e943c47e68
Fix issue of comparing instance URLs with different project ID representations
...
in GCE target pools.
2015-07-15 21:24:45 +00:00
a8f02e5472
Automatically open a firewall when creating a GCE load balancer.
2015-07-10 14:35:29 -07:00
b52c6f673e
Increase the rate limiting of GCE's token source. The burst being at 3
...
means transient errors won't incur such long waits, but repeating
failures shouldn't be retrying every second.
2015-07-09 22:51:23 +00:00
53c9f324c2
Add prometheus metrics for altTokenSource.
2015-07-07 15:25:23 -07:00
530bff315f
Merge pull request #10719 from justinsb/aws_mountpoints
...
AWS: Some images require volume mounts on /dev/xvdX
2015-07-07 10:48:19 -07:00
736b3cb050
Merge pull request #10181 from swagiaal/aws-ebs-name
...
Use instance availability zone for AWS EBS
2015-07-06 11:39:33 -07:00
f33df03d50
AWS: Some images require volume mounts on /dev/xvdX
...
It seems impossible to determine from outside. Thankfully we're running
the attachment from inside the instance, so can check for /dev/sdX or
/dev/xvdX.
More modern images seem to be moving to /dev/xvdX
2015-07-04 10:45:06 -04:00
591a113406
AWS: Return InstanceNotFound from ExternalID when not found
...
Despite finding and documenting the importance of this, I was still doing it
wrong!
2015-07-04 10:41:38 -04:00
5ae7c13ad3
AWS: Use private dns name for node name again
...
This is a partial reversion of #9728 , and should fix #10612 .
9728 used the AWS instance id as the node name. But proxy, logs
and exec all used the node name as the host name for contacting the minion.
It is possible to resolve a host to the IP, and this fixes logs. But
exec and proxy also require an SSL certificate match on the hostname,
and this is harder to fix.
So the sensible fix seems to be a minimal reversion of the changes in #9728 ,
and we can revisit this post 1.0.
2015-07-03 01:23:51 -04:00
4a6a492281
Use instance availability zone for AWS EBS
...
Signed-off-by: Sami Wagiaalla <swagiaal@redhat.com>
2015-06-25 16:00:30 -04:00
4461daa218
AWS: Enabling resize tests
2015-06-24 19:01:42 -04:00
2a5ed2f086
AWS: Use auto-scaling group to run minions
...
This uses the dynamic CIDR work, and we set source-dest-check to false
when we configure the route (which kind-of makes sense)
2015-06-19 10:22:15 -04:00
9f32599bee
Merge pull request #9720 from justinsb/aws_routes
...
Refactor Routes, and dynamically configure minion CIDRs on AWS
2015-06-18 17:16:29 -07:00
0ad16a187d
Refactor findRouteTable to be less verbose
...
Thanks for the suggestion @cjcullen
2015-06-18 17:08:32 -07:00
a4e15cdf3e
AWS: Configure minion routes dynamically
...
We need to implement the Routes interface, and then enable the functionality in the cluster scripts.
2015-06-18 14:59:37 -07:00
a3b43a36fd
Refactor cloud route interface, to avoid assumption that routes are named
2015-06-18 14:59:37 -07:00
a77bc9cfc4
Document assumption made by node-controller, and fix AWS to match
...
ExternalID must return "", cloudprovider.InstanceNotFound if the instance
is not found, for nodecontroller to remove nodes corresponding to deleted instances.
2015-06-18 14:55:10 -07:00
4c13f8957d
Merge pull request #10057 from justinsb/aws_id_as_name_2
...
Fix of reverted #9728
2015-06-18 14:07:21 -07:00
bd512ae06d
AWS: Use the instance id as the node name
...
The EC2 instance id is the canonical node name on EC2.
2015-06-18 12:40:10 -07:00
df87470ecf
Allow cloud providers to return a node identifier different from the hostname
2015-06-18 12:40:05 -07:00
e4f5529a2d
Revert "Allow nodename to be != hostname, use AWS instance ID on AWS"
2015-06-18 11:27:55 -07:00
abf1e768dc
Pass through an explicit PROXY_SSH_USER.
...
Use user@user instead of user@hostname in case hostname is too long.
2015-06-18 10:35:02 -07:00
790ca2344f
Merge pull request #9728 from justinsb/aws_id_as_name
...
Allow nodename to be != hostname, use AWS instance ID on AWS
2015-06-18 10:17:39 -07:00
15596ede41
Make AddSSHKeys a controller loop. Make sure master's always initializes m.tunnels.
2015-06-17 17:46:27 -07:00
c89b0cd807
AWS: Use the instance id as the node name
...
The EC2 instance id is the canonical node name on EC2.
