github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
17,575 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

570 Commits (a2f9957745a53c2944ec1d54a9350effff0c389a)

Author SHA1 Message Date
Jeff Lowdermilk 553f9f822b Add ga-beacon analytics to gendocs scripts 
hack/run-gendocs.sh puts ga-beacon analytics link into all md files,
hack/verify-gendocs.sh verifies presence of link.
 2015-05-15 18:56:38 -07:00
Daniel Smith ce4b54ec70 Merge pull request #8209 from krousey/v1beta1_cluster 
Removing some v1beta1 uses in cluster/
 2015-05-15 14:56:41 -07:00
Kris Rousey 98c457c397 Updating /cluster to use v1beta 3 specs, and change a lot of polling to 
healthz instead of api endpoints.
 2015-05-15 14:17:55 -07:00
Victor Marmol d3c6fb0d6a Merge pull request #8275 from dchen1107/clean 
Install monit_watcher as a cron job (1m) to check if monit is running,
 2015-05-15 08:02:55 -07:00
Dawn Chen e6c159eda2 Install monit_watcher as a cron job (1m) to check if monit is running, 
and oom protect monit processes.
 2015-05-14 15:19:11 -07:00
Rohit Jnagal e4c98a05ea Merge pull request #8182 from GoogleCloudPlatform/revert-7863-etcd_maxprocs 
Revert "Set GOMAXPROCS for etcd"
 2015-05-14 11:19:56 -07:00
Victor Marmol 5e7a7b9206 Merge pull request #8241 from gmarek/remove_name 
Remove unused ClusterName from NodeController
 2015-05-14 09:49:34 -07:00
Victor Marmol 2b1b85468a Merge pull request #7330 from chrismoos/volume_format_script_updates 
Add safe_format_and_mount to hyperkube image.
 2015-05-14 09:17:20 -07:00
gmarek 8a4717d3f5 Remove unused ClusterName from NodeController 2015-05-14 18:01:23 +02:00
Dawn Chen 309a157665 Merge pull request #7984 from cjcullen/kubelet 
Kubelet configure cbr0 instead of configure-vm.sh
 2015-05-13 17:32:52 -07:00
Yu-Ju Hong ad83197c63 Merge pull request #8187 from satnam6502/nosecret 
Remove the use of secrets from node level logging agents
 2015-05-13 11:12:08 -07:00
Jeff Lowdermilk f8ebc4e21e Merge pull request #8104 from roberthbailey/kubelet-using-kubeconfig 
Replace the auth config file with a kubeconfig file when starting the kubelet on GCE.
 2015-05-13 11:09:27 -07:00
Dawn Chen e32daf4229 Monit watch kubelet and kube-proxy on master node too. 2015-05-13 10:36:00 -07:00
Satnam Singh 53ec5e38c7 Remove the use of secrets from node level logging agents 2015-05-13 10:11:07 -07:00
Filip Grzadkowski eecd7b8c0f Revert "Set GOMAXPROCS for etcd" 2015-05-13 17:53:04 +02:00
Robert Bailey c47b9178b4 Replace the auth config file with a kubeconfig file when 
starting the kubelet on GCE.
 2015-05-13 01:03:28 -07:00
CJ Cullen 31ea7d1295 Put cbr0-modifying stuff behind a flag. Address some other comments. 2015-05-12 23:00:28 -07:00
Alex Robinson a98d883134 Merge pull request #8121 from satnam6502/fluentd-gcp 
Convert node level logging to Cloud Logging to use token-system-logging
 2015-05-12 14:26:46 -07:00
Alex Robinson 96cb4360fa Merge pull request #8120 from satnam6502/fluentd-es 
Convert nodel level logging to ES to use token-system-logging
 2015-05-12 14:26:28 -07:00
Nikhil Jindal d75bd8bf2a Merge pull request #7101 from liggitt/service_account 
ServiceAccounts
 2015-05-12 10:23:41 -07:00
Satnam Singh ade18e4ff3 Conver node level logging to Cloud Logging to use token-system-logging 2015-05-12 10:17:45 -07:00
Satnam Singh f9af0658fa Convert nodel level logging to ES to use token-system-logging 2015-05-12 10:07:49 -07:00
Alex Robinson e2b7ef8d2c Merge pull request #8078 from satnam6502/fluentd-gcp 
Convert Fluentd to Cloud Logging pod specs to YAML
 2015-05-11 16:55:14 -07:00
Satnam Singh e246685468 Convert Fluentd to Cloud Logging pod specs to YAML 2015-05-11 14:55:46 -07:00
Satnam Singh 2f5ba28a17 Switch Fluentd to ES manifest back to YAML 2015-05-11 14:37:41 -07:00
Jordan Liggitt db1f0dc906 JWT token generation/verification 2015-05-11 17:18:06 -04:00
Robert Bailey 6c42cb154b Stop copying certs into /usr/share/nginx/ since nothing relies 
on that location any longer.
 2015-05-11 11:44:19 -07:00
Wojciech Tyczynski 600b00f2b1 Merge pull request #7863 from fgrzadkowski/etcd_maxprocs 
Set GOMAXPROCS for etcd
 2015-05-07 10:09:29 +02:00
Filip Grzadkowski 7e8bde53dd Set GOMAXPROCS for etcd 2015-05-07 08:11:39 +02:00
CJ Cullen f0c26052eb Fix controller-manager manifest for providers that don't specify CLUSTER_IP_RANGE 2015-05-06 17:50:04 -07:00
Maxwell Forbes 7426b533df Merge pull request #7862 from cjcullen/cbr0 
Remove restriction that cluster-cidr be a class-b
 2015-05-06 15:46:57 -07:00
saadali 4569de7a46 Enable Google Cloud Monitoring and Google Cloud Logging instead of 
Influxdb for Google Compute Engine deployments.
 2015-05-06 15:23:40 -07:00
CJ Cullen fbd125e4e2 Remove restriction that cluster-cidr be a class-b 2015-05-06 15:01:13 -07:00
Mark Lamourine b7c1b7eed2 Added port 6443 to kube-proxy default IP address for api-server 
added  api_servers_with_port variable and settings.

