github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
10,304 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

316 Commits (e3fc039eaad7101c0893e6e1fa6fab39f7e48812)

Author SHA1 Message Date
Satnam Singh 941a457851 Trim Fleuntd tag for Cloud Logging 2015-04-30 13:39:35 -07:00
Satnam Singh e65f0aafd5 Trim cluster log tags to pod name and container name 2015-04-29 18:24:13 -07:00
Robert Bailey 8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Satnam Singh 4a0cc7905d Convert node level logging agents to v1beta3 2015-04-27 17:21:42 -07:00
CJ Cullen 39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
derekwaynecarr 81e9395533 Fix vagrant regression due to #7326 2015-04-27 17:18:30 -04:00
Eric Tune 9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Robert Bailey 846ffcff83 Pass the CA root cert into the apiserver so that the apiserver will 
perform client cert checks for authorization. Only enable on GCE where
the apiserver is terminating SSL connections from end users.
 2015-04-24 22:01:56 -07:00
Nikhil Jindal 84cb48be11 Merge pull request #7246 from satnam6502/es 
Convert Elasticsearch logging to v1beta3 and de-salt
 2015-04-24 09:21:41 -07:00
CJ Cullen 80af1c9e40 kube2sky using kubeconfig secret: take 2. Point system secrets at https://kubernetes. Override in clients that can't use DNS. 2015-04-23 18:13:16 -07:00
Satnam Singh c9b9e7651e Convert Elasticsearch logging to v1beta and de-salt 2015-04-23 13:06:15 -07:00
Dawn Chen f9156c281a Merge pull request #7123 from satnam6502/logging 
Propagate pod and container name for log files
 2015-04-23 10:13:08 -07:00
Satnam Singh 2444c1f943 Propagate pod and container name for log files 2015-04-22 15:08:51 -07:00
Dawn Chen 87e0d5da08 Merge pull request #7186 from ArtfulCoder/no_log_pod_on_master 
removed elasticsearch and fluentd-gcp pods from master
 2015-04-22 14:40:07 -07:00
Abhishek Shah 8cf11fd608 removed elasticsearch and fluentd-gcp pods from master 2015-04-22 12:54:57 -07:00
Robert Bailey dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Eric Tune b944049fe9 Merge pull request #6916 from ArtfulCoder/controller-in-a-pod 
kube-controller-manager in a pod.
 2015-04-21 09:58:29 -07:00
Justin Santa Barbara 29592356f7 Rename salt minion_ip to hostname_override 
Prep work for making AWS node identifier -> instance id
 2015-04-21 06:24:49 -07:00
CJ Cullen 1be193098a Merge pull request #7072 from dchen1107/cleanup 
Remove fqdn dependency for node name
 2015-04-20 18:00:21 -07:00
Abhishek Shah f513aad380 kube-controller-manager in a pod. 2015-04-20 16:06:37 -07:00
Eric Tune c3203cba6d Create system secrets in kubeconfig format 
Was previously kubernetes_auth format.

Added defaults file which uses salt to fill in an env var
with the master's IP.

More thought needs to be given soon to how to make this
connection use a cert for the master, and how to support
multiple masters, and whether to use the DNS record
instead of an IP address.  But this PR unblocks some other
more urgent things, so doing it this way.
 2015-04-20 15:02:45 -07:00
Kenjiro Nakayama 2e702b0c61 Replace hostname -f with uname -n 2015-04-20 14:16:21 -07:00
Eric Tune 424ae1d67a Fix kube-addon retrying. 2015-04-20 07:38:39 -07:00
Robert Bailey 972cf60d2b Merge pull request #6957 from ArtfulCoder/no_monit 
remove unused file
 2015-04-17 11:40:36 -07:00
Abhishek Shah b08102d358 remove unused file 2015-04-16 21:51:51 -07:00
Abhishek Shah 647d5948a1 Docker Image install script - Sleep before each iteration of while loop 2015-04-16 21:46:35 -07:00
Derek Carr 6c394e4d81 Merge pull request #6911 from erictune/del_kub_user 
Remove unused kubelet user from salt.
 2015-04-16 11:45:26 -04:00
Eric Tune 955cc1e1df Remove unused kubelet user from salt. 
Fixes #1512.

