Production-Grade Container Scheduling and Management
Go to file
k8s-merge-robot 1eb221e96f Merge pull request #25561 from andyzheng0831/webhook
Automatic merge from submit-queue

Configuration for GCP webhook authentication and authorization

This PR adds configuration for GCP webhook authentication and authorization in ContainerVM and GCI. The change of configure-vm.sh and kube-apiserver.manifest is directly copied from @cjcullen's PR #25380 and #25296. The change in GCI script configure-helper.sh includes the support for webhook authentication and authorization, and also some code refactor to improve readability.

@cjcullen @roberthbailey @zmerlynn please review it. The original PRs are P1, please mark this as P1.

cc/ @fabioy @kubernetes/goog-image FYI.

I verified it by running e2e tests on GCI cluster. Without the GCI side change, cluster creation fails as being capture by GKE Jenkins tests. I don't test when the two env GCP_AUTHN_URL and GCP_AUTHZ_URL are set, because they are only set in GKE. After this PR is merged, @cjcullen will test in GKE.
2016-05-21 22:30:14 -07:00
.github Explain how to close an issue within a PR message 2016-05-18 10:03:50 +10:00
api/swagger-spec Regenerate swagger, api, conversion and other code that needs to be regenerated 2016-05-18 16:12:55 +02:00
build Revert "Add support for running GCI on the GCE cloud provider" 2016-05-18 21:31:28 -07:00
cluster Merge pull request #25561 from andyzheng0831/webhook 2016-05-21 22:30:14 -07:00
cmd Merge pull request #25772 from derekwaynecarr/eviction-max-grace 2016-05-21 12:43:45 -07:00
contrib Merge pull request #25069 from vincepii/master 2016-05-21 18:30:06 -07:00
docs Merge pull request #25838 from cjcullen/authzcache 2016-05-21 20:34:34 -07:00
examples Merge pull request #25583 from chrislovecnm/cassandra-image-bump 2016-05-20 04:42:12 -07:00
federation Merge pull request #25243 from smarterclayton/explore_quantity 2016-05-19 16:56:48 -07:00
Godeps Merge pull request #25475 from soltysh/scheduledjob_client 2016-05-21 14:10:41 -07:00
hack Merge pull request #25838 from cjcullen/authzcache 2016-05-21 20:34:34 -07:00
hooks Get rid of hack/after-build scripts 2016-05-08 20:32:06 -07:00
logo
pkg Merge pull request #25838 from cjcullen/authzcache 2016-05-21 20:34:34 -07:00
plugin Merge pull request #25863 from ping035627/ping035627-patch-2 2016-05-21 21:34:28 -07:00
release release scripts respect TMPDIR 2016-04-28 11:00:28 -07:00
test Merge pull request #25694 from cjcullen/authncache 2016-05-21 10:48:38 -07:00
third_party update third_party go/build to go1.6 2016-05-08 20:30:38 -07:00
vendor Merge pull request #25475 from soltysh/scheduledjob_client 2016-05-21 14:10:41 -07:00
www
.generated_docs Add 'kubectl set image' 2016-05-18 21:23:17 -07:00
.gitignore Begin .gitignore lines with / 2016-05-03 08:57:12 -04:00
.travis.yml Disable travis. 2016-04-22 11:48:11 -07:00
CHANGELOG.md implement taints and tolerations 2016-05-18 15:06:23 +00:00
code-of-conduct.md
CONTRIB.md
CONTRIBUTING.md
DESIGN.md
LICENSE
Makefile Remove Godeps/_workspace on make clean 2016-05-11 08:07:04 -07:00
README.md README: be more accurate about where k8s can run 2016-05-15 13:59:31 -05:00
Vagrantfile

Kubernetes

GoReportCard Widget GoDoc Widget Travis Widget Coverage Status Widget

Are you ...

  • Interested in learning more about using Kubernetes? Please see our user-facing documentation on kubernetes.io
  • Interested in hacking on the core Kubernetes code base? Keep reading!

Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications.

Kubernetes is:

  • lean: lightweight, simple, accessible
  • portable: public, private, hybrid, multi cloud
  • extensible: modular, pluggable, hookable, composable
  • self-healing: auto-placement, auto-restart, auto-replication

Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale, combined with best-of-breed ideas and practices from the community.


Kubernetes is ready for Production!

With the 1.0.1 release Kubernetes is ready to serve your production workloads.

Kubernetes can run anywhere!

You can run Kubernetes on your local workstation under Vagrant, cloud providers (e.g. GCE, AWS, Azure), and physical hardware. Essentially, anywhere Linux runs you can run Kubernetes. Checkout the Getting Started Guides for details.

Concepts

Kubernetes works with the following concepts:

Cluster
A cluster is a set of physical or virtual machines and other infrastructure resources used by Kubernetes to run your applications. Kubernetes can run anywhere! See the Getting Started Guides for instructions for a variety of services.
Node
A node is a physical or virtual machine running Kubernetes, onto which pods can be scheduled.
Pod
Pods are a colocated group of application containers with shared volumes. They're the smallest deployable units that can be created, scheduled, and managed with Kubernetes. Pods can be created individually, but it's recommended that you use a replication controller even if creating a single pod.
Replication controller
Replication controllers manage the lifecycle of pods. They ensure that a specified number of pods are running at any given time, by creating or killing pods as required.
Service
Services provide a single, stable name and address for a set of pods. They act as basic load balancers.
Label
Labels are used to organize and select groups of objects based on key:value pairs.

Documentation

Kubernetes documentation is organized into several categories.

Community, discussion, contribution, and support

See which companies are committed to driving quality in Kubernetes on our community page.

Do you want to help "shape the evolution of technologies that are container packaged, dynamically scheduled and microservices oriented?"

You should consider joining the Cloud Native Computing Foundation. For details about who's involved and how Kubernetes plays a role, read their announcement.

Code of conduct

Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.

Are you ready to add to the discussion?

We have presence on:

You can also view recordings of past events and presentations on our Media page.

For Q&A, our threads are at:

Want to do more than just 'discuss' Kubernetes?

If you're interested in being a contributor and want to get involved in developing Kubernetes, start in the Kubernetes Developer Guide and also review the contributor guidelines.

Support

While there are many different channels that you can use to get ahold of us, you can help make sure that we are efficient in getting you the help that you need.

If you need support, start with the troubleshooting guide and work your way through the process that we've outlined.

That said, if you have questions, reach out to us one way or another. We don't bite!

Community resources:

  • Awesome-kubernetes:

You can find more projects, tools and articles related to Kubernetes on the awesome-kubernetes list. Add your project there and help us make it better.

Instructive & educational resources for the Kubernetes community. By the community.

Analytics