github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags 1,019 MiB
479249b3a3
Commit Graph

3171 Commits

Author SHA1 Message Date
k8s-merge-robot
0c089dcf11 Merge pull request #15265 from andyzheng0831/trusty 
Auto commit by PR queue bot
 2015-10-08 14:51:10 -07:00
Piotr Szczesniak
952a058357 Merge pull request #15153 from wojtek-t/common_resync_period 
Extend resyncPeriods in controllers in production.
 2015-10-08 14:07:04 +02:00
Piotr Szczesniak
7bbb7a2d9f Merge pull request #15219 from wojtek-t/change_default_to_test 
Unify default and test configuration in GCE
 2015-10-08 11:12:23 +02:00
Wojciech Tyczynski
df79026b79 Extend resyncPeriods in controllers in production. 2015-10-08 09:10:09 +02:00
Andy Zheng
3a5f3f0615 Enable privileged containers in Trusty nodes 
This change also removes an outdated TODO comment.
 2015-10-07 15:10:14 -07:00
Dawn Chen
c29296f9a8 Set manifest-url-header when enable_manifest_url is set 2015-10-07 13:27:03 -07:00
Jeff Grafton
0e29d81904 Print error messages to stderr 2015-10-07 11:19:32 -07:00
Wojciech Tyczynski
d16995b24b Unify default and test configuration in GCE 2015-10-07 12:47:28 +02:00
Jeff Grafton
efd3968335 Add a timeout for GCE cluster initialization 2015-10-06 19:39:55 -07:00
Alex Robinson
55278545a4 Also delete firewall rules and static IP addresses from stranded GCE LBs 2015-10-06 18:28:06 -07:00
Alex Robinson
9f80b87843 Fix hard-coded project IDs and region in script for deleting stranded LBs 2015-10-06 18:24:41 -07:00
Jeff Grafton
004c3bc7ad Add script to use gcloud to print GCP resources used. 2015-10-06 17:38:34 -07:00
Dawn Chen
37720e8899 unset Kubelet flag for manifest_url for master node. 2015-10-06 17:33:29 -07:00
k8s-merge-robot
57a08b5563 Merge pull request #15148 from piosz/registry-addon 
Auto commit by PR queue bot
 2015-10-06 14:43:45 -07:00
Abhi Shah
aa9957e754 Merge pull request #15035 from ArtfulCoder/admissionChange 
Removed DenyEscalatingExec from the list of default admission control…
 2015-10-06 14:25:12 -07:00
Abhishek Shah
a1b6dbe870 Removed DenyEscalatingExec from the list of default admission controllers. 2015-10-06 13:35:32 -07:00
Piotr Szczesniak
ee815a87d9 Disabled cluster registry addon by default 2015-10-06 10:53:29 +02:00
Mike Danese
833be48d61 enable all experimental flags with one controller 2015-10-05 14:54:19 -07:00
Ananth Suryanarayana
d50d7763da Add opencontrail networking provisioning support in kubernetes salt based provisioning 
OpenContrail is an open-source based networking software which provides virtualization support for the cloud.

This change-set adds ability to install and provision opencontrail software for networking in kubernetes based cloud environment.

There are basically 3 components

o kube-network-manager -- plugin between contrail components and kubernets components
o provision_master.sh -- OpenContrail software installer and provisioner in master node
o provision_minion.sh -- OpenContrail software installer and provisioner in minion node(s)

These are driven via salt configuration files

One can provision opencontrail by just setting "export NETWORK_PROVIDER=opencontrail"
Optionally, OPENCONTRAIL_TAG, and OPENCONTRAIL_KUBERNETES_TAG can be used to
specify opencontrail and contrail-kubernetes software versions to install and provision.

Public-IP Subnet provided by contrail can be configured via OPENCONTRAIL_PUBLIC_SUBNET
environment variable

At this moment, plan is to add support for aws, gce and vagrant based platforms

For more information on contrail-kubernetes, please visit https://github.com/juniper/contrail-kubernetes For more information on opencontrail, please visit http://www.opencontrail.org
 2015-10-03 08:03:02 -07:00
k8s-merge-robot
e29eab2a75 Merge pull request #14804 from brendandburns/fix3 
Auto commit by PR queue bot
 2015-10-02 17:09:38 -07:00
Brendan Burns
9cf5cc6641 Add a utility to clean up stranded load balancers. 2015-09-30 11:16:03 -07:00
Mike Danese
ed23abe181 Merge pull request #14690 from mikedanese/fix-2 
trim mig template name if it's over the gce validated length limit
 2015-09-30 10:52:43 -07:00
Mike Danese
05355145b9 trim mig template name if it's over the gce validated length limit 2015-09-29 11:52:35 -07:00
Mike Danese
5b58a6cb34 sanitize + in KUBE_VERSION during gce upgrade 2015-09-28 17:35:34 -07:00
Marek Grabowski
f8a9943d90 Merge pull request #14651 from mwielgus/cluster_request 
Add cpu/mem reservation metrics for autoscaler in kube-up
 2015-09-28 17:40:05 +02:00
Marcin Wielgus
659c18110a Add cpu/mem reservation metrics to autoscaler kube-up 2015-09-28 14:12:18 +02:00
gmarek
dd3bd73948 Initial Kubemark commit 2015-09-28 11:39:05 +02:00
Brian Grant
3cbd5f01a0 Merge pull request #13044 from roberthbailey/kubelet-healthcheck 
Healthcheck the kubelet on the secure port rather than the read-only port.
 2015-09-25 11:11:51 -07:00
Marcin Wielgus
039acb8c1d Merge pull request #14463 from nikhiljindal/DeploymentOnGCE 
Allow enabling deployment controller on GCE and GKE
 2015-09-25 13:47:36 +02:00
Chao Xu
ae1293418b move experimental/v1 to experimental/v1alpha1; 
use "group/version" in many places where used to expect "version" only.
 2015-09-24 15:32:11 -07:00
nikhiljindal
ed5d24ed52 Allow enabling deployment controller on GCE and GKE 2015-09-24 11:37:16 -07:00
Jerzy Szczepkowski
c8238c079a E2E tests for horizontal pod autoscaler. 
Fixes & tuning in horiontal pod autoscaler and its e2e tests; two of the tests added to "Autoscaling suite".
 2015-09-24 14:14:35 +02:00
Piotr Szczesniak
9a1ec3dfb5 Added GCM support for Initial Resources plugin 2015-09-21 09:01:54 +02:00
k8s-merge-robot
445fde3dc5 Merge pull request #13447 from pweil-/pid-mode 
Auto commit by PR queue bot
 2015-09-16 23:34:35 -07:00
Robert Bailey
da94ed7957 Healthcheck the kubelet on the secure port rather than the read-only port. 2015-09-16 12:15:29 -07:00
k8s-merge-robot
8385c148ba Merge pull request #13936 from andyzheng0831/trusty 
Auto commit by PR queue bot
 2015-09-16 05:29:18 -07:00
k8s-merge-robot
d5b33614c3 Merge pull request #14001 from kubernetes/revert-13866-test-grace-period 
Auto commit by PR queue bot
 2015-09-15 20:21:45 -07:00
Jeff Lowdermilk
a1294e6401 Merge pull request #13762 from runningwild/PR 
More fixes to rkt support
 2015-09-15 17:34:06 -07:00
Andy Zheng
7427387938 Add trusty node health monitoring 
Upstart monitors the process of docker, kubelet, and kube-proxy.
This change adds an upstart job running as daemon to conduct
non-PID health monitoring.
 2015-09-15 15:09:45 -07:00
Marek Grabowski
cda68cbeb5 Revert "Lower the grace period for Pod eviction for e2e clusters" 2015-09-15 17:55:37 -04:00
Paul Weil
ed80c2b940 pid mode 2015-09-15 13:51:44 -04:00
gmarek
645c9153d4 Lower the grace period for Pod eviction for e2e clusters 2015-09-11 13:55:15 -04:00
Jerzy Szczepkowski
5be8817315 Turning on pod autoscaler on GCE. 
Implemented optional turning on of pod autoscaler in kube-up script for GCE.
 2015-09-11 12:03:41 +02:00
Jeff Lowdermilk
08442974bb Revert "Turning on pod autoscaler on GCE." 2015-09-10 11:46:37 -07:00
Jerzy Szczepkowski
b41862b670 Turning on pod autoscaler on GCE. 
Implemented optional turning on of pod autoscaler in kube-up script for GCE.
 2015-09-10 16:10:01 +02:00
Mike Danese
b104f660da enable the experimental API group in e2e tests 2015-09-09 15:26:32 -07:00
Jonathan Wills
5d38a8f024 Create /etc/rkt on startup 2015-09-09 16:52:25 -04:00
Jonathan Wills
05617a4583 Add CLUSTER_REGISTER_DISK and CLUSTER_REGISTRY_DISK_SIZE to gce/coreos 2015-09-09 16:52:25 -04:00
Isaac Hollander McCreery
219a1fae62 Second attempt at GCE tokens behavior to new format 2015-09-04 08:36:55 -07:00
Piotr Szczesniak
e285af9b20 Merge pull request #13390 from derekwaynecarr/remove_namespace_exists 
Remove NamespaceExists from configuration
 2015-09-04 13:44:40 +02:00
Jerzy Szczepkowski
2684018bb5 Configurations of jenkins e2e cluster and default private e2e cluster made consistent. 
Configurations of jenkins e2e cluster and default private e2e cluster made consistent.
 2015-09-04 09:15:01 +02:00
derekwaynecarr
06bbe00642 Remove NamespaceExists from configuration 2015-09-03 13:42:09 -04:00
Andy Zheng
9f28e784dc Support kube-registry-proxy addon in trusty nodes 2015-08-27 07:46:50 -07:00
Piotr Szczesniak
7ad0f96688 Revert "Make MASTER_IP_RANGE master-only" 2015-08-27 10:52:21 +02:00
Yu-Ju Hong
1c7ebc4a62 Merge pull request #13213 from mbforbes/removeMasterIpRange 
Make MASTER_IP_RANGE master-only
 2015-08-26 13:04:04 -07:00
Yu-Ju Hong
09446c7a49 Merge pull request #13214 from mbforbes/todos 
Pass mbforbes TODOs to others.
 2015-08-26 13:02:27 -07:00
Max Forbes
8ca0654f94 Pass mbforbes TODOs to others. 2015-08-26 10:05:34 -07:00
Max Forbes
48801da130 Make MASTER_IP_RANGE master-only 2015-08-26 09:53:08 -07:00
Amy Unruh
5b6c5823da fix error in 'rm' path instructions to force restaging 2015-08-26 08:10:51 -07:00
Nikhil Jindal
411d78dac3 Merge pull request #13068 from jlowdermilk/no-reuse-auth 
Don't reuse credentials on cluster create
 2015-08-24 15:56:36 -07:00
Jeff Lowdermilk
438216844f Stop reusing basic auth on cluster create 2015-08-22 11:45:46 -07:00
Zach Loafman
5fe7029e68 Merge pull request #13008 from andyzheng0831/node-yaml 
Add continuous tests support for trusty nodes
 2015-08-21 18:59:21 -07:00
Zach Loafman
185b5af26f Merge pull request #12833 from uluyol/insecure-reg 
Launch a cluster-local registry.
 2015-08-21 14:58:37 -07:00
Andy Zheng
f302130ad9 Add continuous tests support for trusty nodes 
Also fix the starting condition of kube-install-additional-packages
upstart job.
 2015-08-21 14:39:55 -07:00
Jeff Lowdermilk
f0b5c5b7b8 fix mig command for gce 2015-08-21 11:19:46 -07:00
Jerzy Szczepkowski
755287ca3a Merge pull request #12988 from andyzheng0831/bug 
Fix some env variable settings in test config.
 2015-08-21 08:39:32 +02:00
Muhammed Uluyol
82638f8b29 Add conversion function from GCE storage units to kubernetes units. 2015-08-20 18:44:12 -07:00
Muhammed Uluyol
14b554cef6 Use a persistent volume for the docker registry. 2015-08-20 18:44:11 -07:00
Muhammed Uluyol
7129d477d3 Launch a cluster-local registry. 
This registry can be accessed through proxies that run on each node
listening on port 5000. We send the proxy images to the nodes directly
to avoid requests that hit the network during cluster launch. For now,
we continue to pull the registry itself over the network, especially
given its large size (we should be able to dramatically shrink the
image). On GCE we create a PD and use that for storage, otherwise we
use an emptyDir. The registry is not enabled outside of GCE. All
communication is currently plain HTTP. In order to use SSL, we will
need to be able to request a certificate/key from the apiserver signed
by the apiserver's CA cert.
 2015-08-20 18:44:05 -07:00
Saad Ali
9b01580946 Merge pull request #12872 from runningwild/master 
Fix several problems with using rkt on gce
 2015-08-20 15:46:16 -07:00
Andy Zheng
7bdc530822 Fix some env variable settings in test config. 
These environmental variables are incorrectly set to string
"TEST_CLUSTER_LOG_LEVEL", instead of the value of the variable
"${TEST_CLUSTER_LOG_LEVL}".
 2015-08-20 11:46:12 -07:00
Wojciech Tyczynski
a18a07e5cf Merge pull request #12897 from wojtek-t/fix_gcloud_preview 
Stop using deprecated gcloud commands
 2015-08-20 10:51:52 +02:00
Andy Zheng
ee913b1273 Use yaml format for trusty node kube-env 
It uses the same function as Debian to create the yaml format
node kube-env file.
 2015-08-19 10:05:44 -07:00
Jonathan Wills
80e799fc0c Allow configuring the rkt binary in a kubelet with a flag. 
This is necessary because coreos comes with rkt installed, and if we want to use a different version
we need some way to avoid the default one.
 2015-08-19 09:42:13 -04:00
Wojciech Tyczynski
1feb78be66 Stop using deprecated commands 2015-08-19 12:19:08 +02:00
Jonathan Wills
a68e819e60 Fix rkt binary path 2015-08-18 16:15:01 -04:00
Jonathan Wills
bf08da0fdc change coreos node env file from yaml to KEY=VALUE 2015-08-18 16:15:01 -04:00
Robert Bailey
6afa0e1f95 Don't register the master node into the cluster by default. 2015-08-17 19:17:17 -07:00
Andy Zheng
11c823abd8 Fix some settings of trusty nodes 
It fixes kubelet and kube-proxy command line options, fixes a typo,
and adds installation of nsenter package if it is not present.
 2015-08-17 14:27:30 -07:00
Eric Paris
13822bceae Fix build breakage due to ubuntu invalid flag usage 
In PR #12543 / commit fef1ede240
Flags were used with `_` instead of `-`. This broke the build.
 2015-08-16 20:30:59 -05:00
Andy Zheng
fef1ede240 Add config to run minions on GCE using Ubuntu. 
It is for running nodes on Ubuntu image upto 14.04 LTS (Trusty).
The change for running master on Ubuntu will be added later.
The configuration consists of several upstart jobs, which is
passed to node instances through GCE metadata and parsed by cloud-init.
 2015-08-13 16:40:09 -07:00
CJ Cullen
9f009df1cb Merge pull request #12541 from dchen1107/fix 
Fix kube-push using gcloud compute instance-groups managed set-instance-template
 2015-08-11 15:25:40 -07:00
Dawn Chen
4b99aafc4c Fix kube-push using gcloud compute instance-groups managed set-instance-template` 2015-08-11 10:28:59 -07:00
Alex Robinson
e13b00eddc Merge pull request #12436 from runningwild/PR 
Install rkt to a directory that doesn't require environment variables…
 2015-08-10 13:30:20 -07:00
Alex Robinson
34f164a470 Merge pull request #12384 from Hokutosei/master 
added preemptible flag in gcloud compute instance-templates create
 2015-08-10 11:08:11 -07:00
Veres Lajos
9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
jeanepaul
eaacc1e5c1 refactor coding style 2015-08-09 01:07:12 +09:00
Jonathan Wills
f456e58355 Install rkt to a directory that doesn't require environment variables to find. 
Systemd doesn't do variable substitution on the name of the command to run, so we have to install
rkt to a directory with an absolute literal path that we can reference with environment variables.
 2015-08-08 11:16:59 -04:00
Eric Paris
86ca88be61 convert cluster/ from --flag_name= --flag-name= 2015-08-07 11:00:13 -04:00
Hokutosei
a68f0a853f add missing preemptibel var 2015-08-07 10:13:43 +00:00
hokutosei
3bcfdab649 added preemptible flag in gcloud compute instance-templates create 2015-08-07 06:50:28 +00:00
Zach Loafman
5ea2bfaa1b Update GCE to container-vm-v20150806 
Also changes the node image to default to master image
 2015-08-06 15:36:39 -07:00
Robert Bailey
8df33bc1a7 Register the kubelet on the master node with an apiserver. This option is 
separated from the apiserver running locally on the master node so that it
can be optionally enabled or disabled as needed.

