github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
11,181 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

133 Commits (f62aa79cd554c4ae4c7caa5b1413cc5bd81eb9da)

Author SHA1 Message Date
Clayton Coleman 7d620c20b9 Merge pull request #8105 from thockin/dns-domain 
Rename default DNS domain to cluster.local
 2015-05-12 17:18:45 -04:00
Tim Hockin e83e49b076 rename default DNS domain to cluster.local 2015-05-11 23:00:43 -07:00
Jordan Liggitt 7e14a80f63 ServiceAccount admission plugin 2015-05-11 17:18:06 -04:00
BenTheElder 0b32bb1e4c Call kube-down in test-teardown 
See https://github.com/GoogleCloudPlatform/kubernetes/issues/7978
 2015-05-08 14:50:35 -04:00
Zach Loafman 875e83a741 Revert "Revert "Security context - types, kubelet, admission"" 2015-05-05 16:02:13 -07:00
Zach Loafman f48904fd5e Revert "Security context - types, kubelet, admission" 2015-05-05 15:20:39 -07:00
Paul Weil 982bf19c20 security context initial implementation - squash 2015-05-05 13:46:13 -04:00
BenTheElder 7ea1ccd7a3 Set vagrant test cluster default NUM_MINIONS=2 2015-05-04 04:19:20 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Jan Safranek 6e810492fb Fixed name of kube-proxy path in deployment scripts. 2015-04-28 10:10:37 +02:00
Eric Tune 9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Jan Safranek 1c8f888477 Fix vagrant setup broken by commit 7475efbcfb. 
- 'local' can be used only inside bash functions
- s/KNOWN_TOKENS_FILE/known_tokens_file
 2015-04-23 11:00:10 +02:00
Zach Loafman 86468cd29d Revert "Added kube-proxy token." 2015-04-22 10:55:08 -07:00
Zach Loafman b98f93bb4b Merge pull request #7112 from erictune/kubeconfig-secrets 
Extend PR#5470 for AWS and Vagrant
 2015-04-22 09:25:53 -07:00
Zach Loafman 854c20c5e2 Merge pull request #7113 from erictune/kube-proxy-token 
Added kube-proxy token.
 2015-04-22 09:16:04 -07:00
Eric Tune b944049fe9 Merge pull request #6916 from ArtfulCoder/controller-in-a-pod 
kube-controller-manager in a pod.
 2015-04-21 09:58:29 -07:00
Eric Tune 2ca8a9d15d Added kube-proxy token. 
Generates the new token on AWS, GCE, Vagrant.
Renames instance metadata from "kube-token" to "kubelet-token".
(Is this okay for GKE?)

