kubernetes

Author	SHA1	Message	Date
SataQiu	871b90ba23	kube-proxy: add '--bind-address-hard-fail' flag to treat failure to bind to a port as fatal Signed-off-by: SataQiu <1527062125@qq.com>	2020-04-02 13:13:10 +08:00
Tim Hockin	c27ceb6449	Edit log string	2020-04-01 15:34:29 -07:00
zhouya0	4d3d722ebc	Add missing kube build info metric	2020-04-01 17:04:45 +08:00
Kubernetes Prow Robot	0804667ff1	Merge pull request #89151 from jingyih/add_metric_etcd_db_size apiserver: add a metric exposing etcd database size	2020-03-31 12:37:00 -07:00
jingyih	922ec728de	Add a metric exposing etcd database size	2020-03-31 09:02:38 -07:00
Tim Hockin	15632b10cb	Clean up kube-proxy metrics startup	2020-03-30 10:29:14 -07:00
Tim Hockin	8747ba9370	Clean up kube-proxy healthz startup Make the healthz package simpler, move retries back to caller.	2020-03-30 10:29:14 -07:00
David Ashpole	3ec1043f83	specify in the flag help text that --enable-cadvisor-json-endpoints defaults to false	2020-03-30 09:32:33 -07:00
Rostislav M. Georgiev	c8b7e5739c	kubeadm: Use image tag as version of stacked etcd kubeadm uses image tags (such as `v3.4.3-0`) to specify the version of etcd. However, the upgrade code in kubeadm uses the etcd client API to fetch the currently deployed version. The result contains only the etcd version without the additional information (such as image revision) that is normally found in the tag. As a result it would refuse an upgrade where the etcd versions match and the only difference is the image revision number (`v3.4.3-0` to `v3.4.3-1`). To fix the above issue, the following changes are done: - Replace the existing etcd version querying code, that uses the etcd client library, with code that returns the etcd image tag from the local static pod manifest file. - If an etcd `imageTag` is specified in the ClusterConfiguration during upgrade, use that tag instead. This is done regardless if the tag was specified in the configuration stored in the cluster or with a new configuration supplied by the `--config` command line parameter. If no custom tag is specified, kubeadm will select one depending on the desired Kubernetes version. - `kubeadm upgrade plan` no longer prints upgrade information about external etcd. It's the user's responsibility to manage it in that case. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>	2020-03-30 16:28:45 +03:00
Kubernetes Prow Robot	9cbb46e39f	Merge pull request #89602 from kvaps/fix-rejoin Kubeadm: fix Ready condition check	2020-03-28 00:11:52 -07:00
caiweidong	986a7431ce	Add 'kernel' to the comments of proxy-mode	2020-03-28 11:55:37 +08:00
kvaps	68dcc17155	Kubeadm: fix Ready condition check	2020-03-27 23:55:18 +01:00
Lubomir I. Ivanov	63b3bd1826	kubeadm: fix unit test requiring admin.conf and root	2020-03-28 00:43:39 +02:00
Lubomir I. Ivanov	e56b4c3172	kubeadm: remove misleading warning on kubeadm join If the user does not provide --config or --control-plane but provides some other flags such as --certificate-key kubeadm is supposed to print a warning. The logic around printing the warning is bogus. Implement proper checks of when to print the warning.	2020-03-27 23:09:59 +02:00
Kubernetes Prow Robot	c1fc466cdd	Merge pull request #88854 from bart0sh/PR0088-kubeadm-redesign-printAvailableUpgrades kubeadm: redesign printAvailableUpgrades function	2020-03-27 05:14:23 -07:00
Kubernetes Prow Robot	903f1e63f9	Merge pull request #89537 from neolit123/1.19-kubeadm-add-get-node-rbac kubeadm: add missing RBAC for getting nodes on "upgrade apply"	2020-03-26 20:06:23 -07:00
Lubomir I. Ivanov	6f99791021	kubeadm: add missing RBAC for getting nodes on "upgrade apply" `b117a928` added a new check during "join" whether a Node with the same name exists in the cluster. When upgrading from 1.17 to 1.18 make sure the required RBAC by this check is added. Otherwise "kubeadm join" will complain that it lacks permissions to GET a Node.	2020-03-26 22:02:55 +02:00