Also, fix the healthchecking configuration for the master components, which
was previously only working by coincidence:

If a kubelet doesn't register with a master, it never bothers to figure out
what its local address is. In which case it ends up constructing a URL like
http://:8080/healthz for the http probe. This happens to work on the master
because all of the pods are using host networking and explicitly binding to
127.0.0.1. Once the kubelet is registered with the master and it determines
the local node address, it tries to healthcheck on an address where the pod
isn't listening and the kubelet periodically restarts each master component
when the liveness probe fails.
 2015-08-06 13:39:32 -07:00
Mike Danese
fe6b15ba2f rewrite all links to issues to k8s links 2015-08-05 21:11:11 -07:00
Alex Mohr
cab88c6885 Merge pull request #12215 from runningwild/master 
Auto commit by PR queue bot
 2015-08-04 19:08:44 -07:00
Alex Mohr
ad4086eab1 Merge pull request #11308 from gmarek/pillar 
Auto commit by PR queue bot
 2015-08-04 12:42:57 -07:00
Jonathan Wills
2fe560ac07 Fix typos in a runtime-generated yaml file 2015-08-04 14:34:21 -04:00
Jonathan Wills
12e47667d8 Fix minor typo that broke yaml format 2015-08-03 16:06:23 -04:00
Wojciech Tyczynski
2d95cd454c Swich to new gcloud API for GCE MIGs 2015-08-03 09:56:25 +02:00
gmarek
5bb7eec5ab Use salt pillars to pass test arguments during cluster creation. 2015-07-31 09:32:01 +02:00
Piotr Szczesniak
f48543aba5 Made enabling Kube UI configurable 2015-07-27 08:23:04 +02:00
Mike Danese
bfd22a6974 Merge pull request #10686 from mesosphere/kube-util 
Move sourcing of provider-specific util.sh into kube-util.sh
 2015-07-24 10:31:48 -07:00
Mike Danese
e9084f95d1 Merge pull request #10517 from chrishiestand/gke-scopes 
change shell var MINION_SCOPES to user setable
 2015-07-24 09:22:25 -07:00
Vish Kannan
3f47fc2fb1 Merge pull request #11762 from mbforbes/rollingAlpha 
Support gcloud rolling-update command in 'preview' and 'alpha compute'
 2015-07-23 14:53:18 -07:00
Max Forbes
5ff1566aac Support gcloud rolling-update command in 'preview' and 'alpha compute' 2015-07-23 14:16:31 -07:00
Vish Kannan
dc59c99d1a Merge pull request #11740 from piosz/config 
Added possibility to overwrite ENABLE_CLUSTER_DNS with env var
 2015-07-23 13:25:35 -07:00
Vish Kannan
87f59201ab Merge pull request #11483 from roberthbailey/secure-kubelet-config 
Refactor the functions that generate auth for the kubelet and kubeproxy
 2015-07-23 13:10:52 -07:00
Jerzy Szczepkowski
3808519907 Optional creation of nodes autoscaler for GCE. 
Implemented optional creation and deletion of nodes autoscaler in kube-up and kube-down scripts for GCE.
 2015-07-23 15:59:41 +02:00
Piotr Szczesniak
06b3406cef Added possibility to overwrite ENABLE_CLUSTER_DNS with env var 
It's for autoscaling tests purposes and making the config consistent with
other flags like ENABLE_NODE_LOGGING
 2015-07-23 10:25:06 +02:00
Wojciech Tyczynski
5988d30da0 Merge pull request #10715 from justinsb/spelling_octects 
Spelling fix (in code): octects -> octets
 2015-07-23 09:00:39 +02:00
Chris Hiestand
db1a73317c change shell var MINION_SCOPES to user setable 
Because bash arrays may not be environment variables
 (see: <https://stackoverflow.com/questions/5564418/exporting-an-array-in-bash-script>)
 we have to change the MINION_SCOPES array to a string
* prefers aliases instead of full URLs for scopes

tested under GKE, needs GCE testing

Close #10458
 2015-07-22 14:34:03 -07:00
Robert Bailey
728b337e9c Refactor the functions that generate auth for the kubelet and kubeproxy 
and remove the insecure configuration now that GKE has plumbed through
certificates.
 2015-07-17 16:13:01 -07:00
Robert Bailey
5e02f70dd0 Bump the container vm version to the latest build. 2015-07-16 09:30:33 -07:00
Max Forbes
739cb2f526 Robustly cleanup MIG template on GCE teardown 2015-07-10 10:14:04 -07:00
Prashanth B
bb6f2f7ad9 Merge pull request #10716 from justinsb/spelling 
Misc (non-code) spelling fixes
 2015-07-05 11:23:17 -07:00
Zach Loafman
a2250d1caf Merge pull request #10597 from a-robinson/fluentd 
Run fluentd on the master to collect the core master logs
 2015-07-04 21:12:47 -07:00
Justin Santa Barbara
fca7822800 Misc (non-code) spelling fixes 2015-07-04 10:39:37 -04:00
Justin Santa Barbara
1ece037555 Spelling fix (in code): octects -> octets 2015-07-04 10:37:57 -04:00
Karl Isenberg
0229cb01fc Move sourcing of provider-specific util.sh into kube-util.sh 
- kube-util.sh defines default implementations
- provider util.sh overrides the default implementations as desired
- default kube-util functions now print to stderr to avoid affecting
  captured output
 2015-07-02 12:50:18 -07:00
nikhiljindal
274792d7bb Stop exposing v1beta3 by default 2015-07-01 14:38:02 -07:00
Alex Robinson
e5ea6ae854 Run fluentd on the master node by default. 
This involves adding the logging-write scope to the master when running on GCE.
 2015-07-01 20:07:52 +00:00
Robert Bailey
ffb846a284 Merge pull request #10375 from eparis/enable_node_monitoring 
Remove unused enable_node_monitoring
 2015-06-26 12:58:14 -07:00
Robert Bailey
0048eae8eb Merge pull request #9965 from stevekuznetsov/skuznets/allow-https 
Allowing for HTTPS Probes
 2015-06-26 10:43:37 -07:00
Eric Paris
58df58f3d7 Remove unused enable_node_monitoring option 
Back in 1a7f7245e7 we dropped the one
place this was used, but left all of the variable and definitions and
garbage around cluster/
 2015-06-25 20:57:56 -04:00
Steve Kuznetsov
d581d1f6c0 Fixed typo in gce-specific kube-up script 2015-06-25 12:51:34 -04:00
Tim Hockin
280f99afd9 EOL our registry caching mirror 
Docker's v1 registry has gotten slower and slower, and they have no
interest in fixing it.  Using a mirror forces v1 mode.  Measurements
show that v1 with our mirror is slower than v2 with docker's registry in
just about all metrics.
 2015-06-24 09:56:59 -07:00
Jeff Lowdermilk
a2ce3ea529 Merge pull request #10107 from roberthbailey/sans 
Add more SANs to the master certificate.
 2015-06-23 08:22:33 -07:00
Max Forbes
434f968715 GKE upgrade tests 2015-06-20 09:44:19 -07:00
Robert Bailey
6ede5a90b1 Add more SANs to the master certificate. 2015-06-19 13:06:18 -07:00
Max Forbes
2803fbe343 Node upgrade tests. 2015-06-18 15:59:51 -07:00
Satnam Singh
34fb2a9f2d Merge pull request #9859 from mwielgus/resources-check 
Check for existing GCE resources in kube-up
 2015-06-18 14:47:22 -07:00
Satnam Singh
55f791ca15 Merge pull request #10050 from zmerlynn/checkbinaries 
Validate binaries downloaded from GCS:
 2015-06-18 14:14:56 -07:00
Zach Loafman
d8da39ecd0 Validate binaries downloaded from GCS: 
* Set SHA1 for Kubernetes server binary and Salt tar in kube-env.
* Check SHA1 in configure-vm.sh. If the env variable isn't available,
download the SHA1 from GCS and double check that.
* Fixes a bug in the devel path where we were actually uploading the
wrong sha1 to the bucket.

