github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,416 Commits 1 Branch 31 Tags
f66513d98a7759ece08b67e0c173f30a96b5591e
Commit Graph

3308 Commits

Author SHA1 Message Date
Lubomir I. Ivanov
540c272f7b kubeadm: use EnsureCertificateAuthorityIsEmbedded() for file discovery 
For file discovery, in case the user feeds a file for the CA
from the kubeconfig, make sure it's preloaded and embedded using
the new function EnsureCertificateAuthorityIsEmbedded().

This commit also applies cleanup:
- unroll validateKubeConfig() into ValidateConfigInfo() as this way
the default cluster can be re-used.
- in ValidateConfigInfo() reuse the variable config instead of creating
a new variable kubeconfig.
- make the Ensure* functions return descriptive errors instead of
wrapping the errors on the side of the callers.
 2019-08-05 03:23:41 +03:00
Lubomir I. Ivanov
e142bf6203 kubeadm: enable secure serving for the kube-scheduler 
Secure serving was already enabled for kube-controller-manager.
Do the same for kube-scheduler, by passing the flags
"authentication-kubeconfig" and "authorization-kubeconfig"
to the binary in the static Pod.

This change allows the scheduler to perform reviews on incoming
requests, such as:
- authentication.k8s.io/v1beta1 TokenReview
- authorization.k8s.io/v1 SubjectAccessReview

The authentication and authorization checks for "system:kube-scheduler"
users were previously enabled by PR 72491.
 2019-08-03 19:15:32 +03:00
Kubernetes Prow Robot
44f3aafc1a Merge pull request #80867 from fabriziopandini/fix-certs-generation-for-external-etcd 
kubeadm: fix-certs-generation-for-external-etcd
 2019-08-02 20:28:06 -07:00
Kubernetes Prow Robot
40178ccf7f Merge pull request #80894 from bart0sh/PR0077-kubeadm-simplified-returns 
kubeadm: simplified returns
 2019-08-02 12:40:35 -07:00
mattmelgard
f03bbe1b6d Add a defer to kubelet boostrap token deletion 2019-08-02 09:57:00 -06:00
Kubernetes Prow Robot
f6bc0ea03e Merge pull request #80891 from bart0sh/PR0076-kubeadm-handle-joinControPlaneDoneTemp.Execute-errors 
handle joinControPlaneDoneTemp.Execute errors
 2019-08-02 08:44:05 -07:00
Kubernetes Prow Robot
564eff757c Merge pull request #80862 from drpaneas/return_warnings 
kubeadm reset: replace Errorf with Warningf
 2019-08-02 04:54:11 -07:00
Ed Bartosh
6b21af79c2 kubeadm: simplified returns 2019-08-02 13:01:02 +03:00
Ed Bartosh
d0506f5a50 handle joinControPlaneDoneTemp.Execute errors 2019-08-02 12:37:57 +03:00
Kubernetes Prow Robot
547617a523 Merge pull request #80804 from olivierlemasle/add-join-timeout 
Make kubeadm join discovery wait for a finite time
 2019-08-01 13:38:41 -07:00
Kubernetes Prow Robot
f5c9d38a3f Merge pull request #80833 from neolit123/1.16-update-version 
kubeadm: update the version constants for 1.16
 2019-08-01 11:52:44 -07:00
fabriziopandini
59fb766b42 fix-certs-generation-for-external-etcd 2019-08-01 17:51:33 +02:00
Panagiotis Georgiadis
f946a2500b kubeadm reset: replace Errorf with Warningf 2019-08-01 16:40:47 +02:00
Olivier Lemasle
5c61056432 Make discovery wait for a finite time 
Add a timeout to discovery in `kubeadm join`,
when using a discovery file.
 2019-08-01 13:17:45 +02:00
Kubernetes Prow Robot
3758426884 Merge pull request #80798 from xlgao-zju/ignore-not-found 
do not return error, when the ds is not found
 2019-07-31 22:37:03 -07:00
Lubomir I. Ivanov
8aa69ea502 kubeadm: update the supported version for 1.16 2019-08-01 05:57:25 +03:00
Lubomir I. Ivanov
e379164bc7 kubeadm: apply a number of _test fixes 
- common_test.go: use constants.CurrentKubernetesVersion
- diff_test.go: write temporary files instead of using testdata.
this allows us to not have to bump kubernetesVersions in the
testdata files (now removed)
- policy_test.go: apply fixes to tests that were previously passing,
but a bump in constants.go breaks them. these tests now work
for any version.
 2019-08-01 05:57:24 +03:00
Xianglin Gao
1b6ec47a04 do not return error, when the ds is not found 
Signed-off-by: Xianglin Gao <xianglin.gxl@alibaba-inc.com>
 2019-08-01 09:12:14 +08:00
Kubernetes Prow Robot
82a252ad74 Merge pull request #80676 from fabriziopandini/delete-bootstrap-kubelet.conf 
kubeadm: delete bootstrap-kubelet.conf after TLS bootstrap
 2019-07-31 00:24:47 -07:00
Kubernetes Prow Robot
5bfa3664fb Merge pull request #80531 from Nordix/kubeadm-ds-FG-propagate 
Propagate kubeadm dual-stack feature-gate to all k8s components
 2019-07-31 00:24:21 -07:00
Kubernetes Prow Robot
000932d584 Merge pull request #80675 from fabriziopandini/fix-file-discovery 
Fix kubeadm file discovery
 2019-07-30 22:44:33 -07:00
Arvinderpal Wander
585ef375bb Kubeadm FG for dual-stack was introduced in #80145. This PR 
progagates the kubeadm FG to the individual k8scomponents
on the control-plane node.

