github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
103,736 Commits 1 Branch 31 Tags
a53e2eaeaba064309dceca2dc27f3ac09c6375b0
Commit Graph

3686 Commits

Author SHA1 Message Date
Lubomir I. Ivanov
5b7bda90c0 kubeadm: introduce apis/bootstraptoken/v1 
Package bootstraptoken contains an API and utilities wrapping the
"bootstrap.kubernetes.io/token" Secret type to ease its usage in kubeadm.

The API is released as v1, since these utilities have been part of a
GA workflow for 10+ releases.

The "bootstrap.kubernetes.io/token" Secret type is also GA.
 2021-07-02 00:11:49 +03:00
Kubernetes Prow Robot
3f4c39bbd7 Merge pull request #103063 from neolit123/1.22-add-patches-to-v1beta3 
kubeadm: add support for patches in v1beta3; deprecate --experimental-patches
 2021-07-01 02:25:54 -07:00
Vinayak Goyal
1c39cf2365 Fix incorrect user and group for kube-scheduler when it is running as non-root. 2021-06-30 11:28:15 -07:00
Lubomir I. Ivanov
5c00024c70 kubeadm: fix wrong check for keys/certs during "download-certs" 
During "join" of new control plane machines, kubeadm would
download shared certificates and keys from the cluster stored
in a Secret. Based on the contents of an entry in the Secret,
it would use helper functions from client-go to either write
it as public key, cert (mode 644) or as a private key (mode 600).

The existing logic is always writing both keys and certs with mode 600.
Allow detecting public readable data properly and writing some files
with mode 644.

First check the data with ParsePrivateKeyPEM(); if this passes
there must be at least one private key and the file should be written
with mode 600 as private. If that fails, validate if the data contains
public keys with ParsePublicKeysPEM() and write the file as public
(mode 644).

As a result of this new logic, and given the current set of managed
kubeadm files, .key files will end up with 600, while .crt and .pub
files will end up with 644.
 2021-06-29 23:42:04 +03:00
wangyysde
39a373b162 correct example command of kubeadm help 
Signed-off-by: wangyysde <net_use@bzhy.com>
 2021-06-28 16:12:52 +08:00
navist2020
538e7777c3 kubeadm:remove deprecated flags CSROnly and CSRDir 2021-06-24 18:28:43 +08:00
Marek Siarkowicz
ebe550bd48 Upgrade etcd to 3.5.0 2021-06-24 09:15:17 +02:00
Lubomir I. Ivanov
70a524659a kubeadm: add {Init|Join}Configuration.Patches.Directory to v1beta3 
Add {Init|Join}Configuration.Patches, which is a structure that
contains patch related options. Currently it only has the "Directory"
field which is the same option as the existing --experimental-patches
flag.

The flags --[experimental-]patches value override this value
if both a flag and config is passed during "init" or "join".
 2021-06-23 22:24:10 +03:00
Lubomir I. Ivanov
a4402122b4 kubeadm: add the --patches flag and deprecate --experimental-patches 
The feature of "patches" in kubeadm has been in Alpha for a few
releases. It has not received major bug reports from users.
Deprecate the --experimental-patches flag and add --patches.

Both flags are allowed to be mixed with --config.
 2021-06-23 22:22:41 +03:00
Lubomir I. Ivanov
3b36e6bcea kubeadm: fix image pull policy integration 
If the user has not specified a pull policy we must assume a default of
v1.PullIfNotPresent.

Add some extra verbose output to help users monitor what policy is
used and what images are skipped / pulled.

Use "fallthrough" and case handle "v1.PullAlways".

