Commit Graph

2701 Commits

Author SHA1 Message Date
Robert Rati
6a3ad93d6c [scheduling] Moved pod affinity and anti-affinity from annotations to api
fields. #25319
2017-01-12 14:54:29 -05:00
Kubernetes Submit Queue
e73d66ce44 Merge pull request #37557 from sttts/sttts-update-ugorji
Automatic merge from submit-queue

Update ugorji/go/codec godep

In order to pick-up https://github.com/ugorji/go/issues/119 and to get rid of the workaround at https://github.com/kubernetes/kubernetes/pull/36909/files#diff-a09eb061a0fb0ef3c9ef9d696f1ad0b4R426.
2017-01-12 02:36:16 -08:00
Dr. Stefan Schimanski
2741eb7fdb Update generated files 2017-01-11 21:54:07 +01:00
Dr. Stefan Schimanski
4a1d507756 Update bazel 2017-01-11 18:53:24 +01:00
Dr. Stefan Schimanski
cf60bec396 Split out server side code from pkg/apis/rbac/validation 2017-01-11 18:31:58 +01:00
Dr. Stefan Schimanski
57e3a57c10 Split pkg/genericapiserver/api/request from ObjectMeta 2017-01-11 18:26:33 +01:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
deads2k
facc34fea5 move tests which need to stay in k8s.io/kubernetes for API scheme 2017-01-10 10:04:32 -05:00
Kubernetes Submit Queue
73727e3791 Merge pull request #39439 from smarterclayton/version_watch
Automatic merge from submit-queue (batch tested with PRs 37845, 39439, 39514, 39457, 38866)

Move watch/versioned to pkg/apis/meta/v1/watch.go

Watch is a part of the server API
2017-01-09 13:15:16 -08:00
Kubernetes Submit Queue
124b3a7943 Merge pull request #36243 from kargakis/validate-status-replicas-correctly
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243)

Update status validation for ds/deploy/rs/rc
2017-01-09 12:05:25 -08:00
Kubernetes Submit Queue
59b1f4a12e Merge pull request #39473 from php-coder/improve_err_msg_about_privileged
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243)

Improve an error message when privileged containers are disallowed on the cluster

**What this PR does / why we need it**:

At present when user creates privileged pod and creation of privileged containers disallowed globally by a system administrator (kubelet and api-server were running with `--allow-privileged=false`), user will get the following error message:
```console
$ kubectl create -f nginx.pod 
The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: disallowed by policy
```
"Disallowed by policy" may give a wrong assumption to a user that creation of privileged containers disallowed by [`PodSecurityPolicy`](http://kubernetes.io/docs/user-guide/pod-security-policy/) while it's not.

This commit improves error message and tries to point user to the right direction:
```console
$ kubectl create -f nginx.pod 
The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: privileged containers are disallowed on this cluster by a system administrator
```

**Release note**:

```release-note
NONE
```

PTAL @pweil-
2017-01-09 12:05:21 -08:00
Slava Semushin
7e4b047743 Improve an error message when privileged containers are disallowed globally on the cluster. 2017-01-09 12:38:57 +01:00
Clayton Coleman
f07c6486ba
Rename metav1.Event to metav1.WatchEvent to avoid swagger collision
The kind on this object was always WatchEvent
2017-01-06 23:45:04 -05:00
Clayton Coleman
c5d755dbec
Refactor tests to match new versioned code structure 2017-01-06 23:45:03 -05:00
Clayton Coleman
e5019de260
refactor: Move versioned/watch to meta/v1 2017-01-06 23:45:03 -05:00
Kubernetes Submit Queue
07ce35a325 Merge pull request #39490 from deads2k/generic-16-bump-gengo
Automatic merge from submit-queue (batch tested with PRs 39466, 39490, 39527)

bump gengo to latest

bumping gengo to limit surprises while working on https://github.com/kubernetes/kubernetes/pull/39475

@kubernetes/sig-api-machinery-misc
2017-01-06 11:30:13 -08:00
deads2k
f86447c9a0 files regenerated after update 2017-01-06 11:45:40 -05:00
Jeff Grafton
20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k
80143ee0b4 snip links from genericapiserver to api/validation 2017-01-04 15:17:18 -05:00
Kubernetes Submit Queue
819535b96a Merge pull request #36245 from fraenkel/env_configmap
Automatic merge from submit-queue (batch tested with PRs 38433, 36245)

Allow pods to define multiple environment variables from a whole ConfigMap

Allow environment variables to be populated from ConfigMaps

- ConfigMaps represent an entire set of EnvVars
- EnvVars can override ConfigMaps


fixes #26299
2017-01-03 23:28:09 -08:00
Kubernetes Submit Queue
064132d84a Merge pull request #39284 from bowei/remove-host-record
Automatic merge from submit-queue (batch tested with PRs 39284, 39367)

Remove HostRecord annotation (beta feature)

The annotation has made it to GA so this code should be deleted.

