Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated cherry pick of #49498 #49328 #49499

Merged
merged 2 commits into from
Jul 25, 2017
Merged

Automated cherry pick of #49498 #49328 #49499

merged 2 commits into from
Jul 25, 2017

Conversation

luxas
Copy link
Member

@luxas luxas commented Jul 24, 2017

Cherry pick of #49498 #49328 on release-1.7.

#49498: kubeadm: Make sure --config can be mixed with --skip-* flags
#49328: kubeadm: don't customize etcd selinux label

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jul 24, 2017
@luxas luxas added this to the v1.7 milestone Jul 24, 2017
@timothysc timothysc added the sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. label Jul 24, 2017
@k8s-github-robot k8s-github-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge DEPRECATED. Indicates that a PR should not merge. Label can only be manually applied/removed. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. release-note-label-needed labels Jul 24, 2017
@luxas luxas added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-label-needed labels Jul 24, 2017
@wojtek-t wojtek-t added cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. and removed do-not-merge DEPRECATED. Indicates that a PR should not merge. Label can only be manually applied/removed. labels Jul 25, 2017
@wojtek-t
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 25, 2017
luxas and others added 2 commits July 25, 2017 11:19
@luxas
kubeadm: Make sure --config can be mixed with --skip-* flags
81a83c2
@euank @luxas
kubeadm: don't customize etcd selinux label
bea3cbb 
The original change that added the unconfined label included a comment
indicating it won't be needed in the future.
See: kubernetes#33555 (comment)

That time is now. kubernetes#33663
has landed and means we no longer have to go out of our way to make that
work.

Removing the label also increases security since there wasn't really a
good reason for etcd to be run with such broad selinux privileges.

This also will allow kubeadm to avoid errors on distros without an spc_t
type, such as Gentoo and Container Linux (at the time of writing at
least).

Fixes kubernetes/kubeadm#269
@luxas luxas force-pushed the automated-cherry-pick-of-#49498-#49328-upstream-release-1.7 branch from 187f5d9 to bea3cbb Compare July 25, 2017 08:20
@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 25, 2017
@wojtek-t
Copy link
Member

@luxas - what has changed?

@luxas
Copy link
Member Author

luxas commented Jul 25, 2017
edited
Loading

@wojtek-t I fixed up a small styling nit in #49498 based on the review.
Functionally it's 100% the same, but updated this cherrypick to have the same commits in both branches since I had to fix that nit.

Ok with you?

@wojtek-t
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 25, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: luxas, wojtek-t

Associated issue: 49498

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@wojtek-t
Copy link
Member

/retest

3 similar comments
@luxas
Copy link
Member Author

luxas commented Jul 25, 2017

/retest

@wojtek-t
Copy link
Member

/retest

@luxas
Copy link
Member Author

luxas commented Jul 25, 2017

/retest

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit 5620b07 into kubernetes:release-1.7 Jul 25, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@timothysc timothysc

@wojtek-t wojtek-t

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.7
Development

Successfully merging this pull request may close these issues.
6 participants
@luxas @wojtek-t @k8s-github-robot @timothysc @k8s-ci-robot @euank