Page MenuHomePhabricator
Create Task
Maniphest T136413

Allow accessing kubernetes services / apiserver from bastions
Closed, ResolvedPublic
Actions

Description

This requires:

  1. kubectl installed
  2. Flannel installed and running (for being able to hit pod IPs)
  3. kube-proxy installed and running (for being able to hit service IPs)

Details

SubjectRepoBranchLines +/-
tools: Allow bastions to talk to flannel etcdoperations/puppetproduction+6 -5
tools: Fixup k8s bastion roleoperations/puppetproduction+87 -8
k8s: Decouple kubelet from kube-proxyoperations/puppetproduction+5 -8
Customize query in gerrit

Related Objects
Search...

Event Timeline

yuvipanda created this task.May 27 2016, 2:11 PM
Restricted Application added a subscriber: Zppix. · View Herald TranscriptMay 27 2016, 2:11 PM
gerritbot subscribed.May 27 2016, 2:16 PM

Change 291239 had a related patch set uploaded (by Yuvipanda):
k8s: Decouple kubelet from kube-proxy

https://gerrit.wikimedia.org/r/291239

gerritbot added a project: Patch-For-Review.May 27 2016, 2:16 PM
gerritbot added a comment.May 27 2016, 2:28 PM

Change 291239 merged by Yuvipanda:
k8s: Decouple kubelet from kube-proxy

https://gerrit.wikimedia.org/r/291239

yuvipanda mentioned this in rOPUPbbe7e95d6351: k8s: Decouple kubelet from kube-proxy.May 27 2016, 2:31 PM
yuvipanda added a comment.May 27 2016, 2:39 PM

I've also uploaded our flannel package to the wikimedia trusty repo.

gerritbot added a comment.May 27 2016, 2:40 PM

Change 291243 had a related patch set uploaded (by Yuvipanda):
tools: Fixup k8s bastion role

https://gerrit.wikimedia.org/r/291243

Danny_B removed a project: Tracking-Neverending.May 27 2016, 4:27 PM
yuvipanda claimed this task.May 27 2016, 10:20 PM

It's now running flannel and kube-proxy properly! \o/

gerritbot added a comment.May 29 2016, 6:57 AM

Change 291243 merged by Yuvipanda:
tools: Fixup k8s bastion role

https://gerrit.wikimedia.org/r/291243

yuvipanda mentioned this in rOPUP6f687a9e3548: tools: Fixup k8s bastion role.May 29 2016, 7:01 AM
gerritbot added a comment.May 30 2016, 10:29 PM

Change 291841 had a related patch set uploaded (by Yuvipanda):
tools: Allow bastions to talk to flannel etcd

https://gerrit.wikimedia.org/r/291841

gerritbot added a comment.May 30 2016, 10:30 PM

Change 291841 merged by Yuvipanda:
tools: Allow bastions to talk to flannel etcd

https://gerrit.wikimedia.org/r/291841

yuvipanda mentioned this in rOPUPc630257f944c: tools: Allow bastions to talk to flannel etcd.May 30 2016, 10:32 PM
yuvipanda closed this task as Resolved.May 31 2016, 12:01 AM

Done now, kubectl works from both of the bastions.

yuvipanda reopened this task as Open.May 31 2016, 12:01 AM

Re-opening since I didn't document this yet.

yuvipanda closed this task as Resolved.May 31 2016, 3:02 AM

And documented https://wikitech.wikimedia.org/wiki/Tools_Kubernetes#Bastion_nodes

yuvipanda mentioned this in rOPUPc3ce7b7f637d: tools: Fixup k8s bastion role.Jun 17 2016, 6:07 PM
yuvipanda mentioned this in rOPUP975187ead11d: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPfdc23fb8bf2a: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUP36635640de61: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUP125f323d8bc4: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPd9521012986e: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPbc2d027300d3: k8s: Decouple kubelet from kube-proxy.
yuvipanda mentioned this in rOPUP2812a669f448: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPb611e39eddf9: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPba2457500e1b: tools: Fixup k8s bastion role.
yuvipanda mentioned this in rOPUPddfbb60dff20: tools: Fixup k8s bastion role.
Phabricator_maintenance removed a subscriber: yuvipanda.Jun 7 2017, 6:42 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL