github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
34,786 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

1001 Commits (be889f892a36082a9b39f32fd3716101d1abcbe9)

Author SHA1 Message Date
Prashanth Balasubramanian 19a2cd23f3 Don't pull flannel from github 2015-12-15 17:42:54 -08:00
Minhan Xia f0c176dd6a add validation for fluentd pods 2015-12-14 16:23:11 -08:00
Prashanth Balasubramanian b5303b9978 Tell kubernetes-master not to wait on flannel. 2015-12-14 09:47:09 -08:00
nikhiljindal 724b098855 Deleting unused master.ClusterName param 2015-12-11 13:39:19 -08:00
k8s-merge-robot 1b90941841 Merge pull request #18456 from thockin/bump-flannel-ver 
Auto commit by PR queue bot
 2015-12-11 00:34:39 -08:00
k8s-merge-robot eb2fc232d5 Merge pull request #18198 from brendandburns/aws2 
Auto commit by PR queue bot
 2015-12-11 00:14:00 -08:00
Tim Hockin 6b830cf229 Fix a couple flannel invocations I missed 2015-12-10 11:48:46 -08:00
Zach Loafman 8b21b76df8 Fix defaulting in cluster/saltbase/install.sh 2015-12-09 16:42:58 -08:00
Zach Loafman e264db4349 Merge pull request #17580 from mikedanese/stage-image 
add an option to push/pull component images from a registry using kube-up
 2015-12-09 13:49:45 -08:00
Mike Danese 4ace8280a0 add an option to push/pull component images from a registry using kube-up 2015-12-08 14:19:30 -08:00
gmarek 4060eba626 Use KubeletPort from API object, salt changes, take 2 
This reverts commit a7425bf070, reversing
changes made to 4a9b0fc715.
 2015-12-07 10:31:11 +01:00
Wojciech Tyczynski dca6f5ac5a Merge pull request #18074 from jsafrane/devel/e2e-rbd 
e2e: Remove specific Gluster repo.
 2015-12-06 09:43:10 +01:00
Brendan Burns 9c0897e98b Fix the scripts to handle master/minion salt setups (e.g. AWS) 2015-12-04 12:52:43 -08:00
Brendan Burns b4c4a045f7 Fix an incorrect reference to the directive that installs docker 2015-12-03 15:06:33 -08:00
Jan Safranek 85de88892c e2e: Remove specific Gluster repo. 
Debian Wheezy image in GCE has already the correct one.
 2015-12-02 15:21:01 +01:00
Mike Danese e2c5c898fb move vagrant to masterless salt 2015-12-01 15:53:50 -08:00
Mike Danese 7c413790df don't unpack salt in tmpfs 2015-11-29 18:36:38 -08:00
Prashanth Balasubramanian 9aa0efa393 Turn flannel off by default 2015-11-25 09:43:48 +01:00
Prashanth Balasubramanian ad2d3d4c20 Docs etc 2015-11-25 09:42:59 +01:00
Prashanth Balasubramanian 321bc73264 Flannel server in static pod with private etcd. 2015-11-25 09:42:59 +01:00
Prashanth Balasubramanian 7aa8ebe30f Flannel handshakes with kubelet. 2015-11-25 09:42:59 +01:00
Prashanth Balasubramanian 4cd1ee177b Salt configuration for flanneld 2015-11-25 09:42:59 +01:00
Marek Grabowski 7f72d18550 Revert "Salt changes to enable using non-default Kubelet port" 2015-11-25 09:15:36 +01:00
k8s-merge-robot 60b628a6d6 Merge pull request #17375 from gmarek/kubelet-port-salt 
Auto commit by PR queue bot
 2015-11-24 19:39:57 -08:00
Mike Danese 65b8d43543 remove code that puts kube-proxy into a special cgroup since it runs in a container now 2015-11-23 10:20:58 -08:00
gmarek 3ffa01d7cd Salt changes to enable using non-default Kubelet port 2015-11-23 16:02:46 +01:00
Mike Danese a29350e40d delete unused files 2015-11-20 16:17:19 -08:00
Mike Danese 1d9d11c836 run kube-proxy in a static pod 2015-11-18 16:52:10 -08:00
Matt Moore b750d1dddc Drop the beta for GCR v2 images. 
beta.gcr.io is no longer needed to pull through v2.
 2015-11-14 12:19:02 -08:00
k8s-merge-robot 75dadbc117 Merge pull request #16763 from zmerlynn/bump-containervm 
Auto commit by PR queue bot
 2015-11-05 14:55:40 -08:00
Joe Beda 993c1ee222 Update etcd to 2.2.1 2015-11-04 12:26:57 -08:00
Robert Bailey d5bb12134e Replace monit with supervisord in documentation. 2015-11-03 16:20:02 -08:00
Zach Loafman 4b29260bc6 Bump ContainerVM to container-vm-v20151103 2015-11-03 15:44:36 -08:00
Dawn Chen 956561810f Remove monit related salt files. 2015-11-03 09:31:50 -08:00
Dawn Chen 29614d3fe0 Enable supervisord for other cloud providers. 2015-11-03 09:30:24 -08:00
Alex Robinson 887b9dd78a Merge pull request #16232 from bprashanth/salt 
Cluster-loadbalancing addon
 2015-10-30 09:45:16 -07:00
Prashanth Balasubramanian 962cc11f73 Cluster-loadbalancing addon 2015-10-29 15:07:25 -07:00
Zach Loafman f0e6ae4b8f Merge pull request #12393 from jsafrane/devel/gce-tests 
Update e2e scripts to run storage tests on GCE/Vagrant
 2015-10-29 07:46:17 -07:00
Alex Robinson f0ebe4066f Update fluentd-gcp to include all recent improvements that are in the 
new google-fluentd 1.5.4-1 build.
 2015-10-29 11:54:07 +00:00
Jan Safranek fe0741bffe Configure cluster for e2e tests. 
When KUBE_E2E_STORAGE_TEST_ENVIRONMENT is set to 'true', kube-up.sh script
will:

- Install the right packages for all storage volumes.
- Use devicemapper as docker storage backend. 'aufs', the default one on
Debian, does not support extended attibutes required by Ceph RBD and Gluster
server containers.

Tested on GCE and Vagrant, e2e tests for storage volumes passes without any
additional configuration.
 2015-10-29 11:03:34 +01:00
Zach Loafman 17fd5f2536 NFS: Revamp example, add nfs-common to debian saltbase 
This ensures nfs-common is installed on GCE, and provides a more
functional explanation/example. I launched two replication controllers
so that there were busybox pods to poke around at the NFS volume, and
so that the later wget actually works (the original example would have
to work on the node, or need some other access to the container
network). After switching to two controllers, it actually makes more
sense to use PV claims, and it's probably a configuration that makes
more sense for indirection for NFS anyways.
 2015-10-27 16:58:04 -07:00
Dawn Chen 038f871c43 Merge pull request #16071 from brendandburns/heapster 
Make heapster config creation dynamic
 2015-10-23 09:25:59 -07:00
Saad Ali 76c5e0e553 Revert "Use KubeletPort reported in NodeStatus instead of cluster-wide master config" 2015-10-22 21:25:38 -07:00
k8s-merge-robot a6b8e112ac Merge pull request #12919 from gmarek/use_api_ports 
Auto commit by PR queue bot
 2015-10-22 19:53:41 -07:00
Brendan Burns 90d9e6e935 Make heapster config creation dynamic 2015-10-22 12:05:49 -07:00
gmarek 6d6cd8e46a Use KubeletPort reporeted in NodeStatus instead of cluster-wide master config. 2015-10-21 17:19:31 +02:00
Justin Santa Barbara 726c7afab7 AWS: install netcat-traditional, instead of netcat-openbsd 
We want to match the version of netcat that is installed on GCE.  We
were having problems with netcat-openbsd having slightly different
timeout behaviour (on UDP packets; when there was no listener).
 2015-10-19 22:50:06 -04:00
k8s-merge-robot 0e1b78fb6e Merge pull request #15728 from a-robinson/dockerlog 
Auto commit by PR queue bot
 2015-10-19 06:59:38 -07:00
k8s-merge-robot 44a9877bd4 Merge pull request #15750 from yehuis4/master 
Auto commit by PR queue bot
 2015-10-19 01:06:34 -07:00
Mike Danese 8e8437dad8 declare azure/ubuntu/saltstack bankruptcy 2015-10-16 18:21:21 -07:00
y00278980 2a0e1dd9e2 Fix some problems: 
1. cluster/saltbase/pillar/README.md L8 quoted the wrong line number of cluster/gce/configure-vm.sh
2. spelling mistake of 'retruns'
 2015-10-16 21:29:05 +08:00
Alex Robinson 40d1a01fa8 Set Docker's default log level to warning to reduce log spam. 2015-10-15 13:49:28 -07:00
Mike Danese ef015c3574 add config-vm flag to enable terminated pod garbage collection. 2015-10-15 08:19:39 -07:00
k8s-merge-robot 7ef2a1b293 Merge pull request #15427 from brendandburns/controllerversion 
Auto commit by PR queue bot
 2015-10-15 05:38:33 -07:00
Brendan Burns 0c730f4ea7 update 2015-10-14 18:22:19 -07:00
Dawn Chen 03fb74400b Upgrade to docker 1.8.3 2015-10-13 11:05:09 -07:00
k8s-merge-robot 8580804f77 Merge pull request #15138 from mattmoor/limited-beta-rewrite 
Auto commit by PR queue bot
 2015-10-10 11:41:34 -07:00
Mike Danese fa60bbe8e6 add flag to kubelet to ignore the cidr passed down by the apiserver on the master 2015-10-08 21:21:19 -07:00
Janet Kuo 4b8f91fd0e Merge pull request #15190 from dchen1107/fix 
unset Kubelet flag for manifest_url for master node.
 2015-10-07 14:48:35 -07:00
Dawn Chen c29296f9a8 Set manifest-url-header when enable_manifest_url is set 2015-10-07 13:27:03 -07:00
Filip Grzadkowski c1345ce2d9 Merge pull request #15068 from wojtek-t/fix_default_limits 
Tweak limits for system pods in manifest files.
 2015-10-07 09:41:28 +02:00
Dawn Chen 37720e8899 unset Kubelet flag for manifest_url for master node. 2015-10-06 17:33:29 -07:00
Matt Moore eeb4eeb17c Move pause and fluentd-elasticsearch to GCR v2. 
This scopes down the initially ambitious PR:
https://github.com/kubernetes/kubernetes/pull/14960 to replace just
`pause` and `fluentd-elasticsearch` to come through `beta.gcr.io`.

