github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
74,830 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

661 Commits (b8b143410fda4dd00e2c87bd2e8531b82157f283)

Author SHA1 Message Date
Brendan Burns e1c0e100b5 Turn off certificate checking for Mavericks, as the curl is borked. 2015-05-27 19:53:24 -07:00
Filip Grzadkowski e2c4a01b60 Merge pull request #8808 from fgrzadkowski/fix_warnings 
Fix WARNING during kube-push.sh
 2015-05-26 08:29:04 -07:00
Filip Grzadkowski 8fe771b4a3 Fix WARNING during kube-push.sh 2015-05-26 17:04:57 +02:00
Filip Grzadkowski 5b03939b84 Fix WARNING when creating firewall during e2e tests 2015-05-25 09:46:24 +02:00
Justin Santa Barbara ae80ed53cf Automatically open NodePort firewall rules for e2e tests 2015-05-22 22:39:40 -04:00
Dawn Chen 677a4aa1a7 Merge pull request #8164 from cjcullen/cloudprovider 
Route creation reconciler loop.
 2015-05-22 12:27:50 -07:00
CJ Cullen e6da5b9601 Make routecontroller_test less hacky. 
Rename reconcilePodCIDRs to reconcileNodeCIDRs.
Add comments and TODOs about using controller framework.
 2015-05-21 18:05:11 -07:00
CJ Cullen 0d12a15971 Route creation reconciler loop. 2015-05-20 14:21:30 -07:00
Max Forbes 3437ac691a Rolling node upgrade 2015-05-19 11:42:34 -07:00
Robert Bailey a236f04a5f Remove newlines output by base64 on linux. 2015-05-14 15:39:26 -07:00
Robert Bailey 9ab41db7ea Static cert distribution for GCE. 
To make cert validation work, no longer use the
fqdn for the master name on the node VMs.
 2015-05-14 11:59:13 -07:00
saadali c118b6d603 Fix GCE kube-down incorrect MIG delete OpID 2015-05-13 15:06:43 -07:00
saadali 932cdd954d Clean up GCE kube-down script by using set e 2015-05-12 16:58:22 -07:00
saadali c5b1508774 Make MIG deletion during GCE kube down blocking, so that subseqent template deletion doesn't fail. 2015-05-11 18:51:59 -07:00
Nikhil Jindal 72ac82eba9 Merge pull request #8005 from lavalamp/kubectlFix 
Don't print debugging things on every run of kubectl.sh
 2015-05-11 10:19:37 -07:00
Filip Grzadkowski 26d14300e9 Increase disk size for kubernetes master. 
Signed-off-by: Filip Grzadkowski <filipg@google.com>
 2015-05-11 15:35:38 +02:00
Daniel Smith ccecb115ed Don't print debugging things on every run of kubectl.sh 2015-05-08 15:55:28 -07:00
Filipe Brandenburger b7f9e2cea0 Merge pull request #7651 from zmerlynn/upload_hash_in_util 
Also push .sha1 for devel builds
 2015-05-06 09:07:39 -07:00
Jerzy Szczepkowski e967ffd522 Added flag to set cluster class B network address for pods, add flag to disable allocation CIDRs for Pods. Fixed synchornization bug in NodeController registerNodes(). 2015-05-05 16:10:43 -07:00
Tomek Kulczynski 290c7b94ef Make nodecontroller configure nodes' pod IP ranges 2015-05-05 16:10:42 -07:00
Zach Loafman 0c107e4c44 Also push .sha1 for devel builds 
And adds a .sha1 cache file to indicate what file was already pushed
to GCS, and how to force it if not, removing a few seconds off a
kube-up/push if you're just cycling.

With this and #7602, all TAR_URLS will have a .sha1 as well.
 2015-05-04 17:45:34 -07:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Dawn Chen 876f8beec9 Remove unused node-name attribute 2015-04-28 16:13:26 -07:00
Dawn Chen 13a0b033e2 Bring up a cluster using coreos image for worker nodes. 2015-04-28 16:13:26 -07:00
Dawn Chen 5fa11322f8 Factory out debian e.g. ContainerVM image specific support to its own 
helper utility library.
 2015-04-28 16:07:57 -07:00
Dawn Chen 8963347b9e Introduce MASTER_IMAGE, MINION_IMAGE and OS_DISTRIBUTION to config-default 
for enable coreos and rocket support
 2015-04-28 15:31:09 -07:00
Robert Bailey 8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Alex Robinson 5b5525dca5 Merge pull request #7324 from vishh/log_scope 
Enable logging.write scope for minions.
 2015-04-28 11:00:10 -07:00
Vishnu Kannan 9c66305f8c Enable logging.write scope by default for nodes. This is required for storing events in 
Google Cloud Logging via heapster.
 2015-04-28 10:55:06 -07:00
CJ Cullen 39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
Eric Tune 9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Brian Grant 60d7bad147 Merge pull request #7128 from nikhiljindal/fixbeta1tests 
Removing more references to v1beta1 from pkg/
 2015-04-24 11:07:53 -07:00
Satnam Singh b6bee06c20 Merge pull request #7269 from zmerlynn/lose_one_sanity 
Remove buggy GCE post turn-up cluster validation code (rely on validate-cluster.sh)
 2015-04-24 10:56:20 -07:00
nikhiljindal dcc368c781 Removing more references to v1beta1 from pkg/ 2015-04-24 00:45:17 -07:00
Zach Loafman ad829dead7 Remove buggy GCE post turn-up cluster validation code (rely on validate-cluster.sh) 
Fixes #7266
 2015-04-23 16:28:44 -07:00
Eric Tune e8a83b23d1 Pass KUBELET_TOKEN in kube-env metadata. 
ensure-kube-token is not needed anymore because
the token passed in kube-env.

