github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
50,248 Commits 1 Branch 31 Tags 1,019 MiB
49b51c2de8
Commit Graph

1257 Commits

Author SHA1 Message Date
Satnam Singh
53ec5e38c7 Remove the use of secrets from node level logging agents 2015-05-13 10:11:07 -07:00
Filip Grzadkowski
eecd7b8c0f Revert "Set GOMAXPROCS for etcd" 2015-05-13 17:53:04 +02:00
Robert Bailey
c47b9178b4 Replace the auth config file with a kubeconfig file when 
starting the kubelet on GCE.
 2015-05-13 01:03:28 -07:00
CJ Cullen
31ea7d1295 Put cbr0-modifying stuff behind a flag. Address some other comments. 2015-05-12 23:00:28 -07:00
Alex Robinson
a98d883134 Merge pull request #8121 from satnam6502/fluentd-gcp 
Convert node level logging to Cloud Logging to use token-system-logging
 2015-05-12 14:26:46 -07:00
Alex Robinson
96cb4360fa Merge pull request #8120 from satnam6502/fluentd-es 
Convert nodel level logging to ES to use token-system-logging
 2015-05-12 14:26:28 -07:00
Nikhil Jindal
d75bd8bf2a Merge pull request #7101 from liggitt/service_account 
ServiceAccounts
 2015-05-12 10:23:41 -07:00
Satnam Singh
ade18e4ff3 Conver node level logging to Cloud Logging to use token-system-logging 2015-05-12 10:17:45 -07:00
Satnam Singh
f9af0658fa Convert nodel level logging to ES to use token-system-logging 2015-05-12 10:07:49 -07:00
Alex Robinson
e2b7ef8d2c Merge pull request #8078 from satnam6502/fluentd-gcp 
Convert Fluentd to Cloud Logging pod specs to YAML
 2015-05-11 16:55:14 -07:00
Satnam Singh
e246685468 Convert Fluentd to Cloud Logging pod specs to YAML 2015-05-11 14:55:46 -07:00
Satnam Singh
2f5ba28a17 Switch Fluentd to ES manifest back to YAML 2015-05-11 14:37:41 -07:00
Jordan Liggitt
db1f0dc906 JWT token generation/verification 2015-05-11 17:18:06 -04:00
Robert Bailey
6c42cb154b Stop copying certs into /usr/share/nginx/ since nothing relies 
on that location any longer.
 2015-05-11 11:44:19 -07:00
Wojciech Tyczynski
600b00f2b1 Merge pull request #7863 from fgrzadkowski/etcd_maxprocs 
Set GOMAXPROCS for etcd
 2015-05-07 10:09:29 +02:00
Filip Grzadkowski
7e8bde53dd Set GOMAXPROCS for etcd 2015-05-07 08:11:39 +02:00
CJ Cullen
f0c26052eb Fix controller-manager manifest for providers that don't specify CLUSTER_IP_RANGE 2015-05-06 17:50:04 -07:00
Maxwell Forbes
7426b533df Merge pull request #7862 from cjcullen/cbr0 
Remove restriction that cluster-cidr be a class-b
 2015-05-06 15:46:57 -07:00
saadali
4569de7a46 Enable Google Cloud Monitoring and Google Cloud Logging instead of 
Influxdb for Google Compute Engine deployments.
 2015-05-06 15:23:40 -07:00
CJ Cullen
fbd125e4e2 Remove restriction that cluster-cidr be a class-b 2015-05-06 15:01:13 -07:00
Mark Lamourine
b7c1b7eed2 Added port 6443 to kube-proxy default IP address for api-server 
added  api_servers_with_port variable and settings.

removed extra port string

split azure api_server host and port out
 2015-05-06 12:43:24 +00:00
Robert Bailey
357df12c02 Set allocate_node_cidrs to be blank by default. 2015-05-05 23:41:30 -07:00
Jerzy Szczepkowski
e967ffd522 Added flag to set cluster class B network address for pods, add flag to disable allocation CIDRs for Pods. Fixed synchornization bug in NodeController registerNodes(). 2015-05-05 16:10:43 -07:00
Jeff Lowdermilk
87cdc3f032 Merge pull request #7672 from eparis/boilerplate-python 
Check license boilerplate for python files
 2015-05-05 09:23:36 -07:00
Chris Moos
1b814ffd2c Add safe_format_and_mount to hyperkube image. 
* Add volume format script into hyperkube image.
* Fix issue with format script on non-redhat platforms.
 2015-05-04 21:25:39 -07:00
Zach Loafman
2b3e52c230 Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 16:33:00 -07:00
Eric Paris
f416289a85 update all python with boilerplate 2015-05-04 18:37:47 -04:00
Robert Bailey
e3ff2dc02d Merge pull request #7678 from justinsb/aws_api_on_443 
AWS: Change apiserver to listen on 443 directly, not through nginx
 2015-05-04 13:52:57 -07:00
Daniel Smith
fbe3ec7513 Merge pull request #7316 from ArtfulCoder/master_components_logs 
logs for master components
 2015-05-04 11:20:03 -07:00
Justin Santa Barbara
57f7b658bb AWS: Change apiserver to listen on 443 directly, not through nginx 
Mirrors changes in GCE.  I think the same changes will be needed for vagrant.
 2015-05-02 16:59:04 -04:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Satnam Singh
941a457851 Trim Fleuntd tag for Cloud Logging 2015-04-30 13:39:35 -07:00
Satnam Singh
e65f0aafd5 Trim cluster log tags to pod name and container name 2015-04-29 18:24:13 -07:00
Abhishek Shah
96439b5a52 logs for master components 2015-04-29 09:51:09 -07:00
Robert Bailey
8206aa9eac Salt configuration to add basic auth to GCE. 2015-04-28 14:07:54 -07:00
Satnam Singh
4a0cc7905d Convert node level logging agents to v1beta3 2015-04-27 17:21:42 -07:00
CJ Cullen
39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
derekwaynecarr
81e9395533 Fix vagrant regression due to #7326 2015-04-27 17:18:30 -04:00
Eric Tune
9044177bb6 Generate a token for kube-proxy. 
Tested on GCE.
Includes untested modifications for AWS and Vagrant.
No changes for any other distros.
Probably will work on other up-to-date providers
but beware.  Symptom would be that service proxying
stops working.

 1. Generates a token kube-proxy in AWS, GCE, and Vagrant setup scripts.
 1. Distributes the token via salt-overlay, and salt to /var/lib/kube-proxy/kubeconfig
 1. Changes kube-proxy args:
   - use the --kubeconfig argument
   - changes --master argument from http://MASTER:7080 to https://MASTER
     - http -> https
     - explicit port 7080 -> implied 443

Possible ways this might break other distros:

Mitigation: there is an default empty kubeconfig file.
If the distro does not populate the salt-overlay, then
it should get the empty, which parses to an empty
object, which, combined with the --master argument,
should still work.

Mitigation:
  - azure: Special case to use 7080 in
  - rackspace: way out of date, so don't care.
  - vsphere: way out of date, so don't care.
  - other distros: not using salt.
 2015-04-27 08:59:57 -07:00
Robert Bailey
846ffcff83 Pass the CA root cert into the apiserver so that the apiserver will 
perform client cert checks for authorization. Only enable on GCE where
the apiserver is terminating SSL connections from end users.
 2015-04-24 22:01:56 -07:00
Nikhil Jindal
84cb48be11 Merge pull request #7246 from satnam6502/es 
Convert Elasticsearch logging to v1beta3 and de-salt
 2015-04-24 09:21:41 -07:00
CJ Cullen
80af1c9e40 kube2sky using kubeconfig secret: take 2. Point system secrets at https://kubernetes. Override in clients that can't use DNS. 2015-04-23 18:13:16 -07:00
Satnam Singh
c9b9e7651e Convert Elasticsearch logging to v1beta and de-salt 2015-04-23 13:06:15 -07:00
Dawn Chen
f9156c281a Merge pull request #7123 from satnam6502/logging 
Propagate pod and container name for log files
 2015-04-23 10:13:08 -07:00
Satnam Singh
2444c1f943 Propagate pod and container name for log files 2015-04-22 15:08:51 -07:00
Dawn Chen
87e0d5da08 Merge pull request #7186 from ArtfulCoder/no_log_pod_on_master 
removed elasticsearch and fluentd-gcp pods from master
 2015-04-22 14:40:07 -07:00
Abhishek Shah
8cf11fd608 removed elasticsearch and fluentd-gcp pods from master 2015-04-22 12:54:57 -07:00
Robert Bailey
dc45f7f9e6 Remove nginx and replace basic auth with bearer token auth for GCE. 
- Configure the apiserver to listen securely on 443 instead of 6443.
 - Configure the kubelet to connect to 443 instead of 6443.
 - Update documentation to refer to bearer tokens instead of basic auth.
 2015-04-22 11:11:20 -07:00
Eric Tune
b944049fe9 Merge pull request #6916 from ArtfulCoder/controller-in-a-pod 
kube-controller-manager in a pod.
 2015-04-21 09:58:29 -07:00
Justin Santa Barbara
29592356f7 Rename salt minion_ip to hostname_override 
Prep work for making AWS node identifier -> instance id
 2015-04-21 06:24:49 -07:00
CJ Cullen
1be193098a Merge pull request #7072 from dchen1107/cleanup 
Remove fqdn dependency for node name
 2015-04-20 18:00:21 -07:00
Abhishek Shah
f513aad380 kube-controller-manager in a pod. 2015-04-20 16:06:37 -07:00
Eric Tune
c3203cba6d Create system secrets in kubeconfig format 
Was previously kubernetes_auth format.

Added defaults file which uses salt to fill in an env var
with the master's IP.

More thought needs to be given soon to how to make this
connection use a cert for the master, and how to support
multiple masters, and whether to use the DNS record
instead of an IP address.  But this PR unblocks some other
more urgent things, so doing it this way.
 2015-04-20 15:02:45 -07:00
Kenjiro Nakayama
2e702b0c61 Replace hostname -f with uname -n 2015-04-20 14:16:21 -07:00
Eric Tune
424ae1d67a Fix kube-addon retrying. 2015-04-20 07:38:39 -07:00
Robert Bailey
972cf60d2b Merge pull request #6957 from ArtfulCoder/no_monit 
remove unused file
 2015-04-17 11:40:36 -07:00
Abhishek Shah
b08102d358 remove unused file 2015-04-16 21:51:51 -07:00
Abhishek Shah
647d5948a1 Docker Image install script - Sleep before each iteration of while loop 2015-04-16 21:46:35 -07:00
Derek Carr
6c394e4d81 Merge pull request #6911 from erictune/del_kub_user 
Remove unused kubelet user from salt.
 2015-04-16 11:45:26 -04:00
Eric Tune
955cc1e1df Remove unused kubelet user from salt. 
Fixes #1512.

Cluster creation and validation succeeds with this change.
 2015-04-16 07:46:56 -07:00
litian54
b5e4111234 Fix Jinja render bug if 'portal_net' or 'cluster_name' is undefined 2015-04-15 17:17:38 -07:00
Abhi Shah
72a694b6b3 Merge pull request #6823 from ArtfulCoder/scheduler-in-a-pod 
Scheduler in a pod
 2015-04-15 08:27:28 -07:00
Abhishek Shah
a908bb78ea kube-scheduler in a pod 2015-04-14 17:53:12 -07:00
Quinton Hoole
cd6daae014 Merge pull request #6271 from a-robinson/asynclb 
Manage load balancer creation and deletion asynchronously in a ServiceController
 2015-04-14 17:50:07 -07:00
Abhishek Shah
37eb4d85e1 Install kube-controller-manager image 2015-04-14 16:45:39 -07:00
Abhishek Shah
682e8cfa99 Load Kube Scheduler Image. 2015-04-14 15:20:24 -07:00
Alex Robinson
ccc300289f Implement a ServiceController that watches services and handles keeping 
external load balancers up-to-date based on the service's specs, using
the new DeltaFIFO watch queue class. Remove the old registry REST
handler code for creating/updating/deleting load balancers.

Also clean up a bunch of the GCE cloudprovider code related to load balancers.
 2015-04-14 18:56:24 +00:00
Justin Santa Barbara
72687184b9 Don't always use aws.conf 
We don't usually need it, and it makes it harder to put apiserver into a container.
 2015-04-14 09:30:00 -07:00
Abhishek Shah
c9d7010461 kube-apiserver in a pod. 2015-04-13 15:15:45 -07:00
Dawn Chen
67169ec87d Merge pull request #6719 from litian54/master 
Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minio...
 2015-04-13 10:42:48 -07:00
Dawn Chen
7f2f165797 Revert "kube-apiserver in a pod." 2015-04-10 22:54:52 -07:00
litian54
36ef786228 Fix Rendering SLS 'base:nginx' failed if 'cloud' is not defined in minion grains 2015-04-10 18:27:22 -07:00
Abhishek Shah
2f70395396 kube-apiserver in a pod. 2015-04-10 15:46:49 -07:00
Justin Santa Barbara
a366f9ee88 Create the /usr/share/google dir in salt 2015-04-10 13:25:43 -07:00
Justin Santa Barbara
b9fd56050a Add safe_format_and_mount script to aws 
Apache licensed :-)
 2015-04-10 13:25:42 -07:00
Derek Carr
d2b6920a32 Merge pull request #6496 from ArtfulCoder/docker_image_install 
Load docker images of kubernetes components after docker is installed.
 2015-04-10 16:19:10 -04:00
Maxwell Forbes
7eb7387d97 Merge pull request #6403 from zmerlynn/salt_docs 
Update the existing salt.md, add the start of a Salt README tree
 2015-04-09 10:34:25 -07:00
Abhishek Shah
4996ccbf2d Load docker images of kubernetes components after docker is installed. 2015-04-09 09:06:42 -07:00
Dawn Chen
8ede54c511 Upgrade kubernetes to gcr.io/google_containers/etcd:2.0.9 2015-04-07 16:26:11 -07:00
Justin Santa Barbara
2426366ec8 Update cAdvisor with moved docker root on AWS 
We set up a symlink now, and we also pass docker_root into the kubelet.

The symlink is probably sufficient, but doing both feels safer.
 2015-04-07 10:40:22 -07:00
Abhishek Shah
a0ea2c6718 Disable nginx service 2015-04-06 18:38:03 -07:00
Zach Loafman
c292d2e8d6 Update the existing salt.md, add the start of a Salt README tree 
Starts to fix #6070
 2015-04-06 14:41:21 -07:00
Abhishek Shah
9231fae998 Prevent docker load. 2015-04-06 11:09:27 -07:00
Abhishek Shah
fb665ede4c Run etcd on localhost for all providers. 2015-04-03 14:00:44 -07:00
Abhishek Shah
23c42cd8b2 Etcd listens on localhost for GCE 2015-04-03 11:40:09 -07:00
Yu-Ju Hong
76f1232a2e Merge pull request #6404 from dchen1107/master 
Using gcr.io/google_containers/etcd:2.0.8
 2015-04-03 08:51:41 -07:00
Zach Loafman
de67b96ff7 Merge pull request #6396 from ArtfulCoder/master_logging 
Enable log collection from master.
 2015-04-02 18:50:30 -07:00
Abhishek Shah
39bb6d3777 Enable log collection from master. 2015-04-02 18:37:07 -07:00
Zach Loafman
12cf7681a9 Merge pull request #5470 from erictune/for-abhis 
Make secrets at cluster startup.
 2015-04-02 17:43:56 -07:00
Dawn Chen
814177c21b Using gcr.io/google_containers/etcd:2.0.8 2015-04-02 17:04:05 -07:00
Abhi Shah
a918a719e0 Merge pull request #6334 from brendandburns/nginx 
Add an nginx docker image for use on the master.
 2015-04-02 16:58:02 -07:00
Brendan Burns
9f48a2f4e6 Add an nginx docker image for use on the master. 2015-04-02 16:42:17 -07:00
Eric Tune
59daeabaee Make secrets at cluster startup. 
These secrets will be used in subsequent PRs by:
scheduler, controller-manager, monitoring services,
logging services, and skydns.

