github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags 1,019 MiB
479249b3a3
Commit Graph

3171 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
79960095dd
Merge pull request #91124 from barney-s/update_win_sd 
Bump Stackdriver version to 1.11
 2020-06-13 00:33:56 -07:00
Jing Xu
953597134b Add WINDOWS_CONTAINER_RUNTIME env vairable 
Now the default value of container runtime for linux is changed to
containerd. However, containerd is not ready to be used in Windows node.
THis PR adds a new env varabile to handle container runtime setup for
windows nodes. This way, linux and windows can set up their owe container runtime.
By default, linux uses containerd while windows uses dockerd
 2020-06-12 17:22:12 -07:00
Jefftree
c6b2b1fad3 Add health port to network proxy 2020-06-12 16:44:56 -07:00
Kubernetes Prow Robot
eff58cc003
Merge pull request #92034 from YangLu1031/master 
Flush cache to disk to persist configuration status
 2020-06-12 02:24:25 -07:00
Yang Lu
c84eb12357 Flush cache to disk to persist setup status 2020-06-11 05:15:30 -07:00
Davanum Srinivas
66015ff654
fix default CONTAINER_RUNTIME_ENDPOINT for docker 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-11 06:41:17 -04:00
Jordan Liggitt
ac5ec4aa80 Adjust admission webhook auth config for default-enabled admission plugins 2020-06-10 13:46:30 -04:00
Davanum Srinivas
1731cb30f5
Use containerd as default in kube-up.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-07 14:34:50 -04:00
Kubernetes Prow Robot
db152fdd7d
Merge pull request #91756 from wojtek-t/remove_etcd_empty_dir_cleanup 
Remove etcd-empty-dir-cleanup image
 2020-06-05 15:30:24 -07:00
Kubernetes Prow Robot
3509b46fc6
Merge pull request #91612 from bsdnet/gci 
Improve COS image document for E2E test
 2020-06-05 15:30:00 -07:00
Kubernetes Prow Robot
65821acd87
Merge pull request #91796 from pjh/repair-powershell 
Repair syntax error in Windows-GCE startup script
 2020-06-05 01:53:43 -07:00
wojtekt
ee27e5b8be Remove all references to etcd-empty-dir-cleanup. 2020-06-05 08:41:31 +02:00
Kubernetes Prow Robot
c0455a1853
Merge pull request #91154 from liggitt/signer-duration 
Mark experimental-cluster-signing-duration deprecated, add --cluster-signing-duration
 2020-06-04 17:59:45 -07:00
Peter Hornyack
0a4f3f64a7 Repair syntax error in Windows-GCE startup script 2020-06-04 17:45:38 -07:00
Vinayak Goyal
8daa9e6f77 Updating kube-controller-manager to run as non-root. 2020-06-02 14:07:00 -07:00
Roy Yang
3336d59ab2 Update COS/GCI document 
Signed-off-by: Roy Yang <royyang@google.com>
 2020-06-01 14:34:31 -07:00
Sascha Grunert
d2fc2d282d
Update cri-tools to v1.18.0 
This updates cri-tools to the latest release as well as pointing the
artifacts to the new Google Cloud Bucket `k8s-artifacts-cri-tools`.