The v2 versions have been pushed under new tags, `pause:2.0` and
`fluentd-elastisearch:1.12`.

NOTE: `beta.gcr.io` will still serve images using v1 until they are repushed with v2.  Pulls through `gcr.io` will still work after pushing through `beta.gcr.io`, but will be served over v1 (via compat logic).
 2015-10-06 16:39:07 -07:00
Janet Kuo f4bbb32bd9 Merge pull request #15024 from mikedanese/expcontroller 
enable all experimental controllers in controller-manager with one flag
 2015-10-06 14:20:11 -07:00
Alex Robinson 32b9d8aad0 Merge pull request #14823 from wojtek-t/move_events_to_separate_etcd 
Move events to a separate etcd instance
 2015-10-05 16:28:04 -07:00
Mike Danese 833be48d61 enable all experimental flags with one controller 2015-10-05 14:54:19 -07:00
Wojciech Tyczynski 2a74d1d6ca Tweak limits in manifest files. 2015-10-05 14:45:43 +02:00
Wojciech Tyczynski 0f1cbe37a4 Events in separate etcd 2015-10-05 10:54:24 +02:00
Ananth Suryanarayana d50d7763da Add opencontrail networking provisioning support in kubernetes salt based provisioning 
OpenContrail is an open-source based networking software which provides virtualization support for the cloud.

This change-set adds ability to install and provision opencontrail software for networking in kubernetes based cloud environment.

There are basically 3 components

o kube-network-manager -- plugin between contrail components and kubernets components
o provision_master.sh -- OpenContrail software installer and provisioner in master node
o provision_minion.sh -- OpenContrail software installer and provisioner in minion node(s)

These are driven via salt configuration files

One can provision opencontrail by just setting "export NETWORK_PROVIDER=opencontrail"
Optionally, OPENCONTRAIL_TAG, and OPENCONTRAIL_KUBERNETES_TAG can be used to
specify opencontrail and contrail-kubernetes software versions to install and provision.

Public-IP Subnet provided by contrail can be configured via OPENCONTRAIL_PUBLIC_SUBNET
environment variable

At this moment, plan is to add support for aws, gce and vagrant based platforms

For more information on contrail-kubernetes, please visit https://github.com/juniper/contrail-kubernetes For more information on opencontrail, please visit http://www.opencontrail.org
 2015-10-03 08:03:02 -07:00
Abhishek Shah 2d3a688ab7 reduce cpu requirement for etcd, after 2 etcd pods are being run 2015-10-02 10:31:04 -07:00
Brendan Burns a4581c7cd5 Add a second etcd instance for use with events. 2015-09-29 13:13:59 -07:00
Brian Grant 3cbd5f01a0 Merge pull request #13044 from roberthbailey/kubelet-healthcheck 
Healthcheck the kubelet on the secure port rather than the read-only port.
 2015-09-25 11:11:51 -07:00
Marcin Wielgus 039acb8c1d Merge pull request #14463 from nikhiljindal/DeploymentOnGCE 
Allow enabling deployment controller on GCE and GKE
 2015-09-25 13:47:36 +02:00
nikhiljindal ed5d24ed52 Allow enabling deployment controller on GCE and GKE 2015-09-24 11:37:16 -07:00
Abhishek Shah 09465c9a2a allow privileged pods 2015-09-22 13:44:08 -07:00
Robert Bailey da94ed7957 Healthcheck the kubelet on the secure port rather than the read-only port. 2015-09-16 12:15:29 -07:00
k8s-merge-robot 3dcb75c599 Merge pull request #13986 from derekwaynecarr/move_to_flannel 
Auto commit by PR queue bot
 2015-09-16 09:36:09 -07:00
k8s-merge-robot 14ccba8924 Merge pull request #13886 from a-robinson/logtags 
Auto commit by PR queue bot
 2015-09-16 05:51:32 -07:00
Alex Robinson 8040f75594 Update fluentd-gcp to use a new google-fluentd build with my recent 
changes to fluent-plugin-google-cloud to attach Kubernetes metadata to
logs.

Along with this, separate logs from containers in the cluster out from
logs from the daemons running on the node by instantiating two instances
of the output plugin, one which uses the new metadata (for containers)
and one which doesn't (for things like docker and the kubelet).
 2015-09-15 23:14:43 +00:00
derekwaynecarr 360e7620d3 Move vagrant to flannel 2015-09-15 15:42:38 -04:00
Alex Robinson 614b1cf3c1 Replace /varlog with /var/log in the fluentd-gcp config to match the 
recently updated fluent-es config.
 2015-09-11 16:52:49 -07:00
Mike Danese 4bd638921f Merge pull request #13752 from yujuhong/docker1.8_upgrade 
Upgrade to docker 1.8.2 for Debian Wheezy on GCE
 2015-09-11 11:15:30 -07:00
Yu-Ju Hong 4cdd00fb9c Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-11 10:09:59 -07:00
Jerzy Szczepkowski 5be8817315 Turning on pod autoscaler on GCE. 
Implemented optional turning on of pod autoscaler in kube-up script for GCE.
 2015-09-11 12:03:41 +02:00
k8s-merge-robot c0d0ef6dd1 Merge pull request #13817 from a-robinson/varlib 
Auto commit by PR queue bot
 2015-09-10 13:24:07 -07:00
Jeff Lowdermilk 08442974bb Revert "Turning on pod autoscaler on GCE." 2015-09-10 11:46:37 -07:00
Alex Robinson 746dcb8075 Make fluentd-es output its warning logs and fluentd-gcp mount 
/var/lib/docker read-only.
 2015-09-10 18:28:27 +00:00
Jerzy Szczepkowski b41862b670 Turning on pod autoscaler on GCE. 
Implemented optional turning on of pod autoscaler in kube-up script for GCE.
 2015-09-10 16:10:01 +02:00
Dai Zuozhuo 2e2ef3e830 change -o template to -o go-template=... 2015-09-05 22:30:47 +08:00
derekwaynecarr aff9ee5a40 Enable CFS quota in vagrant setup 2015-09-03 13:44:28 -04:00
k8s-merge-robot 9c4802420b Merge pull request #8632 from jimmidyson/logging-kube-metadata 
Auto commit by PR queue bot
 2015-09-02 19:08:34 -07:00
Derek Carr 445fff030c Merge pull request #11469 from fredjean/fix-vagrant-vmware 
Boot a Vagrant on VMWare Kubernetes Cluster
 2015-09-02 14:23:53 -04:00
Jimmi Dyson e07da97447 Switch to fluentd kubernetes metadata plugin to enrich logs with more searchable kubernetes metadata 2015-09-02 10:33:15 +01:00
Alex Robinson 66ff3c133b Merge pull request #13229 from a-robinson/fluent 
Clean up the fluentd images to make them more debuggable
 2015-09-01 17:01:04 -07:00
Prashanth B 52f7833cd3 Revert "Revert "LimitRange updates for Resource Requirements Requests"" 2015-08-28 09:26:36 -07:00
Fred Jean 1305f54645 Booting a Kubernetes cluster on Vagrant 
* Using Fedora 21 as the base box
* Discover the active network interfaces in the box to avoid hardcoding
  them in configuration.
* Use the master IP for the certificate.
 2015-08-27 21:43:36 -06:00
Alex Robinson d02dc64036 Let fluentd-es log by not redirecting to a file within the container 
and only using -q (warning logs only) rather than -qq (error logs only).
 2015-08-27 21:41:44 +00:00
Alex Robinson b3154a7815 Remove the garbage log file in the fluentd-gcp that gets filled with 
gunk when installing the google-fluentd agent.

