github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
100,607 Commits 1 Branch 31 Tags
20f320c6bdea93dce1ef0333958d105b7e051045
Commit Graph

3464 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
e8cf412e5e Merge pull request #101881 from vinayakankugoyal/konnectivity 
Update konnectivity network proxy server to run as non-root, by defau…
 2021-05-13 23:16:04 -07:00
Vinayak Goyal
b951b9349f Update konnectivity network proxy server to run as non-root, by default in kube-up. 2021-05-13 12:35:34 -07:00
Avritt Rohwer
0a5a697882 Fix bug in retry-forever usage. 
- Push retry-forever wrapping to curl invocations.
- Collect curl retry flags into a single variable.
- Remove 'sudo: false' in master.yaml, is unnecessary and breaks older
  cloud-init versions.
- Change log-error status reason to be more accurate.
- Fix the some 'python' invocations to 'python3'.
 2021-05-12 09:22:20 -07:00
Kubernetes Prow Robot
1bd00776b5 Merge pull request #101874 from tallclair/owners 
Remove tallclair for gce owners
 2021-05-10 13:49:48 -07:00
Kubernetes Prow Robot
7563d3092e Merge pull request #96216 from knight42/refactor/disable-insecure-port-in-ctrler-mgr 
refactor: disable insecure serving in controller-manager
 2021-05-10 13:49:36 -07:00
Tim Allclair
9d349b6d21 Remove tallclair for gce owners 2021-05-10 10:21:17 -07:00
Kubernetes Prow Robot
8b1c82a34c Merge pull request #101772 from swetharepakula/bump-glbc-image 
Update glbc image to v1.12.0
 2021-05-06 22:05:02 -07:00
Kubernetes Prow Robot
ca0c04e4d3 Merge pull request #101164 from vinayakankugoyal/apiservernonroot 
Run control-plane as non root in kube-up.
 2021-05-06 17:33:14 -07:00
Swetha Repakula
8c8db0d8e9 Update glbc image to v1.12.0 
- glbc now uses networking.k8s.io/v1 Ingress
 2021-05-06 15:20:05 -07:00
Kubernetes Prow Robot
1f3fd1cb80 Merge pull request #101751 from vinayakankugoyal/sshproxy 
Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as…
 2021-05-06 15:15:51 -07:00
Kubernetes Prow Robot
8955f55fcf Merge pull request #101678 from vinayakankugoyal/goodbye-basicauth 
Remove remnants of basic auth from cluster bootstrap.
 2021-05-06 14:14:14 -07:00
Vinayak Goyal
6aa495ddc6 Revert - Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-06 14:02:53 -07:00
Kubernetes Prow Robot
add13090e2 Merge pull request #101732 from spencer-p/master 
Promote kube-addon-manager to v9.1.5
 2021-05-05 18:49:17 -07:00
Vinayak Goyal
487583bd0a Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 15:23:04 -07:00
Vinayak Goyal
406ceae991 Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 14:49:59 -07:00
Vinayak Goyal
5d8c89b164 Run control-plane as non root in kube-up. 2021-05-05 14:46:28 -07:00
Jeremy Edwards
daa5be1d01 GCE Windows: Do not install docker when containerd CRI is selected. 2021-05-05 21:06:33 +00:00
Kubernetes Prow Robot
7d176851f2 Merge pull request #100612 from pacoxu/patch-8 
kubeadm: upgrade etcd to 3.4.13-3
 2021-05-05 07:11:27 -07:00
Spencer Peterson
a119b767d0 Promote kube-addon-manager to v9.1.5 
Change-Id: Iffebad61634831b0c34eb54517a2543c75c55d68
 2021-05-04 12:14:52 -07:00
David Porter
dac06aefb0 Revert "Revert "cluster: Use python3 everywhere"" 
This reverts commit 7038338e0f.
 2021-05-03 21:43:15 -07:00
Jian Zeng
e481d99965 refactor: disable insecure serving in controller-manager 
Now the following flags have no effect and would be removed in v1.24:
* `--port`
* `--address`

The insecure port flags `--port` may only be set to 0 now.

