github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
76,420 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

1876 Commits (9422d1d788b142f6bf1b7593c793b49c0e64b243)

Author SHA1 Message Date
Tim Hockin f66ca25d9f Rename AccessMode to PersistentVolumeAccessMode 2015-05-18 17:21:30 -07:00
Daniel Smith 5e056f119d Merge pull request #6694 from bprashanth/bench 
Add a simple master benchmark and a wrapper to run it.
 2015-05-18 14:42:24 -07:00
Victor Marmol 45874d5f76 Merge pull request #5547 from gmarek/client3 
Add a resource specifying number of Pods that are allowed to run on Kubelet.
 2015-05-18 11:11:43 -07:00
Clayton Coleman 3b10d82864 Merge pull request #8391 from liggitt/etcd_token_lookup 
Make serviceaccount/token lookup more flexible
 2015-05-18 11:08:30 -04:00
Jordan Liggitt d90e7409e4 Prevent auth recursion for service account tokens 2015-05-16 23:39:07 -04:00
Jordan Liggitt 7e9281fc39 Allow ServiceAccountsController to manage multiple named service accounts 2015-05-15 23:42:00 -04:00
Prashanth Balasubramanian 4200033c0a Add a simple master benchmark and a wrapper to run it. 2015-05-15 17:30:17 -07:00
gmarek 27d660d0ac Add a resource specifying number of Pods that are allowed to run on Kubelet. 2015-05-15 10:57:46 +02:00
markturansky 0191574f7e Bi-directional bind between pv.Spec.ClaimRef and pvc.Spec.VolumeName 2015-05-13 14:05:21 -04:00
Jordan Liggitt 92bd58ede6 ServiceAccount e2e/integration tests 2015-05-11 17:18:06 -04:00
Clayton Coleman 8755ea8ec9 Merge pull request #7704 from smarterclayton/parallel_allocator 
Use etcd to allocate PortalIPs instead of in-mem
 2015-05-11 09:56:10 -04:00
Wojciech Tyczynski 9b6ef98469 Merge pull request #8035 from shawnps/patch-9 
Fix Sprintf verb
 2015-05-11 12:43:01 +02:00
Shawn Smith 5d5c660f4b Add missing Errorf formatting directives 2015-05-10 13:25:14 +09:00
Shawn Smith 5b0d4d72ba Fix Sprintf verb 2015-05-10 13:22:18 +09:00
Clayton Coleman 5bcb96dae1 Separate out the master's control loops 
These are "Bootstrap Controllers" as distinct from
the controllers in the controller-manager binary - they
are necessary for the cluster to start running.
 2015-05-08 16:04:03 -04:00
Clayton Coleman e200d5a317 Make PortalIP alloc HA 
* Add an allocator which saves state in etcd
* Perform PortalIP allocation check on startup and periodically afterwards

Also expose methods in master for downstream components to handle IP allocation
/ master registration themselves.
 2015-05-08 13:34:16 -04:00
Daniel Smith 6ab51f3bc0 Merge pull request #7668 from bprashanth/scheduling_minions 
Scheduler ignores nodes that are in a bad state
 2015-05-07 10:58:02 -07:00
Prashanth Balasubramanian 4b0607cf0b Scheduler ignored nodes with unknown condition status 2015-05-06 18:32:52 -07:00
Karl Beecher 0473f652fd Add startup code to apiserver to migrate etcd keys 
Refs: #3476
 2015-05-05 12:28:14 +02:00
Clayton Coleman c8e0f4d2ae Metrics tests can't run on Mac 2015-05-04 14:57:43 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Piotr Szczesniak 11a2dc496f Added TerminationGracePeriod field to PodSpec and grace-period flag to kubectl stop 
Those are changes which touch users required by Termination Notice

