mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-10-24 16:21:05 +02:00
Code Issues Packages Projects Releases Wiki Activity
213 Commits 23 Branches 101 Tags
Commit Graph

213 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Murali Reddy
ed935a4d7a fix gofmt, go_vet, misspells 2017-09-02 00:29:35 +05:30
Murali Reddy
b171f226d1 Update README.md 2017-09-01 23:54:12 +05:30
Murali Reddy
2cd54fc7eb Merge pull request #142 from cloudnativelabs/br_netfilter 
Enable netfilter for bridge, a must requirement for all CNI that use bridge
v0.0.14 		2017-08-29 22:32:45 +05:30
Murali Reddy
ff079d205a Enable netfilter for bridge, requirement for all CNI that use bridge 
https://kubernetes.io/docs/concepts/cluster-administration/network-plugins/#network-plugin-requirements

Fixes #141
 2017-08-29 20:13:33 +05:30
Murali Reddy
5951f55608 Adding architecture details v0.0.13 2017-08-24 16:09:46 +05:30
Murali Reddy
89105e821c Merge pull request #134 from Thoro/mac-build-environment 
Add build-image folder, which allows to build kube-router on mac os
 2017-08-20 21:29:23 +05:30
Murali Reddy
bcb56225d3 Merge pull request #133 from Thoro/consolidate-stop-channel 
Consolidate multiple stop channels into one
 2017-08-20 21:08:35 +05:30
Thomas Rosenstein
cb0888b482 Add build-image folder, which allows to build kube-router on mac os 2017-08-20 17:30:16 +02:00
Thomas Rosenstein
9bd4bb8ccb Consolidate multiple stop channels into one 2017-08-20 17:14:35 +02:00
Murali Reddy
72fd0d2cd0 re-organize documentation 2017-08-20 17:50:53 +05:30
Murali Reddy
547b17d9c0 Merge pull request #131 from cloudnativelabs/112-ntwk-plcy 
NetworkPolicy: Fix e2e test failures
 2017-08-18 02:58:44 +05:30
Murali Reddy
1af19cbba2 NetworkPolicy: Fix e2e test failures 
- Handle namespaceSelector in NetworkPolicyPeer
  - hanlde default allow and defaul deny policies as defined in
    https://kubernetes.io/docs/concepts/services-networking/network-policies/#default-policies

Fixes #112
 2017-08-18 02:50:56 +05:30
Bryan Zubrod
8bf6281704 Add logo to README (#128) v0.0.12 2017-08-15 09:11:36 -05:00
bzub
64f7700e24 Add logo 2017-08-15 08:04:18 -05:00
Murali Reddy
0cf1037d94 Update README.md 2017-08-15 10:35:52 +05:30
Murali Reddy
42a48a9f4f Merge pull request #127 from cloudnativelabs/default-permit-policy 
Add iptable rule in filter table FORWRD chain to allow traffic in and out to the pods
 2017-08-14 18:20:18 +05:30
Murali Reddy
11a779f78c Add iptable rule in filter table FORWRD chain to allow traffic in and out to the pods 
Fixes #120
 2017-08-14 18:08:47 +05:30
Bryan Zubrod
f333aacf7e vendor: Update GoBGP to fix fd leak (#124) 2017-08-13 20:07:08 -05:00
Bryan Zubrod
ef8cf3313a Vagrant fixes (#125) 
* Fix destroy before bootkube clone
* Fix multiple calls of vagrant-destroy.sh
 2017-08-13 14:32:33 -05:00
Murali Reddy
82818d8528 Merge pull request #122 from cloudnativelabs/118-kuber-router-kubeadm 
use kube-router as kube-proxy replacement
 2017-08-11 15:43:42 +05:30
Murali Reddy
d3356513e3 use kube-router as kube-proxy replacement 
Fixes #118
 2017-08-11 15:36:46 +05:30
Murali Reddy
79a176ac10 Update kubeadm.md 2017-08-11 00:55:05 +05:30
Bryan Zubrod
c81bfbb616 Enable pod egress masquerading by default (#111) 
* Enable pod egress masquerading by default
- Adds flag "--enable-pod-egress" (default: true)
- Removes previously created iptables rule if option is changed to false
* Use an ipset to match Pod egress traffic to be masqueraded
* Set --cluster-cidr as depreciated flag
If set to anything, normal dynamic Pod egress masquerading is turned on.
* Use Replace else Add logic for updating export policy
Fixes errors logged due to existing statement in poliy.
 2017-08-10 11:50:06 -05:00
Murali Reddy
0a8b7e7fd3 Merge pull request #117 from cloudnativelabs/115-kubeadm-rbac 
kubeadm RBAC fixes and cluster setup with kubeadm instructions
 2017-08-10 18:17:50 +05:30
Murali Reddy
1786a5ea32 kubeadm RBAC fixes and cluster steup with kubeadm instructions 
Fixes #115
 2017-08-10 18:11:31 +05:30
bzub
e5f24c201d vagrant: Fix invalid shell function call 2017-08-10 01:55:40 -05:00
Bryan Zubrod
f6b33a0370 Support updating kube-router in a local VM cluster (#116) 
* gofmt
* docs: Remove manual AWS config reference. It's automatic now.
* Support updating kube-router in a running local VM cluster
- "make vagrant-image-update" target added
- Documentation added and small reorganization
 2017-08-09 23:03:49 -05:00
Murali Reddy
d3f43fc8fa Merge pull request #114 from cloudnativelabs/113-segment-voilation 
segmentation violation when kube-router is not able to contact api server
 2017-08-09 23:28:12 +05:30
Murali Reddy
801b0e940b segmentation violation when kube-router is not able to contact api server 
Fixes #113
 2017-08-09 23:21:56 +05:30
Bryan Zubrod
1a71a12ec7 vagrant: Local cluster enhancements (#110) 
* Ensure image from current build is used
* Fix vagrant destroy logic
 2017-08-07 21:39:32 -05:00
Murali Reddy
cbfe8e3790 Merge pull request #109 from cloudnativelabs/ip-ip-tunnel-perf 
reduce ipip tunnel MTU by 20 bytes to accommodate the tunnel overhead
 2017-08-07 19:43:10 +05:30
Murali Reddy
898d78d688 reduce ipip tunnel MTU 20 to accommodate the tunnel overhead 
Fixes #108
 2017-08-07 19:35:36 +05:30
Murali Reddy
fcac507d61 Merge pull request #106 from cloudnativelabs/cross-subnet-connectiivty 
Use IP-IP tunnelling for cross-subnet pod connectivity
v0.0.11 		2017-08-06 13:56:02 +05:30
Murali Reddy
b8d3914242 Use IP-IP tunnelling for cross-subnet pod connectivity 
- create a ipip tunnel interface from each node to nodes in the different subnet
- insert route to local routing table using tunnel device