Rostislav M. Georgiev	fbfd44f337	kubeadm: Fix panic in isCoreDNSVersionSupported A narrow assumption of what is contained in the `imageID` fields for the CoreDNS pods causes a panic upon upgrade. Fix this by using a proper regex to match a trailing SHA256 image digest in `imageID` or return an error if it cannot find it. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>	2020-03-26 20:26:32 +02:00
yameiwang	6783f991c3	fix function NodeAllocatableRoot	2020-03-26 18:48:05 +08:00
Kubernetes Prow Robot	295b53f7b4	Merge pull request #89214 from jingyih/update_etcd_server_3p4p4 Update default etcd server to 3.4.4 in k8s v1.19	2020-03-26 01:14:24 -07:00
notpad	52ad3d95f7	Add test for algorithm provider and policy config file	2020-03-24 23:18:32 +08:00
Ed Bartosh	0eac66d647	kubeadm: refactor printAvailableUpgrades Split printAvailableUpgrades into 2 functions: - genUpgradePlan that handles business logic - printUpgradePlan that outputs upgrade plan	2020-03-24 12:47:52 +02:00
Ed Bartosh	e5d6536ade	add UpgradePlan to the kubeadm.output API group	2020-03-24 12:47:42 +02:00
Kubernetes Prow Robot	907d4c1bb9	Merge pull request #89381 from dashpole/comment_disable_readonly Add comment explaining when to remove cadvisor json endpoints	2020-03-23 20:31:19 -07:00
David Ashpole	b4ed7273da	add comment explaining when to remove the --enable-cadvisor-json-endpoints	2020-03-23 12:52:00 -07:00
gavinfish	1865a104a9	Remove kubescheduler.config.k8s.io/v1alpha1	2020-03-21 15:11:48 +08:00
Kubernetes Prow Robot	72102c04c7	Merge pull request #88728 from notpad/feature/scheduler_e2e_test Add test for kube-scheduler command setup	2020-03-19 20:30:36 -07:00
notpad	16015a691c	Add test for kube-scheduler command setup	2020-03-20 07:36:47 +08:00
Davanum Srinivas	1d057da2f7	Move k8s.io/apiserver/pkg/util/term to k8s.io/component-base/term Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-03-19 07:18:09 -04:00
Kubernetes Prow Robot	f899ad704a	Merge pull request #89069 from enj/enj/i/drop_password_file Remove support for basic authentication	2020-03-18 22:24:20 -07:00
jingyih	f9e0e4c6b4	Update default etcd server to 3.4.4	2020-03-18 00:27:46 -07:00
Kubernetes Prow Robot	d45fa525e7	Merge pull request #88945 from sandyleo26/kubeadm-check-windows-wrap-error-properly fix: #2056 check_windows wrap error properly	2020-03-17 19:28:29 -07:00
Kubernetes Prow Robot	ed4c2dbf92	Merge pull request #88893 from kinvolk/invidian/kube-apiserver-so-reuseport kube-apiserver: use SO_REUSEPORT when creating listener	2020-03-17 19:28:11 -07:00
Kubernetes Prow Robot	be2f9e74bf	Merge pull request #88811 from rajansandeep/invalidmigrationfail Ensure CoreDNS running when Corefile migration doesn't support current version	2020-03-17 19:27:18 -07:00
Kubernetes Prow Robot	42c94f35a7	Merge pull request #88541 from cmluciano/cml/41ipvsfix ipvs: only attempt setting of sysctlconnreuse on supported kernels	2020-03-17 16:21:28 -07:00
Kubernetes Prow Robot	393bb44ea9	Merge pull request #88515 from SataQiu/fix-kubelet-20200225 kubelet: fix wrong flag types	2020-03-17 16:21:10 -07:00
Mateusz Gozdek	dfe1f968ac	kube-apiserver: use SO_REUSEPORT when creating listener on Unix systems So multiple instances of kube-apiserver can bind on the same address and port, to provide seamless upgrades. Signed-off-by: Mateusz Gozdek <mateusz@kinvolk.io>	2020-03-13 23:55:57 +01:00
Christopher M. Luciano	d22e18ad4f	ipvs: only attempt setting of sysctlconnreuse on supported kernels This builds on previous work but only sets the sysctlConnReuse value if the kernel is known to be above 4.19. To avoid calling GetKernelVersion twice, I store the value from the CanUseIPVS method and then check the version constraint at time of expected sysctl call. Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>	2020-03-12 13:16:00 -04:00