Fixes #10021
 2015-06-18 13:37:05 -07:00
CJ Cullen
abf1e768dc Pass through an explicit PROXY_SSH_USER. 
Use user@user instead of user@hostname in case hostname is too long.
 2015-06-18 10:35:02 -07:00
Marcin Wielgus
b33b881bc2 Add missing --project in GCE kube-down and check-resources 2015-06-17 15:11:40 +02:00
Marcin Wielgus
3a562f1619 Check for existing GCE resources in kube-up 2015-06-17 15:04:39 +02:00
Saad Ali
4d25121206 Merge pull request #9769 from brendandburns/secure 
Revert the revert of https://github.com/GoogleCloudPlatform/kubernetes/pull/9761
 2015-06-16 14:21:54 -07:00
Saad Ali
03af349173 Merge pull request #9758 from satnam6502/gcl-default 
Make Google Cloud Logging the default for GCE
 2015-06-16 13:47:56 -07:00
Saad Ali
fc30ab308b Merge pull request #9886 from vishh/heapster_v0.14.1 
Updating heapster version to v0.14.1.
 2015-06-16 13:14:07 -07:00
Vishnu Kannan
31f7ea10c6 Updating heapster version to v0.14.1. 
Adding a standalone version of heapster which exposes stats via REST API.
 2015-06-16 11:56:23 -07:00
Saad Ali
41545d0a66 Merge pull request #9135 from jlowdermilk/fix-gce-kube-down 
Fix route regexp for gce-kube-down
 2015-06-16 11:54:45 -07:00
Jeff Lowdermilk
e02483e3fe Fix route regexp for gce-kube-down 2015-06-16 11:25:43 -07:00
Fabio Yeon
bb659de2f1 Merge pull request #9832 from brendandburns/project 
Add a missing ${PROJECT}
 2015-06-15 19:35:32 -07:00
Brendan Burns
dea86ed926 Add a missing ${PROJECT} 2015-06-15 16:59:08 -07:00
Fabio Yeon
19a7e87c06 Merge pull request #9813 from dchen1107/cleanup 
Using bigger nodes for e2e test on gce.
 2015-06-15 16:08:35 -07:00
Dawn Chen
c78ac489aa Using bigger nodes for e2e test on gce. 2015-06-15 13:39:45 -07:00
Fabio Yeon
b1465aee0b Merge pull request #9738 from quinton-hoole/2015-06-12-fix-e2e-projects 
Add missing gcloud --project flags introduced by PR #9016
 2015-06-15 09:53:36 -07:00
Brendan Burns
2c59a3c4a4 Fix the scripts to default empty string if EXTRA_DOCKER_OPTS isn't set. 2015-06-12 21:47:30 -07:00
Brendan Burns
51b20b35e2 Revert "Revert "Optionalize (default false) --insecure-registry."" 
This reverts commit 1645c9a9b8.
 2015-06-12 21:00:16 -07:00
Dawn Chen
1645c9a9b8 Revert "Optionalize (default false) --insecure-registry." 2015-06-12 17:50:38 -07:00
Satnam Singh
7f24215761 Make Google Cloud Logging the default for GCE 2015-06-12 17:12:03 -07:00
Abhi Shah
a6bed65f06 Merge pull request #9685 from brendandburns/secure 
Optionalize (default false) --insecure-registry.
 2015-06-12 17:06:32 -07:00
Jeff Grafton
fcba3136d0 Allow adding a suffix to the devel staging path for server tars on GCS. 
This is needed to allow multiple GCE e2e runs to occur using the same
project on Jenkins.
 2015-06-12 15:18:47 -07:00
Quinton Hoole
58885c7b48 Add missing gcloud --project flags introduced by PR 9016 2015-06-12 13:43:29 -07:00
Abhi Shah
b3ab7d8db4 Merge pull request #9693 from zmerlynn/testing_container_vm 
Update GCE/debian to container-vm-v20150611
 2015-06-12 11:02:28 -07:00
Brendan Burns
455a787c69 Add a missing $PROJECT to the tear down. 2015-06-12 09:28:25 -07:00
Brendan Burns
dcb09e73a9 Aggressively delete a cluster template if it exists. 2015-06-11 21:31:31 -07:00
Quinton Hoole
60d3f91dea Specify project when checking for existance of instance group templates. 2015-06-11 16:40:21 -07:00
Brendan Burns
675d8378f2 Optionalize (default false) --insecure-registry. 2015-06-11 16:33:14 -07:00
Zach Loafman
c031708219 Update GCE/debian to container-vm-v20150611 
Updates:
- Docker 1.6.2
- /sys/fs/cgroup/memory/memory.use_hierarchy=1
 2015-06-11 16:10:08 -07:00
Abhi Shah
59a347d119 Merge pull request #9309 from saad-ali/issue9028 
Enable InfluxDB/Grafana for GCE in addition to GCL. Disable GCM
 2015-06-11 11:04:09 -07:00
Marek Grabowski
ccb1b658b2 Merge pull request #9658 from fgrzadkowski/fix_failing_firewall 
Wait longer for firewall creation during e2e cluster setup.
 2015-06-11 15:40:35 +02:00
Filip Grzadkowski
f93895dd36 Wait longer for firewall creation during e2e cluster setup. 2015-06-11 15:38:35 +02:00
Deyuan Deng
396fabf2af Document why we use 'tr -d' instead of 'base64 w0' 2015-06-10 16:24:20 -04:00
Mike Danese
1a6842e06e fix auth in gce/upgrade.sh 2015-06-09 22:33:34 -07:00
Robert Bailey
aeb0068547 Add 'kubernetes' (the service name) and the master name as SANs on the 
master's certificate.
 2015-06-08 20:17:45 -07:00
Robert Bailey
2feb658ed7 Distribute the cluster CA cert to cluster addon pods through 
the kubeconfig file. Use the $KUBERNETES_MASTER_NAME from the
kube-env for skydns, because it can't use the service name.
 2015-06-08 20:17:45 -07:00
saadali
a839f47d4a Disable GCM for GCE 2015-06-05 17:54:06 -07:00
CJ Cullen
04cd9b3c75 Make sshproxy use a hostmount on master PD (don't spam sshKeys on upgrade/reboot). 
Add comment describing what SSHTunnelList.Close() does.
Simplify util.FileExists.
 2015-06-05 15:03:03 -07:00
CJ Cullen
cb317604ab Some refactoring. Only selectively use ssh proxy. 
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
 2015-06-05 14:55:16 -07:00
saadali
bc53533c83 Enable InfluxDB/Grafana for GCE in addition to GCM/GCL 2015-06-05 01:17:45 -07:00
Prashanth Balasubramanian
f7c0f1c1e3 Set min-request-timeout in test clusters 2015-06-03 08:46:28 -07:00
Brian Grant
3da686fea5 Merge pull request #8894 from cjcullen/kmaster2 
Add an explicit variable to indicate whether an instance is master or not
 2015-06-02 20:37:43 -07:00
Brian Grant
e77ded1e84 Merge pull request #8649 from cjcullen/servicefix 
Add an advertise-address flag
 2015-06-02 19:54:28 -07:00
Brian Grant
21147d784a Merge pull request #9074 from roberthbailey/unbound-var 
Don't assume that CA_CERT_BASE64 will be set.
 2015-06-02 18:52:49 -07:00
CJ Cullen
dcf5b16cea Add an explicit KUBERNETES_MASTER variable to the kube-env. 2015-06-02 17:17:02 -07:00
CJ Cullen
934c553c04 Clarify description/usage of --advertise-address, Master.PublicAddress 2015-06-02 15:23:32 -07:00
CJ Cullen
085a48a70e Add an advertise-address flag. This allows the address that the apiserver binds 
to (possibly 0.0.0.0) to be different than the address on which members of the cluster
can reach the apiserver (possibly not a local interface).
 2015-06-02 14:33:15 -07:00
Filip Grzadkowski
caafd28245 Retry downloading binary tars in case of unpack failure 2015-06-02 14:59:15 +02:00
Eric Tune
8195f13b86 Merge pull request #9063 from piosz/cluster_upgrade 
Refactored kube-push.sh script
 2015-06-01 13:47:15 -07:00
Eric Tune
43951b04d2 Merge pull request #9016 from goltermann/kube-down-fix 
GCE kube-down.sh error fixes
 2015-06-01 13:46:54 -07:00
Piotr Szczesniak
0142e4c9c2 Refactored kube-push.sh script 
The script allows also to push binaries only to the master or specified node.
Added support for released tars.

Introduced new push methods and implemented them for GCE.
 2015-06-01 21:21:00 +02:00
Robert Bailey
0c62b71f8a Don't assume that CA_CERT_BASE64 will be set. 2015-06-01 11:35:26 -07:00
goltermann
4c19734b71 Fix kube-down errors for GCE 2015-05-29 14:12:22 -07:00
Rohit Jnagal
ff51f0b2e1 Merge pull request #8696 from derekwaynecarr/force_namespace_creation 
Force explicit namespace provision, update e2e for failures
 2015-05-29 09:28:47 -07:00
Wojciech Tyczynski
4fc38849ea Retry downloading tars in case of unpack failure 2015-05-29 13:06:24 +02:00
Tim Hockin
ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin
2c20c3664c Merge pull request #8902 from brendandburns/fix 
Turn off certificate checking for Mavericks, as the curl is borked.
 2015-05-28 15:32:50 -07:00
Tim Hockin
4ac239499b Merge pull request #8904 from justinsb/fix_8903 
GCE kube-up; write the marker only after we have uploaded the file
 2015-05-28 15:30:47 -07:00
derekwaynecarr
3e8b1d5e01 Update all salt providers to force explicit namespace creation; update e2e 2015-05-28 13:45:49 -04:00
Justin Santa Barbara
521cb0e85b Pass arg lists to gcloud as comma-separated single arg 
This should get rid of the scary warning messages on GCE up.

