kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,877 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

409 Commits

Author SHA1 Message Date
Ryan Bonham ac5a2ec2a0 Fix syntax error 2019-03-29 14:19:59 -05:00
Ryan Bonham 67c2f50732 Handle unset KubeAPIServer.CPURequest 2019-03-29 14:07:05 -05:00
Ryan Bonham a75dcdda35 Add Ability to set cpu request for api server 2019-03-29 13:56:21 -05:00
Justin SB 7bd4a7e262
Support download protokube from mirror 2019-03-26 00:45:54 -04:00
Derek Lemon (delemon) b09bb9eb37 Openstack environment escaping 2019-03-21 15:56:57 -06:00
Kubernetes Prow Robot 93988d8fdd
Merge pull request #6359 from justinsb/integration_etcd 
Enable etcd-manager / etcd3 / etcd-tls in kops 1.12
 2019-03-19 10:28:23 -07:00
Justin SB f0241294ac
Refactored out repeated joining code 
Thanks for suggestion @chrisz100!
 2019-03-19 09:48:16 -07:00
Jesse Haka dab9c1800a add manage sec groups for loadbalancers 2019-03-18 11:27:31 +02:00
Kubernetes Prow Robot 00950767c2
Merge pull request #6564 from usabilla/no-docker-prestart 
Remove docker-prestart hook
 2019-03-17 23:25:11 -07:00
Kubernetes Prow Robot 3b907c81e4
Merge pull request #5982 from justinsb/create_var_lib_kubelet 
Always create /var/lib/kubelet, even in bootstrap mode
 2019-03-17 04:12:55 -07:00
Kubernetes Prow Robot 492031d4c7
Merge pull request #6620 from justinsb/followup_6347 
Fix some of the docker package names & versions
 2019-03-15 09:47:00 -07:00
LilyFaFa 12d54b6a1f support gossip for AliCloud 2019-03-15 15:26:12 +08:00
Justin SB 057c19f8bb
Fix some of the docker package names & versions 
Follow up to #6347 - add a test for some of the names based on some
heuristics, and fix some of the problems that popped up.
 2019-03-15 00:09:59 -04:00
Kubernetes Prow Robot 16e846d4ce
Merge pull request #6347 from tsuna/master 
Add support for Docker 18.09.3.
 2019-03-14 20:48:55 -07:00
Justin SB 31f408c978
Support etcd-manager in kops 1.12 
In 1.12 (kops & kubenetes):

* We default etcd-manager on
* We default to etcd3
* We default to full TLS for etcd (client and peer)
* We stop allowing external access to etcd
 2019-03-14 23:13:06 -04:00
Alex Williams c928b7e6c5
Use EnsureTask for create static pod directory 2019-03-14 12:22:43 +00:00
Justin SB ecbc34153b
Always create /var/lib/kubelet, even in bootstrap mode 
Otherwise we end up with a circular dependency where we don't run the
node-authorizer until /var/lib/kubelet has been bind-mounted, but it
can't be bind-mounted until it exists.

This bind-mounting happens on Google's ContainerOS, which is why it
isn't always seen.
 2019-03-14 01:07:52 -04:00
Benoit Sigoure e4691cd704 nodeup: Add support for Docker 18.09.3. 
Starting from Docker 18.09.0, the Docker distribution has been split in
3 packages: the Docker daemon, the Docker CLI, and for containerd.  This
adds a twist to how to upgrade Docker from the base image as the daemon
and CLI packages must be installed at the same time, otherwise dpkg/rpm
will refuse to upgrade (the new CLI is incompatible with the old package
and the daemon can't be installed without first installing the CLI and
the new containerd, so the upgrade MUST happen in a single transaction).

This code change thus adds the possibility to specify additional packages
to install in the same dpkg/yum transaction, such as the Docker CLI and
containerd in nodeup, and the ability to apply the multi-package upgrade
atomically with dpkg/rpm.

We also use this new mechanism for the SELinux policy on RHEL/CentOS.
 2019-03-04 15:39:12 -08:00
Steven McDonald fe249eabbf Remove docker-prestart hook 
This breaks networking if Docker is restarted
(https://github.com/kubernetes/kops/issues/6191).

The Docker issue linked in the hook's comments has been closed for
over 3 years, and this workaround has not been used by upstream
Kubernetes for over a year:

  5f9735de53 (diff-af1d281c3ce49f7bfe110f7c64c96fdc)

