github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,526 Commits 1 Branch 31 Tags 1,019 MiB
561b2aba94
Commit Graph

1017 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
e494b0788b
Merge pull request #89543 from bartekzurawski/fix-kube-up-gce-private-restart 
Set ip alias route on kubernetes-master during booting
 2020-04-24 09:38:07 -07:00
Vinayak Goyal
7a5f4c47de Run kube-scheduler and kube-addon-manager as non root 2020-04-16 14:50:04 -07:00
Bartek Żurawski
3e4744c736 Set ip alias route on kubernetes-master during booting 2020-04-15 00:03:05 +02:00
Kubernetes Prow Robot
c0be582ca5
Merge pull request #89269 from Jefftree/network-proxy-beta 
Use v1beta1 for egress selector config
 2020-04-09 18:07:49 -07:00
Kubernetes Prow Robot
c7abf44a19
Merge pull request #88856 from yaseenhamdulay/patch-1 
Create etcd user in cloud-init master.yaml rather than in configure-h…
 2020-03-27 20:41:53 -07:00
Samuel Davidson
c70cd1e82f Changed readonly to true and type to File for authn/authz config. 2020-03-25 17:45:27 -07:00
Yaseen Hamdulay
58f78a53ee Add ssh_redirect_user 2020-03-24 11:30:48 +00:00
Kubernetes Prow Robot
de877ec26e
Merge pull request #89327 from aojea/conntrack 
cluster: ipvs conntrack module vs kernel version
 2020-03-22 13:28:44 -07:00
Antonio Ojea
33810a99d9 cluster: ipvs conntrack module vs kernel version 
We should use 'nf_conntrack' instead of 'nf_conntrack_ipv4'
for linux kernel >= 4.19
 2020-03-21 11:23:28 +01:00
Jefftree
936f7665cf network proxy alpha -> beta 2020-03-19 11:49:47 -07:00
yaseenhamdulay
5de3c64ad0 Create etcd user in cloud-init master.yaml rather than in configure-helper.sh 
An etcd unix user is currently created in configure-helper.sh if it does not exist
on the master.

cloud-init is the only supported mechanism to add users on COS VMs. If an attempt
is made to add a key using OS Login or the instance metadata mechanism the
google_accounts_daemon will race with useradd and potentially attempt to use
the same UID. This will lock out any attempt to SSH into the VM. We therefore
migrate to using cloud-init to create this user and prevent this issue from occurring.
 2020-03-19 11:05:42 +00:00
Kubernetes Prow Robot
f899ad704a
Merge pull request #89069 from enj/enj/i/drop_password_file 
Remove support for basic authentication
 2020-03-18 22:24:20 -07:00
Kubernetes Prow Robot
8055c92e26
Merge pull request #88125 from mwwolters/flex2healthz 
Switch flexvolume_node_setup.sh from kubelet RO port to healthz port
 2020-03-17 16:20:07 -07:00
Joe Betz
23c358d883
Fix unbound variable error in gce/configure.sh 
Looks like UBUNTU_INSTALL_RUNC_VERSION should be optional here.
 2020-03-12 16:41:25 -07:00
Monis Khan
df292749c9
Remove support for basic authentication 
This change removes support for basic authn in v1.19 via the
--basic-auth-file flag.  This functionality was deprecated in v1.16
in response to ATR-K8S-002: Non-constant time password comparison.