Addresses #6804
 2015-04-30 18:00:33 +02:00
nikhiljindal f864195a5b Returning 404 on invalid server URL 2015-04-27 16:15:52 -07:00
Daniel Smith 83093af8b0 Merge pull request #5707 from endocode/kbeecher/etcd_prefix 
Adds ability to define a prefix for etcd paths
 2015-04-27 13:37:43 -07:00
markturansky a04420e548 Added pending phase for volumes. added defaults for PV/PVC. refactored to better phase transitioning in control loops 2015-04-27 12:05:12 -04:00
markturansky 37d7f3f4f1 Added integration test, fixed a validation issue 2015-04-27 12:05:12 -04:00
Karl Beecher a7623ca6cc Adds ability to define a prefix for etcd paths 
The API server can be supplied (via a command line flag) with a custom
prefix that is prepended to etcd resources paths.

Refs: #3476
 2015-04-24 12:12:39 +02:00
nikhiljindal dcc368c781 Removing more references to v1beta1 from pkg/ 2015-04-24 00:45:17 -07:00
Daniel Smith 2fa3ae9f15 fix watch of single object 2015-04-23 16:02:22 -07:00
Zach Loafman 7e875a0f1c Merge pull request #7167 from pmorie/typo 
Fix typo in secrets integration test
 2015-04-22 09:17:11 -07:00
Paul Morie d381db1778 Fix typo in secrets integration test 2015-04-22 10:54:54 -04:00
Ravi Gadde bf8f258471 Added field selector for listing pods. 2015-04-21 06:33:28 -07:00
Masahiro Sano f90dc8f413 use Watch for single object instead of WatchList 2015-04-21 08:00:52 +09:00
Wojciech Tyczynski 329d41828f Integration tests for unschedulable nodes. 2015-04-20 12:53:40 +02:00
Alex Robinson fe262c0d98 Add an integration test that checks for the metrics we expect to be exported 
from the master.
 2015-04-17 19:31:23 +00:00
nikhiljindal 8874ef9c06 Updating test/integration to use testapi.Version everywhere 2015-04-15 00:00:17 -07:00
Sam Ghods 2c977db1b3 Implement Strategic Merge Patch in apiserver 2015-04-03 11:51:02 -07:00
Dawn Chen 6ac59c8969 Merge pull request #6257 from lavalamp/fix6 
Add a test verifying that etcd watches work even when there's a bunch of unrelated changes
 2015-04-02 14:00:20 -07:00
Daniel Smith a3276577d8 Demonstration of etcd watch problem 2015-04-02 13:41:41 -07:00
Piotr Szczesniak 5c6439d449 Removed PodStatus.Host 
Fixes #6165
 2015-04-02 16:38:45 +02:00
nikhiljindal 478b7d5edf Repurposing enableV1beta3 to disableV1beta3 in master config to enable v1beta3 by default 2015-03-30 11:50:10 -07:00
Quinton Hoole c8f6761fe9 Merge pull request #5686 from erictune/security-roadmap 
Added integration test of secrets.
 2015-03-26 11:16:00 -07:00
Rohit Jnagal 49ff04765b Add validation for node creation. 2015-03-25 21:55:03 +00:00
Eric Tune ce05702136 Added integration test of secrets. 
Tests apiserver side functionality.

Also deleted dead code in auth_test.go.
 2015-03-25 12:37:47 -07:00
Masahiro Sano 7c5481c11a return 200 instead 409 Conflict 2015-03-26 02:44:43 +09:00
Masahiro Sano 410e11c305 port endpoints to generic etcd 2015-03-25 22:15:19 +09:00
Clayton Coleman 1b1866d836 Invalid JSON in examples and tests 2015-03-20 00:02:03 -04:00
Clayton Coleman 428d2263e5 Graceful deletion of resources 
This commit adds support to core resources to enable deferred deletion
of resources.  Clients may optionally specify a time period after which
resources must be deleted via an object sent with their DELETE. That
object may define an optional grace period in seconds, or allow the
default "preferred" value for a resource to be used. Once the object
is marked as pending deletion, the deletionTimestamp field will be set
and an etcd TTL will be in place.

