Commit Graph

414 Commits

Author SHA1 Message Date
CJ Cullen
15596ede41 Make AddSSHKeys a controller loop. Make sure master's always initializes m.tunnels. 2015-06-17 17:46:27 -07:00
Justin Santa Barbara
c89b0cd807 AWS: Use the instance id as the node name
The EC2 instance id is the canonical node name on EC2.
2015-06-17 00:40:43 -04:00
Justin Santa Barbara
efaead81dc Allow cloud providers to return a node identifier different from the hostname 2015-06-17 00:40:43 -04:00
Justin Santa Barbara
bf7946c326 AWS: Define new m4 instance types 2015-06-17 00:04:05 -04:00
Justin Santa Barbara
1561fce81c servicecontroller: last state applied to LB vs last state seen
We need the last state seen for interpreting the change-stream,
separately we need to track the last state we successfully applied to the
load balancer.
2015-06-16 18:59:03 -04:00
CJ Cullen
4d5d0457ef Fix mislooping in ssh.go. Add retries to AddSSHKeys. 2015-06-16 00:08:37 -07:00
Brendan Burns
99bf48dc2f Merge pull request #9542 from brendandburns/validate
Change the way we test if a disk is already attached.
2015-06-09 22:00:06 -07:00
Brendan Burns
3350eecedf Change the way we test if a disk is already attached.
Validated by manual introspection on a running GCE cluster.
2015-06-09 17:50:52 -07:00
krousey
f62a2a1bb6 Merge pull request #9451 from cjcullen/mig
Use Node IP Address instead of Node.Name in minion.ResourceLocation.
2015-06-09 15:52:12 -07:00
krousey
3d803ab7b2 Merge pull request #9410 from cjcullen/ratelimit
Add a RateLimiter for the gce altTokenSource.
2015-06-09 11:11:48 -07:00
CJ Cullen
2d85e4a094 Use Node IP Address instead of Node.Name in minion.ResourceLocation.
Refactor GetNodeHostIP into pkg/util/node (instead of pkg/util to break import cycle).

Include internalIP in gce NodeAddresses.
2015-06-08 16:58:00 -07:00
krousey
afb9a7e362 Merge pull request #9373 from justinsb/aws_lb_cleanup
Make deletion of an AWS load balancer clean
2015-06-08 16:49:21 -07:00
CJ Cullen
be0d24824d Add a RateLimiter for the gce altTokenSource. 2015-06-08 11:16:52 -07:00
Justin Santa Barbara
c2caa3f1da AWS: Fix cleanup of security group
The most reliable way seems to be to deauthorize the LB security group from
other groups, then delete the LB itself, then repeatedly retry to delete the LB
security group.

We can't delete the LB security group until the LB is actually completely
deleted, but the LB is hidden from the API during deletion.  So our only real
option is to retry deletion of the LB security group until the expected error
goes away when the LB is fully deleted.
2015-06-06 23:20:34 -04:00
Justin Santa Barbara
1700259508 AWS: Ignore the UserId when determining whether we can skip revoking a security group
Otherwise we weren't correctly de-authorizing the AWS LB SG from the Node SG
2015-06-06 12:37:01 -04:00
Justin Santa Barbara
8fafefd728 Fix doc for edge-case return from removeSecurityGroupIngress 2015-06-06 12:25:50 -04:00
Justin Santa Barbara
e32c66c6f4 Fix typo: Ingess -> Ingress 2015-06-06 12:22:50 -04:00
CJ Cullen
cb317604ab Some refactoring. Only selectively use ssh proxy.
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
2015-06-05 14:55:16 -07:00
Brendan Burns
7ea533d871 Add the SSHTunnel transport to the kubelet client. 2015-06-05 14:55:15 -07:00
CJ Cullen
de9a5f43bc Specify sshUser, sshKeyfile in kube-apiserver manifest.
Trim space on ssh key so GCE doesn't treat it as 2 lines.
A couple other minor fixes.
2015-06-05 14:55:15 -07:00
Brendan Burns
5115fd5703 Add key generation. 2015-06-05 14:55:15 -07:00
Justin Santa Barbara
48e8a8b0ec AWS: Set up security groups, to mirror GCE firewalling
Some slightly fussy code to enable load-balancers to talk to
instances, but otherwise relatively simple.
2015-06-05 16:10:08 -04:00
Justin Santa Barbara
33a3d884f2 AWS: Filter by Cluster tag, rationalize EC2 abstraction
Whenever we do a list we now filter on tags so we only see resources relating
to our cluster.

