github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
40,412 Commits 1 Branch 31 Tags 1,019 MiB
c294bf0d06
Commit Graph

3050 Commits

Author SHA1 Message Date
Kubernetes Submit Queue
cc794dda1e Merge pull request #38319 from deads2k/fed-08-host-discovery 
Automatic merge from submit-queue (batch tested with PRs 36310, 37349, 38319, 38402, 38338)

add summarizing discovery controller and handlers

Requires https://github.com/kubernetes/kubernetes/pull/38304 .

This adds discovery support to the new `kubernetes-discovery` that runs based on a controller wired up to the `APIService.apiregistration.k8s.io`.  It also adds in plumbing for `local-up-cluster.sh` to register the "normal" kube resources.

@kubernetes/sig-api-machinery 
@sttts
 2016-12-08 13:44:55 -08:00
Kubernetes Submit Queue
53d41d036d Merge pull request #37349 from tanshanshan/httpcode 
Automatic merge from submit-queue

replace HTTP status code with  HTTP status code const

<!--  Thanks for sending a pull request!  Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->

**What this PR does / why we need it**:

replace HTTP status code with  HTTP status code const

Thanks!

**Special notes for your reviewer**:

**Release note**:
<!--  Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access) 
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`. 
-->
```release-note
```
 2016-12-08 13:44:00 -08:00
Kubernetes Submit Queue
8820922997 Merge pull request #35449 from MrHohn/kubedns-readysignal 
Automatic merge from submit-queue

kubedns: use initial resource listing as ready signal

Fix #35140.

Set up the ready signal after the first resource listing finished for both endpoints and services instead of listen on kubernetes service.

@bprashanth @bowei @thockin

**Release note**:
```
```
 2016-12-08 11:35:44 -08:00
deads2k
fb9c109953 add summarizing discovery controller and handlers 2016-12-08 13:54:18 -05:00
Kubernetes Submit Queue
a5a4d4f681 Merge pull request #38110 from deads2k/controller-15-split 
Automatic merge from submit-queue (batch tested with PRs 35939, 38381, 37825, 38306, 38110)

split easy controllers from giant start func

continues work from https://github.com/kubernetes/kubernetes/pull/37976 to separate controller initialization.
 2016-12-08 07:52:53 -08:00
Kubernetes Submit Queue
47181133c1 Merge pull request #35884 from foxyriver/exchange 
Automatic merge from submit-queue

print log error

<!--  Thanks for sending a pull request!  Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->

**What this PR does / why we need it**:

when failed to load CA,will print both "Loaded CA:" and "Error loading root CA certificate date:" ,but only need to print "Error loading root CA certificate date:" in fact.

**Special notes for your reviewer**:

**Release note**:

<!--  Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access) 
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`. 
-->

``` release-note
```
 2016-12-08 03:29:41 -08:00
Kubernetes Submit Queue
72e7adb658 Merge pull request #36735 from YuPengZTE/devHTTP 
Automatic merge from submit-queue

type HttpProxyCheck should be HTTPProxyCheck

**What this PR does / why we need it**:
Change HttpProxyCheck to HTTPProxyCheck
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:
golint
**Release note**:

```release-note
```

Signed-off-by: yupeng <yu.peng36@zte.com.cn>
 2016-12-07 16:21:21 -08:00
Kubernetes Submit Queue
ca049360e2 Merge pull request #38258 from derekwaynecarr/kernel-memcg-flag 
Automatic merge from submit-queue (batch tested with PRs 38318, 38258)

kernel memcg notification enabled via experimental flag

Kubelet integrates with kernel memcg notification API if and only if enabled via experimental flag.
 2016-12-07 15:00:10 -08:00
Kubernetes Submit Queue
8d518d36b5 Merge pull request #38289 from deads2k/fed-07-wire-auth 
Automatic merge from submit-queue (batch tested with PRs 36543, 38189, 38289, 38291, 36724)

add authentication/authorization to kubernetes-discovery

Wires authentication and authorization into `kubernetes-discovery` and re-enables the `local-up-cluster.sh` along with proper permission granting for RBAC cases.

