Commit Graph

270 Commits (b24b251cb13e3a960e8638928e7d40c3b3d79478)

Author SHA1 Message Date
Tim Hockin 75617e8760 Better kubelet logging for probes
Log when we actually run probes and event when they fail.  Print the output of
a probe, too.
2015-05-20 08:56:45 -07:00
Dawn Chen 349d8b1a67 Merge pull request #8491 from vmarmol/fix-isolation
Fix setting resource isolation in Docker 1.6+
2015-05-19 11:26:27 -07:00
deads2k 72c0709f18 reduce scope of DockerConfigEntryWithAuth 2015-05-19 12:41:03 -04:00
Victor Marmol deaa0e569d Set CPU and memory in Create() and Start().
This allows for backwards and forwards compatability since old Docker
versions expect it in Create() and newer ones do so in Start().

Fixes #8358
2015-05-19 09:26:15 -07:00
deads2k 5458f05679 create LocalObjectReference 2015-05-19 08:39:46 -04:00
deads2k 0c14e0cbdb add pull secret references to pods 2015-05-18 16:18:16 -04:00
Victor Marmol a7341cfb77 Merge pull request #8386 from smarterclayton/make_kubelet_consumable
Make it easier to reuse kubelet server code
2015-05-18 11:26:55 -07:00
Satnam Singh 26b27b5e0f Merge pull request #8374 from jimmidyson/docker-log-symlink-separator
Docker log symlinks should use underscore separator
2015-05-18 08:59:07 -07:00
Michal Fojtik 7d11e226b7 Disable 'Timestamps' in Docker logs to prevent double-timestamps 2015-05-18 12:27:19 +02:00
Clayton Coleman 1f628f2340 Bump fake docker version to emulate Docker 1.6 2015-05-16 16:10:49 -04:00
Jimmi Dyson 2d4067f1fd Fixes #8374: Underscore separator in docker log symlink 2015-05-16 19:19:27 +01:00
Dawn Chen ebbb130af8 OOM protected docker processes (-900) 2015-05-14 15:49:12 -07:00
Victor Marmol 67eab52b9e Merge pull request #8146 from yifan-gu/runtime_opt
kubelet/container: Refactor RunContainerOptions.
2015-05-13 11:09:56 -07:00
Yifan Gu d164ac0ba0 kubelet/container: Refactor RunContainerOptions.
Make Envs, Mounts, PortMappings more generic.
Also add default name for PortMapping if it's not specified.
2015-05-13 10:01:00 -07:00
Brendan Burns 3f49c556e6 Second try at implementing prestop. 2015-05-12 17:17:03 -07:00
Victor Marmol 3481db8aee Merge pull request #8136 from yifan-gu/runtime_opt
kubelet/container: Remove ipcMode and netMode from  RunContainerOptions.
2015-05-12 14:41:49 -07:00
Yifan Gu a2dac158c2 kubelet/container: Remove ipcMode and netMode from RunContainerOptions.
Since createPodInfraContainer() is moved into dockertools. There is no
need to pass the ipcMode or netMode via RunContainerOptions.
2015-05-12 14:18:00 -07:00
Vish Kannan a74522a738 Merge pull request #8011 from brendandburns/exec
Switch exec to look at exit code not output status.
2015-05-12 12:43:11 -07:00
Brendan Burns fbd0143fa8 Merge pull request #7971 from deads2k/make-docker-keyring-handle-multiple-hits
make the dockerkeyring handle mutiple matching credentials
2015-05-11 17:01:37 -07:00
Yu-Ju Hong a9c9505206 Use VirtualSize of the docker image as the image size 2015-05-11 11:03:47 -07:00
Yu-Ju Hong 3487a165b8 Unexport DockerManager.RunContainer 2015-05-11 11:03:41 -07:00
Victor Marmol 307d677e06 Merge pull request #8022 from ddysher/kubelet-privilege
Check Pod privileged container
2015-05-11 09:01:58 -07:00
deads2k 2ecb0ebd73 make the dockerkeyring handle mutiple matching credentials 2015-05-11 09:54:03 -04:00
Deyuan Deng 2f7183cba5 Check Pod privileged container 2015-05-09 17:30:35 -04:00
Deyuan Deng 72a563f618 Use error type from docker go-client instead of string 2015-05-09 15:20:45 -04:00
Yu-Ju Hong d185bfd56a Record failure reason for image pulling 2015-05-08 17:37:11 -07:00
Brendan Burns c9324e6e38 Switch exec to look at exit code not output status. 2015-05-08 16:51:37 -07:00
Yifan Gu 8b1174a3a7 kubelet/container: Move pty*.go to container runtime package.
This makes the labeld pty wrapper available for both container runtime.
2015-05-07 23:36:47 -07:00
Paul Morie df08b15121 Change signature of container runtime PullImage to allow pull w/ secret 2015-05-06 17:42:03 -04:00
Rodolfo Carvalho 075ae79826 Fix metric label
Signed-off-by: Rodolfo Carvalho <rcarvalh@redhat.com>
2015-05-06 10:29:50 +02:00
Paul Weil 982bf19c20 security context initial implementation - squash 2015-05-05 13:46:13 -04:00
Victor Marmol fe7cb95be6 Merge pull request #7746 from vishh/exec_fix
Fix kubelet's docker RunInContainer implementation
2015-05-04 16:49:57 -07:00
Victor Marmol a32d31d045 Merge pull request #7729 from yujuhong/runtime_up
Kubelet: wait until container runtime is up
2015-05-04 16:02:30 -07:00
Vishnu Kannan ec01265643 Fix docker exec logic. Without this patch, kubelet was not receiving any output from docker exec
and was incorrectly handling the output.
2015-05-04 16:01:32 -07:00
Yu-Ju Hong d231eb6bef Kubelet: wait until container runtime is up
Instead of waiting for the docker client to be up, we wait for the container
runtime to be up.
2015-05-04 15:16:38 -07:00
Victor Marmol b0129089da Merge pull request #7712 from rjnagal/kubelet
Expose pod name as a label on containers.
2015-05-04 14:52:16 -07:00
Rohit Jnagal 1511dbf0b5 Expose pod name as a label on containers.
Full pod name is exposed under key 'kubernetes.io/pod'.
It helps in introspection by looking at all containers in a pod through
docker ps -a -f label=kubernetes.io/pod=podXXX

