summary |
shortlog | log |
commit |
commitdiff |
review |
tree
first ⋅ prev ⋅ next
Paul Carver [Wed, 9 Jun 2021 21:45:13 +0000 (17:45 -0400)]
Bump minor version again to nudge the CI
Due to a CI problem the build failed. Hopefully the CI is now fixed, so
bumping the version number again in order to trigger a new, identical,
and hopefully successful this time, build.
Signed-off-by: Paul Carver <pcarver@att.com>
Change-Id: Ifde4b4e4ffb4d09ee1513dfe12e248dd10c91b39
Paul Carver [Mon, 7 Jun 2021 13:06:25 +0000 (09:06 -0400)]
Bump minor RPM version to trigger new build
LF Nexus has expired old builds and there haven't been any new code
commits in a while because REC development has stopped as of Akraino
Release 4. REC will not be participating in Release 5, but this commit
is intended to trigger the CI/CD to create a new build so that anyone
who is interested can take a look at it.
Signed-off-by: Paul Carver <pcarver@att.com>
Change-Id: I29aa5d33594d056a591e08013552a7d6da2885b0
dave kormann [Thu, 17 Dec 2020 04:07:50 +0000 (23:07 -0500)]
FIX: bump rpm minor version
oops, previous change to this package neglected to increment
the RPM version.
signed-off-by: dave kormann <davek@research.att.com>
Change-Id: Ie0ceb20e40ae8f26651994d3a5c0161842d226d6
dave kormann [Thu, 10 Dec 2020 16:04:37 +0000 (11:04 -0500)]
FIX: hostname-override is breaking the install
Speccifying the hostname on the kubelet command line appears
to break our k8s install.
This change is a workaround until we can figure out a better fix
that doesn't name nodes by IP address.
signed-off-by: dave kormann <davek@research.att.com>
Change-Id: Icde4a572fc1f018e7b5f3a14e6cadb9b8f93d9ad
dave kormann [Tue, 3 Nov 2020 18:29:11 +0000 (13:29 -0500)]
Security: disable kubelet debugging handlers flag
Akraino security policy requires the --enable-debugging-handlers flag
to be set to false -- the default value is "true". This change implements
that requirement.
signed-off-by: dave kormann <davek@research.att.com>
Change-Id: Ic9bf21e9667fc925d03d546746f8cc3e1997fead
Balazs Szekeres [Tue, 12 Nov 2019 13:52:08 +0000 (14:52 +0100)]
Kubelet healthcheck reimagined.
Fix for: https://jira.akraino.org/browse/REC-71
Healthcheck now pings local kubelet healtz api.
Every successful healthcheck loop now tries to uncordon the node.
Change-Id: Ib7665f0864fbdd2feb4d5ab9116e7c34030ee3f4
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Tue, 24 Sep 2019 13:31:10 +0000 (15:31 +0200)]
Kubernetes ceph role moved to caas-storage
Kubernetes ceph role and logic moved to caas-storage repo and rpm
Change-Id: I60e5f10b370b454f8a674ed07a82621e147c4699
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Alexandru Avadanii [Fri, 18 Oct 2019 12:19:53 +0000 (14:19 +0200)]
hypercube: Fix autoremove breakage on aarch64
Docker build fails on aarch64 with the following:
/var/tmp/rpm-tmp.CnRLJw: line 1: /usr/sbin/new-kernel-pkg: No such file
or directory
error: %preun(kernel-core-4.18.0-80.7.2.el7.aarch64) scriptlet failed,
exit status 127
Error in PREUN scriptlet in rpm package
kernel-core-4.18.0-80.7.2.el7.aarch64
The rootcause is the missing 'grubby' package in the CentOS docker
image we fetch from upstream, so install it before calling autoremove,
then clean it up later.