Each of these services will then be able to stop using kubernetes-ro
or host networking.
 2015-04-02 15:58:45 -07:00
Zach Loafman
c627a3598c Merge pull request #6384 from erictune/cleanup-addons.sh 
Use same addons script for init.d and systemd.
 2015-04-02 14:49:44 -07:00
Derek Carr
4ae016e022 Merge pull request #6382 from derekwaynecarr/fix_vagrant_kubelet 
Fix vagrant with etcd in pod
 2015-04-02 17:22:44 -04:00
Eric Tune
b9570b3daa Use same addons script for init.d and systemd. 2015-04-02 14:07:23 -07:00
derekwaynecarr
c6bf46acd7 Fix vagrant with etcd in pod 2015-04-02 16:55:29 -04:00
Dawn Chen
9b2f835a01 Merge pull request #6326 from ArtfulCoder/docker_image_creation 
Create Docker images for master components
 2015-04-02 13:12:17 -07:00
Abhishek Shah
b1b779a8d5 docker image creation 2015-04-02 12:39:12 -07:00
Filip Grzadkowski
65c2942a82 Increase ulimit -n for apiserver. 2015-04-02 17:01:23 +02:00
CJ Cullen
5e6e67ba59 Add an alternative TokenSource to the GCE CloudProvider. 2015-04-01 17:52:30 -07:00
Dawn Chen
ab1a8b1e7c Merge pull request #6298 from roberthbailey/kubelet-config 
Remove salt configuration that matches the default settings in the Kubelet.
 2015-04-01 14:31:31 -07:00
Derek Carr
2af9b54147 Merge pull request #6259 from zmerlynn/fix_cloud_provider 
Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack
 2015-04-01 17:04:05 -04:00
Robert Bailey
40ebed845f Remove salt configuration that matches the default settings in 
the Kubelet.
 2015-04-01 12:13:40 -07:00
Abhishek Shah
8e3a41b52c Run etcd 2.0.5 in a pod 2015-04-01 11:38:21 -07:00
Zach Loafman
b581320bf7 Eliminate grains.cloud_provider (in preference to grains.cloud) from SaltStack 
This variable can be entirely derived from grains.cloud, and it
simplifies the configuration somewhat. (Or someone convince me I'm
wrong. I'm happy to be wrong here.)
 2015-04-01 08:32:32 -07:00
Satnam Singh
73a9ab2928 Rename logging image to use google_containers 2015-03-31 16:00:52 -07:00
Victor Marmol
f0b3493c26 Merge pull request #6240 from zmerlynn/fix_apiservers 
s/apiservers/api_servers/ in Salt
 2015-03-31 13:06:09 -07:00
Zach Loafman
6c219885e0 s/apiservers/api_servers/ in Salt 
It looks like api_servers finally won this battle. Kill off the
last remaining places passing it, but allow the kubelet Salt to
accept apiservers for a period of time.

(This was bothering my OCD.)
 2015-03-31 12:29:46 -07:00
Abhishek Shah
541219db77 Retry kube-addons creation if kube-addons creation fails. 2015-03-30 18:14:54 -07:00
Robert Bailey
bc8af553a3 Configure the kubelet to bind a simple healthz server to a localhost 
port for monitoring by monit. This is in preparation for the standard
kubelet port to switch to SSL only (and eventually to only accepting
connections on the SSL port that present a proper client SSL cert).

Also standardize the formatting of the monit config files a bit.
 2015-03-30 14:20:30 -07:00
Victor Marmol
b9214d4fcf Merge pull request #6122 from satnam6502/fluentd-gcp 
Update Salt config to use gcr.io Fluentd to Cloud Logging agent
 2015-03-30 08:02:12 -07:00
Zach Loafman
848134fdfa Revert "Running etcd 2.0.5 in a pod on master" 2015-03-28 07:36:39 -07:00
Dawn Chen
179fe870cc Merge pull request #4442 from ArtfulCoder/docker_etcd 
Running etcd 2.0.5 in a pod on master
 2015-03-27 18:33:25 -07:00
Daniel Smith
525bbfd175 Merge pull request #6103 from zmerlynn/remove_gce_node_names 
Remove the --machines SaltStack configuration on GCE
 2015-03-27 17:55:16 -07:00
Abhishek Shah
7750f35e7c Running etcd 2.0.5 in a pod on master 2015-03-27 17:50:10 -07:00
Satnam Singh
666e2b69ac Update Salt config to use gcr.io Fluentd to Cloud Logging agent 2015-03-27 16:39:12 -07:00
Satnam Singh
ce1e73fccc Update Salt config use gcr.io Fluentd to ES image 2015-03-27 16:09:37 -07:00
Zach Loafman
68ccb97907 Remove the --machines SaltStack configuration on GCE 
Per https://github.com/GoogleCloudPlatform/kubernetes/issues/6072#issuecomment-87074456, this is no longer necessary.
We now no longer need a static node list. Woo!
 2015-03-27 14:44:19 -07:00
Abhishek Shah
d84ff79cfd Added a catchall to set api server ip address in kubelet cmd params 2015-03-27 08:44:52 -07:00
Piotr Szczesniak
c516aba8e8 Merge pull request #6043 from ArtfulCoder/kubelet_salt 
Modified salt config to get master ip address correctly
 2015-03-27 10:03:05 +01:00
Abhishek Shah
f35a352782 Modified salt config to get master ip address correctly 2015-03-26 21:17:06 -07:00
Abhishek Shah
d1015e785f Add salt configuration to remove cadvisor.manifest from master. cadvisor is now part of kubelet 2015-03-26 10:15:30 -07:00
Robert Bailey
268b617b84 Add local babysitting for the kube-proxy. 2015-03-25 23:24:24 -07:00
Brendan Burns
8bac135f85 Configure docker and kubelet on AWS master. 2015-03-24 17:19:06 -07:00
Satnam Singh
69f867dafb Upgrade etcd to v2.0.5 on the master 2015-03-23 13:52:04 -07:00
Justin Santa Barbara
60a07e972b Raise the file ulimit for kube-proxy for init.d systems 2015-03-19 19:36:13 -04:00
Satnam Singh
985d5c1f95 Add a prefix to the POS file for Fluentd to Elasticsearch 2015-03-17 13:13:03 -07:00
Satnam Singh
0212e68e91 Adjust POS file for Fluentd to Cloud Logging 2015-03-17 11:44:04 -07:00
Timothy St. Clair
140330fca8 Fix to address issue #5461 kube-proxy too many files open 
https://github.com/GoogleCloudPlatform/kubernetes/issues/5461
 2015-03-17 10:13:25 -05:00
Satnam Singh
d395efa463 Make Fluentd to Cloud Logging collector read from head 2015-03-16 16:19:07 -07:00
Derek Carr
440c720805 Merge pull request #5330 from zmerlynn/try_addons_again 
Retry object creation with --validate in kube-addons
 2015-03-16 10:43:39 -04:00
Victor Marmol
1a7f7245e7 Remove cAdvisor manifest from cluster startup. 
cAdvisor is now integrated into the Kubelet and runs inside of it.
 2015-03-13 16:06:42 -07:00
Brendan Burns
966e8301a0 Add kubelet to the master. 2015-03-13 12:09:24 -07:00
Satnam Singh
e16bcceceb Merge pull request #5390 from brendandburns/shell_sucks 
Configure docker on the master like we do on workers.
 2015-03-12 11:42:03 -07:00
Brendan Burns
17ff8fb421 Configure docker on the master like we do on workers. 2015-03-12 10:37:30 -07:00
Saad Ali
7629b616a7 Merge pull request #5348 from dchen1107/docker 
Check docker unixsocket periodically through monit. If failed, restart d...
 2015-03-11 17:42:58 -07:00
Dawn Chen
fe9e0ca5ce Check docker unixsocket periodically through monit. If failed, restart docker. 2015-03-11 17:20:03 -07:00
Zach Loafman
018b11bc3a Retry object creation with --validate in kube-addons 
The better solution is some fence with Salt, but the actual logs
provided in the bug don't support any race condition here, plus the
ordering in the Salt configuration seems correct.