This reverts commit ce1840d253.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-05-29 10:56:02 +02:00
Kubernetes Prow Robot
c1707541d8
Merge pull request #91456 from tosi3k/propagate-am-whitelist-override 
Propagate KUBECTL_PRUNE_WHITELIST_OVERRIDE to master kube-env
 2020-05-27 02:20:40 -07:00
Kubernetes Prow Robot
f91c1ef60e
Merge pull request #91370 from justaugustus/cni 
Update CNI to v0.8.6
 2020-05-26 13:38:01 -07:00
Antoni Zawodny
b1bd5113d4 Propagate KUBECTL_PRUNE_WHITELIST_OVERRIDE to master kube-env 2020-05-26 15:58:15 +02:00
Kubernetes Prow Robot
f01d848c48
Merge pull request #91329 from dims/switch-kube-controller-manager-to-distroless-image 
Switch kube-controller-manager to distroless image
 2020-05-22 17:23:10 -07:00
Stephen Augustus
b692502a9d Update CNI to v0.8.6 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-05-22 17:48:56 -04:00
Kubernetes Prow Robot
10caa46f6b
Merge pull request #91300 from dims/move-to-latest-etcd-3.4.7-2 
Switch over to new etcd 3.4.7-2 image
 2020-05-22 04:14:37 -07:00
Kubernetes Prow Robot
9e06faa1fb
Merge pull request #91240 from tosi3k/bump-am-version 
Update kube-addon-manager to v9.1.1
 2020-05-21 19:40:37 -07:00
Davanum Srinivas
b1742f19ef
Switch kube-controller-manager to distroless image 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-21 22:33:54 -04:00
Davanum Srinivas
bd835d8a1c
Switch over to new etcd 3.4.7-2 image 
Add a safety switch to stop doing anything if migrate failed. We
previously just ignored the exit code from migrate utility

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-21 22:16:08 -04:00
Kubernetes Prow Robot
c97c61ebe8
Merge pull request #91304 from karan/gcireviewer 
add karan to gci reviewer
 2020-05-20 19:42:20 -07:00
Kubernetes Prow Robot
52358fe010
Merge pull request #91228 from sambdavidson/iprotflags 
Add SNI flags usage to configure-*.sh
 2020-05-20 19:41:30 -07:00
Kubernetes Prow Robot
2f883e5802
Merge pull request #90618 from jingxu97/Mar/windows 
Install diskutil into GCE  windows node
 2020-05-20 19:40:33 -07:00
Samuel Davidson
20b37d6c5a Add IP rotation flags and env-vars to configure-*.sh 2020-05-20 13:07:37 -07:00
Karan Goel
451592c6a5 add karan to gci reviewer 2020-05-20 10:42:42 -07:00
Jacek Kaniuk
57caa27b8d Do not add kube-apiserver performance flags if already set 2020-05-20 19:05:16 +02:00
Antoni Zawodny
15e491eb2f Update kube-addon-manager to v9.1.1 2020-05-20 09:50:20 +02:00
Jing Xu
e71acffdfe Install diskutil into GCE windows node 
This PR installs a utility diskutil.exe into GCE windows node. This is a
workaround for csiproxy be able to get disk id by name. This utility
will be placed once issue is addressed.
 2020-05-19 18:36:16 -07:00
Jakub Przychodzeń
ce1840d253 Revert "Update cri-tools to v1.18.0" 
This reverts commit 4b3e023659.
 2020-05-19 11:19:39 +02:00
Kubernetes Prow Robot
e215a8772c
Merge pull request #91210 from tosi3k/dont-log-node-ip-range-to-stdout 
Log user provided NODE_IP_RANGE to stdout instead of stderr
 2020-05-18 13:34:08 -07:00
Antoni Zawodny
5ec2ff2d20 Remove logging user provided NODE_IP_RANGE to stderr 2020-05-18 16:59:27 +02:00
Sascha Grunert
4b3e023659
Update cri-tools to v1.18.0 
Bump cri-tools to the latest version and update test scripts.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-05-18 13:38:41 +02:00
Jordan Liggitt
950ed38996 Mark experimental-cluster-signing-duration deprecated, add --cluster-signing-duration 2020-05-15 14:09:58 -04:00
Barni S
d826b4b05c Bump Stackdriver version to 1.11 2020-05-14 18:45:17 -04:00
Tim Hockin
d681a04541 Force LICENSES refresh on GCE images 
Some test images have it baked in.
 2020-05-11 14:25:26 -07:00
Yuwen Ma
1aa67fc525
Switch core master base images from debian to distroless 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-09 06:55:00 -04:00
Kubernetes Prow Robot
7d53ecee37
Merge pull request #90575 from thockin/fix_license_again 
Reorganize vendor licenses again (revert #85220)
 2020-05-08 23:03:51 -07:00
Tim Hockin
325ea6e3c2 Restructure licenses again (revert cd4474a) 
This moves licenses of vendored code from one monolith file into a tree
of individual files for easier reviews.  This fixes both the bash and
bazel paths.
 2020-05-07 21:48:59 -07:00
Tim Hockin
9213616a23 Add better debug when GCE cluster turnups fail 2020-05-07 19:43:32 -07:00
Walter Fender
339918d206 Add admin account on master for kube-up 
Creates a master local admin account.
If you are on the master you can now run kubectl.
For issue 87481.
 2020-05-06 17:19:58 -07:00
Kubernetes Prow Robot
14eb291084
Merge pull request #90751 from yliaog/windep 
Removed leftover comments for the deleted function Get_MgmtSubnet
 2020-05-05 20:03:09 -07:00
Yu Liao
eb6ee368b9 Removed leftover comments for the deleted function Get_MgmtSubnet 2020-05-04 21:25:51 -07:00
Davanum Srinivas
0d38f21932
Use bionic repo for docker as focal is not yet available 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-03 16:50:49 -04:00
Kubernetes Prow Robot
15d6c9a5ea
Merge pull request #90605 from yliaog/windep 
switched to default non-masquerade destination ranges
 2020-05-01 00:41:54 -07:00
Jie Shen
c71a25e912
Fix shellcheck warnings/errors in cluster/gce/upgrade.sh (#88576) 
* Fix shellcheck warnings/errors in cluster/gce/upgrade.sh