Clients should assume resources that have deletionTimestamp set will
be deleted at some point in the future.  Other changes will come later
to enable graceful deletion on a per resource basis.
 2015-03-19 15:33:32 -04:00
nikhiljindal 7e36bbab3c Updating integration tests to test both API versions - v1beta1 and 3 2015-03-18 15:24:11 -07:00
Clayton Coleman bddef32193 Prepare EtcdHelper to extract more data from Node 
In order to support graceful deletion, the resource object will
need access to the TTL value in etcd.  Also, in the future we
may want to get the creation index (distinct from modifiedindex)
and expose it to clients.  Change EtcdResourceVersioner to be
more type specific (objects vs lists) and provide a default
implementation that relies on the internal API convention.

Also, rename etcd_tools.go to etcd_helper.go and split a few
things up.
 2015-03-16 15:33:50 -04:00
Timothy St. Clair 7eebf674d4 Update to option enable profiling on the master daemon processes. 
--profiling=true , default is false
 2015-03-13 10:45:01 -05:00
Mike Danese 46ec580771 add PATCH to apiserver 2015-03-10 10:56:15 -07:00
Mike Danese e1ca63f569 SetObj and CreateObj optionally accept an object to fill with the result of the get 2015-03-04 10:38:42 -08:00
Mike Danese 9ae18cc96e Only log on failing cases in auth integration test 2015-03-03 10:26:00 -08:00
Clayton Coleman 26f08b7807 RESTStorage should not need to know about async behavior 
Also make sure all POST operations return 201 by default.
Removes the remainder of the asych logic in RESTStorage and
leaves it up to the API server to expose that behavior.
 2015-02-11 16:26:08 -05:00
Clayton Coleman d167c11b59 Remove layers of indirection between apiinstaller and resthandler 
Make the RESTHandler feel more go-restful, set the stage for adding
new types of subresource collections.
 2015-02-11 16:26:06 -05:00
saadali a41f520bf0 Add "Update Event" to Kubernetes API 2015-02-05 00:07:51 -08:00
deads2k 8a2fe9bd2b modify policy to correctly identify resource versus kind 2015-02-04 13:36:01 -05:00
nikhiljindal 18609e1706 Moving /watch, /proxy and /redirect registration to go-restful 2015-02-03 15:47:48 -08:00
Alex Robinson 9992abdfcf Merge pull request #3997 from smarterclayton/make_master_index_optional 
Make master index optional when master is used in other contexts
 2015-02-02 12:45:18 -08:00
Clayton Coleman 5603714df8 Use name generation on pods via replication controllers 
The generated name is '<controllerName>-%s', unless controllerName-
would be long enough to cause a validation error.
 2015-02-02 14:44:53 -05:00
Alex Robinson 7868fe468e Merge pull request #3618 from saad-ali/fix2410 
Make master service IP static (no longer randomly assigned)
 2015-02-02 11:05:58 -08:00
derekwaynecarr d3579f0de0 Fix integration test to return 404 where a resource is not even supported 2015-02-02 10:26:19 -05:00
Clayton Coleman 42175b433a Make master index optional when master is used in other contexts 
OpenShift provides a default URL at the root that shows the UI. The
provided flag makes loading the index handler optional for now.
 2015-01-30 22:19:55 -05:00
saadali e83fd7b8e7 Make master service IP static (no longer randomly assigned) 2015-01-30 16:07:19 -08:00
Deyuan Deng c793c4f0ab Sync node status from node controller to master. 2015-01-29 23:17:15 -05:00
Tim Hockin d01ea11a6e Merge pull request #3856 from smarterclayton/validation_logic_needs_cleanup 
Validation of ObjectMeta is inconsistently applied
 2015-01-29 14:12:44 -08:00
nikhiljindal 521728e920 Deleting OperationHandler for handling /operation endpoint on server 2015-01-28 13:13:10 -08:00
Clayton Coleman a0356bca96 Unify validation logic for create and update paths 
Ensure ObjectMeta is consistently validated on both create and update

