Some files may be left uncopied to the VM when there are multiple
files in the .minikube/files directory as the code misinterprets
the last parent dir as parent dirs for all files, which results
some files with the same name were not copied.
This patch fixes the behavior.
When copying assets from .minikube/files on windows, directories get squashed during transfer. ie /etc/ssl/certs/test.pem becomes ~minikube/etcsslcerts/test.pem. This pull request ensures any window style directories are converted into unix style.
Since minikube is the canonical kubernetes deployment for learning and playing with things, this trivial PR makes it easy to see the storage provisioner in action, the current logging shows very little easier to differentiate how volumes are spun up.
When a storage provider is enabled (storage-provisioner-glusterfile),
mark it "is-default" and set "is-default" to "false" in all other
StorageClasses.
There can only be one StorageClass be marked as default. When the
storage-provisioner-gluster addon is enabled, users expect it to be the
default StorageClass.
Instead of removing the "is-default" annotation from the other
StorageClasses, set it to "false". This leaves only the "glusterfile"
StorageClass as "is-default".
With this addon dynamic provisioning based on Gluster can be enabled:
$ minikube addons enable storage-provisioner-gluster
This will deploy several pods in a new 'storage-gluster' namespace:
- glusterfs, storage service with a 10GB sparse /srv/fake-disk.img
- heketi, a smart Gluster volume manager
- glusterfile-provisioner, external-storage provisioner
In addition, the StorageClass 'glusterfile' will be created. It is
currently not configured as default StorageClass, so PVCs need to refer
to the new StorageClass.
Previously, minikube has been shipped with the default CNI config
(/etc/cni/net.d/k8s.conf) in its rootfs. This complicated a lot
when using a custom CNI plugin, as the default config was picked
by kubelet before the custom CNI plugin has installed its own CNI
config. So, the end result was that some Pods were attached to a
network defined in the default config, and some got managed by
the custom plugin.
This commit introduces the flag "--enable-default-cni" to
"minikube start" to trigger the provisioning of the default CNI
config.
Signed-off-by: Martynas Pumputis <m@lambda.lt>
* Save old cluster config in memory before overwriting
In PR #3426, I changed "minikube start" to overwrite the cluster config earlier so that the container runtime could be extracted from it by the buildroot provisioner. This introduced a bug later on, where minikube expected to read the kubernetes version from theold config (which no longer existed, because the config was overwritten).
To fix this, I changed the code to store the old version of the config in memory before overwriting it.
This should fix#3447
Previously, when "minikube start" has been invoked with
"--network-plugin=<..>", the value was not passed to kubelet. Therefore,
the additional param "--extra-config=kubelet.network-plugin=<..>"
was required.
This commit ensures that the value is being passed to kubelet, so
the extra-config value is no longer needed.
Signed-off-by: Martynas Pumputis <m@lambda.lt>
This PR adds the code for enabling gvisor in minikube. It adds the pod
that will run when the addon is enabled, and the code for the image
which will run when this happens.
When gvisor is enabled, the pod will download runsc and the
gvisor-containerd-shim. It will replace the containerd config.toml and
restart containerd.
When gvisor is disabled, the pod will be deleted by the addon manager.
This will trigger a pre-stop hook which will revert the config.toml to
it's original state and restart containerd.
* Only restart docker service if container runtime is docker
Only allow the buildroot provisioner to restart docker if the container
runtime is docker. This change should fix the bug in #3424, since now
docker will not be restarted if the container runtime is containerd.
* Added files to fix FileContent--proc-sys-net-bridge-bridge-nf-call-iptables precheck error
From this issue: https://github.com/kubernetes/kubeadm/issues/1062
these files need to be added to prevent this precheck error (which occurs when running any container runtime that isn't docker).
Also, save the machine config on the user's filesystem earlier so that the buildprovisioner can access it.
Small improvements to debugging and reducing integration test flakiness:
* added logging to kubeadm init in the SSHExecutor
* increasing timeout for RBAC creation via the kubernetes client set
* only log tunnel output to test logger
This change is a bit of a hack to make IP routing work over the virtio-net interface - it forces the virtio-net interface (bridge100) created by hyperkit/xhyve to reset via removing and readding the single member of the interface. Without this "reset" packets are just simply lost most of the time, despite a completely healthy IP route.
This error was also the reason for a large percentage of our integration test failures. While reducing the flakiness of tunnel related tests I also increased the timeout requirement and adding retries to the nginx request in TestTunnel.
After stopping any runtimes that aren't being used, if we're using
containerd then we need to restart it. This is because it competes with
cri-o to listen on port 10010, causing a necesary plugin to not be
installed. After stopping cri-o, we need to restart containerd so that
the plugin is installed.
I also added some preflight checks when using alternative runtimes.
kubeadm checks to make sure the Docker service is running, so I disabled
that. It also checks if a few ports are available; these are ports that
containerd uses, so I also added them to the ignore list.
This should finish the work started in #3211, which stopped alternative
runtimes but didn't restart containerd. I was able to run "minikube
start" with containerd locally with this change.
* Add config parameter for the cri socket path
Closes#3153
* Remove stray newline, when not using criSocket
* Add the --cri-socket parameter to configuration
Also fix the syntax for CRI-O, adding unix://
This commit introduces a new command, `minikube tunnel`, a LoadBalancer emulator functionality, that must be run with root permissions.