Also, rationalize all the DescribeX calls:
 * They all take a request object (so that we can pass filters)
 * They do paging if that is required (and return the underlying resources)
 * They wrap any error with a "error while listing X: %v" message
2015-06-05 16:09:01 -04:00
Quinton Hoole
f048d0dff7 Merge pull request #9105 from anguslees/openstack-provider
Openstack LB improvements
2015-06-05 12:06:12 -07:00
Angus Lees
75f49b331a Ignore "unspecified" externalIP during LB create
Previously we always passed `Address: externalIP.String()` while
creating a loadbalancer VIP.  This passed "0.0.0.0" when externalIP was
unspecified, effectively making it mandatory to specify an externalIP.

This change correctly leaves `Address` unspecified when externalIP is
unspecified (has a zero value).

(Thanks to @justinsb for the report)
2015-06-05 16:27:45 +10:00
Quinton Hoole
b5251de193 Merge pull request #9261 from justinsb/aws_d2_instance_types
AWS: Add d2 instance types
2015-06-04 13:11:43 -07:00
Trevor Pounds
6eea271656 Guard against non AWS errors. 2015-06-04 10:33:36 -07:00
Justin Santa Barbara
41f52546bc AWS: Add d2 instance types
Another family of instance types, I think the next-gen of hs1
2015-06-04 12:57:33 -04:00
Trevor Pounds
7cdf573015 Update aws-sdk-go dependency from awslabs to aws. 2015-06-03 23:07:42 -07:00
Brian Grant
f72fa67924 Revert "Use Node IP Address instead of Node.Name in minion.ResourceLocation." 2015-06-03 18:19:22 -07:00
Brian Grant
d6d52b41c6 Merge pull request #9189 from justinsb/fix_9123
Avoid nil-pointer dereference panics in AWS
2015-06-03 12:34:34 -07:00
Justin Santa Barbara
e3eb23f464 Avoid nil-pointer dereference panics in AWS
These were introduced because the new official AWS SDK uses *string
where the old library used strings.  We now use the helpers much
more (orEmpty and isNilOrEmpty).

Fixes #9123
2015-06-03 12:24:23 -04:00
Angus Lees
9394635cc0 Make EnsureTCPLoadBalancerDeleted idempotent
This change allows EnsureTCPLoadBalancerDeleted to be called repeatedly
to reattempt deleting objects that may have failed on a previous run.

Specifically, if the VIP is already deleted, then an attempt is made to
lookup the pool by name.  Returns success when both the VIP and pool are
not found.

Fixes #8352
2015-06-03 17:21:31 +10:00
feihujiang
ebc8eab590 get Events to be logged 2015-06-03 15:05:07 +08:00
CJ Cullen
4e5d0da839 Use Node IP Address instead of Node.Name in minion.ResourceLocation.
Refactor GetNodeHostIP into pkg/util/node (instead of pkg/util to break import cycle).

Include internalIP in gce NodeAddresses. Remove NodeLegacyHostIP
2015-06-02 20:01:49 -07:00
Angus Lees
785a775777 Actually delete LBaaS monitors after disassociating
Partially addresses issue #8352
2015-06-02 15:25:51 +10:00
Angus Lees
6491922562 Catch 404 and return exists=false from GetTCPLoadBalancer
Previouly getVipByName treated 404 like any other unexpected error
return and passed it up the chain.  This caused the "if ErrNotFound then
exists=false" logic in GetTCPLoadBalancer to never fire.

