github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-30 15:02:23 +00:00
Code Issues Projects Releases Wiki Activity
115,151 Commits 42 Branches 8,000 Tags 1.3 GiB
master
Commit Graph

3727 Commits

Author SHA1 Message Date
Sergey Kanzhelev
c703725592 return value is taken from if statement instead of the function call 2021-10-26 00:11:55 +00:00
Oleg Atamanenko
965f10f539 Upgrade etcd to 3.5.1 2021-10-18 23:09:27 -07:00
Michelle Tandya
e9e6a7cb6b Update the binary version file for NPD to 0.8.10-gke0.1 2021-10-14 20:55:41 +00:00
Kubernetes Prow Robot
a861de6d16
Merge pull request #105500 from ibabou/update_owners_cluster_gce 
Add [ibabou] & [pjh] to Cluster GCE directory OWNERS
 2021-10-06 09:58:41 -07:00
Kubernetes Prow Robot
4586ff2c7c
Merge pull request #105333 from ibabou/update_win_base_images 
Update windows base images - GCE provider
 2021-10-05 23:08:33 -07:00
“Ibrahim
6a2eae0d12 Add [ibabou] & [pjh] to Cluster GCE directory OWNERS 2021-10-05 22:12:49 +00:00
“Ibrahim
26ce6df217 Update Windows base images GCE provider 2021-09-28 22:40:04 +00:00
Abu Kashem
a748fdc677
apiserver: refactor PolicyRuleEvaluator to return a struct 2021-09-24 08:08:32 -04:00
Paco Xu
ef99ba8cb2
konnectivity-agent-ds: remove toleration for NoSchedule 2021-09-17 10:58:09 +08:00
Paco Xu
a48a2efbd4
remove deprecated validEgressSelectorNames 'master' (#102242) 
* remove deprecated validEgressSelectorNames 'master'

Signed-off-by: pacoxu <paco.xu@daocloud.io>

* update gce configure: replace deprecated egress name 'master' with 'controlplane'

Signed-off-by: pacoxu <paco.xu@daocloud.io>

* add dup error for EgressSelection & fix converting alpha/beta to v1 name
 2021-09-16 07:09:46 -07:00
Kubernetes Prow Robot
03e0106bbc
Merge pull request #102592 from pacoxu/patch-11 
add NoExecute toleration for konnectivity agent
 2021-09-15 01:40:42 -07:00
Kubernetes Prow Robot
c79f7c1add
Merge pull request #104711 from claudiubelu/update-pause-3.6 
update pause image references to use 3.6
 2021-09-13 19:09:08 -07:00
Julie Qi
6bf310d6aa Remove stackdriver version variable 2021-09-10 15:26:16 -07:00
Kubernetes Prow Robot
34fb61beba
Merge pull request #104444 from cheftako/anp-v23 
Enable http2 health checking with go 1.16.5 on KAS egress.
 2021-09-07 08:43:15 -07:00
Kubernetes Prow Robot
7363da7ca7
Merge pull request #101318 from eltociear/patch-5 
Fix typo in gci/README.md
 2021-09-03 02:45:49 -07:00
Alex
bea25d8024
Update GKE kubernetes sources download link 
Fix non-working link provided on MOTD to download GKE source release.
Now point to correct location, confirmed same file as provided in "/home/kubernetes/kubernetes-src.tar.gz"
 2021-08-31 10:31:23 +09:00
Claudiu Belu
18936d4785 updates pause image references 
The pause:3.6 image has been published.

Also updates older / incorrect references.
 2021-08-29 21:50:05 -07:00
wfender
590300f90d Enable http2 health checking with go 1.16.5 
Enabling http2 health checking on http-connect KAS egress.
Reran update-vendor.
Fixed pinning.
