Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Append "AppArmor enabled" to the Node ready condition message #31659

Merged
merged 1 commit into from
Aug 31, 2016
Merged

Append "AppArmor enabled" to the Node ready condition message #31659

merged 1 commit into from
Aug 31, 2016
+21 −4

Conversation

timstclair
Copy link

@timstclair timstclair commented Aug 30, 2016
edited
Loading

As discussed, add a "AppArmor enabled" message to the node ready condition message. This is a temporary solution to surfacing the AppArmor status until node feature reporting is enabled.

Example:

$ kubectl get nodes e2e-test-stclair-minion-group-lmvk -o yaml
...
  - lastHeartbeatTime: 2016-08-30T00:52:11Z
    lastTransitionTime: 2016-08-30T00:43:28Z
    message: kubelet is posting ready status. AppArmor enabled
    reason: KubeletReady
    status: "True"
    type: Ready
...

1.4 justification:

  • Risk: Low. This is a small change to append a human readable message.
  • Rollback: Nothing depends on this functionality.
  • Cost: Not knowing whether AppArmor is actually supported by a node. Although pods should be rejected if it's not enabled, we can't do anything for older (< v1.4) nodes. This positive affirmation provides confirmation that AppArmor is enabled for the current version.

This change is Reviewable

@timstclair timstclair added this to the v1.4 milestone Aug 30, 2016
@timstclair timstclair added the release-note-none Denotes a PR that doesn't merit a release note. label Aug 30, 2016
@k8s-github-robot k8s-github-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Aug 30, 2016
@k8s-bot
Copy link

k8s-bot commented Aug 30, 2016

Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test".
(Note: "add to whitelist" is no longer supported. Please update configurations in kubernetes/test-infra/jenkins/job-configs/kubernetes-jenkins-pull instead.)

This message will repeat several times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

1 similar comment
@k8s-bot
Copy link

k8s-bot commented Aug 30, 2016

Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test".
(Note: "add to whitelist" is no longer supported. Please update configurations in kubernetes/test-infra/jenkins/job-configs/kubernetes-jenkins-pull instead.)

This message will repeat several times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

This was referenced Aug 31, 2016
Closed
Open
@timstclair
Copy link
Author

@k8s-bot node e2e test this, issue: #31633

@dchen1107
Copy link
Member

LGTM

@dchen1107 dchen1107 added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@timstclair
Copy link
Author

Squashed commits. Reapplying LGTM.

@timstclair timstclair added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 31, 2016
@dchen1107
Copy link
Member

LGTM

@k8s-bot
Copy link

k8s-bot commented Aug 31, 2016

GCE e2e build/test passed for commit 3808243.

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit e693a61 into kubernetes:master Aug 31, 2016
@timstclair timstclair mentioned this pull request Sep 1, 2016
Merged
@dchen1107 dchen1107 mentioned this pull request Sep 6, 2016
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@dchen1107 dchen1107

Labels
area/security lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.4
Development

Successfully merging this pull request may close these issues.
6 participants
@timstclair @k8s-bot @dchen1107 @k8s-github-robot @googlebot @tallclair