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: I92e6529e6459b5570d6970a415a249c57aa5ecc3
Alexandru Avadanii [Mon, 30 Sep 2019 20:48:36 +0000 (22:48 +0200)]
AArch64 support
- kubernetespause: Use multiarch pause image instead of pause-amd64;
- Dockerfile: Instead of pulling CentOS base images from dockerhub,
create them from scratch from the official SIG-cloudinstance repo:
http://artifacts.ci.centos.org/sig-cloudinstance/
- spec: Bump minor RPM version;
Co-authored-by: Jimmy Lafontaine Rivera <lafonj@gmail.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: I28e0eeea013c0bd8a19ba3611c8583520cd409be
Balazs Szekeres [Thu, 3 Oct 2019 10:41:51 +0000 (12:41 +0200)]
Kubernetes update to 1.16.2
Fixes CVE-2019-11253
Change-Id: I6b73bc1d5e9abc141c3f6525e92e3ab1e0b3289b
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Thu, 10 Oct 2019 08:31:21 +0000 (10:31 +0200)]
CVE-2019-16276 Vulnerability fix.
Change-Id: I77a0197b5a9e54be9ae1daed27aa1872ed4c3fba
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Tue, 8 Oct 2019 12:20:02 +0000 (14:20 +0200)]
Kubernetes refactered node role.
Change-Id: I2c004fde3442016d539341edb521f48dd7b8687d
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Mon, 7 Oct 2019 09:59:18 +0000 (11:59 +0200)]
Set node role for kubernetes cluster members
Change-Id: I8c5acf9d828b888511f8a57289c34f84f03cf758
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balint Varga [Thu, 3 Oct 2019 06:27:03 +0000 (08:27 +0200)]
bind_adress -> bind_address
Signed-off-by: Balint Varga <balint.varga@nokia.com>
Change-Id: I5f18878a88342959c8fa4f809584425190f8aefa
Balazs Szekeres [Wed, 2 Oct 2019 11:28:56 +0000 (13:28 +0200)]
Kube proxy can not resolve host ip
Workaround added as can seen below:
https://bugs.launchpad.net/charm-kubernetes-master/+bug/
1841114
Change-Id: Icf7c352fff19b976bd788611c0c77894c5962b04
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Wed, 2 Oct 2019 06:51:05 +0000 (08:51 +0200)]
HugePages are GA from 1.16.0
The flag no longer needed to be set.
https://github.com/kubernetes/kubernetes/pull/79307
Change-Id: Ie49d8e21f22d9a759aa3925de9279cb0d4fdd2aa
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balint Varga [Fri, 30 Aug 2019 11:09:32 +0000 (13:09 +0200)]
Configurable flannel cidr introduction
Change-Id: Id36280be18a9b5158f7a20a65ec1d94fd2669daf
Signed-off-by: Balint Varga <balint.varga@nokia.com>
Balazs Szekeres [Fri, 27 Sep 2019 13:17:15 +0000 (15:17 +0200)]
Kubernetes minor version update
Previous merge missed one.
Change-Id: I9c10358ab23782dec3ef4b70f943622a4d6fd240
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Levente Kálé [Fri, 27 Sep 2019 13:01:48 +0000 (13:01 +0000)]
Merge "Added kubelet root dir as parameter"
Balazs Szekeres [Thu, 26 Sep 2019 13:49:49 +0000 (15:49 +0200)]
Kubernetes update to 1.16.0
CVE-2019-11251: Kubernetes kubectl - Directory Traversal Vulnerability fix
Change-Id: I17bb6f5346f2b7fe3131c491cf0e66564f42e21d
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Wed, 11 Sep 2019 19:35:22 +0000 (21:35 +0200)]
Added kubelet root dir as parameter
Kubelet root directory as a parameter
Kubernetes dumps JAVA heap dump to kubernetes root dir which is not too nice
Change-Id: Icabd893f93da817592e5c457b93eb100925813bf
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Krisztian Lengyel [Thu, 19 Sep 2019 19:33:16 +0000 (15:33 -0400)]
Bump RPM version
Change-Id: I6bc6d9ca526b57632e572f128045a76a66963356
Krisztian Lengyel [Fri, 13 Sep 2019 19:29:29 +0000 (15:29 -0400)]
Add missing SNIs for custom-metrics certificate
Change-Id: I50c9df36f3f0f757adcce359beb150d53ef2dc16
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
Krisztian Lengyel [Tue, 17 Sep 2019 14:33:51 +0000 (10:33 -0400)]
Remove binding from kubelet health check
There is no more need to bind `kubelet_healthcheck.service` to
`kubelet.service`, because monitoring will take care about service
availability.