 2021-08-19 22:38:41 -07:00
Kubernetes Prow Robot
08eaea4590
Merge pull request #104350 from tkashem/audit-policy-refactor 
refactor: rename audit Checker interface
 2021-08-19 01:41:24 -07:00
Kubernetes Prow Robot
9d38c64a7d
Merge pull request #104426 from mauriciopoppe/update-csi-proxy-version 
Upgrade the default csi-proxy version installed by kube-up.sh
 2021-08-18 15:23:45 -07:00
Sascha Grunert
6a6e24702c
Update cri-tools to v1.22.0 
This patch updates crictl to the latest available release.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-08-18 10:15:15 +02:00
Mauricio Poppe
fa9d5546cd Upgrade the default csi-proxy version installed by kube-up.sh 2021-08-17 19:37:26 +00:00
Abu Kashem
27f1503514
rename audit Checker interface 2021-08-12 17:42:41 -04:00
“Ibrahim
aa9380e017 Add termination hook to the startup script - GCE Windows 2021-08-12 19:56:15 +00:00
Daniel Kłobuszewski
1181421112 Update version of Cluster Autoscaler to 1.22.0 
Release notes: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.22.0
 2021-08-11 09:58:25 +02:00
“Ibrahim
b98594bc79 Add ibabou to gce/windows OWNERS file 2021-08-06 17:48:07 +00:00
Kubernetes Prow Robot
bfcc756f09
Merge pull request #103963 from mcshooter/update-npd-089 
update node-problem-detector v0.8.9
 2021-08-05 19:45:05 -07:00
Kubernetes Prow Robot
13c74c4309
Merge pull request #104181 from SergeyKanzhelev/patch-2 
Propose myself as a reviewer for cluster/gce/gci
 2021-08-05 17:51:01 -07:00
Kubernetes Prow Robot
6751ae8f21
Merge pull request #104112 from mcshooter/dump-kube-env-from-startup-script 
Log kube-env variables from startup script
 2021-08-05 16:36:38 -07:00
Sergey Kanzhelev
ddaa06abee
Propose myself as a reviewer for cluster/gce/gci 2021-08-05 14:24:35 -07:00
Kubernetes Prow Robot
1d693cd832
Merge pull request #104109 from caesarxuchao/keepalive 
add a keepalive time to the konnectivity server
 2021-08-05 06:09:46 -07:00
Kubernetes Prow Robot
a77d151c6c
Merge pull request #103855 from ibabou/update_bin_win_154 
Update Containerd version - GCE Windows (1.5.4)
 2021-08-05 01:45:07 -07:00
Kubernetes Prow Robot
04c7fe8256
Merge pull request #103627 from liu-cong/latency 
Add structured logging for more steps
 2021-08-04 22:11:07 -07:00
Kubernetes Prow Robot
f886190b48
Merge pull request #103436 from loburm/config_kube_proxy 
Make cpu request of kube proxy configurable by env variable.
 2021-08-04 19:00:40 -07:00
Kubernetes Prow Robot
ce5dbd2095
Merge pull request #103376 from mattcary/sunrpc 
Drop end of sunrpc port range to avoid port conflicts.
 2021-08-04 19:00:32 -07:00
Kubernetes Prow Robot
9c5cefb230
Merge pull request #101781 from ptabor/20210506-retry-dns-resolve 
Retry hostname->IP: [Errno -2] Name or service not known
 2021-08-04 18:59:27 -07:00
Michelle Tandya
9cffbab037 Log kube-env variables from startup script 2021-08-04 22:53:52 +00:00
vteratipally
5d84ffa6c2
Update configure-helper.sh 2021-08-04 14:36:16 -07:00
vteratipally
b0039559dd
Update configure-helper.sh 2021-08-04 13:19:00 -07:00
Chao Xu
572a24d854 add a keepalive time to the konnectivity server 2021-08-04 12:48:32 -07:00
vteratipally
0376c58c44
Update configure-helper.sh 
add live-restore true by default.
 2021-08-04 12:09:10 -07:00
Michelle Tandya
4606ebe423 update node-problem-detector v0.8.9 2021-07-28 01:02:56 +00:00
Walter Fender
6d1556df7b Update to using apiserver-network-proxy v1.22 
Includes a fix to prevent the agent writing to a closed channel.
 2021-07-24 16:02:01 -07:00
“Ibrahim
2cacfada26 Update Containerd version - GCE Windows 2021-07-22 18:34:11 +00:00
Julie Qi
2a4a1c1d00 disable aufs module 2021-07-21 23:25:19 -07:00
Kubernetes Prow Robot
61b2ce3855
Merge pull request #103777 from vteratipally/cos-update 
update cos 85 version to latest version
 2021-07-19 19:23:31 -07:00
Varsha Teratipally
9d0b32858a update cos 85 version to latest. 2021-07-19 17:54:39 +00:00
Matthew Cary
60d446fe3d Drop end of sunrpc port range to avoid port conflicts. 
Change-Id: I1561fe447f50d9ac835094b3cceba62ea74dfd81
 2021-07-13 18:38:40 +00:00
Cong Liu
6c87c22277 Add structured logging for more steps 2021-07-09 15:35:44 -07:00
Kubernetes Prow Robot
119b8fc93e
Merge pull request #103057 from jeremyje/fixnet 
GCE Windows: Set TCP/IP parameters to align with GCE optimal settings.
 2021-07-08 14:01:44 -07:00
Kubernetes Prow Robot
8e56a34195
Merge pull request #102966 from SergeyKanzhelev/deprecateDynamicKubeletConfig 
deprecate and disable by default DynamicKubeletConfig feature flag
 2021-07-07 17:05:15 -07:00
Kubernetes Prow Robot
ac554af79b
Merge pull request #103142 from serathius/etcd-3.5.0 
Upgrade etcd to 3.5.0
 2021-07-07 12:40:22 -07:00
Kubernetes Prow Robot
5e3bed6399
Merge pull request #101433 from SergeyKanzhelev/patch-1 
Make the service account error more apparent
 2021-07-05 03:23:13 -07:00
Stephen Augustus
c24dfe528a
cluster,hack: Use community infra GCS bucket for retrieving CI builds 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
 2021-07-03 17:04:54 -04:00
Sergey Kanzhelev
dffc2a60a2 deprecate and disable by default DynamicKubeletConfig feature flag 2021-07-02 23:53:11 +00:00
Kubernetes Prow Robot
57720afb7e
Merge pull request #103387 from SergeyKanzhelev/makeSureToSplitNPDHashesByArch 
make sure to split NPD hashes by architecture when upgrading to 0.8.9
 2021-07-02 13:38:46 -07:00
Kubernetes Prow Robot
a331cf74b7
Merge pull request #102050 from pohly/fix/deflake-metrics-proxy 
remove metrics proxy
 2021-07-02 12:30:10 -07:00
Marian Lobur
5d80d6e7c3 Make cpu request of kube proxy configurable by env variable. 2021-07-02 16:00:56 +02:00
Patrick Ohly
c91496dda0 cluster: enable debug handlers on GCE master nodes 
This is needed for testing metrics support via the secure port
of kube-scheduler and kube-controller-manager. To access that
port, port-forwarding is used.
 2021-07-02 10:38:49 +02:00
Piotr Tabor
de442ef860 Retry hostname->IP: [Errno -2] Name or service not known 
During cluster configuration, the hostname is getting resolved to IP,
as etcd requires IP address as listening address.

Due to connectivity flakes or delayed network inititalization, sometimes
the IP fails to be resolved to a name with following error:
```
[Errno -2] Name or service not known
```
that leads to attempt to run etcd with empty flag.

The PR adds a proper retry (up to 5 minutes) in case the connectivity
problems happens.

I considered alternatives like: `getent hosts foo`, but unfortunetelly thay
can return IPv6 that etcd is not ready for (yet).
 2021-07-01 12:20:07 +02:00
Sergey Kanzhelev
210c610d66 make sure to split NPD hashes by architecture when upgrading to 0.8.9 2021-07-01 08:12:35 +00:00
Kubernetes Prow Robot
d787eaa4d5
Merge pull request #103332 from mcshooter/updateNPDVersion 
Update NPD release version and include windows defender config
 2021-06-30 01:19:02 -07:00
Kubernetes Prow Robot
61ee139a08
Merge pull request #103070 from jeremyje/logspam 
GCE Windows: Upgrade to flb-exporter v0.17.0 which reduces log spam.
 2021-06-29 18:29:02 -07:00
Michelle Tandya
03f85e9ade Update NPD release version and include windows defender config 2021-06-30 00:00:32 +00:00
Kubernetes Prow Robot
ebcb4a2d88
Merge pull request #103104 from pacoxu/npd-088 
update npd to v0.8.8
 2021-06-29 02:30:40 -07:00
pacoxu
ffdf3f5007 update node-problem-detector npd to v0.8.8 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
Co-Authored-By: vteratipally <vteratipally@users.noreply.github.com>
 2021-06-29 09:35:32 +08:00
Marek Siarkowicz
ebe550bd48 Upgrade etcd to 3.5.0 2021-06-24 09:15:17 +02:00
Kubernetes Prow Robot
e120459000
Merge pull request #102952 from wpedrak/master 
Specify etcdctl version in livenessProbe
 2021-06-22 18:28:22 -07:00
pacoxu
f05f30943d kube-apiserver in gce: use --api-audiences as --service-account-api-audiences is deprecated 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-06-22 11:09:46 +08:00
Jeremy Edwards
44360b315c GCE Windows: Upgrade to flb-exporter v0.17.0 which reduces log spam. 2021-06-21 23:46:27 +00:00
Jeremy Edwards
7839668877 GCE Windows: Set TCP/IP parameters to keep idle connections alive on GCE. 2021-06-21 23:00:32 +00:00
Mauricio Poppe
e2061cfcd8 Expose envvar CSI_PROXY_VERSION 2021-06-21 18:33:23 +00:00
wpedrak
6cb448c10e Specify etcdctl version for livenessProbe 
`--command-timeout` is supported in `ETCDCTL_API` version 3 and it is NOT supported in `ETCDCTL_API` version 2. Up to etcd 3.3 (inclusive) default version of `ETCDCTL_API` was 2. This change explicitly defines used `ETCDCTL_API` and allows usage of etcd versions below 3.4.
