joe Beda b2395c76f2 Have `build/make-cross.sh` copy binaries back over if using boot2docker. 
Also clarified error message in cluster/kubecfg.sh.
 2014-10-11 07:24:12 -07:00
Joe Beda e397371b95 Fix up project hash on linux 
Somehow this got dropped!
 2014-10-10 14:24:35 -07:00
Joe Beda 96c1bc17ca Set shell options for reliability. 
Tweak a few other small things in our shell scripts.
 2014-10-10 12:33:36 -07:00
Joe Beda d43a6ec5a3 Standardize how we refer to the kubernetes root. 
Now use $KUBE_ROOT as the variable pretty much everywhere.
 2014-10-10 12:33:36 -07:00
Joe Beda 38d5906044 Clean up READMEs and broken stuff. 
Move all support for clouds that are broken with this change into an `icebox` directory.  We'll move that stuff back out as we fix it up.
 2014-10-10 12:33:36 -07:00
Joe Beda db14944f61 Fix up kubecfg.sh script to find correct binary. 2014-10-10 12:30:12 -07:00
Joe Beda 881cf80182 Vagrant now using pre-built binaries. 2014-10-10 12:30:12 -07:00
Joe Beda 15cd6f07d6 Use binary releases for cluster push scripts. 
This is for GCE right now.  Other clouds/clusters are probably broken.
 2014-10-10 12:30:11 -07:00
Joe Beda 9a8807b033 get.docker.com is now the preferred place to get Docker 
Update salt configs
 2014-10-09 12:31:53 -07:00
Danny Jones 4ec25f3b81 Adds support for attaching GCEPersitentDisks 
Adds GCEPersistentDisk volume struct
Adds gce-utils to attach disk to kubelet's VM.
Updates config to give compute-rw to every minion.
Adds GCEPersistentDisk to API
Adds ability to mount attached disks
Generalizes PD and adds tests.
PD now uses an pluggable API interface.
Unit Tests more cleanly separates TearDown and SetUp
Modify boilerplate hook to omit build tags
Adds Mounter interface; mount is now built by OS
TearDown() for PD now detaches disk on final refcount
Un-generalized PD; GCE calls moved to cloudprovider

Address comments.
 2014-10-08 20:03:59 -07:00
Joe Beda 0de2ef496e Merge pull request #1595 from thockin/flageq 
Use '=' for flags or else parsing gets confused sometimes
 2014-10-06 13:14:35 -07:00
Tim Hockin 440d14c239 Use '=' for flags or else parsing gets confused sometimes 2014-10-06 12:25:56 -07:00
Deyuan Deng 253907ab04 Add etcdctl in master 2014-10-04 11:26:01 -04:00
Joe Beda 90800bdc43 Merge pull request #1544 from justinlindh/configurable-sleep-interval 
Add configurable sleep between polling intervals for GCE status
 2014-10-03 09:36:39 -07:00
derekwaynecarr 1567ac0d74 Do not verify certs against vagrant 2014-10-02 15:38:16 -04:00
Justin Lindh 4f31b1918f Add configurable sleep between polling intervals for GCE status 2014-10-02 12:47:40 -06:00
Joe Beda c323179d9b Don't print Kubernetes username/password to console. 
It is too easy to copy/paste this on-line.