We haven't seen this again in a while, but given the results of the
situation (a borked cluster), I'm proposing a relatively simple
workaround.

Fixes #4357 (dubiously)
 2015-03-11 14:40:37 -07:00
derekwaynecarr
f71a91a131 Fix regression introduced when moving to standalone salt 2015-03-11 11:06:00 -04:00
derekwaynecarr
468bf1da75 Enable common set of admission controllers across salt providers 2015-03-11 11:06:00 -04:00
Brian Grant
b3d3db08ef Merge pull request #5064 from justinsb/ignore_stopped_aws_instances 
Ignore EC2 instances that are stopped
 2015-03-10 11:03:34 -07:00
Alex Robinson
6700a7f230 Merge pull request #5253 from satnam6502/fluentd 
Modify Fluentd to ES setup to pass flags
 2015-03-10 10:46:26 -07:00
Brendan Burns
00f3779c6f Merge pull request #5119 from zmerlynn/salt_drones 
Change GCE to use standalone Saltstack config
 2015-03-10 10:29:59 -07:00
Satnam Singh
3ce0ede78e Modify Fluentd to ES setup to pass flags 2015-03-10 10:11:26 -07:00
Alex Robinson
8fd33476f0 Merge pull request #5218 from satnam6502/fluentd-es 
Change Fluentd config to read from head of Docker container logs
 2015-03-10 09:57:02 -07:00
Zach Loafman
120dba474e Change GCE to use standalone Saltstack config: 
Change provisioning to pass all variables to both master and node. Run
Salt in a masterless setup on all nodes ala
http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html,
which involves ensuring Salt daemon is NOT running after install. Kill
Salt master install. And fix push to actually work in this new flow.

As part of this, the GCE Salt config no longer has access to the Salt
mine, which is primarily obnoxious for two reasons: - The minions
can't use Salt to see the master: this is easily fixed by static
config. - The master can't see the list of all the minions: this is
fixed temporarily by static config in util.sh, but later, by other
means (see
https://github.com/GoogleCloudPlatform/kubernetes/issues/156, which
should eventually remove this direction).

As part of it, flatten all of cluster/gce/templates/* into
configure-vm.sh, using a single, separate piece of YAML to drive the
environment variables, rather than constantly rewriting the startup
script.
 2015-03-10 09:04:29 -07:00
derekwaynecarr
22e559d769 Provision network before kubelet 2015-03-10 10:30:50 -04:00
Satnam Singh
2486de1287 Change Fluentd config to read from head of Docker container logs 2015-03-09 23:25:52 -07:00
Justin Santa Barbara
a3ae480acc Ignore EC2 instances that are stopped 
Otherwise we pick up previous cluster instances (in EC2, stopped instances hang around for
a while - maybe 30 minutes?)
 2015-03-09 19:03:46 -07:00
Dawn Chen
7a47ea8913 Ask monit health check kubelet; if failed, restart. 2015-03-05 17:29:38 -08:00
derekwaynecarr
35ab4ccc6d Further vagrant reliability improvements. 2015-03-03 06:55:34 -08:00
Tim Hockin
d46146da7d Stop using Docker's -r flag 
It has been deprecated since 1.3, replaced by restart policies.  We are
not supporting docker < 1.3 any more.
 2015-02-28 13:36:42 -08:00
Satnam Singh
16f49f6d09 Update Fluentd to Cloud Logging image 2015-02-26 15:18:22 -08:00
Eric Tune
e77745672c Merge pull request #4577 from satnam6502/cluster-name 
Qualify the name of forwarding rules with INSTANCE_PREFIX
 2015-02-26 13:17:49 -08:00
Daniel Smith
3038a5624e Merge pull request #4859 from dchen1107/master 
Move salt based clusters to Docker 1.5.0
 2015-02-26 11:32:07 -08:00
Dawn Chen
59a9030413 Move salt based clusters to Docker 1.5.0 2015-02-26 11:06:53 -08:00
Satnam Singh
19b927ea57 Name a cluster and use it to make forwarding rules for GCE 2015-02-23 17:04:33 -08:00
derekwaynecarr
87a41b0934 Improve vagrant reliablility, fix race condition with openvswitch and docker 2015-02-21 13:31:50 -05:00
Victor Marmol
ff7726d1ef Merge pull request #4655 from saad-ali/fix2884quick 
Add monit process monitoring for kubelet and docker
 2015-02-20 11:07:06 -08:00
David Oppenheimer
ba749284d0 Have etcd listen on all interfaces so that monit probes succeed. Closes #3852. 2015-02-19 23:14:14 -08:00
saadali
4dea0488e6 Add monit process monitoring for kubelet and docker 2015-02-19 22:22:05 -08:00
Brendan Burns
e4e68e2fa5 Merge pull request #4138 from justinsb/fix_duplicate_master_arg 
Remove duplicate --master arg from kube-scheduler
 2015-02-19 11:58:23 -08:00
David Oppenheimer
c99a37d3a3 Merge pull request #4587 from gmarek/client2 
Fix monit config for etcd
 2015-02-19 11:37:47 -08:00
gmarek
19b7c01084 Fix monit config for etcd 2015-02-19 13:11:43 +01:00
Brendan Burns
664de16c81 Remove kubecfg from the client tools we attempt to distribute. 2015-02-18 22:26:26 -08:00
Dawn Chen
23b8b5ea6a Configure docker with larger open files. 2015-02-11 23:52:58 -08:00
Eric Tune
59a06b5073 Don't set --etcd_servers argument for kubelet. 
This is ignored by all recent kubelet versions when api_servers is
set.  And it is set in this salt file.
 2015-02-11 15:53:26 -08:00
Zach Loafman
6b3bb763f0 Merge pull request #4287 from derekwaynecarr/docker_group_gone 
Docker 1.4.1 on Fedora no longer provisions a docker group
 2015-02-10 14:28:02 -08:00
Zach Loafman
2fb4bd4724 Merge pull request #4286 from brendandburns/etcd 
Add restart to the kube apiserver.
 2015-02-10 12:09:34 -08:00
derekwaynecarr
46eb657722 docker does not provision a docker group anymore, so do not add vagrant user to it 2015-02-10 11:15:22 -05:00
Zach Loafman
2f231e0a2a Merge pull request #4268 from rajatchopra/master 
Fix vagrant networking round 2
 2015-02-10 07:39:48 -08:00
Brendan Burns
c50e650d8b Add restart to the kube apiserver. 2015-02-10 07:35:00 -08:00
Rajat Chopra
1d12cad456 Fix vagrant networking. Include the master as part of overlay. And remove STP for efficiency. 
fix e2e services for vagrant
Kubelet should wait on SDN to finish
Do not require docker on master for default clouds
 2015-02-09 14:37:27 -08:00
Ravi Sankar Penta
3a5ef05f64 Make periodic sync nodes from cloud provider optional. 
--sync_nodes=false gives user flexibility to add/remove nodes in the
cluster using REST api/kubectl cli and at the same time can use
cloud provider for other resources like persistent disks, etc.
 2015-02-09 13:42:44 -08:00
Zach Loafman
6b8c332cd3 Revert "Fix vagrant networking" 2015-02-09 13:40:11 -08:00
Rajat Chopra
9f10108758 Kubelet should wait on SDN to finish 2015-02-09 11:22:14 -08:00
Rajat Chopra
b61ea1bbf1 Fix vagrant networking. Include the master as part of overlay. And remove STP for efficiency. 2015-02-05 17:41:27 -08:00
Justin Santa Barbara
e72d3392cc Remove duplicate --master arg from kube-scheduler 2015-02-04 19:05:05 -05:00
Justin Santa Barbara
7790435915 Fix for bool vs string comparisons in salt templates 
Fixes #4118
 2015-02-04 14:09:10 -05:00
Justin SB
9a29d9f92a Etcd data dir must be empty 
Otherwise we get the error "unknown wal version in data dir /var/etcd"