Also let it log things by not redirecting to a file within the container
and only using -q (warning logs only) rather than -qq (error logs only).
 2015-08-27 21:41:44 +00:00
Piotr Szczesniak 6e05b9e3a3 Revert "LimitRange updates for Resource Requirements Requests" 2015-08-27 10:50:50 +02:00
Yu-Ju Hong 1bae2b677d Merge pull request #12492 from derekwaynecarr/limit_range_api 
LimitRange updates for Resource Requirements Requests
 2015-08-26 13:02:57 -07:00
CJ Cullen c77e800495 Add liveness probe for master's etcd pod 2015-08-25 10:37:00 -07:00
derekwaynecarr d25082250d Update salt deployment for new limit-range 2015-08-24 15:43:32 -04:00
Zach Loafman 185b5af26f Merge pull request #12833 from uluyol/insecure-reg 
Launch a cluster-local registry.
 2015-08-21 14:58:37 -07:00
Muhammed Uluyol 3dc10a209b Use gcr.io for proxy image 2015-08-21 13:32:08 -07:00
Muhammed Uluyol 2fb4e7b7a4 Use quotes more consistently 2015-08-20 18:44:12 -07:00
Muhammed Uluyol 14b554cef6 Use a persistent volume for the docker registry. 2015-08-20 18:44:11 -07:00
Muhammed Uluyol 7129d477d3 Launch a cluster-local registry. 
This registry can be accessed through proxies that run on each node
listening on port 5000. We send the proxy images to the nodes directly
to avoid requests that hit the network during cluster launch. For now,
we continue to pull the registry itself over the network, especially
given its large size (we should be able to dramatically shrink the
image). On GCE we create a PD and use that for storage, otherwise we
use an emptyDir. The registry is not enabled outside of GCE. All
communication is currently plain HTTP. In order to use SSL, we will
need to be able to request a certificate/key from the apiserver signed
by the apiserver's CA cert.
 2015-08-20 18:44:05 -07:00
Clayton Coleman 02dbb95447 Add TerminationGracePeriodSeconds to API 
Set defaulting for pod spec
 2015-08-20 11:03:38 -04:00
Saad Ali 3fce3433d9 Merge pull request #12949 from satnam6502/fluentd-es 
Update Elasticsearch cluster logging to use v1.9 image
 2015-08-19 18:48:55 -07:00
Satnam Singh d3a8e5374b Update Elasticsearch cluster logging to use v1.9 image 2015-08-19 15:55:22 -07:00
Robert Bailey 08e6a43c1d Revert "Merge pull request #9165 from smarterclayton/graceful" 
This reverts commit 4f856b595d, reversing
changes made to d78525a83b.

Conflicts:
	pkg/kubelet/status_manager.go
 2015-08-18 17:34:49 -07:00
Clayton Coleman b842a7dd15 Revert "Revert "Gracefully delete pods from the Kubelet"" 
This reverts commit 98115facfd.
 2015-08-18 08:57:02 -04:00
Eric Paris c560f41a4b Update docs which were incorrectly using _ in flag names 
Each of these was verified that the actual flag declaration correctly
used -
 2015-08-17 11:18:43 -07:00
Justin Santa Barbara 0ff8dd45ef Fix escaping problem in kube-scheduler manifest 
'{{pillar[log_level]}}' was appearing literally in the command line,
instead of being substituted.

Fixes #12787
 2015-08-17 08:16:24 -04:00
Dawn Chen 1932b48db3 Restore the logic of disable docker upgrade through salt for gce. 
Currently it is commented out.
 2015-08-11 14:55:58 -07:00
Dawn Chen 3901b225e3 Docker 1.7.1 2015-08-11 14:55:57 -07:00
Marek Grabowski 5f9cefc1d8 Merge pull request #12441 from vlajos/typofixes-vlajos-20150807 
typofix - https://github.com/vlajos/misspell_fixer
 2015-08-10 16:33:52 +02:00
Ed Costello 35a5eda585 Copy edits for typos 2015-08-09 14:18:06 -04:00
Veres Lajos 9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
Eric Paris 86ca88be61 convert cluster/ from --flag_name= --flag-name= 2015-08-07 11:00:13 -04:00
Dawn Chen 2be69e7718 Merge pull request #12325 from brendandburns/supervisord 
Add support for supervisord as a monit alternative.
 2015-08-06 16:16:35 -07:00
Brendan Burns 15b9d98733 Add support for supervisord as a monit alternative. 2015-08-06 15:48:45 -07:00
Robert Bailey 8df33bc1a7 Register the kubelet on the master node with an apiserver. This option is 
separated from the apiserver running locally on the master node so that it
can be optionally enabled or disabled as needed.

Also, fix the healthchecking configuration for the master components, which
was previously only working by coincidence:

If a kubelet doesn't register with a master, it never bothers to figure out
what its local address is. In which case it ends up constructing a URL like
http://:8080/healthz for the http probe. This happens to work on the master
because all of the pods are using host networking and explicitly binding to
127.0.0.1. Once the kubelet is registered with the master and it determines
the local node address, it tries to healthcheck on an address where the pod
isn't listening and the kubelet periodically restarts each master component
when the liveness probe fails.
 2015-08-06 13:39:32 -07:00
Marek Grabowski 77675b052d Merge pull request #12301 from derekwaynecarr/fix_systemd_salt 
Fix salt configuration on systemd setups
 2015-08-06 11:36:27 +02:00
Mike Danese fe6b15ba2f rewrite all links to issues to k8s links 2015-08-05 21:11:11 -07:00
derekwaynecarr 0de0e3e9f1 Fix salt configuration on systemd setups 2015-08-05 17:01:43 -04:00
Alex Mohr e4fde6d2ca Merge pull request #9583 from eparis/make-cert-path 
generate-cert: allow for alternative paths
 2015-08-05 00:04:17 -07:00
Alex Robinson cc02e50fc7 Collect more of the VM's log files (monit, salt) in fluentd-es. 2015-08-05 00:22:38 +00:00
Alex Robinson 7430181d65 Collect more of the VM's log files (monit, salt) in fluentd-gcp. 2015-08-05 00:21:47 +00:00
Eric Paris 0753acf2f8 Allow make-ca-cert.sh to run on OS X 
Currently make-ca-cert.sh uses (equiv of)

mktemp -d --tmpdir kube.XXXXX

but --tmpdir is not a valid option on OS X. Switch to

mktemp -d -t kube.XXXXX

Which is valid, but subtly different between OS X and Linux. The
directory you get back will be different on each.

Linux:  ${tmpdir}/kube.y5Bsu/
OS X:   ${tmpdir}/kube.XXXXX.VQ81oOui/
 2015-08-04 19:03:01 -04:00
Eric Paris c69b6f5ba7 Respect KUBECTL_BIN in kube-addon-update.sh not just kube-addons.sh 2015-08-04 19:02:31 -04:00
Eric Paris 6b9ef5b2d8 generate-cert: allow for alternative paths 
Instead of hard coding kube-cert and /srv/kubernetes allow these to be
overwritten by environment variables.  / is immutable on some systems
and so /srv is not a possible location to store data.
 2015-08-04 19:01:16 -04:00
Alex Mohr ad4086eab1 Merge pull request #11308 from gmarek/pillar 
Auto commit by PR queue bot
 2015-08-04 12:42:57 -07:00
Alex Mohr 4c5763f28c Merge pull request #11299 from wojtek-t/increase_kubelet_start_timeout 
Auto commit by PR queue bot
 2015-08-03 16:14:02 -07:00
Justin Santa Barbara 463458bf5f AWS: Install ntp daemon on all nodes 
The AWS API requires a signature on method calls, including the
timestamp to prevent replay attacks.  A time drift of up to 5 minutes
between client and server is tolerated.

However, if the client clock drifts by >5 minutes, the server will start
to reject API calls (with the cryptic "AWS was not able to validate the
provided access credentials").

To prevent this happening, we install ntp on all nodes.