Fixes #1483
 2014-09-29 13:18:29 -07:00
Joe Beda 648a400e36 Merge pull request #1492 from jbeda/backports-fix 
Change back to generic image description now that GCE is fixed.
 2014-09-29 12:27:51 -07:00
Jeff Mendoza 9eefbab575 Update default image used for Azure. 
Fixes CVE-2014-6271.
Still vulnerable to CVE-2014-7169.
 2014-09-29 11:43:10 -07:00
Joe Beda 7cadeb2af3 Change back to generic image description now that GCE is fixed. 2014-09-29 11:30:39 -07:00
Joe Beda 4ae3fa521e For GCE hard code backports image version as autodetection is currently broken. 2014-09-29 10:31:34 -07:00
Joe Beda 81e91db697 Grab images as part of update e2e test 2014-09-26 14:31:12 -07:00
Brendan Burns 77d13db307 Fix the vagrant build. 2014-09-26 14:02:56 -07:00
Joe Beda b3e7fd4209 Be more robust in how we pass flags. 
Using the '=' form of a flag makes things better if we have an empty list of machines.
 2014-09-25 11:52:18 -07:00
Brendan Burns 511ec280b9 Add a new network for e2e tests, to isolate it from any other cluster. 2014-09-24 22:37:19 -07:00
Brendan Burns e21f5f7c8f Fix the scripts. 2014-09-24 11:04:25 -07:00
Brendan Burns 8398dbd367 Fix the scripts. 2014-09-24 09:57:24 -07:00
Brendan Burns cafd20b233 Complete the mitm prevention on GCE. 2014-09-23 16:51:04 -07:00
Brendan Burns d38b498b0f Add a script for generating CA signed certs, and a client cert. 2014-09-23 11:38:29 -07:00
Brian Grant b9eee0f0c7 Replace --lines= with -n to fix tail on mac os. 2014-09-23 14:16:43 +00:00
Brian Grant cf60f4fa7d Fixes #1392. Redirects error messages to stderr so users can see them. 2014-09-22 17:25:25 +00:00
Yves Junqueira 412aab302a Fix typo in cluster/local/config-default.sh 2014-09-19 00:36:54 +02:00
Brendan Burns bb829ce8f6 fix salt. 2014-09-17 17:13:41 -07:00
Brendan Burns ffa4500e09 Add a salt flag for enabling privileged containers. 2014-09-17 14:25:28 -07:00
brendandburns c74060d465 Merge pull request #1282 from derekwaynecarr/add_vagrant_to_docker_group 
Add vagrant user to docker group
 2014-09-15 17:07:02 -07:00
Brendan Burns 61e90fdaff Fix the logrotate cron job. 2014-09-11 20:56:31 -07:00
Brendan Burns 76c0ce374d Start log rolling for docker containers too. Fix logrotate for other daemons. 2014-09-11 15:47:06 -07:00
derekwaynecarr 63bd987561 Add vagrant user to docker group 2014-09-11 16:48:17 -04:00
derekwaynecarr 0c20fffa06 No DNS in vagrant cross minions, need explicit IP as host 2014-09-11 13:38:50 -04:00
Daniel Smith b5c6edcd79 Merge pull request #1189 from simon3z/ovirt-cloud 
Add support for oVirt cloud provider
 2014-09-11 09:50:31 -07:00
Federico Simoncelli 320fd528e2 Add support for oVirt cloud provider 
This patch adds the initial support for the oVirt cloud provider.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
 2014-09-11 13:08:46 +00:00
Pieter Noordhuis 63ac1dc213 Update vSphere getting started doc 2014-09-10 00:17:41 +00:00
Brendan Burns 686c3bec84 Add initial logrotate support. 2014-09-09 13:35:06 -07:00
derekwaynecarr f42fcef620 Add explicit flag to use openvswitch 2014-09-08 15:31:22 -04:00
Joe Beda 2978c9923e Merge pull request #1203 from brendandburns/nginx 
Update nginx to support websockets and not buffer watches.
 2014-09-06 11:15:08 -07:00
Brendan Burns e8afebf1e1 Update nginx to support websockets and not buffer watches. 2014-09-05 21:46:01 -07:00
Joe Beda 77488835fe Merge pull request #1190 from derekwaynecarr/vagrant_cluster_hostname 
Improve vagrant hostname support across cluster
 2014-09-05 14:30:09 -07:00
Joe Beda 2edbfcf25d Merge pull request #1188 from carlossg/detect-zone 
[GCE] detect-master and detect-minions api calls should specify the zone
 2014-09-05 14:24:49 -07:00
derekwaynecarr 7f75aae8ab Improve vagrant hostname support across cluster 2014-09-05 16:39:39 -04:00
Daniel Smith ee1c0838d8 Merge pull request #1142 from jbeda/tweak-demo 
Improve update demo, support rolling template update
 2014-09-05 10:07:58 -07:00
Joe Beda ccfdf14097 Merge pull request #1155 from derekwaynecarr/improve_vagrant_startup 
Improve kube-up to validate salt provisioned each machine
 2014-09-04 13:39:34 -07:00
Joe Beda c47b405841 Use KUBECFG instead of CLOUDCFG in scripts 2014-09-04 13:25:39 -07:00
Brendan Burns 4a934427db Exclude vendored etcd. 2014-09-04 12:05:34 -07:00
Brendan Burns 3864cf453a Fix travis and cluster installs. 2014-09-04 10:31:09 -07:00
derekwaynecarr 4b4be926f5 Improve kube-up to validate salt provisioned 2014-09-03 16:36:21 -05:00
Joe Beda 847c87faa8 Fix docker start after minion reboot on GCE/debian 
Uncomment docker service state as it should no longer be affected by race bug in docker init.d start script.  Also make sure that the docker service state depends on the cbr state.

