When we spit out a http reponse with a `0` http status code we
should log a trace back so we can easily find where things went wrong.
Change-Id: Ic2aadec3a3de85fbdf64da66d6d12e3c631f409d
The k/k top level OWNERS_ALIASES entry for milestone-maintainers
is unused. Currently everything around milestone maintanence
continues to happen via the kubernetes-milestone-maintainers GitHub
group (see: https://github.com/kubernetes/sig-release/issues/241 for
similar cleaning up effort there). The hope is in the future this will
move to in repo yaml and Peribolos, but in the meantime this duplicated
and unused list only adds to confusion.
Signed-off-by: Tim Pepper <tpepper@vmware.com>
Used T.Run API for kubeadm tests in app/phases/selfhosting and
app/phases/update directories
This should improve testing output and make it more visible
which test is doing what.
When we are running apiserver related code, we do not currently capture
the logs from `httplog.NewLogged` and `trace.LogIfLong` since the
default log verbosity is not set. So just make sure we have a minimum
verbosity set in these circumstance.
Change-Id: I64a30029778615e679b244ddba801833218d1573
AWS Network Load Balancer recently got support for cross-zone load balancing.
Use the existing `service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled`
annotation to configure it.
Selfhosting pivoting fails when using --store-certs-in-secrets
as api-server fails to start because of missing etcd/ca and
apiserver-etcd-client certificates:
F1227 16:01:52.237352 1 storage_decorator.go:57] Unable to create storage backend:
config (&{ /registry [https://127.0.0.1:2379]
/etc/kubernetes/pki/apiserver-etcd-client.key
/etc/kubernetes/pki/apiserver-etcd-client.crt
/etc/kubernetes/pki/etcd/ca.crt true 0xc000884120 <nil> 5m0s 1m0s}),
err (open /etc/kubernetes/pki/apiserver-etcd-client.crt: no such file or directory)
Added required certificates to fix this.
Secret name for etc/ca certifcate has been converted to conform RFC-1123 subdomain
naming conventions to prevent this TLS secret creation failure:
unable to create secret: Secret "etcd/ca" is invalid: metadata.name:
Invalid value: "etcd/ca": a DNS-1123 subdomain must consist of lower
case alphanumeric characters, '-' or '.', and must start and end with an
alphanumeric character (e.g. 'example.com', regex used for validation is
'[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')
Related issue: kubernetes/kubeadm#1281
Kubernetes Prow Robot