In the up case it is set, in the push case it is an empty string
but not used.

Allow unset KUBELET_TOKEN (for push case).

Fix comment.
 2015-04-23 15:21:27 -07:00
Wojciech Tyczynski cf824ae5e0 Merge pull request #7164 from fgrzadkowski/fix_wait_minion 
Wait for minion to start even if gcloud command fails.
 2015-04-23 08:21:19 +02:00
Robert Bailey 6951bb0bd5 Fix the restart-apiserver command for GCE/GKE. 2015-04-22 15:21:13 -07:00
Robert Bailey 4346c6ecae Swallow the output from the test ssh connections so that it 
doesn't interfere with string comparison.
 2015-04-22 14:19:15 -07:00
Robert Bailey dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Zach Loafman 86468cd29d Revert "Added kube-proxy token." 2015-04-22 10:55:08 -07:00
Zach Loafman 0e3e502d52 Fix unbound variable after #7146 2015-04-22 10:19:53 -07:00
Zach Loafman 42e1710ccf Fix build after #7146 2015-04-22 10:11:19 -07:00
Zach Loafman c9988db0ee Merge pull request #7146 from brendandburns/get-k8s 
Extend the get-cluster.sh script to use sudo if necessary.
 2015-04-22 09:58:07 -07:00
Brendan Burns 42121d1809 Extend the get-cluster.sh script to use sudo if necessary. 2015-04-22 09:52:44 -07:00
Zach Loafman 854c20c5e2 Merge pull request #7113 from erictune/kube-proxy-token 
Added kube-proxy token.
 2015-04-22 09:16:04 -07:00
Filip Grzadkowski 780db9d794 Wait for minion to start even if gcloud command fails. 2015-04-22 16:37:22 +02:00
Brendan Burns 78dabbdb7f Fix the ssh-to-node to actually fail on failures. 2015-04-21 15:27:38 -07:00
Brendan Burns 71e6b05825 Fix kube-apiserver restart. 2015-04-21 15:11:00 -07:00
Brendan Burns 9d715226d6 Fix kube-apiserver restart. 2015-04-21 13:59:26 -07:00
Eric Tune 2ca8a9d15d Added kube-proxy token. 
Generates the new token on AWS, GCE, Vagrant.
Renames instance metadata from "kube-token" to "kubelet-token".
(Is this okay for GKE?)

Having separate tokens for kubelet and kube-proxy permits
using principle of least privilege, makes it easy to
rate limit the clients separately, allows annotation
of apiserver logs with the client identity at a finer grain
than just source-ip.
 2015-04-21 09:21:31 -07:00
Jeff Lowdermilk 4f6dc99075 Generate kubeconfig for all providers in cluster/ that use auth 2015-04-20 11:07:35 -07:00
Robert Bailey eb1ea26995 Merge pull request #7012 from jlowdermilk/export-kubeconfig 
export KUBECONFIG so callers of common.sh functions can use it
 2015-04-17 16:37:10 -07:00
Jeff Lowdermilk 1c265f3784 export KUBECONFIG so callers of common.sh functions can use it 2015-04-17 16:22:07 -07:00
Brian Grant 2775b9e0de Merge pull request #6998 from zmerlynn/make_reboot_work 
Make reboots work on GCE/GKE
 2015-04-17 16:10:32 -07:00
Zach Loafman aca8452a21 Merge pull request #6994 from cjcullen/staticip 
Reserve Master IP before creating Master VM
 2015-04-17 11:48:48 -07:00
CJ Cullen 6a3c809833 Reserve Master IP before creating Master VM. 2015-04-17 11:36:00 -07:00
Zach Loafman 05d8e96cd4 Push the configure-vm.sh script when we push metadata 
This is needed when we upgrade (and useful when you're trying to
change the startup script for reboots).

Along the way: allow add-instance-metadata[-from-file] to take a
variable number of KVs.
 2015-04-17 11:27:48 -07:00
Jeff Lowdermilk 2a8291a67e Retry Move KUBECONFIG to common.sh, change default to new location 2015-04-17 10:33:12 -07:00
Robert Bailey 723f2941e8 Revert "Move KUBECONFIG into common.sh, change default to new location" 2015-04-16 22:17:11 -07:00
Jeff Lowdermilk 5ce9b07cbe Move KUBECONFIG declaration into common.sh, change default to new location 2015-04-16 19:23:35 -07:00
Brendan Burns 5df4d927b9 We have had user reports that look like hash conflicts. Expand the has to 10 digits. 2015-04-08 21:51:50 -07:00
Zach Loafman 616c6be653 Refactor the "gcloud compute instances create" call as well. 2015-04-06 08:35:02 -07:00
Zach Loafman 9e5fd874cc First hack at upgrade script for GCE: 
Address #6075: Shoot the master VM while saving the master-pd. This
takes a couple of minor changes to configure-vm.sh, some of which also
would be necessary for reboot. In particular, I changed it so that the
kube-token instance metadata is no longer required after inception;
instead, we mount the master-pd and see if we've already created the
known tokens file before blocking on the instance metadata.

Also partially addresses #6099 in bash by refactoring the kube-push
path.
 2015-04-05 11:42:34 -07:00
Max Forbes 152a461f39 Fix pod that's looked for on kube up. 2015-04-01 17:28:04 -07:00
Jeff Grafton 0d382c03fc Add missing } to fix cluster/gce/util.sh 2015-03-31 14:03:18 -07:00
Brendan Burns 98cdf04189 Auto-install gcloud if needed. 2015-03-31 12:10:35 -07:00
Daniel Smith 525bbfd175 Merge pull request #6103 from zmerlynn/remove_gce_node_names 
Remove the --machines SaltStack configuration on GCE
 2015-03-27 17:55:16 -07:00
Zach Loafman 68ccb97907 Remove the --machines SaltStack configuration on GCE 
Per https://github.com/GoogleCloudPlatform/kubernetes/issues/6072#issuecomment-87074456, this is no longer necessary.
We now no longer need a static node list. Woo!
 2015-03-27 14:44:19 -07:00
Brendan Burns 6fd376a04f Fix the scripts to optionally skip prompts and also return successfully no matter what. 2015-03-27 13:53:26 -07:00
Brendan Burns 1aa2b97792 Revert "Revert "Update gce starting guide to use get.k8s.io"" 
This reverts commit b369f2b48f.
 2015-03-27 13:46:28 -07:00
Zach Loafman b369f2b48f Revert "Update gce starting guide to use get.k8s.io" 2015-03-26 19:36:25 -07:00
Brendan Burns 61b624457d Update gce starting guide to use get.k8s.io 
Also auto install gcloud if it's not present.
 2015-03-26 16:08:56 -07:00
Brendan Burns eea09ddfbb Fix the date command to work on OS X 2015-03-26 13:48:59 -07:00
Zach Loafman 407d1fec45 Both @satnam6502 and E2E tests confirm: This code is no longer needed 
Deletion is wonderful. The only weird thing was where to put the
message about the proxy URLs. Satnam suggested kubectl clusterinfo,
which seemed like a good option to put at the end of cluster turn-up.
 2015-03-19 22:23:11 -07:00
Zach Loafman f2de7b4dcc Add --can-ip-forward to master instance 
Another piece missing in
https://github.com/GoogleCloudPlatform/kubernetes/pull/5390. The
master should have --can-ip-forward if you're routing to it.
 2015-03-13 15:17:07 -07:00
Filipe Brandenburger 0948cb745f Merge pull request #5454 from jlowdermilk/get-password 
Make get-password robust against invalid kubeconfig entries
 2015-03-13 13:40:55 -07:00
Jeff Lowdermilk 8fef6fb343 Make get-password robust against invalid kubeconfig entries 2015-03-13 13:26:47 -07:00
Jeff Lowdermilk 9b55e1f176 Delete master route on kube-down 2015-03-13 11:00:19 -07:00
Zach Loafman 9fc5262c14 Infer KUBERNETES_MASTER from hostname rather than requiring it to be explicit 
This allows GKE to have the same YAML on both the master and nodes
 2015-03-12 11:51:21 -07:00
Satnam Singh e16bcceceb Merge pull request #5390 from brendandburns/shell_sucks 
Configure docker on the master like we do on workers.
 2015-03-12 11:42:03 -07:00
Brendan Burns 17ff8fb421 Configure docker on the master like we do on workers. 2015-03-12 10:37:30 -07:00
Vishnu Kannan 663bdb91c9 Remove monitoring firewall setup methods. Heapster anf Grafana are now accessible via the API server proxy. 2015-03-11 23:20:45 +00:00
Zach Loafman e780592315 Merge pull request #5264 from jlowdermilk/kube-up 
Standalone kubeconfig for gce kube-up (mulligan)
 2015-03-11 11:46:45 -07:00
derekwaynecarr 64eca7393a Update to use yaml quote 2015-03-11 11:07:36 -04:00
derekwaynecarr 468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
Zach Loafman 759e82c29f Remove dep on yaml for GCE startup 
Write out "yaml" in util.sh. Dying a little. :'(