Make PortalIP uncleareable
 2015-01-28 13:10:37 -05:00
nikhiljindal de60600608 Making all operations synchronous 2015-01-27 18:47:56 -08:00
Clayton Coleman 455bc17616 Some actions now return 405 in integration auth_test.go 2015-01-12 12:56:01 -05:00
derekwaynecarr a56087cdf8 Remove client from attributes, remove admission control interface, fix-up error codes 2015-01-07 14:42:31 -05:00
derekwaynecarr 1e2b995a79 Fix admission control in tests 2015-01-07 14:42:31 -05:00
Eric Tune 029a9b6400 Remove whoami handler. 
This was a temporary thing.  Not aware of anyone using it.
 2014-12-11 21:31:06 -08:00
Clayton Coleman d0087dfe62 Integration tests don't initialize with a client 
Result is a 500 error if the client object is used
 2014-12-10 12:08:18 -05:00
Tim Hockin ff8c5f9415 Add a Detail field to Validation Error 2014-11-24 17:28:42 -08:00
Brendan Burns e1872b9bb3 Revert part of #2512, shot in the dark that it will fix integration tests 2014-11-20 21:56:06 -08:00
Tim Hockin 95a9098311 fix 'go vet' warnings 2014-11-21 09:45:28 +08:00
Jordan Liggitt c895331277 Make master take authenticator.Request interface instead of tokenfile 2014-11-19 15:07:51 -05:00
markturansky 8af4ccb111 v1beta3 Pod refactor 2014-11-18 09:25:42 -05:00
Deyuan Deng c20ceea170 Add more validation for updating node. 2014-11-17 13:42:31 -05:00
Deyuan Deng cc310e0e71 Support node label update. 2014-11-17 13:42:31 -05:00
Daniel Smith 9430bb38b8 Merge pull request #2282 from bgrant0607/docgen 
Automatic API generation via go-restful
 2014-11-14 13:12:25 -08:00
Daniel Smith de75e5a9bb Fix server-side namespace handling for events; add validation 2014-11-14 09:43:28 -08:00
Brian Grant 7583e1a643 Automatic API generation by adopting go-restful 2014-11-14 16:49:19 +00:00
Eric Tune 913cbd0fd1 Make deletes synchronous to avoid 202. 
Also, get some POSTs I missed the last time.
 2014-11-06 16:48:56 -08:00
Eric Tune f739103de9 POST synchronously so following GET will succeed. 
Should reduce flakiness of this test.
 2014-11-05 21:40:27 -08:00
Eric Tune 6e81e8c896 Basic ACL file. 
Added function to read basic ACL from a CSV file.
Added implementation of Authorize based on that file's policies.
Added docs on authentication and authorization.
Added example file and tested it.
 2014-11-05 16:06:22 -08:00
Daniel Smith c971763be2 Add anon. functions so that defers are executed where expected. 2014-11-05 14:42:37 -08:00
Daniel Smith 78d0e74b20 Clean up auth test slightly 2014-11-05 14:31:18 -08:00
Eric Tune 1668c6f107 Authorization based on namespace, kind, readonly. 
Also, pass Authorizer into master.Config.
 2014-11-03 17:45:15 -08:00
Eric Tune 3045035512 Get user from request and put in authz attribs. 
Added integration tests for user-based auth.
 2014-11-03 16:38:56 -08:00
Eric Tune 795bc7f976 Require a KubeletClient in master.New(). 
Without this, tests which create a master
will panic with a nil pointer when the periodic
podCache update runs.

