github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
32,351 Commits 1 Branch 31 Tags 1,019 MiB
d6e23b984c
Commit Graph

200 Commits

Author SHA1 Message Date
k8s-merge-robot
94752c12a8 Merge pull request #18128 from ZJU-SEL/fix-typo 
Auto commit by PR queue bot
 2015-12-07 15:59:08 -08:00
He Simei
387d861d4e deprecate confusing flag usage 2015-12-04 09:09:23 +08:00
nikhiljindal
5c556baa2f Removing duplicate NewEtcdStorage code 2015-12-03 01:37:44 -08:00
gmarek
459131fd92 Use KubeletPort reported in NodeStatus instead of cluster-wide master config, take 2. 2015-12-02 13:38:17 +01:00
k8s-merge-robot
a836b1e261 Merge pull request #17326 from caesarxuchao/grooupVersion-lastest 
Auto commit by PR queue bot
 2015-12-01 05:05:40 -08:00
Chao Xu
6e192760e3 refactoring latest.go GroupVersion; 
clean up latest.go GroupVersions;
remove latest.GroupMeta.Group;
remove latest.GroupMeta.Version.
 2015-11-30 11:30:21 -08:00
harry
477da92002 Move hostIP detection from master to server 
Add PublicAddress in test files

Move valid public addr into util
 2015-11-30 16:17:37 +08:00
deads2k
a87d927588 update client.Config to use GroupVersion 2015-11-21 08:29:26 -05:00
feisky
13dce74adb Gendocs for docs/admin/kube-* 2015-10-25 19:24:23 +08:00
nikhiljindal
72914fd81b Updating documentation to reflect the latest status of extension resources 2015-10-21 13:03:33 -07:00
nikhiljindal
7bcc4a6755 Allowing runtimeConfig to support enabling/disabling specific extension resources 2015-10-15 14:24:22 -07:00
k8s-merge-robot
8c753c84eb Merge pull request #15191 from caesarxuchao/validate-UID 
Auto commit by PR queue bot
 2015-10-15 04:20:24 -07:00
Chao Xu
be0754750f add common fields validation before updaing a resource; make the repair of malformed update request flippable by a flag. 2015-10-13 16:28:32 -07:00
Jordan Liggitt
1043126135 Refactor SSH tunneling, fix proxy transport TLS/Dial extraction 2015-10-12 11:17:01 -04:00
k8s-merge-robot
95b265390e Merge pull request #14900 from mqliang/log 
Auto commit by PR queue bot
 2015-10-10 09:29:53 -07:00
Chao Xu
80f213c376 "experimental" -> "extensions" 2015-10-09 15:14:03 -07:00
Chao Xu
0b7e3c7dd1 experimental/v1alpha1->extensions/v1beta1 2015-10-09 15:01:33 -07:00
mqliang
5a349aeb58 capitalize the first letter of log files in module cmd 2015-10-06 13:56:37 +08:00
jayvyas
be2a2ec3cd NodePort apiserver option for exposing KubernetesMasterService NodePort on startup. 2015-10-05 20:34:25 -04:00
Wojciech Tyczynski
0f1cbe37a4 Events in separate etcd 2015-10-05 10:54:24 +02:00
eulerzgy
b1be6bc8ea add log err value 2015-09-29 17:09:25 +08:00
Chao Xu
c449baea46 Remove ExpStorageVersion and Add StorageVersions to APIServer struct 2015-09-24 17:44:59 -07:00
Chao Xu
ae1293418b move experimental/v1 to experimental/v1alpha1; 
use "group/version" in many places where used to expect "version" only.
 2015-09-24 15:32:11 -07:00
k8s-merge-robot
6c30a0e170 Merge pull request #13955 from caesarxuchao/API-discovery 
Auto commit by PR queue bot
 2015-09-21 14:01:36 -07:00
Chao Xu
1278771b34 let apiserver support api discovery 2015-09-21 12:20:24 -07:00
Federico Simoncelli
f21d9ac9e4 Support pods with containers using host ipc 
Add a HostIPC field to the Pod Spec to create containers sharing
the same ipc of the host.