 2021-06-21 16:12:32 +02:00
Vinayak Goyal
774d228637 remove the path if it exists before writing pki data. 
if setfacl is called before chmod g+r at anypoint during the lifetime of
the cluster then the default group does not have read permissions on the
file. so we explicitly grant the default group read permissions. See
https://gist.github.com/mmdriley/85ca34f711acbec4b1b94902add488e5 for a
repro.
 2021-06-18 11:03:37 -07:00
Kubernetes Prow Robot
b43e4ec89b
Merge pull request #102857 from ingvagabund/drop-kube-scheduler-insecure-port-bits 
kube-scheduler: stop using insecure serving bits
 2021-06-15 13:42:12 -07:00
Kubernetes Prow Robot
b766721332
Merge pull request #102814 from cheftako/master 
Update K/K to use ANP v0.0.20
 2021-06-14 19:00:33 -07:00
Jan Chaloupka
7560f33e27 kube-scheduler: stop using insecure serving bits 2021-06-14 22:50:53 +02:00
Kubernetes Prow Robot
1400be60ff
Merge pull request #102495 from jeremyje/fb177 
GCE Windows: Upgrade to fluent-bit 1.7.7, 1.7.6 had a major regression.
 2021-06-11 17:03:01 -07:00
Walter Fender
9f7d61c520 Upgrade ANP components to v0.0.20. 
Pick up new metrics to help with debugging and monitoring.
Pick up GRPC keep alive on frontend tunnel.
Server now using apps/options.
 2021-06-11 09:02:04 -07:00
Joseph Anttila Hall
9d514b2de4 Konnectivity: tune flags for larger clusters (5k nodes). 2021-06-10 14:05:44 -07:00
Marek Siarkowicz
12447bc803 Upgrade etcd server version to 3.5.0-rc.0 2021-06-09 17:00:05 +02:00
Kubernetes Prow Robot
028bffba58
Merge pull request #102661 from Jefftree/patch-4 
Default GCE testing to using konnectivity
 2021-06-07 11:45:08 -07:00
Kubernetes Prow Robot
3d2a7c146e
Merge pull request #102370 from JacobX33/master 
Remove set errexit from etcd manifest
 2021-06-07 08:16:40 -07:00
Jeffrey Ying
7a63dff88b
Update konnectivity default 2021-06-07 11:06:28 -04:00
Kubernetes Prow Robot
9d27400fe2
Merge pull request #102040 from njuptlzf/fix_conversion 
Fix auditing failed of request: encoding failed
 2021-06-05 19:58:38 -07:00
njuptlzf
7b0fbb7292 add audit log test cases for cross-group subresource 2021-06-06 09:52:05 +08:00
Kubernetes Prow Robot
74af3b712d
Merge pull request #102297 from deads2k/ssh-tunnels 
remove --ssh- options, deprecated 13 releases, that only work on GCE
 2021-06-05 10:40:50 -07:00
Kubernetes Prow Robot
e6a8bc9fbe
Merge pull request #90368 from serathius/remove-legacy-metrics 
Remove legacy metrics client from podautoscaler
 2021-06-05 08:44:38 -07:00
Marek Siarkowicz
4ebc0c94a4 Remove legacy metrics client from podautoscaler 2021-06-04 23:06:32 +02:00
Paco Xu
7f06d0d553
add NoExecute toleration for konnectivity agent 2021-06-04 17:39:02 +08:00
David Eads
ae603a38bc remove -ssh-user from cluster scripts for GCE 2021-06-03 17:53:09 -04:00
Jeremy Edwards
47a7fcb17b GCE Windows: Only create NPD kubeconfig when the file path is defined. 2021-06-02 21:15:45 +00:00
Walter Fender
355be99390 Default GCE testing to using konnectivity 
Turning GRPC based Konnectivity testing on id advance of
removing the SSHTunnel code.
https://testgrid.k8s.io/sig-api-machinery-network-proxy#ci-kubernetes-e2e-gci-gce-network-proxy-grpc&width=25
shows the feature to be stable and it should remain that way.
 2021-06-01 16:53:41 -07:00
Jeremy Edwards
3cb4f3e1bf GCE Windows: Upgrade to fluent-bit 1.7.7, 1.7.6 had a major regression. 2021-06-01 16:25:21 +00:00
Kubernetes Prow Robot
bc8acbc43e
Merge pull request #102328 from lentzi90/update-cni-plugins 
Update CNI plugins v0.9.1
 2021-05-28 10:16:46 -07:00
Jakub Sroka
ac17d03e76
Remove set errexit from etcd manifest 
There were cases where this caused etcd to crashloop. It seems lesser evil to let migrator fail instead.
