github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
118,270 Commits 1 Branch 31 Tags
93d93258b19ff3d2e85b5dc60e89df1ebdc689ca
Commit Graph

1350 Commits

Author SHA1 Message Date
vteratipally
0376c58c44 Update configure-helper.sh 
add live-restore true by default.
 2021-08-04 12:09:10 -07:00
Michelle Tandya
4606ebe423 update node-problem-detector v0.8.9 2021-07-28 01:02:56 +00:00
Julie Qi
2a4a1c1d00 disable aufs module 2021-07-21 23:25:19 -07:00
Matthew Cary
60d446fe3d Drop end of sunrpc port range to avoid port conflicts. 
Change-Id: I1561fe447f50d9ac835094b3cceba62ea74dfd81
 2021-07-13 18:38:40 +00:00
Cong Liu
6c87c22277 Add structured logging for more steps 2021-07-09 15:35:44 -07:00
Kubernetes Prow Robot
5e3bed6399 Merge pull request #101433 from SergeyKanzhelev/patch-1 
Make the service account error more apparent
 2021-07-05 03:23:13 -07:00
Marian Lobur
5d80d6e7c3 Make cpu request of kube proxy configurable by env variable. 2021-07-02 16:00:56 +02:00
Piotr Tabor
de442ef860 Retry hostname->IP: [Errno -2] Name or service not known 
During cluster configuration, the hostname is getting resolved to IP,
as etcd requires IP address as listening address.

Due to connectivity flakes or delayed network inititalization, sometimes
the IP fails to be resolved to a name with following error:
```
[Errno -2] Name or service not known
```
that leads to attempt to run etcd with empty flag.

The PR adds a proper retry (up to 5 minutes) in case the connectivity
problems happens.