Update unit test.
 2021-06-23 00:52:35 +03:00
Kubernetes Prow Robot
c864f2357d Merge pull request #102901 from wangyysde/add-support-imagePullPolicy-fix524 
kubeadm: add support of imagePullPolicy to kubeadm
 2021-06-22 07:43:59 -07:00
Kubernetes Prow Robot
e78e692f33 Merge pull request #101449 from CaoDonghui123/fix5 
kubeadm: allow passing the flag --log-file if --config is passed
 2021-06-21 20:43:57 -07:00
caodonghui
25f479c2ac fix'--log-file only works if --logtostderr=false' 2021-06-22 09:32:26 +08:00
Kubernetes Prow Robot
cfa0130b9f Merge pull request #102466 from pacoxu/dns-1.8.4 
kubeadm: update coredns to 1.8.4
 2021-06-21 18:14:10 -07:00
wangyysde
459fe7d08a add support of imagePullPolicy to kubeadm 
Signed-off-by: wangyysde <net_use@bzhy.com>
 2021-06-22 07:13:25 +08:00
navist2020
1f9d448283 Use errors.Errorf instead of errors.Wrapf when the err is nil 2021-06-21 16:17:32 +08:00
Kubernetes Prow Robot
ab7d8b5b5b Merge pull request #102871 from rainrambler/patch-1 
kubeadm: use defer to unlock mutex in certs.go
 2021-06-18 09:52:30 -07:00
Kubernetes Prow Robot
f1d9db4381 Merge pull request #102940 from gy95/sche 
when new manager failed should return err
 2021-06-17 14:08:17 -07:00
Kubernetes Prow Robot
b41c8a2d49 Merge pull request #102862 from vinayakankugoyal/roochless2 
Update etcd in kubeadm to run as non-root.
 2021-06-17 13:00:05 -07:00
navist2020
1a4b0ee09b remove excess error handling 2021-06-17 17:34:57 +08:00
gy95
c789898f79 when new manager failed should return err 2021-06-17 16:02:31 +08:00
Vinayak Goyal
5a0756c5f4 Update etcd in kubeadm to run as non-root. 2021-06-16 17:30:46 -07:00
Kubernetes Prow Robot
3c1db414da Merge pull request #102546 from lunhuijie/refactorCheckTest 
refactor cmd/kubeadm/app/preflight/checks_test.go
 2021-06-16 09:44:12 -07:00
刁浩 10284789
84112d3690 refactor cmd/kubeadm/app/preflight/checks_test.go() 
Signed-off-by: 刁浩 10284789 <diao.hao@zte.com.cn>
 2021-06-16 01:46:27 +00:00
Kubernetes Prow Robot
3a47ddccdf Merge pull request #100488 from liggitt/protobuf 
update etcd, grpc, protobuf dependencies
 2021-06-15 14:49:42 -07:00
Kubernetes Prow Robot
d186b43639 Merge pull request #102828 from MikeSpreitzer/fix-kubeadm-api-dox 
Fix some typos and omissions in kubeadm APIs
 2021-06-15 11:31:43 -07:00
Jordan Liggitt
2979c3325e Switch to go.etcd.io/etcd/client/v3 2021-06-15 09:53:06 -04:00
rainrambler
5ea3dd531c Update certs.go 
Use defer feature for unlock
 2021-06-15 15:34:26 +08:00
Antonio Ojea
74feb07594 kubeadm: CoreDNS permissions for endpointslices 
Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
Co-authored-by: pacoxu <paco.xu@daocloud.io>
 2021-06-15 13:03:48 +08:00
pacoxu
188193e1c0 kubeadm: upgrade coredns 1.8.4 and corefile-migration to v1.0.12 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-06-15 13:03:42 +08:00
Mike Spreitzer
a3e464490a Fix some typos and omissions in kubeadm APIs 2021-06-14 20:38:43 -04:00
Kubernetes Prow Robot
8a6a26714c Merge pull request #102759 from vinayakankugoyal/roochless 
Update kubeadm control-plane to run as non-root.
 2021-06-14 15:52:01 -07:00
Vinayak Goyal
59b4b124df Update kubeadm control-plane to run as non-root. 2021-06-14 12:04:50 -07:00
Kubernetes Prow Robot
4aae71695a Merge pull request #102366 from cndoit18/fix-time-format 
fix(timezone): Change the time zone in the api data to UTC
 2021-06-11 06:54:59 -07:00
Kubernetes Prow Robot
e52b7be7d7 Merge pull request #101600 from KofClubs/fix-cri-socket-kubeadm 
kubeadm: disallow the mixture of --cri-socket and --config
 2021-06-11 00:04:58 -07:00
Kubernetes Prow Robot
faa36554c5 Merge pull request #102770 from pacoxu/kubeadm-example 
kubeadm: use a suggested example in v1beta2/3 docs
 2021-06-10 08:23:47 -07:00
Kubernetes Prow Robot
f008ba0fed Merge pull request #102062 from serathius/etcd-server 
Update Etcd server image to 3.5.0-rc.0-0
 2021-06-10 08:23:27 -07:00
pacoxu
654ec0866a kubeadm: use a suggested example in v1beta2/3 docs 
Co-authored-by: SataQiu <shidaqiu2018@gmail.com>
 2021-06-10 18:24:59 +08:00
Vinayak Goyal
e6bf19bcf6 Update CreateInitStaticPodManifestFiles, CreateStaticPodFiles and CreateLocalEtcdStaticPodManifestFile to take into account if the command was run as dry-run. 2021-06-09 15:01:42 -07:00
Marek Siarkowicz
12447bc803 Upgrade etcd server version to 3.5.0-rc.0 2021-06-09 17:00:05 +02:00
Kubernetes Prow Robot
7696a48612 Merge pull request #102560 from navist2020/todo/checkManifest 
kubeadm:Run preflight checks for diff to check that the manifests already exist
 2021-06-08 23:03:47 -07:00
Kubernetes Prow Robot
d849d9d057 Merge pull request #102697 from mlevesquedion/update-levee-analyzer-version 
Update version of go-flow-levee for verify-govet-levee check.
 2021-06-08 18:37:46 -07:00
navist2020
897f8012fd kubeadm:Run preflight checks for diff to check that the manifests already exist 2021-06-09 09:09:00 +08:00
Kubernetes Prow Robot
d5685397e1 Merge pull request #102673 from jackfrancis/kubeadm-etcd-ephemeral-storage 
kubeadm: remove ephemeral-storage etcd requirement
 2021-06-08 12:26:36 -07:00
Michaël Lévesque-Dion
a94aa0ea9a Update version of go-flow-levee for verify-govet-levee check. 2021-06-08 12:02:46 -04:00
Jack Francis
ff164f9013 feat: remove ephemeral-storage etcd requirement 2021-06-07 16:03:10 -07:00
Kubernetes Prow Robot
a8a379d91e Merge pull request #102604 from vinayakankugoyal/kubeadm-files2 
Add utils to set file/directory owners and permissions.
 2021-06-07 13:40:56 -07:00
Vinayak Goyal
bb6151906f Add utils to set file/directory owners and permissions. 2021-06-07 11:31:38 -07:00
Kubernetes Prow Robot
3b71dac6ac Merge pull request #102593 from CaoDonghui123/fix7 
remove redundant code
 2021-06-04 09:44:38 -07:00
caodonghui
812a04539c remove redundant code 2021-06-04 17:56:46 +08:00