Production-Grade Container Scheduling and Management
Go to file
Kubernetes Submit Queue 5b8d600d72 Merge pull request #41919 from Cynerva/gkk/kubelet-auth
Automatic merge from submit-queue (batch tested with PRs 41919, 41149, 42350, 42351, 42285)

Juju: Disable anonymous auth on kubelet

**What this PR does / why we need it**:

This disables anonymous authentication on kubelet when deployed via Juju.

I've also adjusted a few other TLS options for kubelet and kube-apiserver. The end result is that:
1. kube-apiserver can now authenticate with kubelet
2. kube-apiserver now verifies the integrity of kubelet

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:

https://github.com/juju-solutions/bundle-canonical-kubernetes/issues/219

**Special notes for your reviewer**:

This is dependent on PR #41251, where the tactics changes are being merged in separately.

Some useful pages from the documentation:
* [apiserver -> kubelet](https://kubernetes.io/docs/admin/master-node-communication/#apiserver---kubelet)
* [Kubelet authentication/authorization](https://kubernetes.io/docs/admin/kubelet-authentication-authorization/)

**Release note**:

```release-note
Juju: Disable anonymous auth on kubelet
```
2017-03-03 16:44:37 -08:00
.github
api Merge pull request #41770 from k82cn/updated_sched_name 2017-03-03 09:24:44 -08:00
build Merge pull request #42090 from timstclair/kube-proxy 2017-03-01 04:10:06 -08:00
cluster Merge pull request #41919 from Cynerva/gkk/kubelet-auth 2017-03-03 16:44:37 -08:00
cmd Merge pull request #42018 from luxas/kubeadm_cert_phase 2017-03-03 09:24:46 -08:00
docs Merge pull request #41770 from k82cn/updated_sched_name 2017-03-03 09:24:44 -08:00
examples Merge pull request #42113 from chrislovecnm/cassandra-update 2017-03-01 07:48:26 -08:00
federation Merge pull request #41770 from k82cn/updated_sched_name 2017-03-03 09:24:44 -08:00
Godeps Add dependencency on k8s.io/metrics 2017-03-01 10:23:29 -05:00
hack Merge pull request #41919 from Cynerva/gkk/kubelet-auth 2017-03-03 16:44:37 -08:00
hooks
logo
pkg Merge pull request #41306 from gnufied/implement-interface-bulk-volume-poll 2017-03-03 10:54:38 -08:00
plugin Merge pull request #41306 from gnufied/implement-interface-bulk-volume-poll 2017-03-03 10:54:38 -08:00
staging Merge pull request #42275 from deads2k/cli-05-restmapper 2017-03-03 10:54:43 -08:00
test Merge pull request #42341 from dashpole/critial_pod_test 2017-03-03 14:34:37 -08:00
third_party
translations Update extraction script, sort messages, add .pot file. 2017-02-23 18:53:00 +00:00
vendor Merge pull request #42187 from smarterclayton/wrong_error_from_timeout 2017-03-03 10:54:40 -08:00
.bazelrc
.gazelcfg.json
.generated_files
.gitattributes
.gitignore
BUILD.bazel
CHANGELOG.md Update CHANGELOG.md for v1.6.0-beta.1. 2017-03-02 15:53:24 -08:00
code-of-conduct.md
CONTRIBUTING.md
labels.yaml
LICENSE
Makefile Make make quick-release quick again 2017-02-21 14:35:55 -08:00
Makefile.generated_files
OWNERS
OWNERS_ALIASES add OWNER file to kubelet/network 2017-02-24 11:41:13 -08:00
README.md
Vagrantfile
WORKSPACE

Kubernetes

Submit Queue Widget GoDoc Widget

Introduction

Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications. Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF).

Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.


Are you ...

Code of Conduct

The Kubernetes community abides by the CNCF code of conduct. Here is an excerpt:

As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.

Community

Do you want to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented?. If you are a company, you should consider joining the CNCF. For details about who's involved in CNCF and how Kubernetes plays a role, read the announcement. For general information about our community, see the website community page.

Contribute

If you're interested in being a contributor and want to get involved in developing Kubernetes, get started with this reading:

You will then most certainly gain a lot from joining a SIG, attending the regular hangouts as well as the community meeting.

If you have an idea for a new feature, see the Kubernetes Features repository for a list of features that are coming in new releases as well as details on how to propose one.

Building Kubernetes for the impatient

If you want to build Kubernetes right away there are two options:

$ go get -d k8s.io/kubernetes
$ cd $GOPATH/src/k8s.io/kubernetes
$ make
$ git clone https://github.com/kubernetes/kubernetes
$ cd kubernetes
$ make quick-release

If you are less impatient, head over to the developer's documentation.

Support

While there are many different channels that you can use to get hold of us (Slack, Stack Overflow, Issues, Forums/Mailing lists), you can help make sure that we are efficient in getting you the help that you need.

If you need support, start with the troubleshooting guide and work your way through the process that we've outlined.

That said, if you have questions, reach out to us one way or another. We don't bite!

Analytics