 2021-05-27 14:25:35 +02:00
Kubernetes Prow Robot
d541872f9a
Merge pull request #102239 from Haleygo/clean-up-AlgorithmProvider-flag-and-pkg 
clean up algorithmprovider pkg and remove scheduler deprecated algorithm-provider flag
 2021-05-27 00:54:23 -07:00
Lennart Jern
507710b50f
Update CNI plugins v0.9.1 
ref: https://github.com/containernetworking/plugins/releases/tag/v0.9.1
Signed-off-by: Lennart Jern <lennart.jern@est.tech>
 2021-05-26 11:02:04 +03:00
Haleygo
2769e99dba remove scheduler deprecated algorithm-provider flag and clean up algorithmprovider pkg 2021-05-26 13:19:44 +08:00
Sascha Grunert
b167fc24d7
Update pause image to v3.5 
Update dependencies and the test images to use pause 3.5. We also
provide a changelog entry for the new container image version.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-05-25 09:04:46 +02:00
Kubernetes Prow Robot
b876623070
Merge pull request #102264 from jeremyje/fb176 
Upgrade Fluent-Bit 1.7.6.
 2021-05-24 21:49:29 -07:00
Kubernetes Prow Robot
06d44d2f42
Merge pull request #101168 from mikedanese/warning 
add a warning about the filter table
 2021-05-24 21:48:40 -07:00
walter
13ab65d356 Upgrade konnectivity-client for GRPC connection fixes 
The v0.0.19 Konnectivity client includes several
significant fixes to prevent the GRPC tunnel between
the KAS and the APIServer Network Proxy from becoming
blocked/wedged.
Importantly it picks up the fix for kubernetes-sigs/apiserver-network-proxy#167.
We believe this will also fix many of the failures currently seen on
https://testgrid.k8s.io/sig-api-machinery-network-proxy#ci-kubernetes-e2e-gci-gce-network-proxy-grpc&width=5.
 2021-05-24 14:53:30 -07:00
Jeremy Edwards
54f3eb42e9 Upgrade Fluent-Bit 1.7.6. 2021-05-24 19:51:00 +00:00
Kubernetes Prow Robot
77937b1e8e
Merge pull request #101628 from bobbypage/addon-termination-handler 
Remove node termination handler addon
 2021-05-24 11:31:39 -07:00
SataQiu
ff18e391e9 cleanup useless 'scheduler.alpha.kubernetes.io/critical-pod' annotation 2021-05-19 17:46:35 +08:00
Kubernetes Prow Robot
e830610854
Merge pull request #101539 from jeremyje/installnpd 
Install Node Problem Detector on GCE Windows nodes
 2021-05-18 20:16:50 -07:00
Jeremy Edwards
09f9537338 Install Node Problem Detector on GCE Windows nodes 2021-05-15 16:14:17 +00:00
Jeremy Edwards
2f87f280fe GCE Windows: Upgrade to fluent-bit 1.7.5 2021-05-14 21:23:30 +00:00
Kubernetes Prow Robot
e8cf412e5e
Merge pull request #101881 from vinayakankugoyal/konnectivity 
Update konnectivity network proxy server to run as non-root, by defau…
 2021-05-13 23:16:04 -07:00
Sergey Kanzhelev
72fe1b722c Make the service account error more apparent 2021-05-14 04:39:24 +00:00
Vinayak Goyal
b951b9349f Update konnectivity network proxy server to run as non-root, by default in kube-up. 2021-05-13 12:35:34 -07:00
Avritt Rohwer
0a5a697882 Fix bug in retry-forever usage. 
- Push retry-forever wrapping to curl invocations.
- Collect curl retry flags into a single variable.
- Remove 'sudo: false' in master.yaml, is unnecessary and breaks older
  cloud-init versions.
- Change log-error status reason to be more accurate.
- Fix the some 'python' invocations to 'python3'.
 2021-05-12 09:22:20 -07:00
Kubernetes Prow Robot
1bd00776b5
Merge pull request #101874 from tallclair/owners 
Remove tallclair for gce owners
 2021-05-10 13:49:48 -07:00
Kubernetes Prow Robot
7563d3092e
Merge pull request #96216 from knight42/refactor/disable-insecure-port-in-ctrler-mgr 
refactor: disable insecure serving in controller-manager
 2021-05-10 13:49:36 -07:00
Tim Allclair
9d349b6d21 Remove tallclair for gce owners 2021-05-10 10:21:17 -07:00
Kubernetes Prow Robot
8b1c82a34c
Merge pull request #101772 from swetharepakula/bump-glbc-image 
Update glbc image to v1.12.0
 2021-05-06 22:05:02 -07:00
Kubernetes Prow Robot
ca0c04e4d3
Merge pull request #101164 from vinayakankugoyal/apiservernonroot 
Run control-plane as non root in kube-up.
