Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Append "AppArmor enabled" to the Node ready condition message #31659

Merged
merged 1 commit into from
Aug 31, 2016
Merged

Append "AppArmor enabled" to the Node ready condition message #31659

merged 1 commit into from
Aug 31, 2016

Conversation

timstclair
Copy link

@timstclair timstclair commented Aug 30, 2016
edited
Loading

As discussed, add a "AppArmor enabled" message to the node ready condition message. This is a temporary solution to surfacing the AppArmor status until node feature reporting is enabled.

Example:

$ kubectl get nodes e2e-test-stclair-minion-group-lmvk -o yaml
...
  - lastHeartbeatTime: 2016-08-30T00:52:11Z
    lastTransitionTime: 2016-08-30T00:43:28Z
    message: kubelet is posting ready status. AppArmor enabled
    reason: KubeletReady
    status: "True"
    type: Ready
...

1.4 justification:

  • Risk: Low. This is a small change to append a human readable message.
  • Rollback: Nothing depends on this functionality.
  • Cost: Not knowing whether AppArmor is actually supported by a node. Although pods should be rejected if it's not enabled, we can't do anything for older (< v1.4) nodes. This positive affirmation provides confirmation that AppArmor is enabled for the current version.

This change is Reviewable

@timstclair timstclair added this to the v1.4 milestone Aug 30, 2016
@timstclair timstclair added the release-note-none Denotes a PR that doesn't merit a release note. label Aug 30, 2016
@k8s-github-robot k8s-github-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Aug 30, 2016
@k8s-bot
Copy link

k8s-bot commented Aug 30, 2016

Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test".
(Note: "add to whitelist" is no longer supported. Please update configurations in kubernetes/test-infra/jenkins/job-configs/kubernetes-jenkins-pull instead.)

This message will repeat several times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

1 similar comment
@k8s-bot
Copy link

k8s-bot commented Aug 30, 2016

Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test".
(Note: "add to whitelist" is no longer supported. Please update configurations in kubernetes/test-infra/jenkins/job-configs/kubernetes-jenkins-pull instead.)

This message will repeat several times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

This was referenced Aug 31, 2016
Closed
Open
@timstclair
Copy link
Author

@k8s-bot node e2e test this, issue: #31633

@dchen1107
Copy link
Member

LGTM

@dchen1107 dchen1107 added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@timstclair
Copy link
Author

Squashed commits. Reapplying LGTM.

@timstclair timstclair added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@dchen1107
Copy link
Member

LGTM

@k8s-bot
Copy link

k8s-bot commented Aug 31, 2016

GCE e2e build/test passed for commit 3808243.

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit e693a61 into kubernetes:master Aug 31, 2016
@timstclair timstclair mentioned this pull request Sep 1, 2016
Merged
@dchen1107 dchen1107 mentioned this pull request Sep 6, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dchen1107 dchen1107

Labels
area/security lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.4
Development

Successfully merging this pull request may close these issues.
6 participants
@timstclair @k8s-bot @dchen1107 @k8s-github-robot @googlebot @tallclair