removed extra port string

split azure api_server host and port out
 2015-05-06 12:43:24 +00:00
Robert Bailey 357df12c02 Set allocate_node_cidrs to be blank by default. 2015-05-05 23:41:30 -07:00
Jerzy Szczepkowski e967ffd522 Added flag to set cluster class B network address for pods, add flag to disable allocation CIDRs for Pods. Fixed synchornization bug in NodeController registerNodes(). 2015-05-05 16:10:43 -07:00
Jeff Lowdermilk 87cdc3f032 Merge pull request #7672 from eparis/boilerplate-python 
Check license boilerplate for python files
 2015-05-05 09:23:36 -07:00
Chris Moos 1b814ffd2c Add safe_format_and_mount to hyperkube image. 
* Add volume format script into hyperkube image.
* Fix issue with format script on non-redhat platforms.
 2015-05-04 21:25:39 -07:00
Zach Loafman 2b3e52c230 Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 16:33:00 -07:00
Eric Paris f416289a85 update all python with boilerplate 2015-05-04 18:37:47 -04:00
Robert Bailey e3ff2dc02d Merge pull request #7678 from justinsb/aws_api_on_443 
AWS: Change apiserver to listen on 443 directly, not through nginx
 2015-05-04 13:52:57 -07:00
Daniel Smith fbe3ec7513 Merge pull request #7316 from ArtfulCoder/master_components_logs 
logs for master components
 2015-05-04 11:20:03 -07:00
Justin Santa Barbara 57f7b658bb AWS: Change apiserver to listen on 443 directly, not through nginx 
Mirrors changes in GCE.  I think the same changes will be needed for vagrant.
 2015-05-02 16:59:04 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Satnam Singh 941a457851 Trim Fleuntd tag for Cloud Logging 2015-04-30 13:39:35 -07:00
Satnam Singh e65f0aafd5 Trim cluster log tags to pod name and container name 2015-04-29 18:24:13 -07:00
Abhishek Shah 96439b5a52 logs for master components 2015-04-29 09:51:09 -07:00
Robert Bailey 8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Satnam Singh 4a0cc7905d Convert node level logging agents to v1beta3 2015-04-27 17:21:42 -07:00
CJ Cullen 39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
derekwaynecarr 81e9395533 Fix vagrant regression due to #7326 2015-04-27 17:18:30 -04:00
Eric Tune 9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Robert Bailey 846ffcff83 Pass the CA root cert into the apiserver so that the apiserver will 
perform client cert checks for authorization. Only enable on GCE where
the apiserver is terminating SSL connections from end users.
 2015-04-24 22:01:56 -07:00
Nikhil Jindal 84cb48be11 Merge pull request #7246 from satnam6502/es 
Convert Elasticsearch logging to v1beta3 and de-salt
 2015-04-24 09:21:41 -07:00
CJ Cullen 80af1c9e40 kube2sky using kubeconfig secret: take 2. Point system secrets at https://kubernetes. Override in clients that can't use DNS. 2015-04-23 18:13:16 -07:00
Satnam Singh c9b9e7651e Convert Elasticsearch logging to v1beta and de-salt 2015-04-23 13:06:15 -07:00
Dawn Chen f9156c281a Merge pull request #7123 from satnam6502/logging 
Propagate pod and container name for log files
 2015-04-23 10:13:08 -07:00
Satnam Singh 2444c1f943 Propagate pod and container name for log files 2015-04-22 15:08:51 -07:00
Dawn Chen 87e0d5da08 Merge pull request #7186 from ArtfulCoder/no_log_pod_on_master 
removed elasticsearch and fluentd-gcp pods from master
 2015-04-22 14:40:07 -07:00
Abhishek Shah 8cf11fd608 removed elasticsearch and fluentd-gcp pods from master 2015-04-22 12:54:57 -07:00
Robert Bailey dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Eric Tune b944049fe9 Merge pull request #6916 from ArtfulCoder/controller-in-a-pod 
kube-controller-manager in a pod.
 2015-04-21 09:58:29 -07:00
Justin Santa Barbara 29592356f7 Rename salt minion_ip to hostname_override 
Prep work for making AWS node identifier -> instance id
 2015-04-21 06:24:49 -07:00
CJ Cullen 1be193098a Merge pull request #7072 from dchen1107/cleanup 
Remove fqdn dependency for node name
 2015-04-20 18:00:21 -07:00
Abhishek Shah f513aad380 kube-controller-manager in a pod. 2015-04-20 16:06:37 -07:00
Eric Tune c3203cba6d Create system secrets in kubeconfig format 
Was previously kubernetes_auth format.

Added defaults file which uses salt to fill in an env var
with the master's IP.