We also plan to visualize this in cAdvisor.
2015-05-04 21:20:42 +00:00
Victor Marmol 79fc8bee34 Change GetContainerLogs() signature.
This works for both runtimes. We need to eventually unify the ID scheme
for this method.
2015-05-04 11:16:32 -07:00
Yu-Ju Hong 1ad4dd7803 Kubelet: replace DockerManager with the Runtime interface
This change instructs kubelet to switch to using the Runtime interface. In order
to do it, the change moves the Prober instantiation to DockerManager.

Note that most of the tests in kubelet_test.go needs to be migrated to
dockertools. For now, we use type assertion to convert the Runtime interface to
DockerManager in most tests.
2015-05-04 10:19:46 -07:00
Daniel Smith 4a6ab7fd36 Merge pull request #7597 from eparis/copyright
Use generic copyright holder name in license boilerplate
2015-05-01 17:01:39 -07:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
2015-05-01 17:49:56 -04:00
Yu-Ju Hong 4fe3366b04 Removes RunPod in the Runtime interface
SyncPod subsumes RunPod, so the latter is no longer needed.
After this change, DockerManager implements the Runtime interface.
2015-05-01 14:47:04 -07:00
Victor Marmol 3b9eba2c1b Add SyncPod() to DockerManager and use in Kubelet.
This allows us to abstract away the logic of syncing a pod by the
runtime. It will allow other runtimes to perform their own sync as well.
2015-05-01 11:03:08 -07:00
Vish Kannan cadfde0bd1 Merge pull request #7277 from guenter/cgroup-parent
Add --cgroup_parent flag to Kubelet to set the parent cgroup for pods
2015-05-01 10:24:58 -07:00
Yifan Gu 3751ecc766 kubelet/container: Move ShouldContainerBeRestarted() to runtime. 2015-04-30 22:55:25 -07:00
Yu-Ju Hong b37f23f1eb Add KillContainerInPod in DockerManager
This changes adds one of the functions that DockerManager needs to implement
the Runtime interface.
2015-04-30 16:23:39 -07:00
Victor Marmol 441a4e6f30 Merge pull request #7578 from yujuhong/docker_manager
Add image-related methods to DockerManager
2015-04-30 16:16:39 -07:00
Yu-Ju Hong 83c599e4d4 Add image-related methods to DockerManager
This change is part of the efforts to make DockerManager implement the Runtime
interface.

The change also modifies the interface slightly to work with existing
code, and aggregates the type converting functions to convert.go.
2015-04-30 13:27:52 -07:00
Yu-Ju Hong 2f7b951140 Remove more docker references in kubelet
This change also renames TrimRuntimePrefixFromImage to TrimRuntimePrefix to
better reflect that the usage is not limited to images (e.g. ID).
2015-04-30 13:16:11 -07:00
Tobi Knaup b96c4046a8 Add --cgroup_root flag to Kubelet to set the parent cgroup for all pods.
Implements #6991.
2015-04-30 10:32:27 -07:00
Yu-Ju Hong 919d78281f Clean up dockertools/manager.go and add more unit tests.
This change refactors the GetPods function and add some basic unit tests.
We should start migrating docker specific tests from kubelet_test to
manager_test.go.
2015-04-29 18:32:52 -07:00
Yu-Ju Hong d81ecc58f8 Adapt pod killing and cleanup for generic container runtime
This change removes docker-specifc code in killUnwantedPods. It
also instructs the cleanup code to move away from interacting with
containers directly. They should always deal with the pod-level
abstraction if at all possible.
2015-04-29 16:08:09 -07:00
Yu-Ju Hong ba1140a54f Merge pull request #7480 from vmarmol/runtime-syncpod
Move ComputePodChanges to the Docker runtime
2015-04-29 16:05:20 -07:00
Victor Marmol 209b4fcbef Merge pull request #6718 from vishh/sys_oom1
Adding system oom events from kubelet
2015-04-29 14:29:38 -07:00
Victor Marmol fe4600ba17 Move ComputePodChanges to DockerManager.
This logic is specific to the Docker runtime. This move is the first
step towards making syncPod() runtime-agnostic.
2015-04-29 14:00:37 -07:00
Vishnu Kannan 020950fd0f Adding events for system ooms.
Kubelet will continuously watch for system OOMs and generate events whenever it
encounters a system OOM.
2015-04-29 11:19:11 -07:00
Yu-Ju Hong 33b8f487f6 Merge pull request #7449 from vmarmol/runtime-network-plugins
Move network plugin TearDown to DockerManager
2015-04-29 10:09:58 -07:00
Yifan Gu fb1c55aa11 kubelet/container: Add GetContainerLogs to runtime interface. 2015-04-28 20:26:16 -07:00
Victor Marmol 787d42d50b Move network plugin teardown to DockerManager.
This teardown is Docker-specific and will let us also do the setup in
the manager in future cleanups.
2015-04-28 16:58:54 -07:00
Victor Marmol de0957ccb1 Create Kubelet types package for common shared types. 2015-04-28 16:57:45 -07:00
Vishnu Kannan 820d0f3e83 Adding a 'PastEventf' method to EventRecorder interface. This will be
useful for recording the timestamp of events that happened in the past.
2015-04-28 16:13:29 -07:00
Dawn Chen 1de4c45115 Merge pull request #7401 from vmarmol/rkt-kill-pod
Kubelet: Move killPod() logic to DockerManager's KillPod()
2015-04-28 09:25:12 -07:00
Sam Ghods 5ceebb4a5f Add error message to log of docker error 2015-04-27 21:49:46 -07:00
Victor Marmol 6b0db76e85 Move killPod() logic to DockerManager KillPod().
This moved Docker specific logic there and allows it to align with the
runtime API. There is still a pod infra container reference in the
function due to network plugins. We can handle this in the Kubelet since
we'll need to be explicit in stating that the network plugin will not
work in a non-Docker runtime.
2015-04-27 17:15:37 -07:00
Victor Marmol 7404b7019c Move Docker-specific log handling to DockerManager.
Eases the separation of Docker-specific code into the Docker-specific
runtime.
2015-04-27 13:10:10 -07:00
Victor Marmol 0c52f7b6a5 Move CreatePodInfraContainer to DockerManager.
This will allow us to start making it an implementation detail of the
Docker runtime.
2015-04-27 11:07:38 -07:00
Yifan Gu 6c98b9daee kubelet/metrics: Move instrumented_docker.go to dockertools.
This can solve the circular import problem when we move the
kubelet.pullImage to kubelet/metrics or kubelet/container package.
2015-04-24 22:03:11 -07:00
Yifan Gu b5a1b32aa4 kubelet/dockertools: Move RunContainer into container runtime.
Also removed ContainerRunner interface.
2015-04-23 16:40:37 -07:00
Yifan Gu 6ed27d06f7 kubelet: Move KillContainer to container runtime.
Rename KillContainerID(string) with KillContainer(string).
Delete the old KillContainer(*kubecontainer.Container).
2015-04-23 15:44:00 -07:00
Yifan Gu e8d485a3a1 kubelet/dockertools: Add readinessManage/containerRefManager to dockerManager.
This can enable us to move KillContainer() to container runtime.
2015-04-23 14:20:34 -07:00
Satnam Singh 2444c1f943 Propagate pod and container name for log files 2015-04-22 15:08:51 -07:00
Yifan Gu c55c879ffe kubelet/dockertools: Remove dockerContainerCommandRunner.
Replace with docker manager.
2015-04-22 11:00:54 -07:00
Victor Marmol 1a41ec9c86 Merge pull request #7116 from yujuhong/container_status
Print container statuses in `kubectl get pods`
2015-04-22 09:18:14 -07:00
Dawn Chen a666c1e731 Merge pull request #7134 from yifan-gu/version
kubelet: Refactor GetDockerVersion().
2015-04-21 16:49:45 -07:00
Yu-Ju Hong 06125f37d3 Print container statuses in `kubectl get pods`
`kubectl get pod` already prints one container per line. This change fills in
the status for each container listed. This aims to help users quickly identify
unhealthy pods (e.g. in a crash loop) at a glance.

