kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,409 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

634 Commits

Author SHA1 Message Date
Ciprian Hacman ce9ed2e1fb Make sure Cluster.Spec.Containerd exists before checking the address 2019-12-16 15:26:52 +02:00
Ciprian Hacman c2d55ecdf3 Always require containerd version in nodeup 2019-12-16 15:17:57 +02:00
Ciprian Hacman f1ffd9a7f6 Rename config option contained.configFile to containerd.configOverride 2019-12-16 00:59:26 +02:00
Ciprian Hacman 59ab0ca9d0 Pass containerd --address flag to kubelet if it exists 2019-12-16 00:59:26 +02:00
Ciprian Hacman 6363289103 Update tests after rebase 2019-12-16 00:59:26 +02:00
Ciprian Hacman b234d0687a Add back Protokube image pull during service start 2019-12-16 00:59:19 +02:00
Ciprian Hacman f401342d8f Update Protokube tests 2019-12-15 22:31:52 +02:00
Ciprian Hacman 4c5693be0d Remove unneeded version check 2019-12-15 21:57:12 +02:00
Ciprian Hacman 6dce39ffe1 Always set TasksMax=infinity for container friendly OSes 2019-12-15 21:37:57 +02:00
Ciprian Hacman 9d1ef68616 Parse Docker and containerd version using strconv.Atoi 2019-12-15 21:37:57 +02:00
Ciprian Hacman a6696f8060 Remove duplicate ExecStartPre 2019-12-15 21:37:57 +02:00
Ciprian Hacman bbb6740f3f Remove unneeded imports 2019-12-15 21:37:57 +02:00
Ciprian Hacman bdb395f722 Fix container remove command on failed start 2019-12-15 21:37:57 +02:00
Ciprian Hacman 92cd1842c6 Add support for containerd container runtime - generated 2019-12-15 21:37:57 +02:00
Ciprian Hacman 1a4d8bf49c Add support for containerd container runtime - tests 2019-12-15 21:37:57 +02:00
Ciprian Hacman 42b73b877d Add support for containerd container runtime 2019-12-15 21:37:57 +02:00
Peter Rifel 23ee2e63fc
Fix typo in protokube_test.go 2019-12-15 11:18:46 -06:00
Peter Rifel ea106478e0
Run ./hack/update-bazel.sh 2019-12-15 09:47:57 -06:00
Justin Santa Barbara 700bd2c0a5 Add test for protokube builder 
This should give us some assurances that we haven't changed things too
much with the containerd introduction.
 2019-12-14 23:19:54 -05:00
Kubernetes Prow Robot 852ed31f5f
Merge pull request #7545 from mazzy89/flatcar-fix 
Complete support for Flatcar
 2019-12-09 04:58:01 -08:00
John Gardiner Myers eaa13e734d Fix truncation of admission control plugins list 2019-11-30 19:30:49 -08:00
Ciprian Hacman 10b7d1e7b5 Don't consider recommended packages as a dependency for installing 2019-11-29 10:56:22 +02:00
Ciprian Hacman d66dfc1ac1 Automatically install dependencies with local packages 2019-11-27 17:12:38 +02:00
Kubernetes Prow Robot 482fce5d54
Merge pull request #7424 from mmerrill3/feature/dynamic-audit-config 
Implementing audit dynamic configuration (#7392)
 2019-11-26 01:01:10 -08:00
Salvatore Mazzarino 16f667d5a8 Correct Distro name 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-11-24 18:58:49 +01:00
Salvatore Mazzarino 9732d06d97 Add reference 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-11-24 16:35:23 +01:00
Salvatore Mazzarino f6908656bf Fix volume plugins dir 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-11-24 16:35:23 +01:00
Salvatore Mazzarino 5c0d5c112d Add tag during isDebian check family 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-11-24 16:35:23 +01:00
Kubernetes Prow Robot 4b11768ae0
Merge pull request #7906 from johngmyers/fix-apiversion 
Update apiVersion in docs and tests
 2019-11-22 06:03:28 -08:00
Kubernetes Prow Robot 1e2673515f
Merge pull request #7923 from eest/sysctls-comment 
sysctls.go: Fix some comments
 2019-11-21 17:35:40 -08:00
Kubernetes Prow Robot baa5ae3934
Merge pull request #7860 from hakman/docker-19.03.4 
Add support for newer Docker versions
 2019-11-17 12:23:54 -08:00
Patrik Lundin ad9448ac40 sysctls.go: Fix some comments 