More thought needs to be given soon to how to make this
connection use a cert for the master, and how to support
multiple masters, and whether to use the DNS record
instead of an IP address.  But this PR unblocks some other
more urgent things, so doing it this way.
 2015-04-20 15:02:45 -07:00
Kenjiro Nakayama 2e702b0c61 Replace hostname -f with uname -n 2015-04-20 14:16:21 -07:00
Eric Tune 424ae1d67a Fix kube-addon retrying. 2015-04-20 07:38:39 -07:00
Robert Bailey 972cf60d2b Merge pull request #6957 from ArtfulCoder/no_monit 
remove unused file
 2015-04-17 11:40:36 -07:00
Abhishek Shah b08102d358 remove unused file 2015-04-16 21:51:51 -07:00
Abhishek Shah 647d5948a1 Docker Image install script - Sleep before each iteration of while loop 2015-04-16 21:46:35 -07:00
Derek Carr 6c394e4d81 Merge pull request #6911 from erictune/del_kub_user 
Remove unused kubelet user from salt.
 2015-04-16 11:45:26 -04:00
Eric Tune 955cc1e1df Remove unused kubelet user from salt. 
Fixes #1512.

Cluster creation and validation succeeds with this change.
 2015-04-16 07:46:56 -07:00
litian54 b5e4111234 Fix Jinja render bug if 'portal_net' or 'cluster_name' is undefined 2015-04-15 17:17:38 -07:00
Abhi Shah 72a694b6b3 Merge pull request #6823 from ArtfulCoder/scheduler-in-a-pod 
Scheduler in a pod
 2015-04-15 08:27:28 -07:00
Abhishek Shah a908bb78ea kube-scheduler in a pod 2015-04-14 17:53:12 -07:00
Quinton Hoole cd6daae014 Merge pull request #6271 from a-robinson/asynclb 
Manage load balancer creation and deletion asynchronously in a ServiceController
 2015-04-14 17:50:07 -07:00
Abhishek Shah 37eb4d85e1 Install kube-controller-manager image 2015-04-14 16:45:39 -07:00
Abhishek Shah 682e8cfa99 Load Kube Scheduler Image. 2015-04-14 15:20:24 -07:00
Alex Robinson ccc300289f Implement a ServiceController that watches services and handles keeping 
external load balancers up-to-date based on the service's specs, using
the new DeltaFIFO watch queue class. Remove the old registry REST
handler code for creating/updating/deleting load balancers.

Also clean up a bunch of the GCE cloudprovider code related to load balancers.
 2015-04-14 18:56:24 +00:00
Justin Santa Barbara 72687184b9 Don't always use aws.conf 
We don't usually need it, and it makes it harder to put apiserver into a container.
 2015-04-14 09:30:00 -07:00
Abhishek Shah c9d7010461 kube-apiserver in a pod. 2015-04-13 15:15:45 -07:00
Dawn Chen 67169ec87d Merge pull request #6719 from litian54/master 
Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minio...
 2015-04-13 10:42:48 -07:00
Dawn Chen 7f2f165797 Revert "kube-apiserver in a pod." 2015-04-10 22:54:52 -07:00
litian54 36ef786228 Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minion grains 2015-04-10 18:27:22 -07:00
Abhishek Shah 2f70395396 kube-apiserver in a pod. 2015-04-10 15:46:49 -07:00
Justin Santa Barbara a366f9ee88 Create the /usr/share/google dir in salt 2015-04-10 13:25:43 -07:00
Justin Santa Barbara b9fd56050a Add safe_format_and_mount script to aws 
Apache licensed :-)
 2015-04-10 13:25:42 -07:00
Derek Carr d2b6920a32 Merge pull request #6496 from ArtfulCoder/docker_image_install 
Load docker images of kubernetes components after docker is installed.
 2015-04-10 16:19:10 -04:00
Maxwell Forbes 7eb7387d97 Merge pull request #6403 from zmerlynn/salt_docs 
Update the existing salt.md, add the start of a Salt README tree
 2015-04-09 10:34:25 -07:00
Abhishek Shah 4996ccbf2d Load docker images of kubernetes components after docker is installed. 2015-04-09 09:06:42 -07:00
Dawn Chen 8ede54c511 Upgrade kubernetes to gcr.io/google_containers/etcd:2.0.9 2015-04-07 16:26:11 -07:00
Justin Santa Barbara 2426366ec8 Update cAdvisor with moved docker root on AWS 
We set up a symlink now, and we also pass docker_root into the kubelet.

