ImagePullKeys -> ImagePullSecret
Explain that overwriting the /root/.dockercfg not recommended for GKE.
Give detailed and tested steps for distributing a .dockercfg.
The test verifies that kubelet deletes the pods/containers within a reasonable
time. It queries the kubelet /runningpods endpoint to retrieve a list of
running pods directly. The outline of the test is:
- Create an RC
- Wait until all pods are running (based on the pod status)
- Verify pods are running by querying the /runningpods
- Delete the RC
- Check all pods are deleted by querying /runningpods
Changes include:
- Add kube-ui binary for serving static dashboard UI
- Add kube-ui docker image, replication controller, and service
- Make the kube-ui a cluster-addon (enabled by default)
- Split the compiled pkg/ui/datafile.go into separate dashboard and swagger packages
- Update docs to reflect changes
If a pod was deleted and the associated volumes/directory were removed, there
could be a window where the pod worker is still active. If the pod worker tries
to inspect the logs, such an error would be logged. Since the pod has been
deleted, such error messages are meaningless.
This change stops logging this error, but stores the error string in the pod
status. The pod status will be updated for pods that are still alive, and will
be discarded eventually for deleted pods.
A cert from GCE shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes,
- DNS:kubernetes.default
- DNS:kubernetes.default.svc
- DNS:kubernetes.default.svc.cluster.local
- DNS:e2e-test-zml-master
A similarly configured self signed cert shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes
- DNS:kubernetes.default
- DNS:kubernetes.default.svc
So we are missing the fqdn kubernetes.default.svc.cluster.local. The
apiserver does not even know the fqdn! it's defined entirely by the
kubelet! We also do not have the cluster name certificate. This may be
--cluster-name= argument to the apiserver but will take a bit more
research.
nfs synced folders do not require guest additions and are faster than
vmware and virtualbox's shared folders. This change configures the
default /vagrant synced folder to use nfs if the
KUBERNETES_VAGRANT_USE_NFS environment variable is set to 'true'.
Some downstream components want to use a StringSet in their internal
objects, but leaving util.empty private means that generated conversions
cannot create constructors generically for those objects. This makes
Empty public until such a time as the generator supports private types.
This change allows the namespace in kubeconfig to be overridden by
specifying the namespace in the spec file. If namespace is explicitly
provided in the command line flags and the spec file has a different
namespace, this will cause an error.
This change is required for the handler to work with sshtunnels.
Without it, `kubectl exec` and `kubectl port-forward` are broken
when an ssh proxy is used (see #9292). I manually verified this
fixes that issue, e2e test coming shortly.
Eric Tune