Comment for net.ipv4.tcp_tw_reuse from tcp(7).
 2019-11-13 13:01:06 +01:00
John Gardiner Myers f1068e5c8c Update apiVersion in docs and tests 2019-11-09 14:14:24 -08:00
Zac Blazic 28d3eb4e37 Use `--encryption-provider-config` when kubernetes 1.13+ 
The alpha version of encryption at rest used the following flag:
`--experimental-encryption-provider-config`. As of kubernetes 1.13,
`--encryption-provider-config` should be used instead.
 2019-11-08 18:24:05 +02:00
Kubernetes Prow Robot 3979650823
Merge pull request #7841 from tanjunchen/fix-up-gosimple-problems 
fix-up static-check
 2019-11-05 21:57:20 -08:00
Ciprian Hacman 777265931f Add support for Docker 18.09.9 2019-11-04 12:00:11 +02:00
Ciprian Hacman a716ac17f4 Add support for Docker 19.03.4 2019-10-31 11:42:47 +02:00
Ripta Pasay 56ea75cc91 Include custom sysctl parameters when running the sysctl builder 
(cherry picked from commit 6766f47c670b68d2bf1a13ef94a710bd48f10678)
 2019-10-30 10:55:01 -07:00
tanjunchen a19fb935e4 fix-up static-check 2019-10-29 14:06:12 +08:00
Srikanth afe59ba7cc Remove clusterID to be passed as a parameter for protokube 2019-10-29 09:40:38 +05:30
Srikanth cb4a8ef6fc Rebase with latest master 2019-10-29 09:40:38 +05:30
mmerrill3 5cf94c8ddf Implementing audit dynamic configuration (#7392) 
Signed-off-by: mmerrill3 <michael.merrill@vonage.com>
 2019-10-24 10:21:27 -04:00
hwdef bc7d07035b dnsprovider: fix static check 2019-10-24 11:13:55 +08:00
tanjunchen 6a01525de5 fix-up bug in nodeup/pkg/model 2019-10-16 00:35:26 +08:00
Kubernetes Prow Robot 39cbb2bf1c
Merge pull request #7781 from hatappi/api-server-multiple-sa-key-file 
fix(apiserver): allow multiple service-account-key-file
 2019-10-14 18:15:51 -07:00
hatappi 3b1c1f1639 fix(apiserver): allow multiple service-account-key-file 2019-10-14 10:52:48 +09:00
Kubernetes Prow Robot 34c7d5a64a
Merge pull request #7755 from tanjunchen/fix-up-static-error 
fix-up staticcheck error
 2019-10-13 08:20:35 -07:00
Kubernetes Prow Robot 0c66a304c3
Merge pull request #7754 from tanjunchen/fix-up-gosimple-error 
fix-up gosimple check error
 2019-10-12 11:18:44 -07:00
Kubernetes Prow Robot dfaa39bc34
Merge pull request #7539 from spotinst/fix-kubelet-maxpods 
Kubelet configuration: Maximum pods flag is miscalculated when using Amazon VPC CNI
 2019-10-11 11:35:25 -07:00
Thomas Jackson cfcb93e822 Misc fixes 2019-10-10 13:09:22 -07:00
Thomas Jackson f8c416d6ce Add configs for gossip dns 2019-10-10 13:09:22 -07:00
liranp c6eb29a4b5
fix(nodeup): miscalculated `max-pods` when using amazon-vpc-cni 2019-10-10 12:02:12 +03:00
tanjunchen 28fdb358f8 fix-up staticcheck error 2019-10-08 13:53:04 +08:00
tanjunchen 43bf6bdab6 fix-up gosimple check error 2019-10-07 11:59:57 +08:00
tanjunchen 8fe36dc72c fix-up some staticcheck error 2019-10-06 10:40:13 +08:00
Jesse Haka 4ccad007ce mountcerts -> usehostcerts 2019-09-30 11:36:32 +03:00
Jesse Haka 352bc1eaa2 Allow to use custom rootCAs 2019-09-30 11:35:58 +03:00
yuxiaobo 0bd700781e Correct word misspelling 2019-09-29 22:23:07 +08:00
Kubernetes Prow Robot 942c8915db
Merge pull request #7496 from justinsb/label_controller 
kops-controller
 2019-09-27 03:43:35 -07:00
Kubernetes Prow Robot ba69006d17
Merge pull request #7663 from rifelpet/staticcheck-bugfixes 
Fix some bugs reported by staticcheck
 2019-09-25 15:31:06 -07:00
Justin SB 728e582360
Fill out kops controller functionality 
k8s 1.16 requires that we move label setting away from the kubelet, to
a central controller.  kops-controller is that controller.
 2019-09-25 12:04:34 -04:00
Justin SB cdcf72b0c9
Pull centos.org packages from the vault 
This isn't as nice as debian's vault, in that it doesn't contain the
latest packages.  But it appears that once a package is in the vault,
it should stay there.