The symlink is probably sufficient, but doing both feels safer.
 2015-04-07 10:40:22 -07:00
Abhishek Shah a0ea2c6718 Disable nginx service 2015-04-06 18:38:03 -07:00
Zach Loafman c292d2e8d6 Update the existing salt.md, add the start of a Salt README tree 
Starts to fix #6070
 2015-04-06 14:41:21 -07:00
Abhishek Shah 9231fae998 Prevent docker load. 2015-04-06 11:09:27 -07:00
Abhishek Shah fb665ede4c Run etcd on localhost for all providers. 2015-04-03 14:00:44 -07:00
Abhishek Shah 23c42cd8b2 Etcd listens on localhost for GCE 2015-04-03 11:40:09 -07:00
Yu-Ju Hong 76f1232a2e Merge pull request #6404 from dchen1107/master 
Using gcr.io/google_containers/etcd:2.0.8
 2015-04-03 08:51:41 -07:00
Zach Loafman de67b96ff7 Merge pull request #6396 from ArtfulCoder/master_logging 
Enable log collection from master.
 2015-04-02 18:50:30 -07:00
Abhishek Shah 39bb6d3777 Enable log collection from master. 2015-04-02 18:37:07 -07:00
Zach Loafman 12cf7681a9 Merge pull request #5470 from erictune/for-abhis 
Make secrets at cluster startup.
 2015-04-02 17:43:56 -07:00
Dawn Chen 814177c21b Using gcr.io/google_containers/etcd:2.0.8 2015-04-02 17:04:05 -07:00
Abhi Shah a918a719e0 Merge pull request #6334 from brendandburns/nginx 
Add an nginx docker image for use on the master.
 2015-04-02 16:58:02 -07:00
Brendan Burns 9f48a2f4e6 Add an nginx docker image for use on the master. 2015-04-02 16:42:17 -07:00
Eric Tune 59daeabaee Make secrets at cluster startup. 
These secrets will be used in subsequent PRs by:
scheduler, controller-manager, monitoring services,
logging services, and skydns.

Each of these services will then be able to stop using kubernetes-ro
or host networking.
 2015-04-02 15:58:45 -07:00
Zach Loafman c627a3598c Merge pull request #6384 from erictune/cleanup-addons.sh 
Use same addons script for init.d and systemd.
 2015-04-02 14:49:44 -07:00
Derek Carr 4ae016e022 Merge pull request #6382 from derekwaynecarr/fix_vagrant_kubelet 
Fix vagrant with etcd in pod
 2015-04-02 17:22:44 -04:00
Eric Tune b9570b3daa Use same addons script for init.d and systemd. 2015-04-02 14:07:23 -07:00
derekwaynecarr c6bf46acd7 Fix vagrant with etcd in pod 2015-04-02 16:55:29 -04:00
Dawn Chen 9b2f835a01 Merge pull request #6326 from ArtfulCoder/docker_image_creation 
Create Docker images for master components
 2015-04-02 13:12:17 -07:00
Abhishek Shah b1b779a8d5 docker image creation 2015-04-02 12:39:12 -07:00
Filip Grzadkowski 65c2942a82 Increase ulimit -n for apiserver. 2015-04-02 17:01:23 +02:00
CJ Cullen 5e6e67ba59 Add an alternative TokenSource to the GCE CloudProvider. 2015-04-01 17:52:30 -07:00
Dawn Chen ab1a8b1e7c Merge pull request #6298 from roberthbailey/kubelet-config 
Remove salt configuration that matches the default settings in the Kubelet.
 2015-04-01 14:31:31 -07:00
Derek Carr 2af9b54147 Merge pull request #6259 from zmerlynn/fix_cloud_provider 
Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack
 2015-04-01 17:04:05 -04:00
Robert Bailey 40ebed845f Remove salt configuration that matches the default settings in 
the Kubelet.
 2015-04-01 12:13:40 -07:00
Abhishek Shah 8e3a41b52c Run etcd 2.0.5 in a pod 2015-04-01 11:38:21 -07:00
Zach Loafman b581320bf7 Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack 
This variable can be entirely derived from grains.cloud, and it
simplifies the configuration somewhat. (Or someone convince me I'm
wrong. I'm happy to be wrong here.)
 2015-04-01 08:32:32 -07:00
Satnam Singh 73a9ab2928 Rename logging image to use google_containers 2015-03-31 16:00:52 -07:00
Victor Marmol f0b3493c26 Merge pull request #6240 from zmerlynn/fix_apiservers 
s/apiservers/api_servers/ in Salt
 2015-03-31 13:06:09 -07:00
Zach Loafman 6c219885e0 s/apiservers/api_servers/ in Salt 
It looks like api_servers finally won this battle. Kill off the
last remaining places passing it, but allow the kubelet Salt to
accept apiservers for a period of time.

(This was bothering my OCD.)
 2015-03-31 12:29:46 -07:00
Abhishek Shah 541219db77 Retry kube-addons creation if kube-addons creation fails. 2015-03-30 18:14:54 -07:00
Robert Bailey bc8af553a3 Configure the kubelet to bind a simple healthz server to a localhost 
port for monitoring by monit. This is in preparation for the standard
kubelet port to switch to SSL only (and eventually to only accepting
connections on the SSL port that present a proper client SSL cert).

