github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,577 Commits 1 Branch 31 Tags 1,019 MiB
85bb2911a3
Commit Graph

93 Commits

Author SHA1 Message Date
Dawn Chen
85bb2911a3 Apply oom_score_adj (0) to PID of user containers by default. 
(cherry picked from commit f6f9372d1a)
 2015-06-15 20:33:45 -07:00
Brendan Burns
6eda9c4976 Fix a bug where the network container could be torn down before other pods. 
This can break PreStop that hits localhost in the pod.

(cherry picked from commit aac696d44c)
 2015-06-15 20:32:31 -07:00
Dawn Chen
f714020a7a Passing memory swap limit -1 by default. Docker remote API never check if memory 
swap is enabled by kernel or not, instead by default to set the limit to
memory * 2, and return API error 500 if swap is not enabled.
 2015-06-05 18:12:05 -07:00
Yifan Gu
f197a9db4e kubelet: Minor refactors. 
Remove some TODOs.
Unexport DockerManager.Puller and DockerManager.PodInfraContainerImage.
Add "docker" for all "go-dockerclient" imports.
 2015-06-04 16:08:45 -07:00
Filip Grzadkowski
98115facfd Revert "Gracefully delete pods from the Kubelet" 2015-06-02 23:40:05 +02:00
Brian Grant
8a9700b2ba Merge pull request #8864 from ncdc/pluggable-docker-exec 
Add support for pluggable Docker exec handlers
 2015-06-02 14:13:06 -07:00
Clayton Coleman
72ee028cab Gracefully delete pods from the Kubelet 
This commit wires together the graceful delete option for pods
on the Kubelet.  When a pod is deleted on the API server, a
grace period is calculated that is based on the
Pod.Spec.TerminationGracePeriodInSeconds, the user's provided grace
period, or a default.  The grace period can only shrink once set.
The value provided by the user (or the default) is set onto metadata
as DeletionGracePeriod.

When the Kubelet sees a pod with DeletionTimestamp set, it uses the
value of ObjectMeta.GracePeriodSeconds as the grace period
sent to Docker.  When updating status, if the pod has DeletionTimestamp
set and all containers are terminated, the Kubelet will update the
status one last time and then invoke Delete(pod, grace: 0) to
clean up the pod immediately.
 2015-06-01 19:23:59 -04:00
Andy Goldstein
2a0d7ebb11 Add support for pluggable Docker exec handlers 
Add support for pluggable Docker exec handlers. The default handler is
now Docker's native exec API call. The previous default, nsenter, can be
selected by passing --docker-exec-handler=nsenter when starting the
kubelet.
 2015-06-01 16:59:59 -04:00
Chao Xu
2f6e5e2e08 Update ContainerState.Termination to ContainerState.Terminated in pkg/api/types.go and pkg/api/v1/types.go 2015-05-28 17:18:24 -07:00
Brendan Burns
2ec4b409e1 Make exec more consistent with the rest of the kubectl commands. 2015-05-27 15:47:32 -07:00
Paul Morie
8b338860aa Make kubelet expand var refs in cmd, args, env 2015-05-27 00:13:57 -04:00
Yifan Gu
6a5681e0fe kubelet: Move HashContainer to kubelet/container package. 2015-05-20 12:08:32 -07:00
Dawn Chen
349d8b1a67 Merge pull request #8491 from vmarmol/fix-isolation 
Fix setting resource isolation in Docker 1.6+
 2015-05-19 11:26:27 -07:00
Victor Marmol
deaa0e569d Set CPU and memory in Create() and Start(). 
This allows for backwards and forwards compatability since old Docker
versions expect it in Create() and newer ones do so in Start().

