Commit Graph

4550 Commits

Author SHA1 Message Date
k8s-merge-robot
890ac5fdfe Merge pull request #27791 from colhom/gke-aws-federation
Automatic merge from submit-queue

Federation e2e support for AWS

I've observed e2e test failures on the two local runs I did, but the framework seems to come up successfully. [logs](http://pastebin.com/tsJpKUc4). Ideas on this?

I'm in the process of validating GKE as well, and will modify the title if it succeeds.

\cc @nikhiljindal @quinton-hoole 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-23 13:34:25 -07:00
Piotr Szczesniak
4dc6a9f2a1 Fixed typo in upgrade.sh script 2016-06-23 13:29:17 +02:00
k8s-merge-robot
11fdfb50d5 Merge pull request #27924 from kubernetes/revert-27840-add-sources-to-node
Automatic merge from submit-queue

Revert "Copy and display source location prominently on Kubernetes instances"

Reverts kubernetes/kubernetes#27840


This broke cluster upgrade, ref https://github.com/kubernetes/kubernetes/issues/27764#issuecomment-227971330. cc @janetkuo @zmerlynn
2016-06-23 02:38:57 -07:00
k8s-merge-robot
ec6bfc207c Merge pull request #27877 from wojtek-t/mix_waiting_for_upgrade
Automatic merge from submit-queue

Fix waiting for node upgrades

Fix https://github.com/kubernetes/kubernetes/issues/27852

If someone wants to finish it, feel free to pick it up and finish.

@davidopp
2016-06-23 01:49:12 -07:00
k8s-merge-robot
446cbc5605 Merge pull request #27859 from gmarek/template
Automatic merge from submit-queue

kube-down deletes instance templates created by cluster/gce/upgrade.sh

Fixes #27856

cc @mikedanese @davidopp
2016-06-23 01:49:07 -07:00
Marek Grabowski
56d4586f89 Revert "Copy and display source location prominently on Kubernetes instances" 2016-06-23 10:24:29 +02:00
Wojciech Tyczynski
5094333bc2 Fix waiting for node upgrades 2016-06-23 09:58:08 +02:00
k8s-merge-robot
70fc517f79 Merge pull request #27895 from nikhiljindal/pushDNSImage
Automatic merge from submit-queue

Pushing a new KubeDNS image and updating the YAML files

Updating KubeDNS image to include https://github.com/kubernetes/kubernetes/pull/27845

@kubernetes/sig-cluster-federation @girishkalele @mml
2016-06-22 16:56:31 -07:00
k8s-merge-robot
179129c908 Merge pull request #27840 from zmerlynn/add-sources-to-node
Automatic merge from submit-queue

Copy and display source location prominently on Kubernetes instances

Following from #27830, this copies the source onto the instance and displays the location of it prominently (keeping the download link for anyone that just wants to curl it).

Example output (this tag doesn't exist yet):

```
Welcome to Kubernetes v1.4.0!

You can find documentation for Kubernetes at:
  http://docs.kubernetes.io/

The source for this release can be found at:
  /usr/local/share/doc/kubernetes/kubernetes-src.tar.gz
Or you can download it at:
  https://storage.googleapis.com/kubernetes-release/release/v1.4.0/kubernetes-src.tar.gz

It is based on the Kubernetes source at:
  https://github.com/kubernetes/kubernetes/tree/v1.4.0

For Kubernetes copyright and licensing information, see:
  /usr/local/share/doc/kubernetes/LICENSES
```

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-22 15:14:50 -07:00
Marcin
21661ba1e6 Bump Cluster Autoscaler to 0.2.1 2016-06-22 22:41:36 +02:00
nikhiljindal
ff1264bc33 Pushing a new KubeDNS image and updating the YAML files 2016-06-22 13:08:41 -07:00
k8s-merge-robot
73b0b31313 Merge pull request #27869 from bryk/dashboard-v1.1.0
Automatic merge from submit-queue

Set Dashboard UI version to v1.1.0

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

This is our final release for this quarter.

Release info and changelog will go there:
https://github.com/kubernetes/dashboard/releases/tag/v1.1.0
2016-06-22 11:22:43 -07:00
k8s-merge-robot
b9bc756aa9 Merge pull request #27803 from fabioy/fix-multizone-groups
Automatic merge from submit-queue

Fix NODE_INSTANCE_GROUPS resolution in GKE to only

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

Fix NODE_INSTANCE_GROUPS resolution in GKE to only include single cluster groups. 
Add NODE_INSTANCE_GROUPS_URLS for multi-zone groups.

fixes #27692
2016-06-22 10:45:54 -07:00
k8s-merge-robot
5e16101aab Merge pull request #27807 from luxas/revert_proxy_ds
Automatic merge from submit-queue

Revert kube-proxy as a DaemonSet in hyperkube for the v1.3 release

It was a bit sad, but I was a bit too fast with the kube-proxy DaemonSet thing, so we have to target v1.4 for that one. Reverting to a static-pod

This one is for v1.3
@mikedanese @cheld @zreigz
2016-06-22 10:11:03 -07:00
bryk
aba33495dd Set Dashboard UI version to v1.1.0
This is our final release for this quarter.

Release info, changelog will go there:
https://github.com/kubernetes/dashboard/releases/tag/v1.1.0
2016-06-22 15:15:41 +02:00
k8s-merge-robot
4e2433cfab Merge pull request #27776 from mikedanese/addon-limit
Automatic merge from submit-queue

increase addon check interval

Do static pods have a crash loop back off? If so, this test would be much faster if we restarted the kubelet to clear that.

Fixes #26770
2016-06-22 05:57:49 -07:00
gmarek
6d201c9c57 kube-down deletes instance templates created by the cluster upgrade 2016-06-22 14:09:37 +02:00
Wojciech Tyczynski
e029f9523b Fix not-ready master node after upgrade. 2016-06-22 10:53:51 +02:00
Zach Loafman
f9d1737299 Copy and display source location prominently on Kubernetes instances
Following from #27830, this copies the source onto the instance and
displays the location of it prominently (keeping the download link for
anyone that just wants to curl it).

Example output (this tag doesn't exist yet):

---
Welcome to Kubernetes v1.4.0!

You can find documentation for Kubernetes at:
  http://docs.kubernetes.io/

The source for this release can be found at:
  /usr/local/share/doc/kubernetes/kubernetes-src.tar.gz
Or you can download it at:
  https://storage.googleapis.com/kubernetes-release/release/v1.4.0/kubernetes-src.tar.gz

It is based on the Kubernetes source at:
  https://github.com/kubernetes/kubernetes/tree/v1.4.0

For Kubernetes copyright and licensing information, see:
  /usr/local/share/doc/kubernetes/LICENSES
---
2016-06-21 23:03:30 -07:00
Marek Grabowski
95d492603d Merge pull request #27824 from andyzheng0831/upgrade
Fix the node upgrade failure issue #27764
2016-06-22 07:32:35 +02:00
Colin Hom
5bacc4830e Federation e2e supports aws 2016-06-21 18:22:46 -07:00
k8s-merge-robot
9122e745b6 Merge pull request #27814 from bprashanth/l7_image_update
Automatic merge from submit-queue

Bump glbc version to 0.7.0
2016-06-21 17:56:25 -07:00
Prashanth Balasubramanian
2e54ee8821 Bump glbc version 2016-06-21 15:49:48 -07:00
k8s-merge-robot
62ce66988c Merge pull request #27794 from justinsb/fix_27467
Automatic merge from submit-queue

AWS kube-up: Authorize route53 in the IAM policy

Federation needs this now (on the nodes), and I suspect ingress
controllers will shortly want this also.  Given we're going to authorize
it on the nodes, we should authorize it on the master also (the master
is much more trusted).

Fix #27467
2016-06-21 15:47:38 -07:00
Fabio Yeon
15a44e4243 Fix NODE_INSTANCE_GROUPS resolution in GKE to only
include single cluster groups. Add NODE_INSTANCE_GROUPS_URLS for
multi-zone groups.
2016-06-21 15:18:34 -07:00
Lucas Käldström
ca3ee9e5a1 Revert kube-proxy as a DaemonSet in hyperkube for the v1.3 release 2016-06-22 00:48:46 +03:00
Andy Zheng
c2cdc2e9fd Fix the node upgrade failure issue #27764 2016-06-21 14:46:53 -07:00
k8s-merge-robot
0e562d29c7 Merge pull request #26932 from aaronlevy/conformance-fix
Automatic merge from submit-queue

Allow conformance tests to run on non-GCE providers

fixes https://github.com/kubernetes/kubernetes/issues/26869

Creates a skeleton provider which has all the required function stubs -- but will allow a previously set "skeleton" KUBERNETES_PROVIDER to not be overriden with "gce".
2016-06-21 14:30:58 -07:00
Mike Danese
57201fad36 increase addon check interval 2016-06-21 12:48:00 -07:00
Justin Santa Barbara
f3cc5f503a AWS kube-up: Authorize route53 in the IAM policy
Federation needs this now (on the nodes), and I suspect ingress
controllers will shortly want this also.  Given we're going to authorize
it on the nodes, we should authorize it on the master also (the master
is much more trusted).

Fix #27467
2016-06-21 15:42:54 -04:00
k8s-merge-robot
ee87a39f04 Merge pull request #27676 from justinsb/aws_debian_1_11
Automatic merge from submit-queue

AWS kube-up: move to Docker 1.11.2

This is to mirror GCE

Also we remove support for vivid as Docker no longer packages for it, and remove some of the unreachable distro code in aws kube-up.

Also bump the AMI to a 1.3 version (with preinstalled Docker 1.11.2)

Fixes https://github.com/kubernetes/kubernetes/issues/27654
2016-06-21 12:29:03 -07:00
k8s-merge-robot
6cccb872a7 Merge pull request #27741 from zmerlynn/fix-gce-filters
Automatic merge from submit-queue

GCE provider: Limit Filter calls to regexps rather than insane blobs

Filters can't exceed 4k, and GET requests against the GCE API are also limited, so these break down in different ways at different cluster counts. Fix it by introducing an advisory `node-instance-prefix` configuration in the GCE provider that can hint the `EnsureLoadBalancer`/`UpdateLoadBalancer code` (and the firewall creation/update code). If it's not there, or wrong (a hostname that's registered violates it), just ignore it and grab the whole project.

Fixes #27731 
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-21 09:54:01 -07:00
Zach Loafman
dd4dae4a57 GCE provider: Limit Filter calls to regexps rather than insane blobs
Filters can't exceed 4k, and GET requests against the GCE API are also
limited, so these break down in different ways at different cluster
counts. Fix it by introducing an advisory node-instance-prefix
configuration in the GCE provider that can hint the
EnsureLoadBalancer/UpdateLoadBalancer code (and the firewall
creation/update code). If it's not there, or wrong (a hostname that's
registered violates it), just ignore it and grab the whole project.
2016-06-21 08:34:48 -07:00
Marcin Wielgus
586f654d90 Merge pull request #27771 from mwielgus/upgrade-fix
Fix for unbounded KUBE_MANIFEST variables in upgarde.sh
2016-06-21 15:08:42 +02:00
Marcin
0b3cf3f5cf Fix for unbounded KUBE_MANIFEST variables in upgarde.sh 2016-06-21 14:29:26 +02:00
k8s-merge-robot
631772bd14 Merge pull request #27769 from jszczepkowski/heapster-coreos
Automatic merge from submit-queue

Bumped heapster version for coreos.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

Bumped heapster version for coreos.
2016-06-21 04:57:49 -07:00
Jerzy Szczepkowski
d545adce72 Bumped heapster version for coreos.
Bumped heapster version for coreos.
2016-06-21 13:13:39 +02:00
Marcin Wielgus
cdf60ee760 Merge pull request #27763 from wojtek-t/write_cluster_name
Write cluster name in prepare-upgrade
2016-06-21 11:34:54 +02:00
Wojciech Tyczynski
89a4e8850a Write cluster name in prepare-upgrade 2016-06-21 10:43:07 +02:00
k8s-merge-robot
3ddff2b240 Merge pull request #27740 from andyzheng0831/gci-fix
Automatic merge from submit-queue

GCI: fix kubectl permission issue #27643
2016-06-20 22:58:57 -07:00
k8s-merge-robot
70ad689df4 Merge pull request #27332 from nikhiljindal/awsSecrets
Automatic merge from submit-queue

federation: Creating kubeconfig files to be used for creating secrets for clusters on aws and gke

Extension of https://github.com/kubernetes/kubernetes/pull/26914 which created the kubeconfig files for gce clusters.
This PR extends it to AWS, vagrant and GKE.

The change for AWS and vagrant is exactly same as GCE.
For GKE, since `gcloud create clusters` creates kubeconfig, we are just copying the generated kubeconfig to the desired location

cc @kubernetes/sig-cluster-federation @colhom 
@roberthbailey for GKE
2016-06-20 21:13:21 -07:00
Andy Zheng
d05b14f718 GCI: fix kubectl permission issue #27643 2016-06-20 17:35:20 -07:00
k8s-merge-robot
fae7285b00 Merge pull request #27707 from yifan-gu/stage1_name
Automatic merge from submit-queue

rkt: Map kubelet's `--stage1-image` flag to rkt's `--stage1-name` flag.

This enables rkt to use cached stage1 image instead of unpacking the stage1 image every time for every pod.

After this change, users need to preload the stage1 images in order to enable rkt to find the stage1 image with the name specified by this flag.

Also, the cloud config is modified to pre-load the stage1 images.

cc @kubernetes/sig-rktnetes @kubernetes/sig-node
2016-06-20 16:40:09 -07:00
nikhiljindal
864b267a8d Simplifying the code to create kubeconfig 2016-06-20 16:10:47 -07:00
k8s-merge-robot
5c841556b8 Merge pull request #27724 from wonderfly/fix_unbound_var
Automatic merge from submit-queue

Make GCI_DOCKER_VERSION optional

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

fixes #26813

This env var is only set in `config-test.sh` and trying to evaluate it with
`nounset` set will end up with an "unbound variable" error.

@girishkalele @dchen1107 This is a XS fix. Can you review?
2016-06-20 15:26:13 -07:00
nikhiljindal
9026195614 Updating the code to fix the context name before using it as secret and cluster names 2016-06-20 14:50:28 -07:00
nikhiljindal
657a7ef6a4 Create kubeconfig for cluster secrets on other cloud providers as well 2016-06-20 14:36:14 -07:00
k8s-merge-robot
a3f09700e5 Merge pull request #27409 from adityakali/logrotate.1
Automatic merge from submit-queue

add logrotate service and configuration for GCI

This change mirrors the configuration in cluster/saltbase/salt/logrotate for GCI.

On GCI we use systemd timers (https://www.freedesktop.org/software/systemd/man/systemd.timer.html) and install an hourly timer - kube-logrotate.timer. This will invoke kube-logrotate.service (which calls /usr/sbin/logrotate) once every hour to perform log rotation as per the rotation rules installed under /etc/logrotate.d/.

@kubernetes/goog-image @zmerlynn @dchen1107 @andyzheng0831
2016-06-20 13:40:57 -07:00
Daniel Wang
0acb2dc28a Make GCI_DOCKER_VERSION optional
fixes #26813

This env var is only set in `config-test.sh` and trying to evaluate it with
`nounset` set will end up with an "unbound variable" error.
2016-06-20 11:22:14 -07:00
Yifan Gu
fc31c8d6f0 cluster/gce: Preload rkt stage1 images and set the default --rkt-stage1-image. 2016-06-20 10:39:46 -07:00
Yifan Gu
4e9298cd99 rkt: Map kubelet's --stage1-image flag to rkt's --stage1-name flag.
This enables rkt to use cached stage1 image instead of unpacking the
stage1 image every time for every pod.

After this change, users need to preload the stage1 images in order to
enable rkt to find the stage1 image with the name specified by this flag.
2016-06-20 10:39:46 -07:00
k8s-merge-robot
3b57f868d3 Merge pull request #27542 from piosz/heapster-version
Automatic merge from submit-queue

Bumped Heapster to v1.1.0

```release-note
Bumped Heapster to v1.1.0.
More details about the release https://github.com/kubernetes/heapster/releases/tag/v1.1.0
```

Version 1.1.0 doesn't differ from the previous one v1.1.0-beta2 significantly - just fixed few small issues during stabilization period.

cc @a-robinson @jszczepkowski @mwielgus 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-20 04:40:27 -07:00
k8s-merge-robot
b442ba72e5 Merge pull request #27522 from adityakali/gci53
Automatic merge from submit-queue

make GCI image detection robust

This change makes sure that in case we roll back a released GCI image, the image detection logic picks a correct active image. 

@kubernetes/goog-image @Amey-D @wonderfly @dchen1107
2016-06-20 04:05:45 -07:00
k8s-merge-robot
5debaf7b88 Merge pull request #27253 from luxas/latest_hyperkube_addons
Automatic merge from submit-queue

Update to dnsmasq:1.3 and make hyperkube always use the latest addons

This bumps dnsmasq to a version that works on all architectures: https://github.com/kubernetes/contrib/pull/1192 (which have to be pushed first indeed)

Also I removed the manifests in hyperkube addons in favor for machine-generated ones, which will avoid mistakes.

This one is required for `v1.3`, so it has to be cherrypicked I think...

It makes docker and docker-multinode addons work again...
(Yes, we'll probably get rid of docker in favor for minikube, but we'll have to have it in this release at least)

@girishkalele @thockin @ArtfulCoder @david-mcmahon @bgrant0607 @mikedanese
2016-06-19 22:19:09 -07:00
k8s-merge-robot
530001c1fd Merge pull request #26778 from gmarek/validate-cluster
Automatic merge from submit-queue

Validate-cluster finishes shortly after at most ALLOWED_NOTREADY_NODE…

Fixes #26691

cc @wojtek-t @lavalamp
2016-06-19 21:40:54 -07:00
k8s-merge-robot
2274359ec1 Merge pull request #27518 from justinsb/kubedown_warn_if_no_vpc
Automatic merge from submit-queue

AWS kube-down: Issue warning if VPC not found

To address issue #17219
2016-06-19 19:53:20 -07:00
k8s-merge-robot
a025e20f93 Merge pull request #27302 from zmerlynn/faster-large-down
Automatic merge from submit-queue

gce/kube-down: Parallelize IGM deletion, batch more

Batch up to 200 instance / route deletions, handle IGM deletion in parallel.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-19 18:04:13 -07:00
k8s-merge-robot
368704dc71 Merge pull request #27185 from gmarek/heapster-cpu
Automatic merge from submit-queue

Enable dynamic allocation of heapster/eventer cpu request/limit

cc @mwielgus @piosz @zmerlynn
2016-06-19 16:48:49 -07:00
Lucas Käldström
6c53c6a997 Make hyperkube work on all platforms, bump dnsmasq to 1.3 and addon-manager to v3, and always use the latest manifests 2016-06-19 17:15:17 +03:00
Justin Santa Barbara
d62fe2a315 AWS kube-up: set net.ipv4.neigh.default.gc_thresh1=0
This works around a linux kernel bug with overly aggressive caching of
ARP entries, which was causing problems when we reused IP addresses in
VPCs, for example with an ASG in a relatively small subnet.

See #23395 for more explanation.

Fixes #23395
2016-06-19 00:20:16 -04:00
k8s-merge-robot
6bdb9b0b8d Merge pull request #27070 from girishkalele/exechealthz-quiet
Automatic merge from submit-queue

DNS healthz container - add quiet option to stop flooding logs
2016-06-18 17:54:57 -07:00
Justin Santa Barbara
0345013dde AWS kube-up: point to new AMI; link to new tool
Also remove the copy of the manifest now that it has found a real home
in kube-deploy.
2016-06-18 20:42:31 -04:00
Justin Santa Barbara
b8112beb34 AWS kube-up: remove support for vivid
Vivid is EOL, and Docker is no longer packaged for it.

Remove support for it in 1.3 (in 1.2 we had warned users it was EOL).

