github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
16,508 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

436 Commits (a90b67f276f95c4c17e4ea9492c92f6ba660320f)

Author SHA1 Message Date
Mike Danese fdb5cefae7 fix unit test breakage by adding seed method to util/rand 2015-07-22 15:01:51 -07:00
Mike Danese a558edf036 Revert "Revert "Move rand string func to util for reuse"" 
This reverts commit acebe24bf3.
 2015-07-22 15:01:28 -07:00
Vish Kannan acebe24bf3 Revert "Move rand string func to util for reuse" 2015-07-22 12:51:29 -07:00
Vish Kannan 550203b3a3 Merge pull request #9162 from thockin/rand-util 
Move rand string func to util for reuse
 2015-07-22 11:08:47 -07:00
deads2k 98d6b454f3 pass along status errors for upgrades 2015-07-15 15:53:29 -04:00
Joe Beda c15953662e Fix up alignment of columns w/ namespaces. 
Fixes #10842

All issues for types that use "extra lines" for extended information.  Two issues fixed: (1) When namespaces are listed an extra column isn't inserted for extra lines and (2) trailing tabs aren't inserted when label columns are specified.

This code should probably move to a more explicit model of putting data into "cells".

The test for this hits https://github.com/golang/go/issues/6416 and so I introduced a "LineDelimiter" writer filter to make white space more visible.
 2015-07-09 08:59:32 -07:00
Eric Paris cde68d294b Do not create subject alt dns names for kubelet self signed certs 
PR #10643 Started adding the dns names for the kubernetes master to self
sign certs which were created. The kubelet uses this same code, and thus
the kubelet cert started saying it was valid for these name as well.
While hardless, the kubelet cert shouldn't claim to be these things. So
make the caller explicitly list both their ip and dns subject alt names.
 2015-07-04 23:01:01 -04:00
Nikhil Jindal 05ce0472e9 Merge pull request #10643 from eparis/self-sign-cert-san 
Add Subject Alt Names to self signed apiserver certs
 2015-07-02 12:21:22 -07:00
Wojciech Tyczynski 2f4574167d Merge pull request #10561 from smarterclayton/make_empty_public 
Make util.empty public for conversions
 2015-07-02 09:31:25 +02:00
Eric Paris 7a29af4d2c Add Subject Alt Names to self signed apiserver certs 
A cert from GCE shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes,
- DNS:kubernetes.default
- DNS:kubernetes.default.svc
- DNS:kubernetes.default.svc.cluster.local
- DNS:e2e-test-zml-master

A similarly configured self signed cert shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes
- DNS:kubernetes.default
- DNS:kubernetes.default.svc