Also standardize the formatting of the monit config files a bit.
 2015-03-30 14:20:30 -07:00
Victor Marmol b9214d4fcf Merge pull request #6122 from satnam6502/fluentd-gcp 
Update Salt config to use gcr.io Fluentd to Cloud Logging agent
 2015-03-30 08:02:12 -07:00
Zach Loafman 848134fdfa Revert "Running etcd 2.0.5 in a pod on master" 2015-03-28 07:36:39 -07:00
Dawn Chen 179fe870cc Merge pull request #4442 from ArtfulCoder/docker_etcd 
Running etcd 2.0.5 in a pod on master
 2015-03-27 18:33:25 -07:00
Daniel Smith 525bbfd175 Merge pull request #6103 from zmerlynn/remove_gce_node_names 
Remove the --machines SaltStack configuration on GCE
 2015-03-27 17:55:16 -07:00
Abhishek Shah 7750f35e7c Running etcd 2.0.5 in a pod on master 2015-03-27 17:50:10 -07:00
Satnam Singh 666e2b69ac Update Salt config to use gcr.io Fluentd to Cloud Logging agent 2015-03-27 16:39:12 -07:00
Satnam Singh ce1e73fccc Update Salt config use gcr.io Fluentd to ES image 2015-03-27 16:09:37 -07:00
Zach Loafman 68ccb97907 Remove the --machines SaltStack configuration on GCE 
Per https://github.com/GoogleCloudPlatform/kubernetes/issues/6072#issuecomment-87074456, this is no longer necessary.
We now no longer need a static node list. Woo!
 2015-03-27 14:44:19 -07:00
Abhishek Shah d84ff79cfd Added a catchall to set api server ip address in kubelet cmd params 2015-03-27 08:44:52 -07:00
Piotr Szczesniak c516aba8e8 Merge pull request #6043 from ArtfulCoder/kubelet_salt 
Modified salt config to get master ip address correctly
 2015-03-27 10:03:05 +01:00
Abhishek Shah f35a352782 Modified salt config to get master ip address correctly 2015-03-26 21:17:06 -07:00
Abhishek Shah d1015e785f Add salt configuration to remove cadvisor.manifest from master. cadvisor is now part of kubelet 2015-03-26 10:15:30 -07:00
Robert Bailey 268b617b84 Add local babysitting for the kube-proxy. 2015-03-25 23:24:24 -07:00
Brendan Burns 8bac135f85 Configure docker and kubelet on AWS master. 2015-03-24 17:19:06 -07:00
Satnam Singh 69f867dafb Upgrade etcd to v2.0.5 on the master 2015-03-23 13:52:04 -07:00
Justin Santa Barbara 60a07e972b Raise the file ulimit for kube-proxy for init.d systems 2015-03-19 19:36:13 -04:00
Satnam Singh 985d5c1f95 Add a prefix to the POS file for Fluentd to Elasticsearch 2015-03-17 13:13:03 -07:00
Satnam Singh 0212e68e91 Adjust POS file for Fluentd to Cloud Logging 2015-03-17 11:44:04 -07:00
Timothy St. Clair 140330fca8 Fix to address issue #5461 kube-proxy too many files open 
https://github.com/GoogleCloudPlatform/kubernetes/issues/5461
 2015-03-17 10:13:25 -05:00
Satnam Singh d395efa463 Make Fluentd to Cloud Logging collector read from head 2015-03-16 16:19:07 -07:00
Derek Carr 440c720805 Merge pull request #5330 from zmerlynn/try_addons_again 
Retry object creation with --validate in kube-addons
 2015-03-16 10:43:39 -04:00
Victor Marmol 1a7f7245e7 Remove cAdvisor manifest from cluster startup. 
cAdvisor is now integrated into the Kubelet and runs inside of it.
 2015-03-13 16:06:42 -07:00
Brendan Burns 966e8301a0 Add kubelet to the master. 2015-03-13 12:09:24 -07:00
Satnam Singh e16bcceceb Merge pull request #5390 from brendandburns/shell_sucks 
Configure docker on the master like we do on workers.
 2015-03-12 11:42:03 -07:00
Brendan Burns 17ff8fb421 Configure docker on the master like we do on workers. 2015-03-12 10:37:30 -07:00
Saad Ali 7629b616a7 Merge pull request #5348 from dchen1107/docker 
Check docker unixsocket periodically through monit. If failed, restart d...
 2015-03-11 17:42:58 -07:00
Dawn Chen fe9e0ca5ce Check docker unixsocket periodically through monit. If failed, restart docker. 2015-03-11 17:20:03 -07:00
Zach Loafman 018b11bc3a Retry object creation with --validate in kube-addons 
The better solution is some fence with Salt, but the actual logs
provided in the bug don't support any race condition here, plus the
ordering in the Salt configuration seems correct.

We haven't seen this again in a while, but given the results of the
situation (a borked cluster), I'm proposing a relatively simple
workaround.

Fixes #4357 (dubiously)
 2015-03-11 14:40:37 -07:00
derekwaynecarr f71a91a131 Fix regression introduced when moving to standalone salt 2015-03-11 11:06:00 -04:00
derekwaynecarr 468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
Brian Grant b3d3db08ef Merge pull request #5064 from justinsb/ignore_stopped_aws_instances 
Ignore EC2 instances that are stopped
 2015-03-10 11:03:34 -07:00
Alex Robinson 6700a7f230 Merge pull request #5253 from satnam6502/fluentd 
Modify Fluentd to ES setup to pass flags
 2015-03-10 10:46:26 -07:00
Brendan Burns 00f3779c6f Merge pull request #5119 from zmerlynn/salt_drones 
Change GCE to use standalone Saltstack config
 2015-03-10 10:29:59 -07:00
Satnam Singh 3ce0ede78e Modify Fluentd to ES setup to pass flags 2015-03-10 10:11:26 -07:00
Alex Robinson 8fd33476f0 Merge pull request #5218 from satnam6502/fluentd-es 
Change Fluentd config to read from head of Docker container logs
 2015-03-10 09:57:02 -07:00
Zach Loafman 120dba474e Change GCE to use standalone Saltstack config: 
Change provisioning to pass all variables to both master and node. Run
Salt in a masterless setup on all nodes ala
http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html,
which involves ensuring Salt daemon is NOT running after install. Kill
Salt master install. And fix push to actually work in this new flow.