When this is the homedir for etcd, e.g. .bashrc confuses it
 2015-02-02 08:09:32 -08:00
derekwaynecarr
4dd50a18c3 Fix vagrant regression, add flag to easily enable v1beta3 2015-01-30 12:16:24 -05:00
Satnam Singh
db416c4f39 Merge pull request #3970 from justinsb/fix_aws 
aws cluster/kube-up.sh fixes
 2015-01-30 07:56:01 -08:00
derekwaynecarr
3cb015c09c Missing boilerplate 2015-01-30 00:22:17 -05:00
derekwaynecarr
aef084bf9d Various vagrant fixes, etcd 2.0 2015-01-30 00:15:34 -05:00
Brendan Burns
a20ca78fb3 Update etcd to version 2.0.0 2015-01-29 17:53:53 -08:00
Justin Santa Barbara
eb1d9d0a46 Add missing = to --machines arg 2015-01-29 20:35:36 -05:00
Justin Santa Barbara
5d864b006a Add aws to list of clouds that use tokens 2015-01-29 20:35:36 -05:00
Justin Santa Barbara
51225c76da Apply jbeda's conditional tar fix 2015-01-29 20:35:36 -05:00
Justin Santa Barbara
2f195578cc Create /srv/kuberentes/known_tokens.csv on AWS 2015-01-29 20:35:35 -05:00
Justin Santa Barbara
bb0431dce8 Pass cloud & cloud_config to kube-apiserver for AWS 2015-01-29 20:35:35 -05:00
Brendan Burns
c7c11d7731 Add monit support for restarting etcd to the master. 2015-01-27 20:15:24 -08:00
Victor Marmol
94988aece2 Update cAdvisor to 0.8.0. 2015-01-23 11:11:15 -08:00
Zach Loafman
a305269e18 Deferred creation of SkyDNS, monitoring and logging objects 
This implements phase 1 of the proposal in #3579, moving the creation
of the pods, RCs, and services to the master after the apiserver is
available.

This is such a wide commit because our existing initial config story
is special:

* Add kube-addons service and associated salt configuration:
** We configure /etc/kubernetes/addons to be a directory of objects
that are appropriately configured for the current cluster.
** "/etc/init.d/kube-addons start" slurps up everything in that dir.
(Most of the difficult is the business logic in salt around getting
that directory built at all.)
** We cheat and overlay cluster/addons into saltbase/salt/kube-addons
as config files for the kube-addons meta-service.
* Change .yaml.in files to salt templates
* Rename {setup,teardown}-{monitoring,logging} to
{setup,teardown}-{monitoring,logging}-firewall to properly reflect
their real purpose now (the purpose of these functions is now ONLY to
bring up the firewall rules, and possibly to relay the IP to the user).
* Rework GCE {setup,teardown}-{monitoring,logging}-firewall: Both
functions were improperly configuring global rules, yet used
lifecycles tied to the cluster. Use $NODE_INSTANCE_PREFIX with the
rule. The logging rule needed a $NETWORK specifier. The monitoring
rule tried gcloud describe first, but given the instancing, this feels
like a waste of time now.
* Plumb ENABLE_CLUSTER_MONITORING, ENABLE_CLUSTER_LOGGING,
ELASTICSEARCH_LOGGING_REPLICAS and DNS_REPLICAS down to the master,
since these are needed there now.

(Desperately want just a yaml or json file we can share between
providers that has all this crap. Maybe #3525 is an answer?)

