github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
23,121 Commits 1 Branch 31 Tags
ad8ea35d94cc7c0d0798bcefc3ba7e3cc2b9389d
Commit Graph

315 Commits

Author SHA1 Message Date
Justin Santa Barbara
48e8a8b0ec AWS: Set up security groups, to mirror GCE firewalling 
Some slightly fussy code to enable load-balancers to talk to
instances, but otherwise relatively simple.
 2015-06-05 16:10:08 -04:00
Justin Santa Barbara
33a3d884f2 AWS: Filter by Cluster tag, rationalize EC2 abstraction 
Whenever we do a list we now filter on tags so we only see resources relating
to our cluster.

Also, rationalize all the DescribeX calls:
 * They all take a request object (so that we can pass filters)
 * They do paging if that is required (and return the underlying resources)
 * They wrap any error with a "error while listing X: %v" message
 2015-06-05 16:09:01 -04:00
Quinton Hoole
710df2b619 Merge pull request #9294 from justinsb/aws_ssh_key_fingerprint 
AWS: Support multiple SSH keys (embed the hash in the name)
 2015-06-05 09:37:31 -07:00
Justin Santa Barbara
d8dc416b5b AWS: Support multiple SSH keys (embed the hash in the name) 
This should eliminate a nasty problem where the script doesn't cope well if
your keys don't match.
 2015-06-04 21:40:57 -04:00
Justin Santa Barbara
c92c63b3a9 AWS: Use s3 sync to optimize upload to s3 when nothing changed 2015-06-04 10:14:45 -04:00
Adam Sunderland
2b4d37427e Update Master IAM Policy to Include ELB 2015-06-03 12:20:19 -05:00
Eric Tune
3c067b766a Merge pull request #8996 from manolitto/aws_cluster_monitoring_fix 
aws: fix cluster monitoring (new option "influxdb" instead of "true")
 2015-06-01 13:43:43 -07:00
Eric Tune
5b3e01d2fd Merge pull request #8653 from matschaffer/s3-creation-wait 
Check that s3 bucket has been created
 2015-06-01 10:29:03 -07:00
Manfred Geiler
8c8f8feb62 aws: fix cluster monitoring ("none" instead of "false") 2015-06-01 09:12:41 +02:00
Justin Santa Barbara
c4a2631593 Mount logic breaks if /var/lib/kubelet is a symlink 
Pass the correct kubelet root-dir on AWS
 2015-05-29 20:13:09 -04:00
Rohit Jnagal
ff51f0b2e1 Merge pull request #8696 from derekwaynecarr/force_namespace_creation 
Force explicit namespace provision, update e2e for failures
 2015-05-29 09:28:47 -07:00
Manfred Geiler
635b6bc097 aws: fix cluster monitoring (new option "influxdb" instead of "true") 2015-05-29 11:15:21 +02:00
Tim Hockin
ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
derekwaynecarr
3e8b1d5e01 Update all salt providers to force explicit namespace creation; update e2e 2015-05-28 13:45:49 -04:00
Mat Schaffer
e7ae425385 Colorize errors for consistency with other checks 2015-05-23 16:12:24 +09:00
Mat Schaffer
26736e494c Check that s3 bucket has been created 
Fixes #8395
 2015-05-22 14:12:36 +09:00
Dawn Chen
04c4d25065 Merge pull request #7905 from bakins/aws-coreos 
AWS: use CoreOS for nodes
 2015-05-21 09:05:56 -07:00
Victor Marmol
4ba22e713a Merge pull request #8296 from jlowdermilk/gen-analytics 
Add ga-beacon analytics to gendocs scripts
 2015-05-18 08:40:02 -07:00
Justin Santa Barbara
87dfddb259 AWS: Set MASTER_RESERVED_IP in config-default.sh 
Otherwise jenkins fails
 2015-05-16 20:32:23 -04:00
Jeff Lowdermilk
553f9f822b Add ga-beacon analytics to gendocs scripts 
hack/run-gendocs.sh puts ga-beacon analytics link into all md files,
hack/verify-gendocs.sh verifies presence of link.
 2015-05-15 18:56:38 -07:00
Daniel Smith
ce4b54ec70 Merge pull request #8209 from krousey/v1beta1_cluster 
Removing some v1beta1 uses in cluster/
 2015-05-15 14:56:41 -07:00
Kris Rousey
98c457c397 Updating /cluster to use v1beta 3 specs, and change a lot of polling to 
healthz instead of api endpoints.
 2015-05-15 14:17:55 -07:00
Robert Bailey
9d6c032929 Merge pull request #7888 from madis/associate_aws_elastic_ip_with_master 
Associate master instance with AWS Elastic IP
 2015-05-14 13:18:19 -07:00
Madis Nõmme
15643a2c72 Add 'auto' option for MASTER_RESERVED_IP. No ElasticIP allocation by default. 
Default behaviour when setting up a cluster is using the Amazon-assigned public ip.
It will change between reboots. If MASTER_RESERVED_IP is set to 'auto', new Elastic
IP will be allocated & assigned to master. If MASTER_RESERVED_IP is set to an existing
Elastic IP, it will be used. When something fails, original Amazon-given IP will be used.
 2015-05-14 08:33:07 +03:00
Brian Akins
fac4350fa6 Initial addition of CoreOS as minion for AWS cluster 2015-05-13 16:39:22 -04:00
Derek Carr
9454d58547 Merge pull request #8127 from liggitt/service_account_admission 
Add ServiceAccount admission plugin
 2015-05-13 14:03:11 -04:00
Zach Loafman
02f3a32196 Merge pull request #8131 from justinsb/aws_install_salt_gce_style 
Install specific salt version on AWS, based on GCE
 2015-05-13 06:55:32 -07:00
Madis Nõmme
eb220f05a6 Properly get return value (considering errexit). Quote variables. 2015-05-13 10:45:51 +03:00
Madis Nõmme
d4d02a9028 Optionally associate master instance with AWS Elastic IP 
When MASTER_RESERVED_IP is set to elastic IP from AWS, then aws/util.sh will
associate it with master instance and assign it to KUBE_MASTER_IP. If no MASTER_RESERVED_IP
is set, new elastic ip will be requested from amazon. This allows cluster certificates to
be generated for an IP that doesn't change between stopping & starting cluster instances.

