extensions/v1beta1 are deprecated and will not be served with kubernetes 1.16
anymore.
For Deployment,DaemonSet and StatefulSet the apps/v1 api has been present
since kubernetes 1.9.
See following blog post for details:
https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/
This commit attempts to add back the missing time synchronization feature
to Minikube that was removed earlier with #3476.
As mentioned in #1378 we have an alternative solution for time
synchronization for Oracle VirtualBox, so there we don't want to enable
systemd-timesyncd.
We are using systemd conditional activation on systemd-timesyncd and
exclude systems that have an oracle hypervisor hosting the vm (currently
that's virtualbox for our purposes).
This PR addresses #4604 by adding a new selector to concerned svc/rc only.
This also reverts `kubernetes.io/minikube-addons` to `registy` for registry-proxy
so that addon manager can deploy registry-proxy when registry addon is enabled.
which can be picked up during integration testing.
I opted to do it this way because the locally built gvisor image wasn't
being picked up by minikube, because the docker daemon wasn't
configured, since minikube isn't up and running yet. Even if the docker daemon was configured to point to
minikube, we wouldn't be able to build the gvisor-image from the test
itself.
We should rebuild the gvisor image for integration tests, so that if
changes are made to the gvisor image they are tested. I added an
environment variable that, when set, will change the expected gvisor
image repo.
The repository was moved to a separate organization
strings.ReplaceAll only work in go1.12, not go1.10
Need to create conmon/config.h without tags and git
The configuration _needs_ to be updated (yet again)
# This is the 1st commit message:
Fix doc comment version.gitCommitID doc
# This is the commit message #2:
Add hyperkit doc
# This is the commit message #3:
Add commit id to docker-machine-driver-kvm2 version
# This is the commit message #4:
removed label selector for registry-proxy daemonset
# This is the commit message #5:
Add support to custom qemu uri on kvm2 driver
# This is the commit message #6:
Improve hyperkit vm stop
# This is the commit message #7:
Make virtualbox DNS settings configurable
# This is the commit message #8:
added integration tests for registry addon
We need this podman setting, as long as we're running from rootfs.
no_pivot_root = true
Note that building uses a different way, an environment variable.
export BUILDAH_NOPIVOT=true
As per [this blog](https://blog.hasura.io/sharing-a-local-registry-for-minikube-37c7240d0615) and [this gist](https://gist.github.com/coco98/b750b3debc6d517308596c248daf3bb1), we need to deploy a registry-proxy
which will expose docker registry on the minikube host.
Once this daemon set is deployed on minikube, one can access registry on `$(minikube ip):5000`.
This has been tested with minikube v1.0.1 with none driver. With this, one will not have to use
`kubectl port-forward`. I was able to push a container image to registry using
```
docker push $(minikube ip):5000/test-img
```
And then ran it in minikube using
```
kubectl run -i -t test-img --image=$(minikube ip):5000/test-img --restart=Never
```
These are needed for running Kata Containers in minikube.
Kata uses linux tc for its networking
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Running the `minikube addons enable registry` yields `registry was successfully enabled` but no `registry` Pod ends up being run.
I've narrowed it down to this `env` entry not being quoted.
Logs from `kube-addon-manager-minikube` Pod show this error:
```
Error from server (BadRequest): error when creating "/etc/kubernetes/addons/registry-rc.yaml": ReplicationController in version "v1" cannot be handled as a ReplicationController: v1.ReplicationController.Spec: v1.ReplicationControllerSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found t, error found in #10 byte of ...|,"value":true}],"ima|..., bigger context ...|"name":"REGISTRY_STORAGE_DELETE_ENABLED","value":true}],"image":"registry.hub.docker.com/library/reg|...
```
We have our own runc version anyway, instead of the older
unpatched one that was shipped by mistake with 18.06.2...
But now that we are printing the container runtime version,
some people find it disturbing to see the older number.
In the default installation I get the same error:
```
$ minikube addons open heapster
💣 This addon does not have an endpoint defined for the 'addons open' command.
You can add one by annotating a service with the label kubernetes.io/minikube-addons-endpoint:heapster
```
This PR is simply implementing the suggested fix by adding the aforementioned label to the heapster service.
These two lint warnings still remain, after the cleanup:
"exported ... should have comment or be unexported"
"type name will be used as foo.FooBar by other packages,
and that stutters; consider calling this Bar"
To be able to use Kubernetes' IPVS proxy-mode, certain (IP Set) kernel modules
need to be enabled during kernel build time.
Building a new Minikube image with these modules enabled, will allow
others to switch kube-proxy in IPVS mode and experiment with it inside
Minikube.
According to Kernel documentation, support for Transparent Proxying (TPROXY)
requires 2 Netfilter modules to be installed: `xt_TPROXY` and `xt_socket`.
So far, Minikube had only `xt_TPROXY`.
See https://www.kernel.org/doc/Documentation/networking/tproxy.txt
Some users (especially for those in mainland China) may have issue
accessing the default image repository. This patchset allows users
to override the default image repository gcr.io to a different
repository by specifying --image-repository option in the command
line as a simple workaround. Images will be pulled from the
specified image repository instead of the default ones.
Example (using mirror by Aliyun):
minikube start ...
--image-repository
registry.cn-hangzhou.aliyuncs.com/google_containers
Should use the proper name for display, even if we use a name more
suitable to naming classes and methods for the implementation...
Also use the --runtime=cri-o when testing, and update the github
repository now that cri-o has graduated from incubator to a sig.