Huge caveats: I've gone pretty firm testing on GCE, including
twiddling the env variables and making sure the objects I expect to
come up, come up. I've tested that it doesn't break GKE bringup
somehow. But I haven't had a chance to test the other providers.
 2015-01-21 12:25:50 -08:00
Joe Beda
7ee327146a Fix typo in initd scripts 2015-01-15 09:12:20 -08:00
Joe Beda
228659a177 Fix up for posix flags 2015-01-15 09:12:19 -08:00
Satnam Singh
295bd3768d Launch Elasticsearch and Kibana automatically 2015-01-09 13:41:46 -08:00
Eric Tune
c2b3d678c0 Merge pull request #3248 from derekwaynecarr/admission_control_hooks 
Implement basic admission control framework
 2015-01-07 16:52:49 -08:00
Dawn Chen
6cb7f0451c Using google/cadvisor:0.7.1 instead of :latest 2015-01-07 14:14:20 -08:00
derekwaynecarr
520ae3ef27 Implement basic admission control framework 2015-01-07 14:42:31 -05:00
Satnam Singh
8ab2e9c61a Use DNS for Elasticsearch 2015-01-06 07:33:48 -08:00
Dawn Chen
86aa38547c Remove duplicate volumes type. 2014-12-30 14:40:16 -08:00
Tim Hockin
59164ca844 Make DNS an option for cluster turnup 2014-12-29 09:18:12 -08:00
Vishnu Kannan
2d5432bc91 update cadvisor static manifest file completely. 2014-12-25 18:22:59 +00:00
Vishnu Kannan
9a4476a60c Update cadvisor manifest to bind mount "/sys" from global namespace. 2014-12-22 23:49:22 +00:00
saadali
ec6d4c6078 Fix kube-controller-manager failing to start because "Jinja variable 'cloud_config' is undefined" 2014-12-19 17:20:22 -08:00
Brendan Burns
2369f0d50d Update aws. 2014-12-19 14:16:57 -08:00
Brendan Burns
bd712b61e6 Merge branch 'master' of https://github.com/dutchcoders/kubernetes into dutchcoders-master 
Conflicts:
	cluster/aws/config-default.sh
	cluster/saltbase/salt/kube-controller-manager/default
 2014-12-19 11:45:46 -08:00
Jordan Liggitt
2de478f16c Make cert CN unique to avoid certificate serial number clashes 2014-12-18 15:13:32 -05:00
Jernej Kos
430a04af45 Added missing Salt requisites. 2014-12-18 10:29:39 +01:00
Dawn Chen
c053ec63c5 Move salt based clusters to Docker 1.4.1 2014-12-16 15:54:26 -08:00
Joe Beda
911a437c1b Make the test for the 'docker_opts' grain more robust. 
Fixes #2982
 2014-12-16 14:26:36 -08:00
Dawn Chen
04b136a7db Move salt based clusters to Docker 1.4.0 2014-12-16 11:58:45 -08:00
Joe Beda
056fdbb9b8 Merge pull request #2943 from brendandburns/flags 
Add a log level flag.
 2014-12-15 12:59:08 -08:00
Brendan Burns
878d85df0c Add a log level flag. 2014-12-15 12:00:29 -08:00
Satnam Singh
b4fcdd7e47 Collect Kubelet logs with Fluentd->Elasticsearch and Fluentd->Cloud Logging 2014-12-14 01:47:48 -08:00
Joe Beda
c9acafc98a Move salt based clusters to Docker 1.3.3 
Part of #2896
 2014-12-12 12:18:07 -08:00
Brendan Burns
149881e13e Actually set repository QPS in the kubelet. 2014-12-11 12:06:40 -08:00
Joe Beda
89011f26f4 remove SSLv3 support in nginx config 2014-12-10 13:17:02 -08:00
Eric Tune
edeb96dca9 Merge pull request #2772 from rlarocque2/apiserver_auth 
Implement apiserver communication for Vagrant
 2014-12-10 07:13:40 -08:00
Brendan Burns
3a7dd589d5 Merge pull request #2735 from erictune/proxy_no_etcd 
Use apiserver instead of etcd for kube-proxy.
 2014-12-09 15:27:20 -08:00
Jeff Lowdermlk
0007257bce Fix conditional on grains.docker_opts in docker-defaults 2014-12-08 16:42:41 -08:00
Richard Larocque
7d37b24cc7 Implement apiserver communication for Vagrant 
This implementation is based on the GCE impementation from
618a367dbb48dbaa9c3b50e877858d854322fd0b.
 2014-12-05 12:49:51 -08:00
Eric Tune
65b38e7af7 Use apiserver instead of etcd for kube-proxy. 
For cloud-providers that use salt, have kube-proxy use
apiserver instead of etcd as a config source.
 2014-12-02 22:21:01 -08:00
Brendan Burns
b07515c5ea Add some backward compatability for GKE. 2014-12-02 11:32:45 -08:00
Alen Komljen
d83d269c27 Remove empty lines when file is generated from jinja template 2014-12-02 15:00:58 +01:00
Joe Beda
f8505cd286 For GCE, allow insecure registries anywhere in 10.0.0.0/8. 2014-12-01 11:36:08 -08:00
Alen Komljen
249bbd7d9a Remove unused nsinit salt state 2014-11-27 09:59:25 +01:00
Remco
83f3982eee fix(aws): cloud provider wasn't set, corrected cloud config syntax 2014-11-26 17:30:35 +01:00
Tim Hockin
47141f05c7 standard config opt names: logging 2014-11-25 17:41:53 -08:00
Tim Hockin
52ad94d766 standard config opt names: node monitoring 2014-11-25 17:39:28 -08:00
Joe Beda
4a5a69b520 Upgrade docker to 1.3.2. 2014-11-25 14:46:25 -08:00
Joe Beda
2b712a744a Fix up salt ordering dependencies in kube-apiserver/init.sls. 2014-11-25 14:46:25 -08:00
Joe Beda
802d214ed0 Merge pull request #2461 from MSOpenTech/deploy 
Bring Azure deploy scripts up to date
 2014-11-20 17:15:44 -08:00
Joe Beda
658c5cdaaa Check in default blank file for kubelet/kubernetes_auth 
This lets us eliminate some per-cloud stuff in our salt.  This is an alternate fix for #2475.
 2014-11-20 17:01:28 -08:00
derekwaynecarr
1a894741b2 Fix vagrant regression 2014-11-20 10:39:09 -05:00
Brendan Burns
927088de83 Fix etcd unpack by adding a explicit x flag. 2014-11-19 11:33:50 -08:00
Jeff Mendoza
9934a0ace4 Update cert generation for Azure. 2014-11-18 14:10:50 -08:00
Eric Tune
67adf6473e Don't reference non-existent token file if not GCE. 2014-11-18 00:23:41 -08:00
Eric Tune
46dcacfa93 Kubelet talks securely to apiserver. 
Configure apiserver to serve Securely on port 6443.
Generate token for kubelets during master VM startup.
Put token into file apiserver can get and another file the kubelets can get.
Added e2e test.
 2014-11-18 00:23:41 -08:00
Brendan Burns
5122e4cc3a Remove deprecated nsinit from the node definition. 2014-11-17 22:20:57 -08:00
Abhishek Gupta
65a4041d26 Fixing systemd service files to point to correct config/executors 2014-11-17 12:24:10 -08:00
Joe Beda
66d287f7e4 Merge branch 'rename-to-kube' of https://github.com/eparis/kubernetes into eparis-rename-to-kube 
* 'rename-to-kube' of https://github.com/eparis/kubernetes:
  rename kube server binaries to kube-

Conflicts:
	docs/salt.md
 2014-11-17 09:52:10 -08:00
Joe Beda
06d838ffb1 Merge pull request #2369 from jbeda/vagrant-fix 
Vagrant fixes
 2014-11-14 16:43:06 -08:00
Brendan Burns
c2485a4056 Merge pull request #2147 from justinsb/ipv6 
Initial ipv6 / iptables work
 2014-11-14 10:34:37 -08:00
Joe Beda
5a0159ea00 Get Vagrant to start using TLS client certs. 
Also fix up cert generation. It was failing during the first salt highstate when trying to chown the certs as the apiserver user didn't exist yet.  Fix this by creating a 'kube-cert' group and chgrping the files to that.  Then make the apiserver a member of that group.

Fixes #2365
Fixes #2368
 2014-11-13 22:16:45 -08:00
Eric Paris
a99c3c7963 rename kube server binaries to kube- 
apiserver becomes kube-apiserver
controller-manager -> kube-controller-manager
scheduler and proxy similarly.

Only thing I promise is that right now hack/build-go.sh and
build/release.sh exit with 0.  That's it.  Who knows if any of this
actually works....
 2014-11-13 20:08:26 -05:00
Richard Larocque
63d6e7cd9f make-cert.sh: Create directory before writing cert 
Adds a "mkdir -p" to the make-cert.sh.  This fixes an issue where the
script could fail if /srv/kubernetes did not exist previously.
 2014-11-13 16:39:09 -08:00
Eric Tune
19ec2234f9 Make server certs accessible to apiserver user. 2014-11-13 13:02:48 -08:00
Joe Beda
ee2f030623 Give the API server access to TLS certs. 
Moved the cert generation to a separate salt state and put it in a more appropriate sharable location (`/srv/kubernetes/`).
 2014-11-12 18:14:24 -08:00
Brendan Burns
62bd634c07 Update the AWS config. 2014-11-10 13:33:43 -08:00
Brendan Burns
bdc4ab62c7 Merge pull request #2245 from jbeda/gcs-deps 
Start pulling external dependencies from GCS where possible
 2014-11-10 11:00:41 -08:00
bgrant0607
6c70227a2e Merge pull request #2249 from satnam6502/salt 
Make Docker container dirs writable for pos file
 2014-11-08 11:56:48 -08:00
Satnam Singh
9fac9949b2 Make Docker container dirs writable for pos file 2014-11-07 17:42:48 -08:00
Joe Beda
a839599883 Install client tools on master. 
We now include kubecfg and kubectl in "server binary" tar and place them into /usr/local/bin on the master.
 2014-11-07 17:13:18 -08:00
Joe Beda
d033dfcc2b Load etcd tarball from GCS. 
Also fix up comment about how to cache docker debs.
 2014-11-07 13:43:07 -08:00
Justin SB
ddaa716de1 Allow specification of docker daemon args 2014-11-04 14:12:59 -08:00
Justin SB
8e70a664e8 Extend container_bridge.py (salt lib) to support IPv6 2014-11-04 06:33:34 -08:00
Brendan Burns
f44bb9d673 Merge pull request #2104 from jbeda/gcs-docker-install 
Get docker deb from GCS
 2014-10-31 21:15:06 -07:00
Joe Beda
29455398e6 Get docker deb from GCS. 
Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889)
 2014-10-31 16:27:00 -07:00
Deyuan Deng
019b7fc74c Separate minion controller from master. 2014-10-30 20:24:15 -04:00
Pieter Noordhuis
918c8e2b96 Limit GCE specific mods to GCE 2014-10-29 12:39:07 -07:00
Pieter Noordhuis
1152471db7 Split reactor files 
There now are reactor files to run highstate on:

* New nodes only
* Master nodes
* Minion nodes
 2014-10-29 11:30:09 -07:00
Pieter Noordhuis
e90f98a52c Make vSphere scripts work for binary deploys 
Fixes #1732.
 2014-10-29 11:30:08 -07:00
Brendan Burns
c4d6f3a1cd Fix the etcd md5 since they uploaded a new binary. 2014-10-29 11:18:37 -07:00
Joe Beda
8100c063b8 Turn on auto security updates for debian based systems. 
Fixes #2008
 2014-10-27 13:49:51 -07:00
Joe Beda
25b1eea116 Merge pull request #1832 from doublerr/rackspace_switch_to_coreos 
Rackspace - Switch to CoreOS for standard cluster
 2014-10-22 09:30:55 -07:00
derekwaynecarr
b836e31cf4 Fixup docker configuration for sdn 2014-10-22 11:32:38 -04:00
Satnam Singh
39212f5e2e Flunentd to GCP logging node level configuration 2014-10-20 18:05:00 -07:00
Satnam Singh
b7722a631d Adjust test in salt file to use boolean value 2014-10-20 15:52:28 -07:00
derekwaynecarr
0d86be680b Do not require a writeable /vagrant 2014-10-20 16:59:15 -04:00
Ryan Richard
a8bae68865 Rackspace - Switch to CoreOS for standard cluster 
The Rackspace setup for Kubernetes now leverages CoreOS instead of Ubuntu. We've dropped Salt completely for our cluster.
 2014-10-20 12:14:20 -05:00
Dawn Chen
baf3bea79a Set --ip-masq to false 2014-10-16 12:17:18 -07:00
Tim Hockin
e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Joe Beda
9bb20b41ee Break out dynamic salt files to enable clean kube-push. 
This lets us blow away salt files and replace them with a new version while keeping a tree of "overlay" files that are cluster specific and generated at cluster up time.

Fixes #1783
 2014-10-14 15:01:43 -07:00
Joe Beda
96c1bc17ca Set shell options for reliability. 
Tweak a few other small things in our shell scripts.
 2014-10-10 12:33:36 -07:00
Joe Beda
d43a6ec5a3 Standardize how we refer to the kubernetes root. 
Now use $KUBE_ROOT as the variable pretty much everywhere.
 2014-10-10 12:33:36 -07:00
Joe Beda
881cf80182 Vagrant now using pre-built binaries. 2014-10-10 12:30:12 -07:00
Joe Beda
15cd6f07d6 Use binary releases for cluster push scripts. 
This is for GCE right now.  Other clouds/clusters are probably broken.
 2014-10-10 12:30:11 -07:00
Joe Beda
9a8807b033 get.docker.com is now the preferred place to get Docker 
Update salt configs
 2014-10-09 12:31:53 -07:00
Joe Beda
0de2ef496e Merge pull request #1595 from thockin/flageq 
Use '=' for flags or else parsing gets confused sometimes
 2014-10-06 13:14:35 -07:00
Tim Hockin
440d14c239 Use '=' for flags or else parsing gets confused sometimes 2014-10-06 12:25:56 -07:00
Deyuan Deng
253907ab04 Add etcdctl in master 2014-10-04 11:26:01 -04:00
Brendan Burns
77d13db307 Fix the vagrant build. 2014-09-26 14:02:56 -07:00
Joe Beda
b3e7fd4209 Be more robust in how we pass flags. 
Using the '=' form of a flag makes things better if we have an empty list of machines.
 2014-09-25 11:52:18 -07:00
Brendan Burns
cafd20b233 Complete the mitm prevention on GCE. 2014-09-23 16:51:04 -07:00
Brendan Burns
d38b498b0f Add a script for generating CA signed certs, and a client cert. 2014-09-23 11:38:29 -07:00
Brendan Burns
bb829ce8f6 fix salt. 2014-09-17 17:13:41 -07:00
Brendan Burns
ffa4500e09 Add a salt flag for enabling privileged containers. 2014-09-17 14:25:28 -07:00
brendandburns
c74060d465 Merge pull request #1282 from derekwaynecarr/add_vagrant_to_docker_group 
Add vagrant user to docker group
 2014-09-15 17:07:02 -07:00
Brendan Burns
61e90fdaff Fix the logrotate cron job. 2014-09-11 20:56:31 -07:00
Brendan Burns
76c0ce374d Start log rolling for docker containers too. Fix logrotate for other daemons. 2014-09-11 15:47:06 -07:00
derekwaynecarr
63bd987561 Add vagrant user to docker group 2014-09-11 16:48:17 -04:00
Brendan Burns
686c3bec84 Add initial logrotate support. 2014-09-09 13:35:06 -07:00
derekwaynecarr
f42fcef620 Add explicit flag to use openvswitch 2014-09-08 15:31:22 -04:00
Brendan Burns
e8afebf1e1 Update nginx to support websockets and not buffer watches. 2014-09-05 21:46:01 -07:00
Brendan Burns
4a934427db Exclude vendored etcd. 2014-09-04 12:05:34 -07:00
Brendan Burns
3864cf453a Fix travis and cluster installs. 2014-09-04 10:31:09 -07:00
Joe Beda
847c87faa8 Fix docker start after minion reboot on GCE/debian 
Uncomment docker service state as it should no longer be affected by race bug in docker init.d start script.  Also make sure that the docker service state depends on the cbr state.

Fixes #802
 2014-09-03 11:11:28 -07:00
Ryan Richard
0b50244c72 workaround lack of jinja2.7 support 2014-09-02 19:05:56 -05:00
Joe Beda
2ac0770694 Make salt configs work with Jinja 2.6. 
Fixes #1089
 2014-08-28 16:54:14 -07:00
Ryan Richard
2565164a8d Add Rackspace support for dev-build-and-up 2014-08-28 10:36:58 -05:00
Clayton Coleman
f5a835b067 Merge pull request #978 from rajatchopra/podnet 
Add IP per pod with Open vSwitch in Vagrant
 2014-08-26 19:29:42 -04:00
Joe Beda
5722eba780 Propagate version info into salt config and use to build. 
Fixes #1043.
 2014-08-26 16:17:06 -07:00
Rajat Chopra
2dd57898d4 add ip per pod across vagrant minions 2014-08-26 11:29:35 -07:00
Joe Beda
831a0d7e50 Merge pull request #1027 from MSOpenTech/azure-scripts 
Add salt configuration for openvpn for use on Azure.
 2014-08-26 11:04:03 -07:00
Jeff Mendoza
adace2ccf5 Remove commented lines from openvpn config files. 2014-08-25 16:29:32 -07:00
Pieter Noordhuis
65bb90ffef Update apiserver defaults template 
Set "cloud" grain to "vsphere".