The requested elastic ip is not released when kube-down.sh is run. I think it is good
because user could have created DNS records and it would be bad if the IP was removed.
He can reuse it next time through MASTER_RESERVED_IP when setting up cluster again.
 2015-05-13 10:45:51 +03:00
Justin Santa Barbara
23b1a22203 AWS: Don't use policy-rc.d to prevent starting daemons until we're ready 
It isn't required
 2015-05-12 21:18:48 -04:00
Clayton Coleman
7d620c20b9 Merge pull request #8105 from thockin/dns-domain 
Rename default DNS domain to cluster.local
 2015-05-12 17:18:45 -04:00
Justin Santa Barbara
ffb0e7f9b8 Install specific salt version on AWS, based on GCE 
The latest salt version breaks the container_bridge.py _state function

We can lock to the same version as GCE.  This is not a full fix,
because we can't update to the latest salt without breaking GCE,
but this at least unbreaks and sync AWS with GCE.

This isn't a straight copy from GCE, because we still use
the salt master on AWS (for now)

Fixes #8114
 2015-05-12 16:33:56 -04:00
Jordan Liggitt
e5d47081a2 Add ServiceAccount admission plugin 2015-05-12 15:19:05 -04:00
Tim Hockin
e83e49b076 rename default DNS domain to cluster.local 2015-05-11 23:00:43 -07:00
Jordan Liggitt
7e14a80f63 ServiceAccount admission plugin 2015-05-11 17:18:06 -04:00
Justin Santa Barbara
3cf8d72d96 Copy some new properties from config-default => config.test 
ENABLE_MINION_PUBLIC_IP was causing a failure because the variable wasn't declared.

ADMISSION_CONTROL should just be set the same for both test & default
 2015-05-08 14:30:17 -07:00
Manfred Geiler
c5c62f7d57 fixed second missing $ and added curly brackets 2015-05-08 17:18:52 +02:00
Manfred Geiler
1119340260 fixed missing $ 2015-05-08 16:58:49 +02:00
Manfred Geiler
96d34c1106 AWS: added docs for KUBE_ENABLE_MINION_PUBLIC_IP option 2015-05-08 16:56:06 +02:00
Manfred Geiler
205ed2bf6e AWS: make it possible to disable minion public ip association 2015-05-08 00:09:47 +02:00
Zach Loafman
875e83a741 Revert "Revert "Security context - types, kubelet, admission"" 2015-05-05 16:02:13 -07:00
Zach Loafman
f48904fd5e Revert "Security context - types, kubelet, admission" 2015-05-05 15:20:39 -07:00
Paul Weil
982bf19c20 security context initial implementation - squash 2015-05-05 13:46:13 -04:00
Robert Bailey
c6d4c24f37 Merge pull request #7736 from justinsb/aws_fix_known_tokens_file 
AWS: Fix variable naming that meant not all tokens were written
 2015-05-04 14:34:11 -07:00
Justin Santa Barbara
96f0a39172 AWS: Fix variable naming that meant not all tokens were written 
To resolve the inconsistency, chose to go closer to GCE
 2015-05-04 17:28:24 -04:00
Justin Santa Barbara
57f7b658bb AWS: Change apiserver to listen on 443 directly, not through nginx 
Mirrors changes in GCE.  I think the same changes will be needed for vagrant.
 2015-05-02 16:59:04 -04:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Jan Safranek
6e810492fb Fixed name of kube-proxy path in deployment scripts. 2015-04-28 10:10:37 +02:00
CJ Cullen
39c5bf363b Merge pull request #7303 from erictune/kube_env3 
kube-proxy uses token to access port 443 of apiserver
 2015-04-27 14:33:53 -07:00
Brendan Burns
637cd57a25 Merge pull request #6606 from gust1n/aws-existing-vpc 
AWS: Improving getting existing VPC and subnet
 2015-04-27 11:11:25 -07:00