Also remove unused wheezy, trusty & coreos & do general cleanup.
2016-06-18 20:42:31 -04:00
Justin Santa Barbara
a82bcfd58f AWS kube-up: Replace Debian 1.9.1 with 1.11.2
To mirror changes in GCE

Fix #27654
2016-06-18 20:42:21 -04:00
k8s-merge-robot
13cd6475c9 Merge pull request #26917 from fabioy/fix_multi_migs
Automatic merge from submit-queue

Handle multiple MIGs (single-zone) properly in GKE scripts.

Change the scripts for GKE to handle multiple node pools (MIGs) in the same zone. 

Fixes https://github.com/kubernetes/test-infra/issues/100.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-18 11:36:08 -07:00
k8s-merge-robot
48b255d424 Merge pull request #26813 from wonderfly/choose_docker_version
Automatic merge from submit-queue

Prep for continuous Docker validation test

```release-note
Add a test config variable to specify desired Docker version to run on GCI.
```
We want to continuously validate Docker releases (#25215), on GCI. This change
adds a new test config variable, `KUBE_GCI_DOCKER_VERSION`, through which we can
specify which version of Docker we want to run on the master and nodes. This
change also patches the Jenkins e2e-runner with the ability to fetch the latest
Docker (pre)release, and sets the aforementioned variable accordingly.

Tested on my local Jenkins instance that was able to start a cluster with the latest Docker version (different from installed version) running on both master and nodes.

@dchen1107 Can you review?

cc/ @andyzheng0831 for changes in `cluster/gce/gci/helper.sh`, and @ixdy @spxtr for changes to the Jenkins e2e-runner

cc/ @kubernetes/goog-image
2016-06-18 11:00:55 -07:00
Weixu Zhuang
e35c1ccba2 Implement Azure cloud provider scripts
Implement basic cloud provider functionality to deploy Kubernetes on
Azure.  SaltStack is used to deploy Kubernetes on top of Ubuntu
virtual machines.  OpenVpn provides network connectivity.  For
kubelet authentication, we use basic authentication (username and
password).  The scripts use the legacy Azure Service Management APIs.

We have set up a nightly test job in our Jenkins server for federated
testing to run the e2e test suite on Azure.  With the cloud provider
scripts in this commit, 14 e2e test cases pass in this environment.
We plan to implement additional Azure functionality to support more
test cases.
2016-06-17 23:46:03 -07:00
Weixu Zhuang
4523429b20 Azure/ubuntu/saltstack support re-instated
This first reverts commit 8e8437dad8.
Also resolves conflicts with docs on f334fc41
And resolves conflicts with https://github.com/kubernetes/kubernetes/pull/22231/commits
to make people switching between two different methods of setting up by
setting env variables.

Conflicts:
	cluster/get-kube.sh
	cluster/saltbase/salt/README.md
	cluster/saltbase/salt/kube-proxy/default
	cluster/saltbase/salt/top.sls
2016-06-17 23:41:41 -07:00
k8s-merge-robot
db904257f9 Merge pull request #27599 from dchen1107/gci
Automatic merge from submit-queue

Fix docker log level on GCI node.

Fix #27584

cc/ @a-robinson
2016-06-17 20:21:05 -07:00
k8s-merge-robot
808f3ecbe6 Merge pull request #27220 from yifan-gu/kube-up-master
Automatic merge from submit-queue

cluster/gce/coreos: Make kube-up works for both rkt and docker on coreos on gce

With this PR, kube-up will be able to spin up a pure rkt cluster given the choice `KUBE_CONTAINER_RUNTIME=rkt`

e.g. 
```
export KUBE_GCE_ZONE=us-east1-b
export KUBE_OS_DISTRIBUTION=coreos

export KUBE_GCE_MASTER_PROJECT=coreos-cloud
export KUBE_GCE_MASTER_IMAGE=coreos-alpha-1032-0-0-v20160428

export KUBE_GCE_NODE_PROJECT=coreos-cloud
export KUBE_GCE_NODE_IMAGE=coreos-alpha-1032-0-0-v20160428


export KUBE_ENABLE_NODE_LOGGING=false
export KUBE_ENABLE_CLUSTER_MONITORING=none

export KUBE_CONTAINER_RUNTIME=rkt
export KUBE_RKT_VERSION=v1.8.0
```

```
$ cluster/kube-up.sh
...
$ kubectl cluster-info
Kubernetes master is running at https://104.196.41.124
GLBCDefaultBackend is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/default-http-backend
Elasticsearch is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Kibana is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kube-dns
kubernetes-dashboard is running at https://104.196.41.124/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
```

```
$ kubectl get pods --all-namespaces
NAMESPACE     NAME                                            READY     STATUS    RESTARTS   AGE
kube-system   elasticsearch-logging-v1-5zfrd                  1/1       Running   0          2m
kube-system   elasticsearch-logging-v1-83u6w                  1/1       Running   0          2m
kube-system   etcd-server-events-yifan-test-rkt-master        1/1       Running   0          2m
kube-system   etcd-server-yifan-test-rkt-master               1/1       Running   0          2m
kube-system   kibana-logging-v1-0g7yu                         1/1       Running   2          2m
kube-system   kube-addon-manager-yifan-test-rkt-master        1/1       Running   0          3m
kube-system   kube-apiserver-yifan-test-rkt-master            1/1       Running   0          2m
kube-system   kube-controller-manager-yifan-test-rkt-master   1/1       Running   0          3m
kube-system   kube-dns-v14-1mqco                              3/3       Running   0          2m
kube-system   kube-scheduler-yifan-test-rkt-master            1/1       Running   0          2m
kube-system   kubernetes-dashboard-v1.1.0-beta2-uwutn         1/1       Running   0          2m
kube-system   l7-lb-controller-v0.6.0-8pgbo                   2/2       Running   0          2m
kube-system   node-problem-detector-v0.1-7iwb2                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-k4m8o                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-rxtp8                1/1       Running   0          2m
kube-system   node-problem-detector-v0.1-wsoqd                1/1       Running   0          2m

```


Fix #24103 

cc @kubernetes/sig-node @kubernetes/rktnetes-maintainers
2016-06-17 19:39:22 -07:00
k8s-merge-robot
7ab303efbe Merge pull request #27466 from madhusudancs/fed-dns-scope
Automatic merge from submit-queue

Move GCE NODE_SCOPES to config-common.sh and enable DNS scope in GKE.

Follow up to #27357

cc @colhom @kubernetes/sig-cluster-federation 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-17 17:02:11 -07:00
k8s-merge-robot
2266c4eb1d Merge pull request #27371 from andyzheng0831/network-plugin
Automatic merge from submit-queue

Revert "Revert "GCI: add support for network plugin""

PR #27027 added the network plugin support in GCI config, but later a bug in the network plugin broke e2e tests (see issue #27118). The bug was fixed by #27141 and we have been repeatedly run the serial e2e tests more than 10 times to verify the fix. Now it should be safe to put the GCI network plugin support back.

We will first merge in the master branch and monitor the Jenkins serial tests for a while and then cherry-pick it into release-1.3 branch.
2016-06-17 14:03:18 -07:00
k8s-merge-robot
d4d6184931 Merge pull request #27627 from justinsb/fix_23390
Automatic merge from submit-queue

kube-up multizone: don't print scary warning

The node-count check gets confused when there are more nodes that we
launched, which is normal with KUBE_USE_EXISTING_MASTER.

This fix just suppresses the error message in that case.

Fix #23390
2016-06-17 11:24:29 -07:00
Justin Santa Barbara
bab7a255b7 kube-up multizone: don't print scary warning
The node-count check gets confused when there are more nodes that we
launched, which is normal with KUBE_USE_EXISTING_MASTER.

This fix just suppresses the error message in that case.

Fix #23390
2016-06-17 13:00:50 -04:00
Aditya Kali
4a46c948f2 make GCI image detection robust 2016-06-17 09:56:53 -07:00
Marcin Wielgus
9031e4780c Bump cluster autoscaler to 0.2.0 2016-06-17 16:31:25 +02:00
Dawn Chen
58684a56be Fix docker log level on GCI node. 2016-06-16 20:54:42 -07:00
Yifan Gu
d96c7edc34 cluster/saltbase: Enable rkt to load master components images. 2016-06-16 15:18:52 -07:00
Yifan Gu
16d69f9f37 cluster/gce/coreos: Update addon manifests, add node-problem-detector.
Also bumped CNI version.
2016-06-16 15:18:52 -07:00
Yifan Gu
f3c5d4e62b cluster/gce/coreos: Update the cloud config and scripts to enable rkt runtime. 2016-06-16 15:18:52 -07:00
Piotr Szczesniak
8fff5319db Bumped Heapster to v1.1.0 2016-06-16 20:41:28 +02:00
Girish Kalele
ee7ca66dba Add nethealth prepull container output to e2e run logs 2016-06-16 11:03:09 -07:00
Jerzy Szczepkowski
390a30b130 Updated version of resource consumer in image puller.
Updated version of resource consumer in image puller.
2016-06-16 10:57:21 +02:00
Justin Santa Barbara
e58a16e95a AWS kube-down: Issue warning if VPC not found
Issue #17219
2016-06-15 23:53:57 -04:00
k8s-merge-robot
38cd0d078e Merge pull request #27311 from vmware/photon-controller-fixes
Automatic merge from submit-queue

Fixes and improvements to Photon Controller backend for kube-up

- Improve reliability of network address detection by using MAC
  address. VMware has a MAC OUI that reliably distinguishes the VM's
  NICs from the other NICs (like the CBR). This doesn't rely on the
  unreliable reporting of the portgroup.
- Persist route changes. We configure routes on the master and nodes,
  but previously we didn't persist them so they didn't last across
  reboots. This persists them in /etc/network/interfaces
- Fix regression that didn't configure auth for kube-apiserver with
  Photon Controller.
- Reliably run apt-get update: Not doing this can cause apt to fail.
- Remove unused nginx config in salt
2016-06-15 14:46:54 -07:00
Madhusudan.C.S
3f5fbee19d Move GCE NODE_SCOPES to config-common.sh and enable DNS scope in GKE. 2016-06-15 11:36:07 -07:00
gmarek
8617f70add Adjust heapster cpu request/limit 2016-06-15 13:34:58 +02:00
k8s-merge-robot
3c822c0b3c Merge pull request #27357 from madhusudancs/fed-dns-scope
Automatic merge from submit-queue

Add Google Cloud DNS auth scope to GCE VMs when they are started in a federation.

cc @colhom @kubernetes/sig-cluster-federation 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-15 00:00:54 -07:00
Aditya Kali
a423b83c06 add logrotate service and configuration for GCI
This change mirrors the configuration in cluster/saltbase/salt/logrotate
for GCI.
2016-06-14 19:01:58 -07:00
Alain Roy
5740ceb7f6 Fixes and improvements to Photon Controller backend for kube-up
- Improve reliability of network address detection by using MAC
  address. VMware has a MAC OUI that reliably distinguishes the VM's
  NICs from the other NICs (like the CBR). This doesn't rely on the
  unreliable reporting of the portgroup.
- Persist route changes. We configure routes on the master and nodes,
  but previously we didn't persist them so they didn't last across
  reboots. This persists them in /etc/network/interfaces
- Fix regression that didn't configure auth for kube-apiserver with
  Photon Controller.
- Reliably run apt-get update: Not doing this can cause apt to fail.
- Remove unused nginx config in salt
2016-06-14 15:40:33 -07:00
Zach Loafman
1fde6f867c GKE provider: Add a HEAPSTER_MACHINE_TYPE option
Allows heterogeneous cluster configurations for large cluster
synthetic testing.
2016-06-14 14:39:08 -07:00
Andy Zheng
e6b744c85a Revert "Revert "GCI: add support for network plugin""
This reverts commit 8207eddd99.
2016-06-14 09:52:34 -07:00
Madhusudan.C.S
fac6f1c379 Add Google Cloud DNS auth scope to GCE VMs when they are started in a federation. 2016-06-14 05:26:56 -07:00
k8s-merge-robot
1aece22176 Merge pull request #27187 from gmarek/heapster-nanny
Automatic merge from submit-queue

Adjust memory limit for heapster's pod nanny

cc @piosz @wojtek-t @zmerlynn
2016-06-14 04:56:46 -07:00
Wojciech Tyczynski
ff1258a29e Merge pull request #27268 from wojtek-t/bump_nanny_version
Adjust Heapster requirements and bump nanny version
2016-06-14 10:50:25 +02:00
Andy Zheng
1c490c24e4 gci: fix multizone setting in issue #27150 2016-06-13 16:33:12 -07:00
Zach Loafman
2d77dc639b gce/kube-down: Parallelize IGM deletion, batch more
Batch up to 200 instance / route deletions, handle
IGM deletion in parallel.
2016-06-13 14:05:43 -07:00
k8s-merge-robot
94f8c9fbc5 Merge pull request #27292 from mikedanese/dep-notice
Automatic merge from submit-queue

add maintenance notice to cluster/README

cc @bgrant0607 @davidopp @justinsb @smarterclayton @derekwaynecarr
2016-06-13 13:54:50 -07:00
k8s-merge-robot
45bb6824ff Merge pull request #27210 from adityakali/gci53
Automatic merge from submit-queue

version bump for gci to milestone 53

Fixes #26455

GCI release 53 includes kubernetes v1.3.0-alpha.5 with docker-1.11.2.

@dchen1107 @kubernetes/goog-image @andyzheng0831
2016-06-13 13:54:46 -07:00
Mike Danese
bf72d335cb add maintenance notice to cluster/README 2016-06-13 11:47:30 -07:00
Girish Kalele
6dbcd727ae DNS healthz container - add quiet option to stop flooding logs 2016-06-13 09:59:28 -07:00
k8s-merge-robot
024316e5a1 Merge pull request #27183 from bryk/release-beta3
Automatic merge from submit-queue

Set Dashboard UI version to v1.1.0-beta3

We expect 1-2 more betas before final release. 

Release info: https://github.com/kubernetes/dashboard/releases/tag/v1.1.0-beta3

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-13 07:57:55 -07:00
k8s-merge-robot
e84e226faf Merge pull request #27155 from Random-Liu/remove-unnecessary-configuration
Automatic merge from submit-queue

Remove unnecessary configuration for apiserver host and port.

This is kubernetes side of https://github.com/kubernetes/node-problem-detector/pull/18.

There is no need to configure apiserver host and port with salt and pillar, the default ENV values
in the container are enough. I've tried this PR in my local cluster, everything works fine.

@mikedanese for the salt change. :)
/cc @dchen1107 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-13 07:57:51 -07:00
Jing Dong
70ac7abb10 kube-up.sh should allow using existing DHCP option set without making changes to existing VPC configuration. 2016-06-13 15:02:14 +01:00
Wojciech Tyczynski
430077f173 Increase Heapster requirement and bump nanny version 2016-06-13 13:22:49 +02:00
gmarek
0986efc089 Increase memory limit for heapster's pod nanny 2016-06-13 12:58:34 +02:00
k8s-merge-robot
0b1fc056ac Merge pull request #27145 from piosz/heapster-res
Automatic merge from submit-queue

Use exponential estimator for Heapster addon resizer

cc @fgrzadkowski @mwielgus @roberthbailey 
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-13 03:40:14 -07:00
dalanlan
a883d6c154 honor original docker_opts 2016-06-12 10:29:41 +08:00
Aditya Kali
4dde9a66f4 version bump for gci to milestone 53
Fixes #26455

GCI release 53 includes kubernetes v1.3.0-alpha.5 with docker-1.11.2.
2016-06-10 15:28:52 -07:00
Marcin Wielgus
fe4ee026d6 Bump Cluster Autoscaler version to 0.1.3 2016-06-10 16:26:04 +02:00
Piotr Szczesniak
89752258ef Use exponential estimator for Heapster addon resizer 2016-06-10 15:39:01 +02:00
bryk
7ca8a99581 Set Dashboard UI version to v1.1.0-beta2
Release info: https://github.com/kubernetes/dashboard/releases/tag/v1.1.0-beta3
2016-06-10 15:33:48 +02:00
k8s-merge-robot
447ce334ad Merge pull request #27117 from mwielgus/rename-2
Automatic merge from submit-queue

Rename ENABLE_NODE_AUTOSCALER to ENABLE_CLUSTER_AUTOSCALER - part 2

Follow up of https://github.com/kubernetes/kubernetes/pull/26993

cc: @fgrzadkowski @piosz @jszczepkowski 

```release-note
Rename environment variables (KUBE_)ENABLE_NODE_AUTOSCALER to (KUBE_)ENABLE_CLUSTER_AUTOSCALER. 
```

Fixes https://github.com/kubernetes/kubernetes/issues/26343
2016-06-10 04:48:06 -07:00
k8s-merge-robot
8c88cbe74c Merge pull request #27143 from adityakali/localssd
Automatic merge from submit-queue

support for mounting local-ssds on GCI

This change adds support for mounting local ssds on GCI.
It updates the previous container-vm behavior as well to
match that for GCI nodes by mounting the local-ssds under
the same path (/mnt/disks/ssdN).

@vulpecula @roberthbailey @andyzheng0831 @kubernetes/goog-image
2016-06-10 04:05:21 -07:00
k8s-merge-robot
38a1fb2b96 Merge pull request #27136 from andyzheng0831/gci-firewall
Automatic merge from submit-queue

Trusty: fix the 'ping' issue and fluentd-gcp issue #26379

This PR is mainly for being picking up the fix in #27016 and #27102 in trusty code, so that we can fix the issues in the release-1.2 branch for GCI. It contains two parts:

(1) Adding iptables rules to accept ICMP traffic, otherwise 'ping' from a pod does not work;

(2) Revising the code for cleaning up docker0 stuff including the bridge and iptables rules. I slightly refactor the code of starting kubelet and removing docker0 stuff before starting kubelet. The old code did it after starting kubelet but before restarting docker. I think doing it before starting kubelet is safter.

cc/ @roberthbailey @fabioy @dchen1107 @a-robinson @kubernetes/goog-image
2016-06-10 02:33:49 -07:00
k8s-merge-robot
1f18eee335 Merge pull request #27092 from euank/monitoring-api-version
Automatic merge from submit-queue

cluster/gce/coreos: Update heapster apiVersion

This fixes an inadvertant search-replace error in #26617.
The error was missed then because the search-replace issue wasn't
present in the standalone controllers, but was in all the others.

I verified that with this change heapster comes up under the default influxdb monitoring and without this change addon manager spits out validation failure errors for the heapster yaml.

cc @yifan-gu
2016-06-10 01:01:44 -07:00
k8s-merge-robot
64b4967774 Merge pull request #27102 from freehan/gciping
Automatic merge from submit-queue

Accept ICMP in INPUT/FORWARD chain of filter table on GCI

fixes: #27059
2016-06-09 19:54:27 -07:00
k8s-merge-robot
6a388d4a0d Merge pull request #27072 from colhom/federation-e2e-docs
Automatic merge from submit-queue

Updating e2e docs with instructions on running federation tests

Last two commits are for review. Depends on #26951

\cc @madhusudancs @quinton-hoole @nikhiljindal 
 
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-09 19:14:11 -07:00
Random-Liu
42bd5e2e53 Remove unnecessary configuration for apiserver host and port. 2016-06-09 17:56:57 -07:00
Colin Hom
5f7c7ad195 document federation e2e cli flow 2016-06-09 15:11:52 -07:00
Dawn Chen
8207eddd99 Revert "GCI: add support for network plugin" 2016-06-09 13:24:05 -07:00
Andy Zheng
5b1ceb5ff0 Trusty: fix the 'ping' issue and fluentd-gcp issue #26379 2016-06-09 12:46:40 -07:00
Aditya Kali
4447c54682 support mounting local-ssds on GCI
This change adds support for mounting local ssds on GCI.
It updates the previous container-vm behavior as well to
match that for GCI nodes by mounting the local-ssds under
the same path (/mnt/disks/ssdN).
2016-06-09 11:30:36 -07:00
Marcin Wielgus
8b09074d2c Rename ENABLE_NODE_AUTOSCALER to ENABLE_CLUSTER_AUTOSCALER 2016-06-09 11:30:57 +02:00
k8s-merge-robot
72beb65ee5 Merge pull request #27027 from andyzheng0831/gci-network
Automatic merge from submit-queue

GCI: add support for network plugin

I had run e2e against a cluster with both master and nodes on GCI a couple of times. The PR auto tests will cover the hybrid cluster with just master on GCI.

cc/ @roberthbailey @fabioy @kubernetes/goog-image
2016-06-08 23:01:19 -07:00
k8s-merge-robot
b0cd744b12 Merge pull request #26985 from bprashanth/image_exit
Automatic merge from submit-queue

Exit image puller subshell

Exit the subshell with 0 so even if the last docker pull fails the pod doesn't end up in the error state.
2016-06-08 21:13:16 -07:00
Minhan Xia
7b9435898d Accept ICMP in INPUT/FORWARD chain of filter table 2016-06-08 17:34:11 -07:00
Euan Kemp
d2761de36b cluster/gce/coreos: Update heapster apiVersion
This fixes an inadvertant search-replace error in #26617.
The error was missed then because the search-replace issue wasn't
present in the standalone controllers, but was in all the others.
2016-06-08 16:55:18 -07:00
Andy Zheng
66d6b43b67 GCI: add support for kubenet 2016-06-08 13:20:44 -07:00
Richard Eames
d9be75e9fe Allow IP restrictions for SSH and HTTPS API access on AWS.
Closes #26661
2016-06-08 12:33:15 -06:00
k8s-merge-robot
d53ddbe6e6 Merge pull request #27016 from andyzheng0831/gci-docker0
Automatic merge from submit-queue

GCI: fix the issue #26379

This PR deletes docker0 explicitly to fix the issue. In some cases, coexistence of docker0 and cbr0 make troubles in GCI-based cluster instances.