@sttts @liggitt
 2016-12-07 11:40:17 -08:00
Kubernetes Submit Queue
aa08702d23 Merge pull request #37835 from luxas/kubeadm_cloudprovider_and_dns 
Automatic merge from submit-queue (batch tested with PRs 38294, 37009, 36778, 38130, 37835)

Add a cloudprovider validator flag to kubeadm and update the DNS spec

Broken out from: https://github.com/kubernetes/kubernetes/pull/37568

This PR creates a flag for `cloud-provider` that validates the value before `RunInit()` is run, which makes it now act as a "real" flag
Then it removes the `k8s.io/kubernetes/pkg/cloudprovider` dependency, which makes the binary ~40MB smaller! That's _really_ worth it!

In the second commit, the DNS addon is updated to the latest version: https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/skydns-rc.yaml.base

@kubernetes/sig-cluster-lifecycle
 2016-12-07 10:45:22 -08:00
Derek Carr
5b2d1c2c25 Enable kernel memcg notification via additional flag 2016-12-07 10:09:41 -05:00
deads2k
798d3edabf add authentication/authorization to kubernetes-discovery 2016-12-07 09:33:43 -05:00
Lucas Käldström
f4cb405164 Update the built-in DNS addon of kubeadm to the v1.5 version 2016-12-07 16:24:21 +02:00
Lucas Käldström
342f98d516 Create a new cloud-provider flag in order to catch wrong args directly and don't import the cloudprovider package and save ~50% in binary size 2016-12-07 16:24:02 +02:00
deads2k
f36a5ae9a1 separate controller initialization for easy controllers 2016-12-07 09:00:53 -05:00
deads2k
8ae8bf02a4 regenerate informers 2016-12-07 07:54:04 -05:00
deads2k
97854b8de5 update informer generator 2016-12-07 07:48:24 -05:00
deads2k
0579e86663 host apiservices resource 2016-12-07 07:47:09 -05:00
Zihong Zheng
19cf831086 kubedns: use initial resource listing as ready signal 2016-12-06 20:53:59 -08:00
Kubernetes Submit Queue
97ae7ccb56 Merge pull request #31647 from mikedanese/register-tainted 
Automatic merge from submit-queue

add a configuration for kubelet to register as a node with taints

and deprecate --register-schedulable

ref #28687 #29178

cc @dchen1107 @davidopp @roberthbailey
 2016-12-06 19:07:54 -08:00
Kubernetes Submit Queue
cbf497b749 Merge pull request #38119 from liggitt/long-running 
Automatic merge from submit-queue (batch tested with PRs 37032, 38119, 38186, 38200, 38139)

Detect long-running requests from parsed request info

Follow up to https://github.com/kubernetes/kubernetes/pull/36064

Uses parsed request info to more tightly match verbs and subresources

Removes regex-based long-running request path matching (which is easily fooled)

```release-note
The --long-running-request-regexp flag to kube-apiserver is deprecated and will be removed in a future release. Long-running requests are now detected based on specific verbs (watch, proxy) or subresources (proxy, portforward, log, exec, attach).
```
 2016-12-06 18:29:35 -08:00
Kubernetes Submit Queue
87d907cafe Merge pull request #37084 from kenan435/fail-fast-on-duplicate-node 
Automatic merge from submit-queue (batch tested with PRs 38194, 37594, 38123, 37831, 37084)

[kubeadm] Fail fast if there already is a node in the cluster with that name

kubeadm Fail fast if there is another node with the same name already in the cluster. 