Fixes #5258
 2015-03-10 16:38:52 -07:00
Jeff Lowdermilk 7db006ab1a Generate standalone kubeconfig on kube-up, clear on kube-down. 
Also tweaked the ginkgo tests to pull auth directly from a kubeconfig file
instead of the legacy kubernetes_auth file.
 2015-03-10 14:23:34 -07:00
Zach Loafman b31b633f85 One additional cleanup: Send only the master name, rather the internal 
IP address. The configure-vm script can resolve this relatively easily
on the node. This is less painful for GKE, which creates all the
resources in parallel.
 2015-03-10 09:04:29 -07:00
Zach Loafman 120dba474e Change GCE to use standalone Saltstack config: 
Change provisioning to pass all variables to both master and node. Run
Salt in a masterless setup on all nodes ala
http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html,
which involves ensuring Salt daemon is NOT running after install. Kill
Salt master install. And fix push to actually work in this new flow.

As part of this, the GCE Salt config no longer has access to the Salt
mine, which is primarily obnoxious for two reasons: - The minions
can't use Salt to see the master: this is easily fixed by static
config. - The master can't see the list of all the minions: this is
fixed temporarily by static config in util.sh, but later, by other
means (see
https://github.com/GoogleCloudPlatform/kubernetes/issues/156, which
should eventually remove this direction).

As part of it, flatten all of cluster/gce/templates/* into
configure-vm.sh, using a single, separate piece of YAML to drive the
environment variables, rather than constantly rewriting the startup
script.
 2015-03-10 09:04:29 -07:00
Jeff Lowdermilk a280e0da2d Revert "Standalone kubeconfig for gce kube-up" 2015-03-09 17:45:06 -07:00
Jeff Lowdermilk 4173d369aa Generate standalone kubeconfig on kube-up, clear on kube-down. 
Also tweaked the ginkgo tests to pull auth directly from a kubeconfig file
instead of the legacy kubernetes_auth file.
 2015-03-09 16:02:00 -07:00
Justin Santa Barbara 12e785c3b8 Implement restart-apiserver for AWS, fix comment 2015-03-04 15:35:29 -05:00
Dawn Chen 2a6b5a2262 Removed staled docker artifacts on GCE minions. 2015-03-02 23:24:29 -08:00
Satnam Singh e918f36c2b Fix URL for Elasticsearch 2015-03-02 15:57:12 -08:00
Jeff Lowdermilk 66dfbe900a Merge pull request #4963 from roberthbailey/kubectl-proxy 
Remove host ports from the update demo and update tests (take 2).
 2015-03-02 15:16:04 -08:00
Satnam Singh 72183c064c Use proxy instead of load balancer 2015-03-02 13:44:41 -08:00
Robert Bailey 5799dd5f7d Remove host ports from the update demo and update tests (take 2). 2015-03-02 10:15:34 -08:00
Jerzy Szczepkowski 7763570579 Print grafana address print in kube-up.sh. 
Print grafana address print in kube-up.sh. Resolved #4721.
 2015-02-27 09:15:08 +01:00
Satnam Singh 19b927ea57 Name a cluster and use it to make forwarding rules for GCE 2015-02-23 17:04:33 -08:00
Alex Robinson 6a18b74fa3 Minor reordering of GCE kube-up subcommands to keep them logically grouped. 2015-02-23 13:57:09 -08:00
Alex Robinson 953982f47f Add the salt-overlay and /etc/salt directories to the GCE master-pd and reserve 
the master's IP upon creation to make it easier to replace the master later.

This pulls out the parts of PR #3174 that don't break anything and will
make upgrading existing clusters in the future less painful.