Having separate tokens for kubelet and kube-proxy permits
using principle of least privilege, makes it easy to
rate limit the clients separately, allows annotation
of apiserver logs with the client identity at a finer grain
than just source-ip.
 2015-04-21 09:21:31 -07:00
Eric Tune 7475efbcfb Extend PR#5470 for AWS and Vagrant 2015-04-21 08:22:31 -07:00
Justin Santa Barbara 29592356f7 Rename salt minion_ip to hostname_override 
Prep work for making AWS node identifier -> instance id
 2015-04-21 06:24:49 -07:00
derekwaynecarr 3fc627e416 Fix vagrant regression from 6691 2015-04-21 00:44:44 -04:00
Abhishek Shah f513aad380 kube-controller-manager in a pod. 2015-04-20 16:06:37 -07:00
Jeff Lowdermilk 3787fc5eca set KUBECONFIG in common.sh, default to new location 
and preserve value in ginkgo e2e test driver
 2015-04-20 11:07:35 -07:00
Jeff Lowdermilk 4f6dc99075 Generate kubeconfig for all providers in cluster/ that use auth 2015-04-20 11:07:35 -07:00
Matt Bogosian e8672e2242 Fix #2741. Add support for alternate Vagrant providers: VMWare Fusion, VMWare Workstation, and Parallels. 2015-04-17 11:26:29 -07:00
derekwaynecarr d1668b1dfa Vagrant should not block on daemons that moved to pods 2015-04-15 23:15:34 -04:00
yaoguo e597b41d93 Remove duplicate localhost setting 2015-04-10 00:10:47 +08:00
nikhiljindal fe60be3179 Moving v1beta1 kubectl examples to v1beta3 2015-04-08 13:08:13 -07:00
Brian Grant b0b6418ca3 Merge pull request #6377 from nikhiljindal/kubevtl 
Updating components to use v1beta3
 2015-04-03 15:58:09 -07:00
nikhiljindal f2b72931fc Updating components to use v1beta3 2015-04-03 15:19:14 -07:00
Abhishek Shah fb665ede4c Run etcd on localhost for all providers. 2015-04-03 14:00:44 -07:00
derekwaynecarr c6bf46acd7 Fix vagrant with etcd in pod 2015-04-02 16:55:29 -04:00
Derek Carr 2af9b54147 Merge pull request #6259 from zmerlynn/fix_cloud_provider 
Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack
 2015-04-01 17:04:05 -04:00
Zach Loafman b581320bf7 Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack 
This variable can be entirely derived from grains.cloud, and it
simplifies the configuration somewhat. (Or someone convince me I'm
wrong. I'm happy to be wrong here.)
 2015-04-01 08:32:32 -07:00
Derek Carr 762c449043 Merge pull request #6262 from zmerlynn/rm_master_ip 
rm Salt grains.master_ip
 2015-04-01 11:10:48 -04:00
António Meireles 7680c2f771 fix typo in spelling. 
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-04-01 10:43:52 +01:00
Zach Loafman 0806e3bde0 rm Salt grains.master_ip 
This appears in the Salt documentation, is set by Vagrant, but has no
consumers. Remove vestigial references.
 2015-03-31 17:31:47 -07:00
Zach Loafman 6c219885e0 s/apiservers/api_servers/ in Salt 
It looks like api_servers finally won this battle. Kill off the
last remaining places passing it, but allow the kubelet Salt to
accept apiservers for a period of time.

(This was bothering my OCD.)
 2015-03-31 12:29:46 -07:00
Derek Carr dabd4984b7 Merge pull request #5856 from marshauf/master 
Use VBoxManage instead of virtualbox in cluster/vagrant/util.sh
 2015-03-24 16:16:12 -04:00
Marcel Hauf cf36fdc7f9 Use VBoxManage instead of virtualbox in cluster/vagrant/util.sh verify-prereqs function. The executable virtualbox does not exist. 2015-03-24 17:42:22 +01:00
derekwaynecarr ee53dfc741 Turn on namespace lifecycle plug-in 2015-03-24 10:36:06 -04:00
Zach Loafman 407d1fec45 Both @satnam6502 and E2E tests confirm: This code is no longer needed 
Deletion is wonderful. The only weird thing was where to put the
message about the proxy URLs. Satnam suggested kubectl clusterinfo,
which seemed like a good option to put at the end of cluster turn-up.
 2015-03-19 22:23:11 -07:00
jayunit100 9b67949085 Fix vagrant so that ssh commands work OOTB, (squashed) move verify to vagrant/util.sh, remove run_provider_test, cleanup. 2015-03-18 15:02:12 -04:00
Vishnu Kannan e7aca5c337 Enable heapster based cluster monitoring by default on other cluster providers, expect for GKE. 2015-03-11 23:34:04 +00:00
Vishnu Kannan 663bdb91c9 Remove monitoring firewall setup methods. Heapster anf Grafana are now accessible via the API server proxy. 2015-03-11 23:20:45 +00:00
derekwaynecarr f71a91a131 Fix regression introduced when moving to standalone salt 2015-03-11 11:06:00 -04:00
derekwaynecarr 468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
derekwaynecarr 2ed8eed004 Make admission control plug-ins work from indexes 2015-03-06 09:36:57 -05:00
derekwaynecarr 35ab4ccc6d Further vagrant reliability improvements. 2015-03-03 06:55:34 -08:00
derekwaynecarr 5fdf6b131c Fix error provisioning kube-apiserver on vagrant 2015-02-27 10:17:46 -08:00
Brendan Burns 16b97a4a45 Merge pull request #4591 from derekwaynecarr/origin_example 
WIP: Example running OpenShift Origin as pod on Kubernetes
 2015-02-26 14:38:21 -08:00