Fixes #92
 2017-08-06 13:05:14 +05:30
Bryan Zubrod
5a3abf9ec1 Add support for testing code changes in kubernetes (#105) 
automated via Vagrant provisioned local VMs

fixes #105
 2017-08-06 01:11:27 -05:00
Murali Reddy
fbdd9e9a6f Merge pull request #100 from cloudnativelabs/99-randomize-service-endpoints 
Randomize service endpoint addition when configuring destination on ipvs service
 2017-08-05 04:01:24 +05:30
Murali Reddy
7934759ac2 Randomize service endpoint addition when configuring destination on ipvs service 
Fixes #99
 2017-08-05 03:38:36 +05:30
Bryan Zubrod
9e75203598 Use libnetwork/ipvs instead of libipvs (#101) 
* Use libnetwork/ipvs alternative
* PR image tag simplification
* Remove nested vendor directories
 2017-08-04 14:07:57 -05:00
Bryan Zubrod
f8174a66be network_route_controller: Avoid redundant policy sets (#98) 
* gofmt

* route_controller: Avoid redundant DefinedSet adds
 2017-08-03 02:49:20 -05:00
Bryan Zubrod
f9ae00be10 Use vendored gobgp to build gobgp client (#95) 
gobgp client inside the kube-router container will now always be in sync with the gobgp library used to build the kube-router binary
 2017-08-02 10:02:21 -05:00
Murali Reddy
3b1257c0a3 adding explicit --kubeconfig param in example daemonset manifests 
We removed implicit fallback to use /var/lib/kube-router/kubeconfig with the commit ccbba72

So kube-router takes explicit --master or --kubeconfig argument or implicitly try to use incluster configuration
v0.0.10 		2017-08-01 16:59:45 +05:30
Murali Reddy
b77c28fc35 Update README.md 2017-08-01 14:51:13 +05:30
Murali Reddy
f5e518e2d6 Merge pull request #91 from cloudnativelabs/90-network-policy-ga 
Netork policy GA: select all pods in namespace if pod selector is not specified in the network policy spec
 2017-07-31 23:14:43 +05:30
Murali Reddy
279bc66a99 Netork policy GA: select all pods in namespace if pod selector is not specified in the network policy spec 
as per semantics https://kubernetes.io/docs/api-reference/v1.7/#networkpolicy-v1-networking

Fixes #90
 2017-07-31 22:47:43 +05:30
Murali Reddy
562008ca8f Merge pull request #83 from dimm0/feature/inclusterconfig 
Using inclusterconfig for default configuration
 2017-07-29 21:05:09 +05:30
Dmitry Mishin
8d2ed48f22 Either of the --master or --kubeconfig is sufficient 2017-07-29 08:14:43 -07:00
Murali Reddy
909c24d9d3 Merge pull request #86 from cloudnativelabs/85-network-policy-ga 
GA network policy does not reject if there is not a single source pod matching a policy
 2017-07-29 18:14:50 +05:30
Murali Reddy
922c9f5808 GA network policy does not reject if there is not a single source pod matching a policy 
Fix ensures below two cases are explicitly handled

 - in the network policy spec for the ingress rule, its optionsl to give 'ports' and 'from' details
   when not specified it translates to match all ports, match all sources respectivley

 - user may explicitly give the 'ports' and 'from' details in the ingress rule. But at any given point
   its possible there is no matching pods (with labels defined in 'from') in the namespace.

Before the fix both the cases were handled similarly resulting in unexpected behaviour

Fixes #85
 2017-07-29 16:53:52 +05:30
Dmitry Mishin
1d62de7159 Merge branch 'master' into feature/inclusterconfig 2017-07-28 12:14:44 -07:00
Dmitry Mishin
ccbba7206d Using inclusterconfig for default configuration 2017-07-28 11:45:23 -07:00