Add /etc/salt to the master-pd
 2015-02-23 13:56:11 -08:00
Satnam Singh 434b74da63 Delete cluster level logging services during kube down 2015-02-19 14:30:53 -08:00
Brendan Burns eee9804e97 Strip whitespace that OS X inserts on wc calls. 2015-02-17 17:19:33 -08:00
Alex Robinson 3043ae9144 Merge pull request #4492 from jlowdermilk/e2e 
Cleanup resources after services/guestbook e2e tests.
 2015-02-17 12:04:46 -08:00
CJ Cullen 47622092fd Merge pull request #4164 from tkulczynski/mig 
Use Managed Instance Group for managing Nodes in GCE
 2015-02-17 12:01:48 -08:00
Tomek Kulczynski bcadad2e2e Use Managed Instance Group instead of manually creating Nodes in GCE 2015-02-17 20:33:31 +01:00
Jeff Lowdermilk 8ad671b01e Cleanup resources after shell tests exit 2015-02-17 11:27:54 -08:00
Jeff Lowdermilk aa32f1b2ce Retry #4337: Make gce kubeconfig context include project 2015-02-13 13:31:50 -08:00
Zach Loafman e2ec52bfdf Revert "Make gce's kubeconfig context include the gce project" 2015-02-12 17:01:06 -08:00
Satnam Singh edea91e519 Merge pull request #4337 from jlowdermilk/kubeconfig 
Make gce's kubeconfig context include the gce project
 2015-02-12 15:22:26 -08:00
Jeff Lowdermilk 41547a1152 Fix kube-up bug introduced by #4353 2015-02-11 17:44:28 -08:00
roberthbailey 0194ed8575 Merge pull request #4353 from erictune/fix_get_password 
Don't fail get-password when no current-context.
 2015-02-11 15:25:24 -08:00
Eric Tune c348b30f62 Update util.sh 2015-02-11 14:32:41 -08:00
Eric Tune 549504dfff Don't fail get-password when no current-context. 2015-02-11 14:25:15 -08:00
Rajat Chopra 56462c020a democratize restart-apiserver method across clouds 2015-02-11 13:44:43 -08:00
Jeff Lowdermilk 3da5d27ab2 Make gce's kubeconfig context include the gce project 
Change the .kubeconfig context that gce kube-up creates to project
+ instance prefix, so you can spin up clusters with the same name
in different compute projects without overwriting .kubeconfig.
 2015-02-11 12:07:59 -08:00
Brendan Burns 49a9f8b512 Fix kube-up.sh for OS X. 2015-02-06 16:35:39 -08:00
Jeff Lowdermilk 8f6d9c1039 Use config output formatting to get password in gce kube-up 
Gets rid of e2e dependency on pyyaml.
 2015-02-05 14:54:45 -08:00
Jeff Lowdermilk 06aa8bd164 Fixes get-password for gce 2015-02-03 19:38:24 -08:00
Brendan Burns baba7d6004 Merge pull request #4034 from jlowdermilk/kube-up 
Use kubectl to manage config for gce clusters
 2015-02-03 14:50:38 -08:00
Zach Loafman ae27f29c56 Reinstate cluster logging URLs to the end of kube-up.sh 
Adds labels to the services, waits for them to be created (which
should be instant, but just in case), query the forwarding rules like
as we did before.

Fixes #3893
 2015-02-03 08:27:02 -08:00
Jeff Lowdermilk e0ec192869 Use kubeconfig to manage config for gce/e2e clusters 2015-02-02 15:02:25 -08:00
Tim Hockin a1b51d9165 Maybe make services e2e test more resilient to GCE errors 2015-01-29 15:50:46 -08:00
Zach Loafman a305269e18 Deferred creation of SkyDNS, monitoring and logging objects 
This implements phase 1 of the proposal in #3579, moving the creation
of the pods, RCs, and services to the master after the apiserver is
available.

This is such a wide commit because our existing initial config story
is special:

* Add kube-addons service and associated salt configuration:
** We configure /etc/kubernetes/addons to be a directory of objects
that are appropriately configured for the current cluster.
** "/etc/init.d/kube-addons start" slurps up everything in that dir.
(Most of the difficult is the business logic in salt around getting
that directory built at all.)
** We cheat and overlay cluster/addons into saltbase/salt/kube-addons
as config files for the kube-addons meta-service.
* Change .yaml.in files to salt templates
* Rename {setup,teardown}-{monitoring,logging} to
{setup,teardown}-{monitoring,logging}-firewall to properly reflect
their real purpose now (the purpose of these functions is now ONLY to
bring up the firewall rules, and possibly to relay the IP to the user).
* Rework GCE {setup,teardown}-{monitoring,logging}-firewall: Both
functions were improperly configuring global rules, yet used
lifecycles tied to the cluster. Use $NODE_INSTANCE_PREFIX with the
rule. The logging rule needed a $NETWORK specifier. The monitoring
rule tried gcloud describe first, but given the instancing, this feels
like a waste of time now.
* Plumb ENABLE_CLUSTER_MONITORING, ENABLE_CLUSTER_LOGGING,
ELASTICSEARCH_LOGGING_REPLICAS and DNS_REPLICAS down to the master,
since these are needed there now.