I verified it in GKE. With the fix, fluentd-gcp pod shows no error. "curl google.com" can work inside a pod. Mark it as P0 to match the issue priority.

@a-robinson @roberthbailey @freehan @kubernetes/goog-image
2016-06-08 09:36:34 -07:00
Marcin Wielgus
edf21902b5 Rename ENABLE_NODE_AUTOSCALER to ENABLE_CLUSTER_AUTOSCALER - part 1 2016-06-08 13:35:38 +02:00
Quinton Hoole
c578678820 Merge pull request #26914 from nikhiljindal/FedAPIServerSecret
Updating federation up script to create secrets with federation-apiserver and k8s apiservers kubeconfigs
2016-06-07 22:29:39 -07:00
k8s-merge-robot
a283a0a759 Merge pull request #26828 from vishh/oom-kill-enable
Automatic merge from submit-queue

Enable support for memory eviction configuration via salt

Added evictions based on memory by default whenever the available memory is < 100Mi.

Updated GCE and GCI.
2016-06-07 21:12:50 -07:00
Andy Zheng
64ffe90501 GCI: fix the issue #26379 2016-06-07 19:49:41 -07:00
k8s-merge-robot
bae931204c Merge pull request #26990 from mwielgus/ca-0.1.2
Automatic merge from submit-queue

Bump cluster autoscaler version and enable scale down by default

Follow up of https://github.com/kubernetes/contrib/pull/1148. 

cc: @piosz @fgrzadkowski @jszczepkowski
2016-06-07 19:42:19 -07:00
nikhiljindal
9443bf0f9c Adding secrets for kubernetes clusters as well 2016-06-07 17:30:15 -07:00
Aaron Levy
e8d1dae1a9 Use a skeleton provider for unimplemented functionality 2016-06-07 16:08:09 -07:00
nikhiljindal
b4da46974c Updating federation up script to create a secret with federation-apiserver kubeconfig 2016-06-07 14:21:04 -07:00
k8s-merge-robot
e49e367cd1 Merge pull request #26902 from girishkalele/cvm-dns-fix
Automatic merge from submit-queue

Fix Kube DNS addon staging for Container VMs
2016-06-07 14:09:50 -07:00
Marcin Wielgus
c191c72063 Bump cluster autoscaler version and enable scale down by default 2016-06-07 21:42:56 +02:00
Prashanth Balasubramanian
e5f085eca8 Exit image puller subshell 2016-06-07 11:22:00 -07:00
Fabio Yeon
da112e23af Handle multiple MIGs (single-zone) properly in GKE scripts. 2016-06-07 08:59:51 -07:00
Vishnu kannan
b120ce98f1 Set hard memory eviction thresholds for GCE clusters.
Signed-off-by: Vishnu kannan <vishnuk@google.com>
2016-06-06 17:26:11 -07:00
Vishnu kannan
b22a913079 Enable configuration of hard eviction thresholds in kubelet.
This will allow for enabling evictions whenever memory availability is
too low.

Signed-off-by: Vishnu kannan <vishnuk@google.com>
2016-06-06 17:26:10 -07:00
k8s-merge-robot
6c549ae91f Merge pull request #26839 from luxas/add_conntrack
Automatic merge from submit-queue

Add conntrack to hyperkube

Trivial fix for #26515
Please just pass through...

@mikedanese @roberthbailey
2016-06-06 14:50:09 -07:00
k8s-merge-robot
98c432a943 Merge pull request #25841 from ojarjur/ojarjur/registry-mirror
Automatic merge from submit-queue

GCE: Enable using gcr.io as a Docker registry mirror.

```release-note
Use gcr.io as a Docker registry mirror when setting up a cluster in GCE.
```
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

This only affects clusters running under GCE.
2016-06-06 14:50:05 -07:00
Girish Kalele
42d70294c2 Fix Kube DNS addon staging for Container VMs 2016-06-06 11:15:23 -07:00
Dawn Chen
3acf04dded Merge pull request #26851 from zmerlynn/container-v1-3-v20160604
Bump GCE debian image to container-v1-3-v20160604
2016-06-06 11:04:46 -07:00
gmarek
3460fbac06 Validate-cluster finishes shortly after at most ALLOWED_NOTREADY_NODES nodes are not ready 2016-06-06 12:48:48 +02:00
k8s-merge-robot
fc11ca60db Merge pull request #25454 from gouyang/add_local_util_tool
Automatic merge from submit-queue

Add local/util.sh
2016-06-06 01:51:20 -07:00
Guohua Ouyang
0970bbf799 Add local/util.sh
Fix #25452
2016-06-06 14:45:06 +08:00
Zach Loafman
20408cad17 Bump GCE debian image to container-v1-3-v20160604
Includes Docker 1.11.2

Wait for enough results from
http://kubekins.dls.corp.google.com/job/kubernetes-e2e-gce-container-vm/
before merging.

c.f. https://github.com/kubernetes/test-infra/pull/116
2016-06-04 20:46:46 -07:00
Josh Ellithorpe
07f8d025c8
Remove SecurityContextDeny from aws configurations 2016-06-04 15:52:10 -07:00
k8s-merge-robot
e0707b137f Merge pull request #26827 from Random-Liu/re-enable-node-problem-detector
Automatic merge from submit-queue

Re-enable node problem detector by default

Re-enable node problem detector started in gce cluster by default.

For now, in the master node, the node problem detector will be started and do nothing (see https://github.com/kubernetes/node-problem-detector/pull/13).

But in fact, in my test cluster, the master has no extra cpu to run the node problem detector, so node problem detector is started on all nodes except master, which is what we want but not expected...

@dchen1107 
/cc @kubernetes/sig-node 
/cc @andyzheng0831 for the gci script change.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-04 12:33:58 -07:00
k8s-merge-robot
b91af0fab9 Merge pull request #26785 from a-robinson/es-master
Automatic merge from submit-queue

Don't run fluentd-es on GCI masters

It isn't run on containervm masters. It can't do anything on the master because the master doesn't have kube-proxy running to enable fluentd to talk to the elasticsearch service.

@andyzheng0831
2016-06-04 08:22:18 -07:00
k8s-merge-robot
714db74611 Merge pull request #26783 from a-robinson/newlogs
Automatic merge from submit-queue

Add collection of the new glbc and cluster-autoscaler logs

I've incremented the version numbers by 2 to avoid conflicting with #26652. I'll make sure the potential conflict between the images gets resolved reasonably.

cc @piosz @bprashanth @aledbf
2016-06-04 07:35:33 -07:00
k8s-merge-robot
60fe00999b Merge pull request #26779 from bryk/release-beta2
Automatic merge from submit-queue

Set Dashboard UI version to v1.1.0-beta2

This is our second beta. Next will come weekly till we reach final v1.1 version.

https://github.com/kubernetes/dashboard/releases/tag/v1.1.0-beta2

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-04 06:46:17 -07:00
k8s-merge-robot
57125d81e1 Merge pull request #26621 from liyimeng/kolla-k8s
Automatic merge from submit-queue

Fix the problem in building hyperkube for 3rd party registry

Minor bugfix.  fixes #26620



[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-04 04:23:31 -07:00
Lucas Käldström
e52476661d Add conntrack to hyperkube 2016-06-04 08:23:29 +03:00
Prashanth Balasubramanian
44ca220f32 Bump kube-dns image 2016-06-03 20:41:13 -07:00
Random-Liu
7dffea0dc0 Re-enable node problem detector by default 2016-06-03 17:47:50 -07:00
Daniel Wang
a3d712c359 Prep for continuous Docker validation test
We want to continuously validate Docker releases (#25215), on GCI. This change
adds a new test config variable, `KUBE_GCI_DOCKER_VERSION`, through which we can
specify which version of Docker we want to run on the master and nodes. This
change also patches the Jenkins e2e-runner with the ability to fetch the latest
Docker (pre)release, and sets the aforementioned variable accordingly.
2016-06-03 13:42:13 -07:00
Casey Davenport
35289c7649 Update salt to use latest Calico 2016-06-03 13:07:00 -07:00
Matt Dupre
19be49124b Add new policy_provider option to Salt; supporting Calico installation 2016-06-03 13:06:42 -07:00
Alex Robinson
436b9110af Don't run fluentd-es on GCI masters 2016-06-03 11:54:01 -04:00
Alex Robinson
bb51c94172 Add collection of the new glbc and cluster-autoscaler logs 2016-06-03 15:50:52 +00:00
k8s-merge-robot
8d57a44192 Merge pull request #26745 from andyzheng0831/docker-reg
Automatic merge from submit-queue

GCI/Trusty: support the Docker registry mirror

@roberthbailey @zmerlynn please review it.

cc/ @fabioy @dchen1107 @kubernetes/goog-image FYI.

cc/ @ojarjur it is very straightforward to add support for GCI, which is pretty much like the change to ContainerVM's configure-vm.sh in your original PR #25841.
2016-06-03 07:31:10 -07:00
k8s-merge-robot
9023955bb7 Merge pull request #26737 from andyzheng0831/gci-path
Automatic merge from submit-queue

GCI: correct the fix in #26363

This PR is mainly for correcting the fix to 'find' command in #26363. I added "-maxdepth 1" in an earlier change, and #26363 tried to fix it by changing the search path. This is potentially incorrect, when yaml files are in more than one layer deep. The real fix should be removing the "-maxdepth 1" flag from 'find' command. This PR also updates two minor places in the file configure-helper.sh introduced by two previous PR #26413 and #26048.

@roberthbailey @wonderfly 

cc/ @dchen1107 @fabioy @kubernetes/goog-image
2016-06-03 06:41:20 -07:00
bryk
f734d8b786 Set Dashboard UI version to v1.1.0-beta1
This is our second beta. Next will come weekly till we reach final v1.1 version.

https://github.com/kubernetes/dashboard/releases/tag/v1.1.0-beta2
2016-06-03 15:34:42 +02:00
k8s-merge-robot
15c9ecb5be Merge pull request #26734 from bprashanth/glbc_limits
Automatic merge from submit-queue

Increase failure threshold for glbc liveness probe

This pod fails a liveness probe on occasion, probably because the failure thresholds are too strict. Simple enough that either reviewer can review.
2016-06-03 05:44:58 -07:00
k8s-merge-robot
1ad3e11a59 Merge pull request #26582 from adityakali/ark.docker1.11
Automatic merge from submit-queue

pin GCI version to milestone 52

This is mainly for pinning the 1.2 branch to GCI milestone 52
which contains correct docker and kubelet built in.
Doing this allows us to upgrade docker to v1.11 (issue #26455)
in GCI 53 without breaking the 1.2 release branch.

@kubernetes/goog-image @dchen1107 @roberthbailey @andyzheng0831
2016-06-03 02:05:30 -07:00
Morgan Bauer
90fb5398a4
enable ssh compression 2016-06-02 15:22:32 -07:00
Andy Zheng
530bd5fea6 GCI/Trusty: support the Docker registry mirror added by #25841 2016-06-02 14:57:27 -07:00
Andy Zheng
f087a3f677 Trusty: fix 'find' commands and add k8s license and motd info 2016-06-02 14:35:44 -07:00
Prashanth Balasubramanian
bd5467bbbb Increase failure threshold for glbc 2016-06-02 14:05:37 -07:00
Aditya Kali
f7c2624849 pin GCI version to milestone 52
This is mainly for pinning the 1.2 branch to GCI milestone 52
which contains correct docker and kubelet built in.
Doing this allows us to upgrade docker to v1.11 (issue #26455)
in GCI 53 without breaking the 1.2 release branch.
2016-06-02 13:52:38 -07:00
Andy Zheng
42b299abba GCI: correct the fix in #26363 2016-06-02 10:45:03 -07:00
Piotr Szczesniak
66fce8fe44 Added logging to file for cluster autoscaler 2016-06-02 13:51:40 +02:00
k8s-merge-robot
431040afd8 Merge pull request #26650 from a-robinson/es-image
Automatic merge from submit-queue

Rebuild elasticsearch image to include changes since 1.2

Fixes #25360. I've pushed the image to GCR.

@jimmidyson @keontang @vishh
2016-06-02 01:59:40 -07:00
k8s-merge-robot
878d2b2f18 Merge pull request #26625 from sttts/sttts-fix-kube-dns-sed-transform
Automatic merge from submit-queue

Fix sed transformation for new kube-dns yaml

<!--
Checklist for submitting a Pull Request

Please remove this comment block before submitting.

1. Please read our [contributor guidelines](https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md).
2. See our [developer guide](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md).
3. If you want this PR to automatically close an issue when it is merged,
   add `fixes #<issue number>` or `fixes #<issue number>, fixes #<issue number>`
   to close multiple issues (see: https://github.com/blog/1506-closing-issues-via-pull-requests).
4. Follow the instructions for [labeling and writing a release note for this PR](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes) in the block below.
-->

```release-note
* Use the release-note-* labels to set the release note state 
* Clear this block to use the PR title as the release note 
-OR-
* Enter your extended release note here
```


[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-06-02 01:12:53 -07:00
k8s-merge-robot
0274e72d39 Merge pull request #26316 from wonderfly/defaults
Automatic merge from submit-queue

Move the defaults setting of GCI to util.sh

fixes #26291 

This change recovers some of the side effects of
https://github.com/kubernetes/kubernetes/pull/26197, i.e., keeps the defaults of
`NODE_IMAGE` and `NODE_IMAGE_PROJECT` to `MASTER_IMAGE` and
`MASTER_IMAGE_PROJECT`, for backward compatibility. Although it keeps
`OS_DISTRIBUTION` defaulting to `gci`, the default settings of these vars are
moved to `cluster/gce/util.sh` and conditioned on `OS_DISTRIBUTION==gci`.

@euank @roberthbailey Can you review?
2016-06-02 00:22:04 -07:00
k8s-merge-robot
63e589957e Merge pull request #26664 from zmerlynn/parallel-firewall
Automatic merge from submit-queue

GKE provider: Tear down firewall rules last

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]() It turns out, it's faster to do it in this order for large clusters.

Along the way: Do it in parallel
2016-06-01 18:51:07 -07:00
k8s-merge-robot
365386e23b Merge pull request #26617 from sjpotter/heapster
Automatic merge from submit-queue

cluster/coreos: Update heapster addon to beta2

fixes #26616 

As noted there, heapster was updated but not for gce/coreos which breaks anything that depends on heapster's new metrics API (i.e. autoscaling)
2016-06-01 18:50:56 -07:00
Zach Loafman
9e23fa0e9b GKE provider: Tear down firewall rules last
It turns out, it's faster to do it in this order for large clusters.

Along the way: Do it in parallel
2016-06-01 15:37:20 -07:00
Daniel Wang
a8701baf17 Move the defaults setting of GCI to util.sh
This change recovers some of the side effects of
https://github.com/kubernetes/kubernetes/pull/26197, i.e., keeps the defaults of
`NODE_IMAGE` and `NODE_IMAGE_PROJECT` to `MASTER_IMAGE` and
`MASTER_IMAGE_PROJECT`, for backward compatibility. Although it keeps
`OS_DISTRIBUTION` defaulting to `gci`, the default settings of these vars are
moved to `cluster/gce/util.sh` and conditioned on `OS_DISTRIBUTION==gci`.
2016-06-01 15:37:02 -07:00
Alex Robinson
8579509293 Rebuild elasticsearch image to include changes since 1.2 2016-06-01 20:48:20 +00:00
Shaya Potter
049c51e7e7 removed --metric_resolution=60s per piosz 2016-06-01 12:00:35 -07:00
Jarrett Cruger
44cc9aa9b6 [fix] add comment 2016-06-01 14:44:58 -04:00
Andy Zheng
9a413b3bea Trusty: fix breakage by #26413 and #26109 2016-06-01 09:57:50 -07:00
k8s-merge-robot
9336eb516b Merge pull request #26575 from mwielgus/gke-token-src
Automatic merge from submit-queue

Pass /etc/gce.conf to cluster autoscaler if needed

cc: @vulpecula @piosz @jszczepkowski @fgrzadkowski
2016-06-01 09:42:45 -07:00
k8s-merge-robot
cb91816fc3 Merge pull request #26612 from andyzheng0831/gci-fix
Automatic merge from submit-queue

GCI: cherry-pick the fix in PR #25670

This PR simply copies the fix in #25670 into the GCI support.

cc/ @kubernetes/goog-image @dchen1107 @roberthbailey
2016-06-01 06:55:57 -07:00
k8s-merge-robot
0c0478e3f5 Merge pull request #26593 from bprashanth/glbc_logs
Automatic merge from submit-queue

Collect l7 controller e2e logs

https://github.com/kubernetes/kubernetes/pull/26048#issuecomment-222758050
I meant to check e2e output and see if the logs were being collected, but it merged before i could.
2016-06-01 06:55:54 -07:00
Marcin Wielgus
fcea41e495 Merge pull request #26577 from mwielgus/ca-0.1.1
Bump cluster autoscaler to 0.1.1
2016-06-01 15:41:36 +02:00
Dr. Stefan Schimanski
391ff02e4c Fix sed transformation for new kube-dns yaml 2016-06-01 13:23:16 +02:00
Liyi Meng
6c195a4923 Fix the problem in building hyperkube for 3rd party registry 2016-06-01 04:38:48 -04:00
Shaya Potter
4118bb1cf9 update heapster to beta2 - change to rest of k8s wasn't applied here 2016-06-01 00:51:52 -07:00
Andy Zheng
a47d0ce1c2 GCI: cherry-pick the fix in PR #25670 2016-05-31 21:13:15 -07:00
k8s-merge-robot
ee412efcef Merge pull request #26335 from girishkalele/kubedns-transition
Automatic merge from submit-queue

Switch DNS addons from skydns to kubedns

Change GCI and trusty cluster-helper scripts to use kubedns instead of skydns.
2016-05-31 16:14:48 -07:00
Jarrett Cruger
372827fd5a [fix] allow ALLOW_PRIVILEGED to be passed to kubelet and kube-api, needed for running docker in docker 2016-05-31 19:06:48 -04:00
Prashanth Balasubramanian
500bdca27c Collect l7 controller e2e logs 2016-05-31 14:44:30 -07:00
k8s-merge-robot
430bb9442a Merge pull request #26048 from bprashanth/ing_master
Automatic merge from submit-queue

Run l7 controller on master 

Fixes https://github.com/kubernetes/kubernetes/issues/23663, needs https://github.com/kubernetes/contrib/pull/680
@roberthbailey @kubernetes/goog-cluster
2016-05-31 13:25:47 -07:00
Girish Kalele
555b9000c3 Code review comments and corrections 2016-05-31 11:33:51 -07:00
Marcin
246f3aaebc Bump cluster autoscaler to 0.1.1 2016-05-31 20:00:00 +02:00
Marcin Wielgus
1ea5718199 Pass /etc/gce.conf to cluster autoscaler if needed 2016-05-31 19:52:30 +02:00
Marcin
74ad0def81 Add missing $ in util.sh 2016-05-31 19:41:54 +02:00
Girish Kalele
60d2293f4c Address review comments 2016-05-31 10:14:33 -07:00
Girish Kalele
4c1047d359 Switch DNS addons from skydns to kubedns
Unified skydns templates using a simple underscore based template and
added transform sed scripts to transform into salt and sed yaml
templates

Moved all content out of cluster/addons/dns into build/kube-dns and
saltbase/salt/kube-dns
2016-05-31 10:14:14 -07:00
k8s-merge-robot
dc8ff81f5a Merge pull request #26534 from mwielgus/scale_down_env
Automatic merge from submit-queue

Allow to enable scale down in kube-up for gce

cc: @piosz @fgrzadkowski @jszczepkowski
2016-05-31 04:37:11 -07:00
k8s-merge-robot
3d1b1a77e4 Merge pull request #26440 from mwielgus/remove-debug-touch
Automatic merge from submit-queue

Remove debug from GCI cluster autoscaler setup function

cc: @piosz @fgrzadkowski
2016-05-31 02:03:15 -07:00
Prashanth Balasubramanian
c01a0583f7 Trusty deployment 2016-05-30 15:58:03 -07:00
Prashanth Balasubramanian
f4d2334919 Add a l7 static pod 2016-05-30 15:57:42 -07:00
Marcin
0b7c2fa6fe Allow to enable scale down in kube-up for gce 2016-05-30 17:07:54 +02:00
k8s-merge-robot
1e44212890 Merge pull request #26156 from gmarek/base64
Automatic merge from submit-queue

Change base64 -d flag to --decode flag to make it BSD compatible

cc @roberthbailey 

Fixes #25998
2016-05-29 09:45:49 -07:00
k8s-merge-robot
7fc2e16843 Merge pull request #26442 from mwielgus/reduce-ca-request
Automatic merge from submit-queue

Reduce cluster autoscaler request to fit into n1 master in e2e tests

cc: @piosz @fgrzadkowski @vulpecula
2016-05-27 13:11:13 -07:00
Alex Robinson
804e36be26 Merge pull request #26157 from gmarek/poll
Remove unused POLL_SLEEP_INTERVAL
2016-05-27 11:30:41 -07:00
Alex Robinson
1ec7fd4e1e Merge pull request #26174 from derekwaynecarr/enable_vagrant_accounting
Enable CPU and Memory accounting on vagrant cluster
2016-05-27 11:25:34 -07:00
Marcin
d6cba0165a Reduce cluster autoscaler request to fit into n1 master in e2e tests 2016-05-27 20:25:25 +02:00
Marcin
e7c69f67f2 Remove debug from GCI cluster autoscaler setup function 2016-05-27 20:02:40 +02:00
Alex Robinson
7551b0ff9f Merge pull request #26150 from wojtek-t/fix_flannel_config
Fix transient flannel etcd
2016-05-27 10:10:38 -07:00
Alex Robinson
ba3bf90448 Merge pull request #26363 from wonderfly/fix-yaml-search-path
GCI: Fix yaml search path
2016-05-27 09:58:03 -07:00
derekwaynecarr
6090bc9112 Enable CPU and Memory accounting on vagrant 2016-05-27 11:21:04 -04:00
derekwaynecarr
ff07195f4e Fix vagrant issues with salt bootstrap 2016-05-27 11:21:04 -04:00
k8s-merge-robot
e7269a13ff Merge pull request #26413 from mwielgus/gci-ca
Automatic merge from submit-queue

Support for cluster autoscaler in GCE Trusty and GCI images

Fixes: #26346
Ref: #26197

cc: @fgrzadkowski  @vulpecula @piosz @jszczepkowski
2016-05-27 06:58:15 -07:00
Marcin
5f2695be8e Support for cluster autoscaler in GCE Trusty and GCI images 2016-05-27 12:02:20 +02:00
Alex Mohr
1dfa068055 Merge pull request #26384 from Random-Liu/disable-node-problem-detector
Temporarily disable node-problem-detector to unblock #26351
2016-05-26 15:53:50 -07:00
Alex Mohr
0b7614d6cd Merge pull request #26382 from dchen1107/docker
Bump Node Image to  container-v1-3-v20160517
2016-05-26 15:53:22 -07:00
Random-Liu
e5320c6063 Temporarily disable node-problem-detector to unblock #26351 2016-05-26 14:06:05 -07:00
Dawn Chen
16662d8fb4 Bump Node Image to container-v1-3-v20160517 2016-05-26 13:30:56 -07:00
Alex Mohr
0f3003671c Merge pull request #25963 from bryk/release-beta1
Set Dashboard UI version to v1.1.0-beta1
2016-05-26 12:38:48 -07:00
Alex Mohr
6b169eaa85 Merge pull request #25125 from colhom/federation-e2e
e2e tests for federated-apiserver
2016-05-26 10:40:30 -07:00
Daniel Wang
5cd3c01bc5 GCI: Fix yaml search path 2016-05-26 10:10:37 -07:00
Abhi Shah
965e8dce12 Merge pull request #26114 from ArtfulCoder/dnsport
Add dnsmasq as a DNS cache in kube-dns pod
2016-05-26 08:13:58 -07:00
k8s-merge-robot
bb38265400 Merge pull request #26238 from ihmccreery/mount-points
Automatic merge from submit-queue

GCI-backed masters mount srv/kubernetes and srv/sshproxy in the right place

Fixes #26235.

cc @andyzheng0831
2016-05-25 23:46:08 -07:00
Colin Hom
a092fd2dd4 Federation build and e2e test integration
Federation components are now buildable and e2e-testable via e2e.go.
2016-05-25 15:07:27 -07:00
Isaac Hollander McCreery
559d8b1800 Make GCI-backed masters mount srv/kubernetes and srv/sshproxy in the same place as other masters 2016-05-25 10:16:57 -07:00
k8s-merge-robot
a2de33e7ff Merge pull request #26252 from piosz/ca-0.1.0
Automatic merge from submit-queue

Bumped Cluster Autoscaler to v0.1.0

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-05-25 01:50:39 -07:00
k8s-merge-robot
1fc5687715 Merge pull request #25784 from bprashanth/prepull
Automatic merge from submit-queue

Prepull images in e2e 

Quick and dirty image puller because the SQ stalled multiple times just *today* on image pull flake (https://github.com/kubernetes/kubernetes/issues/25277).
@kubernetes/sig-node @kubernetes/sig-testing wdyt?
2016-05-25 01:50:35 -07:00
Piotr Szczesniak
5e3dfdefa2 Bumped Cluster Autoscaler to v0.1.0 2016-05-25 09:38:29 +02:00
Abhishek Shah
10f9789bc3 added dnsmasq container in kubedns pod 2016-05-25 00:23:57 -07:00
Daniel Wang
3d95151971 Replace containervm with GCI as default master image for GCE clusters 2016-05-24 17:28:17 -05:00
Quintin Lee
3ca4c36ebc Don't try executing bash variable in assignment. 2016-05-24 11:50:16 -07:00
Omar Jarjur
338b33f3f4 Enable using gcr.io as a Docker registry mirror.
This only affects clusters running under GCE.
2016-05-24 08:12:48 -07:00
k8s-merge-robot
04d6162e0f Merge pull request #26071 from gmarek/kube-up
Automatic merge from submit-queue

Make node-instance-group base names unique to prevent collisions

We create multiple IGMs for >1000 Node clusters. When we have a conflict on base name IGMs will fight over ownership of the VM that happen to have the name belonging to multiple IGMs.

This change will increase reliability of starting big clusters.

cc @wojtek-t @alex-mohr @roberthbailey @mikedanese
2016-05-24 07:31:22 -07:00
Wojciech Tyczynski
e515da4545 Fix GCI after #26109 breakage 2016-05-24 14:12:30 +02:00
gmarek
049d7f6c50 Remove unused POLL_SLEEP_INTERVAL 2016-05-24 13:34:03 +02:00
gmarek
cafbdba7d9 Change base64 -d flag to --decode flag to make it BSD compatible 2016-05-24 13:24:55 +02:00
Wojciech Tyczynski
37261cc270 Fix transient flannel etcd 2016-05-24 11:15:16 +02:00
Quintin Lee
81ee3e2d30 Fixing heapster memory requirements. 2016-05-23 14:25:55 -07:00
Prashanth B
730555b09b Add an e2e image puller static pod 2016-05-23 19:17:09 +00:00
gmarek
7b629a778c Make node-instance-group base names unique to prevent collisions 2016-05-23 14:36:08 +02:00
Andy Zheng
6bb0a25f7a GCI: Add support for GCP webhook authentication and authorization 2016-05-23 00:52:08 -07:00
Andy Zheng
bd293e1522 GCI: support CIDR allocator for NodeController 2016-05-23 00:52:08 -07:00
Andy Zheng
914c1d61e9 GCI: Fix a cluster initialization failure caused by gce.conf 2016-05-23 00:52:08 -07:00
Andy Zheng
f31c4f6d69 Revert "Revert "Add support for running GCI on the GCE cloud provider""
This reverts commit 40f53b1765.
2016-05-23 00:52:08 -07:00
bryk
dfe46f3aa0 Set Dashboard UI version to v1.1.0-beta1
This is first of our betas. From now on, we'll be doing weekly releases
of new betas till we reach final v1.1 version.

https://github.com/kubernetes/dashboard/releases/tag/v1.1.0-beta1
2016-05-23 09:27:02 +02:00
k8s-merge-robot
fe15db60f4 Merge pull request #25986 from Random-Liu/enable-node-problem-detector
Automatic merge from submit-queue

Add node problem detector as an addon pod.

```release-note
Introduce a new add-on pod NodeProblemDetector.

NodeProblemDetector is a DaemonSet running on each node, monitoring node health and reporting
node problems as NodeCondition and Event. Currently it already supports kernel log monitoring, and
will support more problem detection in the future. It is enabled by default on gce now.
```

This PR enables NodeProblemDetector as an add-on pod.

/cc @mikedanese @kubernetes/sig-node 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-05-22 06:17:28 -07:00
k8s-merge-robot
82cb4c1758 Merge pull request #23930 from ArtfulCoder/vendor-skydns
Automatic merge from submit-queue

Use SkyDNS as a library for a more integrated kube DNS
2016-05-21 23:33:35 -07:00
k8s-merge-robot
1eb221e96f Merge pull request #25561 from andyzheng0831/webhook
Automatic merge from submit-queue

Configuration for GCP webhook authentication and authorization

This PR adds configuration for GCP webhook authentication and authorization in ContainerVM and GCI. The change of configure-vm.sh and kube-apiserver.manifest is directly copied from @cjcullen's PR #25380 and #25296. The change in GCI script configure-helper.sh includes the support for webhook authentication and authorization, and also some code refactor to improve readability.

@cjcullen @roberthbailey @zmerlynn please review it. The original PRs are P1, please mark this as P1.

cc/ @fabioy @kubernetes/goog-image FYI.

I verified it by running e2e tests on GCI cluster. Without the GCI side change, cluster creation fails as being capture by GKE Jenkins tests. I don't test when the two env GCP_AUTHN_URL and GCP_AUTHZ_URL are set, because they are only set in GKE. After this PR is merged, @cjcullen will test in GKE.
2016-05-21 22:30:14 -07:00
Cole Mickens
579d179239 azure: azkube v0.0.5 + deploy kube-system 2016-05-21 15:44:46 -07:00
k8s-merge-robot
5c08302954 Merge pull request #26006 from euank/service-cluster-ip-range
Automatic merge from submit-queue

cluster/gce/coreos: Set service-cluster-ip-range

Broken by #19242 

See also #26002 

This is necessary to kube-up for me, but depending on how #26002 plays out, this PR might not be necessary. Happy to close this or merge or whatever depending on what's best.

cc @yifan-gu @sjpotter @mikedanese
2016-05-21 12:43:48 -07:00
k8s-merge-robot
de76bfe78c Merge pull request #22663 from yifan-gu/gce_coreos_manifests
Automatic merge from submit-queue

cluster/gce/coreos: Update addon manifests.

cc @yujuhong @timstclair @ArtfulCoder
2016-05-20 23:56:01 -07:00
Abhishek Shah
3ada2170a3 pr feedback 2016-05-20 23:25:18 -07:00
k8s-merge-robot
ba959446f2 Merge pull request #25985 from elsonrodriguez/openstack-provider-heatfix
Automatic merge from submit-queue

Updating CentOS image, adding heat back to the required cli tools.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
Updated the CentOS cloudimage to the latest available, and also added heat to the required list of cli tools. This is an interim step to replacing all the commands with openstackclient.
2016-05-20 17:57:22 -07:00
Euan Kemp
6fa5a13f53 cluster/gce/coreos: Set service-cluster-ip-range 2016-05-20 17:10:17 -07:00
Mike Danese
bf70cfadf9 Merge pull request #25631 from luxas/hyperkube_cni_cross
Make addon-manager cross-platform and use it with hyperkube
2016-05-20 16:40:51 -07:00
Mike Danese
3e5c77efea Merge pull request #25545 from freehan/kubeneton
Turn on kubenet for GCE
2016-05-20 16:38:22 -07:00
Mike Danese
fd60748249 Merge pull request #25446 from bprashanth/glbc_version
Bump up glbc version to 0.6.2
2016-05-20 16:37:39 -07:00
Minhan Xia
592d672b6b Turn on kubenet as default for GCE 2016-05-20 16:36:53 -07:00
Abhishek Shah
a92ea56024 added build stuff for kube-dns 2016-05-20 15:08:11 -07:00
Random-Liu
195e2494ad Add node problem detector as an addon pod. 2016-05-20 13:54:19 -07:00
Elson O Rodriguez
c65e5c2b90 Updating CentOS image, adding heat back to the required cli tools. 2016-05-20 12:33:13 -07:00
Andy Zheng
728be2892a GCI: fix a breakage in controller-manager 2016-05-20 11:54:04 -07:00
k8s-merge-robot
f935507235 Merge pull request #19242 from mqliang/node-controller
Automatic merge from submit-queue

add CIDR allocator for NodeController

This PR:

* use pkg/controller/framework to watch nodes and	reduce lists when allocate CIDR for node
* decouple the cidr allocation logic from monitoring status logic

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/19242)
<!-- Reviewable:end -->
2016-05-20 09:45:05 -07:00
Lucas Käldström
73947cc5aa Large changes to the docker deployment. Added kube-addon-manager as a static pod. The addon-manager deploys kube-proxy as a DaemonSet as well as Dashboard and DNS automatically. SecurityContextDeny is removed from the manifests. Also, the turnup.sh and turndown.sh scripts are removed because we don't need them anymore, they're covered by the online documentation 2016-05-20 19:28:13 +03:00
Lucas Käldström
bff87ff2a7 Make the addon-manager cross-platform, change naming to binary-arch:version, remove deprecated kubectl command, add support for DaemonSets 2016-05-20 19:27:42 +03:00
Filip Grzadkowski
18e67573b8 Merge pull request #25739 from piosz/heapster-1.1.0-beta2
Bumped Heapster to v1.1.0-beta2
2016-05-20 15:41:54 +02:00
mqliang
17d5a302bb make podcidr mask size configurable 2016-05-20 20:44:40 +08:00
mqliang
cf7a3475f3 Don't allow node controller to allocate into service CIDR range 2016-05-20 20:44:40 +08:00
Filip Grzadkowski
2f2b7c8c97 Merge pull request #25734 from jszczepkowski/kac-test
Added enforcing of setting nodes numbers for cluster autoscaler.
2016-05-20 10:28:56 +02:00
Filip Grzadkowski
d1627111b3 Merge pull request #25767 from johscheuer/fix-hyperkube-makefile-2
Hyperkuber Makefile add support for OSX and Linux
2016-05-20 10:28:06 +02:00
Wojciech Tyczynski
b294979d00 Revert "Bump GCE ContainerVM to container-v1-3-v20160517 (Docker 1.11.1)" 2016-05-20 09:02:11 +02:00
Daniel Smith
1a64ae88b7 Merge pull request #25843 from zmerlynn/container-v1-3-v20160517
Bump GCE ContainerVM to container-v1-3-v20160517 (Docker 1.11.1)
2016-05-19 16:57:13 -07:00
Piotr Szczesniak
eea3a4e5fb Bumped Heapster to v1.1.0-beta2 2016-05-19 20:43:30 +02:00
Tim Hockin
77eff06a53 Make IsDNS1123Label return error strings 2016-05-19 08:57:49 -07:00
Daniel Smith
40f53b1765 Revert "Add support for running GCI on the GCE cloud provider" 2016-05-18 21:31:28 -07:00
Andy Zheng
a737e1eba1 Add support for running GCI on the GCE cloud provider 2016-05-18 15:15:05 -07:00
Daniel Smith
01cf9869fc Merge pull request #25504 from andyzheng0831/binary
GCI: Ensure that the right version of kubelet is used
2016-05-18 15:04:32 -07:00
k8s-merge-robot
51203dad7a Merge pull request #25763 from andyzheng0831/gci-image
Automatic merge from submit-queue

GCI: Fix the condition for using the default image

This PR revises the condition for using the default GCI image. The old logic is not convenient for manually run e2e tests in some cases (mainly for GCI team to test custom images). The new logic by this PR is very similar to the logic in using ContainerVM. When setting distro to "gci", if master or node image is unset, we use gci-dev for it. If either is set, we respect it.

@roberthbailey @zmerlynn @dchen1107 please review it, and we should cherry pick it in release-1.2 branch. Thanks!

cc/ @kubernetes/goog-image @adityakali FYI
2016-05-17 22:55:41 -07:00
Zach Loafman
4d551d640d Bump GCE ContainerVM to container-v1-3-v20160517
Bump to Docker 1.11.1
2016-05-17 14:52:16 -07:00
Yifan Gu
0a63b960ee cluster/gce/coreos: Add kubernetes-install-cni.service.
This downloads the CNI binaries and puts them into /opt/cni/bin dir.
2016-05-17 14:27:57 -07:00
Yifan Gu
faa8b105f9 cluster/gce/coreos: Use kube-addon manager pod to update addons. 2016-05-17 14:27:57 -07:00
Yifan Gu
6b358d5c4d cluster/gce/coreos: Update addon manifests. 2016-05-17 14:27:57 -07:00
Zach Loafman
87a8905b2c Fix gce/util.sh:get-master-root-disk-size 2016-05-17 13:43:17 -07:00
Johannes Scheuermann
cb11324cc3 Add support for OSX and Linux 2016-05-17 21:31:32 +02:00
Andy Zheng
e47f45d1a3 GCI: Fix the condition for using the default image 2016-05-17 10:53:14 -07:00
Jerzy Szczepkowski
858eb0388e Added enforcing of setting nodes numbers for cluster autoscaler.
Added enforcing of setting nodes numbers for cluster autoscaler in kube-up script.
2016-05-17 13:15:49 +02:00
k8s-merge-robot
1738bbfe5f Merge pull request #25693 from luxas/fix_hyperkube
Automatic merge from submit-queue

Fix hyperkube's layer caching, and remove --make-symlinks at build time

@david-mcmahon This is required before you release. Explanation in the code.
2016-05-17 04:01:43 -07:00
k8s-merge-robot
7c1d37bdb5 Merge pull request #24464 from matthewrudy/aws-ap-northeast2
Automatic merge from submit-queue

AWS: More support for ap-northeast-2 region

Issue #24446

The new AWS region for Seoul, Korea (ap-northeast-2)
was launched in January 2016
https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-seoul-region/

But it requires a few changes.

To test:
```
export KUBERNETES_PROVIDER=aws
export KUBE_AWS_ZONE=ap-northeast-2a
export MASTER_SIZE=t2.medium
export NODE_SIZE=t2.medium
export NUM_NODES=4
cluster/kube-up.sh
```

I assigned the AMIs by checking the specific version used from `ap-northeast-1`,
and finding the same image with the same datestamp.

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/24464)
<!-- Reviewable:end -->
2016-05-17 04:01:39 -07:00
Jerzy Szczepkowski
57425bd44d Bumped cluster autoscaler version.
Bumped cluster autoscaler version.
2016-05-17 09:44:48 +02:00
k8s-merge-robot
b7151cf4cd Merge pull request #25706 from andyzheng0831/find-cmd
Automatic merge from submit-queue

GCI/Trusty: Fix an issue in using 'find' commands

This PR makes the logic of 'find' command consistent with the 'cp' command afterwards, i.e., only check one layer of a given dir. Without this fix, we have seen a recent breakage after PR #25309 added the file cluster/addons/fluentd-elasticsearch/es-image/template-k8s-logstash.json. The 'find' command discovers this json file, but the 'cp' command fails. 

@roberthbailey @dchen1107 @zmerlynn please review this fix, and mark it as a cherry pick candidate. I already verified this fix can resolve the breakage.

cc/ @wonderfly @fabioy @kubernetes/goog-image FYI
2016-05-17 00:42:11 -07:00
k8s-merge-robot
ae15eff4ac Merge pull request #25687 from mattyw/01-fix-url-in-charm-readme
Automatic merge from submit-queue

cluster/juju: Updated the url for the getting started doc

Minor change to update the URL pointing at the "Running Kubernetes locally via Docker" document
2016-05-17 00:42:07 -07:00
k8s-merge-robot
ced2b65046 Merge pull request #25609 from andyzheng0831/log
Automatic merge from submit-queue

GCI: Enable the log of upstart jobs

This PR enables the log of upstart jobs in master.yaml and node.yaml. By default, log of upstart jobs are enabled in Trusty and placed in /var/log/upstart, but not enabled in GCI. This change explicitly directs the log to the system logger. For trusty, they are in /var/log/syslog file. In GCI, we can check it using "journalctl". This change will be useful for debugging if cluster initialization fails.

@roberthbailey @maisem @dchen1107 please review it. This will be useful for issues like #23634. We should also cherry pick it in release-1.2

cc/ @fabioy @zmerlynn @wonderfly FYI.
2016-05-17 00:42:03 -07:00
k8s-merge-robot
059980e3d9 Merge pull request #25670 from gmarek/root-disk
Automatic merge from submit-queue

Make bigger master root disks in GCE for large clusters

Ref. #25660

cc @zmerlynn @wojtek-t
2016-05-16 23:06:22 -07:00
Andy Zheng
f8739cd0c2 GCI:Trusty: Fix an issue in using 'find' commands 2016-05-16 17:48:29 -07:00
k8s-merge-robot
11cd07ef22 Merge pull request #25366 from Jollyturns/ubuntu-download-latest
Automatic merge from submit-queue

Automatically download the latest stable release version of Kubernetes.

The ubuntu version of download-release.sh included in the binary release downloads the released .tar.gz file again. Right now the version of the downloaded file is manually encoded within the script. This change fetches the released version automatically, similar to the shell script available on the main Kubernetes site below:

https://get.k8s.io/

Ideally the installation on bare metal ubuntu should work with the files available in the already downloaded package.

@mikedanese
2016-05-16 16:59:37 -07:00
Lucas Käldström
e7eff87455 Critical patch. Fix hyperkube's layer caching, and remove --make-symlinks at build time 2016-05-17 00:28:24 +03:00
Ovidiu Predescu
dd203087ef Automatically download the latest stable release version of
Kubernetes. Echo error to stderr. Simplify expression for
KUBE_VERSION. Explicitly match beginning of string.
2016-05-16 13:52:10 -07:00
mattyw
3c44752931 cluster/juju: Updated the url for the getting started doc 2016-05-16 20:56:17 +01:00
David McMahon
57247a672b Revert "OS X: Fix hyperkube build by adding empty string to sed invocation" 2016-05-16 12:25:54 -07:00
gmarek
64618c3311 Make bigger master root disks in GCE for large clusters 2016-05-16 15:57:56 +02:00
k8s-merge-robot
a0cc59f28a Merge pull request #25658 from jszczepkowski/kac-test
Automatic merge from submit-queue

Updated e2e tests for cluster autoscaling.

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

Updated e2e tests for cluster autoscaling to work with the new cluster autoscaler.
2016-05-16 06:56:30 -07:00
Jerzy Szczepkowski
96818874f4 Updated e2e tests for cluster autoscaling.
Updated e2e tests for cluster autoscaling to work with the new cluster autoscaler.
2016-05-16 14:49:43 +02:00
k8s-merge-robot
61f383e5d1 Merge pull request #23785 from ajohnstone/23784-aws-vpc-key-error
Automatic merge from submit-queue

AWS kube-down: don't fail if ELB not in VPC - #23784

Prevent python undefined key error.

```
Traceback (most recent call last):
  File "<string>", line 1, in <module>
KeyError: 'VPCId'
```

Fixes #23784

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/23785)
<!-- Reviewable:end -->
2016-05-16 01:45:49 -07:00
k8s-merge-robot
7fdfe1b387 Merge pull request #25309 from keontang/es-patch
Automatic merge from submit-queue

add index template for es aggregations

This index template helps us to do es aggregations of namespace_name, pod_name and container_name. Then after doing eggs, we will get the whole name not all the spilt pieces.  
fix #25127
2016-05-16 01:01:24 -07:00
k8s-merge-robot
1cba05574b Merge pull request #25619 from skrassiev/bug/aws_invalid_endpoint_24020
Automatic merge from submit-queue

Fixed 'Invalid endpoint: https://ec2.us-east-.amazonaws.com'. #24420 #24420

Addresses:

- https://github.com/kubernetes/kubernetes/issues/24020

- https://github.com/kubernetes/kubernetes/issues/24420
2016-05-16 00:04:04 -07:00
k8s-merge-robot
c044b5e93b Merge pull request #25402 from kubevirt/master
Automatic merge from submit-queue

Add nfs support for vagrant nodes.

## Pull Request Guidelines

1. Please read our [contributor guidelines](https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md).
1. See our [developer guide](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md).
1. Follow the instructions for [labeling and writing a release note for this PR](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes) in the block below.

```release-note
* Use the release-note-* labels to set the release note state 
* Clear this block to use the PR title as the release note 
-OR-
* Enter your extended release note here
```


[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

This will allow to use NFS volumes on those nodes
2016-05-16 00:04:00 -07:00
zhouhaibing089
cee09e17a4 mount instanceid file from config drive when using openstack cloud provider 2016-05-16 09:50:15 +08:00
keontang
1520a01d97 Fixed #25127 2016-05-16 09:03:00 +08:00
k8s-merge-robot
aada051b20 Merge pull request #25357 from mwielgus/ca-salt
Automatic merge from submit-queue

Salt configuration for the new Cluster Autoscaler for GCE

Adds support for cloud autoscaler from contrib/cloud-autoscaler in kube-up.sh GCE script.

cc: @fgrzadkowski @piosz
2016-05-15 11:35:19 -07:00
k8s-merge-robot
87403cfe7b Merge pull request #25173 from ixdy/gcloud-grep-awk-cut
Automatic merge from submit-queue

Use --format='value(name)' with gcloud instead of grep/awk/cut

Fixing our fragile parsing of `gcloud` is getting old (#24746, #25159, maybe others?).

Instead, let's just get the proper output out of `gcloud` in the first place.
2016-05-15 07:46:28 -07:00
Alexander Krassiev
be2633a0a1 Fixed 'Invalid endpoint: https://ec2.us-east-.amazonaws.com'. #24420 #24020 2016-05-14 11:08:04 -07:00
Andy Zheng
45baf1e7cf GCI: Enable logs for upstart jobs 2016-05-13 22:29:24 -07:00
Jeff Lowdermilk
e7ab3a39d1 Merge pull request #25518 from euank/cluster-common-python3
cluster: make gen-uid python3 compatible
2016-05-13 15:07:46 -07:00
Jeff Lowdermilk
4abb50ee70 Merge pull request #25397 from thockin/build-non-root-prep
Make it possible to use kube-cross as non-root
2016-05-13 10:33:02 -07:00
Andy Zheng
9811009d9f Configuration for GCP webhook authentication and authorization 2016-05-13 10:18:07 -07:00
Matthew Rudy Jacobs
895e44405c Add configuration for AWS ap-northeast-2 region
Added AWS_IMAGEs from https://cloud-images.ubuntu.com/locator/
2016-05-14 01:15:55 +08:00
Jeff Lowdermilk
c0e12f2f96 Merge pull request #25299 from andyzheng0831/yaml
GCI/Trusty: Support the new var in glbc.yaml
2016-05-13 10:12:23 -07:00
Jeff Lowdermilk
f4c9624c1a Merge pull request #25197 from oszi/expose-etcd-ports
Expose commonly used ports in the etcd image
2016-05-13 10:08:33 -07:00
Jeff Lowdermilk
1d67b6ca81 Merge pull request #24617 from pnegahdar/dn_server_config
Allow DNS_SERVER_IP and DNS_DOMAIN to be configurable in GCE deploy
2016-05-13 10:05:36 -07:00
Marcin Wielgus
ac4b380453 Salt configuration for the new Cluster Autoscaler for GCE 2016-05-13 17:04:24 +02:00
Saad Ali
55f7bb9c1d Merge pull request #23775 from justinsb/aws_default_variables
AWS kube-up: default some variables to empty, to avoid warnings
2016-05-12 15:47:16 -07:00
Filip Grzadkowski
bfb49d0a97 Revert "Add configuration for GCP webhook authorization." 2016-05-12 13:02:10 +02:00
k8s-merge-robot
18b124f981 Merge pull request #25296 from cjcullen/gcpauthz
Automatic merge from submit-queue

Add configuration for GCP webhook authorization.

Plumb through configuration of webhook authorization on GCE.
2016-05-11 23:45:10 -07:00
k8s-merge-robot
4e57c80052 Merge pull request #24600 from pweil-/psp
Automatic merge from submit-queue

PSP admission

```release-note
Update PodSecurityPolicy types and add admission controller that could enforce them
```

Still working on removing the non-relevant parts of the tests but I wanted to get this open to start soliciting feedback.

- [x] bring PSP up to date with any new features we've added to SCC for discussion
- [x] create admission controller that is a pared down version of SCC (no ns based strategies, no user/groups/service account permissioning)
- [x] fix tests

@liggitt @pmorie - this is the simple implementation requested that assumes all PSPs should be checked for each requests.  It is a slimmed down version of our SCC admission controller

@erictune @smarterclayton
2016-05-11 21:26:45 -07:00
k8s-merge-robot
4513b7c2a4 Merge pull request #25495 from davidopp/change-owners
Automatic merge from submit-queue

Remove myself from a bunch of OWNERS files

For the time being I am too overloaded to do non scheduler/admission related reviews that aren't explicitly assigned to me.

cc/ @brendandburns
2016-05-11 19:18:33 -07:00
k8s-merge-robot
666a54052d Merge pull request #25156 from wonderfly/add_image_family_flag_gke_cluster
Automatic merge from submit-queue

Add --image-type option to GKE kube-up

@maisem @roberthbailey Can you review?

cc/ @andyzheng0831
2016-05-11 19:18:26 -07:00
Euan Kemp
fd26cb9e1e cluster: make gen-uid python3 compatible 2016-05-11 17:52:53 -07:00
Paul Weil
65c8a1f66c default policy 2016-05-11 18:07:36 -04:00
Andy Zheng
63494f6f06 GCI: Ensure that the right version of kubelet is used 2016-05-11 14:40:50 -07:00
David Oppenheimer
4ae37df7b7 Remove myself from a bunch of OWNERS files, as I am too overloaded
to do so many code reviews right now.
2016-05-11 13:34:51 -07:00
k8s-merge-robot
91daebd951 Merge pull request #25350 from gmarek/configs-cidr
Automatic merge from submit-queue

Change default clusterCIDRs from /16 to /14 in GCE configs allowing 1000 Node clusters by default.

cc @thockin @roberthbailey @wojtek-t @zmerlynn @davidopp
2016-05-11 08:54:23 -07:00
Andrey Kurilin
9899af6ca2 Check existence of kubernetes dir for get-kube.sh
There are a lot of references to https://get.k8s.io/ over the internet.
Most of such references do not describe KUBERNETES_SKIP_DOWNLOAD env variable
and newbies can get into a situation described below:

- execute `wget -q -O - https://get.k8s.io | bash`
- receive a failure due too missed packages or some configs
- fix the issue
- try again `wget -q -O - https://get.k8s.io | bash`

In this case, get-kube.sh will not check that kubernetes directory already
exist and repeat download again.
Lets make get-kube.sh more user-friednly and check existence if kubernetes dir
2016-05-11 16:19:18 +03:00
Wojciech Tyczynski
89b915a3b2 Fix default arguments in kubemark 2016-05-11 13:10:12 +02:00
k8s-merge-robot
b79a1bb689 Merge pull request #25410 from gmarek/pipe
Automatic merge from submit-queue

Pipe variables from kubemark config to master binaries
2016-05-11 03:45:31 -07:00
gmarek
4a5ec11ce6 Pipe variables from kubemark config to master binaries 2016-05-11 11:22:03 +02:00
k8s-merge-robot
17c3f19c64 Merge pull request #21737 from FujitsuEnablingSoftwareTechnologyGmbH/openstack-provider
Automatic merge from submit-queue

Openstack provider

Our pull request delivers solution to create Kubernetes cluster on the top of OpenStack. Heat OpenStack Orchestration engine describes the infrastructure for Kubernetes cluster. CentoOS images are used for Kubernetes host machines.

We tested our solution with DevStack and Citycloud provider.

We believe that our solution will fill the gap that which is on the market.

<!-- Reviewable:start -->
---
This change is [<img src="http://reviewable.k8s.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](http://reviewable.k8s.io/reviews/kubernetes/kubernetes/21737)
<!-- Reviewable:end -->
2016-05-10 23:56:47 -07:00
Daniel Wang
09a9ea68c2 Add --image-type option to GKE kube-up 2016-05-10 21:27:31 -07:00
Fabio Yeon
05cfd9c584 Merge pull request #24852 from johscheuer/fix-hyperkube-makefile
OS X: Fix hyperkube build by adding empty string to sed invocation
2016-05-10 19:40:52 -07:00
Fabio Yeon
4dcc4bbcd8 Merge pull request #23362 from miguelfrde/configure-base-vpc-cidr
AWS kube-up: Allow VPC CIDR to be specified (experimental)
2016-05-10 19:37:33 -07:00
Fabio Yeon
d4de319ea8 Merge pull request #16000 from cilium-team/change-docker-storage-driver
Changed docker storage driver to overlayfs
2016-05-10 19:36:49 -07:00
Prashanth Balasubramanian
0a1c15c64a Bump up glbc version to 0.6.2 2016-05-10 17:07:45 -07:00
Zach Loafman
e42f201189 GKE provider: Add cluster-ipv4-cidr and arbitrary flags 2016-05-10 16:00:34 -07:00
Fabio Yeon
58617a083c Merge pull request #25405 from justinsb/fix/23623
AWS kube-up: Increase timeout waiting for docker start
2016-05-10 15:50:37 -07:00
Tim Hockin
92da8e6f1c Make it possible to use kube-cross as non-root
The extra TMPDIR was not writable except as root.  This is not the only fix
needed for this goal, but is necessary.
2016-05-10 10:06:56 -07:00
Justin Santa Barbara
cc4ac5459c AWS kube-up: Increase timeout waiting for docker start
Apparently our cluster start time increased, to the point where users
are reporting spurious timeouts (#23623) and users are reporting that
increasing the timeout fixes the issue (thanks @paralin for the
suggestion and @jlfields for confirming).

Fix #23623
2016-05-10 09:11:33 -04:00
Tolik Litovsky
a5bce254de Add nfs support for vagrant nodes.
This will allow to use NFS volumes on those nodes
2016-05-10 15:17:35 +03:00
gmarek
5dc3d50aba Change default clusterCIDRs to /14 2016-05-10 12:44:49 +02:00
k8s-merge-robot
35e92ad00c Merge pull request #25378 from andyzheng0831/kube-addon
Automatic merge from submit-queue

GCI/Trusty: Fix the running of kube-addon-manager

This PR fixes the issue that kube-addon-master (added in #23600) is not started. Without this fix, no kube-system pods can be running correctly. As a result, the GCI-based Jenkins testing k8s head has been down for a couple of days. The root cause is that we stopped to use namespace.yaml, but configure-helper.sh still tries to copy it. This PR also gets rid of /var/cache/kubernetes-install/kube_env.yaml, as it is not needed anymore after #24108.

@mikedanese @roberthbailey @dchen1107 please review it. If possible please mark it as P1, as it blocks GCI-based Jenkins tests.

cc/ @kubernetes/goog-image @fabioy FYI
2016-05-10 00:01:08 -07:00
k8s-merge-robot
35aff74f9c Merge pull request #23121 from deromka/master
Automatic merge from submit-queue

Added vsphere support for vagrant

Since the native vsphere support (using govc library) requires admin permissions on ESX/vCenter, not everyone can have such permissions. So I'm adding a vsphere support using vagrant using vagrant-vsphere plugin
2016-05-09 23:18:19 -07:00
Lukasz Zajaczkowski
892c2abaf5 Name adjustment to OpenStack-Heat in cluster/get-kube.sh 2016-05-10 07:25:29 +02:00
Andy Zheng
74fd5d35f0 GCI/Trusty: Support the new var in glbc.yaml 2016-05-09 17:40:59 -07:00
Andy Zheng
d8314b1b9b GCI/Trusty: Fix the running of kube-addon-manager 2016-05-09 16:00:33 -07:00
CJ Cullen
de71a2a76e Add configuration for GCP webhook authorization. 2016-05-09 09:17:40 -07:00
k8s-merge-robot
fa95788e56 Merge pull request #24242 from thockin/godep_vendor_dir
Automatic merge from submit-queue

Move godeps to vendor/

This is a first-step towards glide support, maybe we don't want or need to take this, but it was easy to try.

