Commit Graph

1024 Commits

Author SHA1 Message Date
Xing Yang
6265f4f78c CSINodeInfo/CSIDriver controller changes
This is the 2nd PR to move CSINodeInfo/CSIDriver APIs to
v1beta1 core storage APIs. It includes controller side changes.
It depends on the PR with API changes:
https://github.com/kubernetes/kubernetes/pull/73883
2019-03-04 16:41:58 -08:00
Pengfei Ni
9ff480b7e4 Fix help message for --container-runtime-endpoint 2019-02-28 15:54:31 +08:00
Travis Rhoden
2c4d748bed Refactor subpath out of pkg/util/mount
This patch moves subpath functionality out of pkg/util/mount and into a
new package pkg/volume/util/subpath. NSEnter funtionality is maintained.
2019-02-26 19:59:53 -07:00
Kubernetes Prow Robot
b5566c7818 Merge pull request #71896 from awly/client-go-keyutil
client-go: extract new keyutil package from util/cert
2019-02-23 01:43:16 -08:00
Davanum Srinivas
bcf6d39b3a Deprecate containerized kubelet
Change-Id: Ia82878d81822a2d7214bea21ffe9dde7087a315f
2019-02-19 14:06:15 -05:00
Andrew Lytvynov
18458392ca Extract new keyutil package from client-go/util/cert
This package contains public/private key utilities copied directly from
client-go/util/cert. All imports were updated.

Future PRs will actually refactor the libraries.

Updates #71004
2019-02-19 09:48:59 -08:00
Kubernetes Prow Robot
16e08f3e53 Merge pull request #73408 from Klaven/component-base-flags
Move flag util pkgs to k8s.io/component-base/cli
2019-02-15 16:46:08 -08:00
Marek Counts
160ed26c20 autogen files to support new project structure. 2019-02-15 10:29:31 -05:00
Marek Counts
7744f90830 Moved flag and globalflag
Moved all flag code from `staging/src/k8s.io/apiserver/pkg/util/[flag|globalflag]` to `component-base/cli/[flag|globalflag]` except for the term function because of unwanted dependencies.
2019-02-15 10:28:13 -05:00
Ben Moss
34ac4d9ee9 Update deprecated links 2019-02-15 09:13:07 -05:00
Kubernetes Prow Robot
808f2cf0ef Merge pull request #72525 from justinsb/owners_should_not_be_executable
Remove executable file permission from OWNERS files
2019-02-14 23:55:45 -08:00
Kubernetes Prow Robot
888ff4097a Merge pull request #73651 from RobertKrawitz/node_pids_limit
Support total process ID limiting for nodes
2019-02-13 17:31:18 -08:00
Robert Krawitz
2597a1d97e Implement SupportNodePidsLimit, hand-tested 2019-02-13 14:56:17 -05:00
Kubernetes Prow Robot
a1539747db Merge pull request #73926 from alculquicondor/fix/kubelet-app-lint
Fix cmd/kubelet/app lint issues
2019-02-12 00:19:06 -08:00
Kubernetes Prow Robot
73dc138cae Merge pull request #73256 from deitch/doc-kubelet-nodename
Update kubelet overview help doc
2019-02-11 19:57:56 -08:00
Aldo Culquicondor
17a635448a Fix cmd/kubelet/app lint issues 2019-02-11 13:18:25 -05:00
Kubernetes Prow Robot
b50c643be0 Merge pull request #73540 from rlenferink/patch-5
Updated OWNERS files to include link to docs
2019-02-08 09:05:56 -08:00
Kubernetes Prow Robot
1b26097e1e Merge pull request #73030 from tnozicka/fix-csr-list-watch
Switch WaitForCertificate to informers to avoid broken watches
2019-02-07 01:45:33 -08:00
Tomas Nozicka
a7588723f7 Switch WaitForCertificate to informers to avoid broken watches 2019-02-06 22:27:00 +01:00
Kubernetes Prow Robot
6a149864fb Merge pull request #73285 from tallclair/typed-runtimeclass
Migrate RuntimeClass support to the generated typed client
2019-02-04 16:13:30 -08:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Avi Deitcher
0fae35dfd8 Update kubelet overview help doc 2019-02-01 13:14:48 +02:00
Kubernetes Prow Robot
6af7d2cb1a Merge pull request #69552 from Pingan2017/remove-experimental-fail-swap-on-flag
remove kubelet flag '--experimental-fail-swap-on' (deprecated in v1.8)
2019-01-31 19:32:28 -08:00
Andrew Kim
bdbef741d1 remove usgae of NSEnterExecutor 2019-01-29 15:20:13 -05:00
Tim Allclair
aab3523e0e Migrate RuntimeClass support to the generated typed client 2019-01-24 11:08:30 -08:00
Andrew Kim
2ea82cea20 replace pkg/util/nsenter with k8s.io/utils/nsenter 2019-01-24 13:49:04 -05:00
Marek Counts
1739e343a8 autogen files
all the autogen files that got updated due to the changes to move logs.
2019-01-17 09:16:36 -05:00
Marek Counts
ba81a5409a move logs into component-base
all the code changes to move move /apiserver/pkg/util/logs into /component-base/logs
2019-01-17 09:16:21 -05:00
Justin SB
dd19b923b7 Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Derek Carr
bce9d5f204 SupportPodPidsLimit feature beta with tests 2019-01-09 10:50:59 -05:00
Kubernetes Prow Robot
dc9261bc3b Merge pull request #71174 from smarterclayton/debug_kubeadm
Restore bootstrap in the background with fix to preserve kubeadm behavior
2018-12-03 05:49:57 -08:00
k8s-ci-robot
79e5cb2cb7 Merge pull request #71302 from liggitt/verify-unit-test-feature-gates
Split mutable and read-only access to feature gates, limit tests to readonly access
2018-11-29 21:45:12 -08:00
k8s-ci-robot
9c74dc4ef3 Merge pull request #70834 from zhangmingld/gloginfoinsteadinfof
use glog.info instead glog.infof when no var
2018-11-29 19:04:27 -08:00
k8s-ci-robot
12e5eb7dc9 Merge pull request #71011 from sigma/pr/fix-inotify
replace golang.org/x/exp/inotify with standalone library
2018-11-22 18:07:51 -08:00
Jordan Liggitt
d440ecdd3b Update non-test code to use DefaultMutableFeatureGate 2018-11-21 11:51:33 -05:00
Clayton Coleman
fde87329cb bootstrap: Use kubeconfig contents as seed for cert dir if necessary
kubeadm uses certificate rotation to replace the initial high-power
cert provided in --kubeconfig with a less powerful certificate on
the masters. This requires that we pass the contents of the client
config certData and keyData down into the cert store to populate
the initial client.