This change teaches getVipByName to return ErrNotFound on a 404 server
response.
2015-06-02 15:25:40 +10:00
Eric Tune
8b498aee4a Merge pull request #8495 from gmarek/fix_ratelimit
Move evicting pods to separate thread to allow for correct ratelimitting.
2015-06-01 10:29:37 -07:00
gmarek
1490543d54 Move evicting pods to separate thread to allow for correct ratelimitting. 2015-06-01 11:39:20 +02:00
Justin Santa Barbara
1e99426d5b Support for AWS ELB 2015-05-29 18:53:35 -04:00
Justin Santa Barbara
c741b8f3ae Pass ports as []*api.ServicePort into LoadBalancer provider
Because AWS needs the NodePort; this also paves the way for e.g. UDP balancing
2015-05-29 18:47:05 -04:00
Rohit Jnagal
9184ccf24d Merge pull request #8960 from erictune/nodectrlevent
Add event about Node when cannot assign CIDR.
2015-05-29 14:54:16 -07:00
Rohit Jnagal
ae8bc2c47b Merge pull request #8887 from brendandburns/balancer
Add event generation when create/delete of balancers fails.
2015-05-29 13:32:11 -07:00
Prashanth B
6c209ec193 Revert "Revert "Wake up rcs when pods get DeletionFinalStateUnknown tombstones"" 2015-05-29 09:24:39 -07:00
Tim Hockin
32bb3ae8f1 Merge pull request #7775 from simon3z/cloud-provider-id
api: add the ProviderID attribute to NodeSpec
2015-05-28 15:54:00 -07:00
Tim Hockin
081ab3abac Merge pull request #8853 from caesarxuchao/HostToNodeName
update PodSpec.Host to PodSpec.NodeName
2015-05-28 15:50:12 -07:00
Tim Hockin
2cadd4c86e Merge pull request #8906 from justinsb/aws_volume_fixes
Fix AWS volumes
2015-05-28 15:30:33 -07:00
Eric Tune
a271b306b0 Add event about Node when cannot assign CIDR. 2015-05-28 14:51:48 -07:00
Chao Xu
9c1153322e update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go 2015-05-28 14:10:06 -07:00
Brendan Burns
9ccd349a7d Add event generation when create/delete of balancers fails. 2015-05-28 13:51:39 -07:00
Tim Hockin
b69fad211e Revert "Wake up rcs when pods get DeletionFinalStateUnknown tombstones" 2015-05-28 10:23:55 -07:00
Federico Simoncelli
1a41082ca8 cloudprovider: vagrant InstanceID implementation
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:02:11 -04:00
Federico Simoncelli
154eccefe2 cloudprovider: openstack InstanceID implementation
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:02:11 -04:00
Federico Simoncelli
afcda70190 cloudprovider: gce InstanceID implementation
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:02:11 -04:00
Federico Simoncelli
185d0e19d5 cloudprovider: aws InstanceID implementation
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:02:11 -04:00
Federico Simoncelli
466a7daaa8 cloudprovider: ovirt InstanceID implementation
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:02:11 -04:00
Federico Simoncelli
2a89428d44 api: add the ProviderID attribute to NodeSpec
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 13:01:58 -04:00
Federico Simoncelli
faba12951a cloudprovider: add support for InstanceID method
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 12:47:50 -04:00
Federico Simoncelli
194343267d cloudprovider: add the ProviderName method
This patch adds the ProviderName method used to identify the cloud
provider.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-28 12:47:47 -04:00
Quinton Hoole
9b67435cf3 Merge pull request #8899 from roberthbailey/ip-from-metadata
For GCE, compute the external IP by using the local metadata server
2015-05-28 08:29:38 -07:00
Justin Santa Barbara
97a312f72c Fix AWS volume detach 2015-05-28 06:48:19 -04:00
Wojciech Tyczynski
6ffe46a9e0 Merge pull request #8822 from bprashanth/fifo_rc
Wake up rcs when pods get DeletionFinalStateUnknown tombstones
2015-05-28 10:50:28 +02:00
Robert Bailey
1dfaa93ccd For GCE, compute the external IP by using the local metadata
server. This is in many ways a revert of #7530 but after auditing
the code I found that this function is now only used to determine
an address of the node where it is currently running.
2015-05-27 17:41:41 -07:00
Prashanth Balasubramanian
8fa66bd962 Delta fifo includes objects in DeleteFinalStateUnknow, rcs stop faster 2015-05-27 16:45:51 -07:00
Tim Hockin
f69eb0af67 Merge pull request #8831 from a-robinson/tp
Adjust the sleep time before tearing down e2e clusters and add a rough formula
2015-05-27 12:42:49 -07:00
derekwaynecarr
2f1dd9228f Fix Vagrant node registration and kube-push 2015-05-27 10:50:57 -04:00
Alex Robinson
9d61a95464 Adjust the sleep time before tearing down e2e clusters and add a rough formula
for determining how long the sleep should be.
2015-05-26 21:09:05 +00:00
Saad Ali
c5525ecfdc Merge pull request #8704 from roberthbailey/dead-flags
Deprecate flags for nodecontroller
2015-05-26 09:54:01 -07:00
Justin Santa Barbara
bb697cee7e Clear LoadBalancerStatus both on LB delete and on update in the API
Although it takes some time to destroy a load balancer, we hide this complexity
from the user.
2015-05-22 19:14:28 -04:00
Justin Santa Barbara
a271771341 Richer errors for validation 2015-05-22 19:14:28 -04:00
Justin Santa Barbara
7346cc8042 Add ServiceType = NodePort; wire everything up 2015-05-22 19:14:28 -04:00
Justin Santa Barbara
e49ad95462 Mark PublicIPs as deprecated & rename to DeprecatedPublicIPs in the latest API
We need to keep them in the API so that we can round-trip between versions.
2015-05-22 19:14:27 -04:00
Justin Santa Barbara
973c2e4819 Add Type to ServiceSpec: ClusterIP or LoadBalancer 2015-05-22 19:14:21 -04:00
Justin Santa Barbara
3884d5fc59 Add LoadBalancer status to ServiceStatus
This will replace publicIPs
2015-05-22 18:27:05 -04:00
Robert Bailey
d0bcf953e9 Deprecate the following flags for node-controller:
--node-milli-cpu
  --node-memory
  --machines
  --minion-regexp
  --sync-nodes