Source from the vault to unbreak 1.13.
 2019-09-25 10:15:28 -04:00
Peter Rifel c8d424dd87 Fix some staticcheck warnings 2019-09-25 06:35:25 -07:00
Kubernetes Prow Robot 30c6f65300
Merge pull request #6957 from austinmoore-/skip-docker-install 
Skip Docker install
 2019-09-18 14:55:00 -07:00
Kubernetes Prow Robot 3b9821d5c5
Merge pull request #7474 from nebril/cilium-standalone 
Change Cilium templates to standalone version
 2019-09-18 14:01:00 -07:00
Kubernetes Prow Robot 0ae46139a7
Merge pull request #7609 from igarcia-sugarcrm/issue/7608 
Updated container-selinux url to point to the right path
 2019-09-18 10:05:33 -07:00
Mike Splain 3af3f81a18
Fix gofmt 2019-09-18 11:21:45 -04:00
mikesplain 0fe1a52e09 Add logrotate for etcd/etcd-events.log 2019-09-18 09:43:24 -04:00
Ivan Garcia d0db05defa Updated container-selinux url to pint to the right path 2019-09-17 14:57:13 -07:00
Austin Moore 4695e7d03c
Move SkipInstall to DockerConfig 2019-09-17 11:55:08 -04:00
Ole Markus With e7ff69a4a3 Mount BPF for cilium as part of nodeup instead of using a daemonset 2019-09-16 16:49:36 +02:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 8e2dbb6a99
Bootstrap: protokube labels its own node with node-role label 
As of k8s 1.16, the node-role label is protected for security reasons.
We will introduce a controller to set those labels generically.
However, we need these labels to run the controller (only) on master
nodes.

To solve this bootstrapping problem, we use protokube to apply the
master role node labels to the master node only.  This isn't a
security problem because we assume that protokube on the master is
highly trusted - we are still administering labels centrally.

Then kops-controller can use this label to target the master nodes,
and run a central label controller.
 2019-09-08 20:51:00 -04:00
Justin SB 810c65eb46
Copy well-known users from apiserver 
This should eliminate the dependency on k8s.io/apiserver
 2019-08-31 08:50:09 -07:00
Justin SB 17186ff7ba
Generated vendor & bazel from `make gomod` 
Automatically generated vendor & BUILD.bazel files
 2019-08-25 16:00:41 -04:00
Justin SB b1f8f84306
Code changes for 1.15 2019-08-25 16:00:39 -04:00
Kubernetes Prow Robot 2d1b010071
Merge pull request #7346 from ripta/max-pd-vols 
Add maxPersistentVolumes to support the KUBE_MAX_PD_VOLS scheduler setting
 2019-08-15 22:54:32 -07:00
Kashif Saadat 4514215656 Set and mount the correct volume plugin dir based on OS 2019-08-01 17:54:08 +01:00
Ripta Pasay a31a6b60ca Add maxPersistentVolumes to support the KUBE_MAX_PD_VOLS scheduler setting 2019-07-30 11:44:45 -07:00
Justin SB 35bb1c1636
Update default flexvolumepath for COS 
Default on COS is a different location, see
https://github.com/kubernetes/kubernetes/pull/58171
 2019-07-29 12:57:59 -04:00
Kubernetes Prow Robot 8a146b1c64
Merge pull request #6874 from kellanburket/master 
Mount FlexVolume directory in kube-controller-manager pod
 2019-07-25 08:05:54 -07:00
Kubernetes Prow Robot 0e27206973
Merge pull request #7290 from justinsb/rationalize_golden_output_comparison 
Rationalize golden-output comparison
 2019-07-23 00:20:55 -07:00
Kubernetes Prow Robot 2178721764
Merge pull request #6236 from justinsb/fixup_ntp_install 
Move NTP and misc packages initialization to code
 2019-07-22 07:18:52 -07:00
Kubernetes Prow Robot cdd3496c8a
Merge pull request #6229 from justinsb/gce_ipalias 
GCE: support ipalias networking mode, named "gce"
 2019-07-22 06:26:51 -07:00
Justin SB 512378b335
Rationalize golden-output comparison 
Create a single helper function: AssertMatchesFile