Monis Khan	df292749c9	Remove support for basic authentication This change removes support for basic authn in v1.19 via the --basic-auth-file flag. This functionality was deprecated in v1.16 in response to ATR-K8S-002: Non-constant time password comparison. Similar functionality is available via the --token-auth-file flag for development purposes. Signed-off-by: Monis Khan <mok@vmware.com>	2020-03-11 20:55:47 -04:00
Sandeep Rajan	fcd229e4bd	ensure coredns running when migration fails add an additional check for coredns image sha add a check to see if migration is required	2020-03-11 11:32:32 -04:00
Ted Yu	ced2948fde	Remove wait.Until for running Kubelet Bootstrap Signed-off-by: Ted Yu <yuzhihong@gmail.com>	2020-03-11 08:30:00 -07:00
Savitha Raghunathan	3234d34714	moving volume plugin dir to kubelet config - part 1	2020-03-10 16:22:29 -04:00
Satyadeep Musuvathy	e053fdd08a	Add NodeCIDR for detect-local-mode	2020-03-09 13:44:34 -07:00
Sha Liu	12750ac64f	kubeadm: wrap error properly in check_windows.go	2020-03-09 22:29:15 +11:00
skilxn-go	6b8fc8dc5e	Move TaintBasedEvictions feature gates to GA	2020-03-09 10:49:00 +08:00
Jordan Liggitt	b7c2faf26c	client-go dynamic client: add context to callers	2020-03-06 10:56:23 -05:00
Christian Huffman	c6fd25d100	Updated CSIDriver references	2020-03-06 08:21:26 -05:00
Kubernetes Prow Robot	5708511499	Merge pull request #88708 from mikedanese/deleteopts Migrate clientset metav1.DeleteOpts to pass-by-value	2020-03-05 23:09:23 -08:00
Kubernetes Prow Robot	8b8dd79d53	Merge pull request #88768 from damemi/extenders-cc Add Extenders to v1alpha2 Component Config	2020-03-05 20:04:28 -08:00
Mike Danese	76f8594378	more artisanal fixes Most of these could have been refactored automatically but it wouldn't have been uglier. The unsophisticated tooling left lots of unnecessary struct -> pointer -> struct transitions.	2020-03-05 14:59:47 -08:00
Mike Danese	c58e69ec79	automated refactor	2020-03-05 14:59:46 -08:00
Mike Dame	1d7006c38d	Add Extenders to scheduler v1alpha2 component config	2020-03-05 16:42:15 -05:00
Lubomir I. Ivanov	8943e443e8	kubeadm: deprecate the flag --use-api for cert renewal The KCM is moving to means of only singing apiserver (kubelet) client and kubelet serving certificates. See: https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/20190607-certificates-api.md#signers Up until now the experimental kubeadm functionality '--use-api' under "kubeadm alpha certs renew" was using the KCM to sign any certficate as long as the KCM has the root CA cert/key. Post discussions with the kubeadm maintainers, it was decided that this functionality should be removed from kubeadm due to the requirement to have external signers for renewing the common control-plane certificates that kubeadm manages.	2020-03-05 03:37:00 +02:00
Kubernetes Prow Robot	5c5faed39b	Merge pull request #88287 from gab-satchi/master Windows specific kubelet flags in kubeadm-flags.env	2020-03-04 13:18:52 -08:00
Gab Satch	9fabafdbb1	Windows specific kubelet flags in kubeadm-flags.env - Uses correct pause image for Windows - Omits systemd specific flags - Common build flags function to be used by Linux and Windows - Uses user configured image repository for Windows pause image	2020-03-04 11:05:53 -05:00
Kubernetes Prow Robot	c86aec0564	Merge pull request #88745 from mborsz/slice3 Implement simple endpoint slice batching	2020-03-03 03:03:38 -08:00
Maciej Borsz	49b11b5431	Implement simple endpoint slice batching	2020-03-03 08:16:42 +01:00
