github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
94,475 Commits 1 Branch 31 Tags
d6f09f7dfb51cbed389e5bacbe4c83dfad3e9b97
Commit Graph

1108 Commits

Author SHA1 Message Date
Mike Danese
cc5b12cdff gce: redirect handshake server requests to metadata-concealment too 2020-09-25 17:50:53 -07:00
Varun Marupadi
04a51cac17 Allow the lifecycle of kube-proxy to be managed independently of the startup scripts for GCE 
Introduces a new env variable KUBE_PROXY_DISABLE which causes the configure scripts to skip over
the creation of both static pods as well as daemonset addons for kube-proxy.
When false, the behavior falls back to the default today, which is to rely on the value of
KUBE_PROXY_DAEMONSET to decide whether to start static pods on the nodes or an addon on the
master.
 2020-09-22 20:37:35 -07:00
Kubernetes Prow Robot
6b39cdf376 Merge pull request #93305 from alculquicondor/lssd-ephemeral 
Mount kubelet and container runtime rootdir on LSSD
 2020-09-22 12:22:06 -07:00
Kubernetes Prow Robot
dbaaed3592 Merge pull request #92140 from ash2k/ash2k/fix-error-check 
Fix error check logic in test
 2020-09-22 12:21:38 -07:00
Aldo Culquicondor
2ae4eeb3ea Mount kubelet and container runtime rootdir on LSSD 
When environment variable NODE_LOCAL_SSD_EPHEMERAL=true,
create a RAID 0 array on all attached SSDs to mount:

- kubelet root dir
- container runtime root dir
- pod logs dir

Those directories account for all ephemeral storage.
An array is not created when there is only one SSD.

Change-Id: I22137f1d83fc19e9ef58a556d7461da43e4ab9bd
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-09-14 14:32:28 -04:00
David Eads
c7911a384c remove pod presets 2020-09-14 09:24:40 -04:00
Kubernetes Prow Robot
0627c35411 Merge pull request #93781 from kisieland/allow-to-switch-off-logrotate 
Disable log rotation of kubernetes and pod logs
 2020-09-10 16:10:14 -07:00
Daniel Gutowski
adf7ed4241 Allow to disable logrotation of kubernetes and pod logs 
Make logrotate disabled by default
 2020-09-03 11:21:44 +00:00
Shihang Zhang
38f040c0a8 bind metadata proxy to 0.0.0.0 2020-09-01 18:34:02 -07:00
Stephen Augustus
e59d9f372d Update CNI plugins to v0.8.7 
ref: https://github.com/containernetworking/plugins/releases/tag/v0.8.7

Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-08-31 09:01:07 -04:00
Kubernetes Prow Robot
b02b84870c Merge pull request #94307 from xmudrii/update-cri-tools 
Update cri-tools to v1.19.0
 2020-08-28 10:40:03 -07:00
Kubernetes Prow Robot
a9d1482710 Merge pull request #93311 from logicalhan/monitoring-role 
Add bootstrap policy for monitoring endpoints
 2020-08-28 06:36:52 -07:00
Marko Mudrinić
084bc9db43 Update cri-tools to v1.19.0 2020-08-28 15:34:42 +02:00
Kubernetes Prow Robot
fd20de89d9 Merge pull request #90433 from joakimr-axis/joakimr-axis_configure-helper.sh 
Fix shellcheck w/e in cluster/gce/gci/configure-helper.sh
 2020-08-27 19:05:47 -07:00
Han Kang
f57611970c add bootstrap policy for monitoring roles 
(we enable metrics and pprof by default, but that doesn't mean
 we should have full cluster-admin access to use those endpoints)

Change-Id: I20cf1a0c817ffe3b7fb8e5d3967f804dc063ab03

remove pprof but add read access to detailed health checks

Change-Id: I96c0997be2a538aa8c689dea25026bba638d6e7d

add base health check endpoints and remove the todo for flowcontrol, as there is an existing ticket

Change-Id: I8a7d6debeaf91e06d8ace3cb2bd04d71ef3e68a9

drop blank line

Change-Id: I691e72e9dee3cf7276c725a12207d64db88f4651
 2020-07-24 09:21:55 -07:00
Jordan Liggitt
3b323b2ef0 Limit critical pods to kube-system by default 2020-07-17 09:52:19 -04:00
Kubernetes Prow Robot
c430183fff Merge pull request #91854 from bsdnet/gci 
Update the COS E2E image policy
 2020-07-02 06:41:15 -07:00
Roy Yang
f86b720cf6 Update the COS E2E image policy 
Signed-off-by: Roy Yang <royyang@google.com>
 2020-06-30 15:24:35 -07:00
Kubernetes Prow Robot
6257f83f88 Merge pull request #92569 from dims/tolerate-slightly-different-containerd-urls 
Tolerate slightly different containerd urls
 2020-06-29 18:35:08 -07:00
Kubernetes Prow Robot
de491f11b1 Merge pull request #92444 from dims/additional-check-for-containerd-for-better-loading-images 
Additional test for loading images with containerd
 2020-06-29 18:34:40 -07:00
Joakim Roubert
0c48e0e1bb Find what fails pull-kubernetes-e2e-gce-ubuntu-containerd 
Change-Id: I7919d03926880cd9c93c61a07ada645ebfe32a89
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 09:43:37 +02:00
Joakim Roubert
b529485f65 Review update 
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:58 +02:00
Joakim Roubert
605be2216b Sync with master 
Add fixes for newly added code.

Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:58 +02:00
Joakim Roubert
196ae34f9b Remove previously added '' no longer needed 
Adapt to changes on master since the first commit here.

Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:57 +02:00
Joakim Roubert
a20a005986 No quotes needed/wanted for CURL_RETRY_CONNREFUSED 
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:57 +02:00
Joakim Roubert
1b9e9c6fe6 Add fix for run-kube-controller-manager-as-non-root 
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:57 +02:00
Joakim Roubert
11f6d43747 Updates after review 
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:57 +02:00
Joakim Roubert
4abf7da53e Update cluster/gce/gci/configure-helper.sh 
Co-authored-by: Aaron Crickenberger <spiffxp@google.com>
 2020-06-29 08:43:56 +02:00
Joakim Roubert
3e211386c1 Update cluster/gce/gci/configure-helper.sh 
Co-authored-by: Aaron Crickenberger <spiffxp@google.com>
 2020-06-29 08:43:56 +02:00
Joakim Roubert
d66456fe01 Update cluster/gce/gci/configure-helper.sh 
Co-authored-by: Aaron Crickenberger <spiffxp@google.com>
 2020-06-29 08:43:56 +02:00
Joakim Roubert
6e8504003b Update cluster/gce/gci/configure-helper.sh 
Co-authored-by: Aaron Crickenberger <spiffxp@google.com>
 2020-06-29 08:43:56 +02:00
Joakim Roubert
0c899b2bc2 Mitigate newly added shellcheck issues 
Issues not present when the original patch was created have now also
been fixed.

Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:56 +02:00
Joakim Roubert
826274c867 Updates after code review 
Add double quotes at assignments as requested by phenixblue.

Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:55 +02:00
Joakim Roubert
3fb0d1c15d Update after code review 
Simplified local variable declaration as suggested by phenixblue.

Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
 2020-06-29 08:43:55 +02:00
Joakim Roubert
1f9704c713 Code review update 
Change-Id: I384a73efe995c529fb4b3636cb9639eafb90787f
Signed-off-by: Joakim Roubert <joakimr@axis.com>
 2020-06-29 08:43:55 +02:00
Joakim Roubert
80a8566a8c Fix shellcheck w/e in cluster/gce/gci/configure-helper.sh 
Change-Id: Ic8fca2509a7cb07f4170eaf25a878036d18ba51c
Signed-off-by: Joakim Roubert <joakimr@axis.com>
 2020-06-29 08:43:55 +02:00
Davanum Srinivas
a653c21479 Tolerate slightly different containerd urls 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-27 06:41:19 -04:00
Jordan Liggitt
a36aa9c31e Stop enabling alpha runtimeclass API 2020-06-25 20:29:11 -04:00
Kubernetes Prow Robot
c3a6a66592 Merge pull request #92395 from sambdavidson/vip-sni-fix 
Added missing apiserver config var.
 2020-06-24 01:59:54 -07:00
Davanum Srinivas
2d7c47d2be Additional test for loading images with containerd 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-23 18:21:59 -04:00
Jonathan Sun
2f7874bd4b Install firewall logging rules to log metadata server access for unauthorized components. 2020-06-23 11:22:05 -07:00
Samuel Davidson
31ae200ebf fix for missing kube-env var in SNI config 2020-06-22 13:33:42 -07:00
Kubernetes Prow Robot
d140769e4d Merge pull request #92344 from jherrera123/restore-docker-focal-version 
Restore docker focal version in gci nodes
 2020-06-21 15:28:39 -07:00
Kubernetes Prow Robot
4c8207dc1e Merge pull request #92314 from dims/set-better-default-for-loading-images-2 
Set better default commands for loading images - take 2
 2020-06-21 05:12:39 -07:00
Kubernetes Prow Robot
c6011f2d54 Merge pull request #91390 from vinayakankugoyal/nonroot 
Updating kube-controller-manager to run as non-root.
 2020-06-21 00:56:38 -07:00
Jesus Herrera
9714f3ac86 Restore docker focal version 2020-06-20 11:16:25 -04:00
Kubernetes Prow Robot
2d1c417934 Merge pull request #92258 from SidneyShen/node-boot-nvme-disk-fix 
Add logic to check if local NVMe SSDs in node boot-up script
 2020-06-19 11:38:14 -07:00
Kubernetes Prow Robot
4369eb3155 Merge pull request #92083 from alculquicondor/sched_config_script 
Support kube-scheduler component-config in GCE init scripts
 2020-06-19 11:36:53 -07:00
Kubernetes Prow Robot
87e6ec493c Merge pull request #90223 from caesarxuchao/remove-unused-var 
Remove unused network proxy variables and functions
 2020-06-19 11:36:14 -07:00
Davanum Srinivas
60bd17a61f Set better default commands for loading images - take 2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-19 14:25:12 -04:00