Also a few output files that weren't consistent.
 2019-07-21 23:08:48 -04:00
Kubernetes Prow Robot 92903304d4
Merge pull request #7287 from VibrentHealth/rhel8_support 
Rhel8 support
 2019-07-21 19:55:03 -07:00
Cassandra Comar 9ba043330a Fix package installation by switching ntp to chrony and directly installing container-selinux 2019-07-19 09:11:56 -04:00
Cassandra Comar 4638081c89 Fix identity string for RHEL8 2019-07-19 09:11:50 -04:00
Cassandra Comar f63eb0a066 Add support for RHEL 8 2019-07-19 09:11:43 -04:00
Justin SB 62f7c26f98
Support "gce" networking mode, which uses ip aliases 2019-07-19 07:54:13 -04:00
Justin SB 10a7f9afb0
Move NTP and misc package initialization to code 
Paring down the nodeup portion of gobindata
 2019-07-19 07:34:44 -04:00
Thomas Jackson ea61fb8de0 Replace behavior for aws hostnameOverride 
If the cluster's VPC includes DHCP options the local-hostname includes
the DHCP zone instead of the private DNS name from AWS (which is what
k8s uses regardless of flags). This patch simply makes the
hostnameOverride implementation match by using the AWS api to get the
private DNS name

Related to #7172
 2019-07-17 10:30:07 -07:00
Kubernetes Prow Robot dd6b0314fc
Merge pull request #6897 from vainu-arto/set-priority-for-static-pods 
Set priority for static pods
 2019-07-12 00:41:07 -07:00
Thomas Jackson 270a028c94 Use NodeAuthorizer config options instead of soely hard-codes 
Without this patch the timeout is 5m and the interval is 10m --
hard-coded with no mechanism to change, even though the config struct
already had a timeout option (which was completely unused)
 2019-07-09 09:48:43 -07:00
Kubernetes Prow Robot 5df1b64301
Merge pull request #7218 from appvia/apimachinery 
goimports update
 2019-07-09 02:40:13 -07:00
Justin SB 5f5f37a72c
Remove kube-proxy resource-container flag 
Removed in https://github.com/kubernetes/kubernetes/pull/78294

(A k/k breaking change: `--resource-container=""` is now the default!)
 2019-07-08 09:59:52 -04:00
Kashif Saadat 2b61ace49c goimports update 2019-07-03 16:43:20 +01:00
Kubernetes Prow Robot a8e7109129
Merge pull request #7040 from spotinst/feature-spotinst-ocean 
Spotinst: New instance group type: Ocean
 2019-06-20 12:24:10 -07:00
Kubernetes Prow Robot 1f98ecf8a3
Merge pull request #7124 from srikiz/UnitTestKubeProxy 
[Unit Tests] Added unit test for kube proxy builder
 2019-06-20 11:31:01 -07:00
Kubernetes Prow Robot 96704f24cd
Merge pull request #7103 from austinmoore-/egress-proxy-for-etcd-manager 
Egress proxy for etcd manager
 2019-06-20 11:30:49 -07:00
Kubernetes Prow Robot 1798ddfa0e
Merge pull request #7084 from mazzy89/flatcar_support 
Flatcar support
 2019-06-20 06:38:48 -07:00
Austin Moore ccced9901a
Add test for skipInstall 2019-06-12 14:16:11 -04:00
Austin Moore de339bf72d
Add configuration to skip docker installs 2019-06-12 14:16:11 -04:00
Srikanth cdb18bd063 Update BUILD.bazel file 2019-06-10 08:25:22 -05:00
Srikanth 8b9a286dd5 Format the unit test per gofmt 2019-06-10 00:06:56 -05:00
Srikanth b2b7756326 Add initial tests for kube_proxy 2019-06-07 15:31:39 -05:00
Austin Moore 67d9f5f190
Move getProxyEnvVars into a util package 2019-06-05 15:59:19 -04:00
liranp 80020052d3
feat(spotinst): new instance group type: ocean 2019-06-03 12:38:46 +03:00
Salvatore Mazzarino c7381f9a34 Flatcar support 
Signed-off-by: Salvatore Mazzarino <dev@mazzarino.cz>
 2019-05-31 12:20:27 +02:00
Jesse Haka 60756136c8 Add Debian 10 (buster) support 2019-05-26 15:34:39 +03:00
Michael Frister 691c459ae6 Fix Docker not being installed on Ubuntu 16.04 
This only affects the default Docker version for 1.12 (18.06.3).
 2019-05-14 10:25:49 +02:00
Justin SB fe487df586
Use klog logging from 1.15 
klog can now support logging both to a file and to streams, so we get the output both in docker & logfiles.