 - The first row of every pod would display the pod information and status
 - Each row of the subsequent rows corresponds to a container in that pod:
    * STATUS refers to the container status (Running, Waiting, Terminated).
    * CREATED refers to the elapsed time since the last start time of the
      container.
    * MESSAGE is a string which explains the last termination reason, and/or
      the reason behind the waiting status.
2015-04-21 15:42:18 -07:00
Yifan Gu 611fb25926 kubelet: Refactor GetDockerVersion().
Remove GetDockerServerVersion() from DockerContainerCommandRunner interface,
replaced with runtime.Version(). Also added Version type in runtime for version
comparision.
2015-04-21 14:52:08 -07:00
Akram Ben Aissi b7fc22be8a Fixes an issue with hosts having an IPv6 address on localhost
- When 'getent hosts localhost' returns '::1' the creation of the
  listener fails because of the port parsing which uses ":" as a
separator
- Use of net.SplitHostPort() to do the job
- Adding unit tests to ensure that the creation succeeds
- On docker.go: adds a test on the presence the socat command which was
  failing silenty if not installed

- Code Review 1
  - Fixed typo on Expected
  - The UT now fails if the PortForwarder could not be created

- Code Review 2
  - Simplify socat error message
  - Changing t.Fatal to to.Error on unit tests

- Code Review 3
  - Removing useless uses cases in unit tests

- Code Review 4
  - Removing useless initiliasiation of PortForwarder
  - Changing error message

- Code Review 5
  - Simplifying TestCast struct
  - Adding addition test in one test case
  - Closing the listener

- Code Review 6
  - Improving unit test
2015-04-21 20:16:22 +02:00
Victor Marmol d44e9b4880 Merge pull request #7048 from yujuhong/para_cleanup
Kubelet: parallelize cleaning up containers in unwanted pods
2015-04-20 14:59:07 -07:00
Yu-Ju Hong 275002173e Kubelet: parallelize cleaning up containers in unwanted pods
Kubelet kills unwanted pods in SyncPods, which directly impact the latency of a
sync iteration. This change parallelizes the cleanup to lessen the effect.

