1. 05 Jan, 2017 5 commits
    • Kubernetes Submit Queue's avatar
      Merge pull request #39226 from luksa/kubectl_proxy_empty_path · 51e6c879
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 39311, 39226, 39445)
      
      Make kubectl proxy accept empty path
      
      **What this PR does / why we need it**:
      The kubectl proxy previously returned 403 Forbidden: Unauthorized when receiving a request from e.g. "curl localhost:8001" or "curl localhost:8001/".  The previous DefaultPathAcceptRE regex was wrong as it assumed the path in this case would be "/" (but it is actually "").
      
      After someone runs kubectl proxy and tries accessing it with curl, they will probably just try hitting localhost:8001  (which returns an "Unauthorized" response) instead of say localhost:8001/api (which returns a proper response from the API server). Also, whoever previously modified the DefaultPathAcceptRE regex was obviously expecting the regex to accept requests for localhost:8001/
      
      ```release-note
      fix issue with kubectl proxy so that it will proxy an empty path - e.g. http://localhost:8001
      ```
      51e6c879
    • Kubernetes Submit Queue's avatar
      Merge pull request #39311 from rkouj/refactor-tear-down-at · eb8739d3
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue
      
      Check if pathExists before performing Unmount
      
      Unmount operation should not fail if path does not exist
      
      Part two of: https://github.com/kubernetes/kubernetes/pull/38547
      Plugins status captured here: https://github.com/kubernetes/kubernetes/issues/39251
      
      cc: @saad-ali
      eb8739d3
    • Kubernetes Submit Queue's avatar
      Merge pull request #39450 from pipejakob/file-disc · 84df0679
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 36229, 39450)
      
      Bugfix on kubeadm join with non-token discovery.
      
      Without this change, using a non-token discovery mechanism during a join triggers a nil pointer panic (instead of an error message about not being implemented yet).
      
      CC @mikedanese 
      
      **Release note**:
      ```release-note
      NONE
      ```
      84df0679
    • Kubernetes Submit Queue's avatar
      Merge pull request #36229 from wojtek-t/bump_etcd_version · f4a87130
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 36229, 39450)
      
      Bump etcd to 3.0.14 and switch to v3 API in etcd.
      
      Ref #20504
      
      **Release note**:
      
      ```release-note
      Switch default etcd version to 3.0.14.
      Switch default storage backend flag in apiserver to `etcd3` mode.
      ```
      f4a87130
    • Kubernetes Submit Queue's avatar
      Merge pull request #38981 from liggitt/remove-rbac-user-all · a104229e
      Kubernetes Submit Queue authored
      Automatic merge from submit-queue (batch tested with PRs 39408, 38981)
      
      Remove RBAC UserAll
      
      * Removes special handling of User * subjects in rolebinding matching evaluation
      * Converts v1alpha1 rolebindings to `User *` subjects to `Group system:authenticated` subjects for backwards compatibility
      
      ```release-note
      RBAC's special handling of the User subject named "*" in RoleBinding and ClusterRoleBinding objects is being deprecated and will be removed in v1beta1. Existing v1alpha1 role bindings to User "*" will be converted to the group "system:authenticated". To match unauthenticated requests, RBAC role bindings must explicitly bind to the group "system:unauthenticated".
      ```
      a104229e
  2. 04 Jan, 2017 35 commits