 2021-05-06 17:33:14 -07:00
Swetha Repakula
8c8db0d8e9 Update glbc image to v1.12.0 
- glbc now uses networking.k8s.io/v1 Ingress
 2021-05-06 15:20:05 -07:00
Kubernetes Prow Robot
1f3fd1cb80
Merge pull request #101751 from vinayakankugoyal/sshproxy 
Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as…
 2021-05-06 15:15:51 -07:00
Kubernetes Prow Robot
8955f55fcf
Merge pull request #101678 from vinayakankugoyal/goodbye-basicauth 
Remove remnants of basic auth from cluster bootstrap.
 2021-05-06 14:14:14 -07:00
Vinayak Goyal
6aa495ddc6 Revert - Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-06 14:02:53 -07:00
Kubernetes Prow Robot
add13090e2
Merge pull request #101732 from spencer-p/master 
Promote kube-addon-manager to v9.1.5
 2021-05-05 18:49:17 -07:00
Vinayak Goyal
487583bd0a Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 15:23:04 -07:00
Vinayak Goyal
406ceae991 Recursive chown the /etc/srv/sshproxy if kube-apiserver is running as non root. This way if a key already exists we will be able to read it. 2021-05-05 14:49:59 -07:00
Vinayak Goyal
5d8c89b164 Run control-plane as non root in kube-up. 2021-05-05 14:46:28 -07:00
Jeremy Edwards
daa5be1d01 GCE Windows: Do not install docker when containerd CRI is selected. 2021-05-05 21:06:33 +00:00
Kubernetes Prow Robot
7d176851f2
Merge pull request #100612 from pacoxu/patch-8 
kubeadm: upgrade etcd to 3.4.13-3
 2021-05-05 07:11:27 -07:00
Spencer Peterson
a119b767d0 Promote kube-addon-manager to v9.1.5 
Change-Id: Iffebad61634831b0c34eb54517a2543c75c55d68
 2021-05-04 12:14:52 -07:00
David Porter
dac06aefb0 Revert "Revert "cluster: Use python3 everywhere"" 
This reverts commit 7038338e0f.
 2021-05-03 21:43:15 -07:00
Jian Zeng
e481d99965
refactor: disable insecure serving in controller-manager 
Now the following flags have no effect and would be removed in v1.24:
* `--port`
* `--address`

The insecure port flags `--port` may only be set to 0 now.

Signed-off-by: Jian Zeng <zengjian.zj@bytedance.com>
 2021-05-03 00:01:49 +08:00
Kubernetes Prow Robot
c5b900b69c
Merge pull request #97399 from davidxia/comment-typo 
Fix typo in comment
 2021-05-01 04:57:59 -07:00
Vinayak Goyal
b87762966d Remove remnants of basic auth from cluster bootstrap. 2021-04-30 11:23:14 -07:00
Jeremy Edwards
5c713379a0 GCE Windows: mkdir -p fluent-bit pos-files directory. 2021-04-29 22:52:38 +00:00
David Porter
e02ff0687e Remove node termination handler addon 2021-04-29 14:42:23 -07:00
Kubernetes Prow Robot
f631c0e520
Merge pull request #101271 from jeremyje/fixfb 
Fix fluent-bit configuration for GCE Windows.
 2021-04-27 19:06:49 -07:00
Paco Xu
7038338e0f
Revert "cluster: Use python3 everywhere" 2021-04-26 11:21:44 +08:00
David Porter
3f87f4f278 Use python3 everywhere 2021-04-23 14:33:58 -07:00
Kubernetes Prow Robot
ae35c6f10c
Merge pull request #101255 from basantsa1989/stack-type 
Adding stack-type to gce cloud config (to be used for dual stack in legacy-cloud-providers gce code)
 2021-04-22 15:55:28 -07:00
Jeremy Edwards
e62301c87d Fix fluent-bit configuration for GCE Windows. 2021-04-22 20:04:54 +00:00
Kubernetes Prow Robot
6aa683e9cf
Merge pull request #100639 from zshihang/proxy 
dnat to 169.254.169.252 for metadata server traffic
 2021-04-21 11:15:51 -07:00
Ikko Ashimine
f69a2b40da
Fix typo in gci/README.md 
becase -> because
 2021-04-21 21:35:05 +09:00
Kubernetes Prow Robot
41505f7109
Merge pull request #101176 from jkh52/master 
kube-master-installation: improve systemd cross-unit robustness.
 2021-04-20 00:42:45 -07:00
Kubernetes Prow Robot
46b0ad1327
Merge pull request #101207 from vinayakankugoyal/sshproxy 
If kube-apiserver is running as non-root then set the permissions of …
 2021-04-19 17:24:33 -07:00
Joseph Anttila Hall
05bcc72dc2 kube-master-installation: reboot on failure. 
