github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
115,151 Commits 1 Branch 31 Tags
main
Commit Graph

1333 Commits

Author SHA1 Message Date
Davanum Srinivas
b1742f19ef Switch kube-controller-manager to distroless image 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-21 22:33:54 -04:00
Kubernetes Prow Robot
c97c61ebe8 Merge pull request #91304 from karan/gcireviewer 
add karan to gci reviewer
 2020-05-20 19:42:20 -07:00
Kubernetes Prow Robot
52358fe010 Merge pull request #91228 from sambdavidson/iprotflags 
Add SNI flags usage to configure-*.sh
 2020-05-20 19:41:30 -07:00
Samuel Davidson
20b37d6c5a Add IP rotation flags and env-vars to configure-*.sh 2020-05-20 13:07:37 -07:00
Karan Goel
451592c6a5 add karan to gci reviewer 2020-05-20 10:42:42 -07:00
Jacek Kaniuk
57caa27b8d Do not add kube-apiserver performance flags if already set 2020-05-20 19:05:16 +02:00
Antoni Zawodny
15e491eb2f Update kube-addon-manager to v9.1.1 2020-05-20 09:50:20 +02:00
Jakub Przychodzeń
ce1840d253 Revert "Update cri-tools to v1.18.0" 
This reverts commit 4b3e023659.
 2020-05-19 11:19:39 +02:00
Sascha Grunert
4b3e023659 Update cri-tools to v1.18.0 
Bump cri-tools to the latest version and update test scripts.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-05-18 13:38:41 +02:00
Jordan Liggitt
950ed38996 Mark experimental-cluster-signing-duration deprecated, add --cluster-signing-duration 2020-05-15 14:09:58 -04:00
Tim Hockin
d681a04541 Force LICENSES refresh on GCE images 
Some test images have it baked in.
 2020-05-11 14:25:26 -07:00
Yuwen Ma
1aa67fc525 Switch core master base images from debian to distroless 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-09 06:55:00 -04:00
Kubernetes Prow Robot
7d53ecee37 Merge pull request #90575 from thockin/fix_license_again 
Reorganize vendor licenses again (revert #85220)
 2020-05-08 23:03:51 -07:00
Tim Hockin
325ea6e3c2 Restructure licenses again (revert cd4474a) 
This moves licenses of vendored code from one monolith file into a tree
of individual files for easier reviews.  This fixes both the bash and
bazel paths.
 2020-05-07 21:48:59 -07:00
Walter Fender
339918d206 Add admin account on master for kube-up 
Creates a master local admin account.
If you are on the master you can now run kubectl.
For issue 87481.
 2020-05-06 17:19:58 -07:00
Davanum Srinivas
0d38f21932 Use bionic repo for docker as focal is not yet available 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-03 16:50:49 -04:00
Kubernetes Prow Robot
e494b0788b Merge pull request #89543 from bartekzurawski/fix-kube-up-gce-private-restart 
Set ip alias route on kubernetes-master during booting
 2020-04-24 09:38:07 -07:00
Vinayak Goyal
7a5f4c47de Run kube-scheduler and kube-addon-manager as non root 2020-04-16 14:50:04 -07:00
Bartek Żurawski
3e4744c736 Set ip alias route on kubernetes-master during booting 2020-04-15 00:03:05 +02:00
Kubernetes Prow Robot
c0be582ca5 Merge pull request #89269 from Jefftree/network-proxy-beta 
Use v1beta1 for egress selector config
 2020-04-09 18:07:49 -07:00
Kubernetes Prow Robot
c7abf44a19 Merge pull request #88856 from yaseenhamdulay/patch-1 
Create etcd user in cloud-init master.yaml rather than in configure-h…
 2020-03-27 20:41:53 -07:00
Samuel Davidson
c70cd1e82f Changed readonly to true and type to File for authn/authz config. 2020-03-25 17:45:27 -07:00
Yaseen Hamdulay
58f78a53ee Add ssh_redirect_user 2020-03-24 11:30:48 +00:00
Kubernetes Prow Robot
de877ec26e Merge pull request #89327 from aojea/conntrack 
cluster: ipvs conntrack module vs kernel version
 2020-03-22 13:28:44 -07:00
Antonio Ojea
33810a99d9 cluster: ipvs conntrack module vs kernel version 
We should use 'nf_conntrack' instead of 'nf_conntrack_ipv4'
for linux kernel >= 4.19
 2020-03-21 11:23:28 +01:00
Jefftree
936f7665cf network proxy alpha -> beta 2020-03-19 11:49:47 -07:00
yaseenhamdulay
5de3c64ad0 Create etcd user in cloud-init master.yaml rather than in configure-helper.sh 
An etcd unix user is currently created in configure-helper.sh if it does not exist
on the master.