Fix #11371
 2015-08-01 14:32:08 -04:00
Jian Huang 45c37b9bd0 Update README.md 
There is a bad link in the doc. change ../../docs/salt.md to ../../docs/admin/salt.md
 2015-07-31 18:44:06 +08:00
gmarek 5bb7eec5ab Use salt pillars to pass test arguments during cluster creation. 2015-07-31 09:32:01 +02:00
Mike Danese bfaa527139 Merge pull request #12045 from a-robinson/logs 
Fix fluentd configs to collect etcd logs on the master
 2015-07-30 17:36:46 -07:00
Alex Robinson 69ab7026af Update fluentd-es to collect etcd logs and remove merge conflict cruft. 2015-07-30 22:21:01 +00:00
Alex Robinson 9e18c29e9f Make fluentd-gcp collect etcd's logs on the master. 2015-07-30 22:20:57 +00:00
Alex Robinson 94ae0a9a0d Make the kubelet on a GCE master check instance metadata for manifests. 
Primary motivation: enable GKE and other cluster-as-a-service folks to
easily run additional logic on the master without having to modify salt
or SSH to the master after it's been created.
 2015-07-30 21:04:34 +00:00
Janet Kuo 180798cfa4 Use example syncer tags instead of hard-coded examples in doc 2015-07-27 14:48:41 -07:00
Piotr Szczesniak f48543aba5 Made enabling Kube UI configurable 2015-07-27 08:23:04 +02:00
Mike Danese 01349cdbfa Merge pull request #11786 from a-robinson/fluentd 
Update fluentd-gcp images to include latest Dockerfile changes
 2015-07-24 12:40:41 -07:00
Brendan Burns 26de8cd6b2 Merge pull request #10601 from marun/docker-pkg-f22 
Auto commit by PR queue bot
 2015-07-23 22:15:50 -07:00
Alex Robinson 0889307522 Update the fluentd-gcp images to include their latest Dockerfile changes. 
Their Dockerfiles were changed in #11768.
 2015-07-24 01:27:42 +00:00
Vish Kannan 919fded0f8 Merge pull request #10401 from justinsb/workaround_salt_18089 
Work around Salt 18089
 2015-07-23 16:52:21 -07:00
Dawn Chen ebc36c0e5a timeout docker load: 30 second, and restart docker daemon to workaround docker-load-hang issue. 2015-07-17 15:16:23 -07:00
Dawn Chen 7e665230c7 Stop monit kube-addon on nodes. 2015-07-15 11:11:55 -07:00
Wojciech Tyczynski 628ceac305 Increase kubelet start timeout in Monit config 2015-07-15 13:28:07 +02:00
Victor Marmol cabecc1271 Merge pull request #10611 from marekbiskup/addon-update-kill-children 
Addon update kill children
 2015-07-09 21:09:58 -07:00
Victor Marmol ee8d2857fc Merge pull request #9381 from justinsb/aws_support_jessie 
AWS: Add support for Vivid Vervet & Debian Jessie
 2015-07-09 15:20:37 -07:00
Marek Biskup aa608258a6 kill child processes of addon-update on stop 2015-07-09 13:10:54 +02:00
Victor Marmol f1e66c718d Merge pull request #10590 from roberthbailey/kubelet-on-nodes 
Install the kubectl binary on nodes in addition to the master.
 2015-07-08 16:13:12 -07:00
Justin Santa Barbara 89900fa19b AWS: Ubuntu Vivid, set cgroup_root to docker 
Otherwise libcontainer generates systemd unit file names that start with "-",
which are not valid.
 2015-07-08 17:00:43 -04:00
Victor Marmol dd37642369 Merge pull request #10488 from justinsb/salt_support_systemd 
Salt: support systemd (don't assume Redhat <=> systemd)
 2015-07-08 13:43:08 -07:00
Victor Marmol 3be3603ef3 Merge pull request #10877 from brendandburns/aws 
Fix AWS Setup.
 2015-07-08 11:33:32 -07:00
derekwaynecarr e2ddd2dd7b Missing ca crt in vagrant controllers 2015-07-08 10:59:10 -04:00
Brendan Burns 6d08ade4ce Don't start Docker by default on AWS 2015-07-07 21:57:43 -07:00
Satnam Singh 90e105521c Wait for service accounts in the kube-system namesapce 2015-07-06 18:12:25 -07:00
Brendan Burns 988aa6fdf6 Move things into a 'kube-system' namespace. 2015-07-06 15:08:23 -07:00
Yu-Ju Hong 1e0a16392d Merge pull request #10780 from cjcullen/testfix 
Hacky workaround for #9822
 2015-07-06 15:00:35 -07:00
Yu-Ju Hong b58e7c8c2d Merge pull request #10655 from dchen1107/cadvisor 
Set minimal shares for containers with no cpu specified
 2015-07-06 11:38:54 -07:00
Tim Hockin 6c88401889 Merge pull request #10271 from erictune/how-to-write-a-gsg 
Scratch Getting-started-guide
 2015-07-06 11:00:44 -07:00
Eric Tune 682abd9dab Scratch Getting-started-guide 2015-07-06 10:38:20 -07:00
CJ Cullen edd419790e Hacky workaround for #9822 2015-07-06 10:02:53 -07:00
Yu-Ju Hong 8ce6fe855b Merge pull request #10712 from justinsb/always_install_socat 
Salt: install socat; needed for port-forward
 2015-07-06 09:58:52 -07:00
Yu-Ju Hong 83fbcba97b Merge pull request #10698 from justinsb/aws_master_sans 
AWS: Configure SSL certificate alternate-names
 2015-07-06 09:57:44 -07:00
Zach Loafman a2250d1caf Merge pull request #10597 from a-robinson/fluentd 
Run fluentd on the master to collect the core master logs
 2015-07-04 21:12:47 -07:00
Justin Santa Barbara 6504df77f1 Salt: install socat; needed for port-forward 
port-forward needs socat on the node hosts; we technically
don't need it today on the master, but this seems the right
place to put it, and socat is a small dependency.
 2015-07-03 19:12:44 -04:00
Justin Santa Barbara 25007421ba Salt: re-remove comment block 
It had been removed in upstream, but had been kept by mistake here.
 2015-07-03 12:43:36 -04:00
Justin Santa Barbara 600a0d6fe7 Salt: have kube-addons service depend on init file 
For symmetry with systemd
 2015-07-03 12:41:59 -04:00
Justin Santa Barbara a5b3c73ac4 Salt: Add service block for kube-proxy for systemd 
We have the workaround for Salt's problems here, but we should still express
our intent.
 2015-07-03 10:26:21 -04:00
Justin Santa Barbara 60d822435b Salt: clean daemon_args on RedHat, not systemd 
I don't think it actually makes a difference based on how we're using it,
but this is now more of a precise change.
 2015-07-03 10:24:32 -04:00
Justin Santa Barbara ad0293e3f3 Salt: Add more dependencies to systemd services 
This may help Salt reload services correctly, although we still
need the script until Salt's bug with reloading services on systemd
is resolved.