Add better comments to describe why the flow is required. Add a test
that verifies initial cert contents are written to disk. Change
the cert manager to not use MustRegister for prometheus so that
it can be tested.
2018-11-17 19:52:12 -05:00
Clayton Coleman
486577df17 Restore "Make bootstrap client cert loading part of rotation""
This reverts the revert of commit 3464222267.
2018-11-17 13:44:58 -05:00
Clayton Coleman
3464222267 Revert "Make bootstrap client cert loading part of rotation"
This reverts commit 0af19875ad.

Revert "Ensure the bootstrap rotation code is tested by forcing rotation"

This reverts commit de293b2d7d.
2018-11-17 10:24:39 -05:00
Clayton Coleman
de293b2d7d Ensure the bootstrap rotation code is tested by forcing rotation
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.

Verify that we choose the correct client.
2018-11-16 21:50:52 -05:00
Clayton Coleman
0af19875ad Make bootstrap client cert loading part of rotation
Ensure that bootstrap+clientcert-rotation in the Kubelet can:

1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds

Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).

Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.

Preserve existing behavior where:

1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
   the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
2018-11-16 21:50:26 -05:00
k8s-ci-robot
5ec9349276 Merge pull request #70917 from dims/add-log-file-option-to-kubelet-flags
add log_file option to kubelet flags
2018-11-16 15:16:53 -08:00
k8s-ci-robot
7b4d4bc8ac Merge pull request #70508 from dashpole/pod_resources_socket
Add socket-based kubelet pod resources API.
2018-11-15 13:43:44 -08:00
David Ashpole
630cb53f82 add kubelet grpc server for pod-resources service 2018-11-15 09:43:20 -08:00
Jordan Liggitt
9fb2dcad5e Limit kubelets from updating their own labels 2018-11-13 23:48:47 -05:00
Yann Hodique
4d9c01d747 replace golang.org/x/exp/inotify with standalone library
The inotify code was removed from golang.org/x/exp several years ago. Therefore
importing it from that path prevents downstream consumers from using any module
that makes use of more recent features of golang.org/x/exp.

This change is a followup to google/cadvisor#2060 which was merged with #70889

This fixes #68478
2018-11-13 14:51:40 -08:00
zhangmingld
fb73574d77 use glog.info instead glog.infof when no var 2018-11-12 17:30:37 +08:00
Davanum Srinivas
cf142a2d21 add log_file option to kubelet flags
Change-Id: I5e75902739e2f869244d1b8b229be2580aca8149
2018-11-10 22:22:01 -05:00
Davanum Srinivas
954996e231 Move from glog to klog
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
2018-11-10 07:50:31 -05:00
Pingan2017
55a29589c8 remove duplicate default in kubelet --help 2018-11-07 14:41:03 +08:00
k8s-ci-robot
c0974d7399 Merge pull request #69516 from feiskyer/win-npipe
Switch windows runtime endpoints to npipe
2018-10-23 16:44:41 -07:00