github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,873 Commits 1 Branch 31 Tags
88fadb24c1a954ecb43e190beb6e745eee36e204
Commit Graph

1099 Commits

Author SHA1 Message Date
Samuel Davidson
3958ecb5c7 Fix to configure-kubeapiserver.sh error. 
It no no longer errors and exits if
env-var OLD_LOAD_BALANCER_IP is undefined.
 2020-06-15 11:42:05 -07:00
Aldo Culquicondor
55242bf3c9 Support kube-scheduler component-config in GCE init scripts 
Taking precedence over some existing flags.

Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-06-15 09:41:18 -04:00
Jefftree
c6b2b1fad3 Add health port to network proxy 2020-06-12 16:44:56 -07:00
Jordan Liggitt
ac5ec4aa80 Adjust admission webhook auth config for default-enabled admission plugins 2020-06-10 13:46:30 -04:00
Davanum Srinivas
1731cb30f5 Use containerd as default in kube-up.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-07 14:34:50 -04:00
Kubernetes Prow Robot
db152fdd7d Merge pull request #91756 from wojtek-t/remove_etcd_empty_dir_cleanup 
Remove etcd-empty-dir-cleanup image
 2020-06-05 15:30:24 -07:00
Kubernetes Prow Robot
3509b46fc6 Merge pull request #91612 from bsdnet/gci 
Improve COS image document for E2E test
 2020-06-05 15:30:00 -07:00
wojtekt
ee27e5b8be Remove all references to etcd-empty-dir-cleanup. 2020-06-05 08:41:31 +02:00
Kubernetes Prow Robot
c0455a1853 Merge pull request #91154 from liggitt/signer-duration 
Mark experimental-cluster-signing-duration deprecated, add --cluster-signing-duration
 2020-06-04 17:59:45 -07:00
Vinayak Goyal
8daa9e6f77 Updating kube-controller-manager to run as non-root. 2020-06-02 14:07:00 -07:00
Roy Yang
3336d59ab2 Update COS/GCI document 
Signed-off-by: Roy Yang <royyang@google.com>
 2020-06-01 14:34:31 -07:00
Sascha Grunert
d2fc2d282d Update cri-tools to v1.18.0 
This updates cri-tools to the latest release as well as pointing the
artifacts to the new Google Cloud Bucket `k8s-artifacts-cri-tools`.

This reverts commit ce1840d253.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-05-29 10:56:02 +02:00
Kubernetes Prow Robot
f91c1ef60e Merge pull request #91370 from justaugustus/cni 
Update CNI to v0.8.6
 2020-05-26 13:38:01 -07:00
Kubernetes Prow Robot
f01d848c48 Merge pull request #91329 from dims/switch-kube-controller-manager-to-distroless-image 
Switch kube-controller-manager to distroless image
 2020-05-22 17:23:10 -07:00
Stephen Augustus
b692502a9d Update CNI to v0.8.6 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-05-22 17:48:56 -04:00
Kubernetes Prow Robot
9e06faa1fb Merge pull request #91240 from tosi3k/bump-am-version 
Update kube-addon-manager to v9.1.1
 2020-05-21 19:40:37 -07:00
Davanum Srinivas
b1742f19ef Switch kube-controller-manager to distroless image 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-21 22:33:54 -04:00
Kubernetes Prow Robot
c97c61ebe8 Merge pull request #91304 from karan/gcireviewer 
add karan to gci reviewer
 2020-05-20 19:42:20 -07:00
Kubernetes Prow Robot
52358fe010 Merge pull request #91228 from sambdavidson/iprotflags 
Add SNI flags usage to configure-*.sh
 2020-05-20 19:41:30 -07:00
Samuel Davidson
20b37d6c5a Add IP rotation flags and env-vars to configure-*.sh 2020-05-20 13:07:37 -07:00
Karan Goel
451592c6a5 add karan to gci reviewer 2020-05-20 10:42:42 -07:00
Jacek Kaniuk
57caa27b8d Do not add kube-apiserver performance flags if already set 2020-05-20 19:05:16 +02:00
Antoni Zawodny
15e491eb2f Update kube-addon-manager to v9.1.1 2020-05-20 09:50:20 +02:00
Jakub Przychodzeń
ce1840d253 Revert "Update cri-tools to v1.18.0" 
This reverts commit 4b3e023659.
 2020-05-19 11:19:39 +02:00
Sascha Grunert
4b3e023659 Update cri-tools to v1.18.0 
Bump cri-tools to the latest version and update test scripts.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-05-18 13:38:41 +02:00
Jordan Liggitt
950ed38996 Mark experimental-cluster-signing-duration deprecated, add --cluster-signing-duration 2020-05-15 14:09:58 -04:00
Tim Hockin
d681a04541 Force LICENSES refresh on GCE images 
Some test images have it baked in.
 2020-05-11 14:25:26 -07:00
Yuwen Ma
1aa67fc525 Switch core master base images from debian to distroless 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-09 06:55:00 -04:00
Kubernetes Prow Robot
7d53ecee37 Merge pull request #90575 from thockin/fix_license_again 
Reorganize vendor licenses again (revert #85220)
 2020-05-08 23:03:51 -07:00
Tim Hockin
325ea6e3c2 Restructure licenses again (revert cd4474a) 
This moves licenses of vendored code from one monolith file into a tree
of individual files for easier reviews.  This fixes both the bash and
bazel paths.
 2020-05-07 21:48:59 -07:00
Walter Fender
339918d206 Add admin account on master for kube-up 
Creates a master local admin account.
If you are on the master you can now run kubectl.
For issue 87481.
 2020-05-06 17:19:58 -07:00
Davanum Srinivas
0d38f21932 Use bionic repo for docker as focal is not yet available 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-03 16:50:49 -04:00
Kubernetes Prow Robot
e494b0788b Merge pull request #89543 from bartekzurawski/fix-kube-up-gce-private-restart 
Set ip alias route on kubernetes-master during booting
 2020-04-24 09:38:07 -07:00
Vinayak Goyal
7a5f4c47de Run kube-scheduler and kube-addon-manager as non root 2020-04-16 14:50:04 -07:00
Bartek Żurawski
3e4744c736 Set ip alias route on kubernetes-master during booting 2020-04-15 00:03:05 +02:00
Kubernetes Prow Robot
c0be582ca5 Merge pull request #89269 from Jefftree/network-proxy-beta 
Use v1beta1 for egress selector config
 2020-04-09 18:07:49 -07:00
Kubernetes Prow Robot
c7abf44a19 Merge pull request #88856 from yaseenhamdulay/patch-1 
Create etcd user in cloud-init master.yaml rather than in configure-h…
 2020-03-27 20:41:53 -07:00
Samuel Davidson
c70cd1e82f Changed readonly to true and type to File for authn/authz config. 2020-03-25 17:45:27 -07:00
Yaseen Hamdulay
58f78a53ee Add ssh_redirect_user 2020-03-24 11:30:48 +00:00
Kubernetes Prow Robot
de877ec26e Merge pull request #89327 from aojea/conntrack 
cluster: ipvs conntrack module vs kernel version
 2020-03-22 13:28:44 -07:00
Antonio Ojea
33810a99d9 cluster: ipvs conntrack module vs kernel version 
We should use 'nf_conntrack' instead of 'nf_conntrack_ipv4'
for linux kernel >= 4.19
 2020-03-21 11:23:28 +01:00
Jefftree
936f7665cf network proxy alpha -> beta 2020-03-19 11:49:47 -07:00
yaseenhamdulay
5de3c64ad0 Create etcd user in cloud-init master.yaml rather than in configure-helper.sh 
An etcd unix user is currently created in configure-helper.sh if it does not exist
on the master.

cloud-init is the only supported mechanism to add users on COS VMs. If an attempt
is made to add a key using OS Login or the instance metadata mechanism the
google_accounts_daemon will race with useradd and potentially attempt to use
the same UID. This will lock out any attempt to SSH into the VM. We therefore
migrate to using cloud-init to create this user and prevent this issue from occurring.
 2020-03-19 11:05:42 +00:00
Kubernetes Prow Robot
f899ad704a Merge pull request #89069 from enj/enj/i/drop_password_file 
Remove support for basic authentication
 2020-03-18 22:24:20 -07:00
Kubernetes Prow Robot
8055c92e26 Merge pull request #88125 from mwwolters/flex2healthz 
Switch flexvolume_node_setup.sh from kubelet RO port to healthz port
 2020-03-17 16:20:07 -07:00
Joe Betz
23c358d883 Fix unbound variable error in gce/configure.sh 
Looks like UBUNTU_INSTALL_RUNC_VERSION should be optional here.
 2020-03-12 16:41:25 -07:00
Monis Khan
df292749c9 Remove support for basic authentication 
This change removes support for basic authn in v1.19 via the
--basic-auth-file flag.  This functionality was deprecated in v1.16
in response to ATR-K8S-002: Non-constant time password comparison.

Similar functionality is available via the --token-auth-file flag
for development purposes.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-11 20:55:47 -04:00
Jefftree
6fd748e2c5 exit if KONNECTIVITY_SERVICE_PROXY_PROTOCOL_MODE is set incorrectly 2020-03-05 16:59:55 -08:00
Jefftree
06abedb063 Allow both GRPC and http-connect mode to be toggled 2020-03-05 16:16:59 -08:00
Jefftree
2a98cb7f8b Use GRPC mode for network proxy 2020-03-02 15:54:52 -08:00