Fixes #8117
 2015-05-28 00:36:13 -04:00
Justin Santa Barbara
dc11a5434a GCE kube-up; write the marker only after we have uploaded the file 
We can't write the marker before we upload the file, otherwise anything
that interrupts the upload will leave a corrupted upload that we believe
to be current.
 2015-05-27 23:33:29 -04:00
Brendan Burns
e1c0e100b5 Turn off certificate checking for Mavericks, as the curl is borked. 2015-05-27 19:53:24 -07:00
Tim Hockin
93a67b75a0 Merge pull request #8537 from a-robinson/ssd 
Change the default master data disk on GCE to be a 20GB SSD
 2015-05-27 09:39:19 -07:00
Saad Ali
496be63c00 Merge pull request #8717 from saad-ali/gceUpgradeScriptNewParams 
Modify GCE upgrade script to not require exact version number
 2015-05-26 15:09:15 -07:00
Filip Grzadkowski
e2c4a01b60 Merge pull request #8808 from fgrzadkowski/fix_warnings 
Fix WARNING during kube-push.sh
 2015-05-26 08:29:04 -07:00
Filip Grzadkowski
8fe771b4a3 Fix WARNING during kube-push.sh 2015-05-26 17:04:57 +02:00
Filip Grzadkowski
5b03939b84 Fix WARNING when creating firewall during e2e tests 2015-05-25 09:46:24 +02:00
Justin Santa Barbara
ae80ed53cf Automatically open NodePort firewall rules for e2e tests 2015-05-22 22:39:40 -04:00
saadali
27c777d61d Modify GCE upgrade script to not require exact version number 2015-05-22 15:57:35 -07:00
Dawn Chen
677a4aa1a7 Merge pull request #8164 from cjcullen/cloudprovider 
Route creation reconciler loop.
 2015-05-22 12:27:50 -07:00
CJ Cullen
e6da5b9601 Make routecontroller_test less hacky. 
Rename reconcilePodCIDRs to reconcileNodeCIDRs.
Add comments and TODOs about using controller framework.
 2015-05-21 18:05:11 -07:00
Zach Loafman
3e4a94080d Merge pull request #7938 from mbforbes/rollingUpgrade 
Rolling node upgrade
 2015-05-21 14:48:40 -07:00
CJ Cullen
0d12a15971 Route creation reconciler loop. 2015-05-20 14:21:30 -07:00
Yifan Gu
02eee4890b cluster/gce/coreos: Make rkt version configuable. 2015-05-20 12:08:32 -07:00
Alex Robinson
24c532bef1 Change the default master data disk on GCE to be a 20GB SSD. 2015-05-19 15:49:18 -07:00
Max Forbes
3437ac691a Rolling node upgrade 2015-05-19 11:42:34 -07:00
Daniel Smith
ce4b54ec70 Merge pull request #8209 from krousey/v1beta1_cluster 
Removing some v1beta1 uses in cluster/
 2015-05-15 14:56:41 -07:00
Kris Rousey
98c457c397 Updating /cluster to use v1beta 3 specs, and change a lot of polling to 
healthz instead of api endpoints.
 2015-05-15 14:17:55 -07:00
Prashanth B
1f0b4c5e2a Merge pull request #8232 from zmerlynn/i8196 
Ensure basic DNS functionality before doing real work in configure-vm.sh
 2015-05-15 10:19:35 -07:00
CJ Cullen
213a1b5e71 Merge pull request #8290 from roberthbailey/unbound-var 
Fix an unbound variable error when CA_CERT isn't set.
 2015-05-14 15:51:55 -07:00
Robert Bailey
9edc359de7 Fix an unbound variable error when CA_CERT isn't set. 2015-05-14 15:42:16 -07:00
Robert Bailey
a236f04a5f Remove newlines output by base64 on linux. 2015-05-14 15:39:26 -07:00
Robert Bailey
9ab41db7ea Static cert distribution for GCE. 
To make cert validation work, no longer use the
fqdn for the master name on the node VMs.
 2015-05-14 11:59:13 -07:00
Zach Loafman
06c22c699a Ensure basic DNS functionality before doing real work in configure-vm.sh 
Fixes #8196. Maybe. If my theory is correct on how we got there. Also
changes the inference of master to be based on the master name, not
the node instance prefix. That way if we somehow have a bogus
hostname, the master will configure itself as a node, the whole
cluster fails, and it's a ton more obvious.
 2015-05-13 19:12:53 -07:00
Dawn Chen
309a157665 Merge pull request #7984 from cjcullen/kubelet 
Kubelet configure cbr0 instead of configure-vm.sh
 2015-05-13 17:32:52 -07:00
saadali
c118b6d603 Fix GCE kube-down incorrect MIG delete OpID 2015-05-13 15:06:43 -07:00
Robert Bailey
c47b9178b4 Replace the auth config file with a kubeconfig file when 
starting the kubelet on GCE.
 2015-05-13 01:03:28 -07:00
CJ Cullen
5e3d2b9138 Kubelet configure cbr0 instead of configure-vm.sh 2015-05-12 23:00:12 -07:00
Quinton Hoole
de0d59be05 Merge pull request #8096 from saad-ali/fixTemplateUpDown 
Make MIG deletion during GCE kube down blocking, so that subsequent template deletion doesn't fail.
 2015-05-12 17:05:13 -07:00
saadali
932cdd954d Clean up GCE kube-down script by using set e 2015-05-12 16:58:22 -07:00
Clayton Coleman
7d620c20b9 Merge pull request #8105 from thockin/dns-domain 
Rename default DNS domain to cluster.local
 2015-05-12 17:18:45 -04:00
Zach Loafman
0b0bace006 Merge pull request #8009 from mbforbes/refactorEnv 
Refactor master vs node kube-env and salt auth
 2015-05-12 13:37:54 -07:00
Max Forbes
76c89db5a8 Master vs node salt auth refactor in configure-vm.sh 2015-05-12 13:26:11 -07:00
Max Forbes
0acf8f9a00 Refactor GCE kube-env for both OSes. 2015-05-12 13:26:10 -07:00
Tim Hockin
e83e49b076 rename default DNS domain to cluster.local 2015-05-11 23:00:43 -07:00
saadali
c5b1508774 Make MIG deletion during GCE kube down blocking, so that subseqent template deletion doesn't fail. 2015-05-11 18:51:59 -07:00
Jordan Liggitt
7e14a80f63 ServiceAccount admission plugin 2015-05-11 17:18:06 -04:00
Nikhil Jindal
72ac82eba9 Merge pull request #8005 from lavalamp/kubectlFix 
Don't print debugging things on every run of kubectl.sh
 2015-05-11 10:19:37 -07:00
Filip Grzadkowski
26d14300e9 Increase disk size for kubernetes master. 
Signed-off-by: Filip Grzadkowski <filipg@google.com>
 2015-05-11 15:35:38 +02:00
Daniel Smith
ccecb115ed Don't print debugging things on every run of kubectl.sh 2015-05-08 15:55:28 -07:00
Wojciech Tyczynski
ca0f678b9a Merge pull request #7792 from pweil-/security-context-types 
SecurityContext admission clean up
 2015-05-07 10:43:43 +02:00
Maxwell Forbes
7426b533df Merge pull request #7862 from cjcullen/cbr0 
Remove restriction that cluster-cidr be a class-b
 2015-05-06 15:46:57 -07:00
saadali
4569de7a46 Enable Google Cloud Monitoring and Google Cloud Logging instead of 
Influxdb for Google Compute Engine deployments.
 2015-05-06 15:23:40 -07:00
CJ Cullen
fbd125e4e2 Remove restriction that cluster-cidr be a class-b 2015-05-06 15:01:13 -07:00
Dawn Chen
07afcb2bce Merge pull request #7820 from zmerlynn/container-vm-v20150505 
Update to container-vm-v20150505 (Also updates GCE to Docker 1.6)
 2015-05-06 09:22:35 -07:00
Filipe Brandenburger
b7f9e2cea0 Merge pull request #7651 from zmerlynn/upload_hash_in_util 
Also push .sha1 for devel builds
 2015-05-06 09:07:39 -07:00
Jerzy Szczepkowski
58962100db Merge pull request #7827 from zmerlynn/safe_format_cleanup 
Clean up safe_format_and_mount spam in the startup logs
 2015-05-06 10:50:32 +02:00
Robert Bailey
06c2f4e3d5 Merge pull request #7799 from cjcullen/test_pull_5246 
Fix sync problems in #5246
 2015-05-05 22:31:10 -07:00
Zach Loafman
399f7dee43 Clean up safe_format_and_mount spam in the startup logs 
Totally minor cleanup, but I'm tired of seeing it's spam in the
startup logs.
 2015-05-05 21:23:57 -07:00
Zach Loafman
c78eabbfac Update to container-vm-v20150505 2015-05-05 17:15:54 -07:00
Jerzy Szczepkowski
e967ffd522 Added flag to set cluster class B network address for pods, add flag to disable allocation CIDRs for Pods. Fixed synchornization bug in NodeController registerNodes(). 2015-05-05 16:10:43 -07:00
Tomek Kulczynski
290c7b94ef Make nodecontroller configure nodes' pod IP ranges 2015-05-05 16:10:42 -07:00
Zach Loafman
875e83a741 Revert "Revert "Security context - types, kubelet, admission"" 2015-05-05 16:02:13 -07:00
Zach Loafman
f48904fd5e Revert "Security context - types, kubelet, admission" 2015-05-05 15:20:39 -07:00
Paul Weil
5acdf5e70b remove trailing comma. Add sc admission controller to ansible and systemd 2015-05-05 16:34:38 -04:00
Paul Weil
982bf19c20 security context initial implementation - squash 2015-05-05 13:46:13 -04:00
Zach Loafman
0c107e4c44 Also push .sha1 for devel builds 
And adds a .sha1 cache file to indicate what file was already pushed
to GCS, and how to force it if not, removing a few seconds off a
kube-up/push if you're just cycling.

With this and #7602, all TAR_URLS will have a .sha1 as well.
 2015-05-04 17:45:34 -07:00
Robert Bailey
9718d667a7 Merge pull request #7744 from zmerlynn/allow_builtin_salt 
Skip SaltStack install if it's already installed
 2015-05-04 16:32:56 -07:00
Zach Loafman
dd7f3f7df7 Skip SaltStack install if it's already installed 
Next ContainerVM image will have SaltStack in it. Also be a little
less persnickety if it's found running. This isn't the case, but we
don't have to be aggressive.
 2015-05-04 16:12:53 -07:00
Yu-Ju Hong
5270ce6d28 Merge pull request #7671 from vmarmol/fix-metadata 
Make rkt-install a oneshot.
 2015-05-04 10:50:36 -07:00
Yu-Ju Hong
c3ba88296b Merge pull request #7665 from vmarmol/cluster-rkt 
Provide container_runtime flag to Kubelet in CoreOS.
 2015-05-04 10:06:58 -07:00
Victor Marmol
9253249b19 Make rkt-install a oneshot. 
This will make our dependencies wait for us before they execute.
 2015-05-01 17:44:44 -07:00
Victor Marmol
727016dc30 Provide container_runtime flag to Kubelet in CoreOS. 2015-05-01 17:02:33 -07:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Brian Akins
b311a12d90 Use the variable as this changes based on environment. 2015-04-30 12:40:09 -04:00
Yifan Gu
9ba1839f52 cluster/gce/coreos: Add metadata-service in node.yaml 2015-04-29 14:58:26 -07:00
Dawn Chen
876f8beec9 Remove unused node-name attribute 2015-04-28 16:13:26 -07:00
Dawn Chen
13a0b033e2 Bring up a cluster using coreos image for worker nodes. 2015-04-28 16:13:26 -07:00
Dawn Chen
5fa11322f8 Factory out debian e.g. ContainerVM image specific support to its own 
helper utility library.
 2015-04-28 16:07:57 -07:00
Dawn Chen
8963347b9e Introduce MASTER_IMAGE, MINION_IMAGE and OS_DISTRIBUTION to config-default 
for enable coreos and rocket support
 2015-04-28 15:31:09 -07:00
Robert Bailey
8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Alex Robinson
566f0d4724 Fix GCE logging scope name. 2015-04-28 13:44:30 -07:00
Alex Robinson
5b5525dca5 Merge pull request #7324 from vishh/log_scope 
Enable logging.write scope for minions.
 2015-04-28 11:00:10 -07:00
Vishnu Kannan
9c66305f8c Enable logging.write scope by default for nodes. This is required for storing events in 
Google Cloud Logging via heapster.
 2015-04-28 10:55:06 -07:00
CJ Cullen
39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
Eric Tune
9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Brian Grant
60d7bad147 Merge pull request #7128 from nikhiljindal/fixbeta1tests 
Removing more references to v1beta1 from pkg/
 2015-04-24 11:07:53 -07:00
Satnam Singh
b6bee06c20 Merge pull request #7269 from zmerlynn/lose_one_sanity 
Remove buggy GCE post turn-up cluster validation code (rely on validate-cluster.sh)
 2015-04-24 10:56:20 -07:00
nikhiljindal
dcc368c781 Removing more references to v1beta1 from pkg/ 2015-04-24 00:45:17 -07:00
Zach Loafman
ad829dead7 Remove buggy GCE post turn-up cluster validation code (rely on validate-cluster.sh) 
Fixes #7266
 2015-04-23 16:28:44 -07:00
Eric Tune
e8a83b23d1 Pass KUBELET_TOKEN in kube-env metadata. 
ensure-kube-token is not needed anymore because
the token passed in kube-env.