Fixes #802
 2014-09-03 11:11:28 -07:00
Ryan Richard 58b9b2fb88 switch kubelets to connect to etcd on cloud network 
Previously we were connecting across the public interfaces. This will connect across eth2 and send communication over a private network.
 2014-09-02 19:05:57 -05:00
Ryan Richard 0fed66a667 add sanity checking steps and fix KUBE_MASTER_IP 2014-09-02 19:05:56 -05:00
Ryan Richard 0b50244c72 workaround lack of jinja2.7 support 2014-09-02 19:05:56 -05:00
Carlos Sanchez 588a428175 [GCE] detect-master and detect-minions api calls should specify the zone 
Otherwise KUBE_MASTER_IP and KUBE_MINION_IP_ADDRESSES may contain 'external-ip'

    $ detect-master
    Using master: kubernetes-master (external IP: external-ip)'
 2014-09-02 13:47:26 +02:00
Filipe Brandenburger 54b2ed0078 Suppress non-error output of `systemctl enable` 
The `systemctl enable` command ordinarily prints the `ln` command used
to enable the unit to stderr, but that's not ideal in the vagrant setup
because it gets printed in red, which should be reserved for errors, but
it's not a real error.

Set an environment variable to raise the log level to prevent `info`
messages from being printed to stderr (as they are not actually errors.)

I looked into the `systemctl` calls happening from the Salt setup script
to understand why they were not going to stderr, and it turns out the
Salt script will redirect all messages to stdout so they will all be
green regardless...

Tested:
- Started a fresh Vagrant cluster, confirmed no red messages in output
  when creating the cluster successfully. Successfully started nginx
  through Kubernetes using cluster/kubecfg.sh.
- Confirmed that the salt-api service was up after `vagrant up`:
  $ vagrant ssh master -c 'systemctl status salt-api.service'
  salt-api.service - The Salt API
     Loaded: loaded (/usr/lib/systemd/system/salt-api.service; enabled)
     Active: active (running) since Fri 2014-08-29 23:19:47 UTC; 11min ago
   Main PID: 2090 (salt-api)
     CGroup: /system.slice/salt-api.service
             +-2090 /usr/bin/python /usr/bin/salt-api
             +-2110 /usr/bin/python /usr/bin/salt-api

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
 2014-08-29 16:44:05 -07:00
Joe Beda 843ae1fbe2 Rename `output/` directory to `_output/` 
go build ./... will ignore any directory starting with an underscore.
 2014-08-29 14:44:55 -07:00
Filipe Brandenburger c5520dd39d Remove workaround for salt-minion startup in vagrant/provision-minion.sh 
The workaround was not needed, as salt-minion was always correctly
started in the Vagrant minion setup.