* Note: Users who want to join worker nodes to the cluster
will have to specify the dual-stack FG to kubelet using the
nodeRegistration.kubeletExtraArgs option as part of their
join config. Alternatively, they can use KUBELET_EXTRA_ARGS.

kubeadm FG: kubernetes/kubeadm#1612
 2019-07-30 07:27:51 -07:00
fabriziopandini
df08af0349 feedback 1 2019-07-29 10:48:23 +02:00
fabriziopandini
d63e778f6f fix-file-discovery 2019-07-27 19:19:29 +02:00
fabriziopandini
f4ad37d7ca delete-bootstrap-kubelet.conf 2019-07-27 15:36:24 +02:00
fabriziopandini
ada6b0ddf1 autogenerated 2019-07-27 15:21:24 +02:00
Kubernetes Prow Robot
9bae1bc568 Merge pull request #80648 from odinuge/kubeadm-upgrade-diff-err 
Fix error handling issue in kubeadm upgrade diff
 2019-07-26 20:16:48 -07:00
Kubernetes Prow Robot
8f1eeacb78 Merge pull request #80573 from bart0sh/PR0075-kubeadm-handle-ResetClusterStatusForNode-errors 
kubeadm: handle ResetClusterStatusForNode errors
 2019-07-26 09:56:25 -07:00
Kubernetes Prow Robot
688f567698 Merge pull request #80307 from bart0sh/PR0073-kubeadm-remove-pkg-kubeapiserver-authorizer-modes-dependency 
kubeadm: remove dependency on pkg/kubeapiserver/authorizer/modes
 2019-07-26 09:55:59 -07:00
Odin Ugedal
2522e782dd Fix error handling issue in kubeadm upgrade 
The error was unintentionally set inside the scope of the if statement,
hiding possible errors.
 2019-07-26 18:51:29 +02:00
Kubernetes Prow Robot
bf2dd03083 Merge pull request #80318 from davidxia/fix-err-caps 
cleanup: fix some log and error capitalizations
 2019-07-25 10:41:28 -07:00
Ed Bartosh
5dd9d6a19f kubeadm: handle ResetClusterStatusForNode errors 
Handled errors returned by ResetClusterStatusForNode function when
resetting cluster status for a control-plane node.
 2019-07-25 15:45:59 +03:00
Ed Bartosh
70f82f0dda kubeadm: add forgotten error check 
'kubeadm config images pull' command ignores pulling errors due to
forgotten error check.