So we are missing the fqdn kubernetes.default.svc.cluster.local. The
apiserver does not even know the fqdn! it's defined entirely by the
kubelet! We also do not have the cluster name certificate. This may be
--cluster-name= argument to the apiserver but will take a bit more
research.
 2015-07-01 17:05:17 -04:00
Clayton Coleman 8d189245fb Make util.empty public for conversions 
Some downstream components want to use a StringSet in their internal
objects, but leaving util.empty private means that generated conversions
cannot create constructors generically for those objects.  This makes
Empty public until such a time as the generator supports private types.
 2015-07-01 16:12:15 -04:00
Zach Loafman 03be2f3f0b Merge pull request #10545 from liggitt/rate_limit 
Switch to token bucket rate limiter with better performance
 2015-07-01 08:36:19 -07:00
Wojciech Tyczynski 5965e82a3a Merge pull request #10500 from lavalamp/etcdChanFix 
Fix logging.
 2015-07-01 11:47:22 +02:00
Zach Loafman 2884446c50 Merge pull request #10443 from bprashanth/sort_rc 
Handle overlapping controllers semi-deterministically
 2015-06-30 15:56:54 -07:00
Zach Loafman 7df8d76a93 Merge pull request #10169 from saad-ali/fixPDIssue2 
Work around for PDs stop mounting after a few hours issue
 2015-06-30 15:47:21 -07:00
saadali c952ee23a7 Work around for PDs stop mounting after a few hours issue 2015-06-30 13:31:03 -07:00
Tim Hockin 15766bfbbc Don't repeat field name in errors 2015-06-30 11:58:21 -07:00
Daniel Smith eabc344eed Fix logging; extend queue length to 100 2015-06-30 10:27:24 -07:00
Jordan Liggitt f265d5c5ee Switch token bucket rate limiter to github.com/juju/ratelimit 2015-06-30 10:34:41 -04:00
Prashanth Balasubramanian 90ebc1ad29 Sort overlapping rcs 2015-06-29 15:30:19 -07:00
Clayton Coleman 93b14b9ede Search the parent FS for the proper binaries 2015-06-26 14:48:22 -04:00
Clayton Coleman fa7000a5bc Use nsenter on PATH in container, and separate args 
nsenter needs '--' to separate calls
 2015-06-26 14:28:08 -04:00
Robert Bailey 54a3ebef3c Merge pull request #10315 from nikhiljindal/invalidValue 
Updating the "invalid value" error message to include the list of valid values
 2015-06-26 10:46:59 -07:00
Maxwell Forbes 712f303350 Merge pull request #9736 from sdminonne/bug_fix2 
To add validation for service ports when defined as string
 2015-06-25 19:37:04 -07:00
Maxwell Forbes 5e748c1d47 Merge pull request #10070 from lavalamp/e2eProxyFix 
proxy e2e test improvements
 2015-06-25 13:15:03 -07:00
nikhiljindal 3b3ee0ed77 Improving an error message 2015-06-25 13:08:09 -07:00
Maxwell Forbes 655179dcfb Merge pull request #10264 from mikedanese/ca-token 
add ca cert to token controller and all service accounts
 2015-06-25 09:56:35 -07:00
Tim Hockin 7874743a43 Move rand string func to util for reuse 2015-06-24 21:13:42 -07:00
Dawn Chen 710fb4e413 add iptables rule for MASQUERADE for egress 2015-06-24 17:19:57 -07:00
Mike Danese 56bde3342a add ca to token controller and all service accounts 2015-06-24 15:10:20 -07:00
Daniel Smith ddbe4c914f Fix proxy rewriting 2015-06-24 13:54:14 -07:00
Dawn Chen 6ddfa512de Revert "Revert "Fix the race between configuring cbr0 and restarting static pods"" 
This reverts commit fd0a95dd12.
 2015-06-24 11:10:10 -07:00
Piotr Szczesniak fd0a95dd12 Revert "Fix the race between configuring cbr0 and restarting static pods" 2015-06-24 09:56:49 +02:00
Dawn Chen 23200d303f Fix several issues on running syncPods until network is configured. 
Also fixed unittests and compiling.
 2015-06-23 12:11:19 -07:00
Jeff Lowdermilk 85770295c2 Merge pull request #10004 from ArtfulCoder/kubelet_health 
Augmented kubelet healthz with syncLoop check.
 2015-06-22 10:53:05 -07:00
Salvatore Dario Minonne 4b13faa346 To add validation for service ports when defined as string (fixing issue #9734) 2015-06-22 17:21:51 +02:00
Justin Santa Barbara c5f9085398 Mark realSSHDialer as implementing sshDialer 2015-06-20 18:18:38 -04:00
Justin Santa Barbara efdd03a6a9 Don't assume we always SSH as the current user 
This works on gcloud (where the user is dynamically created by the tool),
but doesn't hold on other clouds (e.g. AWS).

The function in pkg/util now takes a user arg, and it is called only
from the e2e tests, which now check for env-var KUBE_SSH_USER, and then
fall back to the existing behaviour of env-var USER.

I am using this from Jenkins by directly setting the env-var:

export KUBE_SSH_USER=jenkins
...
hack/jenkins/e2e.sh
 2015-06-20 18:18:38 -04:00
Abhishek Shah 3556993179 Augmented kubelet healthz with syncLoop check. 
Monit uses read-only port for health monitoring.
 2015-06-19 18:14:01 -07:00
Satnam Singh f83d5356d7 Merge pull request #9987 from mbforbes/livingUpgrade 
Node upgrade test
 2015-06-19 10:02:52 -07:00
markturansky 450002a52e Fixed formatting of error message 2015-06-19 11:21:57 -04:00
Satnam Singh d8e5225144 Merge pull request #10069 from lavalamp/sshLockingFix 
fix locking around ssh tunnels
 2015-06-18 17:50:06 -07:00
Daniel Smith 4126622388 fix locking around ssh tunnels 2015-06-18 16:52:10 -07:00
Satnam Singh 42fd7b4b68 Merge pull request #9806 from manansaraf/patch_error 
Fixed pointers bug in PATCH verb in the API
 2015-06-18 16:13:38 -07:00
Max Forbes 2803fbe343 Node upgrade tests. 2015-06-18 15:59:51 -07:00
CJ Cullen 15596ede41 Make AddSSHKeys a controller loop. Make sure master's always initializes m.tunnels. 2015-06-17 17:46:27 -07:00
Saad Ali f8e58f7efe Merge pull request #9827 from timstclair/html-rewrite 
Html rewrite
 2015-06-17 11:35:30 -07:00
Tim St. Clair 49b8c975d8 Update the URL-rewriting logic to make minimal modifications. 
The new approach avoids building a complete parse tree, instead using the lower level token stream. Doing so removes the need for creating "missing" HTML elements, reducing the collateral changes to the rewritten HTML.