The issue reported in #270 was clearly specific do System V style init
scripts and will not affect systemd.

Also remove the inaccurate comment from provision-master.sh, since -X
was not even really in use there.

Tested:
- Performed 3 full `vagrant up` and `vagrant destroy -f` cycles with at
  least 3 minions and up to 6 minions in one case. Checked that
  salt-minion was up in each of the minions using a `systemctl status
  salt-minion` command.
- Started nginx on the cluster using cluster/kubecfg.sh, confirmed it
  was up with `list /pods` and confirmed it was reachable using wget on
  port 8080 of the minions.

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
 2014-08-29 08:50:10 -07:00
Daniel Smith 93818a9ce0 Merge pull request #1095 from dchen1107/cleanup 
Fixed kubelet /healthz by using healthz package
 2014-08-28 17:25:56 -07:00
Joe Beda 2ac0770694 Make salt configs work with Jinja 2.6. 
Fixes #1089
 2014-08-28 16:54:14 -07:00
Dawn Chen 223fb6e610 Fixed kubelet /healthz by using healthz package 
Fixed #1094
 2014-08-28 15:34:39 -07:00
Clayton Coleman 2f74a15a7b Merge pull request #1080 from filbranden/vagrant_salt_master1 
Fix `which salt-master` warning in Vagrant startup
 2014-08-28 13:17:34 -04:00
Ryan Richard 2565164a8d Add Rackspace support for dev-build-and-up 2014-08-28 10:36:58 -05:00
Filipe Brandenburger 86c1ddc121 Fix `which salt-master` warning in Vagrant startup 
The `which` command in Fedora 20 (differently from the one in Debian)
prints to stderr when the binary is not found. Redirect both stdout and
stderr to /dev/null to prevent messages from being printed by `which`.

Check whether the binary exists or not by the exit status of `which`
(non-zero means the binary does not exist) instead of checking for empty
output.

Tested:
- Started a Vagrant cluster with `vagrant up` and confirmed these
  messages were gone. Checked master and minions for Kubernetes
  components using the systemd status commands.
- Confirmed that the same error message for salt-minion is also
  suppressed from the output with this patch.

Fixes: Issue #1079

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
 2014-08-27 23:15:08 -07:00
Clayton Coleman f5a835b067 Merge pull request #978 from rajatchopra/podnet 
Add IP per pod with Open vSwitch in Vagrant
 2014-08-26 19:29:42 -04:00
Joe Beda 5722eba780 Propagate version info into salt config and use to build. 
Fixes #1043.
 2014-08-26 16:17:06 -07:00
Rajat Chopra a0b88e2f2d add test to check minion to master reachability; logfiling and some cosmetification. 2014-08-26 12:52:02 -07:00
Rajat Chopra 2dd57898d4 add ip per pod across vagrant minions 2014-08-26 11:29:35 -07:00
Joe Beda 831a0d7e50 Merge pull request #1027 from MSOpenTech/azure-scripts 
Add salt configuration for openvpn for use on Azure.
 2014-08-26 11:04:03 -07:00
brendandburns 8a8e124d0d Merge pull request #1034 from jbeda/vagrant-auth 
Hard code auth for vagrant.
 2014-08-25 21:13:38 -07:00
Joe Beda 9a2e867350 Hard code auth for vagrant. 
This simplifies things when switching between providers.  Fixes #1033.
 2014-08-25 16:47:42 -07:00
Jeff Mendoza adace2ccf5 Remove commented lines from openvpn config files. 2014-08-25 16:29:32 -07:00
Pieter Noordhuis 65bb90ffef Update apiserver defaults template 
Set "cloud" grain to "vsphere".

