github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
72,297 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

72297 Commits (aac9ee1793bba0b860c3d8d3af44fcc2af8feb6b)

Author SHA1 Message Date
k8s-ci-robot aac9ee1793
Merge pull request #71259 from rosti/minver-bump-12 
kubeadm: Bump minimum Kubernetes version to v1.12
 2018-11-20 17:31:15 -08:00
k8s-ci-robot f8983a8988
Merge pull request #70633 from leblancd/kubeadm_etcd_v6_fix 
Fix kubeadm etcd manifests to use brackets around IPv6 addrs
 2018-11-20 15:34:24 -08:00
k8s-ci-robot cda358b6d7
Merge pull request #71242 from appian/fix_hostaliases_test 
Fix broken integration test around hostAliases
 2018-11-20 14:23:54 -08:00
k8s-ci-robot e20c15174e
Merge pull request #71187 from liggitt/fix-release-note 
fix release note
 2018-11-20 11:41:01 -08:00
k8s-ci-robot 514a5b8f16
Merge pull request #70878 from jingxu97/Nov/repd 
Remove useBetaAPI option from getReplicaZoneURI
 2018-11-20 11:40:51 -08:00
k8s-ci-robot 27d8290cbf
Merge pull request #71270 from bart0sh/PR0043-kubeadm-join-857-use-commandline-options-with-config 
kubeadm: override node registration options from command line
 2018-11-20 07:43:01 -08:00
Ed Bartosh 012e46320b kubeadm: override node registration options from command line 
'kubeadm join' silently ignores --node-name and --cri-socket
command line options if --config option is specified.

In some cases it's much easier for users to override these parameters
from the command line instead of updating config, especially for
multi-node automatic deployments where only node name should be changed.

Implemented setting 'name' and 'criSocket' options from the command
line even if --config command line option is used.
 2018-11-20 16:26:57 +02:00
Rostislav M. Georgiev aa414e139e kubeadm: Bump minimum Kubernetes version to v1.12 
Bump MinimumControlPlaneVersion and MinimumKubeletVersion to v1.12 and update
any related tests.

Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>
 2018-11-20 16:21:49 +02:00
Bill Warshaw b810fd2726 Fix broken integration test around hostAliases 
* broken by ab507dfc1f
 2018-11-19 20:52:04 -05:00
k8s-ci-robot 50e02fd0cc
Merge pull request #71229 from chuckha/etcd-server 
kubeadm: adds etcd server version for 1.13
 2018-11-19 16:25:42 -08:00
k8s-ci-robot 956dcdd4ca
Merge pull request #71232 from liztio/sparse-cert-creation 
Sparse cert creation for `kubeadm init`
 2018-11-19 15:07:32 -08:00
liz 2f14e1801e
`kubeadm init` supports sparse certificates 2018-11-19 16:55:16 -05:00
k8s-ci-robot 16d6daf520
Merge pull request #71219 from neolit123/kubeadm-go-docs-1.13 
kubeadm: fix issues in the v1beta1 godoc
 2018-11-19 13:03:25 -08:00
liz 9e8228f14a
Move some test functions into test utils 2018-11-19 14:38:10 -05:00
Chuck Ha 679d4397cf
kubeadm: adds etcd server version for 1.13 
Signed-off-by: Chuck Ha <ha.chuck@gmail.com>
 2018-11-19 14:34:00 -05:00
k8s-ci-robot 8848740f6d
Merge pull request #71222 from yagonobre/uploadconfig-flags 
Add flags to kubeadm init phase uploadconfig all
 2018-11-19 09:18:34 -08:00
Yago Nobre c185836e64
Add flags to kubeadm init phase uploadconfig all 2018-11-19 14:02:29 -02:00
Lubomir I. Ivanov bc6837ffe3 kubeadm: fix issues in the v1beta1 godoc 
- make the whole config example actually pass strict verification
(i.e. make the config work with --config)
- add print init-defaults/join defaults
- other small fixes
 2018-11-19 17:26:34 +02:00
k8s-ci-robot f7b9b669e5
Merge pull request #71208 from losipiuk/lo/fix-flaky-scalup-test 
Fix flaky 'shouldn't trigger additional scale-ups during processing scale-up' test
 2018-11-19 05:51:43 -08:00
Łukasz Osipiuk 4d154179c4 Fix flaky 'shouldn't trigger additional scale-ups during processing scale-up' test 2018-11-19 13:37:50 +01:00
k8s-ci-robot 7ba79c3183
Merge pull request #71128 from yue9944882/chore/add-reviewer 
Add yue9944882 to CRD/CR apiserver reviewer
 2018-11-18 14:14:17 -08:00
Jordan Liggitt 5bdb625467 fix release note 2018-11-18 16:28:22 -05:00
k8s-ci-robot 8996fc1639
Merge pull request #71173 from smarterclayton/revert_bootstrap 
Revert "Make bootstrap client cert loading part of rotation"
 2018-11-17 10:33:43 -08:00
Clayton Coleman 3464222267
Revert "Make bootstrap client cert loading part of rotation" 
This reverts commit 0af19875ad.

