Commit Graph

35 Commits

Author SHA1 Message Date
Deyuan Deng 684bb8868e Admission doc cleanup 2015-02-20 10:46:09 -05:00
Paul Morie e6e17729be Minor addendums to secrets proposal 2015-02-19 12:02:18 -05:00
Eric Tune 77211be2c0 Merge pull request #4126 from pmorie/secrets_proposal
Secrets proposal
2015-02-18 09:05:18 -08:00
Paul Morie 35402355a7 Secrets proposal 2015-02-17 20:29:38 -05:00
Saad Ali ec77204e81 Update Event Compression Design Doc with LRU Cache 2015-02-17 16:36:08 -08:00
Eric Tune 602502fa95 Merge pull request #3910 from csrwng/security_contexts
[Proposal] Security Contexts
2015-02-17 08:42:06 -08:00
Eric Tune d1edf609ab Merge pull request #4372 from saad-ali/event_compression_doc
Documentation for Event Compression
2015-02-14 00:11:32 -08:00
Eric Tune 98a9bbd6b3 Merge pull request #4029 from smarterclayton/security_proposal
Kubernetes pod and namespace security model
2015-02-13 09:08:37 -08:00
Clayton Coleman cbbd382b3f Kubernetes pod and namespace security model
This proposed update to docs/design/security.md includes proposals
on how to ensure containers have consistent Linux security behavior
across nodes, how containers authenticate and authorize to the master
and other components, and how secret data could be distributed to
pods to allow that authentication.

References concepts from #3910, #2030, and #2297 as well as upstream issues
around the Docker vault and Docker secrets.
2015-02-12 10:37:27 -05:00
Saad Ali 4df971f078 Documentation for Event Compression 2015-02-11 18:04:30 -08:00
csrwng 3b687b605b Specify intent for container isolation and add details for id mapping 2015-02-09 14:21:40 -05:00
Alex Robinson 4c9e6d37b6 Fix the broken links in the labels and access design docs. 2015-02-03 23:02:21 +00:00
csrwng ab574621c1 [Proposal] Security Contexts 2015-01-28 19:02:00 -05:00
Mrunal Patel c193716473 Replace "net" by "pod infra" in docs and format strings. 2015-01-28 15:03:06 -08:00
Joe Beda 050db5a2f8 Add Dockerfile for sequence diagram generation 2015-01-26 15:25:47 -08:00
roberthbailey 387b1cb6c6 Merge pull request #3802 from jbeda/seqdiag-tweak
Small tweaks to sequence diagram generation.
2015-01-26 13:54:08 -08:00
Joe Beda f7b6bd0a26 Small tweaks to sequence diagram generation.
Fix up name of font download and no transparency so it is easier to iterate.
2015-01-26 10:35:20 -08:00
derekwaynecarr 89f9224cc1 Doc tweaks 2015-01-23 12:56:49 -05:00
derekwaynecarr 24f580084e Remove resource_controller proposal 2015-01-23 12:56:49 -05:00
derekwaynecarr a44f8f8aaa ResourceQuota proposal 2015-01-23 12:56:49 -05:00
derekwaynecarr 1203b0e6e4 Design document for LimitRange 2015-01-23 12:56:49 -05:00
derekwaynecarr d0eebeeb6c Resource controller proposal 2015-01-23 12:56:49 -05:00
Clayton Coleman bab87d954e Clarify name must be lowercase in docs, to match code
We restrict DNS_SUBDOMAIN to lowercase for sanity.
2015-01-20 13:55:17 -05:00
Eric Tune 60d9c75849 Merge pull request #3281 from jbeda/cluster-join
Design doc for clustering.
2015-01-09 11:46:22 -08:00
Joe Beda 59e0bba246 Tweaks based on comments 2015-01-09 09:11:26 -08:00
derekwaynecarr 5c7bc51c53 Update design doc with final PR merge 2015-01-08 11:15:40 -05:00
Joe Beda 84569936d9 Design doc for clustering.
This is related to #2303 and steals from #2435.
2015-01-07 12:35:38 -08:00
Clayton Coleman 606dcf108b Proposal: Isolate kubelet from etcd
Discusses the current security risks posed by the kubelet->etcd pattern
and discusses some options.

Triggered by #846 and referenced in #859
2015-01-04 00:21:47 -05:00
derekwaynecarr 14464583f8 Version 2.0 of proposal 2014-12-18 13:56:34 -05:00
derekwaynecarr ada3dfce7d Admission control proposal 2014-12-15 14:32:46 -05:00
Sam Ghods 5de98eeb18 Remove unused YAML tags and GetYAML/SetYAML methods
Unneeded after move to ghodss/yaml.
2014-12-02 16:25:28 -08:00
Tim Hockin 3a3112c0e2 Loosen DNS 952 for labels 2014-12-01 12:30:43 -08:00
Joe Beda cc78c66a92 Convert gcutil to gcloud compute 2014-11-25 15:17:00 -08:00
Meir Fischer d5bbcd262c Fix bad selector file link 2014-11-09 22:46:07 -05:00
Eric Tune b8c71ec885 Separated user, dev, and design docs.
Renamed: logging.md -> devel/logging.m
Renamed: access.md -> design/access.md
Renamed: identifiers.md -> design/identifiers.md
Renamed:    labels.md -> design/labels.md
Renamed:    namespaces.md -> design/namespaces.md
Renamed:    security.md -> design/security.md
Renamed:    networking.md -> design/networking.md

Added abbreviated user user-focused document in place of most moved docs.

Added docs/README.md explains how docs are organized.
Added short, user-oriented documentation on labels
Added a glossary.
Fixed up some links.
2014-10-31 08:35:53 -07:00