This fails to compile, not sure why:

```
# k8s.io/kubernetes/pkg/apis/extensions/v1beta1
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2703: undefined: extensions.ClusterAutoscaler
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2703: undefined: ClusterAutoscaler
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2719: undefined: extensions.ClusterAutoscaler
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2719: undefined: ClusterAutoscaler
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2723: undefined: extensions.ClusterAutoscalerList
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2723: undefined: ClusterAutoscalerList
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:3468: Convert_extensions_JobSpec_To_v1beta1_JobSpec redeclared in this block
	previous declaration at _output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion.go:328
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:3845: Convert_extensions_ScaleStatus_To_v1beta1_ScaleStatus redeclared in this block
	previous declaration at _output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion.go:98
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:4737: Convert_v1beta1_JobSpec_To_extensions_JobSpec redeclared in this block
	previous declaration at _output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion.go:380
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:5186: Convert_v1beta1_ScaleStatus_To_extensions_ScaleStatus redeclared in this block
	previous declaration at _output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion.go:120
_output/local/go/src/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/conversion_generated.go:2723: too many errors
!!! Error in /home/thockin/tmp/godep-vendor/src/k8s.io/kubernetes/hack/lib/golang.sh:417
```
2016-05-08 22:20:09 -07:00
k8s-merge-robot
5dd087040b Merge pull request #24511 from pbx0/kubelet-symlink
Automatic merge from submit-queue

cluster/images/hyperkube: create symlink for each server

Add a kubelet symlink so that the hyperkube image can appear as a kubelet image. https://github.com/kubernetes/kubernetes/issues/24510
2016-05-08 21:31:23 -07:00
Tim Hockin
cbf886c7f4 Convert everything to use vendor/ 2016-05-08 20:30:37 -07:00
k8s-merge-robot
f46f35a9df Merge pull request #23600 from mikedanese/addon-manager
Automatic merge from submit-queue

run kube-addon-manager in a static pod

Depends on https://github.com/kubernetes/kubernetes/pull/23605 and https://github.com/kubernetes/kubernetes/pull/24108

Ref #23233
2016-05-08 11:30:44 -07:00
k8s-merge-robot
2b46c4b7e2 Merge pull request #24391 from bprashanth/ing_templated_controller
Automatic merge from submit-queue

Template the ingress controller 

We still need https://github.com/kubernetes/contrib/pull/791 to run the controller as a static pod
ref https://github.com/kubernetes/kubernetes/issues/23663
2016-05-06 20:04:51 -07:00
Jeff Grafton
bc7922c374 Replace awkward bash pipelines with gcloud's --format='value()'
Also remove old `gcloud compute instance-groups managed get-operation`
code. This command doesn't even exist in gcloud anymore.
2016-05-06 15:49:57 -07:00
Robert Bailey
67b6911809 Merge pull request #24673 from thockin/e2e-24182-reties
Add retries to validate-cluster
2016-05-06 15:08:51 -07:00
Robert Bailey
c11229f960 Merge pull request #24881 from vmware/vsphere-ui-fix
Fixed vSphere kube-up implementation to allow Kubernetes dashboard (UI) to work
2016-05-06 15:08:04 -07:00
Robert Bailey
c9442ee47c Merge pull request #25114 from aaronlevy/hyperkube-pkg-upgrade
Upgrade installed packages when building hyperkube to improve the security profile
2016-05-06 15:03:52 -07:00
Robert Bailey
5f4f59e671 Merge pull request #24950 from andyzheng0831/apiserver
GCI/Trusty: Support ABAC authorization
2016-05-06 13:59:39 -07:00
Robert Bailey
8a4295778f Merge pull request #24896 from mikedanese/hyperkube-cni
add cni plugins to hyperkube image
2016-05-06 13:58:07 -07:00
Mike Danese
3e1c0b5951 run kube-addon-manager in a pod 2016-05-06 11:01:06 -07:00
Wojciech Tyczynski
247512d86a Fix proto configs 2016-05-06 10:25:59 +02:00
Alex Robinson
6cfaed1299 Don't surround node-tags list with square brackets
That's not how yaml list parsing works...
2016-05-05 22:05:50 +00:00
Francois Deppierraz
1769760db0 Automatically detect swift URL if not specified 2016-05-05 23:58:43 +02:00
Patrick Baxter
e96e57c8f7 cluster/images/hyperkube: create symlink for each server 2016-05-05 21:36:18 +00:00
Mike Danese
4aba77c1f8 add cni plugins to hyperkube image 2016-05-05 14:24:14 -07:00
k8s-merge-robot
84573939ff Merge pull request #25105 from andyzheng0831/metadata
Automatic merge from submit-queue

GCI: Add two GCI specific metadata pairs

This PR adds two GCI specific metadata pairs when using GCI image.

(1) "gci-update-strategy": by default the GCI in-place updater is enabled. It means that when a new image is released, the instance on the old image will be upgraded to the new image. In this change, we turn it off;

(2) "gci-ensure-gke-docker": GCI is built with two versions of docker. When this metadata is set to "true", the version satisfying kubernetes qualification will be used. Setting this metadata prevents from using incorrect docker version.
2016-05-05 10:28:58 -07:00
David Osztertag
9e4bc8cee6 Merge COPY lines in etcd Dockerfile 2016-05-05 15:18:55 +02:00
k8s-merge-robot
ca830803f2 Merge pull request #25187 from wojtek-t/configure_proto_for_test_clusters
Automatic merge from submit-queue

Configure proto for test clusters

ref #25132

@smarterclayton - FYI
2016-05-05 06:16:40 -07:00
David Osztertag
68af7dc141 Expose old and new etcd client and server ports 2016-05-05 14:31:06 +02:00
k8s-merge-robot
c79c5864e7 Merge pull request #25051 from spxtr/fix-1.6.2
Automatic merge from submit-queue

Use v1.6.2-1 tag for build.

Is there any reason these don't use the VERSION file like everything else? cc @luxas @ixdy
2016-05-05 03:36:27 -07:00
k8s-merge-robot
0e2ecb7ac6 Merge pull request #24694 from vulpecula/local-ssd-configure-2
Automatic merge from submit-queue

Support local SSDs for GKE and GCE nodes.



```release-note
Support local SSDs for GKE and GCE nodes.
```
2016-05-05 02:24:34 -07:00
Wojciech Tyczynski
7ed573cf66 Enable configuring content type in tests 2016-05-05 08:46:21 +02:00
k8s-merge-robot
6f13b4e7ed Merge pull request #25175 from freehan/bumpcni
Automatic merge from submit-queue

bump cni version again

Need to bump again. I made a mistake on the last build.
2016-05-04 20:25:25 -07:00
Minhan Xia
174d327695 bump cni version again 2016-05-04 16:28:04 -07:00
Alex Robinson
b75fa08aec GCE: Prefer preconfigured node tags for firewalls, if available 2016-05-04 22:49:06 +00:00
Jeff Grafton
6cd9dcba60 Use --format='value()' instead of --fields with gcloud 2016-05-04 12:32:13 -07:00
Wojciech Tyczynski
25164537ef ref 2016-05-04 16:53:59 +02:00
k8s-merge-robot
963aebd3e5 Merge pull request #25123 from jlewi/jessie
Automatic merge from submit-queue

Add an entry to the salt config to allow Debian jessie on GCE.

```release-note
Add an entry to the salt config to allow Debian jessie on GCE.

As with the existing Wheezy image on GCE, docker is expected
to already be installed in the image.
```


[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()
2016-05-04 04:22:39 -07:00
k8s-merge-robot
dcc2a400d0 Merge pull request #25115 from freehan/bumpcni
Automatic merge from submit-queue

bump cni binary
2016-05-04 03:07:06 -07:00
Jeremy Lewi
ccf4b381db Add an entry to the salt config to allow Debian jessie on GCE.
As with the existing Wheezy image on GCE, docker is expected
to already be installed in the image.
2016-05-03 22:17:38 -07:00
Minhan Xia
87c66c517d bump cni binary 2016-05-03 17:18:26 -07:00
Aaron Levy
dd8c3588ef cluster/images/hyperkube: Upgrade installed packages 2016-05-03 17:17:03 -07:00
Andy Zheng
73ee508005 GCI: Add two GCI specific metadata pairs 2016-05-03 14:45:27 -07:00
Isaac Hollander McCreery
be7209d4fc Mark kube-push.sh as broken 2016-05-03 10:53:33 -07:00
Joe Finney
f128b30318 Use v1.6.2-1 tag for build. 2016-05-02 14:43:06 -07:00
Mike Danese
181e95c073 rever the vspeher change to skydns plugin 2016-05-01 14:56:57 -07:00
André Martins
0000a7084d Changed docker storage driver to overlayfs.
Signed-off-by: André Martins <aanm90@gmail.com>
2016-05-01 01:04:30 +01:00
k8s-merge-robot
ee2a0694b6 Merge pull request #24872 from smarterclayton/propogate_int_types
Automatic merge from submit-queue

Convert internal types to use exact precision integers

This makes conversion more suitable for future optimizations, and we need to stop pretending for some of our internal types that the width of the int doesn't matter.

@wojtek-t
2016-04-29 18:50:37 -07:00
k8s-merge-robot
f8196d9048 Merge pull request #24834 from ixdy/node-names
Automatic merge from submit-queue

Fix detect-node-names to not error out if there are no nodes

Fixes #21564.

Teardown was not working correctly in rare cases because `detect-node-names` was failing before any of the actual cleanup was run. I'm pretty sure the issue was that there was an instance group, but no instances in the instance group, so we bailed out when we tried to expand the bash array.

This PR adds a guard so we don't bail if the array is empty.

cc @jlowdermilk @spxtr
2016-04-29 16:37:41 -07:00
Clayton Coleman
fdb110c859
Fix the rest of the code 2016-04-29 17:12:10 -04:00
Andy Zheng
967fd495e0 GCI: Update the command to get the image 2016-04-29 09:15:27 -07:00
Lukasz Zajaczkowski
53eef9e412 Merge pull request #11 from elsonrodriguez/openstack-provider-hostname
Adding workaround for hostname swapping issue in OpenStack kube-up provider
2016-04-29 12:41:38 +02:00
k8s-merge-robot
ad67363c12 Merge pull request #24362 from ArtfulCoder/hostname-field
Automatic merge from submit-queue

Promote Pod Hostname & Subdomain to fields (were annotations)

Deprecating the podHostName, subdomain and PodHostnames annotations and created corresponding new fields for them on PodSpec and Endpoints types.

Annotation doc: #22564
Annotation code: #20688
2016-04-29 01:06:45 -07:00
Lukasz Zajaczkowski
5b84667dd6 Merge pull request #10 from ctrlaltdel/openstack-provider-ssl-fix
Expose /etc/pki from host to kube-apiserver and controller-manager
2016-04-29 09:22:47 +02:00
Lukasz Zajaczkowski
895c543c8c Add missing single speech mark after rebase 2016-04-29 08:16:23 +02:00
Elson O Rodriguez
9004dc383b Adding workaround for hostname swapping issue in OpenStack kube-up provider.
On reboot, minions hostname would change, causing issue querying Openstack API and registering with kube-apiserver.

This is due to a bug in cloud-init which has been patched but apparently not widely distributed.

Should be harmless on unaffected systems.
https://bugs.launchpad.net/cloud-init/+bug/1246485
http://blog.oddbit.com/2014/12/10/cloudinit-and-the-case-of-the-changing-hostname/
2016-04-28 22:36:00 -07:00
Francois Deppierraz
dd786794e9 Expose /etc/pki from host to kube-apiserver and controller-manager
CentOS 7 Core nodes running on OpenStack with an SSL-enabled API
endpoint results in the following error without this patch:

F0425 19:00:58.124520       5 server.go:100] Cloud provider could not be initialized: could not init cloud provider "openstack": Post https://my.openstack.cloud:5000/v2.0/tokens: x509: failed to load system roots and no roots provided

The root cause is that the ca-bundle.crt file is actually a symlink
which points to a directory which wasn't previously exposed.

[root@kubernetesstack-master ~]# ls -l /etc/ssl/certs/ca-bundle.crt
lrwxrwxrwx. 1 root root 49 18 nov 11:02 /etc/ssl/certs/ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
[root@kubernetesstack-master ~]#
2016-04-28 23:07:24 +02:00
Andy Zheng
27c9ee3646 GCI/Trusty: Support ABAC authorization 2016-04-28 14:04:28 -07:00
Abhishek Shah
8a3ed48808 Added Hostname and Subdomain field to Pod.Spec 2016-04-28 10:56:56 -07:00
Lukasz Zajaczkowski
5f929d2a4c Replace heat client to openstack to avoid warnings 2016-04-28 14:06:30 +02:00
Elson O Rodriguez
c5ca66b2e1 Changing openstack to openstack-heat in get-kube.sh 2016-04-28 14:06:30 +02:00
Elson O Rodriguez
7b3b24c4f5 Triages #7 for OpenStack provider, still needs work.
Fixed the order of fields for basic_auth.

This provider still needs to leverage common.sh for generating proper credentials though.

Also documented a pattern for how to get the SWIFT_SERVER_URL automatically
2016-04-28 14:06:30 +02:00
Elson O Rodriguez
9226cf7460 Undoing regression of #23311 2016-04-28 14:06:30 +02:00
Elson O Rodriguez
545b230851 Adding socat package for Redhat systems in Salt 2016-04-28 14:06:30 +02:00
Elson O Rodriguez
001678991b Removing an invalid reference to cadvisor from salt.
It looks like this was left over from https://github.com/kubernetes/kubernetes/pull/23316
2016-04-28 14:06:30 +02:00
OHTAKE Tomohiro
5ea2940cfe Rename the provider to openstack-heat
There might be several methods to deploy a Kubernetes cluster on OpenStack.
It is better to name the provider more specific.
2016-04-28 14:06:30 +02:00
OHTAKE Tomohiro
23bcbbfaca Add braces around environment variable names
Parameter names of Heat str_replace remain unchanged
2016-04-28 14:06:29 +02:00
OHTAKE Tomohiro
7f37ab5034 Remove unused code 2016-04-28 14:06:29 +02:00
Lukasz Zajaczkowski
a4e6e7fa47 Add configuration for e2e tests 2016-04-28 14:06:29 +02:00
Elson O Rodriguez
35bbc186aa Increasing default node size for kube-up Openstack provider.
The default pod sizes are too small for some Java apps. Also the logging/monitoring pods were taking up too many resources.
2016-04-28 14:06:29 +02:00
Elson O Rodriguez
d28fd393cf Enabled Addons for Openstack kube-up provider.
Hard-coded the enabling of the common addons:

- logging
- kube-dashboard
- monitoring

Will make it configureable in a subsequent PR.
Also need to enable configuration of basic_auth.csv
2016-04-28 14:06:29 +02:00
Elson O Rodriguez
4773808767 Improved user experience for users of OpenStack provider behind a proxy. 2016-04-28 14:06:29 +02:00
Elson O Rodriguez
8315734bab Adding openstack example to get-kube.sh 2016-04-28 14:06:29 +02:00
Elson O Rodriguez
707ef2ce76 Adding missing variable defaults for OpenStack provider. 2016-04-28 14:06:29 +02:00
Elson O Rodriguez
2ffc86bc1d Adding automatic OS image download for Openstack provider.
This makes it so that we download the OS image automatically.

Also contains other usability improvements:
- kubectl context created with heat stack name
- Bumped default minions to 3
2016-04-28 14:06:29 +02:00
Elson O Rodriguez
5ae161e086 Adding cloudprovider support for Openstack kube-up provider.
Making the assumption that the person running kube-up has their
Openstack environment setup, those same variables are being passed
into heat, and then into openstack.conf.

The salt codebase was modified to add openstack as well.
2016-04-28 14:06:29 +02:00
Elson O Rodriguez
21627f5b7e Made it so that existing Openstack environment variables are used.
If someone has an openrc as part of their profile, this will make kube-up work automatically.

The only things that have to be modified are in config-default.sh, either by editing the file or setting environment variables.
2016-04-28 14:06:29 +02:00
Elson O Rodriguez
126b6c0950 Fixed proxy settings for minion, added comments. 2016-04-28 14:06:29 +02:00
Elson O Rodriguez
b4333adeac Adding support for provisioning behind a Proxy.
This assumes you have your environement variables set correctly.

When ENABLE_PROXY is set to true, it takes the current proxy
settings and applies them to the heat configuration.

Also modified the defaults system in config-default.sh
2016-04-28 14:06:29 +02:00
OHTAKE Tomohiro
b5913ab43e Make shell script compatible with older bash 2016-04-28 14:06:29 +02:00
urcan
730b7ef097 certificate should be created for the virtual kubernetes ip 2016-04-28 14:06:29 +02:00
OHTAKE Tomohiro
249a5c9f0f Use host-gw flannel for better performance 2016-04-28 14:06:29 +02:00
OHTAKE Tomohiro
188b303dd0 Execute salt-call twice 2016-04-28 14:06:29 +02:00
Lukasz Zajaczkowski
840aa9c186 OpenStack provider
- Create Kubernetes cluster on the top of OpenStack
2016-04-28 14:06:29 +02:00
OHTAKE Tomohiro
c7b447b9fc Add Heat template to create a Kubernetes stack on OpenStack 2016-04-28 14:06:29 +02:00
k8s-merge-robot
537dedf684 Merge pull request #24796 from johscheuer/fix-vagrant
Automatic merge from submit-queue

Update Docker version after cockpit installation

Fixes https://github.com/kubernetes/kubernetes/issues/24530
The vagrant setup didn't worked for me because `cockpit cockpit-kubernetes` brings their own Docker version (1.7) which doesn't work and the master components doesn't come up. More information about this bug are in my [issue](https://github.com/kubernetes/kubernetes/issues/24530).

My test system:

```bash
$ uname -a                        
Darwin MyMacBook.local 15.4.0 Darwin Kernel Version 15.4.0: Fri Feb 26 22:08:05 PST 2016; root:xnu-3248.40.184~3/RELEASE_X86_64 x86_64

$ vagrant --version                                                                                                                                                             
Vagrant 1.8.1

$ VBoxManage --version                                                                                                                                                          
5.0.16r105871
```
2016-04-28 04:38:47 -07:00
k8s-merge-robot
19408e5575 Merge pull request #24893 from andyzheng0831/gci
Automatic merge from submit-queue

Add support for running clusters on GCI

Google Container-VM Image (GCI) is the next revision of Container-VM. See documentation at https://cloud.google.com/compute/docs/containers/vm-image/. This change adds support for starting a Kubernetes cluster using GCI.

With this change, users can start a kubernetes cluster using the latest kubelet and kubectl release binary built in the GCI image by running:

	$ KUBE_OS_DISTRIBUTION="gci" cluster/kube-up.sh

Or run a testing cluster on GCI by running:

	$ KUBE_OS_DISTRIBUTION="gci" go run hack/e2e.go -v --up

The commands above will choose the latest GCI image by default.
2016-04-27 23:46:26 -07:00
Christian Stewart
1491e6c662
cluster/aws: Add option for kubeconfig context
Added KUBE_CONFIG_CONTEXT environment variable to customize the
kubeconfig context created at the end of the aws kube-up script.

Signed-off-by: Christian Stewart <christian@paral.in>
2016-04-28 00:06:58 -04:00
k8s-merge-robot
7a09fbcf97 Merge pull request #24210 from cjcullen/abacAuth
Automatic merge from submit-queue

Switch to ABAC authorization from AllowAll

Switch from AllowAll to ABAC. All existing identities (that are created by deployment scripts) are given full permissions through ABAC. Manually created identities will need policies added to the `policy.jsonl` file on the master.
2016-04-27 16:43:08 -07:00
k8s-merge-robot
9fd05474c2 Merge pull request #24108 from mikedanese/kube-addon-cleanup
Automatic merge from submit-queue

don't source the kube-env in addon-manager

This was added in 2feb658ed7 which became unused after #23603 but wasn't removed
2016-04-27 16:07:54 -07:00
Andy Zheng
93929c3853 Add support for running clusters on GCI 2016-04-27 15:24:21 -07:00
Alain Roy
10545d72b3 Fixes to allow Kubernetes dashboard (UI) to work
The UI didn't work with vSphere kube-up implementation. This fixes
that by making the following changes:

* Configure the apiserver with admission controls, especially
  ServiceAccount. This will provide the token to the dashboard pod
  that it needs to talk to the apiserver. This will also improve other
  pods that require service accounts.
* Add routes to the master so it can communicate with the pods, so
  hitting the https://MASTER/ui URL will allow it to contact the
  pods.
* Add an extra subject for the cluster IP to the apiserver, so when
  the dashboard communicates with the apiserver, the certificate
  matches the IP address it's using.
2016-04-27 13:30:21 -07:00
CJ Cullen
3253739505 Use ABAC authz instead of AllowAll. 2016-04-27 11:38:15 -07:00
k8s-merge-robot
4d5f6872bb Merge pull request #24609 from andyzheng0831/debug
Automatic merge from submit-queue

Trusty: Add debug supports for docker and kubelet

This PR adds debug support in two aspects: (1) For a test cluster, docker command will have "--debug" flag. Recently we noticed that this is very helpful in debug e2e test failures; (2) The kubelet command line will be put in /etc/default/kubelet. If a developer wants to test kubelet flags without recreating a cluster, she/he only needs to revise this file and then run "initctl restart kubelet". In addition, this PR fixes a couple of small things like comments and alignment.

Test result:
(1) Manually verified changing /etc/default/kubelet and run "initctl restart kubelet";
(2) Verified docker command line flag "--debug";
(3) e2e on pure trusty cluster and hybrid cluster all passed.