Also some minor reliability tweaks.
 2021-04-19 17:16:21 -07:00
Vinayak Goyal
94e34da471 If kube-apiserver is running as non-root then set the permissions of /etc/srv/sshproxy accordingly. 2021-04-19 13:16:06 -07:00
Basant Amarkhed
e15d811652 Adding stack-type to cloud config (to be used for dual stack in legacy-cloud-providers code) 2021-04-19 19:06:55 +00:00
Shihang Zhang
297ad30610 dnat to 169.254.169.252 for metadata server traffic 2021-04-19 10:47:51 -07:00
Kubernetes Prow Robot
28c877dcb6
Merge pull request #101043 from benhxy/tls-2 
Use GKE specific configuration for kubeconfig file generation
 2021-04-16 11:54:51 -07:00
Kubernetes Prow Robot
7ecd93ea1e
Merge pull request #100764 from benhxy/tls 
Use GKE specific configuration for kube-apiserver SNI cert
 2021-04-15 19:52:22 -07:00
Jeremy Edwards
c22f001a1b GCE Windows: Use authenticated HTTP GET against GCS if VM has cloud-platform scope. 2021-04-15 23:30:19 +00:00
Mike Danese
ba3fc65072 add a warning about the filter table 2021-04-15 16:22:28 -07:00
Kubernetes Prow Robot
0d0d1889ed
Merge pull request #100930 from swetharepakula/update-glbc-image 
Update glbc image in glbc addon
 2021-04-15 12:59:01 -07:00
Kubernetes Prow Robot
24350a922e
Merge pull request #101086 from enj/enj/i/auth_owners_gen 
Prune stale entries from OWNERS files
 2021-04-15 08:27:50 -07:00
pacoxu
9847579699 gcp/kubeadm: upgrade etcd to 3.4.13-3 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-04-15 11:19:41 +08:00
Maciej Borsz
493adbada9 Do not grep for curl --help for --retry-connrefused 2021-04-14 08:32:21 +02:00
Swetha Repakula
f882eadbdc Update glbc image in addon 2021-04-13 19:32:03 -07:00
Kubernetes Prow Robot
f1c037889d
Merge pull request #100770 from avrittrohwer/configure-script-logging 
Add configure script logging instrumentation
 2021-04-13 18:06:42 -07:00
Monis Khan
91241eac9b
Prune stale entries from OWNERS files 
Signed-off-by: Monis Khan <mok@vmware.com>
 2021-04-13 20:54:50 -04:00
Kubernetes Prow Robot
318db993c8
Merge pull request #101020 from cindy52/bugfix/etcd 
Change file owner of /mnt/disks/master-pd/var/etcd  instead of /var/etcd
 2021-04-13 12:09:47 -07:00
Avritt Rohwer
d4495183c9 Add configure script logging instrumentation. 
- Add log functions to facilitate debug logging.
- Wrap commands called in main with debug logging.
- Configure a systemd service to forward the logs to the serial port.
- Add a 'retry-forever' function to harden download steps.
- Add default value support to 'get-metadata-value' function.
- Fix some spellcheck lints.
 2021-04-13 09:30:49 -07:00
Ben Hu
e3270e532c GKE specific kubeconfig 2021-04-12 22:47:39 +00:00
Ben Hu
ccb742c43c Resolve comments. Remove kubeconfig changes. 2021-04-12 22:39:53 +00:00
Cindy Guo
03f60f4b60 chown on /mnt/disks/master-pd/var/etcd instead of /var/etcd 2021-04-12 08:21:01 +00:00
Kubernetes Prow Robot
a96000311f
Merge pull request #100956 from saschagrunert/cri-tools 
Update cri-tools to v1.21.0
 2021-04-12 00:35:59 -07:00
Kubernetes Prow Robot
dd95f3ab5a
Merge pull request #100980 from ibabou/update-containerd-path 
Update the containerd runtime binary path - gce
 2021-04-11 06:21:59 -07:00
Kubernetes Prow Robot
99301e672b
Merge pull request #100436 from vinayakankugoyal/apiservernonroot 
Fix kube-apiserver manifest.