Cluster creation and validation succeeds with this change.
 2015-04-16 07:46:56 -07:00
litian54 b5e4111234 Fix Jinja render bug if 'portal_net' or 'cluster_name' is undefined 2015-04-15 17:17:38 -07:00
Abhi Shah 72a694b6b3 Merge pull request #6823 from ArtfulCoder/scheduler-in-a-pod 
Scheduler in a pod
 2015-04-15 08:27:28 -07:00
Abhishek Shah a908bb78ea kube-scheduler in a pod 2015-04-14 17:53:12 -07:00
Quinton Hoole cd6daae014 Merge pull request #6271 from a-robinson/asynclb 
Manage load balancer creation and deletion asynchronously in a ServiceController
 2015-04-14 17:50:07 -07:00
Abhishek Shah 37eb4d85e1 Install kube-controller-manager image 2015-04-14 16:45:39 -07:00
Abhishek Shah 682e8cfa99 Load Kube Scheduler Image. 2015-04-14 15:20:24 -07:00
Alex Robinson ccc300289f Implement a ServiceController that watches services and handles keeping 
external load balancers up-to-date based on the service's specs, using
the new DeltaFIFO watch queue class. Remove the old registry REST
handler code for creating/updating/deleting load balancers.

Also clean up a bunch of the GCE cloudprovider code related to load balancers.
 2015-04-14 18:56:24 +00:00
Justin Santa Barbara 72687184b9 Don't always use aws.conf 
We don't usually need it, and it makes it harder to put apiserver into a container.
 2015-04-14 09:30:00 -07:00
Abhishek Shah c9d7010461 kube-apiserver in a pod. 2015-04-13 15:15:45 -07:00
Dawn Chen 67169ec87d Merge pull request #6719 from litian54/master 
Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minio...
 2015-04-13 10:42:48 -07:00
Dawn Chen 7f2f165797 Revert "kube-apiserver in a pod." 2015-04-10 22:54:52 -07:00
litian54 36ef786228 Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minion grains 2015-04-10 18:27:22 -07:00
Abhishek Shah 2f70395396 kube-apiserver in a pod. 2015-04-10 15:46:49 -07:00
Justin Santa Barbara a366f9ee88 Create the /usr/share/google dir in salt 2015-04-10 13:25:43 -07:00
Justin Santa Barbara b9fd56050a Add safe_format_and_mount script to aws 
Apache licensed :-)
 2015-04-10 13:25:42 -07:00
Derek Carr d2b6920a32 Merge pull request #6496 from ArtfulCoder/docker_image_install 
Load docker images of kubernetes components after docker is installed.
 2015-04-10 16:19:10 -04:00
Maxwell Forbes 7eb7387d97 Merge pull request #6403 from zmerlynn/salt_docs 
Update the existing salt.md, add the start of a Salt README tree
 2015-04-09 10:34:25 -07:00
Abhishek Shah 4996ccbf2d Load docker images of kubernetes components after docker is installed. 2015-04-09 09:06:42 -07:00
Dawn Chen 8ede54c511 Upgrade kubernetes to gcr.io/google_containers/etcd:2.0.9 2015-04-07 16:26:11 -07:00
Justin Santa Barbara 2426366ec8 Update cAdvisor with moved docker root on AWS 
We set up a symlink now, and we also pass docker_root into the kubelet.

The symlink is probably sufficient, but doing both feels safer.
 2015-04-07 10:40:22 -07:00
Abhishek Shah a0ea2c6718 Disable nginx service 2015-04-06 18:38:03 -07:00
Zach Loafman c292d2e8d6 Update the existing salt.md, add the start of a Salt README tree 
Starts to fix #6070
 2015-04-06 14:41:21 -07:00