Commit Graph

262 Commits (12ce8c5a89053a53e0fe5e680fa416f7561c1a8e)

Author SHA1 Message Date
bgeesaman 12ce8c5a89 Protect the Kubelet API
Setting required to prevent: https://github.com/kayrus/kubelet-exploit
2017-09-01 23:45:42 -04:00
Kelsey Hightower 4ca7c45046 update docs 2017-08-31 07:17:23 -07:00
Niko Virtala f9486b081f fix KUBERNETES_PUBLIC_ADDRESS value
Instead of 'value(address)' 'value(name)' should be used to make the following forwarding-rules creation command to work. With 'value(address)' it returns an error: "ERROR: (gcloud.compute.forwarding-rules.create) Could not fetch resource: - The resource 'projects/some-random-project/regions/us-central1/addresses/w.x.y.z' was not found"
2017-08-11 14:48:11 -07:00
Adriaan de Jonge 7631b261fb Update kubectl to 1.7.0 2017-08-11 14:47:46 -07:00
Emilian Losneanu dc5fc10559 Update docker.com url 2017-08-11 14:47:31 -07:00
Abraham Ingersoll 6609858e67 Enable kubectl portfw on workers, fixes #78 2017-07-12 05:56:57 -06:00
David Ross 4d442675ba Update 05-kubernetes-controller.md
there is a bug in Kubernetes 1.6.1 that causes an error when validating the kubernetes environment and etcd.  (https://github.com/kubernetes/kubernetes/pull/39716)   I found that using the 1.7.0 version I did not get this error.  Affects the README, this file and the client configuration (moving to 1.7.0 to match)
2017-07-12 05:55:20 -06:00
David Ross adaa9fb620 Update README.md
as per my other two requests, the 1.6.1 Kubernetes had a defect that was corrected in 1.7.0.  I ran your code seamlessly using 1.7.0 today.
2017-07-12 05:55:04 -06:00
David Ross 0f826cf436 Update 07-kubectl.md
as per my other pull request, using 1.7.0 fixes an error with etcd configuration on the Kubernetes cluster.
2017-07-12 05:54:56 -06:00
Glenn Oppegard 87c0662652 Grammar fix for 06-kubernetes-worker.md 2017-07-12 05:54:19 -06:00
Christian Koep 239f1438ae Update README to reflect Kubernetes 1.6.1 update 2017-06-30 22:30:36 -04:00
Ádám Sándor bdeab26587 Add missing additional IP range in firewall validation output 2017-06-30 22:30:22 -04:00
Luis Buriola 4749e604a3 Update range for health check
This new IP range is listed on the following docs:

https://cloud.google.com/compute/docs/load-balancing/health-checks
https://cloud.google.com/compute/docs/load-balancing/http/
2017-06-02 07:57:17 -07:00
Tennis Smith bf66a60585 Update 05-kubernetes-controller.md
Unless the region is explicitly passed, I get the error:
```
ERROR: (gcloud.compute.target-pools.create) Some requests did not succeed:
 - Invalid value for field 'region': 'us-central1-b'. Unknown region.
```
2017-06-02 07:56:58 -07:00
Michael McClanahan 2983b28f13 Use gcloud compute scp instead of copy-files 2017-06-02 07:56:05 -07:00
Alan Hollis 1c53942442 Bump kubernetes to v1.6.1 2017-05-01 21:59:56 -07:00
David Castillo 0c37c60b72 Add missing backslash 2017-05-01 21:59:33 -07:00
David Castillo 8ce3a545c4 Update 01-infrastructure-gcp.md, fix #153 2017-05-01 21:59:33 -07:00
David Castillo 980059abab Fix typo in 03-auth-configs.md 2017-05-01 21:59:16 -07:00
Rory McCune 77cc14e86a Add Authentication to etcd configuration
Added two flags needed to activate client and peer authentication in etcd
2017-04-12 05:51:53 -04:00
Mads H. Danquah d81abdbcf1 Move certificate and private-key away from /var/run
It is cleared out at reboot.

It appears that only the file-name part of --tls-cert-file /
--tls-private-key-file is used and that the path is taken from
--cert-dir (which defaults to /var/run/kubernetes) so to make the path
stick we also add a --cert-dir
2017-04-12 05:51:28 -04:00
arjunyel c32977f361 Update kubectl to 1.6.0 release
Kubectl 1.6.0 has now been fully released https://github.com/kubernetes/kubernetes/releases/tag/v1.6.0
2017-03-31 16:21:40 +02:00
Tom Payne 450709e996 fix formatting of bootstrap token generation 2017-03-29 23:38:45 +02:00
Jesse Newland 610099af09 Remove quotes from audit log, signing key args 2017-03-26 21:08:01 -07:00
Mike Rostermund e6459ccbd5 Fix typo 2017-03-26 19:34:43 -07:00
Kelsey Hightower 69f4ecfa82 clean up formatting 2017-03-25 20:23:14 -07:00
Kelsey Hightower 180596398e clean up docs 2017-03-25 19:27:49 -07:00
Kelsey Hightower aba8471494 fix logging link 2017-03-25 19:22:31 -07:00
Kelsey Hightower 4d0647851a fix broken link 2017-03-25 19:06:38 -07:00
Kelsey Hightower f49493d286 doc clean up and basic formatting improvements 2017-03-25 18:52:58 -07:00
Kelsey Hightower 8022f4077b remove AWS support 2017-03-25 18:06:03 -07:00
Kelsey Hightower 333aefba3f remove AWS support 2017-03-25 14:22:39 -07:00
Kelsey Hightower 4989117cf2 remove AWS support 2017-03-25 14:20:31 -07:00
Kelsey Hightower 818501707e update to Kubernetes 1.6 2017-03-25 12:07:21 -07:00
Kelsey Hightower 2d5f895aac update to Kubernetes 1.6 2017-03-25 12:04:05 -07:00
Kelsey Hightower 81cc65cc27 update to Kubernetes 1.6 2017-03-25 11:53:08 -07:00
Kelsey Hightower ebe2845c17 update to Kubernetes 1.6 2017-03-25 11:50:26 -07:00
Kelsey Hightower c01f16bc3e update to Kubernetes 1.6 2017-03-25 11:45:32 -07:00
Kelsey Hightower f62e9c9777 update to Kubernetes 1.6 2017-03-25 11:41:26 -07:00
Kelsey Hightower e9c25522a4 update to Kubernetes 1.6 2017-03-25 10:07:48 -07:00
Kelsey Hightower 53ee78b73e update to Kubernetes 1.6 2017-03-25 09:58:47 -07:00
Kelsey Hightower 7e009610b2 update for 1.6 2017-03-25 09:44:23 -07:00
Kelsey Hightower 6827ce575e make kube-dns work again 2017-03-24 08:31:17 -07:00
Kelsey Hightower c72849f7e3 document the CSR approve flow 2017-03-24 04:24:53 -07:00
Kelsey Hightower f7532568be document the RBAC role binding process for TLS bootstrapping 2017-03-24 04:16:29 -07:00
Kelsey Hightower 94cbe1e683 add docs on using custom kubeconfigs 2017-03-24 04:08:34 -07:00
Kelsey Hightower 99d342cc3c add authentication lab 2017-03-23 23:08:54 -07:00
Kelsey Hightower 5a5314f3c9 clean up pod cidr firewall-rule 2017-03-23 19:51:39 -07:00
Kelsey Hightower c77ad0a6ba use RBAC authz 2017-03-23 19:48:53 -07:00
Kelsey Hightower 3b1700d85e update to Kubernetes 1.6 2017-03-23 19:48:14 -07:00