Kubernetes Prow Robot	90a622bbdb	Merge pull request #88512 from SataQiu/fix-kubeproxy-20200225 kube-proxy: fix confusing default value for healthz and metrics bind address, deprecate healthz-port and metrics-port flag	2020-03-02 14:49:53 -08:00
Kubernetes Prow Robot	e9d502e4fc	Merge pull request #88663 from deads2k/enable-profiling-by-default update kube-controller-manager and kube-scheduler to match kube-apiserver defaults	2020-03-02 07:24:43 -08:00
Kubernetes Prow Robot	56987164f8	Merge pull request #88626 from yuzhiquan/patch-clean1 (cleanup/scheduler): remove unused function	2020-02-29 07:54:40 -08:00
yuzhiquanlong	3eec87cd91	update WithPlugin comment, in case remove function	2020-02-29 19:53:04 +08:00
Kubernetes Prow Robot	03b7f272c8	Merge pull request #88246 from munnerz/csr-signername-controllers Update CSR controllers & kubelet to respect signerName field	2020-02-28 23:38:39 -08:00
Kubernetes Prow Robot	268d0a1d3a	Merge pull request #85870 from Jefftree/authn-netproxy Use Network Proxy with Authentication & Authorizer Webhooks	2020-02-28 18:44:39 -08:00
David Eads	aa07992a44	update kube-controller-manager and kube-scheduler to match kube-apiserver defaults	2020-02-28 11:18:00 -05:00
Jefftree	1b38199ea8	pass Dialer instead of egressselector to webhooks	2020-02-27 17:47:23 -08:00
Jefftree	d318e52ffe	authentication webhook via network proxy	2020-02-27 17:47:23 -08:00
Jonathan Tomer	711c1e1720	Rename --enable-inflight-quota-handler to --enable-priority-and-fairness. The old flag name doesn't make sense with the renamed API Priority and Fairness feature, and it's still safe to change the flag since it hasn't done anything useful in a released k8s version yet.	2020-02-27 14:04:37 -08:00
Sandeep Rajan	da8453af6e	fix unsupported bug	2020-02-27 10:39:47 -05:00
James Munnelly	a983356caa	Add signerName field to CSR resource spec Signed-off-by: James Munnelly <james.munnelly@jetstack.io>	2020-02-27 10:17:55 +00:00
Kubernetes Prow Robot	e61a878e6d	Merge pull request #88482 from rajansandeep/fixunsupported [kubeadm]: Fix the CoreDNS preflight check for unsupported plugins	2020-02-26 19:39:33 -08:00
Sandeep Rajan	ca5d394f6a	fix the coredns preflight check for unsupported plugins	2020-02-26 15:08:05 -05:00
Aldo Culquicondor	07c4982245	Add unit and integration tests for multiple profiles support Signed-off-by: Aldo Culquicondor <acondor@google.com>	2020-02-26 10:14:03 -05:00
Kubernetes Prow Robot	6ec3ea855d	Merge pull request #85282 from serathius/flag-kubelet Add show-hidden-metrics-for-version to kubelet	2020-02-26 03:54:26 -08:00
Kubernetes Prow Robot	5704bff0de	Merge pull request #84913 from serathius/metrics-scheduler Add show-hidden-metrics-for-version to scheduler	2020-02-25 21:02:26 -08:00
Marek Siarkowicz	d44d5b35f3	Add show-hidden-metrics-for-version to kubelet	2020-02-25 20:46:34 +01:00
Aldo Culquicondor	c048858471	Support multiple scheduling profiles in a single scheduler Signed-off-by: Aldo Culquicondor <acondor@google.com>	2020-02-25 11:31:20 -05:00
SataQiu	a7d927f1e7	kubelet: fix wrong flag types	2020-02-25 18:04:44 +08:00
SataQiu	c261d12bbf	kube-proxy: fix confusing default value for healthz and metrics bind address, deprecate healthz-port and metrics-port flag	2020-02-25 16:59:11 +08:00
Kubernetes Prow Robot	95504c32fe	Merge pull request #86260 from rajansandeep/corednsto1.6.6-kubeadm [kubeadm]: Bump CoreDNS version to 1.6.7	2020-02-24 23:10:49 -08:00
Kubernetes Prow Robot	59870dad01	Merge pull request #87748 from satyasm/kep-local-cidr Refactor handling of local traffic detection.	2020-02-24 19:06:48 -08:00
Kubernetes Prow Robot	f6525dbc81	Merge pull request #88087 from alculquicondor/mutiprofiles-api Add Schedulings Profiles to kubescheduler.config.k8s.io/v1alpha2	2020-02-24 14:43:35 -08:00
