Should use the proper name for display, even if we use a name more
suitable to naming classes and methods for the implementation...
Also use the --runtime=cri-o when testing, and update the github
repository now that cri-o has graduated from incubator to a sig.
See https://cri-o.io/
Previously, minikube has been shipped with the default CNI config
(/etc/cni/net.d/k8s.conf) in its rootfs. This complicated a lot
when using a custom CNI plugin, as the default config was picked
by kubelet before the custom CNI plugin has installed its own CNI
config. So, the end result was that some Pods were attached to a
network defined in the default config, and some got managed by
the custom plugin.
This commit introduces the flag "--enable-default-cni" to
"minikube start" to trigger the provisioning of the default CNI
config.
Signed-off-by: Martynas Pumputis <m@lambda.lt>
* Change restart policy on gvisor pod
Change the restart policy on the gvisor pod to Always. This way, if a
user runs
minikube addons enable gvisor
minikube stop
minikube start
when the addon manager tries to restart the gvisor pod, it will be
restarted and gvisor will start running automatically. This PR also adds an
integration test for this functionality.
* Test stop and start
* Revert test to delete
Revert test to delete for now, for some reason "stop" and then "start"
is failing both locally and in Jenkins for VirtualBox with a "panic test
timed out after 30 min" error
This PR adds the code for enabling gvisor in minikube. It adds the pod
that will run when the addon is enabled, and the code for the image
which will run when this happens.
When gvisor is enabled, the pod will download runsc and the
gvisor-containerd-shim. It will replace the containerd config.toml and
restart containerd.
When gvisor is disabled, the pod will be deleted by the addon manager.
This will trigger a pre-stop hook which will revert the config.toml to
it's original state and restart containerd.
Small improvements to debugging and reducing integration test flakiness:
* added logging to kubeadm init in the SSHExecutor
* increasing timeout for RBAC creation via the kubernetes client set
* only log tunnel output to test logger
This change is a bit of a hack to make IP routing work over the virtio-net interface - it forces the virtio-net interface (bridge100) created by hyperkit/xhyve to reset via removing and readding the single member of the interface. Without this "reset" packets are just simply lost most of the time, despite a completely healthy IP route.
This error was also the reason for a large percentage of our integration test failures. While reducing the flakiness of tunnel related tests I also increased the timeout requirement and adding retries to the nginx request in TestTunnel.
This commit introduces a new command, `minikube tunnel`, a LoadBalancer emulator functionality, that must be run with root permissions.
This command:
* Establishes networking routes from the host into the VM for all IP ranges used by Kubernetes.
* Enables a cluster controller that allocates IPs to services external `LoadBalancer` IPs.
* Cleans up routes and IPs when stopped (Ctrl+C), when `minikube` stops, and when `minikube tunnel` is ran with the `--cleanup` flag
These tests reliably cause a "panic: timed out" condition due to
hitherto unknown reasons. See issue #3200 for context.
dlorenc mentioned that this test never worked, so when I re-enabled it
recently for all platforms in af61bf790c,
it introduced a persistent test failure for darwin.
I'll leave issue #3200 open until we are able to re-enable this test.
- Updates Ingress-Controller Version to 0.19.0
- Adds Service Account for Ingress-Controller
- Adds Support for Prometheus
- Fixes bug with TCP/UDP ConfigMaps not Loading
- Adds more resource limits to default-backend
- Use new ingress class name
- Use app.kubernetes.io/xxxxxxxxxxx labels
This provides an additional level of security, by enforcing host checking, applying port randomization, and requiring explicit user intent to expose the service to the host.
Previously we were mixed between the two forms. This commit picks %v,
which is consistent with the Kubernetes code base. They both effectively
do the same thing in this case, though %v works with any object, and %s
only with string objects.
This effectively reverts 0a5efe156c - whose behavior was apparently correct. Both coredns and kubedns share k8s-app=kube-dns labels in our current environment.
Make future failures to this test easier to debug. Here's an example of
the test failure I ran into:
--- FAIL: TestFunctional/EnvVars (0.58s)
cluster_env_test.go:36: SetEnvFromEnvCmdOutput: Error: No variables were parsed from docker-env output:
set -gx DOCKER_TLS_VERIFY "1";
set -gx DOCKER_HOST "tcp://192.168.39.199:2376";
set -gx DOCKER_CERT_PATH "/usr/local/google/home/tstromberg/.minikube/certs";
set -gx DOCKER_API_VERSION "1.35";
# Run this command to configure your shell:
# eval (minikube docker-env)
Thomas Strömberg
Anders F Björklund
Sharif Elgamal
Marcos Diez
Nicholas Goozeff
Martynas Pumputis
priyawadhwa
Nicholas Goozeff
Balint Pato
Fernando Diaz
dlorenc
dlorenc
Aaron Prindle
kairen
Yongkun Anfernee Gui