Added the check to correctly output errors if they occur.
 2019-07-24 17:44:22 +03:00
alan
ca8d5759ff add link of kubeadm config doc 2019-07-22 22:44:30 +08:00
David Xia
fabfd950b1 cleanup: fix some log and error capitalizations 
Part of https://github.com/kubernetes/kubernetes/issues/15863
 2019-07-20 18:26:16 -04:00
Kubernetes Prow Robot
cfabadb0eb Merge pull request #80296 from bart0sh/PR0072-remove-util-procfs-dependency 
kubeadm: remove dependency on pkg/util/procfs
 2019-07-20 00:40:54 -07:00
Ed Bartosh
2adb09f0e1 kubeadm: remove dependency on pkg/util/procfs 
Run pidof utility to determine if systemd-resolved is running
instead of calling procfs.PidOf.
 2019-07-19 19:09:53 +03:00
Ed Bartosh
d60fdcc6ff kubeadm: remove dependency on pkg/kubeapiserver/authorizer/modes 
moved constants from pkg/kubeapiserver/authorizer/modes
to kubeadm/app/constants module.
 2019-07-19 11:50:18 +03:00
RainbowMango
a4ca944d53 kubeadm should always fall back to client version when there is any internet issue 2019-07-19 15:13:47 +08:00
Ed Bartosh
d221148121 kubeadm: get rid of dependency on pkg/util/node 
Created local copy of GetHostname API to avoid
dependency to pkg/util/node.
 2019-07-17 18:49:39 +03:00
Kubernetes Prow Robot
8e3a2f2a5b Merge pull request #80165 from SataQiu/fix-kubeadm-20190715 
kubeadm: fix the bug that bazel build does not respect hack/print-workspace-status.sh
 2019-07-16 03:55:24 -07:00
Kubernetes Prow Robot
7e7bb5cf3a Merge pull request #80050 from chuckha/jsontags 
[kubeadm] Adds json struct tags to exposed API types
 2019-07-16 02:39:23 -07:00
SataQiu
298909e20e kubeadm: use local copy of kubectl's version package 2019-07-16 09:51:10 +08:00
Kubernetes Prow Robot
ab8506fb9b Merge pull request #80115 from gyuho/kubernetes-version 
kubeadm/*/phases/init/certs,kubeconfig: add "kubernetes-version" flag
 2019-07-15 16:33:37 -07:00
Kubernetes Prow Robot
768acf6009 Merge pull request #80145 from Nordix/kubeadm-ds-feature-gate 
Adds kubeadm feature-gate for dual-stack (IPv6DualStack)
 2019-07-15 14:54:14 -07:00
Chuck Ha
74ba11b0cd [kubeadm] Adds json struct tags to exposed API types 
Signed-off-by: Chuck Ha <chuckh@vmware.com>
 2019-07-15 11:14:40 -04:00
Kubernetes Prow Robot
303509cdf5 Merge pull request #80103 from SataQiu/cleanup-kubeadm-20190712 
kubeadm: cleanup unnecessary k8sVer parameter for GetStaticPodSpecs
 2019-07-15 03:23:06 -07:00
Arvinderpal Wander
79e7a4c0da Adds kubeadm feature-gate for dual-stack (IPv6DualStack). 
Issue: #1612
 2019-07-14 19:44:48 -07:00
Gyuho Lee
bad7a3fbbd kubeadm/*/phases/init/certs,kubeconfig: add "kubernetes-version" flag 
If empty "--kubernetes-version" is given (as it's not configurable now)
k8s.io/kubernetes/cmd/kubeadm/app/util/version.go.KubernetesReleaseVersion
will fetch the version from the internet.

But, this can fail:

% kubeadm init phase certs ca --cert-dir ...
unable to fetch file. URL: "https://dl.k8s.io/release/stable-1.txt", status: 502 Bad Gateway
failed to run commands: exit status 1

Can happen to other commands:

% kubeadm init phase kubeconfig controller-manager ...
% kubeadm init phase kubeconfig scheduler ...

This make "--kubernetes-version" configurable, so users can enable offline mode.

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-12 11:05:43 -07:00
SataQiu
b23772df80 kubeadm: cleanup unnecessary k8sVer parameter for GetStaticPodSpecs 2019-07-13 00:26:07 +08:00