See https://cri-o.io/
When a storage provider is enabled (storage-provisioner-glusterfile),
mark it "is-default" and set "is-default" to "false" in all other
StorageClasses.
There can only be one StorageClass be marked as default. When the
storage-provisioner-gluster addon is enabled, users expect it to be the
default StorageClass.
Instead of removing the "is-default" annotation from the other
StorageClasses, set it to "false". This leaves only the "glusterfile"
StorageClass as "is-default".
With this addon dynamic provisioning based on Gluster can be enabled:
$ minikube addons enable storage-provisioner-gluster
This will deploy several pods in a new 'storage-gluster' namespace:
- glusterfs, storage service with a 10GB sparse /srv/fake-disk.img
- heketi, a smart Gluster volume manager
- glusterfile-provisioner, external-storage provisioner
In addition, the StorageClass 'glusterfile' will be created. It is
currently not configured as default StorageClass, so PVCs need to refer
to the new StorageClass.
As per https://github.com/kubernetes/kubernetes/pull/32151, kubelet
doesn't search for CNI configs in /usr/libexec/kubernetes/kubelet-plugins/net/exec/
by default anymore.
Signed-off-by: Martynas Pumputis <m@lambda.lt>
Previously, minikube has been shipped with the default CNI config
(/etc/cni/net.d/k8s.conf) in its rootfs. This complicated a lot
when using a custom CNI plugin, as the default config was picked
by kubelet before the custom CNI plugin has installed its own CNI
config. So, the end result was that some Pods were attached to a
network defined in the default config, and some got managed by
the custom plugin.
This commit introduces the flag "--enable-default-cni" to
"minikube start" to trigger the provisioning of the default CNI
config.
Signed-off-by: Martynas Pumputis <m@lambda.lt>
Change the policy for the minikube-hostpath storage class addon from
Reconcile to EnsureExists. When it's set to reconcile, it's impossible
to change the default storage class in Minikube because it will keep
setting the minikube-hostpath storageclass to default.
Ported from kubernetes/kubernetes#66235
* Change restart policy on gvisor pod
Change the restart policy on the gvisor pod to Always. This way, if a
user runs
minikube addons enable gvisor
minikube stop
minikube start
when the addon manager tries to restart the gvisor pod, it will be
restarted and gvisor will start running automatically. This PR also adds an
integration test for this functionality.
* Test stop and start
* Revert test to delete
Revert test to delete for now, for some reason "stop" and then "start"
is failing both locally and in Jenkins for VirtualBox with a "panic test
timed out after 30 min" error
This PR adds the code for enabling gvisor in minikube. It adds the pod
that will run when the addon is enabled, and the code for the image
which will run when this happens.
When gvisor is enabled, the pod will download runsc and the
gvisor-containerd-shim. It will replace the containerd config.toml and
restart containerd.
When gvisor is disabled, the pod will be deleted by the addon manager.
This will trigger a pre-stop hook which will revert the config.toml to
it's original state and restart containerd.
- Updates Ingress-Controller Version to 0.19.0
- Adds Service Account for Ingress-Controller
- Adds Support for Prometheus
- Fixes bug with TCP/UDP ConfigMaps not Loading
- Adds more resource limits to default-backend
- Use new ingress class name
- Use app.kubernetes.io/xxxxxxxxxxx labels
This provides an additional level of security, by enforcing host checking, applying port randomization, and requiring explicit user intent to expose the service to the host.
Minikube automount relies on a VM disk to be mounted (usually /dev/sda)
to provide .ssh credentials.
This commit adds a dependency on systemd-udev-settle to ensure that all devices
(including disks) are up and available before executing the mount
script.
We use systemd-udev-settle
https://github.com/systemd/systemd/blob/master/units/systemd-udev-settle.service.in
To ensure this. Note that in the above link, we can read a comment
stating that systemd-udev-settle is used to ensure a populated /dev
during bootup, which is exaclty what we want.
Signed-off-by: David Genest <david.genest@gmail.com>
Previously we were mixed between the two forms. This commit picks %v,
which is consistent with the Kubernetes code base. They both effectively
do the same thing in this case, though %v works with any object, and %s
only with string objects.
The default configuration here for ES_JAVA_OPTS will pretty much always fail as is, making this addon useless and broken unless modified. Since this is deployed automatically when addon is enabled, it seems like providing a value that works is the best option here, otherwise in a minikube the pod(s) deployed will continually fail to start.
Simple management tool for containers and images
"podman shares state with crio and so has the
capability to debug pods/images created by crio"
https://github.com/projectatomic/libpod/pull/145
Thomas Stromberg
Josh Woodcock
Anders F Björklund
Ian Lewis
Zoltán Reegn
AllenZMC
Priya Wadhwa
Zhongcheng Lao
Medya Ghazizadeh
minikube-bot
Om Kumar
Jose Donizetti
Ben Ebsworth
Francis
Medya Gh
Archana Shinde
Toliver Jue
Zoran Regvart
kerami
salamani
Himanshu Pandey
Joji Mekkatt
Dmitry Budaev
Cristian Măgherușan-Stanciu @magheru_san
Miel Donkers
karmab
Yaroslav Skopets
Kauê Doretto Grecchi
Leif Ringstad
Niels de Vos
Martynas Pumputis
Jason Cwik
Balint Pato
Jeffrey Sica
ivans3
Fernando Diaz
dlorenc
Akihiro Suda
David Genest
Sven Anderson
oilbeater
Sandeep Rajan
Bennett Ellis
yanxuean
dlorenc
Aaron Prindle
Rohit Agarwal