In the up case it is set, in the push case it is an empty string
but not used.

Allow unset KUBELET_TOKEN (for push case).

Fix comment.
 2015-04-23 15:21:27 -07:00
Wojciech Tyczynski
cf824ae5e0 Merge pull request #7164 from fgrzadkowski/fix_wait_minion 
Wait for minion to start even if gcloud command fails.
 2015-04-23 08:21:19 +02:00
Robert Bailey
6951bb0bd5 Fix the restart-apiserver command for GCE/GKE. 2015-04-22 15:21:13 -07:00
Robert Bailey
4346c6ecae Swallow the output from the test ssh connections so that it 
doesn't interfere with string comparison.
 2015-04-22 14:19:15 -07:00
Robert Bailey
dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Zach Loafman
86468cd29d Revert "Added kube-proxy token." 2015-04-22 10:55:08 -07:00
Zach Loafman
0e3e502d52 Fix unbound variable after #7146 2015-04-22 10:19:53 -07:00
Zach Loafman
42e1710ccf Fix build after #7146 2015-04-22 10:11:19 -07:00
Zach Loafman
c9988db0ee Merge pull request #7146 from brendandburns/get-k8s 
Extend the get-cluster.sh script to use sudo if necessary.
 2015-04-22 09:58:07 -07:00
Brendan Burns
42121d1809 Extend the get-cluster.sh script to use sudo if necessary. 2015-04-22 09:52:44 -07:00
Zach Loafman
854c20c5e2 Merge pull request #7113 from erictune/kube-proxy-token 
Added kube-proxy token.
 2015-04-22 09:16:04 -07:00
Filip Grzadkowski
780db9d794 Wait for minion to start even if gcloud command fails. 2015-04-22 16:37:22 +02:00
Brendan Burns
78dabbdb7f Fix the ssh-to-node to actually fail on failures. 2015-04-21 15:27:38 -07:00
Brendan Burns
71e6b05825 Fix kube-apiserver restart. 2015-04-21 15:11:00 -07:00
Brendan Burns
9d715226d6 Fix kube-apiserver restart. 2015-04-21 13:59:26 -07:00
Eric Tune
2ca8a9d15d Added kube-proxy token. 
Generates the new token on AWS, GCE, Vagrant.
Renames instance metadata from "kube-token" to "kubelet-token".
(Is this okay for GKE?)

Having separate tokens for kubelet and kube-proxy permits
using principle of least privilege, makes it easy to
rate limit the clients separately, allows annotation
of apiserver logs with the client identity at a finer grain
than just source-ip.
 2015-04-21 09:21:31 -07:00
Jeff Lowdermilk
196b3d066d Merge pull request #6919 from zmerlynn/sharded-e2e 
Add hack/parallel-e2e.sh to run hack/e2e.go on multiple clusters
 2015-04-20 11:34:18 -07:00
Zach Loafman
68c9191cfc Allow CLUSTER_IP_RANGE/MINION_IP_RANGE to be overridden by KUBE_GCE_CLUSTER_CLASS_B 2015-04-20 11:17:21 -07:00
Jeff Lowdermilk
4f6dc99075 Generate kubeconfig for all providers in cluster/ that use auth 2015-04-20 11:07:35 -07:00
Robert Bailey
eb1ea26995 Merge pull request #7012 from jlowdermilk/export-kubeconfig 
export KUBECONFIG so callers of common.sh functions can use it
 2015-04-17 16:37:10 -07:00
Jeff Lowdermilk
1c265f3784 export KUBECONFIG so callers of common.sh functions can use it 2015-04-17 16:22:07 -07:00
Brian Grant
2775b9e0de Merge pull request #6998 from zmerlynn/make_reboot_work 
Make reboots work on GCE/GKE
 2015-04-17 16:10:32 -07:00
Zach Loafman
bcb63642b8 Make reboots work on GCE/GKE 
* Fixes an issue where salt-minion would actually come up after reboot
(upstart is horrible obnoxious)
* Caches .deb downloads
* Handles PD remount on reboot correctly
* Notes a future optimization

Fixes #5666
 2015-04-17 12:12:00 -07:00
Zach Loafman
aca8452a21 Merge pull request #6994 from cjcullen/staticip 
Reserve Master IP before creating Master VM
 2015-04-17 11:48:48 -07:00
CJ Cullen
6a3c809833 Reserve Master IP before creating Master VM. 2015-04-17 11:36:00 -07:00
Zach Loafman
05d8e96cd4 Push the configure-vm.sh script when we push metadata 
This is needed when we upgrade (and useful when you're trying to
change the startup script for reboots).

Along the way: allow add-instance-metadata[-from-file] to take a
variable number of KVs.
 2015-04-17 11:27:48 -07:00
Jeff Lowdermilk
2a8291a67e Retry Move KUBECONFIG to common.sh, change default to new location 2015-04-17 10:33:12 -07:00
Robert Bailey
723f2941e8 Revert "Move KUBECONFIG into common.sh, change default to new location" 2015-04-16 22:17:11 -07:00
Jeff Lowdermilk
5ce9b07cbe Move KUBECONFIG declaration into common.sh, change default to new location 2015-04-16 19:23:35 -07:00
Wojciech Tyczynski
4094505f84 Enable configuring size of minion disk 2015-04-15 11:19:43 +02:00
Brendan Burns
5df4d927b9 We have had user reports that look like hash conflicts. Expand the has to 10 digits. 2015-04-08 21:51:50 -07:00
Rohit Jnagal
13b805fe1e Merge pull request #6504 from ghodss/gce-customize-minion-size 
Make minion disk size in GCE kube-up customizable
 2015-04-07 08:36:43 -07:00
Sam Ghods
6ec32bf16c Make minion disk size in GCE kube-up customizable 2015-04-06 21:47:45 -07:00
Fabio Yeon
fd7db14df0 Add local file option to "upgrade.sh". 2015-04-06 16:30:15 -07:00
Zach Loafman
616c6be653 Refactor the "gcloud compute instances create" call as well. 2015-04-06 08:35:02 -07:00
Zach Loafman
9e5fd874cc First hack at upgrade script for GCE: 
Address #6075: Shoot the master VM while saving the master-pd. This
takes a couple of minor changes to configure-vm.sh, some of which also
would be necessary for reboot. In particular, I changed it so that the
kube-token instance metadata is no longer required after inception;
instead, we mount the master-pd and see if we've already created the
known tokens file before blocking on the instance metadata.

Also partially addresses #6099 in bash by refactoring the kube-push
path.
 2015-04-05 11:42:34 -07:00
Filip Grzadkowski
0ffabfa9f7 Add ability to set master/minion size for GCE using envvar. 2015-04-03 11:36:05 +02:00
Eric Tune
59daeabaee Make secrets at cluster startup. 
These secrets will be used in subsequent PRs by:
scheduler, controller-manager, monitoring services,
logging services, and skydns.

Each of these services will then be able to stop using kubernetes-ro
or host networking.
 2015-04-02 15:58:45 -07:00
CJ Cullen
5e6e67ba59 Add an alternative TokenSource to the GCE CloudProvider. 2015-04-01 17:52:30 -07:00
Jeff Lowdermilk
ce72839153 Merge pull request #6329 from mbforbes/fixUp 
Fix pod that's looked for on kube up.
 2015-04-01 17:51:37 -07:00
Alex Robinson
4f9b1c486f Don't ever give up on retrying downloads in the GCE download-or-bust function. 2015-04-02 00:40:19 +00:00
Max Forbes
152a461f39 Fix pod that's looked for on kube up. 2015-04-01 17:28:04 -07:00
Jeff Grafton
0d382c03fc Add missing } to fix cluster/gce/util.sh 2015-03-31 14:03:18 -07:00
Robert Bailey
fe00f7abd0 Merge pull request #6168 from brendandburns/docs 
Auto-install gcloud and needed components, if necessary
 2015-03-31 13:55:46 -07:00
Zach Loafman
6c219885e0 s/apiservers/api_servers/ in Salt 
It looks like api_servers finally won this battle. Kill off the
last remaining places passing it, but allow the kubelet Salt to
accept apiservers for a period of time.

(This was bothering my OCD.)
 2015-03-31 12:29:46 -07:00
Brendan Burns
98cdf04189 Auto-install gcloud if needed. 2015-03-31 12:10:35 -07:00
Victor Marmol
0c75f26a74 Merge pull request #6148 from zmerlynn/brctl_complaint 
Fix "brctl: invalid command" message appearing in startup logs
 2015-03-30 08:01:30 -07:00
Zach Loafman
b3636bba34 Fix "brctl: invalid command" message appearing in startup logs 
We were actually failing to call brctl in configure-vm.sh. I finally
tracked it down to the attempt to delete the docker0 bridge. This
particular package was getting installed later by Salt anyways, so
all this PR is doing is moving the package install up from Salt to
bash.

Also adds some minor logging.
 2015-03-29 18:30:33 -07:00
Zach Loafman
708553f0bb GCE node salt: Use the master FQDN, not the master IP 
This will allow us to upgrade the master by full re-provision, without
even bothering to reserve the IP.
 2015-03-28 13:44:45 -07:00
Daniel Smith
525bbfd175 Merge pull request #6103 from zmerlynn/remove_gce_node_names 
Remove the --machines SaltStack configuration on GCE
 2015-03-27 17:55:16 -07:00
Zach Loafman
68ccb97907 Remove the --machines SaltStack configuration on GCE 
Per https://github.com/GoogleCloudPlatform/kubernetes/issues/6072#issuecomment-87074456, this is no longer necessary.
We now no longer need a static node list. Woo!
 2015-03-27 14:44:19 -07:00
Brendan Burns
6fd376a04f Fix the scripts to optionally skip prompts and also return successfully no matter what. 2015-03-27 13:53:26 -07:00
Brendan Burns
1aa2b97792 Revert "Revert "Update gce starting guide to use get.k8s.io"" 
This reverts commit b369f2b48f.
 2015-03-27 13:46:28 -07:00
Zach Loafman
b369f2b48f Revert "Update gce starting guide to use get.k8s.io" 2015-03-26 19:36:25 -07:00
Brendan Burns
61b624457d Update gce starting guide to use get.k8s.io 
Also auto install gcloud if it's not present.
 2015-03-26 16:08:56 -07:00
Max Forbes
ddb0a70481 Fix tiny salt logging line. 2015-03-26 14:37:51 -07:00
Brendan Burns
eea09ddfbb Fix the date command to work on OS X 2015-03-26 13:48:59 -07:00
Zach Loafman
ed567736ea Retry apt operations to death 
Nodes are probably broken if update or install fails. Don't proceed
if we can't get past these. Also, instead of ignoring the error off
dpkg, use --force depends, which changes the errors to be kinder
warnings for anyone looking through the logs.
 2015-03-24 16:11:40 -07:00
derekwaynecarr
ee53dfc741 Turn on namespace lifecycle plug-in 2015-03-24 10:36:06 -04:00
Robert Bailey
c3189657b6 Bump the default boot disk size for GCE from 10GB to 100GB so that there is 
more space to store containers and image layers.
 2015-03-20 13:06:35 -07:00
Zach Loafman
407d1fec45 Both @satnam6502 and E2E tests confirm: This code is no longer needed 
Deletion is wonderful. The only weird thing was where to put the
message about the proxy URLs. Satnam suggested kubectl clusterinfo,
which seemed like a good option to put at the end of cluster turn-up.
 2015-03-19 22:23:11 -07:00
Zach Loafman
57cd8165b0 Ensure salt-minion never starts by setting invoke-rc.d policy using 
the /usr/sbin/policy-rc.d script and returning 101, per
https://people.debian.org/~hmh/invokerc.d-policyrc.d-specification.txt,
but only for the window while we're installing Salt.