I considered alternatives like: `getent hosts foo`, but unfortunetelly thay
can return IPv6 that etcd is not ready for (yet).
 2021-07-01 12:20:07 +02:00
Sergey Kanzhelev
210c610d66 make sure to split NPD hashes by architecture when upgrading to 0.8.9 2021-07-01 08:12:35 +00:00
pacoxu
ffdf3f5007 update node-problem-detector npd to v0.8.8 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
Co-Authored-By: vteratipally <vteratipally@users.noreply.github.com>
 2021-06-29 09:35:32 +08:00
pacoxu
f05f30943d kube-apiserver in gce: use --api-audiences as --service-account-api-audiences is deprecated 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-06-22 11:09:46 +08:00
Vinayak Goyal
774d228637 remove the path if it exists before writing pki data. 
if setfacl is called before chmod g+r at anypoint during the lifetime of
the cluster then the default group does not have read permissions on the
file. so we explicitly grant the default group read permissions. See
https://gist.github.com/mmdriley/85ca34f711acbec4b1b94902add488e5 for a
repro.
 2021-06-18 11:03:37 -07:00
Joseph Anttila Hall
9d514b2de4 Konnectivity: tune flags for larger clusters (5k nodes). 2021-06-10 14:05:44 -07:00
Kubernetes Prow Robot
9d27400fe2 Merge pull request #102040 from njuptlzf/fix_conversion 
Fix auditing failed of request: encoding failed
 2021-06-05 19:58:38 -07:00
njuptlzf
7b0fbb7292 add audit log test cases for cross-group subresource 2021-06-06 09:52:05 +08:00
Kubernetes Prow Robot
74af3b712d Merge pull request #102297 from deads2k/ssh-tunnels 
remove --ssh- options, deprecated 13 releases, that only work on GCE
 2021-06-05 10:40:50 -07:00
Marek Siarkowicz
4ebc0c94a4 Remove legacy metrics client from podautoscaler 2021-06-04 23:06:32 +02:00
David Eads
ae603a38bc remove -ssh-user from cluster scripts for GCE 2021-06-03 17:53:09 -04:00
Kubernetes Prow Robot
bc8acbc43e Merge pull request #102328 from lentzi90/update-cni-plugins 
Update CNI plugins v0.9.1
 2021-05-28 10:16:46 -07:00
Kubernetes Prow Robot
d541872f9a Merge pull request #102239 from Haleygo/clean-up-AlgorithmProvider-flag-and-pkg 
clean up algorithmprovider pkg and remove scheduler deprecated algorithm-provider flag
 2021-05-27 00:54:23 -07:00
Lennart Jern
507710b50f Update CNI plugins v0.9.1 
ref: https://github.com/containernetworking/plugins/releases/tag/v0.9.1
Signed-off-by: Lennart Jern <lennart.jern@est.tech>
 2021-05-26 11:02:04 +03:00
Haleygo
2769e99dba remove scheduler deprecated algorithm-provider flag and clean up algorithmprovider pkg 2021-05-26 13:19:44 +08:00
Kubernetes Prow Robot
06d44d2f42 Merge pull request #101168 from mikedanese/warning 
add a warning about the filter table
 2021-05-24 21:48:40 -07:00
Kubernetes Prow Robot
77937b1e8e Merge pull request #101628 from bobbypage/addon-termination-handler 
Remove node termination handler addon
 2021-05-24 11:31:39 -07:00
Kubernetes Prow Robot
e8cf412e5e Merge pull request #101881 from vinayakankugoyal/konnectivity 
Update konnectivity network proxy server to run as non-root, by defau…
 2021-05-13 23:16:04 -07:00
Sergey Kanzhelev
72fe1b722c Make the service account error more apparent 2021-05-14 04:39:24 +00:00
Vinayak Goyal
b951b9349f Update konnectivity network proxy server to run as non-root, by default in kube-up. 2021-05-13 12:35:34 -07:00
Avritt Rohwer
0a5a697882 Fix bug in retry-forever usage. 
- Push retry-forever wrapping to curl invocations.
- Collect curl retry flags into a single variable.
- Remove 'sudo: false' in master.yaml, is unnecessary and breaks older
  cloud-init versions.
- Change log-error status reason to be more accurate.
- Fix the some 'python' invocations to 'python3'.
 2021-05-12 09:22:20 -07:00
Kubernetes Prow Robot
ca0c04e4d3 Merge pull request #101164 from vinayakankugoyal/apiservernonroot 
Run control-plane as non root in kube-up.
 2021-05-06 17:33:14 -07:00
Kubernetes Prow Robot
1f3fd1cb80 Merge pull request #101751 from vinayakankugoyal/sshproxy 
Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as…
 2021-05-06 15:15:51 -07:00
Kubernetes Prow Robot
8955f55fcf Merge pull request #101678 from vinayakankugoyal/goodbye-basicauth 
Remove remnants of basic auth from cluster bootstrap.
 2021-05-06 14:14:14 -07:00
Vinayak Goyal
6aa495ddc6 Revert - Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-06 14:02:53 -07:00
Vinayak Goyal
487583bd0a Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 15:23:04 -07:00
Vinayak Goyal
406ceae991 Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 14:49:59 -07:00
David Porter
dac06aefb0 Revert "Revert "cluster: Use python3 everywhere"" 
This reverts commit 7038338e0f.
 2021-05-03 21:43:15 -07:00
Kubernetes Prow Robot
c5b900b69c Merge pull request #97399 from davidxia/comment-typo 
Fix typo in comment
 2021-05-01 04:57:59 -07:00
Vinayak Goyal
b87762966d Remove remnants of basic auth from cluster bootstrap. 2021-04-30 11:23:14 -07:00
David Porter
e02ff0687e Remove node termination handler addon 2021-04-29 14:42:23 -07:00
Paco Xu
7038338e0f Revert "cluster: Use python3 everywhere" 2021-04-26 11:21:44 +08:00
David Porter
3f87f4f278 Use python3 everywhere 2021-04-23 14:33:58 -07:00
Kubernetes Prow Robot
ae35c6f10c Merge pull request #101255 from basantsa1989/stack-type 
Adding stack-type to gce cloud config (to be used for dual stack in legacy-cloud-providers gce code)
 2021-04-22 15:55:28 -07:00
Kubernetes Prow Robot
6aa683e9cf Merge pull request #100639 from zshihang/proxy 
dnat to 169.254.169.252 for metadata server traffic
 2021-04-21 11:15:51 -07:00
Ikko Ashimine
f69a2b40da Fix typo in gci/README.md 
becase -> because
 2021-04-21 21:35:05 +09:00
Kubernetes Prow Robot
41505f7109 Merge pull request #101176 from jkh52/master 
kube-master-installation: improve systemd cross-unit robustness.
 2021-04-20 00:42:45 -07:00
Kubernetes Prow Robot
46b0ad1327 Merge pull request #101207 from vinayakankugoyal/sshproxy 
If kube-apiserver is running as non-root then set the permissions of …
 2021-04-19 17:24:33 -07:00
Joseph Anttila Hall
05bcc72dc2 kube-master-installation: reboot on failure. 
Also some minor reliability tweaks.
 2021-04-19 17:16:21 -07:00
Vinayak Goyal
94e34da471 If kube-apiserver is running as non-root then set the permissions of /etc/srv/sshproxy accordingly. 2021-04-19 13:16:06 -07:00
Basant Amarkhed
e15d811652 Adding stack-type to cloud config (to be used for dual stack in legacy-cloud-providers code) 2021-04-19 19:06:55 +00:00
Shihang Zhang
297ad30610 dnat to 169.254.169.252 for metadata server traffic 2021-04-19 10:47:51 -07:00
Kubernetes Prow Robot
28c877dcb6 Merge pull request #101043 from benhxy/tls-2 
Use GKE specific configuration for kubeconfig file generation
 2021-04-16 11:54:51 -07:00