This command:
* Establishes networking routes from the host into the VM for all IP ranges used by Kubernetes.
* Enables a cluster controller that allocates IPs to services external `LoadBalancer` IPs.
* Cleans up routes and IPs when stopped (Ctrl+C), when `minikube` stops, and when `minikube tunnel` is ran with the `--cleanup` flag
https://github.com/kubernetes/minikube/issues/2768
for Windows, by converting \ in directory string to / and using
`path.Join` instead of `filepath.Join` which uses Unix format
instead of using he current OS directory delimeter.
- Updates Ingress-Controller Version to 0.19.0
- Adds Service Account for Ingress-Controller
- Adds Support for Prometheus
- Fixes bug with TCP/UDP ConfigMaps not Loading
- Adds more resource limits to default-backend
- Use new ingress class name
- Use app.kubernetes.io/xxxxxxxxxxx labels
This provides an additional level of security, by enforcing host checking, applying port randomization, and requiring explicit user intent to expose the service to the host.
Previously we were mixed between the two forms. This commit picks %v,
which is consistent with the Kubernetes code base. They both effectively
do the same thing in this case, though %v works with any object, and %s
only with string objects.
The "aufs" storage driver has been deprecated,
changed in Docker 17.09 for "overlay2" instead.
See https://github.com/docker/machine/pull/4558
This only affects the "boot2docker" provisioner,
since it is already being used by "buildroot".
Closes#3078
Opt-in with `minikube config set embed-certs true`. Similar to the
behaviour of `kubectl config set-credentials --embed-certs`.
Enables Minikube on Windows to produce a .kube/config file that
can be shared directly with kubectl inside the Windows Subsystem
for Linux (WSL) without needing to perform additional translation
of the certificate paths within the configuration file.
Add a versioned flag for the enable-admission-control flags
Add a second step to call "kubeadm alpha phase addon all" which seems to be required now to get coredns running.
I tested this all the way back to 1.9.0.
The purpose of these changes is to enhance Hyperkit support from the
minikube command line for better integration with enterprise networks
behind a VPN.
uuid: Provide VM UUID to restore MAC address (only supported with
Hyperkit driver).
vpnkitSock: Location of the VPNKit socket used for networking. If empty,
disables Hyperkit VPNKitSock, if 'auto' uses Docker for Mac
VPNKit connection, otherwise uses the specified VSock."
vsockPorts: List of guest VSock ports that should be exposed as sockets
on the host (Only supported on with hyperkit now).
Note:
tests pass but file:
`vendor/github.com/google/certificate-transparency/go/x509/root_darwin.go`
has to be edited to correct an issue - not committed since this is in
the vendor directory.
- Add registry to register all supported drivers in different platforms.
- Add DriverDef to define driver's metadata.
- All driver support logic moved to pkg/minikube/drivers, removed all
driver name switches scattered in different packages.
Use ListDrivers() method to get the list of VM drivers.
SupportedVMDrivers become the whole list of VM drivers on all
platforms, which is used in gendocs only.
Different platform has differnet list of supported drivers. The
registry contains the correct list of drivers that are supported. In
future we could add commands like `minikube list-drivers`
Before this patch the virtual CPU was the stock qemu CPU, in the sense that
the virtual CPU features were set according to the default qemu CPU.
With this change the CPU features of the host will be copied at start to the
domain definition. This includes features like svm and vmx, which in turn allow
to run nested virtualization if the host is configured accordingly i.e.
`kvm_intel nested=y` in `/etc/modprobe.d/kvm.conf`.
To turn on nesting, a user has to specify `--kvm-cpu-model host-model` when
creating the VM.
Resolves#2553
Signed-off-by: Fabian Deutsch <fabiand@fedoraproject.org>
This is a mismatch issue between new minikube versions and old ISO versions. It's
also unlikely to cause a real issue because it requires users to opt-into crio and
modify crio-specific settings to cause trouble.
Thomas Strömberg
Bassam Tabbara
Zhongcheng Lao
Anders F Björklund
Himanshu Pandey
Kubernetes Prow Robot
jay vyas
jay vyas
balopat
Denis Denisov
Jeff Wu
Rob Richardson
Fabio Rapposelli
bpopovschi
Kazuki Suda
Niels de Vos
Martynas Pumputis
Balint Pato
Charles-Henri de Boysson
Jeffrey Sica
Cory Locklear
Chris Eason
Alasdair Tran
priyawadhwa
JoeWrightss
ivans3
Peeyush gupta
dlorenc
mikeweiwei
mooncake
xichengliudui
Mark Gibbons
Nicholas Irving
Denis Gladkikh
Fernando Diaz
Marcus Heese
Kumbirai Tanekha
AdamDang
NsLib
Jason Stangroome
Sebastien Collin
yanxuean
Sandeep Rajan
Viktor Safronov
dlorenc
Aaron Prindle
Rohit Agarwal
kairen
Luke Weber
Jimmi Dyson
Peter Trotman
ruicao
seborama
Michal Rostecki
kairen
Ivan Hamilton
Arnaud MAZIN
PI-Victor
awalker125
Tim Hockin
Matt Rickard
Matt Rickard
Yongkun Anfernee Gui
Fabian Deutsch
David Muckle
Hank Jacobs