It therefore seems unlikely that this hook is still necessary.
 2019-03-01 13:43:38 +01:00
Kubernetes Prow Robot baf83ab69a
Merge pull request #6343 from sp-joseluis-ledesma/master 
set net.ipv4.ip_local_reserved_ports to the KubeAPIServer ServiceNodePortRange parameter on nodeup
 2019-02-28 12:50:49 -08:00
Kubernetes Prow Robot 743b319fc9
Merge pull request #6506 from justinsb/chattr_docker_runc_17_03_2 
Try using chattr to mark docker-runc as immutable
 2019-02-25 07:22:12 -08:00
Justin SB 5d28bed21f
Map docker 18.06.3 
Docker 18.06.2 on RHEL/Centos did not actually contain the fix, so we
need 18.06.3.
 2019-02-23 17:19:44 -05:00
Justin SB 9bfa0cdd2a
Try using chattr to mark docker-runc as immutable 
May be a workaround for CVE-2019-5736, is defense in depth in any case.
 2019-02-20 22:26:44 -05:00
Kubernetes Prow Robot 823f769a95
Merge pull request #6492 from justinsb/package_names_for_container_selinux 
Fix package name & version for container-selinux
 2019-02-20 08:14:50 -08:00
Kubernetes Prow Robot 46599c0908
Merge pull request #6491 from justinsb/overlay2_on_docker_with_17_x 
Workaround for overlay2 vs rhel-family docker bug
 2019-02-20 05:37:41 -08:00
Justin SB f094d16d0f
Fix package name & version for container-selinux 2019-02-19 21:25:38 -05:00
Justin SB ea4e57145c
Workaround for overlay2 vs rhel-family docker bug 
Docker 17.x with rhel-family fails to detect overlay2 correctly, and
need us to pass overlay2.override_kernel_check=true for docker to
correctly detect overlay2 support.
 2019-02-19 21:25:12 -05:00
Justin SB 8835dc94eb
Install kubelet config for default centos user 
We weren't installing it on centos, which is not particuarly
user-friendly.
 2019-02-19 21:24:24 -05:00
Kubernetes Prow Robot 53189d7e6b
Merge pull request #6210 from mmerrill3/feature/kops-4049 
Fixing kops-4049
 2019-02-18 02:43:00 -08:00
Kubernetes Prow Robot 96b14eaa3b
Merge pull request #6461 from mikesplain/add_jessie_patch 
Add jessie patch
 2019-02-16 06:24:02 -08:00
Kubernetes Prow Robot f7048cf8fb
Merge pull request #6411 from justinsb/etcd_manager_backport 
Support etcd-manager v3, suitable for backporting
 2019-02-16 04:21:40 -08:00
mikesplain 54c969c521 Add debian jessie patch for CVE-2019-5736 2019-02-12 08:42:49 -05:00
JuanJo Ciarlante 6bb897d7ac
add Xenial, fix Stretch Version to 18.06.2~ce~3-0~debian (same as for Xenial, Bionic, Stretch) 2019-02-11 19:44:25 -03:00
JuanJo Ciarlante b761a809d5
add 18.06.2 entries instead of replacing 18.06.1 ones 2019-02-11 17:05:12 -03:00
JuanJo Ciarlante 49615d5afa [jjo] update docker-ce 18.06 for CVE-2019-5736 
Fixes #6459.

* Update CoreOS, Debian Stretch and Ubuntu Bionic
  docker-ce packages to 18.06.2
 2019-02-11 16:26:17 -03:00
Justin SB dd7533398d
Support etcd-manager v3, suitable for backporting 
Add etcd-manager v3 in a way that we can safely backport.
 2019-01-29 23:51:26 -05:00
Kubernetes Prow Robot ea420dac78
Merge pull request #6351 from cisco-sso/os_full 
Kops for Openstack
 2019-01-23 10:35:20 -08:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) c9b5911b1c Openstack gopkg updates 2019-01-19 08:41:15 -07:00
Rohith 6c814f3e73 Changes 
- removed all the systemd unit creation and use the volume mount code from kubele (SafeFormatAndMount)
- added some documentation to highlight the feature and show how it might be used in both ebs and ephemeral storage
 2019-01-18 22:49:54 +00:00
Rohith df2d8dd304 - updating the basil requirements 2019-01-18 22:49:54 +00:00
Rohith 0e155b4c78 - changed tack and making them two separate features for now, one adding additional volumes and two mounting them. This should always allow for user to use epherimal devices as well 
- updated the api specs and machinery
- adding the dependecies on the services when the volume mounts are enable (should probably false this if they don't effect the docker filesystem)
 2019-01-18 22:49:38 +00:00
Rohith 1b69cea3cb - adding the volumebuilder into the nodeup binary to provision the mapped volumes 2019-01-18 22:45:05 +00:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) d1b7680b10 openstack cloud config monitor section must be a child of loadbalancer 2019-01-18 14:22:04 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 292b3a8589 Storage config for openstack cloud config 2019-01-18 11:39:39 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) eb256593bc Setting project ID as well in cloudconfig. Using loadbalancerID in cloudconfig. Retrieving instance IP from openstack in protokube. 2019-01-18 10:17:14 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 4f0169bb79 codegen 2019-01-16 09:30:40 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) b1aaef1885 Proper escaping of openstack environment variables 2019-01-15 14:21:50 -07:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 4e752ca62d Openstack Environment Variable Mapping 2019-01-15 14:21:41 -07:00
Naresh Kumar Amrutham 6a0bdfda31 fixed comment 2019-01-15 10:04:41 -08:00
Naresh Kumar Amrutham c5c26fe4d2 include dependency container-selinux for docker v17.09 2019-01-15 10:01:28 -08:00