This feature must be explicitly enabled in apiserver using the
option host-ipc-sources.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
 2015-09-18 21:13:39 +02:00
k8s-merge-robot
445fde3dc5 Merge pull request #13447 from pweil-/pid-mode 
Auto commit by PR queue bot
 2015-09-16 23:34:35 -07:00
Chao Xu
9bef5ff99d register experimental apis as apis/experimental/.. 
mark --api-version as deprecated
 2015-09-15 11:25:01 -07:00
Paul Weil
ed80c2b940 pid mode 2015-09-15 13:51:44 -04:00
Chao Xu
c733124920 address lavalamp's comments 2015-09-11 17:34:32 -07:00
Chao Xu
3dc5223f4f check if experimental is enabled during startup of client and server 2015-09-11 17:34:32 -07:00
Chao Xu
dd6c121d7f massive changes 2015-09-11 17:31:47 -07:00
Daniel Smith
ccd9e3e247 Run all automated tools 2015-09-11 16:11:08 -07:00
Daniel Smith
4c2adabf42 move; sed replace 2015-09-11 16:03:22 -07:00
k8s-merge-robot
f867ba3ba1 Merge pull request #13682 from ryfow/block-startup-for-cert 
Auto commit by PR queue bot
 2015-09-10 00:24:23 -07:00
k8s-merge-robot
434f05c0e3 Merge pull request #13705 from liggitt/attach 
Auto commit by PR queue bot
 2015-09-09 18:19:35 -07:00
k8s-merge-robot
45742e885c Merge pull request #13452 from aveshagarwal/master-api-rate-burst-remove 
Auto commit by PR queue bot
 2015-09-09 00:42:59 -07:00
Jordan Liggitt
b2268574c5 Add pods/attach to long running requests, protect in admission for privileged pods 2015-09-09 00:49:00 -04:00
k8s-merge-robot
015389eba1 Merge pull request #13672 from jayunit100/apiserver-cert-doc 
Auto commit by PR queue bot
 2015-09-08 11:42:28 -07:00
Ryan Fowler
d22a29cf66 Block apiserver startup on certificate 
With some regularity, if the root certificate file needs to be generated
the apiserver could come up on the non-secure port before the cert
was generated.

`hack/local-up-cluster.sh` requires that apiserver.crt exists
before the replication controller starts. Otherwise service accounts
and secrets don't work.