Similar functionality is available via the --token-auth-file flag
for development purposes.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-11 20:55:47 -04:00
Jefftree
6fd748e2c5 exit if KONNECTIVITY_SERVICE_PROXY_PROTOCOL_MODE is set incorrectly 2020-03-05 16:59:55 -08:00
Jefftree
06abedb063 Allow both GRPC and http-connect mode to be toggled 2020-03-05 16:16:59 -08:00
Jefftree
2a98cb7f8b Use GRPC mode for network proxy 2020-03-02 15:54:52 -08:00
Jefftree
0989770135 Update network proxy to v0.0.7 2020-03-02 10:09:00 -08:00
Jefftree
4c54241c3d Support token authentication for network proxy 2020-03-01 17:24:48 -08:00
Kubernetes Prow Robot
831dae75bf
Merge pull request #88185 from vinayakankugoyal/appendandreplace 
append_or_replace_prefixed_line in /cluster/gce/gci/configure-helper.…
 2020-02-26 13:33:19 -08:00
Vinayak Goyal
388ebfe7d0 append_or_replace_prefixed_line in /cluster/gce/gci/configure-helper.sh fails for prefixes that contain quotes and = sign. 2020-02-24 17:35:36 -08:00
Kubernetes Prow Robot
6461e6f4fb
Merge pull request #87179 from Jefftree/netproxy-uds 
UDS + GRPC Support for Network Proxy
 2020-02-20 21:20:32 -08:00
Jefftree
725d2b6a8f Network Proxy: GRPC + HTTP Connect with UDS 2020-02-20 10:19:37 -08:00
Benjamin Elder
4454ce6f37 fix shellcheck failures in health-monitor.sh 2020-02-14 16:12:18 -08:00
Mark Wolters
ba74c1cfb4 Switch flexvolume_node_setup.sh from kubelet RO port to healthz port 2020-02-13 09:58:51 -08:00
Kubernetes Prow Robot
78a02a223d
Merge pull request #88010 from dims/support-for-adding-test-handler-for-containerd 
Support for adding test-handler for containerd
 2020-02-11 23:15:58 -08:00
Kubernetes Prow Robot
04cfa4981a
Merge pull request #87463 from mwwolters/healthmon2healthz 
Migrate health monitor from read only port to healthz port
 2020-02-11 17:06:08 -08:00
Davanum Srinivas
8f764b113e
Support for adding test-handler for containerd 2020-02-10 20:43:40 -05:00
Davanum Srinivas
da024f9a57
Ability to override versions of containerd/runc 2020-02-08 20:20:15 -05:00
Davanum Srinivas
acd286d95d
Install containerd package depending on CONTAINER_RUNTIME 2020-02-08 17:53:37 -05:00
Davanum Srinivas
c4ef6a94b3
Add gid to config.toml only when docker group is present 
If we don't install docker and install just containerd apt packages,
there is no docker group. In this scenario, we should not add the gid to
config.toml
 2020-02-08 17:53:37 -05:00
Davanum Srinivas
2c93aa6ec3
Ensure kubectl is available in PATH by explicitly exporting the script 2020-02-07 09:05:07 -05:00
Davanum Srinivas
f20e17e9dd
python snippets should work on both old and new python versions 2020-02-05 11:22:56 -05:00
Davanum Srinivas
dc3f31569e
Ensure specified container runtimes are present 2020-02-03 13:40:57 -05:00
Stephen Augustus
1174e6698e cni: Update CNI version to v0.8.5 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-01-29 04:41:29 -05:00
Stephen Augustus
96f2588b61 cni: Update CNI download URLs to use new GCS bucket (k8s-artifacts-cni) 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-01-29 02:32:22 -05:00
Kubernetes Prow Robot
324b5921c1
Merge pull request #87529 from cheftako/master 
Added relevent approvers and reviewers for gci.
 2020-01-25 11:49:02 -08:00
Kubernetes Prow Robot
15f96a807a
Merge pull request #86305 from saschagrunert/cri-tools 
Update cri-tools to v1.17.0
 2020-01-24 12:18:32 -08:00
Walter Fender
b2f3236771 Added relevent approvers and reviewers for gci. 
Adding new approver and reviewers for the gci scripts.
 2020-01-24 09:29:35 -08:00
Kubernetes Prow Robot
90da466221
Merge pull request #87504 from cheftako/master 
Fix issue with GCE scripts assuming Python2.
 2020-01-24 03:03:19 -08:00
Walter Fender
1dd53fd3ba Fix issue with GCE scripts assuming Python2. 
For bug #87482.
Newer OSs are now defaulting to Python3.
This breaks the kube-up scripts for GCE.
Adding code to detect this and explicitly use Python2.
 2020-01-23 15:05:04 -08:00
Koonwah Chen
cfd61e801b Add env var(CNI_TAR_PREFIX) for cni install. 
cni release has changed the prefix, add a var to make this configurable.
 2020-01-22 15:14:31 -08:00
Mark Wolters
aee028dab8 Migrate health monitor from read only port to healthz port 2020-01-22 10:52:08 -08:00
Kubernetes Prow Robot
34e090187c
Merge pull request #87032 from awly/preload-gke-exec-plugin 
Allow a preloaded gke-exec-auth-plugin
 2020-01-16 13:14:52 -08:00
Janek Łukaszewicz
a9e5fd6623 Revert "Revert "Add an option to specify kubelet flags for heapster node."" 
This reverts commit 00ea8c4f9e.
 2020-01-14 12:53:25 +01:00
Sascha Grunert
7e5e7c141c
Update cri-tools to v1.17.0 
Update the crictl binaries to the latest release

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-01-14 08:36:20 +01:00
Andrew Lytvynov
71966adfc3 Allow a preloaded gke-exec-auth-plugin 2020-01-09 10:37:43 -08:00
Kubernetes Prow Robot
127c47caf4
Merge pull request #85512 from serathius/remove-cluster-monitoring 
Remove cluster-monitoring
 2019-12-17 21:05:57 -08:00
Kubernetes Prow Robot
4a62b3ac6d
Merge pull request #86329 from mml/core_pattern 
Set core_pattern to an absolute path.
 2019-12-17 19:48:11 -08:00