As part of this, the GCE Salt config no longer has access to the Salt
mine, which is primarily obnoxious for two reasons: - The minions
can't use Salt to see the master: this is easily fixed by static
config. - The master can't see the list of all the minions: this is
fixed temporarily by static config in util.sh, but later, by other
means (see
https://github.com/GoogleCloudPlatform/kubernetes/issues/156, which
should eventually remove this direction).

As part of it, flatten all of cluster/gce/templates/* into
configure-vm.sh, using a single, separate piece of YAML to drive the
environment variables, rather than constantly rewriting the startup
script.
 2015-03-10 09:04:29 -07:00
derekwaynecarr 22e559d769 Provision network before kubelet 2015-03-10 10:30:50 -04:00
Satnam Singh 2486de1287 Change Fluentd config to read from head of Docker container logs 2015-03-09 23:25:52 -07:00
Justin Santa Barbara a3ae480acc Ignore EC2 instances that are stopped 
Otherwise we pick up previous cluster instances (in EC2, stopped instances hang around for
a while - maybe 30 minutes?)
 2015-03-09 19:03:46 -07:00
Dawn Chen 7a47ea8913 Ask monit health check kubelet; if failed, restart. 2015-03-05 17:29:38 -08:00
derekwaynecarr 35ab4ccc6d Further vagrant reliability improvements. 2015-03-03 06:55:34 -08:00
Tim Hockin d46146da7d Stop using Docker's -r flag 
It has been deprecated since 1.3, replaced by restart policies.  We are
not supporting docker < 1.3 any more.
 2015-02-28 13:36:42 -08:00
Satnam Singh 16f49f6d09 Update Fluentd to Cloud Logging image 2015-02-26 15:18:22 -08:00
Eric Tune e77745672c Merge pull request #4577 from satnam6502/cluster-name 
Qualify the name of forwarding rules with INSTANCE_PREFIX
 2015-02-26 13:17:49 -08:00
Daniel Smith 3038a5624e Merge pull request #4859 from dchen1107/master 
Move salt based clusters to Docker 1.5.0
 2015-02-26 11:32:07 -08:00
Dawn Chen 59a9030413 Move salt based clusters to Docker 1.5.0 2015-02-26 11:06:53 -08:00
Satnam Singh 19b927ea57 Name a cluster and use it to make forwarding rules for GCE 2015-02-23 17:04:33 -08:00
derekwaynecarr 87a41b0934 Improve vagrant reliablility, fix race condition with openvswitch and docker 2015-02-21 13:31:50 -05:00
Victor Marmol ff7726d1ef Merge pull request #4655 from saad-ali/fix2884quick 
Add monit process monitoring for kubelet and docker
 2015-02-20 11:07:06 -08:00
David Oppenheimer ba749284d0 Have etcd listen on all interfaces so that monit probes succeed. Closes #3852. 2015-02-19 23:14:14 -08:00
saadali 4dea0488e6 Add monit process monitoring for kubelet and docker 2015-02-19 22:22:05 -08:00
Brendan Burns e4e68e2fa5 Merge pull request #4138 from justinsb/fix_duplicate_master_arg 
Remove duplicate --master arg from kube-scheduler
 2015-02-19 11:58:23 -08:00
David Oppenheimer c99a37d3a3 Merge pull request #4587 from gmarek/client2 
Fix monit config for etcd
 2015-02-19 11:37:47 -08:00
gmarek 19b7c01084 Fix monit config for etcd 2015-02-19 13:11:43 +01:00
Brendan Burns 664de16c81 Remove kubecfg from the client tools we attempt to distribute. 2015-02-18 22:26:26 -08:00
Dawn Chen 23b8b5ea6a Configure docker with larger open files. 2015-02-11 23:52:58 -08:00
Eric Tune 59a06b5073 Don't set --etcd_servers argument for kubelet. 
This is ignored by all recent kubelet versions when api_servers is
set.  And it is set in this salt file.
 2015-02-11 15:53:26 -08:00
Zach Loafman 6b3bb763f0 Merge pull request #4287 from derekwaynecarr/docker_group_gone 
Docker 1.4.1 on Fedora no longer provisions a docker group
 2015-02-10 14:28:02 -08:00
Zach Loafman 2fb4bd4724 Merge pull request #4286 from brendandburns/etcd 
Add restart to the kube apiserver.
 2015-02-10 12:09:34 -08:00
derekwaynecarr 46eb657722 docker does not provision a docker group anymore, so do not add vagrant user to it 2015-02-10 11:15:22 -05:00
Zach Loafman 2f231e0a2a Merge pull request #4268 from rajatchopra/master 
Fix vagrant networking round 2
 2015-02-10 07:39:48 -08:00
Brendan Burns c50e650d8b Add restart to the kube apiserver. 2015-02-10 07:35:00 -08:00
Rajat Chopra 1d12cad456 Fix vagrant networking. Include the master as part of overlay. And remove STP for efficiency. 
fix e2e services for vagrant
Kubelet should wait on SDN to finish
Do not require docker on master for default clouds
 2015-02-09 14:37:27 -08:00
Ravi Sankar Penta 3a5ef05f64 Make periodic sync nodes from cloud provider optional. 
--sync_nodes=false gives user flexibility to add/remove nodes in the
cluster using REST api/kubectl cli and at the same time can use
cloud provider for other resources like persistent disks, etc.
 2015-02-09 13:42:44 -08:00
Zach Loafman 6b8c332cd3 Revert "Fix vagrant networking" 2015-02-09 13:40:11 -08:00
Rajat Chopra 9f10108758 Kubelet should wait on SDN to finish 2015-02-09 11:22:14 -08:00
Rajat Chopra b61ea1bbf1 Fix vagrant networking. Include the master as part of overlay. And remove STP for efficiency. 2015-02-05 17:41:27 -08:00
Justin Santa Barbara e72d3392cc Remove duplicate --master arg from kube-scheduler 2015-02-04 19:05:05 -05:00
Justin Santa Barbara 7790435915 Fix for bool vs string comparisons in salt templates 
Fixes #4118
 2015-02-04 14:09:10 -05:00
Justin SB 9a29d9f92a Etcd data dir must be empty 
Otherwise we get the error "unknown wal version in data dir /var/etcd"

