github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
34,623 Commits 1 Branch 31 Tags 1,019 MiB
a74ec3f90a
Commit Graph

297 Commits

Author SHA1 Message Date
k8s-merge-robot
a275a045d1 Merge pull request #23914 from sky-uk/make-etcd-cache-size-configurable 
Automatic merge from submit-queue

Make etcd cache size configurable

Instead of the prior 50K limit, allow users to specify a more sensible size for their cluster.

I'm not sure what a sensible default is here. I'm still experimenting on my own clusters. 50 gives me a 270MB max footprint. 50K caused my apiserver to run out of memory as it exceeded >2GB. I believe that number is far too large for most people's use cases.

There are some other fundamental issues that I'm not addressing here:
- Old etcd items are cached and potentially never removed (it stores using modifiedIndex, and doesn't remove the old object when it gets updated)
- Cache isn't LRU, so there's no guarantee the cache remains hot. This makes its performance difficult to predict. More of an issue with a smaller cache size.
- 1.2 etcd entries seem to have a larger memory footprint (I never had an issue in 1.1, even though this cache existed there). I suspect that's due to image lists on the node status.

This is provided as a fix for #23323
 2016-04-17 00:06:31 -07:00
Jordan Liggitt
6c1bcfa28d Use correct defaults when binding apiserver flags 2016-04-14 10:12:51 -04:00
k8s-merge-robot
429228d403 Merge pull request #23953 from nikhiljindal/u8sServer 
Automatic merge from submit-queue