Signed-off-by: Jian Zeng <zengjian.zj@bytedance.com>
 2021-05-03 00:01:49 +08:00
Kubernetes Prow Robot
c5b900b69c Merge pull request #97399 from davidxia/comment-typo 
Fix typo in comment
 2021-05-01 04:57:59 -07:00
Vinayak Goyal
b87762966d Remove remnants of basic auth from cluster bootstrap. 2021-04-30 11:23:14 -07:00
Jeremy Edwards
5c713379a0 GCE Windows: mkdir -p fluent-bit pos-files directory. 2021-04-29 22:52:38 +00:00
Kubernetes Prow Robot
f631c0e520 Merge pull request #101271 from jeremyje/fixfb 
Fix fluent-bit configuration for GCE Windows.
 2021-04-27 19:06:49 -07:00
Paco Xu
7038338e0f Revert "cluster: Use python3 everywhere" 2021-04-26 11:21:44 +08:00
David Porter
3f87f4f278 Use python3 everywhere 2021-04-23 14:33:58 -07:00
Kubernetes Prow Robot
ae35c6f10c Merge pull request #101255 from basantsa1989/stack-type 
Adding stack-type to gce cloud config (to be used for dual stack in legacy-cloud-providers gce code)
 2021-04-22 15:55:28 -07:00
Jeremy Edwards
e62301c87d Fix fluent-bit configuration for GCE Windows. 2021-04-22 20:04:54 +00:00
Kubernetes Prow Robot
6aa683e9cf Merge pull request #100639 from zshihang/proxy 
dnat to 169.254.169.252 for metadata server traffic
 2021-04-21 11:15:51 -07:00
Kubernetes Prow Robot
41505f7109 Merge pull request #101176 from jkh52/master 
kube-master-installation: improve systemd cross-unit robustness.
 2021-04-20 00:42:45 -07:00
Kubernetes Prow Robot
46b0ad1327 Merge pull request #101207 from vinayakankugoyal/sshproxy 
If kube-apiserver is running as non-root then set the permissions of …
 2021-04-19 17:24:33 -07:00
Joseph Anttila Hall
05bcc72dc2 kube-master-installation: reboot on failure. 
Also some minor reliability tweaks.
 2021-04-19 17:16:21 -07:00
Vinayak Goyal
94e34da471 If kube-apiserver is running as non-root then set the permissions of /etc/srv/sshproxy accordingly. 2021-04-19 13:16:06 -07:00
Basant Amarkhed
e15d811652 Adding stack-type to cloud config (to be used for dual stack in legacy-cloud-providers code) 2021-04-19 19:06:55 +00:00
Shihang Zhang
297ad30610 dnat to 169.254.169.252 for metadata server traffic 2021-04-19 10:47:51 -07:00
Kubernetes Prow Robot
28c877dcb6 Merge pull request #101043 from benhxy/tls-2 
Use GKE specific configuration for kubeconfig file generation
 2021-04-16 11:54:51 -07:00
Kubernetes Prow Robot
7ecd93ea1e Merge pull request #100764 from benhxy/tls 
Use GKE specific configuration for kube-apiserver SNI cert
 2021-04-15 19:52:22 -07:00
Jeremy Edwards
c22f001a1b GCE Windows: Use authenticated HTTP GET against GCS if VM has cloud-platform scope. 2021-04-15 23:30:19 +00:00
Kubernetes Prow Robot
0d0d1889ed Merge pull request #100930 from swetharepakula/update-glbc-image 
Update glbc image in glbc addon
 2021-04-15 12:59:01 -07:00
Kubernetes Prow Robot
24350a922e Merge pull request #101086 from enj/enj/i/auth_owners_gen 
Prune stale entries from OWNERS files
 2021-04-15 08:27:50 -07:00
pacoxu
9847579699 gcp/kubeadm: upgrade etcd to 3.4.13-3 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-04-15 11:19:41 +08:00
Maciej Borsz
493adbada9 Do not grep for curl --help for --retry-connrefused 2021-04-14 08:32:21 +02:00
Swetha Repakula
f882eadbdc Update glbc image in addon 2021-04-13 19:32:03 -07:00
Kubernetes Prow Robot
f1c037889d Merge pull request #100770 from avrittrohwer/configure-script-logging 
Add configure script logging instrumentation
 2021-04-13 18:06:42 -07:00
Monis Khan
91241eac9b Prune stale entries from OWNERS files 
Signed-off-by: Monis Khan <mok@vmware.com>
 2021-04-13 20:54:50 -04:00
Kubernetes Prow Robot
318db993c8 Merge pull request #101020 from cindy52/bugfix/etcd 
Change file owner of /mnt/disks/master-pd/var/etcd  instead of /var/etcd
 2021-04-13 12:09:47 -07:00
Avritt Rohwer
d4495183c9 Add configure script logging instrumentation. 
- Add log functions to facilitate debug logging.
- Wrap commands called in main with debug logging.
- Configure a systemd service to forward the logs to the serial port.
- Add a 'retry-forever' function to harden download steps.
- Add default value support to 'get-metadata-value' function.
- Fix some spellcheck lints.
 2021-04-13 09:30:49 -07:00
Ben Hu
e3270e532c GKE specific kubeconfig 2021-04-12 22:47:39 +00:00
Ben Hu
ccb742c43c Resolve comments. Remove kubeconfig changes. 2021-04-12 22:39:53 +00:00