This is a much more fool-proof method than what I was attempting
before. I hunted for how to do this before and clearly failed at my
Google-fu.

Fixes #5621
 2015-03-18 16:15:24 -07:00
Vish Kannan
b6e7f470cb Merge pull request #5576 from vmarmol/auth 
Add monitoring scope to default GCE config.
 2015-03-17 17:22:52 -07:00
Victor Marmol
8e2dc04da8 Add monitoring scope to default GCE config. 
This will allow Heapster to run GCM-based monitoring on the nodes.
 2015-03-17 17:02:10 -07:00
Dawn Chen
dce75998d0 Upgrade to container-vm-20150315 2015-03-17 16:10:39 -07:00
Zach Loafman
f2de7b4dcc Add --can-ip-forward to master instance 
Another piece missing in
https://github.com/GoogleCloudPlatform/kubernetes/pull/5390. The
master should have --can-ip-forward if you're routing to it.
 2015-03-13 15:17:07 -07:00
Filipe Brandenburger
0948cb745f Merge pull request #5454 from jlowdermilk/get-password 
Make get-password robust against invalid kubeconfig entries
 2015-03-13 13:40:55 -07:00
Jeff Lowdermilk
8fef6fb343 Make get-password robust against invalid kubeconfig entries 2015-03-13 13:26:47 -07:00
Jeff Lowdermilk
9b55e1f176 Delete master route on kube-down 2015-03-13 11:00:19 -07:00
Satnam Singh
dfb9f2aa17 Revert "Revert "Actually update binaries during kube-push"" 2015-03-12 18:04:36 -07:00
Satnam Singh
bb2c3037e0 Revert "Actually update binaries during kube-push" 2015-03-12 17:09:50 -07:00
Satnam Singh
c3951d7cf6 Merge pull request #5415 from zmerlynn/fix_binary_push 
Actually update binaries during kube-push
 2015-03-12 16:51:28 -07:00
Zach Loafman
b02188b7d8 Actually update binaries during kube-push 
This was a dumb mistake during a re-factor of configure-vm. I tested
this early, re-factored the tail of this file, spot checked kube-push
and failed to test kube-push properly. My bad.

Fixes #5361. Fixes #5408.
 2015-03-12 16:44:32 -07:00
Brendan Burns
5d9fe6212c Add MASTER_IP_RANGE to e2e. 2015-03-12 14:22:03 -07:00
Zach Loafman
9fc5262c14 Infer KUBERNETES_MASTER from hostname rather than requiring it to be explicit 
This allows GKE to have the same YAML on both the master and nodes
 2015-03-12 11:51:21 -07:00
Satnam Singh
e16bcceceb Merge pull request #5390 from brendandburns/shell_sucks 
Configure docker on the master like we do on workers.
 2015-03-12 11:42:03 -07:00
Brendan Burns
17ff8fb421 Configure docker on the master like we do on workers. 2015-03-12 10:37:30 -07:00
Alex Robinson
bc655681fe Merge pull request #5352 from zmerlynn/conditional_disk 
Don't always run mount-master-pd
 2015-03-12 10:19:04 -07:00
Victor Marmol
c03b080328 Merge pull request #5332 from vishh/heapster_e2e 
Adding a ginkgo version of monitoring e2e test
 2015-03-12 08:37:45 -07:00
Zach Loafman
d4f06cea9f Don't always run mount-master-pd 2015-03-11 19:58:44 -07:00
Vishnu Kannan
e7aca5c337 Enable heapster based cluster monitoring by default on other cluster providers, expect for GKE. 2015-03-11 23:34:04 +00:00
Vishnu Kannan
663bdb91c9 Remove monitoring firewall setup methods. Heapster anf Grafana are now accessible via the API server proxy. 2015-03-11 23:20:45 +00:00
Vishnu Kannan
425dd7e3ee Adding a heapster ginkgo e2e test. 2015-03-11 21:47:47 +00:00
Zach Loafman
e780592315 Merge pull request #5264 from jlowdermilk/kube-up 
Standalone kubeconfig for gce kube-up (mulligan)
 2015-03-11 11:46:45 -07:00
derekwaynecarr
64eca7393a Update to use yaml quote 2015-03-11 11:07:36 -04:00
derekwaynecarr
468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
Zach Loafman
759e82c29f Remove dep on yaml for GCE startup 
Write out "yaml" in util.sh. Dying a little. :'(

Fixes #5258
 2015-03-10 16:38:52 -07:00
Zach Loafman
7333d991fb Revert "Fix need for yaml in GCE kube-up by importing PyYAML into third_party" 2015-03-10 15:42:28 -07:00
Jeff Lowdermilk
7db006ab1a Generate standalone kubeconfig on kube-up, clear on kube-down. 
Also tweaked the ginkgo tests to pull auth directly from a kubeconfig file
instead of the legacy kubernetes_auth file.
 2015-03-10 14:23:34 -07:00
Zach Loafman
965f684e2f Adjust kube-env.py to use third_party PyYAML 2015-03-10 13:53:13 -07:00
Zach Loafman
b31b633f85 One additional cleanup: Send only the master name, rather the internal 
IP address. The configure-vm script can resolve this relatively easily
on the node. This is less painful for GKE, which creates all the
resources in parallel.
 2015-03-10 09:04:29 -07:00
Zach Loafman
120dba474e Change GCE to use standalone Saltstack config: 
Change provisioning to pass all variables to both master and node. Run
Salt in a masterless setup on all nodes ala
http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html,
which involves ensuring Salt daemon is NOT running after install. Kill
Salt master install. And fix push to actually work in this new flow.

As part of this, the GCE Salt config no longer has access to the Salt
mine, which is primarily obnoxious for two reasons: - The minions
can't use Salt to see the master: this is easily fixed by static
config. - The master can't see the list of all the minions: this is
fixed temporarily by static config in util.sh, but later, by other
means (see
https://github.com/GoogleCloudPlatform/kubernetes/issues/156, which
should eventually remove this direction).

As part of it, flatten all of cluster/gce/templates/* into
configure-vm.sh, using a single, separate piece of YAML to drive the
environment variables, rather than constantly rewriting the startup
script.
 2015-03-10 09:04:29 -07:00
Jeff Lowdermilk
a280e0da2d Revert "Standalone kubeconfig for gce kube-up" 2015-03-09 17:45:06 -07:00
Satnam Singh
89bc7bbea9 Merge pull request #5154 from jlowdermilk/kube-up 
Standalone kubeconfig for gce kube-up
 2015-03-09 16:22:51 -07:00
Jeff Lowdermilk
4173d369aa Generate standalone kubeconfig on kube-up, clear on kube-down. 
Also tweaked the ginkgo tests to pull auth directly from a kubeconfig file
instead of the legacy kubernetes_auth file.
 2015-03-09 16:02:00 -07:00
Dawn Chen
38178299bb Upgrade to latest containervm image: v20150305 2015-03-06 13:54:33 -08:00
roberthbailey
83c3c53ff6 Merge pull request #5014 from justinsb/aws_cluster_push 
Copy download-or-bust helper from gce to aws
 2015-03-04 16:26:01 -08:00
Justin Santa Barbara
05d4aea3bf Copy download-or-bust helper from gce to aws 
During a push, we were wget-ing to <filename>.1, .2, etc, which wasn't working
 2015-03-04 16:30:11 -05:00
Justin Santa Barbara
12e785c3b8 Implement restart-apiserver for AWS, fix comment 2015-03-04 15:35:29 -05:00
Dawn Chen
2a6b5a2262 Removed staled docker artifacts on GCE minions. 2015-03-02 23:24:29 -08:00
Satnam Singh
e918f36c2b Fix URL for Elasticsearch 2015-03-02 15:57:12 -08:00
Jeff Lowdermilk
66dfbe900a Merge pull request #4963 from roberthbailey/kubectl-proxy 
Remove host ports from the update demo and update tests (take 2).
 2015-03-02 15:16:04 -08:00
Satnam Singh
72183c064c Use proxy instead of load balancer 2015-03-02 13:44:41 -08:00
Robert Bailey
5799dd5f7d Remove host ports from the update demo and update tests (take 2). 2015-03-02 10:15:34 -08:00
Jerzy Szczepkowski
7763570579 Print grafana address print in kube-up.sh. 
Print grafana address print in kube-up.sh. Resolved #4721.
 2015-02-27 09:15:08 +01:00
Satnam Singh
19b927ea57 Name a cluster and use it to make forwarding rules for GCE 2015-02-23 17:04:33 -08:00
Alex Robinson
6a18b74fa3 Minor reordering of GCE kube-up subcommands to keep them logically grouped. 2015-02-23 13:57:09 -08:00
Alex Robinson
953982f47f Add the salt-overlay and /etc/salt directories to the GCE master-pd and reserve 
the master's IP upon creation to make it easier to replace the master later.

This pulls out the parts of PR #3174 that don't break anything and will
make upgrading existing clusters in the future less painful.