**Release note**:
```release-note
The 'endpoints.beta.kubernetes.io/hostnames-map' annotation is no longer supported.  Users can use the 'Endpoints.subsets[].addresses[].hostname' field instead.
```
2017-01-03 19:20:08 -08:00
Kubernetes Submit Queue
04d10d27d7 Merge pull request #30932 from derekwaynecarr/fix-30909
Automatic merge from submit-queue

Service with type=NodePort and clusterIP=None is not allowed

Fixes https://github.com/kubernetes/kubernetes/issues/30908
2017-01-03 15:25:29 -08:00
Michael Fraenkel
94866b3bee Generated code 2017-01-03 11:45:38 -05:00
Michael Fraenkel
2d803afc98 ConfigMaps populate environment variables 2017-01-03 11:02:15 -05:00
Dr. Stefan Schimanski
87dd990bb7 Move pkg/api.{Context,RequestContextMapper} into pkg/genericapiserver/api/request 2017-01-03 14:57:33 +01:00
Dr. Stefan Schimanski
2d58ffc129 Move pkg/{apiserver -> genericapiserver/api} 2017-01-03 14:54:03 +01:00
Kubernetes Submit Queue
cc0b17eaa1 Merge pull request #38574 from k82cn/k8s_38542
Automatic merge from submit-queue

Add default imagePullPolicy for initContainers.

fixes #38542
2017-01-02 06:03:05 -08:00
Michail Kargakis
6ce2d4e7f3 Update status validation for ds/deploy/rs/rc 2017-01-02 13:54:24 +01:00
Jeff Grafton
fae627dd65 Update generated for 2017 2017-01-01 23:11:09 -08:00
Mike Danese
161c391f44 autogenerated 2016-12-29 13:04:10 -08:00
Bowei Du
589f58ca39 Remove HostRecord annotation (beta feature)
The annotation has made it to GA so this code should be deleted.
2016-12-28 12:47:08 -08:00
Kubernetes Submit Queue
59bd66ce3e Merge pull request #39152 from liggitt/json-tags
Automatic merge from submit-queue (batch tested with PRs 39152, 39142, 39055)

Add test for json tags on internal and external types

Follow up from https://github.com/kubernetes/kubernetes/pull/38406

- adds static analysis tests preventing internal types from adding new json or protobuf tags
- adds static analysis tests requiring json tags on external types (and enforcing lower-case first letter)
- fixes issues found by the tests
2016-12-27 17:10:11 -08:00
Kubernetes Submit Queue
24b3f6c494 Merge pull request #39181 from lukaszo/defaulting
Automatic merge from submit-queue (batch tested with PRs 38460, 39181)

Increase number of iterations in TestDefaulting
2016-12-23 10:51:28 -08:00
Kubernetes Submit Queue
58d319e589 Merge pull request #39093 from dgoodwin/token-default
Automatic merge from submit-queue

kubeadm: Default to using token discovery.

Recent changes to support multiple methods for discovery meant that
"kubeadm init" no longer was sufficient and users would need to add
"--discovery token://" to achieve the same results.

Instead lets assume discovery if the user does not specify anything else
to maintain parity and the brevity of our original instructions.


**Release note**:

```release-note
NONE
```

CC @mikedanese @luxas
2016-12-23 01:20:00 -08:00
Kubernetes Submit Queue
c200f27245 Merge pull request #38090 from xingzhou/kube-37654
Automatic merge from submit-queue (batch tested with PRs 38920, 38090)

Improve error message for name/label validation.

Instead of just providing regex in name/label validation error output, we need to add the naming rules of the name/label, which is more end-user readable.