The "minion_ips" grain doesn't seem to be used anymore.
 2014-08-25 15:20:19 -07:00
Jeff Mendoza
13989794f8 Add salt configuration for openvpn for use on Azure. 
Sets up openvpn for container to container communication. Azure
deploy scripts create certs used for openvpn conneciton. Salt
installs and configures openvpn.
 2014-08-25 14:56:54 -07:00
Pieter Noordhuis
c535d6d30b Incorporate comments 2014-08-25 10:01:25 -07:00
Pieter Noordhuis
ad7f131a5b Deploy k8s to vSphere 2014-08-24 20:27:05 -07:00
Daniel Smith
79f60da6c4 add salt files to make scheduler run 2014-08-20 15:32:49 -07:00
Brendan Burns
dc1de2bc0e Remove a duplicate flag. 2014-08-19 09:48:41 -07:00
brendandburns
bd53643647 Merge pull request #851 from derekwaynecarr/cloud_provider 
Vagrant supports a cloud provider
 2014-08-18 18:23:49 -07:00
brendandburns
2d84987c11 Merge pull request #885 from thockin/net 
Proper ip-per-pod on GCE.
 2014-08-18 18:22:05 -07:00
Brendan Burns
a779102924 Fix the installation of nsinit 2014-08-18 16:40:12 -07:00
Brendan Burns
0caae9c1d4 Add a in container exec based health check. 2014-08-18 12:00:11 -07:00
derekwaynecarr
8df21b84a1 Add vagrant cloudprovider 2014-08-18 14:30:31 -04:00
Tim Hockin
03ade159c3 Proper ip-per-pod on GCE. 
Back out the second iptables rule, now that we know what the problem was - we
need to open a firewal rule on each minion.
 2014-08-15 15:54:20 -07:00
derekwaynecarr
10be80295c apiserver listen on 0.0.0.0 in vagrant 2014-08-14 10:02:04 -04:00
Joe Beda
70c6c75ae3 Fix release and salt scripts for godep 2014-08-13 15:57:41 -07:00
derekwaynecarr
7db42a7b73 Fix nsinit on Vagrant 2014-08-12 16:35:01 -04:00
derekwaynecarr
ba7345d967 Do not always look for latest pkg 2014-08-12 16:10:59 -04:00
derekwaynecarr
c8c5435656 Enforce --address flag is set on all Linux flavors 2014-08-07 17:54:49 -05:00
Tim Hockin
7e9c142392 Remove duplicate -config param 
This is duplicated in cluster/saltbase/salt/kubelet/default
cluster/saltbase/salt/kubelet/initd
 2014-08-07 10:53:08 -07:00
Victor Marmol
c501e09d14 Merge pull request #820 from brendandburns/nsenter 
Install nsinit that is vendored into docker.
 2014-08-07 08:36:49 -07:00
Clayton Coleman
4123a44653 Merge pull request #819 from thockin/restarts 
Disable docker restarts, for now
 2014-08-07 10:41:56 -04:00
Brendan Burns
22586c87fe Install nsinit that is vendored into docker. 2014-08-06 22:45:18 -07:00
Tim Hockin
92f13ceb52 Disable docker restarts, for now 
If the docker daemon goes down and comes up, it will try to restart
containers.  This will race with our own restart loop.  Only one loop should
be controlling restarts, probably.
 2014-08-06 22:41:09 -07:00
brendandburns
71bfa4cd74 Merge pull request #810 from derekwaynecarr/less_verbose 
Run go-build on each kubepush and vagrant log only states that change or error to improve readability
 2014-08-06 22:41:09 -07:00
Tim Hockin
b0ffa8c8f6 Set kubelet -address flag to 0.0.0.0 via salt 
Currently it binds to the eth0 IP only, this includes localhost.  The flag
default is localhost only, but we need it looser than that.
 2014-08-06 18:11:35 -07:00
Daniel Smith
aa3ac324bc Merge pull request #803 from brendandburns/nsenter 
Install nsinit on hosts.
 2014-08-06 15:12:49 -07:00
derekwaynecarr
b9dc38e617 Log only states that change or error to improve readability 2014-08-06 14:47:41 -04:00
Daniel Smith
ea47ca7aa0 Stop passing etcd_servers to controller manager 2014-08-05 17:46:39 -07:00
Brendan Burns
abb754c00d Install nsinit on hosts. 2014-08-05 15:57:39 -07:00
derekwaynecarr
d8af1da2f6 Pull golang from golang 2014-08-05 14:24:10 -04:00
Tim Hockin
4c58752684 Make container-to-container IP work across VMs. 2014-08-04 20:52:13 -07:00
Filipe Brandenburger
d7396acced Remove executable permissions of files that do not need it. 
In particular, .gitignore, *.go, *.sls and etcd.conf are files that
should not be marked as executable.

Tested: built it with hack/build-go.sh, called all binaries with
  the -version flag to confirm they work.

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
 2014-08-01 08:22:46 -07:00
Victor Marmol
4de48613e7 Change cAdvisor port to 4194. 
This is so it doesn't conflict with the default registry address of
5000.
 2014-07-31 13:14:00 -07:00
Danny Jones
bc11e8c57b Set kubelet user home directory to /var/lib/kubelet 
The kubelet user does not have permissions to create directories in
/var/lib. This sets the home directory to /var/lib/kubelet so that the
directory is made prior to running the kubelet. This matches the
default root directory path (/var/lib/kubelet) and allows kubelet to
us that directory.
 2014-07-29 14:44:01 -07:00
Eric Tune
10a61d05a1 Stopy proxying etcd (localhost:4001) on https:/$MASTER_IP/etcd. 2014-07-28 12:21:06 -07:00
Jonathan Boulle
c43035088b assorted formatting and typo fixes 2014-07-24 15:10:36 -07:00
derekwaynecarr
69ae2fe4bb Initial vagrant setup and e2e testing support 2014-07-24 16:32:36 -04:00
Daniel Smith
b87ae144ea Merge pull request #552 from MSOpenTech/azure-scripts 
Update salt config for apiserver to support Azure.
 2014-07-24 12:46:53 -07:00
Victor Marmol
db38b114fe Update the cAdvisor manifest for the new volume type. 
Closes #559
 2014-07-23 08:38:38 -07:00
Jeff Mendoza
cc471c29f3 Add gce grain to salt config, change apiserver salt config. 2014-07-22 10:30:00 -07:00
Jeff Mendoza
6cebe4443a Update salt config for apiserver to support Azure. 2014-07-21 16:50:47 -07:00
Daniel Smith
05f01a3654 Revert "assorted formatting and typo fixes" 2014-07-18 17:16:30 -07:00
Jonathan Boulle
9e63c3a633 assorted formatting and typo fixes 2014-07-18 13:02:59 -07:00
Victor Marmol
d9962946fc Use latest cAdvisor image. 
This keeps us from downloading all cAdvisor images just to use "latest".
 2014-07-15 10:16:52 -07:00
Brendan Burns
41c6680943 add http health checks. 2014-07-09 12:01:43 -07:00
Daniel Smith
212a393404 Merge pull request #293 from brendandburns/minion 
Activate cloud minion registry.
 2014-07-01 12:11:22 -07:00
Victor Marmol
842907613b Run cAdvisor on all minions. 2014-07-01 11:36:33 -07:00
Brendan Burns
d5516e4cdc Activate gce minion list. 2014-07-01 11:33:58 -07:00
Brendan Burns
2759b2367f Add load balancing support to services. 2014-06-17 12:37:39 -07:00
Brendan Burns
5cb4444176 Task -> Pod #4, the final chapter 2014-06-08 23:00:12 -07:00
Joe Beda
894a7e3282 Move everything out of src and reorganize scripts. 
Fixed up some scripts to be more robust.  Changed the e2e test setup to use g1-small instances.  Fixed up documentation to reflect the new script locations.  Disabled the "curl | bash" cluster launch as it hasn't been well tested and doesn't include the cloudcfg tool yet.
 2014-06-06 21:41:19 -07:00