Resolves: #9766
 2015-06-16 14:15:11 -07:00
Manan Saraf 86025129fb Fixed pointers bug in PATCH verb in the API 2015-06-16 13:31:49 -07:00
Brendan Burns 96c244eacf Merge pull request #9848 from cjcullen/fwfix 
Fix mislooping in ssh.go. Add retries to AddSSHKeys.
 2015-06-16 11:10:30 -07:00
Saad Ali 5596e6f789 Merge pull request #9493 from marekbiskup/testAddonUpdate 
e2e test for addon upgrade
 2015-06-16 10:50:15 -07:00
CJ Cullen 48f672af92 Change SSHTunnelList to struct to make Open() semantics better. 2015-06-16 10:36:38 -07:00
CJ Cullen 4d5d0457ef Fix mislooping in ssh.go. Add retries to AddSSHKeys. 2015-06-16 00:08:37 -07:00
Brendan Burns a6652a0e98 Merge pull request #9834 from cjcullen/fwfix 
Fix crashes in ssh-tunnel code.
 2015-06-15 20:25:32 -07:00
Fabio Yeon bcf5cffa1a Merge pull request #9768 from timstclair/proxy-rel 
Don't rewrite relative URLs when proxying HTTP content.
 2015-06-15 19:54:18 -07:00
CJ Cullen 66fb8ccb02 Add ssh tunnel-open metrics 2015-06-15 17:28:54 -07:00
CJ Cullen faa9313eea Fix several potential crashes in sshtunnel open/close code. 2015-06-15 14:38:37 -07:00
Marek Biskup dcc4034d57 e2e test for addon update 2015-06-15 17:37:24 +02:00
Tim St. Clair fd7d46e9da Don't rewrite relative URLs when proxying HTTP content. 2015-06-12 21:30:29 -07:00
BenTheElder c5baf1f284 Export GetIptablesVersion utility in util/iptables 
For kube-proxy to determine whether to use pure iptables as in
https://github.com/GoogleCloudPlatform/kubernetes/issues/3760
Related WIP PR:
https://github.com/GoogleCloudPlatform/kubernetes/pull/9210
 2015-06-12 17:13:40 -04:00
krousey f62a2a1bb6 Merge pull request #9451 from cjcullen/mig 
Use Node IP Address instead of Node.Name in minion.ResourceLocation.
 2015-06-09 15:52:12 -07:00
krousey 43a423f6fc Merge pull request #9440 from brendandburns/ssh 
Add an initial test for SSH.
 2015-06-09 12:08:26 -07:00
krousey 9740105a99 Merge pull request #8837 from mbforbes/rollingTest 
E2E test node upgrade (to same version)
 2015-06-09 10:42:17 -07:00
Brendan Burns 2240486110 Add an initial test for SSH. 2015-06-08 20:53:05 -07:00
CJ Cullen 2d85e4a094 Use Node IP Address instead of Node.Name in minion.ResourceLocation. 
Refactor GetNodeHostIP into pkg/util/node (instead of pkg/util to break import cycle).

Include internalIP in gce NodeAddresses.
 2015-06-08 16:58:00 -07:00
CJ Cullen 04cd9b3c75 Make sshproxy use a hostmount on master PD (don't spam sshKeys on upgrade/reboot). 
Add comment describing what SSHTunnelList.Close() does.
Simplify util.FileExists.
 2015-06-05 15:03:03 -07:00
CJ Cullen cb317604ab Some refactoring. Only selectively use ssh proxy. 
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
 2015-06-05 14:55:16 -07:00
CJ Cullen 1ae8801387 Fix transport creation logic. 
Refactor loadTunnels to allow one path for load, another for refresh.
Make SSHTunnelList.Close sleep for a minute before actually closing each tunnel.
 2015-06-05 14:55:16 -07:00
Brendan Burns 5115fd5703 Add key generation. 2015-06-05 14:55:15 -07:00
Brendan Burns 30a89968a4 Initial proxy tunnelling. 2015-06-05 14:54:20 -07:00
Quinton Hoole 8b01ecb53a Merge pull request #9024 from markturansky/recyc_controllers 
PersistentVolumeRecycler controller
 2015-06-05 11:39:08 -07:00
markturansky 986cbb56d4 Recycling HostPath and NFS impls 2015-06-04 15:46:03 -04:00
Brian Grant f72fa67924 Revert "Use Node IP Address instead of Node.Name in minion.ResourceLocation." 2015-06-03 18:19:22 -07:00
Max Forbes a6c47a07de E2E test node upgrade (to same version) 2015-06-03 17:05:45 -07:00
CJ Cullen 4e5d0da839 Use Node IP Address instead of Node.Name in minion.ResourceLocation. 
Refactor GetNodeHostIP into pkg/util/node (instead of pkg/util to break import cycle).