The "minion_ips" grain doesn't seem to be used anymore.
 2014-08-25 15:20:19 -07:00
Jeff Mendoza 13989794f8 Add salt configuration for openvpn for use on Azure. 
Sets up openvpn for container to container communication. Azure
deploy scripts create certs used for openvpn conneciton. Salt
installs and configures openvpn.
 2014-08-25 14:56:54 -07:00
Joe Beda 3af9655c36 Merge pull request #1011 from pietern/vsphere-squash 
Deploy k8s to vSphere
 2014-08-25 11:50:00 -07:00
Pieter Noordhuis 181337137d Implement kube-up for vsphere 2014-08-25 11:17:48 -07:00
Pieter Noordhuis 7cf48d81b6 Remove unused env vars 2014-08-25 11:17:33 -07:00
Pieter Noordhuis c535d6d30b Incorporate comments 2014-08-25 10:01:25 -07:00
Pieter Noordhuis ad7f131a5b Deploy k8s to vSphere 2014-08-24 20:27:05 -07:00
Jeff Mendoza d8d09ace41 Refactor Azure deploy scripts. 
Refactored to work with cluster/* scripts which require
actions to be defined as methods in cluster/azure/util.sh
 2014-08-22 15:48:06 -07:00
Clayton Coleman 1c68247954 Merge pull request #909 from lavalamp/scheduler3 
Scheduler plugin v1
 2014-08-21 19:04:51 -04:00
derekwaynecarr a6e87e786d Fix logic errors in validate cluster and make it work for vagrant again 2014-08-21 10:58:09 -04:00
Brendan Burns 514f443854 Move healthz checking to cluster validation. Switch to code == 200 2014-08-20 15:52:29 -07:00
Daniel Smith 79f60da6c4 add salt files to make scheduler run 2014-08-20 15:32:49 -07:00
Tim Hockin 7c7273eed3 Merge pull request #884 from eflynn/patch-1 
Remove duplicate shebang
 2014-08-20 08:18:49 -07:00
Brendan Burns aa9d0d774c Uniquify the http firewall rule between different runs of the e2e tests. 2014-08-19 16:35:11 -07:00
Daniel Smith 9bafb8c541 Merge pull request #957 from brendandburns/shell_sucks 
Add quotes to preserve more sane quoting in what we pass through.
 2014-08-19 16:23:50 -07:00
Brendan Burns 3c5d2c0846 Add quotes to preserve more sane quoting in what we pass through. 2014-08-19 14:47:24 -07:00
Brendan Burns dc1de2bc0e Remove a duplicate flag. 2014-08-19 09:48:41 -07:00
brendandburns bd53643647 Merge pull request #851 from derekwaynecarr/cloud_provider 
Vagrant supports a cloud provider
 2014-08-18 18:23:49 -07:00
brendandburns 2d84987c11 Merge pull request #885 from thockin/net 
Proper ip-per-pod on GCE.
 2014-08-18 18:22:05 -07:00
Brendan Burns a779102924 Fix the installation of nsinit 2014-08-18 16:40:12 -07:00
Tim Hockin e472752ff9 Merge pull request #875 from brendandburns/exec 
Add a in container exec based health check.
 2014-08-18 12:19:22 -07:00
Brendan Burns 0caae9c1d4 Add a in container exec based health check. 2014-08-18 12:00:11 -07:00
derekwaynecarr 8df21b84a1 Add vagrant cloudprovider 2014-08-18 14:30:31 -04:00
Daniel Smith 82d1f8d4f6 Merge pull request #932 from derekwaynecarr/issue_923 
Revert to latest salt bootstrap and force SSL
 2014-08-18 10:14:23 -07:00
derekwaynecarr 967c2552e7 Revert to latest salt bootstrap and force SSL 2014-08-18 11:39:23 -04:00
Manuel Amador (Rudd-O) 7b2d0d29e4 Please set up SaltStack using SSL. MITM is a thing these days. 2014-08-18 00:10:43 -07:00