Fixed #37654
2016-12-22 22:00:30 -08:00
Łukasz Oleś
84d0a5d1d9 Increase number of iterations in TestDefaulting
Fixes #39180
2016-12-23 03:04:32 +01:00
Kubernetes Submit Queue
0a750599fd Merge pull request #37188 from NickrenREN/context_test
Automatic merge from submit-queue (batch tested with PRs 39006, 39078, 37188, 39118)

add test functions in context_test.go
2016-12-22 17:47:30 -08:00
Devan Goodwin
bf69fb1747 kubeadm: Default to using token discovery.
Recent changes to support multiple methods for discovery meant that
"kubeadm init" no longer was sufficient and users would need to add
"--discovery token://" to achieve the same results.

Instead lets assume discovery if the user does not specify anything else
to maintain parity and the brevity of our original instructions.
2016-12-22 12:54:34 -04:00
Jordan Liggitt
0a80b412ef
Fix json tags 2016-12-22 09:32:58 -05:00
Klaus Ma
cd6792ae08 Add default imagePullPolicy for initContainers. 2016-12-22 09:29:43 +08:00
NickrenREN
00123c343b add test functions in context_test.go
add test functions in context_test.go( pkg/api/context_test.go)
2016-12-22 09:25:40 +08:00
Kubernetes Submit Queue
52df372f9b Merge pull request #35805 from dgoodwin/token-mgmt
Automatic merge from submit-queue

Implement kubeadm bootstrap token management

Creates bootstrap tokens as secrets per the specification in #30707 

_WARNING_: These are not currently hooked up to the discovery service or the token it creates.

Still TODO:
- [x] delete tokens
- [x] merge with #35144 and adopt it's testing approach
- [x] determine if we want wholesale json output & templating like kubectl (we do not have an API object with the data we want here) may require a bit of plumbing.
- [x] allow specifying a token duration on the CLI
- [x] allow configuring the default token duration
- [x] hook up the initial token created during init

Sample output:

```
(root@centos1 ~) $ kubeadm token create
Running pre-flight checks
<cmd/token> Token secret created: f6dc69.c43e491752c4a0fd
(root@centos1 ~) $ kubeadm token create
Running pre-flight checks
<cmd/token> Token secret created: 8fad2f.e7b78c8a5f7c7b9a
(root@centos1 ~) $ kubeadm token list  
Running pre-flight checks
ID        TOKEN                     EXPIRATION
44d805    44d805.a4e78b6cf6435e33   23h
4f65bb    4f65bb.d006a3c7a0e428c9   23h
6a086e    6a086e.2ff99f0823236b5b   23h
8fad2f    8fad2f.e7b78c8a5f7c7b9a   23h
f6dc69    f6dc69.c43e491752c4a0fd   23h
f81653    f81653.9ab82a2926c7e985   23h
```
2016-12-20 14:44:40 -08:00
Devan Goodwin
bfe345dd86 Implement kubeadm bootstrap token management.
Adds kubeadm subcommands to create, list, and delete bootstrap tokens.
Tokens can be created with a TTL duration, or 0 for tokens that will not
expire. The create command can also be used to specify your own token
(for use when bootstrapping masters and nodes in parallel), or update an
existing token's secret or ttl.

Marked "ex" for experimental for now as the boostrap controllers are not
yet hooked up in core.
2016-12-20 11:43:55 -04:00
Wojciech Tyczynski
d5e235c831 Reduce timeout for waiting for resource version 2016-12-20 10:05:38 +01:00
Xing Zhou
cfe1599983 Improve error message for name/label validation.
This patch added user readable naming rules to the output of
the error messages for name/label validation.
2016-12-19 02:53:26 +00:00
Maciej Szulik
9f064c57ce Remove extensions/v1beta1 Job 2016-12-17 00:07:24 +01:00
Robert Rati
11c577f092 [scheduling] Auto-generated file updates from moving node affinity from
annotations to api fields. #35518
2016-12-16 11:42:43 -05:00
Robert Rati
91931c138e [scheduling] Moved node affinity from annotations to api fields. #35518 2016-12-16 11:42:43 -05:00
Mike Danese
690c7e578b kubeadm: refactor discovery behind an interface 2016-12-15 13:54:49 -08:00
derekwaynecarr
023bf87c38 Service with type=NodePortr and clusterIP=None is not allowed 2016-12-14 14:51:00 -05:00