 2021-04-10 20:29:35 -07:00
Antonio Ojea
93f4727aab gce configure containerd default_runtime_name 
move config to v2
 2021-04-11 00:48:22 +02:00
“Ibrahim
ec38cfcd15 Update the containerd runtime binary path - gce 2021-04-09 23:36:58 +00:00
Kubernetes Prow Robot
5b038e6cff
Merge pull request #100635 from cindy52/etcd/rootless 
Run the etcd as non-root
 2021-04-09 05:19:37 -07:00
Sascha Grunert
33e0e035ea
Update cri-tools to v1.21.0 
This updates crictl to the latest available release.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-04-09 11:05:13 +02:00
Kubernetes Prow Robot
16082557cd
Merge pull request #100353 from zshihang/master 
strip prefix 'v' in coredns version if exists
 2021-04-08 20:29:55 -07:00
Kubernetes Prow Robot
96db2323a4
Merge pull request #100041 from vteratipally/update_npd_version 
bump npd version to latest v0.8.7
 2021-04-08 17:10:55 -07:00
Cindy Guo
9f058079d2 run etcd as nonroot 
Co-authored-by: Vinayak Goyal <vinayakankugoyal@gmail.com>
 2021-04-08 20:51:45 +00:00
Ben Hu
a2d094797d Use GKE specific configuration in startup scripts in GKE deployment. 2021-04-02 00:10:53 +00:00
Vinayak Goyal
4b3271a542 Fix kube-apiserver manifest. 2021-03-21 16:24:56 -07:00
“Ibrahim
bc3f6c1be9 Fix the containerd service check 2021-03-19 23:35:05 +00:00
Shihang Zhang
d313e69c9d strip prefix 'v' in coredns version if exists 2021-03-18 10:38:06 -07:00
Maciej Szulik
a3a26171d1
Run GCE unit tests as non-root 2021-03-18 12:14:24 +01:00
Kubernetes Prow Robot
158e1464ec
Merge pull request #99971 from ibabou/update-containerd 
Update containerd config for gce
 2021-03-16 15:56:56 -07:00
Kubernetes Prow Robot
0649dfbb52
Merge pull request #99990 from aojea/unboundv 
fix cluster util.sh unbound variable
 2021-03-16 07:24:35 -07:00
Kubernetes Prow Robot
a5b5a685ec
Merge pull request #95655 from vteratipally/docker_daemon_json 
Moving docker options to daemon.json
 2021-03-10 15:00:23 -08:00
varsha teratipally
90983f66e4 Moving docker options to daemon.json 
As per the new docker guidelines about customizing the options
like adding registry-mirrors, moving the options to daemon.json
 2021-03-10 19:14:48 +00:00
Varsha Teratipally
82434ec818 bump npd version to latest v0.8.7 2021-03-09 22:48:27 +00:00
Jeremy Edwards
60df5606d6 Add Windows Defender exclusion for unpigz.exe 2021-03-09 19:52:25 +00:00
Antonio Ojea
6787d464ca fix cluster util.sh unbound variable 2021-03-09 09:18:23 +01:00
“Ibrahim
875396744f Update containerd config for gce 2021-03-09 01:13:44 +00:00
Kubernetes Prow Robot
2d3acce39b
Merge pull request #99752 from pacoxu/coredns/promote 
update cluster/dns/coredns to 1.8.0 as kubeadm
 2021-03-08 12:07:28 -08:00
Kubernetes Prow Robot
1485c6b76f
Merge pull request #99822 from dekkagaijin/addon 
Update kube-addon-manager to v9.1.4
 2021-03-06 12:50:37 -08:00
Kubernetes Prow Robot
b33b426dd0
Merge pull request #99742 from ibabou/containerd-register 
Update gce Containerd initialization to handle the runtime existence case
 2021-03-06 12:50:05 -08:00
Jake Sanders
fb40ab2cde Update kube-addon-manager to v9.1.4 2021-03-04 22:39:46 -08:00
pacoxu
2185bb40d5 update clustere/dns/coredns to 1.8.0 as kubeadm 2021-03-05 09:38:15 +08:00
Kubernetes Prow Robot
7c4a9823f5
Merge pull request #99793 from pjh/log-message-fix 
Repair quotes for some Windows log messages
 2021-03-04 13:39:40 -08:00
Kubernetes Prow Robot
9d353ef277
Merge pull request #99691 from amwat/metadata-project 
[cluster/gce] Target the correct project while adding kubeconfig metadata to the master
 2021-03-04 00:29:31 -08:00
“Ibrahim
e58a0905de Update gce Containerd initialization to handle runtime existence case 2021-03-04 03:46:30 +00:00
Peter Hornyack
bacf7394cd Repair quotes for some Windows log messages 2021-03-03 12:40:53 -08:00
Amit Watve
d65a46c9c9 Target the correct project while adding master kubeconfig metadata. 2021-03-03 00:47:43 -08:00
Peter Hornyack
3d2e9600d9 Dump detailed service information during Windows node startup 2021-03-02 15:55:40 -08:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
wojtekt
3a5d4d25bf Set progress-notify-interval to 5s for GCE provider 2021-02-25 17:23:24 +01:00