Tim Hockin 03ade159c3 Proper ip-per-pod on GCE. 
Back out the second iptables rule, now that we know what the problem was - we
need to open a firewal rule on each minion.
 2014-08-15 15:54:20 -07:00
Brendan Burns 0fda53ea1c Remove a print that is confusing jq in the e2e tests. 2014-08-14 16:31:52 -07:00
brendandburns bf7f8a2297 Merge pull request #867 from derekwaynecarr/apiserver_loopback 
Vagrant: apiserver doesn't bind to 127.0.0.1, inaccessible through master nginx
 2014-08-14 14:35:49 -07:00
brendandburns 25352c56d9 Merge pull request #886 from brendandburns/shell_sucks 
Fix kubecfg.sh
 2014-08-14 14:33:43 -07:00
Joe Beda 629f964791 Fix e2e teardown 2014-08-14 13:57:50 -07:00
Daniel Smith 43e1c14e8b Merge pull request #892 from brendandburns/teardown 
Add a teardown option to the e2e, that just tears down the cluster, also make gce teardown synchronous.
 2014-08-14 10:11:13 -07:00
Brendan Burns 9f49650fba Add a tear down option to the e2e, that just tears down the cluster 
Useful for cleaning state after failed runs.
 2014-08-14 09:58:40 -07:00
derekwaynecarr 10be80295c apiserver listen on 0.0.0.0 in vagrant 2014-08-14 10:02:04 -04:00
Joe Beda 70c6c75ae3 Fix release and salt scripts for godep 2014-08-13 15:57:41 -07:00
Brendan Burns 34b240f17a Fix kubecfg.sh 2014-08-13 14:11:43 -07:00
Evan Flynn 7839033588 Remove duplicate shebang 2014-08-13 15:44:21 -04:00
Brendan Burns 5d0291ae0e Fix kubecfg.sh 2014-08-12 16:46:34 -07:00
derekwaynecarr 7db42a7b73 Fix nsinit on Vagrant 2014-08-12 16:35:01 -04:00
derekwaynecarr ba7345d967 Do not always look for latest pkg 2014-08-12 16:10:59 -04:00
derekwaynecarr fea7b61b81 Add local scripts, simplify kubecfg.sh 2014-08-11 13:02:52 -04:00
derekwaynecarr c8c5435656 Enforce --address flag is set on all Linux flavors 2014-08-07 17:54:49 -05:00
Tim Hockin 7e9c142392 Remove duplicate -config param 
This is duplicated in cluster/saltbase/salt/kubelet/default
cluster/saltbase/salt/kubelet/initd
 2014-08-07 10:53:08 -07:00
Victor Marmol c501e09d14 Merge pull request #820 from brendandburns/nsenter 
Install nsinit that is vendored into docker.
 2014-08-07 08:36:49 -07:00
Clayton Coleman 4123a44653 Merge pull request #819 from thockin/restarts 
Disable docker restarts, for now
 2014-08-07 10:41:56 -04:00
Brendan Burns 22586c87fe Install nsinit that is vendored into docker. 2014-08-06 22:45:18 -07:00
Tim Hockin 92f13ceb52 Disable docker restarts, for now 
If the docker daemon goes down and comes up, it will try to restart
containers.  This will race with our own restart loop.  Only one loop should
be controlling restarts, probably.
 2014-08-06 22:41:09 -07:00
brendandburns 71bfa4cd74 Merge pull request #810 from derekwaynecarr/less_verbose 
Run go-build on each kubepush and vagrant log only states that change or error to improve readability
 2014-08-06 22:41:09 -07:00
Tim Hockin b0ffa8c8f6 Set kubelet -address flag to 0.0.0.0 via salt 
Currently it binds to the eth0 IP only, this includes localhost.  The flag
default is localhost only, but we need it looser than that.
 2014-08-06 18:11:35 -07:00