* Update cluster/gce/upgrade.sh

Co-Authored-By: Slava Semushin <slava.semushin@gmail.com>

Co-authored-by: Slava Semushin <slava.semushin@gmail.com>
 2020-04-30 21:26:06 -07:00
Yu Liao
9684c13fba switched to default non-masquerade destination ranges 2020-04-30 12:29:34 -07:00
Kubernetes Prow Robot
7229e13036
Merge pull request #90423 from neolit123/1.19-move-cluster-bash-to-util 
/cluster: add / update OWNERS labels
 2020-04-29 04:52:24 -07:00
Kubernetes Prow Robot
e494b0788b
Merge pull request #89543 from bartekzurawski/fix-kube-up-gce-private-restart 
Set ip alias route on kubernetes-master during booting
 2020-04-24 09:38:07 -07:00
Lubomir I. Ivanov
c0387ab3ac /cluster: add / update OWNERS 2020-04-24 03:21:07 +03:00
Kubernetes Prow Robot
1bcd49d5cd
Merge pull request #90156 from vinayakankugoyal/nonroot 
Run kube-scheduler and kube-addon-manager as non root
 2020-04-22 19:21:46 -07:00
toyoda
a01b1dada5 Fix shellcheck failure in cluster/gce/config-default.sh 2020-04-17 16:11:58 +09:00
Vinayak Goyal
7a5f4c47de Run kube-scheduler and kube-addon-manager as non root 2020-04-16 14:50:04 -07:00
Kubernetes Prow Robot
aed3f05495
Merge pull request #88459 from joakimr-axis/joakimr-axis_config-test.sh 
Fix shellcheck warnings/errors in cluster/gce/config-test.sh
 2020-04-14 15:38:02 -07:00
Bartek Żurawski
3e4744c736 Set ip alias route on kubernetes-master during booting 2020-04-15 00:03:05 +02:00
Kubernetes Prow Robot
ea2d784545
Merge pull request #89895 from jingyih/update_etcd_server_3p4p7 
Update default etcd server to 3.4.7 in k8s v1.19
 2020-04-14 12:34:06 -07:00
jingyih
394df132bd Update default etcd server to 3.4.7 2020-04-13 14:37:56 -07:00
Kubernetes Prow Robot
c0be582ca5
Merge pull request #89269 from Jefftree/network-proxy-beta 
Use v1beta1 for egress selector config
 2020-04-09 18:07:49 -07:00
Joakim Roubert
21bef7536c Fix shellcheck warnings/errors in cluster/gce/config-test.sh 
Change-Id: I3760337aa345ca5b801587ea12c971a95168f7d7
Signed-off-by: Joakim Roubert <joakimr@axis.com>
 2020-04-09 08:30:13 +02:00
Jordan Liggitt
5534c12dad Fix priorityClass typo, add numeric priority to static pods 2020-04-08 15:33:39 -04:00
Kubernetes Prow Robot
4ae223fbff
Merge pull request #84904 from clarklee92/FixShellCheck 
Fix shell check
 2020-04-06 19:09:58 -07:00
Kubernetes Prow Robot
fa6b9bec81
Merge pull request #89759 from cheftako/master 
Switch COS image to m81.
 2020-04-04 02:57:46 -07:00
Kubernetes Prow Robot
81a0e2f62b
Merge pull request #85923 from MrHohn/sig-gcp-owner-file 
Migrate OWNERS file to apply the area/provider/gcp label
 2020-04-02 19:03:46 -07:00
Mateusz Matejczyk
9639464e43 Propagate CONCURRENT_SERVICE_SYNCS to node env 2020-04-02 14:38:41 +02:00
Walter Fender
31393df6ee Switch COS image to m81. 2020-04-02 00:18:31 -07:00
Kubernetes Prow Robot
6a552da932
Merge pull request #89664 from spiffxp/ignore-list-resources-fails 
Allow list-resources.sh to continue if a resource fails to list
 2020-03-31 20:03:41 -07:00
Aaron Crickenberger
52653195f6 Allow list-resources.sh to continue if a resource fails to list 
The list-resources.sh script is used solely by our CI, specifically
kubernetes/test-infra/kubetest with the --check-leaked-resources
flag. Currently if a single resource fails to list, we fail the entire
job.