@roberthbailey @dchen1107 @zmerlynn please review it.

cc/ @yujuhong @fabioy @wonderfly FYI.
2016-04-27 10:26:01 -07:00
k8s-merge-robot
fa3c49b86c Merge pull request #24337 from pditommaso/patch-1
Automatic merge from submit-queue

Allow KUBE_ROOT to be defined externally
2016-04-27 01:02:05 -07:00
k8s-merge-robot
3fa84134cd Merge pull request #24124 from vmware/photon-controller
Automatic merge from submit-queue

Initial kube-up support for VMware's Photon Controller

This is for: https://github.com/kubernetes/kubernetes/issues/24121

Photon Controller is an open-source cloud management platform. More
information is available at:
http://vmware.github.io/photon-controller/

This commit provides initial support for Photon Controller. The
following features are tested and working:
- kube-up and kube-down
- Basic pod and service management
- Networking within the Kubernetes cluster
- UI and DNS addons

It has been tested with a Kubernetes cluster of up to 10
nodes. Further work on scaling is planned for the near future.

Internally we have implemented continuous integration testing and will
run it multiple times per day against the Kubernetes master branch
once this is integrated so we can quickly react to problems.

A few things have not yet been implemented, but are planned:
- Support for kube-push
- Support for test-build-release, test-setup, test-teardown

Assuming this is accepted for inclusion, we will write documentation
for the kubernetes.io site.

We have included a script to help users configure Photon Controller
for use with Kubernetes. While not required, it will help some
users get started more quickly. It will be documented.

We are aware of the kube-deploy efforts and will track them and
support them as appropriate.
2016-04-27 01:02:03 -07:00
Johannes Scheuermann
f23380fe84 Add empty string to sed 2016-04-27 08:54:13 +02:00
Jeff Grafton
5487a3f8f6 Fix detect-node-names to not error out if there are no nodes 2016-04-26 17:48:25 -07:00
k8s-merge-robot
773bb777f4 Merge pull request #24749 from andyzheng0831/enhance
Automatic merge from submit-queue

Trusty: Add retry in curl commands

This fix is for improving robustness in fetch critical metadata files when the metadata server is temporarily unreachable.

@roberthbailey @zmerlynn @dchen1107 please review it.

cc/ @fabioy @wonderfly FYI.
2016-04-26 13:00:21 -07:00
Johannes Scheuermann
e13a2c1d5b Update Docker version after cockpit installation 2016-04-26 15:30:54 +02:00
k8s-merge-robot
1cd93cb1d6 Merge pull request #23250 from huggsboson/patch-1
Automatic merge from submit-queue

Use kube-system namespace

Fixes #23153.

Sadly, kube-system isn't automatically created, so people need to make
sure to create it in their turnup scripts.  Also after creating
kube-system it can take 10+ seconds for master and proxy to show up.

I tested the equivalent of these changes locally, but not these changes
themselves as I don't have a dev/build env up, so please read carefully
and maybe try them out!
2016-04-25 20:23:36 -07:00
Alain Roy
fa9d79df75 Initial kube-up support for VMware's Photon Controller
This is for: https://github.com/kubernetes/kubernetes/issues/24121

Photon Controller is an open-source cloud management platform. More
information is available at:
http://vmware.github.io/photon-controller/

This commit provides initial support for Photon Controller. The
following features are tested and working:
- kube-up and kube-down
- Basic pod and service management
- Networking within the Kubernetes cluster
- UI and DNS addons

It has been tested with a Kubernetes cluster of up to 10
nodes. Further work on scaling is planned for the near future.

Internally we have implemented continuous integration testing and will
run it multiple times per day against the Kubernetes master branch
once this is integrated so we can quickly react to problems.

A few things have not yet been implemented, but are planned:
- Support for kube-push
- Support for test-build-release, test-setup, test-teardown

Assuming this is accepted for inclusion, we will write documentation
for the kubernetes.io site.

We have included a script to help users configure Photon Controller
for use with Kubernetes. While not required, it will help some
users get started more quickly. It will be documented.

We are aware of the kube-deploy efforts and will track them and
support them as appropriate.
2016-04-25 13:24:16 -07:00
Andy Zheng
72f3cb664f Trusty: Add retry in curl commands 2016-04-25 12:59:30 -07:00
Jeff Grafton
b69b94103c Make detect-node-names less brittle for G{C,K}E 2016-04-25 12:10:25 -07:00
Danka Niedziałkowska
39eb2308a4 Mount local ssds 2016-04-22 15:39:34 -07:00
Tim Hockin
7e0f66bd0e Add retries to validate-cluster
E2e shows occasional kubectl failures here, so add some retries.  We may want
to make this more general, but I think we should try it out in small scope
first.

Also clean up the retry loop so it doesn't process errors as successful runs
(discovered in testing).

Also simplify a bit of go template syntax.

Testing: I made kubectl randomly fail 50% of the time ($RANDOM%2 ==0) and
iterated until this gave me more helpful results.  Still not perfect, but
better.
2016-04-22 09:54:51 -07:00
k8s-merge-robot
19a106f61e Merge pull request #24274 from euank/configurable-release-bucket
Automatic merge from submit-queue

jenkins: Allow configuration of release bucket

This allows others to leverage the existing E2E code to test some
patched kube binary by simply overriding the bucket and reusing many of
the existing scripts
2016-04-21 23:09:05 -07:00
k8s-merge-robot
8c24c68315 Merge pull request #24324 from zjmchn/fix-vagrant-halt-up-issue
Automatic merge from submit-queue

fix ./cluster/kube-up.sh failed after vagrant halt. (issue #18990)
2016-04-21 15:00:04 -07:00
Parham Negahdar
3575ab0736 Allow KUBE_DNS_SERVER_IP and DNS_DOMAIN to be configurable in GCE deploy 2016-04-21 16:13:07 -04:00
Andy Zheng
b8fd9e1a8d Trusty: Add debug supports for docker and kubelet 2016-04-21 09:49:52 -07:00
Prashanth Balasubramanian
b066cb5357 Templatize l7 rc 2016-04-20 16:15:22 -07:00
k8s-merge-robot
70bfe6aeea Merge pull request #24531 from andyzheng0831/manifest
Automatic merge from submit-queue

Trusty: Handle the new var in kube-proxy manifest

This is to capture the kube-proxy manifest change in PR #24429.

@roberthbailey @fabioy @zmerlynn please review this change and mark it as cherry pick candidate. We need to catch up 1.2.3 release.

cc/ @dchen1107 @wonderfly @cjcullen FYI.

I have verified this fix. Without this fix, kube-proxy pod in Trusty nodes cannot be started correctly, i.e., the command line has an unhadled variable. And some other kube-system pods do not work correctly as kube-proxy is not working well. After applying this fix, kube-proxy can be started correctly, and all kube-system pods run successfully.
2016-04-20 10:48:39 -07:00
k8s-merge-robot
2be704f9ad Merge pull request #24465 from aknuds1/glbc
Automatic merge from submit-queue

Fix GLBC cluster addon README link

Fix the link to L7 load balancer controller in GLBC cluster addon README.

Fixed #24462.
2016-04-20 09:57:22 -07:00
Mike Danese
e095f8c377 don't source the kube-env in addon-manager 2016-04-20 09:44:44 -07:00
Prashanth Balasubramanian
2ec06f8d4a Generate a kube_uuid salt pillar. 2016-04-20 09:29:27 -07:00
Andy Zheng
7772b7f1ce Trusty: Handle the new var in kube-proxy manifest 2016-04-20 08:27:41 -07:00
k8s-merge-robot
b274911e0e Merge pull request #23829 from derekwaynecarr/fix_admission_order
Automatic merge from submit-queue

ResourceQuota should be last admission controller

For background, see documentation:

http://kubernetes.io/docs/admin/admission-controllers/#resourcequota
2016-04-20 04:58:04 -07:00
k8s-merge-robot
035e365de7 Merge pull request #24245 from autostatic/master
Automatic merge from submit-queue

Added check for noexec mount of /tmp on master

Signed CLA.
2016-04-20 03:49:39 -07:00
k8s-merge-robot
327d32dcad Merge pull request #24437 from yujuhong/influxdb_hostport
Automatic merge from submit-queue

Remove host port in influxdb-grafana-controller.yaml
2016-04-19 23:48:09 -07:00
CJ Cullen
760568796f Masquerade traffic from off-cluster going through kube-proxy. 2016-04-19 21:39:34 -07:00
Paolo Di Tommaso
b4704c9a32 Update kubectl.sh 2016-04-19 13:47:05 +02:00
Arve Knudsen
425111e02d Fix README link 2016-04-19 12:35:53 +02:00
Yu-Ju Hong
e97eb4dc6a Remove host port in influxdb-grafana-controller.yaml
There is no valid reason to keep the host ports in the pod spec.
2016-04-18 16:29:58 -07:00
k8s-merge-robot
26c99fee00 Merge pull request #24112 from cjcullen/rmcomments
Automatic merge from submit-queue

Strip comments from configure-vm.sh for gce

We are getting very close to the 32KiB limit on GCE metadata entry length. We used to strip comments before putting the value in metadata, but I think we removed it in a refactor because it wasn't absolutely necessary, and leaving it out made the scripts slightly cleaner. It's close to being necessary again.

Removing comments reduces the size from 31,609B to 27,221B: https://www.diffchecker.com/0xmmecvw.
2016-04-18 00:43:36 -07:00
k8s-merge-robot
1b74e7bfc9 Merge pull request #23994 from mml/docker-supervisor-logs
Automatic merge from submit-queue

Also collect docker supervisor logs.
2016-04-17 13:46:36 -07:00
k8s-merge-robot
273b01dceb Merge pull request #23975 from zhouhaibing089/kubectl-fix
Automatic merge from submit-queue

add HOME env variable for kube-addons service

Fix https://github.com/kubernetes/kubernetes/issues/23973.

Briefly, systemd service does not know the `HOME` environment variable which causes the kubectl write schema file into `/.kube` while it is expected to be `/root/.kube`.
2016-04-17 13:12:53 -07:00
k8s-merge-robot
031c1ea398 Merge pull request #24218 from jimmyjones2/hyperkube-container-behind-proxy
Automatic merge from submit-queue

Add easy-rsa to hyperkube container

Otherwise gets downloaded a runtime, which kind of breaks the container model.

See [comment](https://github.com/kubernetes/kubernetes/issues/20514#issuecomment-195835786) in #20514 - this causes dockerized install of k8s to fail if you're behind a proxy. make-ca-cert.sh already looks for a local copy of easy-rsa.tar.gz before downloading it, so this drops the tarball in the expected place in the container.
2016-04-17 06:32:37 -07:00
k8s-merge-robot
d40bf503ed Merge pull request #24256 from porridge/fix-newlines
Automatic merge from submit-queue

Fix spacing in usage_from_stdin and info_from_stdin (issue #24186).

If "a" is a bash array, then the syntax to append the contents of $line as a
new element to the array is a+=("$line"), not messages+=$line

Using the former syntax just seems to append to the first element, creating a
long string and thus losing newline information.

Fixing this allows us to drop some empty lines from invocations of
usage_from_stdin.
2016-04-16 07:31:12 -07:00
k8s-merge-robot
7e2b795a36 Merge pull request #24293 from mikedanese/componentlabels
Automatic merge from submit-queue

add labels to kube component static pods

```
$ k --namespace=kube-system get po -l 'tier in (control-plane)' 
NAME                                 READY     STATUS    RESTARTS   AGE
kube-apiserver-k-7-master            1/1       Running   2          1m
kube-controller-manager-k-7-master   1/1       Running   1          1m
kube-scheduler-k-7-master            1/1       Running   0          54s
$ k --namespace=kube-system get po -l 'tier in (node)'         
NAME                         READY     STATUS    RESTARTS   AGE
kube-proxy-k-7-minion-eheu   1/1       Running   0          1m
kube-proxy-k-7-minion-mwo9   1/1       Running   0          1m
kube-proxy-k-7-minion-xw6m   1/1       Running   0          1m
```
cc @bgrant0607 @thockin @gmarek 

Fixes #21267
2016-04-16 03:11:32 -07:00
k8s-merge-robot
5f999438d8 Merge pull request #24045 from rootfs/e2e-misc
Automatic merge from submit-queue

add config-test.sh to cluster/centos so we can run e2e test on centos/fedora/rhel

so I can run e2e test on centos locally using the following command
```console
KUBERNETES_PROVIDER=centos KUBERNETES_CONFORMANCE_TEST=y ./cluster/test-e2e.sh
```
2016-04-16 00:00:26 -07:00
Jimmy Jones
0521ebad41 Include easy-rsa in container to avoid it being downloaded at runtime 2016-04-15 21:36:54 +01:00
Paolo Di Tommaso
19f3500c9a Allow KUBE_ROOT to be defined externally 2016-04-15 18:34:09 +02:00
Jian Ming Zhang
8326036386 fix ./cluster/kube-up.sh failed after vagrant halt. (issue #18990)
Signed-off-by: Jian Ming Zhang <zhangjm@cn.ibm.com>
2016-04-15 17:27:24 +08:00
k8s-merge-robot
16e2e87a89 Merge pull request #23605 from mikedanese/pause-kube
Automatic merge from submit-queue

don't ship kube-registry-proxy and pause images in tars.

pause is built into containervm. if it's not on the machine we should just pull
it. nobody that I'm aware of uses kube-registry-proxy and it makes build/deployment
more complicated and slower.
2016-04-15 00:26:20 -07:00
Mike Danese
6d24ca487a add labels to kube component static pods 2016-04-14 19:13:18 -07:00
Daniel Smith
7e666e0865 Merge pull request #24213 from mikedanese/max-time
add a timeout for a single retry in download-or-bust
2016-04-14 16:53:51 -07:00
Daniel Smith
4389aa1364 Merge pull request #23931 from luxas/build_for_arm64
Build Kubernetes, etcd and flannel for arm64 and ppc64le
2016-04-14 15:10:37 -07:00
Euan Kemp
9f9c54cdd2 jenkins: Allow configuration of release bucket
This allows others to leverage the existing E2E code to test some
patched kube binary by simply overriding the bucket and reusing many of
the existing scripts
2016-04-14 12:26:43 -07:00
Marcin Owsiany
9ce855269e Fix spacing in usage_from_stdin and info_from_stdin (issue #24186).
If "a" is a bash array, then the syntax to append the contents of $line as a
new element to the array is a+=("$line"), not messages+=$line

Using the former syntax just seems to append to the first element, creating a
long string and thus losing newline information.

Fixing this allows us to drop some empty lines from invocations of
usage_from_stdin.
2016-04-14 18:19:02 +02:00
k8s-merge-robot
1186f4bf85 Merge pull request #24177 from a-robinson/gke
Automatic merge from submit-queue

Fix GKE kube-up to correctly find an IGM from a multi-zone cluster

I've confirmed that this successfully brings up a cluster, fixing the immediate issue with the new e2e test. Sorry about not properly vetting it in the original PR (#24075).

This does cause a warning message to be printed based on the handling of the NUM_NODES variable though, which I could fix if you guys think it's worth it:
```
Detected 6 ready nodes, found 6 nodes out of expected 3. Found more nodes than expected, your cluster may not behave correctly.
```

@quinton-hoole
2016-04-14 06:34:12 -07:00
k8s-merge-robot
7daa26e51d Merge pull request #24162 from jlowdermilk/fix-log-dump
Automatic merge from submit-queue

Fix log dump for new gcloud

`gcloud compute instance-groups managed list-instances` at CI has self-link for instance instead of just name. Fixes #24120
2016-04-14 03:47:27 -07:00
Jeremy Jongepier
a3e0d90a50 Added check for noexec mount of /tmp on master 2016-04-14 10:59:12 +02:00
Lucas Käldström
4559a84d3b Build Kubernetes, etcd and flannel for arm64 and ppc64le 2016-04-14 07:29:10 +03:00
k8s-merge-robot
a12cec52e5 Merge pull request #24172 from andyzheng0831/fix
Automatic merge from submit-queue

Trusty: Fixes for running GKE master

This PR includes two fixes for running GKE master on our image: 
(1) The kubelet command line assembly had a missing part for cbr0. We did not catch it because the code path is not covered by OSS k8s tests;

(2) Remove the "" from the variables in the cert files. It causes a parsing issue in GKE. Again, this code path is not covered by k8s tests.

This PR also refactors the code for assembling kubelet flag. I move all logic into a single function assemble_kubelet_flags in configure-helper.sh for better readability and also simplify node.yaml and master.yaml. 

@roberthbailey @dchen1107 please review it, and mark it as cherrypick-candidate. This PR is verified by @maisem. Together with his CL for GKE, we can run GKE cluster with master on our image and nodes on ContainerVM.

cc/ @maisem @fabioy @wonderfly FYI
2016-04-13 20:04:15 -07:00
Daniel Smith
4983a8fd55 Merge pull request #24144 from andyzheng0831/enhance
Trusty: Avoid unnecessary in-memory temp files
2016-04-13 14:18:38 -07:00
Mike Danese
8e8c55a323 add a timeout for a single retry in download-or-bust
This only applies to gce kube-up. 60 seconds of open connection should
be sufficient for anything that we should be downloading. The release
tar is currently 255M.
2016-04-13 12:24:11 -07:00
k8s-merge-robot
af1e1c3ce6 Merge pull request #23992 from mml/docker-checker
Automatic merge from submit-queue

Rewrite docker-checker.sh to make it less kill-happy.
2016-04-13 10:10:25 -07:00
Huamin Chen
5462a5bdce add config-test.sh to cluster/centos so we can run e2e test on centos(fedora/rhel)
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-04-13 13:36:37 +00:00
Alex Robinson
b30c4d4975 Fix GKE kube-up to correctly find an IGM from a multi-zone cluster. 2016-04-12 20:21:13 -07:00
Andy Zheng
b5a1595c98 Trusty: Fix master kubelet command assembly 2016-04-12 15:53:16 -07:00
Jeff Lowdermilk
f8c135dc1f Fix log dump for new gcloud 2016-04-12 14:40:13 -07:00
derekwaynecarr
e3d58499db ResourceQuota should be last admission controller 2016-04-12 13:40:52 -04:00
k8s-merge-robot
6ff05bb9e1 Merge pull request #23827 from derekwaynecarr/remove_sc_deny_vagrant
Automatic merge from submit-queue

Remove SecurityContextDeny from vagrant setup

This should not be needed in the vagrant setup.
2016-04-12 10:23:35 -07:00
Alex Robinson
80a75ff76c Merge pull request #24075 from a-robinson/multizone
Add an e2e test suite for multi-zone GKE clusters.
2016-04-12 09:31:24 -07:00
Matt Liggett
e6af5ee296 Rewrite docker-checker.sh to make it less kill-happy.
Also a little more organized and easier to re-use.
Should minimize the incidence of #23461.
2016-04-11 16:57:29 -07:00
Andy Zheng
988f16a1e2 Trusty: Avoid unnecessary in-memory temp files 2016-04-11 15:55:01 -07:00
CJ Cullen
5a785698aa Strip comments from configure-vm.sh for gce 2016-04-11 15:13:02 -07:00
k8s-merge-robot
78dc9c7716 Merge pull request #19376 from luxas/dns_cross_platform
Automatic merge from submit-queue

Make kube2sky and skydns docker images cross-platform

ARM tracking issue: #17981
Continues on: #19216

Make it possible to create `kube2sky` and `skydns` docker images for ARM and other architectures too
Build in a container, so `golang` isn't a dependency
I've preserved the original default behaviour:
 - `skydns`: It just compiles with go on host
 - `kube2sky`: Build an image

