Commit Graph

10 Commits

Author SHA1 Message Date
Christian Albrecht
f9e2f76a59
nixos/kubernetes: Add systemd path units
to protect services from crashing and clobbering the logs when
certificates are not in place yet and make sure services are activated
when certificates are ready.

To prevent errors similar to "kube-controller-manager.path: Failed to
enter waiting state: Too many open files"
fs.inotify.max_user_instances has to be increased.
2019-03-03 19:34:57 +01:00
Johan Thomsen
466beb0214
nixos/kubernetes: let flannel use kubernetes as storage backend
+ isolate etcd on the master node by letting it listen only on loopback
+ enabling kubelet on master and taint master with NoSchedule

The reason for the latter is that flannel requires all nodes to be "registered"
in the cluster in order to setup the cluster network. This means that the
kubelet is needed even at nodes on which we don't plan to schedule anything.
2019-02-20 21:08:56 +01:00
Johan Thomsen
e2380e79e1
nixos/kubernetes: major module refactor
- All kubernetes components have been seperated into different files
- All TLS-enabled ports have been deprecated and disabled by default
- EasyCert option added to support automatic cluster PKI-bootstrap
- RBAC has been enforced for all cluster components by default
- NixOS kubernetes test cases make use of easyCerts to setup PKI
2019-02-20 21:08:01 +01:00
Johan Thomsen
1a00b86334 nixos/kubernetes: fix import path of default nixpkgs 2018-12-12 21:30:32 +01:00
Léo Gaspard
6c68fbd4e1
tests: refactor to carry the package set as an argument
This way, the package set will be possible to pass without re-importing
all the time
2018-11-11 23:11:45 +09:00
Alberto Berti
0c841f98d0 Kubernetes tests: increase the size of the VM from 700MB to 1.5GB
VMs were starving, many of the daemons were unable to complete their
tasks resulting in tests failures.

Turned off verbose output from k8s components as it consumes even more resources, and useful error messages actually drown in debug-clutter
2018-05-25 11:10:15 +02:00
Tim Steinbach
87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Sarah Brofeldt
bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Tuomas Tynkkynen
3be9d4610f nixos/tests: Drop unnecessary qemu-flags.nix include
None of these files are using anything from there.
2018-01-30 16:57:27 +02:00
Matej Cotman
6ef8cad2a7 kubernetes: fix tests 2017-09-24 11:44:25 +02:00