Fixes #8358
 2015-05-19 09:26:15 -07:00
deads2k
5458f05679 create LocalObjectReference 2015-05-19 08:39:46 -04:00
deads2k
0c14e0cbdb add pull secret references to pods 2015-05-18 16:18:16 -04:00
Satnam Singh
26b27b5e0f Merge pull request #8374 from jimmidyson/docker-log-symlink-separator 
Docker log symlinks should use underscore separator
 2015-05-18 08:59:07 -07:00
Michal Fojtik
7d11e226b7 Disable 'Timestamps' in Docker logs to prevent double-timestamps 2015-05-18 12:27:19 +02:00
Jimmi Dyson
2d4067f1fd Fixes #8374: Underscore separator in docker log symlink 2015-05-16 19:19:27 +01:00
Dawn Chen
ebbb130af8 OOM protected docker processes (-900) 2015-05-14 15:49:12 -07:00
Victor Marmol
67eab52b9e Merge pull request #8146 from yifan-gu/runtime_opt 
kubelet/container: Refactor RunContainerOptions.
 2015-05-13 11:09:56 -07:00
Yifan Gu
d164ac0ba0 kubelet/container: Refactor RunContainerOptions. 
Make Envs, Mounts, PortMappings more generic.
Also add default name for PortMapping if it's not specified.
 2015-05-13 10:01:00 -07:00
Brendan Burns
3f49c556e6 Second try at implementing prestop. 2015-05-12 17:17:03 -07:00
Victor Marmol
3481db8aee Merge pull request #8136 from yifan-gu/runtime_opt 
kubelet/container: Remove ipcMode and netMode from  RunContainerOptions.
 2015-05-12 14:41:49 -07:00
Yifan Gu
a2dac158c2 kubelet/container: Remove ipcMode and netMode from RunContainerOptions. 
Since createPodInfraContainer() is moved into dockertools. There is no
need to pass the ipcMode or netMode via RunContainerOptions.
 2015-05-12 14:18:00 -07:00
Vish Kannan
a74522a738 Merge pull request #8011 from brendandburns/exec 
Switch exec to look at exit code not output status.
 2015-05-12 12:43:11 -07:00
Brendan Burns
fbd0143fa8 Merge pull request #7971 from deads2k/make-docker-keyring-handle-multiple-hits 
make the dockerkeyring handle mutiple matching credentials
 2015-05-11 17:01:37 -07:00
Yu-Ju Hong
3487a165b8 Unexport DockerManager.RunContainer 2015-05-11 11:03:41 -07:00
deads2k
2ecb0ebd73 make the dockerkeyring handle mutiple matching credentials 2015-05-11 09:54:03 -04:00
Deyuan Deng
2f7183cba5 Check Pod privileged container 2015-05-09 17:30:35 -04:00
Yu-Ju Hong
d185bfd56a Record failure reason for image pulling 2015-05-08 17:37:11 -07:00
Brendan Burns
c9324e6e38 Switch exec to look at exit code not output status. 2015-05-08 16:51:37 -07:00
Yifan Gu
8b1174a3a7 kubelet/container: Move pty*.go to container runtime package. 
This makes the labeld pty wrapper available for both container runtime.
 2015-05-07 23:36:47 -07:00
Paul Morie
df08b15121 Change signature of container runtime PullImage to allow pull w/ secret 2015-05-06 17:42:03 -04:00
Zach Loafman
875e83a741 Revert "Revert "Security context - types, kubelet, admission"" 2015-05-05 16:02:13 -07:00
Zach Loafman
f48904fd5e Revert "Security context - types, kubelet, admission" 2015-05-05 15:20:39 -07:00
Paul Weil
982bf19c20 security context initial implementation - squash 2015-05-05 13:46:13 -04:00
Victor Marmol
fe7cb95be6 Merge pull request #7746 from vishh/exec_fix 
Fix kubelet's docker RunInContainer implementation
 2015-05-04 16:49:57 -07:00
Victor Marmol
a32d31d045 Merge pull request #7729 from yujuhong/runtime_up 
Kubelet: wait until container runtime is up
 2015-05-04 16:02:30 -07:00
Vishnu Kannan
ec01265643 Fix docker exec logic. Without this patch, kubelet was not receiving any output from docker exec 
and was incorrectly handling the output.
 2015-05-04 16:01:32 -07:00
Yu-Ju Hong
d231eb6bef Kubelet: wait until container runtime is up 
Instead of waiting for the docker client to be up, we wait for the container
runtime to be up.
 2015-05-04 15:16:38 -07:00
Victor Marmol
b0129089da Merge pull request #7712 from rjnagal/kubelet 
Expose pod name as a label on containers.
 2015-05-04 14:52:16 -07:00
Rohit Jnagal
1511dbf0b5 Expose pod name as a label on containers. 
Full pod name is exposed under key 'kubernetes.io/pod'.
It helps in introspection by looking at all containers in a pod through
docker ps -a -f label=kubernetes.io/pod=podXXX

We also plan to visualize this in cAdvisor.
 2015-05-04 21:20:42 +00:00
Victor Marmol
79fc8bee34 Change GetContainerLogs() signature. 
This works for both runtimes. We need to eventually unify the ID scheme
for this method.
 2015-05-04 11:16:32 -07:00
Yu-Ju Hong
1ad4dd7803 Kubelet: replace DockerManager with the Runtime interface 
This change instructs kubelet to switch to using the Runtime interface. In order
to do it, the change moves the Prober instantiation to DockerManager.

Note that most of the tests in kubelet_test.go needs to be migrated to
dockertools. For now, we use type assertion to convert the Runtime interface to
DockerManager in most tests.
 2015-05-04 10:19:46 -07:00
Daniel Smith
4a6ab7fd36 Merge pull request #7597 from eparis/copyright 
Use generic copyright holder name in license boilerplate
 2015-05-01 17:01:39 -07:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Yu-Ju Hong
4fe3366b04 Removes RunPod in the Runtime interface 
SyncPod subsumes RunPod, so the latter is no longer needed.
After this change, DockerManager implements the Runtime interface.
 2015-05-01 14:47:04 -07:00
Victor Marmol
3b9eba2c1b Add SyncPod() to DockerManager and use in Kubelet. 
This allows us to abstract away the logic of syncing a pod by the
runtime. It will allow other runtimes to perform their own sync as well.
 2015-05-01 11:03:08 -07:00
Vish Kannan
cadfde0bd1 Merge pull request #7277 from guenter/cgroup-parent 
Add --cgroup_parent flag to Kubelet to set the parent cgroup for pods
 2015-05-01 10:24:58 -07:00