Depends-On: I0072986e8c697c1ebffaea67a06ba14b68d920b0
Change-Id: If068e42a0ad4c155ba2981c9b7a0f0330be38be7
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
Balazs Szekeres [Wed, 11 Sep 2019 21:26:13 +0000 (23:26 +0200)]
Missed the secure part
Https not http
Change-Id: Iba22d6a7bae05149047aeab85caee8080873488d
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Tue, 10 Sep 2019 17:11:38 +0000 (19:11 +0200)]
Etcd server istead of proxy
In version 3.4.0 etcd fixed it's high availability issue,
so etcd proxy no longer needed for HA.
Change-Id: Ia34b4f0faf60b4c60b75ed24f9b75578c5ae2cb9
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Fri, 30 Aug 2019 14:34:06 +0000 (16:34 +0200)]
Go version updated to 1.12.9
Change-Id: I130a42e3f0882cbedb69e6907c5861c598d35a65
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
simicza [Mon, 26 Aug 2019 11:36:00 +0000 (13:36 +0200)]
Audit log bugfix
Set 0700 permissions to the /var/log/audit/kube_apiserver directory.
Fix the number of audit log file countig process. It needed a new task, which asks the size of the audit log disk.
Depends-On: I32c515003e747293ac504672557e9862c0a24764
Signed-off-by: simicza <szilveszter.simicza@nokia.com>
Change-Id: I0f4e76ff49de5ef2d74cf9535d7f7f0d0b97ddf9
Krisztian Lengyel [Mon, 26 Aug 2019 13:07:37 +0000 (15:07 +0200)]
Update Kubernetes to version 1.15.3
Change-Id: I37f25314a8f952735841a338f24b693a1c494a17
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
Krisztián Lengyel [Mon, 26 Aug 2019 08:56:15 +0000 (08:56 +0000)]
Revert "Audit log bugfix"
This reverts commit
0141a51caf9c391aa8492a5d5ef4ba34e60d570b.
Reason for revert: Fails because of missing dependencies
Change-Id: I77f1f5344b4043223778bcabecd559759b3cecc1
simicza [Wed, 7 Aug 2019 14:57:53 +0000 (16:57 +0200)]
Audit log bugfix
Set 0700 permissions to the /var/log/audit/kube_apiserver directory.
Fix the number of audit log file countig process. It needed a new task, which asks the size of the audit log disk.
Change-Id: I3be5a5ee0300d817e7faee1ab82587746d3f57f7
Signed-off-by: simicza <szilveszter.simicza@nokia.com>
bela.szanics [Fri, 9 Aug 2019 04:30:09 +0000 (07:30 +0300)]
Add SCTP support to kube-api server
- Add SCTPSupport to kube-api feature-gate
- Increase minor version number
Change-Id: I9b0687692c11d4971fea5066fd51fceb9ae7c160
Signed-off-by: bela.szanics <bela.szanics@nokia.com>
Balazs Szekeres [Thu, 8 Aug 2019 07:44:49 +0000 (09:44 +0200)]
Kubernetes update to 1.15.2
Kubernetes update to 1.15.2
Change-Id: I92ea5e1bc8ad472290a157d8a8e311c4accaa3d3
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balint Varga [Fri, 26 Jul 2019 07:36:49 +0000 (09:36 +0200)]
Kubelet env.list updated for ansible variable
Signed-off-by: Balint Varga <balint.varga@nokia.com>
Change-Id: Ic40836b4291d7c5b5e24f52677c30a7268322ed8
Balazs Szekeres [Tue, 23 Jul 2019 09:15:16 +0000 (11:15 +0200)]
Kubernetes update
Kubernetes update to 1.15.1
Change-Id: I0afae1161b5348c32981453ef1608168533b3d31
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balazs Szekeres [Tue, 16 Jul 2019 13:18:57 +0000 (15:18 +0200)]
Etcd proxy added caas-etcd
Use etcd proxy in kube api server.