A few gotchas:

* The output previously was all on stdout, now it on stderr.  That is more correct
* If something writes to stdout or stderr outside of klog, it will no longer end up in the logfile.
* There's some oddities still to be ironed out about the flag syntax https://github.com/kubernetes/klog/issues/60
 2019-05-10 00:17:30 -04:00
Arto Jantunen 48974521e1 Set priority classes for static pods 
For the master pods (apiserver, controller manager, scheduler) this is
unlikely to ever matter (the masters aren't expected to run out of
resources and need to evict things) but evictions of kube-proxy from worker
nodes are easy to trigger in clusters with PodPriority enabled. Since these
are static pods the configuration is also somewhat difficult to change.
 2019-05-09 16:03:08 +03:00
Justin SB ba9a4afc43
apigroup -> kops.k8s.io: Tests & supporting changes 
Autogenerated code, docs & test changes

Also a new test for the older "kops" apiGroup, to make sure that
continues to work.
 2019-05-06 22:26:29 -04:00
Justin SB 76d03b3f71
Generated files: glog -> klog 2019-05-06 12:56:03 -04:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Kellan Cummings d0a653b0a5 added flexvolume mount to kube-controller 2019-05-03 14:45:58 -04:00
Kubernetes Prow Robot bea86cb4d9
Merge pull request #6810 from xichengliudui/update-go-const-part6 
Using const() defines constants together (part:4)
 2019-04-23 19:26:00 -07:00
Kubernetes Prow Robot e497f33104
Merge pull request #6809 from xichengliudui/update-go-const-part5 
Using const() defines constants together (part:3)
 2019-04-23 06:36:17 -07:00
Justin SB de581b1b64
Switch to golang 1.11.5 
For cherry-picking to 1.13

https://github.com/kubernetes/kubernetes/blob/release-1.13/build/build-image/cross/Dockerfile
 2019-04-20 17:36:56 -04:00
xichengliudui c02802f36d Using const() defines constants together (part:4) 2019-04-20 05:12:51 -04:00
xichengliudui 16ee9c4342 Using const() defines constants together (part:3) 2019-04-20 05:02:21 -04:00
Kubernetes Prow Robot b91db4f360
Merge pull request #6706 from granular-ryanbonham/apiserver_cpurequest 
Add ability to specify cpuRequest for API Server
 2019-04-10 08:04:13 -07:00
Justin SB c7b921fe05
Increase apiserver timeout to 45 seconds 
Fix #6702

Parallel to upstream issue #71054
 2019-04-07 11:55:33 -07:00
Ryan Bonham 8584fd731d Fix type mismatch 2019-03-29 14:32:29 -05:00
Ryan Bonham ac5a2ec2a0 Fix syntax error 2019-03-29 14:19:59 -05:00
Ryan Bonham 67c2f50732 Handle unset KubeAPIServer.CPURequest 2019-03-29 14:07:05 -05:00
Ryan Bonham a75dcdda35 Add Ability to set cpu request for api server 2019-03-29 13:56:21 -05:00
Justin SB 7bd4a7e262
Support download protokube from mirror 2019-03-26 00:45:54 -04:00
Derek Lemon (delemon) b09bb9eb37 Openstack environment escaping 2019-03-21 15:56:57 -06:00
Kubernetes Prow Robot 93988d8fdd
Merge pull request #6359 from justinsb/integration_etcd 
Enable etcd-manager / etcd3 / etcd-tls in kops 1.12
 2019-03-19 10:28:23 -07:00
Justin SB f0241294ac
Refactored out repeated joining code 
Thanks for suggestion @chrisz100!
 2019-03-19 09:48:16 -07:00
Jesse Haka dab9c1800a add manage sec groups for loadbalancers 2019-03-18 11:27:31 +02:00
Kubernetes Prow Robot 00950767c2
Merge pull request #6564 from usabilla/no-docker-prestart 
Remove docker-prestart hook
 2019-03-17 23:25:11 -07:00
Kubernetes Prow Robot 3b907c81e4
Merge pull request #5982 from justinsb/create_var_lib_kubelet 
Always create /var/lib/kubelet, even in bootstrap mode
 2019-03-17 04:12:55 -07:00
Kubernetes Prow Robot 492031d4c7
Merge pull request #6620 from justinsb/followup_6347 
Fix some of the docker package names & versions
 2019-03-15 09:47:00 -07:00
LilyFaFa 12d54b6a1f support gossip for AliCloud 2019-03-15 15:26:12 +08:00
Justin SB 057c19f8bb
Fix some of the docker package names & versions 
Follow up to #6347 - add a test for some of the names based on some
heuristics, and fix some of the problems that popped up.
 2019-03-15 00:09:59 -04:00
Kubernetes Prow Robot 16e846d4ce
Merge pull request #6347 from tsuna/master 
Add support for Docker 18.09.3.
 2019-03-14 20:48:55 -07:00
Justin SB 31f408c978
Support etcd-manager in kops 1.12 
In 1.12 (kops & kubenetes):