(Desperately want just a yaml or json file we can share between
providers that has all this crap. Maybe #3525 is an answer?)

Huge caveats: I've gone pretty firm testing on GCE, including
twiddling the env variables and making sure the objects I expect to
come up, come up. I've tested that it doesn't break GKE bringup
somehow. But I haven't had a chance to test the other providers.
 2015-01-21 12:25:50 -08:00
Vishnu Kannan 50c32fbba4 Adding a replication controller for all monitoring pods. 
Removed auth for Grafana to facilitate usage via service proxy on the api-server.
Added a grafana service
Removed elasticsearch dependency for monitoring - faster startup times.
 2015-01-16 18:37:46 +00:00
Zach Loafman 43cd9e91f6 Revert "Adding a replication controller for all monitoring pods." 2015-01-16 07:16:54 -08:00
Satnam Singh d443dd8ea6 Merge pull request #3489 from vishh/monitoring_rc 
Adding a replication controller for all monitoring pods.
 2015-01-15 18:18:54 -08:00
Vishnu Kannan ca2267e3e9 Adding a replication controller for all monitoring pods. 
Removed auth for Grafana to facilitate usage via service proxy on the api-server.
Added a grafana service
Removed elasticsearch dependency for monitoring - faster startup times.
 2015-01-16 00:56:51 +00:00
Satnam Singh 9ba6525597 Report project and zone only once 2015-01-15 11:21:42 -08:00
Satnam Singh 295bd3768d Launch Elasticsearch and Kibana automatically 2015-01-09 13:41:46 -08:00
Joe Beda 9aa48b7628 Move heapster data files to cluster/addons. 
Also pretty up the JSON (make it real JSON) and streamline the sed in cluster/gce/init.sh.
 2015-01-05 12:32:35 -08:00
Alex Robinson 8b38453501 Allow for easily specifying the type and size of minion disks on GCE. 
Issue #3192
 2015-01-03 16:57:16 -08:00
Tim Hockin 7dec65f535 Merge pull request #3156 from evenemento/master 
Add missign network flag
 2014-12-29 14:06:01 -08:00
Tim Hockin 59164ca844 Make DNS an option for cluster turnup 2014-12-29 09:18:12 -08:00
Maciej Chmielarski d6a747481c Add missign network flag 2014-12-29 12:59:02 +01:00
Max Forbes c3efef86d0 Add GKE as a provider. 2014-12-19 11:47:06 -08:00
bgrant0607 4943ee7b65 Merge pull request #3034 from a-robinson/pd-up 
Store all of the master's persistent data on a separate "data" PD when running on GCE
 2014-12-18 16:05:47 -08:00
Vishnu Kannan aa7a311c34 Fix bug in gce monitoring setup. 2014-12-18 20:47:41 +00:00
Alex Robinson f892e84e0a Store all of the master's persistent data on a separate "data" 
persistent disk when running on GCE.

I'll follow up soon with a second PR that enables kube-push to
completely bring down the master VM and replace it with a new one.
 2014-12-18 20:24:57 +00:00
CJ Cullen 90364b30b0 Only create a single firewall rule for all minions. 2014-12-17 17:10:07 -08:00
deads2k fd53795bc9 fix e2e for all providers except gce 2014-12-15 11:04:13 -05:00
Satnam Singh 91a75c7620 Add missing detect-project to detect-minions 2014-12-12 15:29:58 -08:00
Satnam Singh 1ce71d1e33 Make multiple attempts to sanity check (GCE) and validate (ALL) cluster 2014-12-12 13:53:57 -08:00
Satnam Singh d0eeebaa66 Make kube-down more robust for GCE provider 2014-12-11 14:47:38 -08:00
Brendan Burns 8364fa5c93 Fix detect-minions. 2014-12-05 15:42:28 -08:00
Jeff Lowdermilk a1faab9ffe Merge pull request #2730 from satnam6502/scripting 
Add missing project argument to gcloud commands
 2014-12-04 14:30:20 -08:00
Satnam Singh fcfdd48f8d Add missing project argument to gcloud commands 2014-12-03 15:38:40 -08:00
Satnam Singh c2348052b0 Fix the addition of the logging.write scope to the MINION_SCOPES array 2014-12-02 20:25:26 -08:00
Steve Reed d229c5ba51 Proper appending of logging.write scope to array 2014-12-02 10:29:10 -08:00
Joe Beda f8505cd286 For GCE, allow insecure registries anywhere in 10.0.0.0/8. 2014-12-01 11:36:08 -08:00
Tim Hockin 47141f05c7 standard config opt names: logging 2014-11-25 17:41:53 -08:00
Tim Hockin 52ad94d766 standard config opt names: node monitoring 2014-11-25 17:39:28 -08:00
Tim Hockin fad806d1d1 standard config opt names: cluster monitoring 2014-11-25 17:38:30 -08:00
Tim Hockin e359ad5902 Change tabs to spaces 2014-11-25 17:36:41 -08:00
Joe Beda 6ba07b38fc Convert gcutil to gcloud compute 2014-11-25 15:17:00 -08:00
Dawn Chen e13ce48676 Enable docker registry cache. By default it is off 2014-11-21 17:13:22 -08:00
Joe Beda 7b5a77c56c Fix breakage when bringing down cluster. 2014-11-17 11:26:25 -08:00
Joe Beda c82bd2127f Fix up formatting and sed usage for heapster deploy. 
Also, 'sed -i' isn't supported well across BSD and GNU versions of sed.  See http://stackoverflow.com/questions/5694228/sed-in-place-flag-that-works-both-on-mac-bsd-and-linux.  And we were editing files that were checked in to git with a password.  Instead, do this with class sed redirection in a temp dir.