Change-Id: I8314d28c5fca6d568f3a8a75d1fc195dbe227122
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>
Balint Varga [Fri, 28 Jun 2019 12:33:48 +0000 (14:33 +0200)]
do not set ceph if ceph not configured
Signed-off-by: Balint Varga <balint.varga@nokia.com>
Change-Id: I57ef6b5f6c2650ec0796eff3b314b5f83cc64ba6
Szekeres, Balazs (Nokia - HU/Budapest) [Thu, 27 Jun 2019 11:56:16 +0000 (13:56 +0200)]
Manifest update
Cpu request setted to kubernetes.
Minor version bump.
Change-Id: I9b6c3da0c45c31102cc642cc8395c4e441ede6a1
Signed-off-by: Szekeres, Balazs (Nokia - HU/Budapest) <balazs.szekeres@nokia.com>
Ferenc Tóth [Wed, 26 Jun 2019 11:33:01 +0000 (13:33 +0200)]
Compress image using xz
Signed-off-by: Ferenc Tóth <ferenc.2.toth@nokia.com>
Change-Id: I0105fcda8a216fc57c45480c15311b2e3a2c1933
Szekeres, Balazs (Nokia - HU/Budapest) [Mon, 17 Jun 2019 10:13:37 +0000 (12:13 +0200)]
Kubernetes version update
Kuberntets updated to 1.15.0
Eviction and system reserved settings now set.
Change-Id: I9e748a3bb1580d1ba7309f3301c7bbddafad5546
Signed-off-by: Szekeres, Balazs (Nokia - HU/Budapest) <balazs.szekeres@nokia.com>
Krisztian Lengyel [Fri, 7 Jun 2019 10:55:29 +0000 (12:55 +0200)]
Make CPU reservations based on CPU allocation
Kubelet CPU reservations set to configure proper node allocatable resources:
- kube-reserved currently set to 0
- system-reserved is calculated by the following formula:
system-reserved = total cpu count - kube-reserved count - default cpu pool
Change-Id: Ibc937a533c881d55e2933c55eb3c208200c12a4f
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
Szekeres, Balazs (Nokia - HU/Budapest) [Fri, 17 May 2019 08:21:42 +0000 (10:21 +0200)]
Set time zone
Apiserver container now uses the host time zone settings.
Controller managercontainer now uses the host time zone settings.
Scheduler container now uses the host time zone settings.
Proxy container now uses the host time zone settings.
Change-Id: Icf102dedbfacf8e64b0f5bcaa2979ec30d4ee1cd
Signed-off-by: Szekeres, Balazs (Nokia - HU/Budapest) <balazs.szekeres@nokia.com>
Krisztian Lengyel [Mon, 29 Apr 2019 12:52:24 +0000 (14:52 +0200)]
Remove hardcoded libexec directory path
Change-Id: I3caab31b031fbf306ddcf8e6940b1b349c63a537
Depends-On: I2969223948218155aff121c20731eb336c13fca6
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
Krisztian Lengyel [Fri, 10 May 2019 20:17:23 +0000 (16:17 -0400)]
Make CaaS DNS domains configurable
Change-Id: Ib6ec6b77f75ae0793376a3cf20f0b7735434c1ab
Szekeres, Balazs (Nokia - HU/Budapest) [Mon, 6 May 2019 07:52:44 +0000 (09:52 +0200)]
Missing package added.
- In docker-build/hyperkube/Dockerfile the
contrack-tools package was missing,
which resulted proxier.go errors
when tried to call conntack.
- Also added .gitreview for ease of use.
Change-Id: I7282280fa710665d51c958df83ad3af6bc387fbe
Signed-off-by: Szekeres, Balazs (Nokia - HU/Budapest) <balazs.szekeres@nokia.com>
Szekeres, Balazs (Nokia - HU/Budapest) [Thu, 2 May 2019 11:47:25 +0000 (13:47 +0200)]
Added seed code for caas-kubernetes.
Added seed code for caas-kubernetes.
Change-Id: Iff1a433f3fb6436b83c09ebf909e636b4e8c4e0c
Signed-off-by: Szekeres, Balazs (Nokia - HU/Budapest) <balazs.szekeres@nokia.com>
Eric Ball [Wed, 1 May 2019 00:25:17 +0000 (00:25 +0000)]
Initial empty repository
Code Review / ta / caas-kubernetes.git / log