I think this is too brittle. A review of previous issues on
kubernetes/kubernetes that relate to failure of this script shows that
the issues usually resolve themselves, or would be caught by the diff
of before/after.

Let's instead allow the script to continue listing all resources,
and let kubetest's resource diff fail the job.
 2020-03-30 12:01:29 -07:00
Peter Hornyack
72f58ae4ff Bump GCE Windows pause image version 
pause-win:1.2.1 is based on the March Windows container base images for
both LTSC 2019 and SAC 1909.
 2020-03-30 11:30:53 -07:00
Kubernetes Prow Robot
24d8a17f70
Merge pull request #89601 from pjh/gce-march-images 
Update GCE Windows node images with March's Windows updates
 2020-03-30 08:22:29 -07:00
Kubernetes Prow Robot
c7abf44a19
Merge pull request #88856 from yaseenhamdulay/patch-1 
Create etcd user in cloud-init master.yaml rather than in configure-h…
 2020-03-27 20:41:53 -07:00
Peter Hornyack
55df85ba37 Update GCE Windows node images with March's Windows updates 2020-03-27 15:44:08 -07:00
Peter Hornyack
3583816112 Fix INFRA_CONTAINER variable references 
Tested:
NUM_NODES=2 NUM_WINDOWS_NODES=2 KUBE_GCE_ENABLE_IP_ALIASES=true \
  KUBERNETES_NODE_PLATFORM=windows \
  LOGGING_STACKDRIVER_RESOURCE_TYPES=new \
  KUBE_UP_AUTOMATIC_CLEANUP=true \
  WINDOWS_NODE_OS_DISTRIBUTION=win2019 \
  ./cluster/kube-up.sh
 2020-03-26 19:30:39 -07:00
Kubernetes Prow Robot
08ce946e09
Merge pull request #89257 from jprzychodzen/fix-create 
Util script - move variables setting for replicated master to outer if
 2020-03-26 14:10:36 -07:00
Kubernetes Prow Robot
a9f6b93b62
Merge pull request #89498 from sambdavidson/mount-tweak 
Changed readonly to true and type to "File" for authn/authz config.
 2020-03-26 12:48:43 -07:00
Kubernetes Prow Robot
295b53f7b4
Merge pull request #89214 from jingyih/update_etcd_server_3p4p4 
Update default etcd server to 3.4.4 in k8s v1.19
 2020-03-26 01:14:24 -07:00
Samuel Davidson
c70cd1e82f Changed readonly to true and type to File for authn/authz config. 2020-03-25 17:45:27 -07:00
Yaseen Hamdulay
58f78a53ee Add ssh_redirect_user 2020-03-24 11:30:48 +00:00
Kubernetes Prow Robot
de877ec26e
Merge pull request #89327 from aojea/conntrack 
cluster: ipvs conntrack module vs kernel version
 2020-03-22 13:28:44 -07:00
Antonio Ojea
33810a99d9 cluster: ipvs conntrack module vs kernel version 
We should use 'nf_conntrack' instead of 'nf_conntrack_ipv4'
for linux kernel >= 4.19
 2020-03-21 11:23:28 +01:00
Yu Liao
50c0827856 infra_container is passed in as env variable 2020-03-20 10:50:25 -07:00
Jakub Przychodzeń
f48268d13b Util script - move variables setting for replicated master to outer if 2020-03-20 12:42:44 +01:00
Jefftree
936f7665cf network proxy alpha -> beta 2020-03-19 11:49:47 -07:00
yaseenhamdulay
5de3c64ad0 Create etcd user in cloud-init master.yaml rather than in configure-helper.sh 
An etcd unix user is currently created in configure-helper.sh if it does not exist
on the master.