Include internalIP in gce NodeAddresses. Remove NodeLegacyHostIP
 2015-06-02 20:01:49 -07:00
Eric Tune c1d0a48075 Merge pull request #8912 from justinsb/volumes_kubelet_root_not_symlink 
Ensure kubelet root is not a symlink
 2015-06-01 09:24:32 -07:00
Justin Santa Barbara c4a2631593 Mount logic breaks if /var/lib/kubelet is a symlink 
Pass the correct kubelet root-dir on AWS
 2015-05-29 20:13:09 -04:00
Justin Santa Barbara 9839253233 Add logging to volume tear-down to help understand mount behaviour 2015-05-29 20:11:13 -04:00
Rohit Jnagal 0cbd4beb63 Merge pull request #8886 from csrwng/fix_proxy_url_slash 
Fix proxying of URLs that end in "/" in the pod proxy subresource
 2015-05-29 16:28:41 -07:00
Rohit Jnagal d34d00c288 Merge pull request #8898 from brendandburns/tunnel 
Move SSH code into a common util package.  Add support for SSH tunnels.
 2015-05-29 14:48:37 -07:00
Tim Hockin 4318ca5a8b Rename 'portal IP' to 'cluster IP' most everywhere 
This covers obvious transforms, but not --portal_net, $PORTAL_NET and
similar.
 2015-05-28 16:10:44 -07:00
Cesar Wong 684dcd4307 Fix proxying of URLs that end in "/" in the pod proxy subresource 
Also handles proxying of URLs that have an empty path and don't end in a slash "/" by redirecting to the same location with a slash appended.
 2015-05-27 22:12:55 -04:00
Brendan Burns a51747f941 Move SSH code into a common util package. Add support for SSH tunnels. 2015-05-27 16:58:52 -07:00
Anastasis Andronidis 5eae2378d6 Warn for every _ flag user or cmd defined 
also renames all global _ flags to -
 2015-05-27 11:23:52 +02:00
Saad Ali 7493ed0fca Merge pull request #8786 from pmorie/secret-tests 
Add tests for secret volume plugin reboot/idempotency
 2015-05-26 09:57:31 -07:00
Filip Grzadkowski 967b1b95ba Add very simple tracing mechanism for easier debugging of slow requests. 2015-05-26 16:17:18 +02:00
Paul Morie feb0880b1e Add tests for secret volume plugin reboot/idempotency 2015-05-25 13:34:07 -04:00
Justin Santa Barbara 1ad4549f5f Proxy infrastructure for NodePorts 
A service with a NodePort set will listen on that port, on every node.

This is both handy for some load balancers (AWS ELB) and for people
that want to expose a service without using a load balancer.
 2015-05-22 17:21:49 -04:00
Victor Marmol 0e804b03a4 Merge pull request #8220 from thockin/label-validation 
Add test case for qname validation, fix impl
 2015-05-18 08:40:56 -07:00
Justin Santa Barbara 2457c284ed Add util.PortRange, so that a port range can be a flag. Format: lo-hi 2015-05-16 15:52:57 -04:00
Tim Hockin 71d375e22f Add test case for qname validation, fix impl 2015-05-15 14:45:36 -07:00
Dawn Chen ebbb130af8 OOM protected docker processes (-900) 2015-05-14 15:49:12 -07:00
Tim Hockin b429e89251 Spec qualified names (label keys) more tightly 
It can be a (DNS_SUBDOMAIN/)?label, but we were validating it
incorrectly before.
 2015-05-13 13:59:16 -07:00
Robert Bailey c47b9178b4 Replace the auth config file with a kubeconfig file when 
starting the kubelet on GCE.
 2015-05-13 01:03:28 -07:00
Jordan Liggitt 6e570732f5 ServiceAccounts controller 2015-05-11 17:18:05 -04:00
Nikhil Jindal 48dfad6701 Merge pull request #8050 from fgrzadkowski/cache 
Add cache with multiple shards to decrease lock contention
 2015-05-11 10:18:34 -07:00
Paul Morie 14243d3bd6 Fix typo in nsenter_mount.go 2015-05-11 11:41:01 -04:00
Filip Grzadkowski 50de4d0081 Add cache with multiple shards to decrease lock contention 2015-05-11 15:07:50 +02:00
Yu-Ju Hong 170f426fb6 Don't use the first token `uname -n` as the hostname 
This change partially reverts the change made in #7910, which takes only the
first token of `uname -n` as the hostname.
 2015-05-08 10:09:06 -07:00
Abhi Shah 589154a557 Merge pull request #7821 from lavalamp/deleteEndpoints 
Add old endpoint cleanup function
 2015-05-07 16:54:41 -07:00