This change just takes the certificate handling code out of the `go`.
 2015-09-08 11:35:32 -05:00
jay vyas
4283201aea [minor] cert file cmd line string fix 2015-09-08 09:50:15 -04:00
Ruddarraju, Uday Kumar Raju
f8d6f13f7c Union of authorizers 2015-09-04 11:04:50 -07:00
derekwaynecarr
ab1f4c5c2c Fix typo in api server flag 2015-09-04 11:38:36 -04:00
Avesh Agarwal
f0d0e2a089 Remove unused api-rate and api-burst params. 2015-09-03 17:57:35 -04:00
Timothy St. Clair
2145371c45 Plumb through configuration option to disable watch cache 
because we are seeing anomolies on our cluster.
 2015-08-28 12:36:40 -05:00
Yu-Ju Hong
3bc2157889 Merge pull request #13100 from pweil-/cap-priv-sources 
use privileged source object
 2015-08-25 16:10:50 -07:00
Yifan Gu
aca6368e3c plugin/oidc: add minor documentation details. 2015-08-24 15:25:26 -07:00
Paul Weil
709e654686 use privileged source object 2015-08-24 16:53:43 -04:00
Yifan Gu
6376e41850 plugin/pkg/auth: add OpenID Connect token authenticator. 
Also add related new flags to apiserver:
"--oidc-issuer-url", "--oidc-client-id", "--oidc-ca-file", "--oidc-username-claim",
to enable OpenID Connect authentication.
 2015-08-21 15:27:08 -07:00
Saad Ali
c1a2c6dee7 Merge pull request #10713 from thockin/no-localhost-endpoints 
Check loopback and link-local multicast endpoints
 2015-08-19 12:48:33 -07:00
gmarek
3c907b33e1 Remove external function setting Kubelet flags 2015-08-19 13:20:41 +02:00
Tim Hockin
86f4535871 Check loopback and link-local multicast endpoints 
Previously we just disallowed link-local (unicast).  This disallows loopback
and link-local multicast.
 2015-08-18 21:50:27 -07:00
Kris Rousey
ae6c64d9bb Moving everyone to unversioned client 2015-08-18 10:23:03 -07:00
Bin Wang
0547c52c2c Enforce specified service-cluster-ip-range is not too large 2015-08-18 10:35:21 +08:00
Eric Paris
347c7b5b82 Mark some flags as deprecated so thus don't show up in help 2015-08-14 19:28:03 -04:00
Ruddarraju, Uday Kumar Raju
937db3f70d Keystone authentication plugin 2015-08-13 09:46:30 -07:00
Eric Paris
1333fad22a Remove BindClientConfigFlags entirely 
They are unused.
 2015-08-11 16:26:24 -04:00
Alex Robinson
11fcd3bb39 Merge pull request #12478 from eparis/use-pflag-network 
Use pflags for net.IP and net.IPNet instead of custom flag types
 2015-08-10 11:55:54 -07:00
Eric Paris
f3282ff4d2 Use pflag IPNet instead of our own helpers 
Since pflag can handle net.IPNet arguements use that code. This means
that our code no longer has casts back and forth and just natively uses
net.IPNet.
 2015-08-10 10:15:08 -04:00
Eric Paris
fe6b633e2a Convert for util.IP to just use a net.IP 
pflag can handle IP addresses so use the pflag code instead of doing it
ourselves. This means our code just uses net.IP and we don't have all of
the useless casting back and forth!
 2015-08-10 10:15:05 -04:00
Veres Lajos
9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
Eric Paris
7cbb52ce04 Use the pflag StringSlice instead of implementing it ourselves 
Saves code and makes our code easier to read because we just use normal
[]string instead of custom type.
 2015-08-06 19:16:13 -04:00
Mike Danese
17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese
8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Muhammed Uluyol
58a875ac2c Add (stopgap) support for an experimental API prefix. 2015-07-30 18:14:29 -07:00
Wojciech Tyczynski
99d6b0e9f4 Rename storage interfaces 2015-07-30 10:34:57 +02:00
Wojciech Tyczynski
d17985f1ad Move StorageInterface to pkg/storage. 2015-07-30 09:32:04 +02:00
Brendan Burns
99b02bfe73 Add optional throttling to the proxy/exec/attach methods 2015-07-29 13:51:20 -07:00
Marek Grabowski
7cc1855c27 Merge pull request #11806 from wojtek-t/private_etcd_helper 
Make EtcdHelper private - expose only StorageInterface
 2015-07-27 11:21:28 +02:00
Marek Grabowski
00cd52dd68 Merge pull request #10656 from krousey/timeouts 
Adding proper timeouts.
 2015-07-27 10:56:58 +02:00
Wojciech Tyczynski
9d943df397 Private EtcdHelper 2015-07-27 09:20:13 +02:00
Mike Danese
859f440f74 Merge pull request #11666 from wojtek-t/refactor_etcd_helper 
Extract EtcdHelper interface
 2015-07-24 11:07:46 -07:00
Mike Danese
ae1c8e55ef Merge pull request #11737 from thockin/cleanup-remove-v1beta3 
Remove v1beta3
 2015-07-24 10:25:56 -07:00
Wojciech Tyczynski
fdb3f45077 Extract EtcdHelper interface 2015-07-24 09:28:02 +02:00
Vish Kannan
2a5a6b99cb Merge pull request #10635 from smarterclayton/cloud_provider_should_err 
Cloud provider should return an error
 2015-07-23 17:50:45 -07:00
Tim Hockin
1c3233a1d4 Remove v1beta3 2015-07-23 17:21:27 -07:00
Wojciech Tyczynski
ee92aa3897 Prepare for extracting EtcdHelper interface 2015-07-23 09:37:39 +02:00
Kris Rousey
1d033b9912 Adding proper timeouts. 2015-07-10 14:42:59 -07:00
nikhiljindal
c465a50891 Stop exposing v1beta3 by default 2015-07-08 15:27:41 -07:00
Eric Paris
cde68d294b Do not create subject alt dns names for kubelet self signed certs 
PR #10643 Started adding the dns names for the kubernetes master to self
sign certs which were created. The kubelet uses this same code, and thus
the kubelet cert started saying it was valid for these name as well.
While hardless, the kubelet cert shouldn't claim to be these things. So
make the caller explicitly list both their ip and dns subject alt names.
 2015-07-04 23:01:01 -04:00
Eric Paris
7a29af4d2c Add Subject Alt Names to self signed apiserver certs 
A cert from GCE shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes,
- DNS:kubernetes.default
- DNS:kubernetes.default.svc
- DNS:kubernetes.default.svc.cluster.local
- DNS:e2e-test-zml-master