Add /etc/salt to the master-pd
 2015-02-23 13:56:11 -08:00
Satnam Singh
434b74da63 Delete cluster level logging services during kube down 2015-02-19 14:30:53 -08:00
Brendan Burns
eee9804e97 Strip whitespace that OS X inserts on wc calls. 2015-02-17 17:19:33 -08:00
Zach Loafman
fe5b257cfc Merge pull request #4427 from satnam6502/e2e_cluster_logging 
Enabled Elasticsearch cluster level logging for e2e test clusters
 2015-02-17 14:32:26 -08:00
Alex Robinson
3043ae9144 Merge pull request #4492 from jlowdermilk/e2e 
Cleanup resources after services/guestbook e2e tests.
 2015-02-17 12:04:46 -08:00
CJ Cullen
47622092fd Merge pull request #4164 from tkulczynski/mig 
Use Managed Instance Group for managing Nodes in GCE
 2015-02-17 12:01:48 -08:00
Tomek Kulczynski
bcadad2e2e Use Managed Instance Group instead of manually creating Nodes in GCE 2015-02-17 20:33:31 +01:00
Jeff Lowdermilk
8ad671b01e Cleanup resources after shell tests exit 2015-02-17 11:27:54 -08:00
Jeff Lowdermilk
aa32f1b2ce Retry #4337: Make gce kubeconfig context include project 2015-02-13 13:31:50 -08:00
Satnam Singh
6625136d80 Enabled Elasticsearch cluster level logging for e2e test clusters 2015-02-13 11:15:47 -08:00
Zach Loafman
e2ec52bfdf Revert "Make gce's kubeconfig context include the gce project" 2015-02-12 17:01:06 -08:00
Satnam Singh
edea91e519 Merge pull request #4337 from jlowdermilk/kubeconfig 
Make gce's kubeconfig context include the gce project
 2015-02-12 15:22:26 -08:00
Jeff Lowdermilk
41547a1152 Fix kube-up bug introduced by #4353 2015-02-11 17:44:28 -08:00
roberthbailey
0194ed8575 Merge pull request #4353 from erictune/fix_get_password 
Don't fail get-password when no current-context.
 2015-02-11 15:25:24 -08:00
Eric Tune
c348b30f62 Update util.sh 2015-02-11 14:32:41 -08:00
Eric Tune
549504dfff Don't fail get-password when no current-context. 2015-02-11 14:25:15 -08:00
Rajat Chopra
56462c020a democratize restart-apiserver method across clouds 2015-02-11 13:44:43 -08:00
Jeff Lowdermilk
3da5d27ab2 Make gce's kubeconfig context include the gce project 
Change the .kubeconfig context that gce kube-up creates to project
+ instance prefix, so you can spin up clusters with the same name
in different compute projects without overwriting .kubeconfig.
 2015-02-11 12:07:59 -08:00
Brendan Burns
49a9f8b512 Fix kube-up.sh for OS X. 2015-02-06 16:35:39 -08:00
Jeff Lowdermilk
8f6d9c1039 Use config output formatting to get password in gce kube-up 
Gets rid of e2e dependency on pyyaml.
 2015-02-05 14:54:45 -08:00
Zach Loafman
ffe6149d51 Merge pull request #4097 from jlowdermilk/fix-jenkins-e2e 
Fix get-password for gce
 2015-02-03 20:09:48 -08:00
Jeff Lowdermilk
06aa8bd164 Fixes get-password for gce 2015-02-03 19:38:24 -08:00
Zach Loafman
2f546ce649 Parameterize ENABLE_{NODE,CLUSTER}_{LOGGING,MONITORING} and LOGGING_DESTINATION 
In config-{default,test.sh}. This will make it possible for e.g.
Jenkins to override LOGGING_DESTINATION. Also reorder the parameters
so they're in the same order across files for easier scanning.
 2015-02-03 17:23:17 -08:00
Brendan Burns
baba7d6004 Merge pull request #4034 from jlowdermilk/kube-up 
Use kubectl to manage config for gce clusters
 2015-02-03 14:50:38 -08:00
Alex Robinson
793677e8e2 Merge pull request #4062 from dchen1107/image 
Upgrade to container-vm-v20150129 image
 2015-02-03 10:50:28 -08:00
Zach Loafman
ae27f29c56 Reinstate cluster logging URLs to the end of kube-up.sh 
Adds labels to the services, waits for them to be created (which
should be instant, but just in case), query the forwarding rules like
as we did before.

Fixes #3893
 2015-02-03 08:27:02 -08:00
Dawn Chen
f919b3e9c6 Upgrade to container-vm-v20150129 image 2015-02-02 16:57:43 -08:00
Jeff Lowdermilk
e0ec192869 Use kubeconfig to manage config for gce/e2e clusters 2015-02-02 15:02:25 -08:00
Tim Hockin
a1b51d9165 Maybe make services e2e test more resilient to GCE errors 2015-01-29 15:50:46 -08:00
Satnam Singh
72c1820055 Generate IP addresses for minions of large GCE clusters 
Use env for for subnet size
 2015-01-27 16:11:39 -08:00
Zach Loafman
a305269e18 Deferred creation of SkyDNS, monitoring and logging objects 
This implements phase 1 of the proposal in #3579, moving the creation
of the pods, RCs, and services to the master after the apiserver is
available.

This is such a wide commit because our existing initial config story
is special:

* Add kube-addons service and associated salt configuration:
** We configure /etc/kubernetes/addons to be a directory of objects
that are appropriately configured for the current cluster.
** "/etc/init.d/kube-addons start" slurps up everything in that dir.
(Most of the difficult is the business logic in salt around getting
that directory built at all.)
** We cheat and overlay cluster/addons into saltbase/salt/kube-addons
as config files for the kube-addons meta-service.
* Change .yaml.in files to salt templates
* Rename {setup,teardown}-{monitoring,logging} to
{setup,teardown}-{monitoring,logging}-firewall to properly reflect
their real purpose now (the purpose of these functions is now ONLY to
bring up the firewall rules, and possibly to relay the IP to the user).
* Rework GCE {setup,teardown}-{monitoring,logging}-firewall: Both
functions were improperly configuring global rules, yet used
lifecycles tied to the cluster. Use $NODE_INSTANCE_PREFIX with the
rule. The logging rule needed a $NETWORK specifier. The monitoring
rule tried gcloud describe first, but given the instancing, this feels
like a waste of time now.
* Plumb ENABLE_CLUSTER_MONITORING, ENABLE_CLUSTER_LOGGING,
ELASTICSEARCH_LOGGING_REPLICAS and DNS_REPLICAS down to the master,
since these are needed there now.

(Desperately want just a yaml or json file we can share between
providers that has all this crap. Maybe #3525 is an answer?)

Huge caveats: I've gone pretty firm testing on GCE, including
twiddling the env variables and making sure the objects I expect to
come up, come up. I've tested that it doesn't break GKE bringup
somehow. But I haven't had a chance to test the other providers.
 2015-01-21 12:25:50 -08:00
Vishnu Kannan
50c32fbba4 Adding a replication controller for all monitoring pods. 
Removed auth for Grafana to facilitate usage via service proxy on the api-server.
Added a grafana service
Removed elasticsearch dependency for monitoring - faster startup times.
 2015-01-16 18:37:46 +00:00
Zach Loafman
43cd9e91f6 Revert "Adding a replication controller for all monitoring pods." 2015-01-16 07:16:54 -08:00
Satnam Singh
d443dd8ea6 Merge pull request #3489 from vishh/monitoring_rc 
Adding a replication controller for all monitoring pods.
 2015-01-15 18:18:54 -08:00
Vishnu Kannan
ca2267e3e9 Adding a replication controller for all monitoring pods. 
Removed auth for Grafana to facilitate usage via service proxy on the api-server.
Added a grafana service
Removed elasticsearch dependency for monitoring - faster startup times.
 2015-01-16 00:56:51 +00:00
roberthbailey
0b9f6bc8bb Merge pull request #3528 from satnam6502/fixoutput 
Report project and zone only once for GCE
 2015-01-15 13:35:48 -08:00
Satnam Singh
1bff012c36 Convert basic.sh e2e test to Go 2015-01-15 11:41:29 -08:00
Satnam Singh
9ba6525597 Report project and zone only once 2015-01-15 11:21:42 -08:00
Dawn Chen
ba8b4518c1 Upgrade OSS k8s on GCE to latest containervm image: container-vm-v20150112 2015-01-14 16:17:57 -08:00
Satnam Singh
295bd3768d Launch Elasticsearch and Kibana automatically 2015-01-09 13:41:46 -08:00
Joe Beda
9aa48b7628 Move heapster data files to cluster/addons. 
Also pretty up the JSON (make it real JSON) and streamline the sed in cluster/gce/init.sh.
 2015-01-05 12:32:35 -08:00
Alex Robinson
8b38453501 Allow for easily specifying the type and size of minion disks on GCE. 
Issue #3192
 2015-01-03 16:57:16 -08:00
Tim Hockin
7dec65f535 Merge pull request #3156 from evenemento/master 
Add missign network flag
 2014-12-29 14:06:01 -08:00
Tim Hockin
59164ca844 Make DNS an option for cluster turnup 2014-12-29 09:18:12 -08:00
Maciej Chmielarski
d6a747481c Add missign network flag 2014-12-29 12:59:02 +01:00
Joe Beda
5038fc0ffa Merge pull request #3056 from zmerlynn/testtar 
Allow parameterization by environment in cluster/gce/config-test.sh
 2014-12-19 14:38:03 -08:00
Zach Loafman
94545889fc Allow parameterization by environment in cluster/gce/config-test.sh 
Between this and careful use of "export HOME=/somewhere_else_for_auth/",
you can effectively get ghetto CLI profiles (for GCE tests).
 2014-12-19 13:38:33 -08:00
Max Forbes
c3efef86d0 Add GKE as a provider. 2014-12-19 11:47:06 -08:00
bgrant0607
4943ee7b65 Merge pull request #3034 from a-robinson/pd-up 
Store all of the master's persistent data on a separate "data" PD when running on GCE
 2014-12-18 16:05:47 -08:00
Vishnu Kannan
aa7a311c34 Fix bug in gce monitoring setup. 2014-12-18 20:47:41 +00:00
Alex Robinson
f892e84e0a Store all of the master's persistent data on a separate "data" 
persistent disk when running on GCE.

I'll follow up soon with a second PR that enables kube-push to
completely bring down the master VM and replace it with a new one.
 2014-12-18 20:24:57 +00:00
CJ Cullen
90364b30b0 Only create a single firewall rule for all minions. 2014-12-17 17:10:07 -08:00
Joe Beda
2fc02cb06a Quote strings in bash populated YAML files. 
Quoting is hard.  When writing strings into YAML files, wrap them in single quotes.  Also escape any embedded single quotes in those strings via a double signle quote ('').
 2014-12-16 16:13:46 -08:00
Max Forbes
bea37d5b17 Fix up e2e tests. 2014-12-15 11:53:51 -08:00
deads2k
fd53795bc9 fix e2e for all providers except gce 2014-12-15 11:04:13 -05:00
Satnam Singh
91a75c7620 Add missing detect-project to detect-minions 2014-12-12 15:29:58 -08:00
Satnam Singh
1ce71d1e33 Make multiple attempts to sanity check (GCE) and validate (ALL) cluster 2014-12-12 13:53:57 -08:00
Satnam Singh
d0eeebaa66 Make kube-down more robust for GCE provider 2014-12-11 14:47:38 -08:00
Dawn Chen
d767e71475 Using container-vm-v20141208 as the default image on GCE. 2014-12-09 17:11:23 -08:00
Brendan Burns
8364fa5c93 Fix detect-minions. 2014-12-05 15:42:28 -08:00
Jeff Lowdermilk
a1faab9ffe Merge pull request #2730 from satnam6502/scripting 
Add missing project argument to gcloud commands
 2014-12-04 14:30:20 -08:00
Satnam Singh
fcfdd48f8d Add missing project argument to gcloud commands 2014-12-03 15:38:40 -08:00
Satnam Singh
c2348052b0 Fix the addition of the logging.write scope to the MINION_SCOPES array 2014-12-02 20:25:26 -08:00
Steve Reed
d229c5ba51 Proper appending of logging.write scope to array 2014-12-02 10:29:10 -08:00
Joe Beda
f8505cd286 For GCE, allow insecure registries anywhere in 10.0.0.0/8. 2014-12-01 11:36:08 -08:00
Tim Hockin
47141f05c7 standard config opt names: logging 2014-11-25 17:41:53 -08:00
Tim Hockin
52ad94d766 standard config opt names: node monitoring 2014-11-25 17:39:28 -08:00
Tim Hockin
fad806d1d1 standard config opt names: cluster monitoring 2014-11-25 17:38:30 -08:00
Tim Hockin
e359ad5902 Change tabs to spaces 2014-11-25 17:36:41 -08:00
Joe Beda
6d65805508 fixup! Convert gcutil to gcloud compute 2014-11-25 15:20:01 -08:00
Joe Beda
6ba07b38fc Convert gcutil to gcloud compute 2014-11-25 15:17:00 -08:00
Joe Beda
4a5a69b520 Upgrade docker to 1.3.2. 2014-11-25 14:46:25 -08:00
Joe Beda
12add3bc66 Merge pull request #2579 from brendandburns/e2e 
Add an e2e test for gce pd.
 2014-11-25 09:08:40 -08:00
Brendan Burns
e1764e2e01 Add an e2e test for gce pd. 
Add an example for gce pd.
Add an extra log message.
 2014-11-25 09:02:00 -08:00
Dawn Chen
1900f0db98 Enable Docker Cache for OSS on gce. 2014-11-24 16:51:17 -08:00
Dawn Chen
e13ce48676 Enable docker registry cache. By default it is off 2014-11-21 17:13:22 -08:00
Eric Tune
67adf6473e Don't reference non-existent token file if not GCE. 2014-11-18 00:23:41 -08:00
Eric Tune
46dcacfa93 Kubelet talks securely to apiserver. 
Configure apiserver to serve Securely on port 6443.
Generate token for kubelets during master VM startup.
Put token into file apiserver can get and another file the kubelets can get.
Added e2e test.
 2014-11-18 00:23:41 -08:00
Brendan Burns
cea52d7e4f Merge pull request #2409 from mattmoor/master 
Implements a credentialprovider library for use by DockerPuller.
 2014-11-17 21:53:25 -08:00
Matt Moore
0c5d9ed0d2 Implements a credentialprovider library for use by DockerPuller. 
This change refactors the way Kubelet's DockerPuller handles the docker config credentials to utilize a new credentialprovider library.