@brendandburns @dchen1107 @ArtfulCoder @thockin @fgrzadkowski
2016-04-11 05:47:10 -07:00
Lucas Käldström
1c8140c2ac Make kube2sky and skydns docker images cross-platform: amd64, arm, arm64 and ppc64le 2016-04-11 07:31:59 +03:00
Jeff Lowdermilk
347158e520 Merge pull request #23680 from rosskukulinski/master
Add KUBERNETES_RELEASE option to get-kube.sh
2016-04-08 20:53:47 -07:00
Alex Robinson
e686ba978f Add an e2e test suite for multi-zone GKE clusters. 2016-04-09 00:14:44 +00:00
Jeff Lowdermilk
e17213a2a8 Merge pull request #23491 from onorua/master
set KillMode for kubelet to process, fix for #13511
2016-04-08 16:39:32 -07:00
Jeff Lowdermilk
7720a16bcf Merge pull request #23893 from mbhinder/kubernetes
Fixed typo: kuberntes -> kubernetes
2016-04-08 12:47:36 -07:00
Jeff Lowdermilk
d8f42f848d Merge pull request #23996 from andyzheng0831/fix
Trusty: Do not create the docker-daemon cgroup
2016-04-08 12:45:16 -07:00
Jeff Lowdermilk
601262af0d Merge pull request #24058 from jlowdermilk/fix-list-resources
Fix list-resources grep
2016-04-08 12:41:40 -07:00
Jeff Lowdermilk
650d99fbd9 Fix list-resources grep 2016-04-08 12:19:24 -07:00
Jeff Lowdermilk
ca5b764210 Merge pull request #23876 from mikedanese/stop-to-delete
use kubectl delete in kube-addon-manager instead of stop
2016-04-08 09:30:56 -07:00
Andy Zheng
b1e18f3ca0 Trusty: Do not create the docker-daemon cgroup 2016-04-07 13:43:26 -07:00
Matt Liggett
61ca21c4d7 Also collect docker supervisor logs.
This helps with understanding what the docker-checker.sh really did
during the test run.
2016-04-07 13:05:11 -07:00
zhouhaibing089
db347beb3f add HOME env variable for kube-addons service 2016-04-07 15:39:22 +08:00
Minhan Xia
f690220b5c Merge pull request #23704 from freehan/kubenet
Update cni binary

#23712 is depending on this. Not sure why this one gets in first. Hand merging this
2016-04-06 15:47:42 -07:00
Preet Bhinder
d178d78013 Fixed typo: kuberntes -> kubernetes
"Kubernetes" was misspelled in a couple of places.
2016-04-05 16:20:08 -07:00
k8s-merge-robot
4f329516ae Merge pull request #22149 from luxas/onedotsix
Automatic merge from submit-queue

Up to golang 1.6

A second attempt to upgrade go version above `go1.4`
Merge ASAP after you've cut the `release-1.2` branch and feel ready.
`go1.6` should perform slightly better than `go1.5`, so this time it might work
@gmarek @wojtek-t @zmerlynn @mikedanese @brendandburns @ixdy @thockin
2016-04-05 13:26:18 -07:00
Mike Danese
7b8dbf4876 use kubectl delete in kube-addon-manager instead of stop
stop has been deprecated for about a year
2016-04-05 09:31:45 -07:00
Mike Danese
32426d6e97 don't ship kube-registry-proxy and pause in tars.
pause is built into containervm. if it's not on the machine we should just pull
it. nobody that I'm aware of uses kube-registry-proxy and it makes build/deployment
more complicated and slower.
2016-04-05 07:32:07 -07:00
k8s-merge-robot
b8d000853e Merge pull request #21617 from luxas/hyperkube_for_arm
Automatic merge from submit-queue

Cross-build hyperkube and debian-iptables for ARM. Also add a flannel image

We have to be able to build complex docker images too on `amd64` hosts.
Right now we can't build Dockerfiles with `RUN` commands when building for other architectures e.g. ARM.

Resin has a tutorial about this here: https://resin.io/blog/building-arm-containers-on-any-x86-machine-even-dockerhub/
But it's a bit clumsy syntax.

The other alternative would be running this command in a Makefile:
```
# This registers in the kernel that ARM binaries should be run by /usr/bin/qemu-{ARCH}-static
docker run --rm --privileged multiarch/qemu-user-static:register --reset
```
and 
```
ADD https://github.com/multiarch/qemu-user-static/releases/download/v2.5.0/x86_64_qemu-arm-static.tar.xz /usr/bin
```
Then the kernel will be able to differ ARM binaries from amd64. When it finds a ARM binary, it will invoke `/usr/bin/qemu-arm-static` first and lets `qemu` translate the ARM syscalls to amd64 ones.
Some code here: https://github.com/multiarch

WDYT is the best approach? If registering `binfmt_misc` in the kernels of the machines is OK, then I think we should go with that.
Otherwise, we'll have to wait for resin's patch to be merged into mainline qemu before we may use the code I have here now.

@fgrzadkowski @david-mcmahon @brendandburns @zmerlynn @ixdy @ihmccreery @thockin
2016-04-04 22:03:32 -07:00
k8s-merge-robot
ce988c8d75 Merge pull request #23817 from matjohn2/pr_cni_vagrant
Automatic merge from submit-queue

support NETWORK_PROVIDER=cni for KUBERNETES_PROVIDER=vagrant

While trying to develop CNI plugins for K8's, I found the docs referenced the support of --network-plugin=cni for kubelet, but this wasn't surfaced up via salt to support env NETWORK_PROVIDER=cni before a kube-up deployment.

This PR is my attempt at adding CNI support to the kube-up happy path, following a lot of similar work for NETWORK_PROVIDER=kubenet which already exists.

Also, I've added the ability to consume CNI plugin's (binaries) and configuration files from the local cluster/network-plugins directory into the necessary locations as referenced here for CNI:
http://kubernetes.io/docs/admin/network-plugins 
This allows a local developer to easily work on CNI plugin development while following the existing kube-up.sh docs and process.

In general, i've struggled to find any authoritative information or answers to my questions in slack regarding CNI progress / correct integration, so comments encouraged here!
2016-04-04 14:30:22 -07:00
k8s-merge-robot
6173c43c80 Merge pull request #23724 from maciaszczykm/dashboard-release-v1.0.1
Automatic merge from submit-queue

Update Dashboard UI addon to v1.0.1

Release details:
https://github.com/kubernetes/dashboard/releases/tag/v1.0.1

CC @bryk
2016-04-04 14:30:20 -07:00
Lucas Käldström
560268e036 Add a flannel image for arm and amd64. Cross-build debian-iptables for arm, arm64 and ppc64le. Build and push hyperkube for arm on every release 2016-04-04 23:33:32 +03:00
derekwaynecarr
9e0ebc2773 Remove SecurityContextDeny from vagrant setup 2016-04-04 14:43:21 -04:00
Matt Johnson
ce220836c3 Allow for local CNI binaries and configuration files with KUBERNETES_PROVIDER=vagrant.
Files are taken from cluster/network-plugins/{bin,conf} to be consumed within a vagrant kube-up.sh environment.
Paths used for configuration files and the 'cni' name of the network provider are all from the kubernetes documentation, but the actual implementation in the salt automation doesn't seem to exist.
2016-04-04 14:38:00 +01:00
Matt Johnson
46e6df655f Support use of NETWORK_PROVIDER=cni with KUBERNETES_PROVIDER=vagrant for a kube-up.
Use of NETWORK_PROVIDER=cni is documented as useable (as well as it's affects on the runtime args of kubelet),
however the actual implimentation in the salt automation doesnt seem to exist.
this change attempts to fix that for the vagrant usecase.
2016-04-04 14:37:48 +01:00
Marcin Maciaszczyk
7250028484 Update Dashboard UI addon to v1.0.1
Release details:
https://github.com/kubernetes/dashboard/releases/tag/v1.0.1
2016-04-04 09:13:31 +02:00
k8s-merge-robot
5be819b607 Merge pull request #23612 from mikedanese/addon-fix
Automatic merge from submit-queue

use apply instead of create to setup namespaces and tokens in addon manager

when the addon manager restarts, it takes ~15 minutes (1000 seconds) to start the sync loop because it retries creation of namespace and tokens 100 times. Create fails if the tokens already exist. Just use apply.
2016-04-03 05:50:12 -07:00
k8s-merge-robot
47bcf37198 Merge pull request #23045 from justinsb/aws_bump_image_20160316
Automatic merge from submit-queue

AWS kube-up: Bump jessie image
2016-04-03 03:47:34 -07:00
k8s-merge-robot
b448825211 Merge pull request #23603 from mikedanese/dont-create-secret-for-dns
Automatic merge from submit-queue

stop creating secrets for dns, it uses the kube-system service account now
2016-04-02 17:20:52 -07:00
k8s-merge-robot
372c1647b8 Merge pull request #23440 from mbruzek/juju-kube-up
Automatic merge from submit-queue

Juju kube up

I found some problems with the kube-up script that this pull request addresses. We didn't have the kubectl binary in the correct location. 

Just changing where we download the package from the master, and fixing the kube-down.sh script to remove those files.
2016-04-02 08:19:26 -07:00
Andrew Johnstone
06c04d17ce #23784 - check elb vpc key exists 2016-04-02 11:03:26 +01:00
Justin Santa Barbara
f43f398cad AWS kube-up: Allow BLOCK_DEVICE_MAPPINGS_BASE to be empty
We rename it to EPHEMERAL_BLOCK_DEVICE_MAPPINGS, and we also change the value
so that it starts with a `,`, instead of always inserting a comma before it.
In this way the value can be empty.

Also, if the user sets the (currently experimental) KUBE_AWS_STORAGE
environment variable to be "ebs", then we will not mount any instance storage
which will cause the machines to use EBS storage instead.
2016-04-01 22:27:28 -04:00
Justin Santa Barbara
1c3f706383 AWS: Don't error if there are no ephemeral disks
format-disks used to run with non-strict bash semantics, but this changed in
1.2 as we now merge it into the GCE script, so pipefail and errexit are both
set.

However, the way we list the ephemeral disks, by piping to grep, would cause an
exit code of 2 if there were no ephemeral disks.

Tolerate failure here by add `|| true`.  The metadata service call is unlikely
to fail, so we continue to ignore that possibility.
2016-04-01 22:27:20 -04:00
Justin Santa Barbara
d54a7f03c6 AWS kube-up: default some variables to empty, to avoid warnings
The warnings printed were harmless, but they are not obviously so.
2016-04-01 22:26:51 -04:00
k8s-merge-robot
1521aa8a86 Merge pull request #23550 from luxas/fix_hyperkube_certs
Automatic merge from submit-queue

Fix so setup-files don't recreate/invalidate certificates that already exist

Fixes: #23197 and a lot of other DNS and dashboard issues

This is quite critical for `docker`-based users and should be considered as a **cherrypick-candidate** as it makes a lot of people wonder why Dashboard and/or DNS doesn't work. Example: https://github.com/kubernetes/dashboard/issues/374

Earlier when you shut your `docker.md` cluster down and started it again, all ServiceAccounts became invalidated by `setup-files` that happily ran once again and replaced all files. That made `apiserver` and `controller-manager` pick up the new certs (or there was a race condition, they _could_ have picked up the old certs too, but that's unlikely) and the old certs were put into `/var/run/secrets` because the ServiceAccount's Secrets were stored in etcd, which `setup-files` didn't touch.

@fgrzadkowski @huggsboson @thockin @mikedanese @vishh @pwittrock @eparis @bgrant0607
2016-04-01 14:47:17 -07:00
Lucas Käldström
858b9539d5 Fix so setup-files don't recreate/invalidate certificates that already exist 2016-04-01 21:23:58 +03:00
Matt Bruzek
64d849e4bb Unzipping the kubectl package to platforms so the validation script can find kubectl. 2016-04-01 13:19:17 -05:00
k8s-merge-robot
c6e995a824 Merge pull request #23558 from andyzheng0831/enhance
Automatic merge from submit-queue

Trusty: Regional release .tar.gz support

@zmerlynn and @roberthbailey please review it. This change is to support the feature added in PR #22234. The entire logic is pretty much the same as in #22234, with only few minor changes in implementation.

I had manually run e2e tests with "export RELEASE_REGION_FALLBACK=true" on two clusters: (1) Trusty on master nodes on ContainerVM; (2) Master and nodes all on trusty. All tests are green. I don't figure out a way to simulate regional fallback. But I did test the function download_or_bust() out-of-box.

cc/ @wonderfly @dchen1107 @fabioy FYI.
2016-04-01 03:39:08 -07:00
Alex Robinson
7135754f93 Merge pull request #23504 from mml/mb
Stop swallowing stdout and stderr when we check for the staging bucket.
2016-03-31 14:39:46 -07:00
huggsboson
99c79d1ccf Fixes #23153.
Sadly, kube-system isn't automatically created, so people need to make
sure to create it in their turnup scripts.  Also after creating
kube-system it can take 10+ seconds for master and proxy to show up.

I tested the equivalent of these changes locally, but not these changes
themselves as I don't have a dev/build env up, so please read carefully
and maybe try them out!

Use kubectl create ns
2016-03-31 14:07:31 -07:00
Minhan Xia
d026d7ecbc Update cni binary 2016-03-31 13:57:51 -07:00
Alex Robinson
b60ef6f0dd Merge pull request #23593 from dchen1107/docker
Remove unnecessary override of /etc/init.d/docker on containervm image.
2016-03-31 13:31:52 -07:00
Alex Robinson
d41d50547d Merge pull request #23662 from ArtfulCoder/dockerscript
make docker-checker more robust
2016-03-31 10:53:39 -07:00
Abhishek Shah
736c02c7a0 make docker-checker more robust 2016-03-31 10:07:37 -07:00
Ross Kukulinski
0cf0bb00cd Add KUBERNETES_RELEASE option to get-kube.sh 2016-03-31 12:41:55 -04:00
CJ Cullen
26a6c66de5 Change kube-proxy & fluentd CPU request to 20m/80m. 2016-03-30 18:14:24 -07:00
Roman Dembitsky
2117c068bb added vagrant vsphere support
updated vsphere-dummy box for the vagrant vsphere using vagrant vsphere plugin

added solution for cases when the NETWORK_IF_NAME was left empty
2016-03-30 22:55:08 +03:00
k8s-merge-robot
be8ce6c385 Merge pull request #23353 from spiffxp/conformance-docs
Automatic merge from submit-queue

Update conformance test policy

Addresses #14913

/cc @kubernetes/sig-testing
2016-03-30 06:21:13 -07:00
k8s-merge-robot
c327879771 Merge pull request #23512 from Q-Lee/nanny-fix
Automatic merge from submit-queue

Create a new Deployment in kube-system for every version.

It appears that version numbers have already been properly added to these files. Small change to delete an old deployment entirely, so we can make a new one per version (like replication controllers).

We'll want to change this back once the kube-addons support deployments in a later version.
2016-03-29 20:59:46 -07:00
Mike Danese
ffa8bbde72 use apply instead of create to setup namespaces and tokens in addon manager 2016-03-29 16:41:53 -07:00
Mike Danese
0a821a473d stop create secrets for dns, it uses the kube-system service account now 2016-03-29 14:27:28 -07:00
Quintin Lee
0dcd49d584 Create a new Deployment in kube-system for every version. 2016-03-29 13:26:36 -07:00
Dawn Chen
c5ac60f584 Remove unnecessary override of /etc/init.d/docker on containervm image. 2016-03-29 12:35:13 -07:00
Andy Zheng
a83f11c484 Trusty: Regional release .tar.gz support 2016-03-28 15:21:14 -07:00
k8s-merge-robot
299de8e53c Merge pull request #23434 from andyzheng0831/kube-addon
Auto commit by PR queue bot
2016-03-27 21:48:47 -07:00
Lucas Käldström
2928d0a8ec Up to golang 1.6 2016-03-27 17:17:04 +03:00
k8s-merge-robot
3ec9f1e0a1 Merge pull request #23312 from mikedanese/static-routes-salt
Auto commit by PR queue bot
2016-03-26 12:29:40 -07:00
k8s-merge-robot
23fc7905c1 Merge pull request #23466 from andyzheng0831/fix
Auto commit by PR queue bot
2016-03-26 04:01:49 -07:00
Matt Liggett
300855c5bb Stop swallowing stdout and stderr when we check for the staging bucket.
Should help debug #23461
2016-03-25 15:01:21 -07:00
Andy Zheng
364ac85179 Support differentiation of OS distro in e2e tests 2016-03-25 14:53:36 -07:00
Yaroslav Molocko
0bfc496496 fix for https://github.com/kubernetes/kubernetes/issues/13511 2016-03-25 22:29:09 +08:00
k8s-merge-robot
3c58510826 Merge pull request #23316 from mikedanese/cadvisor-salt
Auto commit by PR queue bot
2016-03-25 06:17:16 -07:00
k8s-merge-robot
9b768e270f Merge pull request #23407 from jimmyjones2/patch-1
Auto commit by PR queue bot
2016-03-25 03:48:26 -07:00
Piotr Szczesniak
bf78d3a54b Bumped Heapster to v1.1.0-beta1 2016-03-25 10:43:32 +01:00
k8s-merge-robot
4e4ad61260 Merge pull request #23366 from goltermann/vet
Auto commit by PR queue bot
2016-03-24 21:50:56 -07:00
Mike Danese
be5b669b45 remove cadvisor salt
We have been removing cadviosr.manifest for over a year to cleanup
the old deployment style. I think we are ok at this point.
2016-03-24 11:55:29 -07:00
Andy Zheng
bfd68b35d8 Trusty: Update heapster manifest handling code 2016-03-24 09:22:30 -07:00
k8s-merge-robot
f8bb10b479 Merge pull request #22818 from andyzheng0831/enhance
Auto commit by PR queue bot
2016-03-23 16:19:31 -07:00
Jimmy Jones
b26f5016b2 Add git to hypekube image
Fixes #15855 - when using a docker multinode setup, this makes gitRepo volumes work
2016-03-23 23:00:01 +00:00
k8s-merge-robot
69b3cb36a6 Merge pull request #22726 from chuckbutler/juju-import-layers
Auto commit by PR queue bot
2016-03-23 14:26:42 -07:00
Charles Butler
cc1fb15ef7 Updating documentation link to point to k8s.io/docs/ 2016-03-23 12:26:37 -04:00
Charles Butler
54050dbaef Fetch the guestbook action from master for now 2016-03-23 12:22:39 -04:00
Charles Butler
b014c0d6b7 Move to the ~containers namespace etcd 2016-03-23 12:22:10 -04:00
Charles Butler
dafc78b489 Removing the duplicated guestbook example files 2016-03-23 12:21:01 -04:00
k8s-merge-robot
53c542606d Merge pull request #23126 from rata/api-version-deprecated
Auto commit by PR queue bot
2016-03-23 04:53:02 -07:00
k8s-merge-robot
cba5efd7de Merge pull request #23311 from mikedanese/nginx-salt
Auto commit by PR queue bot
2016-03-23 04:14:17 -07:00
k8s-merge-robot
76369c42be Merge pull request #22939 from resouer/util-sub-dir
Auto commit by PR queue bot
2016-03-23 03:34:33 -07:00
goltermann
34d4eaea08 Fixing several (but not all) go vet errors. Most are around string formatting, or unreachable code. 2016-03-22 17:26:50 -07:00
Miguel Flores Ruiz de Eguino
485aa7faba Allow to configure the base VPC CIDR 2016-03-22 16:50:16 -06:00
Quintin Lee
0c22277020 Use the same constants as heapster for the heapster nanny. 2016-03-22 13:17:06 -07:00
Quintin Lee
c484563315 Removing versions from deployment names. 2016-03-22 13:17:06 -07:00
Quintin Lee
79f0cc25e8 Support addon Deployments, make heapster a deployment with a nanny. 2016-03-22 13:17:06 -07:00
Aaron Crickenberger
0dc1f5da04 Update conformance test policy
Mostly doc updates and cruft removal

- describe conformance test policy and howto in e2e-tests.md
- rm e2e test info from testing.md in the name of DRY
- rm cluster/test-conformance.sh; unusable in release tar, not e2e.go
- update e2e test link in write-a-getting-started-guide.md
2016-03-22 13:09:31 -07:00
k8s-merge-robot
d221649429 Merge pull request #22845 from ZhangZhenhua/eliminate-roles-ambiguity
Auto commit by PR queue bot
2016-03-21 21:30:15 -07:00
k8s-merge-robot
4d98abf26c Merge pull request #23313 from zmerlynn/container-vm-v20160321
Auto commit by PR queue bot
2016-03-21 20:55:33 -07:00
Zach Loafman
b2cf4b8c11 Bump to container-vm-v20160321 2016-03-21 17:42:34 -07:00
Mike Danese
c676f8dabb remove unused static-routes from salt 2016-03-21 17:38:08 -07:00