moving genericapiserver command line flags to genericapiserver

cc @kubernetes/sig-api-machinery
 2016-04-13 23:15:24 -07:00
goltermann
a3104ba96c Final vet fixes; enabling vet checks in verify scripts. 2016-04-13 13:51:51 -07:00
nikhiljindal
8d7a8c6ae6 moving genericapiserver command line flags to genericapiserver 2016-04-13 13:28:18 -07:00
James Ravn
5bb0595260 Make deserialization cache size configurable 
Instead of the default 50K entries, allow users to specify more sensible
sizes for their cluster.
 2016-04-12 13:42:27 +01:00
deads2k
e8fb35d4d8 refactor resource overrides as positive logic interface 2016-03-28 09:24:49 -04:00
k8s-merge-robot
4e4ad61260 Merge pull request #23366 from goltermann/vet 
Auto commit by PR queue bot
 2016-03-24 21:50:56 -07:00
nikhiljindal
1cccfc7074 Disabling swagger ui by default. Adding a flag to enable it 2016-03-23 13:19:22 -07:00
k8s-merge-robot
76369c42be Merge pull request #22939 from resouer/util-sub-dir 
Auto commit by PR queue bot
 2016-03-23 03:34:33 -07:00
k8s-merge-robot
4af38b52b9 Merge pull request #22736 from resouer/fix-util-dev 
Auto commit by PR queue bot
 2016-03-22 19:54:58 -07:00
goltermann
34d4eaea08 Fixing several (but not all) go vet errors. Most are around string formatting, or unreachable code. 2016-03-22 17:26:50 -07:00
Marc Lough
27c6224abe The --etcd-config option has been removed from kube-apiserver so also remove the mention about it. 2016-03-22 20:14:48 +00:00
harry
343b1927d1 Refactor config map into sub pkg 2016-03-21 14:50:57 +08:00
harry
f19d59cf35 Move flag into sub pkg 2016-03-14 21:30:38 +08:00
Brian Grant
532ba5a3c6 Merge pull request #21535 from AdoHe/restore_secure_etcd 
restore ability to run against secured etcd
 2016-03-11 12:14:06 -08:00
AdoHe
7228b9b987 restore ability to run against secured etcd 2016-03-11 11:21:16 -05:00
Wojciech Tyczynski
2f6d034cea Workaround long latency of POST pods 2016-03-03 10:45:43 +01:00
k8s-merge-robot
d81d823ca5 Merge pull request #22393 from eparis/blunderbuss 
Auto commit by PR queue bot
 2016-03-02 18:51:56 -08:00
Eric Paris
5e5a823294 Move blunderbuss assignees into tree 2016-03-02 20:46:32 -05:00
Kris
e664ef922f Move restclient to its own package 2016-02-29 12:05:13 -08:00
k8s-merge-robot
43792754d8 Merge pull request #21469 from wojtek-t/parallel_namespace_deletion 
Auto commit by PR queue bot
 2016-02-27 07:26:49 -08:00
Wojciech Tyczynski
506899008f Parallelization of namespace deletion 2016-02-25 16:33:25 +01:00
Eric Chiang
3116346161 *: add webhook implementation of authorizer.Authorizer plugin 2016-02-22 11:39:07 -08:00
Eric Tune
ab8cfb968f Enabled batch API group in apiserver 2016-02-19 09:20:56 -08:00
Piotr Szczesniak
2b614179c7 Fixed options test 2016-02-15 21:39:00 +01:00
Piotr Szczesniak
264c64ec0d Enabled autoscaling API group in apiserver 2016-02-15 21:39:00 +01:00
Daniel Smith
74400c33ae changes for cross-group moves 2016-02-15 21:39:00 +01:00
k8s-merge-robot
43fb544a4a Merge pull request #21001 from ericchiang/oidc_groups 
Auto commit by PR queue bot
 2016-02-14 05:24:43 -08:00
Eric Chiang
92d37d5cc5 plugin/pkg/auth/authenticator/token/oidc: get groups from custom claim 2016-02-12 09:58:18 -08:00
Chao Xu
184440f8ef rename release_1_2 to internalclientset 2016-02-05 14:02:28 -08:00
magicwang-cn
d2cf858560 make watch cache sizes configuratable of kube-apiserver 2016-02-05 15:47:27 +08:00
Nikhil Jindal
59820827d4 Merge pull request #20513 from nikhiljindal/apiserverExampleTest 
Adding test for apiserver example
 2016-02-04 11:28:58 -08:00
nikhiljindal
c7beb9078c Updating methods to return error rather than using glog.Fatalf 2016-02-03 16:00:45 -08:00
Chao Xu
f9f5736b01 grep sed 2016-02-03 13:06:07 -08:00
k8s-merge-robot
843c11e06a Merge pull request #20452 from caesarxuchao/replace-client-kubelet 
Auto commit by PR queue bot
 2016-02-02 23:46:58 -08:00
Chao Xu
cddd7b56a4 replace client with clientset in kubelet and other places 2016-02-02 20:28:45 -08:00
CJ Cullen
04eb90a5d4 Make tunneler hold tunnels open and healthcheck vs. reopening every 5 minutes. 
Also add a test for the Update() logic.
Reordered tunnels vs. storage initialization (prevent a nil ptr panic)
 2016-02-02 12:00:29 -08:00
mqliang
b0e06c14e5 add a knob to enable quorum read 2016-01-30 20:32:12 +08:00
Clayton Coleman
4d127dc969 Initialize API servers with negotiated serializers 
Pass down into the server initialization the necessary interface for
handling client/server content type negotiation. Add integration tests
for the negotiation.
 2016-01-22 01:10:22 -05:00
Clayton Coleman
125ef6fbc8 Support content-type negotiation in the API server 
A NegotiatedSerializer is passed into the API installer (and
ParameterCodec, which abstracts conversion of query params) that can be
used to negotiate client/server request/response serialization. All
error paths are now negotiation aware, and are at least minimally
version aware.

Watch is specially coded to only allow application/json - a follow up
change will convert it to use negotiation.

Ensure the swagger scheme will include supported serializations - this
now includes application/yaml as a negotiated option.
 2016-01-22 00:12:50 -05:00
nikhiljindal
2ad642d370 Merge registered and latest and move to apimachinery 2016-01-21 14:42:21 -08:00
Harry Zhang
936a11e775 Use networking to hold network related pkgs 
Change names of unclear methods

Use net as pkg name for short
 2016-01-15 13:46:16 +08:00
nikhiljindal
f8d6c56ba6 Extracting server run code to genericapiserver 2016-01-08 18:34:34 -08:00
Nagarjun
c98364e79b insert space after comment character in cmd folder 2016-01-08 16:25:57 +05:30
Clayton Coleman
c0c707d92d Split apiserver flags and initialization 
Make it easier to keep defaults and flags clearly identified.
 2016-01-06 21:14:30 -05:00
k8s-merge-robot
cd097e3f86 Merge pull request #19088 from smarterclayton/separate_service_account 
Auto commit by PR queue bot
 2016-01-04 08:38:24 -08:00
Justin Santa Barbara
f9a6ac077e Ubernetes Lite: Volumes can dictate zone scheduling 
For AWS EBS, a volume can only be attached to a node in the same AZ.
The scheduler must therefore detect if a volume is being attached to a
pod, and ensure that the pod is scheduled on a node in the same AZ as
the volume.