Salt bug: https://github.com/saltstack/salt/issues/16778
 2015-07-03 01:40:15 -04:00
Justin Santa Barbara 944fc1ed58 Set standard bash options in services helper script 2015-07-03 01:40:15 -04:00
Justin Santa Barbara bcd92c7522 Salt: support systemd (don't assume Redhat <=> systemd) 
Also work around problems with Salt & systemd services, in particular
that Salt doesn't issue a daemon-reload.
 2015-07-03 01:40:15 -04:00
Justin Santa Barbara c676c11189 AWS: Configure SSL certificate alternate-names 
GCE does this in its per-provider scripts; this does the same for AWS and lets
other providers do the same; I believe kube2sky requires 10.0.0.1 as a SAN.
 2015-07-03 01:18:07 -04:00
Dawn Chen 9ce11545c0 Explicitly configure master component containers and nginx with 200m each. 2015-07-02 10:46:39 -07:00
Zach Loafman 1d16be675c Merge pull request #10653 from dchen1107/resource_management 
Set resource limit for addon containers
 2015-07-01 19:35:28 -07:00
Dawn Chen 54531d9b55 Set memory limit (200mi) to fluentd static pod 2015-07-01 17:00:06 -07:00
Zach Loafman b60c8e567f Merge pull request #10077 from timstclair/ui-server 
Move dashboard UI out of the apiserver to a separate pod
 2015-07-01 15:56:33 -07:00
nikhiljindal 274792d7bb Stop exposing v1beta3 by default 2015-07-01 14:38:02 -07:00
Tim St. Clair b6b2d6df42 Add kube-ui cluster addon for serving k8s dashboard UI. 
Changes include:
- Add kube-ui binary for serving static dashboard UI
- Add kube-ui docker image, replication controller, and service
- Make the kube-ui a cluster-addon (enabled by default)
- Split the compiled pkg/ui/datafile.go into separate dashboard and swagger packages
- Update docs to reflect changes
 2015-07-01 14:21:47 -07:00
Alex Robinson e5ea6ae854 Run fluentd on the master node by default. 
This involves adding the logging-write scope to the master when running on GCE.
 2015-07-01 20:07:52 +00:00
Marek Biskup 8df3a9cae8 namespaces in addon update 2015-07-01 21:31:52 +02:00
Zach Loafman 3094c1624b Merge pull request #10492 from derekwaynecarr/add_watch_service_file 
Fix Vagrant kube-up - missed file watch on systemd stops kubelet starting on initial kube-up
 2015-07-01 09:49:59 -07:00
Marek Biskup 7873e252f0 addon updater should not retry too many times because specs may be invalid 2015-07-01 16:22:32 +02:00
derekwaynecarr de78898170 Missing file watch on systemd stops kubelet starting on kube-up 2015-07-01 09:59:26 -04:00
Zach Loafman b83236ee7a Merge pull request #10568 from derekwaynecarr/fix_vagrant_kube_proxy 
Missed update to kube-proxy when removing nginx on vagrant
 2015-07-01 06:42:00 -07:00
Maru Newby 2da59a2f34 Install 'docker' package for Fedora 22 
Fedora < 22 provides docker via the 'docker-io' package, but this
package was renamed to 'docker' as of Fedora 22.  Though the docker
package can be installed manually with 'dnf install docker-io' on F22,
Salt requires the explicit package name or deployment will fail.
 2015-06-30 21:36:33 -07:00
Robert Bailey fedddee157 Install the kubectl binary on nodes in addition to the master. 2015-06-30 16:52:17 -07:00
derekwaynecarr 2cc869b1c5 Missed update to kube-proxy when removing nginx on vagrant 2015-06-30 15:42:52 -04:00
Dawn Chen e55cd709a1 Removed cluster/saltbase/salt/_states/container_bridge.py since it is useless now. 2015-06-30 11:00:41 -07:00
Zach Loafman f21b6b89d1 Fix issues mentioned in #10520 2015-06-30 06:51:10 -07:00
Daniel Smith dcd91666b9 wait until a token shows up to start addons 2015-06-29 18:41:12 -07:00
Justin Santa Barbara e29e9f0033 Add explicit dependency of docker pkg on the deb download 
Salt ordering continues to surprise me.  I saw them execute
out of order, though I don't know why.  Adding an explicit
dependency to prevent out-of-order execution.
 2015-06-28 23:51:12 -04:00
Justin Santa Barbara ea74bd13b8 Work around Salt 18089 
Directly create /etc/sysctl.d/99-salt.conf
 2015-06-28 23:50:00 -04:00
Justin Santa Barbara 54d3ac92ea Don't make kubelet systemd service depend on Docker 
Fixes #10379
 2015-06-26 11:03:09 -04:00
Maxwell Forbes bc1930927d Merge pull request #10347 from justinsb/vagrant_no_cidr_on_master 
Salt: don't assume that master => cbr-cidr
 2015-06-25 10:23:59 -07:00
Maxwell Forbes 655179dcfb Merge pull request #10264 from mikedanese/ca-token 
add ca cert to token controller and all service accounts
 2015-06-25 09:56:35 -07:00
Justin Santa Barbara a0ae1d90ba Salt: don't assume that master => cbr-cidr 
In particular, this is required for vagrant
 2015-06-25 09:17:00 -04:00
Brendan Burns d2334d60c8 Merge pull request #10328 from dchen1107/cleanup 
Add dependencies on docker and kubelet service when copying master co…
 2015-06-24 21:32:35 -07:00
Dawn Chen e7d217d941 Add dependencies on docker and kubelet service when copying master components manifests 
to /etc/kubernetes/manifest
 2015-06-24 21:15:08 -07:00
Maxwell Forbes 3afda5d566 Merge pull request #10312 from dchen1107/cleanup 
Take 2: Fix the race between configuring cbr0 and restarting static pods
 2015-06-24 17:59:50 -07:00
Mike Danese 56bde3342a add ca to token controller and all service accounts 2015-06-24 15:10:20 -07:00
Dawn Chen 6ddfa512de Revert "Revert "Fix the race between configuring cbr0 and restarting static pods"" 
This reverts commit fd0a95dd12.
 2015-06-24 11:10:10 -07:00
Piotr Szczesniak fd0a95dd12 Revert "Fix the race between configuring cbr0 and restarting static pods" 2015-06-24 09:56:49 +02:00
Dawn Chen 9dbe6fe4e4 Added more comments. 2015-06-23 16:28:41 -07:00
Dawn Chen 8d76d4ee57 Make master-addon service depend on both docker and kubelet service 
in salt.
 2015-06-23 12:11:20 -07:00
Dawn Chen 23200d303f Fix several issues on running syncPods until network is configured. 
Also fixed unittests and compiling.
 2015-06-23 12:11:19 -07:00
derekwaynecarr db202d4904 Remove nginx from vagrant 2015-06-23 13:07:50 -04:00
Brendan Burns 192ffdfb25 Fix the container bridge so that it can create cbr0 
Fix the kubelet so that it tries to sync status, even if Docker is down
 2015-06-22 23:18:01 -07:00
Brendan Burns a29ade2f33 Disable creation of cbr0, the kubelet does it now. 
Conditionalize the docker bridge.
 2015-06-22 23:15:29 -07:00
Jeff Lowdermilk 85770295c2 Merge pull request #10004 from ArtfulCoder/kubelet_health 
Augmented kubelet healthz with syncLoop check.
 2015-06-22 10:53:05 -07:00
Abhishek Shah 3556993179 Augmented kubelet healthz with syncLoop check. 
Monit uses read-only port for health monitoring.
 2015-06-19 18:14:01 -07:00
Brendan Burns ec1e308ae2 rev etcd to 2.0.12 2015-06-19 15:57:32 -07:00
Saad Ali 4d25121206 Merge pull request #9769 from brendandburns/secure 
Revert the revert of https://github.com/GoogleCloudPlatform/kubernetes/pull/9761
 2015-06-16 14:21:54 -07:00
Saad Ali 068000a8ba Merge pull request #9847 from mikedanese/apiserver-liveness-probe 
add livenessProbe to kube-apiserver.manifest
 2015-06-16 14:03:13 -07:00
Vishnu Kannan 31f7ea10c6 Updating heapster version to v0.14.1. 
Adding a standalone version of heapster which exposes stats via REST API.
 2015-06-16 11:56:23 -07:00
Saad Ali 5596e6f789 Merge pull request #9493 from marekbiskup/testAddonUpdate 
e2e test for addon upgrade
 2015-06-16 10:50:15 -07:00
Mike Danese 491eb5e583 add livenessProbe to kube-apiserver.manifest 2015-06-15 23:22:56 -07:00
Fabio Yeon 9b3e9a509d Merge pull request #9616 from jeffbean/kube_addons 
kube_addons - Adding variable with default for kubectl bin.
 2015-06-15 19:31:42 -07:00
Fabio Yeon 8d2c7ff1d7 Merge pull request #9687 from satnam6502/fluentd-gcp 
Adjust Fluentd source format for Docker files to be JSON for Cloud Lo…
 2015-06-15 13:32:49 -07:00
Satnam Singh 33311b46a2 Adjust Fluentd source format for Docker files to be JSON for Cloud Logging 2015-06-15 10:22:27 -07:00
Marek Biskup dcc4034d57 e2e test for addon update 2015-06-15 17:37:24 +02:00
Brendan Burns 51b20b35e2 Revert "Revert "Optionalize (default false) --insecure-registry."" 
This reverts commit 1645c9a9b8.
 2015-06-12 21:00:16 -07:00
Dawn Chen 1645c9a9b8 Revert "Optionalize (default false) --insecure-registry." 2015-06-12 17:50:38 -07:00
Justin Santa Barbara 16d6ba8a9d AWS: Stop the master kubelet from registering as a node (like GCE does) 2015-06-12 18:33:45 -04:00
Brendan Burns 675d8378f2 Optionalize (default false) --insecure-registry. 2015-06-11 16:33:14 -07:00
Abhi Shah 59a347d119 Merge pull request #9309 from saad-ali/issue9028 
Enable InfluxDB/Grafana for GCE in addition to GCL. Disable GCM
 2015-06-11 11:04:09 -07:00
Abhi Shah f4eb2f366f Merge pull request #9568 from marekbiskup/docker_log_rotate 
rotate docker log
 2015-06-10 14:50:07 -07:00
Jeffrey Bean 99f64a8a07 kube_addons - Adding variable with default for kubectl bin. Fixes #9599 2015-06-10 14:47:31 -07:00
Abhi Shah 53fa4e1366 Merge pull request #9383 from brendandburns/liveness 
Add liveness checks to the controller-manager and scheduler.
 2015-06-10 14:44:12 -07:00
Abhi Shah c8591bd323 Merge pull request #9491 from ArtfulCoder/etcd_log 
Etcd log mount
 2015-06-10 13:17:10 -07:00
Marek Biskup 83f8cd148d rotate docker log 2015-06-10 12:19:13 +02:00
Brendan Burns ff3f463e00 Add liveness checks to the controller-manager and scheduler. 2015-06-09 13:06:04 -07:00
Robert Bailey 2feb658ed7 Distribute the cluster CA cert to cluster addon pods through 
the kubeconfig file. Use the $KUBERNETES_MASTER_NAME from the
kube-env for skydns, because it can't use the service name.
 2015-06-08 20:17:45 -07:00
Abhishek Shah fe906677d4 Etcd log mount 2015-06-08 17:21:11 -07:00
krousey 8a9e0e00bf Merge pull request #9128 from marekbiskup/addonUpgrade 
Addon upgrade (partial implementation of #8107)
 2015-06-08 15:15:27 -07:00
Marek Biskup 13ba177668 kube-addon-update.sh 2015-06-08 15:10:40 +02:00
CJ Cullen 04cd9b3c75 Make sshproxy use a hostmount on master PD (don't spam sshKeys on upgrade/reboot). 
Add comment describing what SSHTunnelList.Close() does.
Simplify util.FileExists.
 2015-06-05 15:03:03 -07:00
CJ Cullen cb317604ab Some refactoring. Only selectively use ssh proxy. 
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
 2015-06-05 14:55:16 -07:00