Deleted unused FakePodInfoGetter.
Added FakeKubeletClient.
Passed to master.New.
Required a KubeletClient in master.New.
 2014-11-03 16:09:41 -08:00
Dawn Chen cccf98cd61 Fix TestAuthModeAlwaysAllow. 
Fix #2137
 2014-11-03 09:46:45 -08:00
Eric Tune 4b74be0f06 Improve integration test 
Use some constants for tokens.
Refactor tokenfile creation to function.
Reorder some test cases to make lookups follow creates so they succeed.
Add expected status code to test cases (some are not quite what expected,
so filed bugs #2112, #2113, #2114)
Check expected status codes.
Close Body after each iterations so that we don't run out of file handles
  when I add even more test cases in the next PR.
Handle that it is unpredictable whether status 200 or 202 is returned.
 2014-11-02 16:31:20 -08:00
Eric Tune 55c2d6bbbb Add basic Authorization. 
Added basic interface for authorizer implementations.
Added default "authorize everything" and "authorize nothing
implementations.
Added authorization check immediately after authentication check.
Added an integration test of authorization at the HTTP level of
abstraction.
 2014-10-31 12:04:33 -07:00
Deyuan Deng acf9d23b32 Stop httptest server. 2014-10-30 21:37:08 -04:00
Eric Tune 9713b58caa Allocate mux in master.New() 
Callsites no longer allocate a mux.
Master now exposes method to install handlers
which use the master's auth code.  Not used
but forks (openshift) are expected to use these
methods.  These methods will later be a point
for additional plug-in functionality.
Integration tests now use the master-provided
handler which has auth, rather than using the mux,
which didn't.  Fix TestWhoAmI now that /_whoami
sits behind auth.
 2014-10-29 14:31:07 -07:00
Daniel Smith 070c6c0440 Fix missing portalNets in tests once and for all by adding a default. 2014-10-29 12:27:35 -07:00
Daniel Smith 35bd8d4a11 Add e2e and integration tests. 2014-10-29 11:29:57 -07:00
Eric Tune f7ebc7d0d5 Added /_whoami and integration test for auth(z|n) 
Added new endpoint /_whoami for debugging authentication.
Added integration test which checks that a user is authenticated
using token authentication.
Rearranged initialization of authenticator to support preceeding.
 2014-10-28 09:33:45 -07:00
Eric Tune 40a5ca034d Integration test on master, not just apiserver. 
Moved code from cmd/apiserver to pkg/master.

test/integration/client_test made to use a master object,
instead of an apiserver.Handle.

Subsequent PRs will move more handler-installation into
pkg/master, with the goal that every http.Handler of a
standalone apiserver process can also be tested
in a "testing"-style go test.

In particular, a subsequent PR will test
authorization.
 2014-10-27 09:14:58 -07:00
derekwaynecarr ce30b2657a Fix integration tests 2014-10-24 11:49:04 -04:00
Clayton Coleman 644eb70085 Refactor tests to split ObjectMeta from TypeMeta 2014-10-24 11:22:21 -04:00
Clayton Coleman bb77a5d15f Rename ID -> Name 2014-10-22 15:00:26 -04:00
Daniel Smith 5d24820dd5 Merge pull request #1464 from hmrm/add-etcd-config 
Allow etcd config file to be passed to apiserver, kubelet, and proxy
 2014-10-08 16:29:46 -07:00
Clayton Coleman 82bcdd3b3b Make ResourceVersion a string internally instead of uint64 
Allows us to define different watch versioning regimes in the future
as well as to encode information with the resource version.