Fixes #2400.
 2014-11-16 17:13:02 -08:00
Dawn Chen a9defc413a Don't show Kubernetes username & password to console for heapster. 2014-11-13 23:08:55 -08:00
Vishnu Kannan 46a22b3c44 Fix monitoring setup script. 
Remove the firewall rule created for monitoring as part of kube-down.
Reuse master auth for Grafana.
 2014-11-13 16:43:05 -05:00
Joe Beda ee2f030623 Give the API server access to TLS certs. 
Moved the cert generation to a separate salt state and put it in a more appropriate sharable location (`/srv/kubernetes/`).
 2014-11-12 18:14:24 -08:00
Dawn Chen 5ab6947bdd Merge pull request #2307 from satnam6502/logbydefault 
Turn on Elasticsearch logging by default for GCE platform
 2014-11-12 10:03:06 -08:00
Dawn Chen d71408f465 Merge pull request #2321 from jimmydivvy/fix_linux_md5sum 
Strip extra '-' from md5sum output when creating S3 bucket
 2014-11-12 10:00:13 -08:00
James Davies ff5a425b67 Strip extra '-' from md5sum output when creating GCE projects 2014-11-12 17:04:01 +10:00
Brendan Burns 4faefda415 Really fix the gce turn up script. 2014-11-11 20:55:12 -08:00
Brendan Burns fa8e0f6a6f Merge pull request #2296 from brendandburns/fix 
Fix paths for kubectl
 2014-11-11 16:23:11 -08:00
Satnam Singh d837f16045 Turn on Elasticsearch logging by default for GCE platform 2014-11-11 14:49:42 -08:00
Haney Maxwell fae27e2f17 Clean up e2e test 2014-11-11 11:03:07 -08:00
Brendan Burns 0393212624 Fix paths for kubectl 2014-11-11 10:49:44 -08:00
Joe Beda 887c9b18d6 Install Salt from debs on GCS. 
Also make downloading more reliable and run 'highstate' after install for good measure.  As part of this we no longer use gsutil to download and have to make 'staged' binaries in GCS publicly readable.
 2014-11-07 16:16:45 -08:00
Vishnu Kannan 37af9210ba Improve the monitoring setup script and fix bugs in the monitoring config. 2014-11-07 19:27:52 +00:00
Vishnu Kannan ad9cb982e5 Add an option for enabling monitoring in gce/config-default.sh and disable it 
for tests.
Updated heapster readme.
 2014-11-07 00:47:56 +00:00
Vishnu Kannan edf6d8ee3f Use Heapster as an in-built monitoring solution for Kubernetes in GCE. 
Users will have an option to enable it when they setup their cluster (kube-up).
 2014-11-07 00:47:56 +00:00
Joe Beda 4c8dbbc346 Use the Container VM image in the google-cloud project. 
Fixes #2078
 2014-10-30 11:29:25 -07:00
Filipe Brandenburger 5619fb2f45 Merge pull request #2046 from dchen1107/containervm 
Using containervm image for gce by default
 2014-10-29 14:49:17 -07:00
Dawn Chen 18685d49ed Using containervm image for gce by default 2014-10-29 09:42:50 -07:00
Dawn Chen 03503a5627 Always check default-internal firewall absent or not; if not, create it 
anyway.
 2014-10-28 13:55:52 -07:00
Daniel Smith bfabb41604 New e2e script (in go this time) that doesn't completely suck 2014-10-23 11:03:30 -07:00
Brendan Burns 86e67c0fe2 Fix GCE since KUBE_ADMIN_TOKEN is never set, since get-admin-token is never called. 2014-10-21 21:13:24 -07:00
Satnam Singh 605314ff62 Second attempt at correctly unspecting FLUENTD_GCP 2014-10-21 14:58:03 -07:00
Satnam Singh ed58d024ca Check to see if FLUENTD_GCP is defined before use 2014-10-21 12:18:42 -07:00
Clayton Coleman fa4e186e54 Merge pull request #1911 from erictune/token_client 
Handle auth files with BearerToken sections.
 2014-10-21 14:08:42 -04:00
Satnam Singh 39212f5e2e Flunentd to GCP logging node level configuration 2014-10-20 18:05:00 -07:00
Eric Tune 21dae01005 Handle auth files with BearerToken sections. 2014-10-20 17:02:03 -07:00
Satnam Singh b7722a631d Adjust test in salt file to use boolean value 2014-10-20 15:52:28 -07:00
Tim Hockin 1c2f04b8b7 Add e2e test 2014-10-16 08:36:47 -07:00
Tim Hockin e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Joe Beda 9bb20b41ee Break out dynamic salt files to enable clean kube-push. 
This lets us blow away salt files and replace them with a new version while keeping a tree of "overlay" files that are cluster specific and generated at cluster up time.