Fixes #36255

cc @kubernetes/sig-cluster-federation
 2016-12-06 17:41:37 -08:00
Kubernetes Submit Queue
4eb4777df1 Merge pull request #37831 from luxas/improve_reset 
Automatic merge from submit-queue (batch tested with PRs 38194, 37594, 38123, 37831, 37084)

Improve kubeadm reset

Depends on: https://github.com/kubernetes/kubernetes/pull/36474
Broken out from: https://github.com/kubernetes/kubernetes/pull/37568
Carries: https://github.com/kubernetes/kubernetes/pull/35709, @camilocot

This makes the `kubeadm reset` command more robust and user-friendly.
I'll rebase after #36474 merges...

cc-ing reviewers: @mikedanese @errordeveloper @dgoodwin @jbeda
 2016-12-06 17:41:35 -08:00
Kubernetes Submit Queue
d4d6a32e9b Merge pull request #38123 from deads2k/api-48-remove-fields 
Automatic merge from submit-queue (batch tested with PRs 38194, 37594, 38123, 37831, 37084)

remove unnecessary fields from genericapiserver config

Cleans up some unnecessary fields in the genericapiserver config.
 2016-12-06 17:41:33 -08:00
Kubernetes Submit Queue
d40710988f Merge pull request #38136 from deads2k/auth-11-join-certs 
Automatic merge from submit-queue (batch tested with PRs 36990, 37494, 38152, 37561, 38136)

join client CA bundles

Last commit grabs client CA bundles from disparate parts of the auth config and makes a pool that contains all of them.

I suspect a rebase broke this because of ordering.  I'll keep these separate to make it easier for me to debug.
 2016-12-06 14:13:37 -08:00
Kubernetes Submit Queue
f600c94eab Merge pull request #37561 from deads2k/fed-01-types 
Automatic merge from submit-queue (batch tested with PRs 36990, 37494, 38152, 37561, 38136)

api federation types

First commit adds types that can back the kubernetes-discovery server with an `kubectl` compatible way of adding federated servers.  Second commit is just generated code.

After we have types, I'd like to start splitting `kubernetes-discovery` into a "legacy" mode which will support what we have today and a "normal" mode which will provide an API federation server like this: https://github.com/kubernetes/kubernetes/blob/master/docs/proposals/federated-api-servers.md that includes both discovery and proxy in a single server.  Something like this: https://github.com/openshift/kube-aggregator .

@kubernetes/sig-api-machinery @nikhiljindal
 2016-12-06 14:13:35 -08:00
deads2k
0a6193fbe4 add apiregistration types 2016-12-06 13:45:10 -05:00
Mike Danese
e225625a80 add a configuration for kubelet to register as a node with taints 
and deprecate register-schedulable
 2016-12-06 10:32:54 -08:00
deads2k
583dfbb0b1 generated 2016-12-06 13:10:38 -05:00
deads2k
b723333be3 move APIResourceConfigSource to master 2016-12-06 10:19:25 -05:00
deads2k
6ea1d5d53d join client CA bundles into the accept path for genericapiserver 2016-12-06 09:56:13 -05:00
Kenan Karamehmedovic
16453a3334 Fail fast if there is already a node with same name as the one being joined. 2016-12-06 15:46:15 +01:00
deads2k
fbb35b72ed update delegating auth to include front-proxy 2016-12-06 09:40:07 -05:00
deads2k
4f625db133 move client-ca to authentication args 2016-12-06 09:34:49 -05:00
Lucas Käldström
7a463eff08 Drain node on kubeadm reset and make it possible to specify if the node should be removed from the cluster as well 2016-12-06 15:43:59 +02:00
deads2k
985d502ed3 add basic wiring for kubernetes-discovery to become a kube-like api server 2016-12-06 08:19:39 -05:00
deads2k
f255e46ee4 refactor kubernetes-discovery to use cobra and prep for genericapiserver 2016-12-06 08:08:50 -05:00
Lucas Käldström
67d4ddaf59 Improve the kubeadm reset command. Reorder the functions and log more user-friendly output 2016-12-06 14:45:29 +02:00
Lucas Käldström
51d733f418 Remove the cni directory when resetting; otherwise kubelet can pick up the wrong config on the next kubeadm init run 2016-12-06 14:45:19 +02:00
Alexander Kanevskiy
1eeb3f155f Pass proxy environment variables to static pods 
To access outside world or cloud provider APIs it might be
required to use proxy.