Eventually, we should leverage per-pod workers for cleanup, with the exception
of truly orphaned pods.
2015-04-20 14:42:12 -07:00
Andy Goldstein a0a80ea76e Use go-dockerclient's APIVersion
Use go-dockerclient's APIVersion to check the minimum required Docker
version, as it contains methods for parsing the ApiVersion response from
the Docker daemon and for comparing 2 APIVersion objects.
2015-04-20 13:48:18 -04:00
Xiang Li 2f2247dae3 pkg/kubelet: no more self receiver in kubelet pkg 2015-04-19 20:26:07 -07:00
Yu-Ju Hong 2fd87597a4 Fix data race in kubelet_test.go
Ensure that FakeDockerClient make a copy of the internal list and return it.
2015-04-16 11:36:10 -07:00
Victor Marmol 54406a5b7c Merge pull request #6794 from yujuhong/restart_counts
Kubelet: persist restart count of a container
2015-04-14 16:01:49 -07:00
Yu-Ju Hong fd34441d2d Kubelet: persist restart count of a container
Currently, restart count are generated by examine dead docker containers, which
are subject to background garbage collection. Therefore, the restart count is
capped at 5 and can decrement if GC happens.

This change leverages the container statuses recorded in the pod status as a
reference point. If a container finished after the last observation, restart
count is incremented on top of the last observed count. If container is created
after last observation, but GC'd before the current observation time, kubelet
would not be aware of the existence of such a container, and would not increase
the restart count accordingly. However, the chance of this should be low, given
that pod statuses are reported frequently. Also, the restart cound would still
be increasing monotonically (with the exception of container insepct error).
2015-04-14 15:06:42 -07:00
Victor Marmol ca9e209ccb Merge pull request #6795 from yifan-gu/cache
kubelet/container: Replace DockerCache with RuntimeCache.
2015-04-14 09:37:34 -07:00
Dawn Chen 8420abeea8 Merge pull request #6786 from yifan-gu/cleankube
kubelet: Remove unused docker functions.
2015-04-14 09:16:53 -07:00
Yifan Gu e1feed9a8b kubelet/container: Replace DockerCache with RuntimeCache. 2015-04-13 18:16:05 -07:00
Yifan Gu 7fedb14c27 kubelet: Remove unused docker functions.
Remove kubelet.getPodInfraContainer().
Remove dockertools.RemoveContainerWithID().
Remove dockertools.FindContainersByPod().

Also replace the useless test with a test for GetPods().
2015-04-13 16:32:18 -07:00
Yifan Gu d14cb8f1dd kubelet: Introduce PodInfraContainerChanged().
This functions computes in ahead whether we need to restart the pod
infra container.
2015-04-13 16:18:52 -07:00
Yifan Gu dda600e45c kubelet/dockertools: Add puller interfaces in the containerManager. 2015-04-13 15:34:22 -07:00
Yifan Gu a3675e08f2 kubelet/dockertool: Move Getpods() to DockerManager. 2015-04-13 14:05:22 -07:00
Yu-Ju Hong bb417e82d7 Kubelet: surface the container creation/start failure reason
Container creation/start failure cannot be reproduced by inspecting the
containers. This change caches such errors so that kubelet can retrieve it
later.

This change also extends FakeDockerClient to support setting error response
for a specific function.
2015-04-10 16:02:27 -07:00
Victor Marmol 1563a7636a Merge pull request #6652 from dchen1107/podstatus
Populate last terminated container information
2015-04-10 09:21:58 -07:00
Clayton Coleman fce3e5a2bb Merge pull request #6574 from ncdc/exec-portforward-no-command-pipes
Don't use command pipes for exec/port forward
2015-04-10 12:07:21 -04:00
Dawn Chen 563f2965ba Populate last terminated container information 2015-04-09 16:10:13 -07:00
Yifan Gu 12b382ce76 kubelet/fake_docker_client: Use self's PID instead of 42 in testing.
This is safer to use self's PID than some arbitrary PID (say 42),
since the kubelet will set the oom_score_adj for real.
2015-04-09 14:31:44 -07:00
Yifan Gu b868f421e0 kubelet: Move pod infra container image setting to dockertools. 2015-04-09 09:53:07 -07:00
Yifan Gu d4513c2890 kubelet/DockerManager: Fix returning empty error from GetPodStatus(). 2015-04-08 17:55:30 -07:00
Andy Goldstein 4c1cba5312 Don't use command pipes for exec/port forward
Switch to passing the streams for Stdin/Stdout/Stderr instead of using
StdinPipe() etc because the pipes are incompatible with Run()/Wait().
2015-04-08 13:42:42 -04:00
Yifan Gu 4b945e7218 kubelet: Remove GetRecentDockerContainersWithNameAndUUID().
Add unit tests to test the restart behaviour under different
restart policy.
2015-04-08 09:44:23 -07:00