When this is the homedir for etcd, e.g. .bashrc confuses it
 2015-02-02 08:09:32 -08:00
derekwaynecarr 4dd50a18c3 Fix vagrant regression, add flag to easily enable v1beta3 2015-01-30 12:16:24 -05:00
Satnam Singh db416c4f39 Merge pull request #3970 from justinsb/fix_aws 
aws cluster/kube-up.sh fixes
 2015-01-30 07:56:01 -08:00
derekwaynecarr 3cb015c09c Missing boilerplate 2015-01-30 00:22:17 -05:00
derekwaynecarr aef084bf9d Various vagrant fixes, etcd 2.0 2015-01-30 00:15:34 -05:00
Brendan Burns a20ca78fb3 Update etcd to version 2.0.0 2015-01-29 17:53:53 -08:00
Justin Santa Barbara eb1d9d0a46 Add missing = to --machines arg 2015-01-29 20:35:36 -05:00
Justin Santa Barbara 5d864b006a Add aws to list of clouds that use tokens 2015-01-29 20:35:36 -05:00
Justin Santa Barbara 51225c76da Apply jbeda's conditional tar fix 2015-01-29 20:35:36 -05:00
Justin Santa Barbara 2f195578cc Create /srv/kuberentes/known_tokens.csv on AWS 2015-01-29 20:35:35 -05:00
Justin Santa Barbara bb0431dce8 Pass cloud & cloud_config to kube-apiserver for AWS 2015-01-29 20:35:35 -05:00
Brendan Burns c7c11d7731 Add monit support for restarting etcd to the master. 2015-01-27 20:15:24 -08:00
Victor Marmol 94988aece2 Update cAdvisor to 0.8.0. 2015-01-23 11:11:15 -08:00
Zach Loafman a305269e18 Deferred creation of SkyDNS, monitoring and logging objects 
This implements phase 1 of the proposal in #3579, moving the creation
of the pods, RCs, and services to the master after the apiserver is
available.

This is such a wide commit because our existing initial config story
is special:

* Add kube-addons service and associated salt configuration:
** We configure /etc/kubernetes/addons to be a directory of objects
that are appropriately configured for the current cluster.
** "/etc/init.d/kube-addons start" slurps up everything in that dir.
(Most of the difficult is the business logic in salt around getting
that directory built at all.)
** We cheat and overlay cluster/addons into saltbase/salt/kube-addons
as config files for the kube-addons meta-service.
* Change .yaml.in files to salt templates
* Rename {setup,teardown}-{monitoring,logging} to
{setup,teardown}-{monitoring,logging}-firewall to properly reflect
their real purpose now (the purpose of these functions is now ONLY to
bring up the firewall rules, and possibly to relay the IP to the user).
* Rework GCE {setup,teardown}-{monitoring,logging}-firewall: Both
functions were improperly configuring global rules, yet used
lifecycles tied to the cluster. Use $NODE_INSTANCE_PREFIX with the
rule. The logging rule needed a $NETWORK specifier. The monitoring
rule tried gcloud describe first, but given the instancing, this feels
like a waste of time now.
* Plumb ENABLE_CLUSTER_MONITORING, ENABLE_CLUSTER_LOGGING,
ELASTICSEARCH_LOGGING_REPLICAS and DNS_REPLICAS down to the master,
since these are needed there now.

(Desperately want just a yaml or json file we can share between
providers that has all this crap. Maybe #3525 is an answer?)