cloud-init is the only supported mechanism to add users on COS VMs. If an attempt
is made to add a key using OS Login or the instance metadata mechanism the
google_accounts_daemon will race with useradd and potentially attempt to use
the same UID. This will lock out any attempt to SSH into the VM. We therefore
migrate to using cloud-init to create this user and prevent this issue from occurring.
 2020-03-19 11:05:42 +00:00
Kubernetes Prow Robot
f899ad704a
Merge pull request #89069 from enj/enj/i/drop_password_file 
Remove support for basic authentication
 2020-03-18 22:24:20 -07:00
jingyih
f9e0e4c6b4 Update default etcd server to 3.4.4 2020-03-18 00:27:46 -07:00
Kubernetes Prow Robot
8055c92e26
Merge pull request #88125 from mwwolters/flex2healthz 
Switch flexvolume_node_setup.sh from kubelet RO port to healthz port
 2020-03-17 16:20:07 -07:00
Kubernetes Prow Robot
a6f209c1c0
Merge pull request #86259 from rajansandeep/corednsto1.6.6-kube-up 
Bump CoreDNS version to 1.6.7 [kube-up]
 2020-03-17 16:19:26 -07:00
Kubernetes Prow Robot
ff21f45680
Merge pull request #89095 from losipiuk/lo/ca-1.18.0 
Bump Cluster-Autoscaler to 1.18.0
 2020-03-13 07:04:40 -07:00
Joe Betz
23c358d883
Fix unbound variable error in gce/configure.sh 
Looks like UBUNTU_INSTALL_RUNC_VERSION should be optional here.
 2020-03-12 16:41:25 -07:00
Łukasz Osipiuk
c957b2509f Bump Cluster-Autoscaler to 1.18.0 2020-03-12 21:33:18 +01:00
Monis Khan
df292749c9
Remove support for basic authentication 
This change removes support for basic authn in v1.19 via the
--basic-auth-file flag.  This functionality was deprecated in v1.16
in response to ATR-K8S-002: Non-constant time password comparison.

Similar functionality is available via the --token-auth-file flag
for development purposes.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-11 20:55:47 -04:00
Łukasz Osipiuk
6be4d0a705 Bump Cluster-Autoscaler to cluster-autoscaler:v1.18.0-beta.1 2020-03-11 16:16:30 +01:00
Kubernetes Prow Robot
988982a1f7
Merge pull request #88048 from mtaufen/provider-info-e2etest 
Add e2e test for validating JWTs as OIDC tokens
 2020-03-06 17:59:34 -08:00
Kubernetes Prow Robot
b9cd76519e
Merge pull request #88869 from Jefftree/egress_flag 
[Network Proxy] Allow both grpc and http-connect mode to be toggled in kube-up
 2020-03-05 21:40:05 -08:00
Jefftree
6fd748e2c5 exit if KONNECTIVITY_SERVICE_PROXY_PROTOCOL_MODE is set incorrectly 2020-03-05 16:59:55 -08:00