CJ Cullen de9a5f43bc Specify sshUser, sshKeyfile in kube-apiserver manifest. 
Trim space on ssh key so GCE doesn't treat it as 2 lines.
A couple other minor fixes.
 2015-06-05 14:55:15 -07:00
CJ Cullen 82afaaf31d Mount cloud-config files for cloudproviders in kube-apiserver & kube-controllermanager. 2015-06-05 14:54:20 -07:00
saadali bc53533c83 Enable InfluxDB/Grafana for GCE in addition to GCM/GCL 2015-06-05 01:17:45 -07:00
derekwaynecarr 2168cee414 Upgrade to Fedora 21, Docker 1.6, clean-up SDN 2015-06-04 10:59:23 -04:00
Daniel Smith 1690617ee6 remove ro service 2015-06-03 16:45:54 -07:00
Brian Grant 984b779b05 Merge pull request #9192 from dchen1107/clean 
Watch kubelet flag file, so restart kubelet upon changes.
 2015-06-03 14:45:07 -07:00
Brian Grant d37264edde Merge pull request #9158 from dchen1107/cleanup 
stop monit kube-proxy on master node.
 2015-06-03 12:13:17 -07:00
Dawn Chen 1d94348023 Watch kubelet flag file, so restart kubelet upon changes. 2015-06-03 09:13:28 -07:00
Prashanth Balasubramanian f7c0f1c1e3 Set min-request-timeout in test clusters 2015-06-03 08:46:28 -07:00
Brian Grant d861631f08 Merge pull request #9142 from roberthbailey/kubelet-on-master 
Prevent access to the /run and /exec endpoints on the master's kubelet
 2015-06-02 22:55:06 -07:00
Dawn Chen 301bed535e stop monit kube-proxy on master node. 
Fixed #8783
 2015-06-02 17:48:24 -07:00
CJ Cullen 934c553c04 Clarify description/usage of --advertise-address, Master.PublicAddress 2015-06-02 15:23:32 -07:00
Robert Bailey 1dad552edc Prevent access to the /run and /exec endpoints on the master's kubelet 
so that users can't run arbitrary code on the master.
 2015-06-02 14:42:11 -07:00
CJ Cullen 085a48a70e Add an advertise-address flag. This allows the address that the apiserver binds 
to (possibly 0.0.0.0) to be different than the address on which members of the cluster
can reach the apiserver (possibly not a local interface).
 2015-06-02 14:33:15 -07:00
Justin Santa Barbara c4a2631593 Mount logic breaks if /var/lib/kubelet is a symlink 
Pass the correct kubelet root-dir on AWS
 2015-05-29 20:13:09 -04:00
Rohit Jnagal 6274d845b9 Merge pull request #8931 from dchen1107/clean 
Fix the race when monit is used to monitor services which are also
 2015-05-29 11:23:21 -07:00
Rohit Jnagal 50b9d6284a Merge pull request #8681 from vmarmol/system-container 
Create a system container
 2015-05-29 09:41:06 -07:00
Tim Hockin ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin 3005471100 Add new apiserver flags for clusterIP (nee portal) 
Leave old flags but marked as deprecated
 2015-05-28 16:10:44 -07:00
Dawn Chen 79a2a4f18d Fix the race when monit is used to monitor services which are also 
started at boot time via init.d at boot time.
 2015-05-28 11:58:33 -07:00
Eric Tune b76dd0e585 Merge pull request #8722 from roberthbailey/dead-flags-salt 
Remove deprecated nodecontroller flags from the salt configuration.
 2015-05-27 08:22:26 -07:00
Victor Marmol c97dda068d Create a /system system container in Debian. 2015-05-26 20:52:09 -07:00
Saad Ali fae1636eda Merge pull request #8586 from vmarmol/use-root-containers 
Run Docker containers as top-level containers in Debian.
 2015-05-26 18:44:36 -07:00
Saad Ali bed9f826d3 Merge pull request #7435 from jsafrane/devel/volume-tests 
V2: Add e2e tests for NFS and Gluster
 2015-05-26 17:49:41 -07:00
Robert Bailey e46b5641ae Remove deprecated flags from the salt configuration. 2015-05-26 12:36:09 -07:00
Jan Safranek 20004e0c16 Add e2e tests for Gluster and NFS tests. 
- add appropriate server containers into contrib/for-tests/volumes-tester
- the tests are off by default (they need kubelet --allow_privileged=True)
  - enable by 'go run hack/e2e.go ... --ginkgo.focus=Volume'
- add glusterfs tools to list of installed packages on each node
 2015-05-25 12:02:41 +02:00
CJ Cullen d6e0aedec1 Re-add the cluster_name flag that the ServiceController and RouteController need. 2015-05-22 16:31:22 -07:00
Victor Marmol 656be14e84 Run Docker containers as top-level containers in Debian. 
Part of #8215
 2015-05-22 13:27:25 -07:00
Dawn Chen 677a4aa1a7 Merge pull request #8164 from cjcullen/cloudprovider 
Route creation reconciler loop.
 2015-05-22 12:27:50 -07:00
Dawn Chen 626d25d50e Initial cpu limit for fluentd pods (file based). 2015-05-21 23:44:26 -07:00
Dawn Chen 456262c43c Merge pull request #8475 from dchen1107/clean 
Create default LimitRange object for cluster: 100m cpu.share per container
 2015-05-21 09:14:20 -07:00
CJ Cullen bf646abf8d Revert "Revert "Modify nodes to register directly with the master."" 
This reverts commit c53786ab31.
 2015-05-20 14:21:03 -07:00
Quinton Hoole c53786ab31 Revert "Modify nodes to register directly with the master." 2015-05-20 13:47:51 -07:00
Satnam Singh 32842b4d22 Update Fluentd GCP image 2015-05-19 16:12:50 -07:00
Dawn Chen 061155c1eb Create LimitRange object for cluster before addons service 2015-05-19 10:23:41 -07:00
Dawn Chen 55501a6314 Have default LimitRange created for cluster: 100m cpu.share per container 2015-05-19 10:23:40 -07:00
Robert Bailey 8e356f8439 Configure the cloud provider for the kubelet. 2015-05-19 09:55:07 -07:00
Robert Bailey 01467e0bb8 Modify nodes to register directly with the master. 
- Delete nodes when they are no longer ready and don't exist in the
cloud provider.
 - Label each node with it's hostname.
 - Add flag to skip node registration.
 - Add a test for registering an existing node.
 2015-05-19 09:55:07 -07:00
Jeff Lowdermilk 553f9f822b Add ga-beacon analytics to gendocs scripts 
hack/run-gendocs.sh puts ga-beacon analytics link into all md files,
hack/verify-gendocs.sh verifies presence of link.
 2015-05-15 18:56:38 -07:00
Daniel Smith ce4b54ec70 Merge pull request #8209 from krousey/v1beta1_cluster 
Removing some v1beta1 uses in cluster/
 2015-05-15 14:56:41 -07:00
Kris Rousey 98c457c397 Updating /cluster to use v1beta 3 specs, and change a lot of polling to 
healthz instead of api endpoints.
 2015-05-15 14:17:55 -07:00
Victor Marmol d3c6fb0d6a Merge pull request #8275 from dchen1107/clean 
Install monit_watcher as a cron job (1m) to check if monit is running,
 2015-05-15 08:02:55 -07:00
Dawn Chen e6c159eda2 Install monit_watcher as a cron job (1m) to check if monit is running, 
and oom protect monit processes.
 2015-05-14 15:19:11 -07:00
Rohit Jnagal e4c98a05ea Merge pull request #8182 from GoogleCloudPlatform/revert-7863-etcd_maxprocs 
Revert "Set GOMAXPROCS for etcd"
 2015-05-14 11:19:56 -07:00
Victor Marmol 5e7a7b9206 Merge pull request #8241 from gmarek/remove_name 
Remove unused ClusterName from NodeController
 2015-05-14 09:49:34 -07:00
Victor Marmol 2b1b85468a Merge pull request #7330 from chrismoos/volume_format_script_updates 
Add safe_format_and_mount to hyperkube image.
 2015-05-14 09:17:20 -07:00
gmarek 8a4717d3f5 Remove unused ClusterName from NodeController 2015-05-14 18:01:23 +02:00
Dawn Chen 309a157665 Merge pull request #7984 from cjcullen/kubelet 
Kubelet configure cbr0 instead of configure-vm.sh
 2015-05-13 17:32:52 -07:00
Yu-Ju Hong ad83197c63 Merge pull request #8187 from satnam6502/nosecret 
Remove the use of secrets from node level logging agents
 2015-05-13 11:12:08 -07:00
Jeff Lowdermilk f8ebc4e21e Merge pull request #8104 from roberthbailey/kubelet-using-kubeconfig 
Replace the auth config file with a kubeconfig file when starting the kubelet on GCE.
 2015-05-13 11:09:27 -07:00
Dawn Chen e32daf4229 Monit watch kubelet and kube-proxy on master node too. 2015-05-13 10:36:00 -07:00
Satnam Singh 53ec5e38c7 Remove the use of secrets from node level logging agents 2015-05-13 10:11:07 -07:00
Filip Grzadkowski eecd7b8c0f Revert "Set GOMAXPROCS for etcd" 2015-05-13 17:53:04 +02:00
Robert Bailey c47b9178b4 Replace the auth config file with a kubeconfig file when 
starting the kubelet on GCE.
 2015-05-13 01:03:28 -07:00
CJ Cullen 31ea7d1295 Put cbr0-modifying stuff behind a flag. Address some other comments. 2015-05-12 23:00:28 -07:00
Alex Robinson a98d883134 Merge pull request #8121 from satnam6502/fluentd-gcp 
Convert node level logging to Cloud Logging to use token-system-logging
 2015-05-12 14:26:46 -07:00
Alex Robinson 96cb4360fa Merge pull request #8120 from satnam6502/fluentd-es 
Convert nodel level logging to ES to use token-system-logging
 2015-05-12 14:26:28 -07:00
Nikhil Jindal d75bd8bf2a Merge pull request #7101 from liggitt/service_account 
ServiceAccounts
 2015-05-12 10:23:41 -07:00
Satnam Singh ade18e4ff3 Conver node level logging to Cloud Logging to use token-system-logging 2015-05-12 10:17:45 -07:00
Satnam Singh f9af0658fa Convert nodel level logging to ES to use token-system-logging 2015-05-12 10:07:49 -07:00
Alex Robinson e2b7ef8d2c Merge pull request #8078 from satnam6502/fluentd-gcp 
Convert Fluentd to Cloud Logging pod specs to YAML
 2015-05-11 16:55:14 -07:00
Satnam Singh e246685468 Convert Fluentd to Cloud Logging pod specs to YAML 2015-05-11 14:55:46 -07:00
Satnam Singh 2f5ba28a17 Switch Fluentd to ES manifest back to YAML 2015-05-11 14:37:41 -07:00
Jordan Liggitt db1f0dc906 JWT token generation/verification 2015-05-11 17:18:06 -04:00
Robert Bailey 6c42cb154b Stop copying certs into /usr/share/nginx/ since nothing relies 
on that location any longer.
 2015-05-11 11:44:19 -07:00
Wojciech Tyczynski 600b00f2b1 Merge pull request #7863 from fgrzadkowski/etcd_maxprocs 
Set GOMAXPROCS for etcd
 2015-05-07 10:09:29 +02:00
Filip Grzadkowski 7e8bde53dd Set GOMAXPROCS for etcd 2015-05-07 08:11:39 +02:00
CJ Cullen f0c26052eb Fix controller-manager manifest for providers that don't specify CLUSTER_IP_RANGE 2015-05-06 17:50:04 -07:00
Maxwell Forbes 7426b533df Merge pull request #7862 from cjcullen/cbr0 
Remove restriction that cluster-cidr be a class-b
 2015-05-06 15:46:57 -07:00
saadali 4569de7a46 Enable Google Cloud Monitoring and Google Cloud Logging instead of 
Influxdb for Google Compute Engine deployments.
 2015-05-06 15:23:40 -07:00
CJ Cullen fbd125e4e2 Remove restriction that cluster-cidr be a class-b 2015-05-06 15:01:13 -07:00
Mark Lamourine b7c1b7eed2 Added port 6443 to kube-proxy default IP address for api-server 
added  api_servers_with_port variable and settings.

