Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ubernetes-Lite: reuse existing configuration when reusing master #22594

Merged
merged 1 commit into from Mar 10, 2016
Merged

Ubernetes-Lite: reuse existing configuration when reusing master #22594

merged 1 commit into from Mar 10, 2016
+58 −2

Conversation

justinsb
Copy link
Member

@justinsb justinsb commented Mar 5, 2016

In particular, we need to share the kubelet cert & key, otherwise we
can't connect to the kube-api.

@justinsb justinsb assigned ghost Mar 5, 2016
@justinsb justinsb added this to the v1.2 milestone Mar 5, 2016
@k8s-github-robot
Copy link

Labelling this PR as size/M

@k8s-github-robot k8s-github-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 5, 2016
@k8s-bot
Copy link

k8s-bot commented Mar 5, 2016

GCE e2e build/test passed for commit de520e2da4c5721f194f66b9950f2705c7490dbb.

@justinsb
Ubernetes-Lite: reuse existing configuration when reusing master
523e1d0 
In particular, we need to share the kubelet cert & key, otherwise we
can't connect to the kube-api.

Fix kubernetes#22593
@justinsb justinsb mentioned this pull request Mar 5, 2016
Closed
@k8s-bot
Copy link

k8s-bot commented Mar 5, 2016

GCE e2e build/test passed for commit 523e1d0.

@justinsb
Copy link
Member Author

justinsb commented Mar 6, 2016

Marking cherrypick-candidate for tracking / self-reminder... We need this or something equivalent.

@yllierop
Copy link
Contributor

yllierop commented Mar 7, 2016

@justinsb is this PR missing anything that you're waiting to add?

@justinsb
Copy link
Member Author

justinsb commented Mar 7, 2016

@preillyme Just that I haven't tested it nearly as much as I would like to. That said it should be scoped only to KUBE_USE_EXISTING_MASTER (i.e. Ubernetes Lite), it does "work for me" on AWS. I haven't had the chance to test yet on GCE, but when I do I'lll remove WIP. (If anyone tests on GCE first let me know!)

@justinsb justinsb changed the title WIP: Ubernetes-Lite: reuse existing configuration when reusing master Ubernetes-Lite: reuse existing configuration when reusing master Mar 8, 2016
@justinsb
Copy link
Member Author

justinsb commented Mar 8, 2016

Removing WIP; this shouldn't break anything other than Ubernetes-Lite, and the fastest way to find out whether Ubernetes-Lite is broken is to get it into e2e.

@justinsb
Copy link
Member Author

justinsb commented Mar 9, 2016

Just tested this on GCE and it works :-) So verified working on AWS & GCE.

ghost
ghost reviewed Mar 10, 2016
View reviewed changes
cluster/aws/util.sh
# AWS_SSH_KEY
# SSH_USER
function get-master-env() {
ssh -oStrictHostKeyChecking=no -i "${AWS_SSH_KEY}" ${SSH_USER}@${KUBE_MASTER_IP} sudo cat /etc/kubernetes/kube_env.yaml
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: It's not clear to me why sudo would not prompt for an interactive password entry here. But it you've tested it, I guess it doesn't. Any idea why @justinsb ?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aah, re-reading the man page, I guess one of these applies?

Authentication and logging
       sudo requires that most users authenticate themselves by default.  A password is not required if the invoking user is root, if the target user is
       the same as the invoking user, or if the authentication has been disabled for the user or command in the sudoers file.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes - it's because all AWS images have a non-root account which you SSH in to, but that user is set up to allow passwordless sudo. (Because there's no way to communicate a password). At least all the images I've ever seen!

@ghost
Copy link

ghost commented Mar 10, 2016

@justinsb LGTM barring minor nits. Feel free to address them in a separate PR, or not at all (they're just suggestions).

@ghost ghost added lgtm "Looks good to me", indicates that a PR is ready to be merged. area/cluster-federation priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. labels Mar 10, 2016
@k8s-github-robot
Copy link

@k8s-bot test this

Tests are more than 48 hours old. Re-running tests.

@justinsb
Copy link
Member Author

Responded to all the nits - my opinion is that they should not be addressed in this PR.

@k8s-bot
Copy link

k8s-bot commented Mar 10, 2016

GCE e2e build/test passed for commit 523e1d0.

@k8s-github-robot
Copy link

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

@k8s-bot
Copy link

k8s-bot commented Mar 10, 2016

GCE e2e build/test passed for commit 523e1d0.

@k8s-github-robot
Copy link

Automatic merge from submit-queue

k8s-github-robot pushed a commit that referenced this pull request Mar 10, 2016
Merge pull request #22594 from justinsb/aws_ulite
31903c8 
Auto commit by PR queue bot
@k8s-github-robot k8s-github-robot merged commit 31903c8 into kubernetes:master Mar 10, 2016
@bgrant0607 bgrant0607 added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Mar 11, 2016
eparis pushed a commit to eparis/kubernetes that referenced this pull request Mar 11, 2016
@eparis
Merge pull request kubernetes#22594 from justinsb/aws_ulite
b2b0f5b 
Auto commit by PR queue bot
@eparis eparis mentioned this pull request Mar 11, 2016
Merged
@eparis
Copy link
Contributor

eparis commented Mar 11, 2016

This PR was sucessfully cherry picked in PR #22855
please verify that the release-1.2 branch contains these changes as you would expect and contact @eparis if there appear to be problems.

@eparis eparis removed cherrypick-candidate cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. labels Mar 11, 2016
shyamjvs pushed a commit to shyamjvs/kubernetes that referenced this pull request Dec 1, 2016
@eparis
Merge pull request kubernetes#22594 from justinsb/aws_ulite
3242441 
Auto commit by PR queue bot
shouhong pushed a commit to shouhong/kubernetes that referenced this pull request Feb 14, 2017
@eparis
Merge pull request kubernetes#22594 from justinsb/aws_ulite
cf4766c 
Auto commit by PR queue bot
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.2
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@justinsb @k8s-github-robot @k8s-bot @yllierop @eparis @k8s-teamcity-mesosphere @googlebot @bgrant0607