This changes /watch/resources?resourceVersion=3 to start the watch at
4 instead of 3, which means clients can read a resource version and
then send it back to the server. Clients should no longer do math on
resource versions.
 2014-10-07 19:00:26 -04:00
Haney Maxwell 4d87159eda Allow etcd config file to be passed to apiserver, kubelet, and proxy 2014-10-07 14:25:54 -07:00
Clayton Coleman d3e51a0f24 Rename JSONBase -> TypeMeta in preparation for v1beta3 
Will make subsequent refactor much easier
 2014-10-07 11:12:16 -04:00
derekwaynecarr 0a290506c2 Fix integration tests 2014-10-02 12:56:42 -04:00
Clayton Coleman ff2eca97d9 Refactor the client (again) to better support auth 
* Allows consumers to provide their own transports for common cases.
* Supports KUBE_API_VERSION on test cases for controlling which
  api version they test against
* Provides a common flag registration method for CLIs that need
  to connect to an API server (to avoid duplicating flags)
* Ensures errors are properly returned by the server
* Add a Context field to client.Config
 2014-10-01 15:23:37 -04:00
derekwaynecarr de1f94cbc7 Fix integration test 2014-09-30 14:31:17 -04:00
Daniel Smith 37e505601e add self linking to apiserver 2014-09-26 15:08:02 -07:00
Daniel Smith f211e46f20 handle watch errors everywhere 2014-09-22 17:37:12 -07:00
Clayton Coleman 5483333e29 Allow server and client to take api version as argument 
* Defaults to v1beta1
* apiserver takes -storage_version which controls etcd storage version
  and the version of the client used to connect to other apiservers
* Changed signature of client.New to add version parameter
* All controller code and component code prefers the oldest (most common)
  server version
 2014-09-18 23:27:28 -04:00
Clayton Coleman 61e3ce7ddc Make runtime less global for Codec 
* Make Codec separate from Scheme
* Move EncodeOrDie off Scheme to take a Codec
* Make Copy work without a Codec
* Create a "latest" package that imports all versions and
  sets global defaults for "most recent encoding"
  * v1beta1 is the current "latest", v1beta2 exists
  * Kill DefaultCodec, replace it with "latest.Codec"
  * This updates the client and etcd to store the latest known version
* EmbeddedObject is per schema and per package now
* Move runtime.DefaultScheme to api.Scheme
* Split out WatchEvent since it's not an API object today, treat it
like a special object in api
* Kill DefaultResourceVersioner, instead place it on "latest" (as the
  package that understands all packages)
* Move objDiff to runtime.ObjectDiff
 2014-09-16 16:26:43 -04:00
Clayton Coleman 154a91cd33 Rename runtime.DefaultScheme to latest.Codec for ease of readability 2014-09-16 16:19:35 -04:00
Clayton Coleman fe614aeda2 Simple refactor for ease of readability 
runtime.DefaultCodec -> latest.Codec
 2014-09-16 16:12:35 -04:00
Daniel Smith fc09f988b4 Make tests pass again 2014-09-07 22:26:42 -07:00
Daniel Smith 1c2b65788d Rename Codec and ResourceVersioner to add Default in front, to allow for types of those names 2014-09-07 22:19:24 -07:00
Daniel Smith a63966e73c Combine pkg/apitools and pkg/api/common and call the result pkg/runtime 2014-09-02 11:15:44 -07:00
Daniel Smith 099c8fd36f Propagate rename; tests pass again. 2014-09-02 10:42:06 -07:00
Clayton Coleman 818f357128 Client should validate the incoming host value 
Convert host:port and URLs passed to client.New() into the proper
values, and return an error if the value is invalid.  Change CLI
to return an error if -master is invalid.  Remove Client.rawRequest
which was not in use, and fix the involved tests. Add NewOrDie

Preserves the behavior of the client to not auth when a non-https
URL is passed (although in the future this should be corrected).
 2014-08-28 13:47:36 -04:00
Clayton Coleman 47c7c83dad Add a client integration trip that creates a pod 2014-08-28 09:59:11 -04:00
Daniel Smith 6b69ed402b Change 'sendCreate' to 'sendAdd'; integration passes. 2014-08-25 15:56:55 -07:00
Clayton Coleman b037989478 Add an integration test for etcd 2014-08-23 11:44:21 -04:00