Huge caveats: I've gone pretty firm testing on GCE, including
twiddling the env variables and making sure the objects I expect to
come up, come up. I've tested that it doesn't break GKE bringup
somehow. But I haven't had a chance to test the other providers.
 2015-01-21 12:25:50 -08:00
Joe Beda 7ee327146a Fix typo in initd scripts 2015-01-15 09:12:20 -08:00
Joe Beda 228659a177 Fix up for posix flags 2015-01-15 09:12:19 -08:00
Satnam Singh 295bd3768d Launch Elasticsearch and Kibana automatically 2015-01-09 13:41:46 -08:00
Eric Tune c2b3d678c0 Merge pull request #3248 from derekwaynecarr/admission_control_hooks 
Implement basic admission control framework
 2015-01-07 16:52:49 -08:00
Dawn Chen 6cb7f0451c Using google/cadvisor:0.7.1 instead of :latest 2015-01-07 14:14:20 -08:00
derekwaynecarr 520ae3ef27 Implement basic admission control framework 2015-01-07 14:42:31 -05:00
Satnam Singh 8ab2e9c61a Use DNS for Elasticsearch 2015-01-06 07:33:48 -08:00
Dawn Chen 86aa38547c Remove duplicate volumes type. 2014-12-30 14:40:16 -08:00
Tim Hockin 59164ca844 Make DNS an option for cluster turnup 2014-12-29 09:18:12 -08:00
Vishnu Kannan 2d5432bc91 update cadvisor static manifest file completely. 2014-12-25 18:22:59 +00:00
Vishnu Kannan 9a4476a60c Update cadvisor manifest to bind mount "/sys" from global namespace. 2014-12-22 23:49:22 +00:00
saadali ec6d4c6078 Fix kube-controller-manager failing to start because "Jinja variable 'cloud_config' is undefined" 2014-12-19 17:20:22 -08:00
Brendan Burns 2369f0d50d Update aws. 2014-12-19 14:16:57 -08:00
Brendan Burns bd712b61e6 Merge branch 'master' of https://github.com/dutchcoders/kubernetes into dutchcoders-master 
Conflicts:
	cluster/aws/config-default.sh
	cluster/saltbase/salt/kube-controller-manager/default
 2014-12-19 11:45:46 -08:00
Jordan Liggitt 2de478f16c Make cert CN unique to avoid certificate serial number clashes 2014-12-18 15:13:32 -05:00
Jernej Kos 430a04af45 Added missing Salt requisites. 2014-12-18 10:29:39 +01:00
Dawn Chen c053ec63c5 Move salt based clusters to Docker 1.4.1 2014-12-16 15:54:26 -08:00
Joe Beda 911a437c1b Make the test for the 'docker_opts' grain more robust. 
Fixes #2982
 2014-12-16 14:26:36 -08:00
Dawn Chen 04b136a7db Move salt based clusters to Docker 1.4.0 2014-12-16 11:58:45 -08:00
Joe Beda 056fdbb9b8 Merge pull request #2943 from brendandburns/flags 
Add a log level flag.
 2014-12-15 12:59:08 -08:00
Brendan Burns 878d85df0c Add a log level flag. 2014-12-15 12:00:29 -08:00
Satnam Singh b4fcdd7e47 Collect Kubelet logs with Fluentd->Elasticsearch and Fluentd->Cloud Logging 2014-12-14 01:47:48 -08:00
Joe Beda c9acafc98a Move salt based clusters to Docker 1.3.3 
Part of #2896
 2014-12-12 12:18:07 -08:00
Brendan Burns 149881e13e Actually set repository QPS in the kubelet. 2014-12-11 12:06:40 -08:00
Joe Beda 89011f26f4 remove SSLv3 support in nginx config 2014-12-10 13:17:02 -08:00
Eric Tune edeb96dca9 Merge pull request #2772 from rlarocque2/apiserver_auth 
Implement apiserver communication for Vagrant
 2014-12-10 07:13:40 -08:00
Brendan Burns 3a7dd589d5 Merge pull request #2735 from erictune/proxy_no_etcd 
Use apiserver instead of etcd for kube-proxy.
 2014-12-09 15:27:20 -08:00
Jeff Lowdermlk 0007257bce Fix conditional on grains.docker_opts in docker-defaults 2014-12-08 16:42:41 -08:00
Richard Larocque 7d37b24cc7 Implement apiserver communication for Vagrant 
This implementation is based on the GCE impementation from
618a367dbb48dbaa9c3b50e877858d854322fd0b.
 2014-12-05 12:49:51 -08:00
Eric Tune 65b38e7af7 Use apiserver instead of etcd for kube-proxy. 
For cloud-providers that use salt, have kube-proxy use
apiserver instead of etcd as a config source.
 2014-12-02 22:21:01 -08:00
Brendan Burns b07515c5ea Add some backward compatability for GKE. 2014-12-02 11:32:45 -08:00
Alen Komljen d83d269c27 Remove empty lines when file is generated from jinja template 2014-12-02 15:00:58 +01:00
Joe Beda f8505cd286 For GCE, allow insecure registries anywhere in 10.0.0.0/8. 2014-12-01 11:36:08 -08:00
Alen Komljen 249bbd7d9a Remove unused nsinit salt state 2014-11-27 09:59:25 +01:00
Remco 83f3982eee fix(aws): cloud provider wasn't set, corrected cloud config syntax 2014-11-26 17:30:35 +01:00
Tim Hockin 47141f05c7 standard config opt names: logging 2014-11-25 17:41:53 -08:00
Tim Hockin 52ad94d766 standard config opt names: node monitoring 2014-11-25 17:39:28 -08:00
Joe Beda 4a5a69b520 Upgrade docker to 1.3.2. 2014-11-25 14:46:25 -08:00
Joe Beda 2b712a744a Fix up salt ordering dependencies in kube-apiserver/init.sls. 2014-11-25 14:46:25 -08:00
Joe Beda 802d214ed0 Merge pull request #2461 from MSOpenTech/deploy 
Bring Azure deploy scripts up to date
 2014-11-20 17:15:44 -08:00
Joe Beda 658c5cdaaa Check in default blank file for kubelet/kubernetes_auth 
This lets us eliminate some per-cloud stuff in our salt.  This is an alternate fix for #2475.
 2014-11-20 17:01:28 -08:00
derekwaynecarr 1a894741b2 Fix vagrant regression 2014-11-20 10:39:09 -05:00
Brendan Burns 927088de83 Fix etcd unpack by adding a explicit x flag. 2014-11-19 11:33:50 -08:00