github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
96,061 Commits 1 Branch 31 Tags 1,019 MiB
acb43c7c4a
Commit Graph

1142 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
b2ecd1b3a3
Merge pull request #96716 from tosi3k/bump-npd-to-v0.8.5 
Bump node-problem-detector to v0.8.5
 2020-11-21 06:33:33 -08:00
Antoni Zawodny
8f2dd3aaab Bump node-problem-detector to v0.8.5 2020-11-20 20:00:25 +01:00
Mike Danese
7fc57a207e gce: move iptables rule to mangle 
This avoids a conflict with rules that calico installs. Also, acquire
the lock everywhere.
 2020-11-18 11:28:03 -08:00
wojtekt
eb63da77ea Allow for configuring etcd progress notify interval on GCE 2020-10-29 15:43:51 +01:00
Kubernetes Prow Robot
1a645c2135
Merge pull request #95743 from benhxy/apiserver-health 
Use host IP instead of 127.0.0.1 for kube-apiserver healthcheck.
 2020-10-28 04:03:56 -07:00
Kubernetes Prow Robot
3523555aab
Merge pull request #95771 from vinayakankugoyal/fluentbit 
Grant group KUBE_POD_LOG_READERS_GROUP access to read pod logs on gke…
 2020-10-27 10:36:48 -07:00
Ben Hu
8416c5cc51 Use host IP instead of 127.0.0.1 for kube-apiserver healthcheck. 2020-10-27 16:25:27 +00:00
Kubernetes Prow Robot
557885d5d7
Merge pull request #91788 from rahulkjoshi/detect-local-mode 
Add option to specify detect-local-mode during cluster configuration
 2020-10-26 10:25:02 -07:00
Kubernetes Prow Robot
5935fcd704
Merge pull request #95766 from towca/jtuznik/ca-params-fix 
Properly quote flags passed to Cluster Autoscaler
 2020-10-23 20:47:00 -07:00
Kubernetes Prow Robot
1f756e4a37
Merge pull request #92669 from Jefftree/netproxy-configure-helper 
Separate network proxy flag for apiserver egress and starting pods
 2020-10-23 16:47:00 -07:00
Vinayak Goyal
83c1ce0225 Grant group KUBE_POD_LOG_READERS_GROUP access to read pod logs on gke control-plane. 2020-10-23 12:14:26 -07:00
Rahul Joshi
889446810c Add configuration options to specify --detect-local-mode on kube-proxy. 2020-10-23 12:12:59 -07:00
Kubernetes Prow Robot
1257bc5acb
Merge pull request #91474 from cici37/pkgController 
Cleanup CCM dependencies
 2020-10-22 23:17:45 -07:00
Kubernetes Prow Robot
e850fa6a6c
Merge pull request #95209 from benhxy/gke/kubeconfig 
Use host IP instead of localhost for GKE control plane kubeconfig
 2020-10-22 22:15:49 -07:00
Jefftree
0e5d057755 Rename flags 2020-10-22 08:43:28 -07:00
Jefftree
ed52ad3f25 Add SETUP_KONNECTIVITY_SERVICE flag 2020-10-22 08:43:28 -07:00
Jefftree
7820b05467 Separate network proxy flag for apiserver egress and starting pods 2020-10-22 08:43:27 -07:00
Jakub Tużnik
236ade027b Properly quote flags passed to Cluster Autoscaler 
In the current implementation, the flags are not put between quotes,
and so the Cluster Autoscaler manifest doesn't parse as valid JSON.
 2020-10-22 15:10:39 +02:00
Daniel Gutowski
6c8b1ab266 Fix default values for logrotate in /var/log/ 2020-10-21 09:18:32 +00:00
Ben Hu
49afcfa5f2 Use host IP instead of localhost for control plane component kubeconfig files. 
This is a part of work to allow control plane components to be moved off hostNetwork.
 2020-10-20 22:47:33 +00:00
Ben Hu
8b4e164a78 iAdd host IP to etcd listen client URLs. 
Allow kube-apiserver to use host IP to connect to etcd.
Update etcd/migrate to allow additional client listening URLs.
 2020-10-20 16:43:52 +00:00
cici37
95acec5a3b Move client_builder to k8s.io/controller-manager 2020-10-19 14:48:22 -07:00
jayunit100
aefe930562 support multiple bind records (fie nodelocaldns test regression), by 
first replacing PILLAR_ and then replacing other vars.
 2020-10-16 14:28:55 -04:00
Kubernetes Prow Robot
c1e5e6a556
Merge pull request #93836 from jayunit100/salt_cleanup_92835 
remove __pillar__ refs
 2020-10-11 17:58:47 -07:00
Kubernetes Prow Robot
33fd5552bb
Merge pull request #95418 from vinayakankugoyal/pki 
Update write-pki-data to give read permissions to KUBE_PKI_READERS_GR…
 2020-10-09 18:08:47 -07:00
Kubernetes Prow Robot
4fbf5df52b
Merge pull request #95388 from ii/policy 
Enable Logging of event requests to audit log in cluster/gce/gci/configure-helper.sh
 2020-10-09 14:08:48 -07:00
Hippie Hacker
b1e3a2ac7a Clarify that we don't audit events due to performance impact 2020-10-09 13:30:20 +13:00
Vinayak Goyal
7cbe8070bc Update write-pki-data to give read permissions to KUBE_PKI_READERS_GROUP, for components running as non-root to be able to read the credentials. 2020-10-08 16:25:43 -07:00
Joseph Anttila Hall
2f318bdd57 API server: fix default_konnectivity_socket_path typo. 
Make it consistent with configure-helper.sh
 2020-10-08 13:19:05 -07:00
Shihang Zhang
e0dcfbf9c2 make download-or-bust compatible with both sha512/sha1 2020-10-06 15:16:26 -07:00
Kubernetes Prow Robot
446da13de1
Merge pull request #94975 from zshihang/hash 
replace sha1 with sha512
 2020-10-06 13:00:42 -07:00
Karan Goel
f707db32cc Send node startup scripts to console and journal 2020-10-05 13:25:28 -07:00
Mike Danese
cc5b12cdff gce: redirect handshake server requests to metadata-concealment too 2020-09-25 17:50:53 -07:00
Shihang Zhang
e99dbbde62 replace sha1 with sha512 2020-09-23 11:27:20 -07:00
Varun Marupadi
04a51cac17 Allow the lifecycle of kube-proxy to be managed independently of the startup scripts for GCE 
Introduces a new env variable KUBE_PROXY_DISABLE which causes the configure scripts to skip over
the creation of both static pods as well as daemonset addons for kube-proxy.
When false, the behavior falls back to the default today, which is to rely on the value of
KUBE_PROXY_DAEMONSET to decide whether to start static pods on the nodes or an addon on the
master.
 2020-09-22 20:37:35 -07:00
Kubernetes Prow Robot
6b39cdf376
Merge pull request #93305 from alculquicondor/lssd-ephemeral 
Mount kubelet and container runtime rootdir on LSSD
 2020-09-22 12:22:06 -07:00
Kubernetes Prow Robot
dbaaed3592
Merge pull request #92140 from ash2k/ash2k/fix-error-check 
Fix error check logic in test
 2020-09-22 12:21:38 -07:00
Aldo Culquicondor
2ae4eeb3ea Mount kubelet and container runtime rootdir on LSSD 
When environment variable NODE_LOCAL_SSD_EPHEMERAL=true,
create a RAID 0 array on all attached SSDs to mount:

- kubelet root dir
- container runtime root dir
- pod logs dir

Those directories account for all ephemeral storage.
An array is not created when there is only one SSD.

Change-Id: I22137f1d83fc19e9ef58a556d7461da43e4ab9bd
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-09-14 14:32:28 -04:00
David Eads
c7911a384c remove pod presets 2020-09-14 09:24:40 -04:00
Kubernetes Prow Robot
0627c35411
Merge pull request #93781 from kisieland/allow-to-switch-off-logrotate 
Disable log rotation of kubernetes and pod logs
 2020-09-10 16:10:14 -07:00
Daniel Gutowski
adf7ed4241 Allow to disable logrotation of kubernetes and pod logs 
Make logrotate disabled by default
 2020-09-03 11:21:44 +00:00
Shihang Zhang
38f040c0a8 bind metadata proxy to 0.0.0.0 2020-09-01 18:34:02 -07:00
Stephen Augustus
e59d9f372d Update CNI plugins to v0.8.7 
ref: https://github.com/containernetworking/plugins/releases/tag/v0.8.7

Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-08-31 09:01:07 -04:00
jay vyas
1693c111be Getting rid of the Salt DNS replacements, addded / back. 2020-08-30 09:11:27 +00:00
Kubernetes Prow Robot
b02b84870c
Merge pull request #94307 from xmudrii/update-cri-tools 
Update cri-tools to v1.19.0
 2020-08-28 10:40:03 -07:00
Kubernetes Prow Robot
a9d1482710
Merge pull request #93311 from logicalhan/monitoring-role 
Add bootstrap policy for monitoring endpoints
 2020-08-28 06:36:52 -07:00
Marko Mudrinić
084bc9db43
Update cri-tools to v1.19.0 2020-08-28 15:34:42 +02:00
Kubernetes Prow Robot
fd20de89d9
Merge pull request #90433 from joakimr-axis/joakimr-axis_configure-helper.sh 
Fix shellcheck w/e in cluster/gce/gci/configure-helper.sh
 2020-08-27 19:05:47 -07:00
Han Kang
f57611970c add bootstrap policy for monitoring roles 
(we enable metrics and pprof by default, but that doesn't mean
 we should have full cluster-admin access to use those endpoints)

Change-Id: I20cf1a0c817ffe3b7fb8e5d3967f804dc063ab03

remove pprof but add read access to detailed health checks

Change-Id: I96c0997be2a538aa8c689dea25026bba638d6e7d

add base health check endpoints and remove the todo for flowcontrol, as there is an existing ticket

Change-Id: I8a7d6debeaf91e06d8ace3cb2bd04d71ef3e68a9

drop blank line

Change-Id: I691e72e9dee3cf7276c725a12207d64db88f4651
 2020-07-24 09:21:55 -07:00
Jordan Liggitt
3b323b2ef0 Limit critical pods to kube-system by default 2020-07-17 09:52:19 -04:00