cloud-init is the only supported mechanism to add users on COS VMs. If an attempt
is made to add a key using OS Login or the instance metadata mechanism the
google_accounts_daemon will race with useradd and potentially attempt to use
the same UID. This will lock out any attempt to SSH into the VM. We therefore
migrate to using cloud-init to create this user and prevent this issue from occurring.
 2020-03-19 11:05:42 +00:00
Kubernetes Prow Robot
f899ad704a Merge pull request #89069 from enj/enj/i/drop_password_file 
Remove support for basic authentication
 2020-03-18 22:24:20 -07:00
Kubernetes Prow Robot
8055c92e26 Merge pull request #88125 from mwwolters/flex2healthz 
Switch flexvolume_node_setup.sh from kubelet RO port to healthz port
 2020-03-17 16:20:07 -07:00
Joe Betz
23c358d883 Fix unbound variable error in gce/configure.sh 
Looks like UBUNTU_INSTALL_RUNC_VERSION should be optional here.
 2020-03-12 16:41:25 -07:00
Monis Khan
df292749c9 Remove support for basic authentication 
This change removes support for basic authn in v1.19 via the
--basic-auth-file flag.  This functionality was deprecated in v1.16
in response to ATR-K8S-002: Non-constant time password comparison.

Similar functionality is available via the --token-auth-file flag
for development purposes.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-11 20:55:47 -04:00
Jefftree
6fd748e2c5 exit if KONNECTIVITY_SERVICE_PROXY_PROTOCOL_MODE is set incorrectly 2020-03-05 16:59:55 -08:00
Jefftree
06abedb063 Allow both GRPC and http-connect mode to be toggled 2020-03-05 16:16:59 -08:00
Jefftree
2a98cb7f8b Use GRPC mode for network proxy 2020-03-02 15:54:52 -08:00
Jefftree
0989770135 Update network proxy to v0.0.7 2020-03-02 10:09:00 -08:00
Jefftree
4c54241c3d Support token authentication for network proxy 2020-03-01 17:24:48 -08:00
Kubernetes Prow Robot
831dae75bf Merge pull request #88185 from vinayakankugoyal/appendandreplace 
append_or_replace_prefixed_line in /cluster/gce/gci/configure-helper.…
 2020-02-26 13:33:19 -08:00
Vinayak Goyal
388ebfe7d0 append_or_replace_prefixed_line in /cluster/gce/gci/configure-helper.sh fails for prefixes that contain quotes and = sign. 2020-02-24 17:35:36 -08:00
Kubernetes Prow Robot
6461e6f4fb Merge pull request #87179 from Jefftree/netproxy-uds 
UDS + GRPC Support for Network Proxy
 2020-02-20 21:20:32 -08:00
Jefftree
725d2b6a8f Network Proxy: GRPC + HTTP Connect with UDS 2020-02-20 10:19:37 -08:00
Benjamin Elder
4454ce6f37 fix shellcheck failures in health-monitor.sh 2020-02-14 16:12:18 -08:00
Mark Wolters
ba74c1cfb4 Switch flexvolume_node_setup.sh from kubelet RO port to healthz port 2020-02-13 09:58:51 -08:00
Kubernetes Prow Robot
78a02a223d Merge pull request #88010 from dims/support-for-adding-test-handler-for-containerd 
Support for adding test-handler for containerd
 2020-02-11 23:15:58 -08:00
Kubernetes Prow Robot
04cfa4981a Merge pull request #87463 from mwwolters/healthmon2healthz 
Migrate health monitor from read only port to healthz port
 2020-02-11 17:06:08 -08:00
Davanum Srinivas
8f764b113e Support for adding test-handler for containerd 2020-02-10 20:43:40 -05:00
Davanum Srinivas
da024f9a57 Ability to override versions of containerd/runc 2020-02-08 20:20:15 -05:00
Davanum Srinivas
acd286d95d Install containerd package depending on CONTAINER_RUNTIME 2020-02-08 17:53:37 -05:00
Davanum Srinivas
c4ef6a94b3 Add gid to config.toml only when docker group is present 
If we don't install docker and install just containerd apt packages,
there is no docker group. In this scenario, we should not add the gid to
config.toml
 2020-02-08 17:53:37 -05:00
Davanum Srinivas
2c93aa6ec3 Ensure kubectl is available in PATH by explicitly exporting the script 2020-02-07 09:05:07 -05:00
Davanum Srinivas
f20e17e9dd python snippets should work on both old and new python versions 2020-02-05 11:22:56 -05:00