The credentialprovider library is based on several of the files from the Kubelet's dockertools directory, but supports a new pluggable model for retrieving a .dockercfg-compatible JSON blob with credentials.

With this change, the Kubelet will lazily ask for the docker config from a set of DockerConfigProvider extensions each time it needs a credential.

This change provides common implementations of DockerConfigProvider for:
 - "Default": load .dockercfg from disk
 - "Caching": wraps another provider in a cache that expires after a pre-specified lifetime.

GCP-only:
 - "google-dockercfg": reads a .dockercfg from a GCE instance's metadata
 - "google-dockercfg-url": reads a .dockercfg from a URL specified in a GCE instance's metadata.
 - "google-container-registry": reads an access token from GCE metadata into a password field.
 2014-11-17 21:46:54 -08:00
Joe Beda
7b5a77c56c Fix breakage when bringing down cluster. 2014-11-17 11:26:25 -08:00
Joe Beda
c82bd2127f Fix up formatting and sed usage for heapster deploy. 
Also, 'sed -i' isn't supported well across BSD and GNU versions of sed.  See http://stackoverflow.com/questions/5694228/sed-in-place-flag-that-works-both-on-mac-bsd-and-linux.  And we were editing files that were checked in to git with a password.  Instead, do this with class sed redirection in a temp dir.

Fixes #2400.
 2014-11-16 17:13:02 -08:00
Dawn Chen
a9defc413a Don't show Kubernetes username & password to console for heapster. 2014-11-13 23:08:55 -08:00
Vishnu Kannan
46a22b3c44 Fix monitoring setup script. 
Remove the firewall rule created for monitoring as part of kube-down.
Reuse master auth for Grafana.
 2014-11-13 16:43:05 -05:00
Joe Beda
ee2f030623 Give the API server access to TLS certs. 
Moved the cert generation to a separate salt state and put it in a more appropriate sharable location (`/srv/kubernetes/`).
 2014-11-12 18:14:24 -08:00
Dawn Chen
5ab6947bdd Merge pull request #2307 from satnam6502/logbydefault 
Turn on Elasticsearch logging by default for GCE platform
 2014-11-12 10:03:06 -08:00
Dawn Chen
d71408f465 Merge pull request #2321 from jimmydivvy/fix_linux_md5sum 
Strip extra '-' from md5sum output when creating S3 bucket
 2014-11-12 10:00:13 -08:00
James Davies
ff5a425b67 Strip extra '-' from md5sum output when creating GCE projects 2014-11-12 17:04:01 +10:00
Brendan Burns
4faefda415 Really fix the gce turn up script. 2014-11-11 20:55:12 -08:00
Joe Beda
4f62efcc23 Fix kube-push.sh 2014-11-11 17:10:56 -08:00
Brendan Burns
fa8e0f6a6f Merge pull request #2296 from brendandburns/fix 
Fix paths for kubectl
 2014-11-11 16:23:11 -08:00
Satnam Singh
d837f16045 Turn on Elasticsearch logging by default for GCE platform 2014-11-11 14:49:42 -08:00
Haney Maxwell
fae27e2f17 Clean up e2e test 2014-11-11 11:03:07 -08:00
Brendan Burns
0393212624 Fix paths for kubectl 2014-11-11 10:49:44 -08:00
Joe Beda
dba0f2d661 Fix typo in README 2014-11-10 13:09:58 -08:00
Joe Beda
887c9b18d6 Install Salt from debs on GCS. 
Also make downloading more reliable and run 'highstate' after install for good measure.  As part of this we no longer use gsutil to download and have to make 'staged' binaries in GCS publicly readable.
 2014-11-07 16:16:45 -08:00
Vishnu Kannan
37af9210ba Improve the monitoring setup script and fix bugs in the monitoring config. 2014-11-07 19:27:52 +00:00
Vishnu Kannan
ad9cb982e5 Add an option for enabling monitoring in gce/config-default.sh and disable it 
for tests.
Updated heapster readme.
 2014-11-07 00:47:56 +00:00
Vishnu Kannan
edf6d8ee3f Use Heapster as an in-built monitoring solution for Kubernetes in GCE. 
Users will have an option to enable it when they setup their cluster (kube-up).
 2014-11-07 00:47:56 +00:00
Joe Beda
4c8dbbc346 Use the Container VM image in the google-cloud project. 
Fixes #2078
 2014-10-30 11:29:25 -07:00
Joe Beda
78df01172a Merge pull request #1747 from pietern/vsphere-binary-deploy 
vSphere support for binary deploys
 2014-10-29 16:52:12 -07:00
Filipe Brandenburger
5619fb2f45 Merge pull request #2046 from dchen1107/containervm 
Using containervm image for gce by default
 2014-10-29 14:49:17 -07:00
Pieter Noordhuis
1152471db7 Split reactor files 
There now are reactor files to run highstate on:

* New nodes only
* Master nodes
* Minion nodes
 2014-10-29 11:30:09 -07:00
Dawn Chen
18685d49ed Using containervm image for gce by default 2014-10-29 09:42:50 -07:00
Dawn Chen
03503a5627 Always check default-internal firewall absent or not; if not, create it 
anyway.
 2014-10-28 13:55:52 -07:00
Daniel Smith
bfabb41604 New e2e script (in go this time) that doesn't completely suck 2014-10-23 11:03:30 -07:00
Brendan Burns
86e67c0fe2 Fix GCE since KUBE_ADMIN_TOKEN is never set, since get-admin-token is never called. 2014-10-21 21:13:24 -07:00
Satnam Singh
605314ff62 Second attempt at correctly unspecting FLUENTD_GCP 2014-10-21 14:58:03 -07:00
Satnam Singh
ed58d024ca Check to see if FLUENTD_GCP is defined before use 2014-10-21 12:18:42 -07:00
Clayton Coleman
fa4e186e54 Merge pull request #1911 from erictune/token_client 
Handle auth files with BearerToken sections.
 2014-10-21 14:08:42 -04:00
Satnam Singh
39212f5e2e Flunentd to GCP logging node level configuration 2014-10-20 18:05:00 -07:00
Eric Tune
21dae01005 Handle auth files with BearerToken sections. 2014-10-20 17:02:03 -07:00
Satnam Singh
b7722a631d Adjust test in salt file to use boolean value 2014-10-20 15:52:28 -07:00
Robert Bailey
216cc64975 Bump up the default machine size on GCP. 2014-10-20 13:02:28 -07:00
Tim Hockin
1c2f04b8b7 Add e2e test 2014-10-16 08:36:47 -07:00
Tim Hockin
e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Joe Beda
81635a2549 Remove duplicate code for GCE cluster start 2014-10-15 10:21:22 -07:00
Joe Beda
9bb20b41ee Break out dynamic salt files to enable clean kube-push. 
This lets us blow away salt files and replace them with a new version while keeping a tree of "overlay" files that are cluster specific and generated at cluster up time.

Fixes #1783
 2014-10-14 15:01:43 -07:00
Joe Beda
e397371b95 Fix up project hash on linux 
Somehow this got dropped!
 2014-10-10 14:24:35 -07:00
Joe Beda
96c1bc17ca Set shell options for reliability. 
Tweak a few other small things in our shell scripts.
 2014-10-10 12:33:36 -07:00
Joe Beda
d43a6ec5a3 Standardize how we refer to the kubernetes root. 
Now use $KUBE_ROOT as the variable pretty much everywhere.
 2014-10-10 12:33:36 -07:00
Joe Beda
15cd6f07d6 Use binary releases for cluster push scripts. 
This is for GCE right now.  Other clouds/clusters are probably broken.
 2014-10-10 12:30:11 -07:00
Danny Jones
4ec25f3b81 Adds support for attaching GCEPersitentDisks 
Adds GCEPersistentDisk volume struct
Adds gce-utils to attach disk to kubelet's VM.
Updates config to give compute-rw to every minion.
Adds GCEPersistentDisk to API
Adds ability to mount attached disks
Generalizes PD and adds tests.
PD now uses an pluggable API interface.
Unit Tests more cleanly separates TearDown and SetUp
Modify boilerplate hook to omit build tags
Adds Mounter interface; mount is now built by OS
TearDown() for PD now detaches disk on final refcount
Un-generalized PD; GCE calls moved to cloudprovider

Address comments.
 2014-10-08 20:03:59 -07:00
Justin Lindh
4f31b1918f Add configurable sleep between polling intervals for GCE status 2014-10-02 12:47:40 -06:00
Joe Beda
c323179d9b Don't print Kubernetes username/password to console. 
It is too easy to copy/paste this on-line.

Fixes #1483
 2014-09-29 13:18:29 -07:00
Joe Beda
7cadeb2af3 Change back to generic image description now that GCE is fixed. 2014-09-29 11:30:39 -07:00
Joe Beda
4ae3fa521e For GCE hard code backports image version as autodetection is currently broken. 2014-09-29 10:31:34 -07:00
Joe Beda
81e91db697 Grab images as part of update e2e test 2014-09-26 14:31:12 -07:00
Brendan Burns
511ec280b9 Add a new network for e2e tests, to isolate it from any other cluster. 2014-09-24 22:37:19 -07:00
Brendan Burns
e21f5f7c8f Fix the scripts. 2014-09-24 11:04:25 -07:00
Brendan Burns
8398dbd367 Fix the scripts. 2014-09-24 09:57:24 -07:00
Brendan Burns
cafd20b233 Complete the mitm prevention on GCE. 2014-09-23 16:51:04 -07:00
Brian Grant
b9eee0f0c7 Replace --lines= with -n to fix tail on mac os. 2014-09-23 14:16:43 +00:00
Brian Grant
cf60f4fa7d Fixes #1392. Redirects error messages to stderr so users can see them. 2014-09-22 17:25:25 +00:00
Carlos Sanchez
588a428175 [GCE] detect-master and detect-minions api calls should specify the zone 
Otherwise KUBE_MASTER_IP and KUBE_MINION_IP_ADDRESSES may contain 'external-ip'

    $ detect-master
    Using master: kubernetes-master (external IP: external-ip)'
 2014-09-02 13:47:26 +02:00
Brendan Burns
514f443854 Move healthz checking to cluster validation. Switch to code == 200 2014-08-20 15:52:29 -07:00
Brendan Burns
aa9d0d774c Uniquify the http firewall rule between different runs of the e2e tests. 2014-08-19 16:35:11 -07:00
Tim Hockin
03ade159c3 Proper ip-per-pod on GCE. 
Back out the second iptables rule, now that we know what the problem was - we
need to open a firewal rule on each minion.
 2014-08-15 15:54:20 -07:00
Joe Beda
629f964791 Fix e2e teardown 2014-08-14 13:57:50 -07:00
Brendan Burns
9f49650fba Add a tear down option to the e2e, that just tears down the cluster 
Useful for cleaning state after failed runs.
 2014-08-14 09:58:40 -07:00
Amy Unruh
f9bbddf892 minor docs/error msg cleanup 2014-08-06 15:43:27 -07:00
Tim Hockin
f9f8db5171 Fix indents 2014-08-04 11:42:33 -07:00
derekwaynecarr
69ae2fe4bb Initial vagrant setup and e2e testing support 2014-07-24 16:32:36 -04:00