Merge branch 'master' into docker-fix

This commit is contained in:
Darren Shepherd 2019-03-20 10:25:55 -07:00 committed by GitHub
commit c0bfc5d8cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 14 deletions

View File

@ -163,14 +163,14 @@ Open ports / Network security
---------------------------
The server needs port 6443 to be accessible by the nodes. The nodes need to be able to reach
other nodes over UDP port 4789. This is used for flannel VXLAN. If you don't use flannel
and provide your own custom CNI, then 4789 is not needed by k3s. The node should not listen
other nodes over UDP port 8472. This is used for flannel VXLAN. If you don't use flannel
and provide your own custom CNI, then 8472 is not needed by k3s. The node should not listen
on any other port. k3s uses reverse tunneling such that the nodes make outbound connections
to the server and all kubelet traffic runs through that tunnel.
IMPORTANT. The VXLAN port on nodes should not be exposed to the world, it opens up your
cluster network to accessed by anyone. Run your nodes behind a firewall/security group that
disables access to port 4789.
disables access to port 8472.
Server HA
@ -217,7 +217,7 @@ k3s includes and defaults to containerd. Why? Because it's just plain better. If
run with Docker first stop and think, "Really? Do I really want more headache?" If still
yes then you just need to run the agent with the `--docker` flag
k3s agent -u ${SERVER_URL} -t ${NODE_TOKEN} --docker &
k3s agent -s ${SERVER_URL} -t ${NODE_TOKEN} --docker &
systemd
-------

View File

@ -251,6 +251,18 @@ func checksum(bytes []byte) string {
return hex.EncodeToString(d[:])
}
func isEmptyYaml(yaml []byte) bool {
isEmpty := true
lines := bytes.Split(yaml, []byte("\n"))
for _, l := range lines {
s := bytes.TrimSpace(l)
if string(s) != "---" && !bytes.HasPrefix(s, []byte("#")) && string(s) != "" {
isEmpty = false
}
}
return isEmpty
}
func yamlToObjects(in io.Reader) ([]runtime.Object, error) {
var result []runtime.Object
reader := yamlDecoder.NewYAMLReader(bufio.NewReaderSize(in, 4096))
@ -263,6 +275,7 @@ func yamlToObjects(in io.Reader) ([]runtime.Object, error) {
return nil, err
}
if !isEmptyYaml(raw) {
obj, err := toObjects(raw)
if err != nil {
return nil, err
@ -270,6 +283,7 @@ func yamlToObjects(in io.Reader) ([]runtime.Object, error) {
result = append(result, obj...)
}
}
return result, nil
}
@ -279,6 +293,7 @@ func toObjects(bytes []byte) ([]runtime.Object, error) {
if err != nil {
return nil, err
}
obj, _, err := unstructured.UnstructuredJSONScheme.Decode(bytes, nil, nil)
if err != nil {
return nil, err

View File

@ -272,11 +272,8 @@ func (h *handler) newDeployment(svc *core.Service) (*apps.Deployment, error) {
},
}
for i, port := range svc.Spec.Ports {
portName := port.Name
if portName == "" {
portName = fmt.Sprintf("port-%d", i)
}
for _, port := range svc.Spec.Ports {
portName := fmt.Sprintf("lb-port-%d", port.Port)
container := core.Container{
Name: portName,
Image: image,