2015-06-17 00:40:43 -04:00
efaead81dc
Allow cloud providers to return a node identifier different from the hostname
2015-06-17 00:40:43 -04:00
bf7946c326
AWS: Define new m4 instance types
2015-06-17 00:04:05 -04:00
1561fce81c
servicecontroller: last state applied to LB vs last state seen
...
We need the last state seen for interpreting the change-stream,
separately we need to track the last state we successfully applied to the
load balancer.
2015-06-16 18:59:03 -04:00
4d5d0457ef
Fix mislooping in ssh.go. Add retries to AddSSHKeys.
2015-06-16 00:08:37 -07:00
99bf48dc2f
Merge pull request #9542 from brendandburns/validate
...
Change the way we test if a disk is already attached.
2015-06-09 22:00:06 -07:00
3350eecedf
Change the way we test if a disk is already attached.
...
Validated by manual introspection on a running GCE cluster.
2015-06-09 17:50:52 -07:00
f62a2a1bb6
Merge pull request #9451 from cjcullen/mig
...
Use Node IP Address instead of Node.Name in minion.ResourceLocation.
2015-06-09 15:52:12 -07:00
3d803ab7b2
Merge pull request #9410 from cjcullen/ratelimit
...
Add a RateLimiter for the gce altTokenSource.
2015-06-09 11:11:48 -07:00
2d85e4a094
Use Node IP Address instead of Node.Name in minion.ResourceLocation.
...
Refactor GetNodeHostIP into pkg/util/node (instead of pkg/util to break import cycle).
Include internalIP in gce NodeAddresses.
2015-06-08 16:58:00 -07:00
afb9a7e362
Merge pull request #9373 from justinsb/aws_lb_cleanup
...
Make deletion of an AWS load balancer clean
2015-06-08 16:49:21 -07:00
be0d24824d
Add a RateLimiter for the gce altTokenSource.
2015-06-08 11:16:52 -07:00
c2caa3f1da
AWS: Fix cleanup of security group
...
The most reliable way seems to be to deauthorize the LB security group from
other groups, then delete the LB itself, then repeatedly retry to delete the LB
security group.
We can't delete the LB security group until the LB is actually completely
deleted, but the LB is hidden from the API during deletion. So our only real
option is to retry deletion of the LB security group until the expected error
goes away when the LB is fully deleted.
2015-06-06 23:20:34 -04:00
1700259508
AWS: Ignore the UserId when determining whether we can skip revoking a security group
...
Otherwise we weren't correctly de-authorizing the AWS LB SG from the Node SG
2015-06-06 12:37:01 -04:00
8fafefd728
Fix doc for edge-case return from removeSecurityGroupIngress
2015-06-06 12:25:50 -04:00
e32c66c6f4
Fix typo: Ingess -> Ingress
2015-06-06 12:22:50 -04:00
cb317604ab
Some refactoring. Only selectively use ssh proxy.
...
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
2015-06-05 14:55:16 -07:00
7ea533d871
Add the SSHTunnel transport to the kubelet client.
2015-06-05 14:55:15 -07:00
de9a5f43bc
Specify sshUser, sshKeyfile in kube-apiserver manifest.
...
Trim space on ssh key so GCE doesn't treat it as 2 lines.
A couple other minor fixes.
2015-06-05 14:55:15 -07:00
5115fd5703
Add key generation.
2015-06-05 14:55:15 -07:00
48e8a8b0ec
AWS: Set up security groups, to mirror GCE firewalling
...
Some slightly fussy code to enable load-balancers to talk to
instances, but otherwise relatively simple.
2015-06-05 16:10:08 -04:00
33a3d884f2
AWS: Filter by Cluster tag, rationalize EC2 abstraction
...
Whenever we do a list we now filter on tags so we only see resources relating
to our cluster.
Also, rationalize all the DescribeX calls:
* They all take a request object (so that we can pass filters)
* They do paging if that is required (and return the underlying resources)
* They wrap any error with a "error while listing X: %v" message
2015-06-05 16:09:01 -04:00
f048d0dff7
Merge pull request #9105 from anguslees/openstack-provider
...
Openstack LB improvements
2015-06-05 12:06:12 -07:00
75f49b331a
Ignore "unspecified" externalIP during LB create
...
Previously we always passed `Address: externalIP.String()` while
creating a loadbalancer VIP. This passed "0.0.0.0" when externalIP was
unspecified, effectively making it mandatory to specify an externalIP.
This change correctly leaves `Address` unspecified when externalIP is
unspecified (has a zero value).
(Thanks to @justinsb for the report)
2015-06-05 16:27:45 +10:00
b5251de193
Merge pull request #9261 from justinsb/aws_d2_instance_types
...
AWS: Add d2 instance types
2015-06-04 13:11:43 -07:00
6eea271656
Guard against non AWS errors.
2015-06-04 10:33:36 -07:00
Alex Robinson