A similarly configured self signed cert shows:
- IP Address:23.236.49.122
- IP Address:10.0.0.1
- DNS:kubernetes
- DNS:kubernetes.default
- DNS:kubernetes.default.svc

So we are missing the fqdn kubernetes.default.svc.cluster.local. The
apiserver does not even know the fqdn! it's defined entirely by the
kubelet! We also do not have the cluster name certificate. This may be
--cluster-name= argument to the apiserver but will take a bit more
research.
 2015-07-01 17:05:17 -04:00
Clayton Coleman
d8bb4552de Cloud provider should return an error 
Not fatal - makes cloud provider useful in methods that
can return error.
 2015-07-01 14:41:49 -04:00
Aaron Levy
e991a1543f Use blank default for old-etcd-prefix 2015-06-26 18:19:40 -07:00
Jordan Liggitt
64d61185eb Re-enable ECDSA private server key use 2015-06-16 23:03:29 -04:00
Mike Danese
677855f1a9 fix longRunningRequestRE to something that doesn'tt push -f orig match pretty much all requests. 2015-06-16 13:48:10 -07:00
Justin Santa Barbara
6f3879e3bb Actually pass down ServiceNodePortRange so it is used 
Also fix default range to match what we've documented (off-by-one)

Fix #9318
 2015-06-08 18:03:42 -04:00
krousey
5aa0219ada Merge pull request #9292 from cjcullen/test_pull_8946 
Add an ssh tunnel option to the /proxy endpoint
 2015-06-08 14:30:12 -07:00
CJ Cullen
cb317604ab Some refactoring. Only selectively use ssh proxy. 
Add NetworkName to gce.Config.
Add locking to uses of master.tunnels.
 2015-06-05 14:55:16 -07:00
Brendan Burns
5115fd5703 Add key generation. 2015-06-05 14:55:15 -07:00
Brendan Burns
30a89968a4 Initial proxy tunnelling. 2015-06-05 14:54:20 -07:00
Prashanth Balasubramanian
50eb9ad598 Use https only for the kubelet port 2015-06-05 14:06:38 -07:00
Chao Xu
ef61b031f5 make v1 enabled by default 2015-06-04 11:37:44 -07:00
Daniel Smith
1690617ee6 remove ro service 2015-06-03 16:45:54 -07:00
Prashanth Balasubramanian
0162529ea5 Default minRequestTimeout to 1800s 2015-06-03 08:47:45 -07:00
Prashanth Balasubramanian
448867073d Pipe minRequestTimeout as an arg to the apiserver 2015-06-03 08:44:14 -07:00
CJ Cullen
934c553c04 Clarify description/usage of --advertise-address, Master.PublicAddress 2015-06-02 15:23:32 -07:00
CJ Cullen
085a48a70e Add an advertise-address flag. This allows the address that the apiserver binds 
to (possibly 0.0.0.0) to be different than the address on which members of the cluster
can reach the apiserver (possibly not a local interface).
 2015-06-02 14:33:15 -07:00
Eric Tune
3db1f69eea Merge pull request #8764 from eparis/sd_notify 
API server explicitly notify systemd of successful startup
 2015-06-01 10:28:49 -07:00
Kris
f4e2c738f6 Delete deprecated API versions 
pkg/service:

There were a couple of references here just as a reminder to change the
behavior of findPort. As of v1beta3, TargetPort was always defaulted, so
we could remove findDefaultPort and related tests.

pkg/apiserver:

The tests were using versioned API codecs for some of their encoding
tests. Necessary API types had to be written and registered with the
fake versioned codecs.

pkg/kubectl:

Some tests were converted to current versions where it made sense.
 2015-05-29 17:17:35 -07:00
Tim Hockin
3005471100 Add new apiserver flags for clusterIP (nee portal) 
Leave old flags but marked as deprecated
 2015-05-28 16:10:44 -07:00