So that the scheduler need not query the cloud provider every time, and
to support decoupled operation (e.g. bare metal) we tag the volume with
our placement labels.  This is done automatically by means of an
admission controller on AWS when a PersistentVolume is created backed by
an EBS volume.

Support for tagging GCE PVs will follow.

Pods that specify a volume directly (i.e. without using a
PersistentVolumeClaim) will not currently be scheduled correctly (i.e.
they will be scheduled without zone-awareness).
 2015-12-31 12:27:01 -05:00
Clayton Coleman
9dad7e624c Split the serviceaccount package into two parts 
Public utility methods and JWT parsing, and controller specific logic.
Also remove the coupling between ServiceAccountTokenGetter and the
authenticator class.
 2015-12-26 21:28:12 -05:00
Clayton Coleman
3d5ed379b0 authn.go doesn't belong in pkg/apiserver 
apiserver does not need to know about specific authentication
mechanisms, and does not need to take dependencies on all the
authentication packages.
 2015-12-26 21:22:22 -05:00
Andy Goldstein
f175a22443 Add admission controller to force image pulls 
Add an admission controller that forces every container's image pull policy to
Always when a pod is created.
 2015-12-22 10:32:40 -05:00
Mike Danese
a09d85bd83 expose master count configuration in a cli option on apiserver 2015-12-18 13:10:41 -08:00
nikhiljindal
2d952aaa87 Extracting APIServer machinery code into a library 2015-12-16 13:54:23 -08:00
k8s-merge-robot
6716290903 Merge pull request #18388 from nikhiljindal/clusterName 
Auto commit by PR queue bot
 2015-12-16 03:50:11 -08:00
deads2k
d0aaf13920 use constants for group names 2015-12-14 10:04:10 -05:00
nikhiljindal
724b098855 Deleting unused master.ClusterName param 2015-12-11 13:39:19 -08:00
deads2k
ec87d74ecb update InterfacesFor to use GroupVersion 2015-12-11 13:45:41 -05:00
Timothy St. Clair
413d8d18fe Futher storage isolation and removal of the tools interface. 2015-12-09 11:04:14 -06:00
k8s-merge-robot
94752c12a8 Merge pull request #18128 from ZJU-SEL/fix-typo 
Auto commit by PR queue bot
 2015-12-07 15:59:08 -08:00
He Simei
387d861d4e deprecate confusing flag usage 2015-12-04 09:09:23 +08:00
nikhiljindal
5c556baa2f Removing duplicate NewEtcdStorage code 2015-12-03 01:37:44 -08:00
gmarek
459131fd92 Use KubeletPort reported in NodeStatus instead of cluster-wide master config, take 2. 2015-12-02 13:38:17 +01:00
k8s-merge-robot
a836b1e261 Merge pull request #17326 from caesarxuchao/grooupVersion-lastest 
Auto commit by PR queue bot
 2015-12-01 05:05:40 -08:00
Chao Xu
6e192760e3 refactoring latest.go GroupVersion; 
clean up latest.go GroupVersions;
remove latest.GroupMeta.Group;
remove latest.GroupMeta.Version.
 2015-11-30 11:30:21 -08:00
harry
477da92002 Move hostIP detection from master to server 
Add PublicAddress in test files