Kubernetes Prow Robot	b68f869f43	Merge pull request #88434 from SataQiu/fix-kubeadm-20200223 kubeadm: fix the bug that 'kubeadm upgrade' hangs in single node cluster	2020-02-24 13:11:59 -08:00
Sandeep Rajan	a980cb7ead	update coredns to 1.6.7	2020-02-24 15:00:55 -05:00
Kubernetes Prow Robot	4e79344501	Merge pull request #88467 from neolit123/1.18-print-volume-verbosity kubeadm: modify how component volumes are printed	2020-02-24 11:03:15 -08:00
Kubernetes Prow Robot	116e27fc19	Merge pull request #86953 from rojkov/ecdsa kubeadm: allow creating a cluster with ECDSA keys	2020-02-24 11:02:50 -08:00
Aldo Culquicondor	9e71741d06	Add Profiles to kubescheduler.config.k8s.io/v1alpha2 Signed-off-by: Aldo Culquicondor <acondor@google.com>	2020-02-24 09:45:46 -05:00
Lubomir I. Ivanov	1b710a4c56	kubeadm: modify how component volumes are printed After the shift for init phases, GetStaticPodSpecs() from app/phases/controlplane/manifests.go gets called on each control-plane component sub-phase. This ends up calling the Printf from AddExtraHostPathMounts() in app/phases/controlplane/volumes.go multiple times printing the same volumes for different components. - Remove the Printf call from AddExtraHostPathMounts(). - Print all volumes for a component in CreateStaticPodFiles() using klog V(2). Perhaps in the future a bigger refactor is needed here were a single control-plane component spec can be requested instead of a map[string]v1.Pod.	2020-02-24 16:41:03 +02:00
Kubernetes Prow Robot	20e3288277	Merge pull request #88373 from SataQiu/fix-kubeadm-20200220 kubeadm: fallback to a known etcd version if an unknown k8s version is passed	2020-02-24 05:14:47 -08:00
Dmitry Rozhkov	109f5db5a3	kubeadm: allow creating a cluster with ECDSA keys The selected key type is defined by kubeadm's --feature-gates option: if it contains PublicKeysECDSA=true then ECDSA keys will be generated and used. By default RSA keys are used still. Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>	2020-02-24 11:20:07 +02:00
SataQiu	2e23f84745	kubeadm: fallback to a known etcd version if an unknown k8s version is passed	2020-02-24 10:46:39 +08:00
Kubernetes Prow Robot	ac25069a05	Merge pull request #88436 from andrewsykim/ccm-client-builder-cleanup use ControllerClientBuilder from k8s.io/cloud-provider in cloud-controller-manager	2020-02-23 15:04:46 -08:00
Kubernetes Prow Robot	b513f359a0	Merge pull request #88429 from taesunny/master Fix: cmd/kubeadm Typos in some error messages, comments	2020-02-23 11:14:47 -08:00
andrewsykim	ed9492ad69	use ControllerClientBuilder from k8s.io/cloud-provider in cloud-controller-manager Signed-off-by: andrewsykim <kim.andrewsy@gmail.com>	2020-02-23 06:40:20 -05:00
SataQiu	8067dd8470	kubeadm: fix the bug that 'kubeadm upgrade' hangs in single node cluster	2020-02-23 18:57:32 +08:00
Kubernetes Prow Robot	31b8c0d23d	Merge pull request #87656 from ereslibre/do-not-depend-on-cluster-status kubeadm: deprecate the `ClusterStatus` dependency	2020-02-22 22:30:47 -08:00
Kubernetes Prow Robot	b893aa707e	Merge pull request #88052 from neolit123/1.18-renew-use-ca-in-kubeconfig kubeadm: update embedded CA in kubeconfig files on renewal	2020-02-22 20:50:47 -08:00
Taesun Lee	d10e3da92d	Fix typos in some error messages, comments - cmd/kubeadm - RemoveContnainers -> RemoveContainers - iterface -> interface - stategicMergeSlice -> strategicMergeSlice	2020-02-23 00:44:47 +09:00
Satyadeep Musuvathy	8c6956e5bb	Refactor handling of local traffic detection.	2020-02-21 17:57:34 -08:00
Kubernetes Prow Robot	58fcca211f	Merge pull request #88359 from taesunny/master Fix: Typos in apiclient util.	2020-02-20 19:50:46 -08:00
Kubernetes Prow Robot	58596b2bf5	Merge pull request #88347 from neolit123/1.18-kubeadm-update-constants kubeadm: update constants for 1.18	2020-02-20 04:29:43 -08:00

1 2 3 4 5 ...

9188 Commits