Remove the following flags from the standalon kubernetes binary:
  --node-milli-cpu
  --node-memory
2015-05-22 15:18:36 -07:00
Dawn Chen
17ac4b1dfc Merge pull request #8297 from iterion/switch-to-aws-sdk-go
AWS: Switch to aws-sdk-go
2015-05-22 12:31:07 -07:00
Dawn Chen
677a4aa1a7 Merge pull request #8164 from cjcullen/cloudprovider
Route creation reconciler loop.
2015-05-22 12:27:50 -07:00
Quinton Hoole
6d8eaa924e Merge pull request #7852 from a-robinson/tp
Prevent stranding of partial load balancers resources
2015-05-22 10:12:30 -07:00
CJ Cullen
e6da5b9601 Make routecontroller_test less hacky.
Rename reconcilePodCIDRs to reconcileNodeCIDRs.
Add comments and TODOs about using controller framework.
2015-05-21 18:05:11 -07:00
David Oppenheimer
6b428ef1a8 Merge pull request #7170 from simon3z/node-events
Node events recording fixes
2015-05-21 12:54:38 -07:00
Dawn Chen
b5c1098cb6 Merge pull request #8576 from a-robinson/svc
Fix misordered assignment in service controller
2015-05-21 09:38:08 -07:00
Federico Simoncelli
2f503c57a5 nodecontroller: improve node status event recording
This patch substitutes the misleading reason "unknown" for the event
recording. For symmetry with kubelet's message "online" the conditions
Unknown and False are reported as "offline".

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-20 18:46:01 -04:00
Federico Simoncelli
21c57a5633 nodecontroller: remove unused ready event recording
It's not nodecontroller setting the node to Ready so it's impossible to
reach this condition.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2015-05-20 18:45:58 -04:00
CJ Cullen
0d12a15971 Route creation reconciler loop. 2015-05-20 14:21:30 -07:00
CJ Cullen
bf646abf8d Revert "Revert "Modify nodes to register directly with the master.""
This reverts commit c53786ab31.
2015-05-20 14:21:03 -07:00
Quinton Hoole
c53786ab31 Revert "Modify nodes to register directly with the master." 2015-05-20 13:47:51 -07:00
Alex Robinson
4214b76924 Fix misordered assignment in service controller 2015-05-20 11:51:48 -06:00
Adam Sunderland
ad9f2d7a56 Fix Some AWS Issues 2015-05-20 10:42:27 -05:00
Alex Robinson
dbf224475d Require DeleteTCPLoadBalancer to be idempotent and change the service
controller to rely on that, so that we won't strand partial resources
from them anymore (target pools in GCE, pools in OpenStack, etc.).
2015-05-19 17:06:54 +00:00
Alex Robinson
dc2f10d51b Make openstack's impl of DeleteTCPLoadBalancer idempotent with respect
to load balancers having already been deleted.
2015-05-19 17:06:50 +00:00
Robert Bailey
01467e0bb8 Modify nodes to register directly with the master.
- Delete nodes when they are no longer ready and don't exist in the
cloud provider.
 - Label each node with it's hostname.
 - Add flag to skip node registration.
 - Add a test for registering an existing node.
2015-05-19 09:55:07 -07:00
Brian Grant
2c81050e6f Merge pull request #8457 from davidopp/master
Fix stylistic isues with #5547. Closes #4910.
2015-05-19 07:43:21 -07:00
David Oppenheimer
44b1e1ca0c Fix stylistic isues with #5547. Closes #4910. 2015-05-18 23:32:06 -07:00
Tim Hockin
a548d542db Rename AffinityType to ServiceAffinity 2015-05-18 17:21:30 -07:00
Victor Marmol
45874d5f76 Merge pull request #5547 from gmarek/client3
Add a resource specifying number of Pods that are allowed to run on Kubelet.
2015-05-18 11:11:43 -07:00
Victor Marmol
4ba22e713a Merge pull request #8296 from jlowdermilk/gen-analytics
Add ga-beacon analytics to gendocs scripts
2015-05-18 08:40:02 -07:00
Alex Robinson
3cf80e76c8 Properly handle nil cached services in the service controller's node reconciler.
Add a test that catches the former bug.
2015-05-17 22:36:48 -07:00
Jeff Lowdermilk
553f9f822b Add ga-beacon analytics to gendocs scripts
hack/run-gendocs.sh puts ga-beacon analytics link into all md files,
hack/verify-gendocs.sh verifies presence of link.
2015-05-15 18:56:38 -07:00
Alex Robinson
edf5a78604 Don't try deleting a target pool if we failed to delete its forwarding rule. 2015-05-15 22:05:23 +00:00
gmarek
27d660d0ac Add a resource specifying number of Pods that are allowed to run on Kubelet. 2015-05-15 10:57:46 +02:00