Fixes: kubernetes/kubernetes#36573, kubernetes/kubeadm#5
 2016-12-06 14:38:48 +02:00
NickrenREN
34d13c996a eventclient create error info print 
Need to print error info when creating eventClient error , just as create kubeClient does 8 lines above
 2016-12-06 17:55:46 +08:00
NickrenREN
48026ce655 modify startKubelet return 
Since startKubelet() will always return nil, we donot need to judge its return err
 2016-12-06 12:08:45 +08:00
Kubernetes Submit Queue
2c61d2f80c Merge pull request #38121 from deads2k/auth-09-remove-rbac-super 
Automatic merge from submit-queue (batch tested with PRs 38111, 38121)

remove rbac super user

Cleaning up cruft and duplicated capabilities as we transition from RBAC alpha to beta.  In 1.5, we added a secured loopback connection based on the `system:masters` group name.  `system:masters` have full power in the API, so the RBAC super user is superfluous.

The flag will stay in place so that the process can still launch, but it will be disconnected.

@kubernetes/sig-auth
 2016-12-05 14:14:41 -08:00
Jordan Liggitt
4359054616
Detect long-running requests from parsed request info 2016-12-05 16:46:28 -05:00
Kubernetes Submit Queue
b1366bf55d Merge pull request #37976 from deads2k/controller-01-sa 
Automatic merge from submit-queue (batch tested with PRs 36352, 36538, 37976, 36374)

demonstrate separation of controller intializers

Currently, controllers are all initialized in a monster method that make it difficult to individually pick out whether there are side-effects, difficult to group related controllers for selective enablement, and impossible to determine if there are hidden dependencies.

This pull demonstrates how we can break apart the monolith and start start the process of grouping and naming controllers for selective enablement.  In addition, the use of a map will help expose dependency ordering amongst these controllers and the separate methods will make it a lot harder to have side effects.

This also moves us closer to being able to author reflective unit tests that help ensure that basic RBAC bootstrap roles are at least present, even if they aren't correct.

@nikhiljindal since you were looking at the federation controller manager
@sttts since we're looking at trying out RBAC on these.
 2016-12-05 11:08:47 -08:00
deads2k
2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
Kubernetes Submit Queue
5e41d0904f Merge pull request #37830 from sttts/sttts-stratify-cert-generation 
Automatic merge from submit-queue

Stratify apiserver cert generation

- move self-signed cert generation to `SecureServingOptions.MaybeDefaultWithSelfSignedCerts`
- make cert generation only depend on `ServerRunOptions`, not on an unfinished `Config` (this breaks the chicken-egg problem of a finished config in https://github.com/kubernetes/kubernetes/pull/35387#pullrequestreview-5368176)
- move loopback client config code into `config_selfclient.go`

Replaces https://github.com/kubernetes/kubernetes/pull/35387#event-833649341 by getting rid of duplicated `Complete`.
 2016-12-05 10:15:47 -08:00
Kubernetes Submit Queue
0701737698 Merge pull request #36373 from vwfs/kubeadm_fix_centos_ssl 
Automatic merge from submit-queue (batch tested with PRs 37366, 36373)

kubeadm: Let apiserver and controller-manager host-mount /etc/pki when required

#<!--  Thanks for sending a pull request!  Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->

**What this PR does / why we need it**:
This PR checks if /etc/pki is present on the host machine and adds a host-mount to the apiserver and controller-manager manifest if required.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #36150

**Special notes for your reviewer**:

**Release note**:
<!--  Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access) 
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`. 
-->
```release-note
Fix incompatible host mounts for SSL certificates when deploying on CentOS with kubeadm
```
 2016-12-05 08:13:42 -08:00
deads2k
5788317953 demonstrate separation of controller intializers 2016-12-05 10:24:45 -05:00
Dr. Stefan Schimanski
3f01c37b9d Update generated files 2016-12-05 16:05:52 +01:00