Move valid public addr into util
 2015-11-30 16:17:37 +08:00
deads2k
a87d927588 update client.Config to use GroupVersion 2015-11-21 08:29:26 -05:00
feisky
13dce74adb Gendocs for docs/admin/kube-* 2015-10-25 19:24:23 +08:00
nikhiljindal
72914fd81b Updating documentation to reflect the latest status of extension resources 2015-10-21 13:03:33 -07:00
nikhiljindal
7bcc4a6755 Allowing runtimeConfig to support enabling/disabling specific extension resources 2015-10-15 14:24:22 -07:00
k8s-merge-robot
8c753c84eb Merge pull request #15191 from caesarxuchao/validate-UID 
Auto commit by PR queue bot
 2015-10-15 04:20:24 -07:00
Chao Xu
be0754750f add common fields validation before updaing a resource; make the repair of malformed update request flippable by a flag. 2015-10-13 16:28:32 -07:00
Jordan Liggitt
1043126135 Refactor SSH tunneling, fix proxy transport TLS/Dial extraction 2015-10-12 11:17:01 -04:00
k8s-merge-robot
95b265390e Merge pull request #14900 from mqliang/log 
Auto commit by PR queue bot
 2015-10-10 09:29:53 -07:00
Chao Xu
53eab7ef1e gofmt 2015-10-09 16:04:43 -07:00
Chao Xu
80f213c376 "experimental" -> "extensions" 2015-10-09 15:14:03 -07:00
Chao Xu
0b7e3c7dd1 experimental/v1alpha1->extensions/v1beta1 2015-10-09 15:01:33 -07:00
mqliang
5a349aeb58 capitalize the first letter of log files in module cmd 2015-10-06 13:56:37 +08:00
jayvyas
be2a2ec3cd NodePort apiserver option for exposing KubernetesMasterService NodePort on startup. 2015-10-05 20:34:25 -04:00
Wojciech Tyczynski
0f1cbe37a4 Events in separate etcd 2015-10-05 10:54:24 +02:00
eulerzgy
b1be6bc8ea add log err value 2015-09-29 17:09:25 +08:00
Chao Xu
c449baea46 Remove ExpStorageVersion and Add StorageVersions to APIServer struct 2015-09-24 17:44:59 -07:00
Chao Xu
ae1293418b move experimental/v1 to experimental/v1alpha1; 
use "group/version" in many places where used to expect "version" only.
 2015-09-24 15:32:11 -07:00
k8s-merge-robot
6c30a0e170 Merge pull request #13955 from caesarxuchao/API-discovery 
Auto commit by PR queue bot
 2015-09-21 14:01:36 -07:00
Chao Xu
1278771b34 let apiserver support api discovery 2015-09-21 12:20:24 -07:00
Federico Simoncelli
f21d9ac9e4 Support pods with containers using host ipc 
Add a HostIPC field to the Pod Spec to create containers sharing
the same ipc of the host.

This feature must be explicitly enabled in apiserver using the
option host-ipc-sources.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
 2015-09-18 21:13:39 +02:00
k8s-merge-robot
445fde3dc5 Merge pull request #13447 from pweil-/pid-mode 
Auto commit by PR queue bot
 2015-09-16 23:34:35 -07:00
Chao Xu
9bef5ff99d register experimental apis as apis/experimental/.. 
mark --api-version as deprecated
 2015-09-15 11:25:01 -07:00
Paul Weil
ed80c2b940 pid mode 2015-09-15 13:51:44 -04:00
Chao Xu
c733124920 address lavalamp's comments 2015-09-11 17:34:32 -07:00
Chao Xu
3dc5223f4f check if experimental is enabled during startup of client and server 2015-09-11 17:34:32 -07:00
Chao Xu
dd6c121d7f massive changes 2015-09-11 17:31:47 -07:00
Daniel Smith
ccd9e3e247 Run all automated tools 2015-09-11 16:11:08 -07:00
Daniel Smith
4c2adabf42 move; sed replace 2015-09-11 16:03:22 -07:00
k8s-merge-robot
f867ba3ba1 Merge pull request #13682 from ryfow/block-startup-for-cert 
Auto commit by PR queue bot
 2015-09-10 00:24:23 -07:00
k8s-merge-robot
434f05c0e3 Merge pull request #13705 from liggitt/attach 
Auto commit by PR queue bot
 2015-09-09 18:19:35 -07:00
k8s-merge-robot
45742e885c Merge pull request #13452 from aveshagarwal/master-api-rate-burst-remove 
Auto commit by PR queue bot
 2015-09-09 00:42:59 -07:00
Jordan Liggitt
b2268574c5 Add pods/attach to long running requests, protect in admission for privileged pods 2015-09-09 00:49:00 -04:00
k8s-merge-robot
015389eba1 Merge pull request #13672 from jayunit100/apiserver-cert-doc 
Auto commit by PR queue bot
 2015-09-08 11:42:28 -07:00
Ryan Fowler
d22a29cf66 Block apiserver startup on certificate 
With some regularity, if the root certificate file needs to be generated
the apiserver could come up on the non-secure port before the cert
was generated.

`hack/local-up-cluster.sh` requires that apiserver.crt exists
before the replication controller starts. Otherwise service accounts
and secrets don't work.

This change just takes the certificate handling code out of the `go`.
 2015-09-08 11:35:32 -05:00
jay vyas
4283201aea [minor] cert file cmd line string fix 2015-09-08 09:50:15 -04:00