Revert "Ensure the bootstrap rotation code is tested by forcing rotation"

This reverts commit de293b2d7d.
 2018-11-17 10:24:39 -05:00
k8s-ci-robot 46ebebcc4f
Merge pull request #65763 from x13n/audit-logging 
Add option to k8s apiserver to reject incoming requests upon audit failure
 2018-11-17 04:39:56 -08:00
k8s-ci-robot e3420cc46f
Merge pull request #70494 from RenaudWasTaken/pluginwatcher 
Ignore non socket files in the kubelet plugin watcher
 2018-11-16 22:46:42 -08:00
k8s-ci-robot 3be3510814
Merge pull request #69890 from smarterclayton/bootstrap_retry 
Make bootstrap client cert loading part of rotation
 2018-11-16 22:46:33 -08:00
k8s-ci-robot ca696fef26
Merge pull request #69848 from mikedanese/projadmission 
migrate service account volume to a projected volume when BoundServiceAccountTokenVolumes are enabled
 2018-11-16 22:46:23 -08:00
Anago GCB 9bd9bf71c4 Update CHANGELOG-1.13.md for v1.13.0-beta.1. 2018-11-17 05:16:38 +00:00
k8s-ci-robot ec2e767e59
Merge pull request #71167 from msau42/block-beta 
Promote raw block volume support to beta
 2018-11-16 20:28:03 -08:00
k8s-ci-robot df8ad8eae1
Merge pull request #71166 from Random-Liu/fix-kubelet-panic 
Fix kubelet panic.
 2018-11-16 20:27:53 -08:00
k8s-ci-robot 7e621ccb08
Merge pull request #71063 from Huang-Wei/nodeinfo-clone-panic 
fix a scheduler panic due to internal cache inconsistency
 2018-11-16 20:27:44 -08:00
k8s-ci-robot 1f3057b7fb
Merge pull request #70898 from Huang-Wei/preemption-issue 
ensure scheduler preemptor behaves in an efficient/correct path
 2018-11-16 20:27:35 -08:00
k8s-ci-robot f38cc95505
Merge pull request #62692 from mikedanese/trev2 
authn: extend authenticator.Token to support audience validation
 2018-11-16 20:27:25 -08:00
Clayton Coleman de293b2d7d
Ensure the bootstrap rotation code is tested by forcing rotation 
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.

Verify that we choose the correct client.
 2018-11-16 21:50:52 -05:00
Clayton Coleman 0af19875ad
Make bootstrap client cert loading part of rotation 
Ensure that bootstrap+clientcert-rotation in the Kubelet can:

1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds

Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).

Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.

Preserve existing behavior where:

1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
   the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
 2018-11-16 21:50:26 -05:00
k8s-ci-robot 39c8219999
Merge pull request #71158 from liggitt/revert-openapi-publish 
Revert openapi publish
 2018-11-16 18:22:43 -08:00
k8s-ci-robot bf0e6d14ca
Merge pull request #71152 from liztio/no-csr-ca 
Don't allow --csr-only for CA certs or all
 2018-11-16 18:22:33 -08:00
k8s-ci-robot 4821291398
Merge pull request #71095 from msau42/csi-devicepath 
Remove devicePath dependency for CSI volumes
 2018-11-16 18:22:24 -08:00
k8s-ci-robot f877b2257a
Merge pull request #71074 from jsafrane/volume-manager-races 
Fix race between MountVolume and UnmountDevice
 2018-11-16 18:22:14 -08:00
Renaud Gaubert 1a3fbf1f13 Update e2e tests to include CSI 2018-11-17 01:52:57 +01:00
Renaud Gaubert 229418f261 Update pluginwatcher to ignore CSI metadata dir and non socket files 2018-11-17 01:51:00 +01:00
k8s-ci-robot b6bbb01f04
Merge pull request #71058 from verult/nodeinfomanager-retry 
Augmenting API call retry in nodeinfomanager; Revert #70891
 2018-11-16 16:31:40 -08:00
k8s-ci-robot 1e22f080ec
Merge pull request #67383 from stlaz/enc_config_promotion 
Introduce apiserver.config.k8s.io/v1 and use standard method for parsing encryption config file
 2018-11-16 16:31:30 -08:00
Michelle Au 18453b01e6 Tolerate apiserver being older than controller-manager 2018-11-16 16:31:27 -08:00
Mike Danese effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
Mike Danese ed17876e52 plumb apiAudience to TokenReview registry 2018-11-16 19:30:42 -05:00
Lantao Liu 59e80cdac3 Fix kubelet panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-11-16 16:21:57 -08:00
Michelle Au 974d47ecf8 Remove devicePath dependency for CSI volumes 2018-11-16 15:40:35 -08:00
liz 440a5ad7cb
Don't allow --csr-only for CA certs or all 2018-11-16 15:22:37 -08:00