* We default etcd-manager on
* We default to etcd3
* We default to full TLS for etcd (client and peer)
* We stop allowing external access to etcd
 2019-03-14 23:13:06 -04:00
Alex Williams c928b7e6c5
Use EnsureTask for create static pod directory 2019-03-14 12:22:43 +00:00
Justin SB ecbc34153b
Always create /var/lib/kubelet, even in bootstrap mode 
Otherwise we end up with a circular dependency where we don't run the
node-authorizer until /var/lib/kubelet has been bind-mounted, but it
can't be bind-mounted until it exists.

This bind-mounting happens on Google's ContainerOS, which is why it
isn't always seen.
 2019-03-14 01:07:52 -04:00
Benoit Sigoure e4691cd704 nodeup: Add support for Docker 18.09.3. 
Starting from Docker 18.09.0, the Docker distribution has been split in
3 packages: the Docker daemon, the Docker CLI, and for containerd.  This
adds a twist to how to upgrade Docker from the base image as the daemon
and CLI packages must be installed at the same time, otherwise dpkg/rpm
will refuse to upgrade (the new CLI is incompatible with the old package
and the daemon can't be installed without first installing the CLI and
the new containerd, so the upgrade MUST happen in a single transaction).

This code change thus adds the possibility to specify additional packages
to install in the same dpkg/yum transaction, such as the Docker CLI and
containerd in nodeup, and the ability to apply the multi-package upgrade
atomically with dpkg/rpm.

We also use this new mechanism for the SELinux policy on RHEL/CentOS.
 2019-03-04 15:39:12 -08:00
Steven McDonald fe249eabbf Remove docker-prestart hook 
This breaks networking if Docker is restarted
(https://github.com/kubernetes/kops/issues/6191).

The Docker issue linked in the hook's comments has been closed for
over 3 years, and this workaround has not been used by upstream
Kubernetes for over a year:

  5f9735de53 (diff-af1d281c3ce49f7bfe110f7c64c96fdc)

It therefore seems unlikely that this hook is still necessary.
 2019-03-01 13:43:38 +01:00
Kubernetes Prow Robot baf83ab69a
Merge pull request #6343 from sp-joseluis-ledesma/master 
set net.ipv4.ip_local_reserved_ports to the KubeAPIServer ServiceNodePortRange parameter on nodeup
 2019-02-28 12:50:49 -08:00
Kubernetes Prow Robot 743b319fc9
Merge pull request #6506 from justinsb/chattr_docker_runc_17_03_2 
Try using chattr to mark docker-runc as immutable
 2019-02-25 07:22:12 -08:00
Justin SB 5d28bed21f
Map docker 18.06.3 
Docker 18.06.2 on RHEL/Centos did not actually contain the fix, so we
need 18.06.3.
 2019-02-23 17:19:44 -05:00
Justin SB 9bfa0cdd2a
Try using chattr to mark docker-runc as immutable 
May be a workaround for CVE-2019-5736, is defense in depth in any case.
 2019-02-20 22:26:44 -05:00
Kubernetes Prow Robot 823f769a95
Merge pull request #6492 from justinsb/package_names_for_container_selinux 
Fix package name & version for container-selinux
 2019-02-20 08:14:50 -08:00
Kubernetes Prow Robot 46599c0908
Merge pull request #6491 from justinsb/overlay2_on_docker_with_17_x 
Workaround for overlay2 vs rhel-family docker bug
 2019-02-20 05:37:41 -08:00