Fixes #1783
 2014-10-14 15:01:43 -07:00
Joe Beda e397371b95 Fix up project hash on linux 
Somehow this got dropped!
 2014-10-10 14:24:35 -07:00
Joe Beda 96c1bc17ca Set shell options for reliability. 
Tweak a few other small things in our shell scripts.
 2014-10-10 12:33:36 -07:00
Joe Beda d43a6ec5a3 Standardize how we refer to the kubernetes root. 
Now use $KUBE_ROOT as the variable pretty much everywhere.
 2014-10-10 12:33:36 -07:00
Joe Beda 15cd6f07d6 Use binary releases for cluster push scripts. 
This is for GCE right now.  Other clouds/clusters are probably broken.
 2014-10-10 12:30:11 -07:00
Justin Lindh 4f31b1918f Add configurable sleep between polling intervals for GCE status 2014-10-02 12:47:40 -06:00
Joe Beda c323179d9b Don't print Kubernetes username/password to console. 
It is too easy to copy/paste this on-line.

Fixes #1483
 2014-09-29 13:18:29 -07:00
Joe Beda 81e91db697 Grab images as part of update e2e test 2014-09-26 14:31:12 -07:00
Brendan Burns 511ec280b9 Add a new network for e2e tests, to isolate it from any other cluster. 2014-09-24 22:37:19 -07:00
Brendan Burns e21f5f7c8f Fix the scripts. 2014-09-24 11:04:25 -07:00
Brendan Burns 8398dbd367 Fix the scripts. 2014-09-24 09:57:24 -07:00
Brendan Burns cafd20b233 Complete the mitm prevention on GCE. 2014-09-23 16:51:04 -07:00
Brian Grant b9eee0f0c7 Replace --lines= with -n to fix tail on mac os. 2014-09-23 14:16:43 +00:00
Brian Grant cf60f4fa7d Fixes #1392. Redirects error messages to stderr so users can see them. 2014-09-22 17:25:25 +00:00
Carlos Sanchez 588a428175 [GCE] detect-master and detect-minions api calls should specify the zone 
Otherwise KUBE_MASTER_IP and KUBE_MINION_IP_ADDRESSES may contain 'external-ip'

    $ detect-master
    Using master: kubernetes-master (external IP: external-ip)'
 2014-09-02 13:47:26 +02:00
Brendan Burns 514f443854 Move healthz checking to cluster validation. Switch to code == 200 2014-08-20 15:52:29 -07:00
Brendan Burns aa9d0d774c Uniquify the http firewall rule between different runs of the e2e tests. 2014-08-19 16:35:11 -07:00
Tim Hockin 03ade159c3 Proper ip-per-pod on GCE. 
Back out the second iptables rule, now that we know what the problem was - we
need to open a firewal rule on each minion.
 2014-08-15 15:54:20 -07:00
Joe Beda 629f964791 Fix e2e teardown 2014-08-14 13:57:50 -07:00
Brendan Burns 9f49650fba Add a tear down option to the e2e, that just tears down the cluster 
Useful for cleaning state after failed runs.
 2014-08-14 09:58:40 -07:00
Amy Unruh f9bbddf892 minor docs/error msg cleanup 2014-08-06 15:43:27 -07:00
Tim Hockin f9f8db5171 Fix indents 2014-08-04 11:42:33 -07:00
derekwaynecarr 69ae2fe4bb Initial vagrant setup and e2e testing support 2014-07-24 16:32:36 -04:00