removed extra port string

split azure api_server host and port out
 2015-05-06 12:43:24 +00:00
Robert Bailey 357df12c02 Set allocate_node_cidrs to be blank by default. 2015-05-05 23:41:30 -07:00
Jerzy Szczepkowski e967ffd522 Added flag to set cluster class B network address for pods, add flag to disable allocation CIDRs for Pods. Fixed synchornization bug in NodeController registerNodes(). 2015-05-05 16:10:43 -07:00
Jeff Lowdermilk 87cdc3f032 Merge pull request #7672 from eparis/boilerplate-python 
Check license boilerplate for python files
 2015-05-05 09:23:36 -07:00
Chris Moos 1b814ffd2c Add safe_format_and_mount to hyperkube image. 
* Add volume format script into hyperkube image.
* Fix issue with format script on non-redhat platforms.
 2015-05-04 21:25:39 -07:00
Zach Loafman 2b3e52c230 Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 16:33:00 -07:00
Eric Paris f416289a85 update all python with boilerplate 2015-05-04 18:37:47 -04:00
Robert Bailey e3ff2dc02d Merge pull request #7678 from justinsb/aws_api_on_443 
AWS: Change apiserver to listen on 443 directly, not through nginx
 2015-05-04 13:52:57 -07:00
Daniel Smith fbe3ec7513 Merge pull request #7316 from ArtfulCoder/master_components_logs 
logs for master components
 2015-05-04 11:20:03 -07:00
Justin Santa Barbara 57f7b658bb AWS: Change apiserver to listen on 443 directly, not through nginx 
Mirrors changes in GCE.  I think the same changes will be needed for vagrant.
 2015-05-02 16:59:04 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Satnam Singh 941a457851 Trim Fleuntd tag for Cloud Logging 2015-04-30 13:39:35 -07:00
Satnam Singh e65f0aafd5 Trim cluster log tags to pod name and container name 2015-04-29 18:24:13 -07:00
Abhishek Shah 96439b5a52 logs for master components 2015-04-29 09:51:09 -07:00
Robert Bailey 8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Satnam Singh 4a0cc7905d Convert node level logging agents to v1beta3 2015-04-27 17:21:42 -07:00
CJ Cullen 39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
derekwaynecarr 81e9395533 Fix vagrant regression due to #7326 2015-04-27 17:18:30 -04:00
Eric Tune 9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Robert Bailey 846ffcff83 Pass the CA root cert into the apiserver so that the apiserver will 
perform client cert checks for authorization. Only enable on GCE where
the apiserver is terminating SSL connections from end users.
 2015-04-24 22:01:56 -07:00
Nikhil Jindal 84cb48be11 Merge pull request #7246 from satnam6502/es 
Convert Elasticsearch logging to v1beta3 and de-salt
 2015-04-24 09:21:41 -07:00
CJ Cullen 80af1c9e40 kube2sky using kubeconfig secret: take 2. Point system secrets at https://kubernetes. Override in clients that can't use DNS. 2015-04-23 18:13:16 -07:00
Satnam Singh c9b9e7651e Convert Elasticsearch logging to v1beta and de-salt 2015-04-23 13:06:15 -07:00
Dawn Chen f9156c281a Merge pull request #7123 from satnam6502/logging 
Propagate pod and container name for log files
 2015-04-23 10:13:08 -07:00
Satnam Singh 2444c1f943 Propagate pod and container name for log files 2015-04-22 15:08:51 -07:00
Dawn Chen 87e0d5da08 Merge pull request #7186 from ArtfulCoder/no_log_pod_on_master 
removed elasticsearch and fluentd-gcp pods from master
 2015-04-22 14:40:07 -07:00
Abhishek Shah 8cf11fd608 removed elasticsearch and fluentd-gcp pods from master 2015-04-22 12:54:57 -07:00
Robert Bailey dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Eric Tune b944049fe9 Merge pull request #6916 from ArtfulCoder/controller-in-a-pod 
kube-controller-manager in a pod.
 2015-04-21 09:58:29 -07:00
Justin Santa Barbara 29592356f7 Rename salt minion_ip to hostname_override 
Prep work for making AWS node identifier -> instance id
 2015-04-21 06:24:49 -07:00
CJ Cullen 1be193098a Merge pull request #7072 from dchen1107/cleanup 
Remove fqdn dependency for node name
 2015-04-20 18:00:21 -07:00
Abhishek Shah f513aad380 kube-controller-manager in a pod. 2015-04-20 16:06:37 -07:00
Eric Tune c3203cba6d Create system secrets in kubeconfig format 
Was previously kubernetes_auth format.

Added defaults file which uses salt to fill in an env var
with the master's IP.

More thought needs to be given soon to how to make this
connection use a cert for the master, and how to support
multiple masters, and whether to use the DNS record
instead of an IP address.  But this PR unblocks some other
more urgent things, so doing it this way.
 2015-04-20 15:02:45 -07:00
Kenjiro Nakayama 2e702b0c61 Replace hostname -f with uname -n 2015-04-20 14:16:21 -07:00
Eric Tune 424ae1d67a Fix kube-addon retrying. 2015-04-20 07:38:39 -07:00
Robert Bailey 972cf60d2b Merge pull request #6957 from ArtfulCoder/no_monit 
remove unused file
 2015-04-17 11:40:36 -07:00
Abhishek Shah b08102d358 remove unused file 2015-04-16 21:51:51 -07:00
Abhishek Shah 647d5948a1 Docker Image install script - Sleep before each iteration of while loop 2015-04-16 21:46:35 -07:00
Derek Carr 6c394e4d81 Merge pull request #6911 from erictune/del_kub_user 
Remove unused kubelet user from salt.
 2015-04-16 11:45:26 -04:00
Eric Tune 955cc1e1df Remove unused kubelet user from salt. 
Fixes #1512.

Cluster creation and validation succeeds with this change.
 2015-04-16 07:46:56 -07:00
litian54 b5e4111234 Fix Jinja render bug if 'portal_net' or 'cluster_name' is undefined 2015-04-15 17:17:38 -07:00
Abhi Shah 72a694b6b3 Merge pull request #6823 from ArtfulCoder/scheduler-in-a-pod 
Scheduler in a pod
 2015-04-15 08:27:28 -07:00
Abhishek Shah a908bb78ea kube-scheduler in a pod 2015-04-14 17:53:12 -07:00
Quinton Hoole cd6daae014 Merge pull request #6271 from a-robinson/asynclb 
Manage load balancer creation and deletion asynchronously in a ServiceController
 2015-04-14 17:50:07 -07:00
Abhishek Shah 37eb4d85e1 Install kube-controller-manager image 2015-04-14 16:45:39 -07:00
Abhishek Shah 682e8cfa99 Load Kube Scheduler Image. 2015-04-14 15:20:24 -07:00
Alex Robinson ccc300289f Implement a ServiceController that watches services and handles keeping 
external load balancers up-to-date based on the service's specs, using
the new DeltaFIFO watch queue class. Remove the old registry REST
handler code for creating/updating/deleting load balancers.

Also clean up a bunch of the GCE cloudprovider code related to load balancers.
 2015-04-14 18:56:24 +00:00
Justin Santa Barbara 72687184b9 Don't always use aws.conf 
We don't usually need it, and it makes it harder to put apiserver into a container.
 2015-04-14 09:30:00 -07:00
Abhishek Shah c9d7010461 kube-apiserver in a pod. 2015-04-13 15:15:45 -07:00
Dawn Chen 67169ec87d Merge pull request #6719 from litian54/master 
Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minio...
 2015-04-13 10:42:48 -07:00
Dawn Chen 7f2f165797 Revert "kube-apiserver in a pod." 2015-04-10 22:54:52 -07:00
litian54 36ef786228 Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minion grains 2015-04-10 18:27:22 -07:00
Abhishek Shah 2f70395396 kube-apiserver in a pod. 2015-04-10 15:46:49 -07:00
Justin Santa Barbara a366f9ee88 Create the /usr/share/google dir in salt 2015-04-10 13:25:43 -07:00
Justin Santa Barbara b9fd56050a Add safe_format_and_mount script to aws 
Apache licensed :-)
 2015-04-10 13:25:42 -07:00
Derek Carr d2b6920a32 Merge pull request #6496 from ArtfulCoder/docker_image_install 
Load docker images of kubernetes components after docker is installed.
 2015-04-10 16:19:10 -04:00
Maxwell Forbes 7eb7387d97 Merge pull request #6403 from zmerlynn/salt_docs 
Update the existing salt.md, add the start of a Salt README tree
 2015-04-09 10:34:25 -07:00
Abhishek Shah 4996ccbf2d Load docker images of kubernetes components after docker is installed. 2015-04-09 09:06:42 -07:00
Dawn Chen 8ede54c511 Upgrade kubernetes to gcr.io/google_containers/etcd:2.0.9 2015-04-07 16:26:11 -07:00
Justin Santa Barbara 2426366ec8 Update cAdvisor with moved docker root on AWS 
We set up a symlink now, and we also pass docker_root into the kubelet.

The symlink is probably sufficient, but doing both feels safer.
 2015-04-07 10:40:22 -07:00
Abhishek Shah a0ea2c6718 Disable nginx service 2015-04-06 18:38:03 -07:00
Zach Loafman c292d2e8d6 Update the existing salt.md, add the start of a Salt README tree 
Starts to fix #6070
 2015-04-06 14:41:21 -07:00
Abhishek Shah 9231fae998 Prevent docker load. 2015-04-06 11:09:27 -07:00
Abhishek Shah fb665ede4c Run etcd on localhost for all providers. 2015-04-03 14:00:44 -07:00
Abhishek Shah 23c42cd8b2 Etcd listens on localhost for GCE 2015-04-03 11:40:09 -07:00
Yu-Ju Hong 76f1232a2e Merge pull request #6404 from dchen1107/master 
Using gcr.io/google_containers/etcd:2.0.8
 2015-04-03 08:51:41 -07:00
Zach Loafman de67b96ff7 Merge pull request #6396 from ArtfulCoder/master_logging 
Enable log collection from master.
 2015-04-02 18:50:30 -07:00
Abhishek Shah 39bb6d3777 Enable log collection from master. 2015-04-02 18:37:07 -07:00
Zach Loafman 12cf7681a9 Merge pull request #5470 from erictune/for-abhis 
Make secrets at cluster startup.
 2015-04-02 17:43:56 -07:00
Dawn Chen 814177c21b Using gcr.io/google_containers/etcd:2.0.8 2015-04-02 17:04:05 -07:00
Abhi Shah a918a719e0 Merge pull request #6334 from brendandburns/nginx 
Add an nginx docker image for use on the master.
 2015-04-02 16:58:02 -07:00
Brendan Burns 9f48a2f4e6 Add an nginx docker image for use on the master. 2015-04-02 16:42:17 -07:00
Eric Tune 59daeabaee Make secrets at cluster startup. 
These secrets will be used in subsequent PRs by:
scheduler, controller-manager, monitoring services,
logging services, and skydns.

Each of these services will then be able to stop using kubernetes-ro
or host networking.
 2015-04-02 15:58:45 -07:00
Zach Loafman c627a3598c Merge pull request #6384 from erictune/cleanup-addons.sh 
Use same addons script for init.d and systemd.
 2015-04-02 14:49:44 -07:00
Derek Carr 4ae016e022 Merge pull request #6382 from derekwaynecarr/fix_vagrant_kubelet 
Fix vagrant with etcd in pod
 2015-04-02 17:22:44 -04:00
Eric Tune b9570b3daa Use same addons script for init.d and systemd. 2015-04-02 14:07:23 -07:00
derekwaynecarr c6bf46acd7 Fix vagrant with etcd in pod 2015-04-02 16:55:29 -04:00
Dawn Chen 9b2f835a01 Merge pull request #6326 from ArtfulCoder/docker_image_creation 
Create Docker images for master components
 2015-04-02 13:12:17 -07:00
Abhishek Shah b1b779a8d5 docker image creation 2015-04-02 12:39:12 -07:00
Filip Grzadkowski 65c2942a82 Increase ulimit -n for apiserver. 2015-04-02 17:01:23 +02:00
CJ Cullen 5e6e67ba59 Add an alternative TokenSource to the GCE CloudProvider. 2015-04-01 17:52:30 -07:00
Dawn Chen ab1a8b1e7c Merge pull request #6298 from roberthbailey/kubelet-config 
Remove salt configuration that matches the default settings in the Kubelet.
 2015-04-01 14:31:31 -07:00
Derek Carr 2af9b54147 Merge pull request #6259 from zmerlynn/fix_cloud_provider 
Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack
 2015-04-01 17:04:05 -04:00
Robert Bailey 40ebed845f Remove salt configuration that matches the default settings in 
the Kubelet.
 2015-04-01 12:13:40 -07:00
Abhishek Shah 8e3a41b52c Run etcd 2.0.5 in a pod 2015-04-01 11:38:21 -07:00
Zach Loafman b581320bf7 Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack 
This variable can be entirely derived from grains.cloud, and it
simplifies the configuration somewhat. (Or someone convince me I'm
wrong. I'm happy to be wrong here.)
 2015-04-01 08:32:32 -07:00