Here is the process to merge master into dev-1.15. Please read the entire document before starting any work.
$ git clone https://github.com/jimangel/website.git website-docs
$ cd website-docs
$ git remote add upstream https://github.com/kubernetes/website.git
$ # validate
$ git remote -v
$ git fetch upstream
/language en
/label tide/merge-method-squash
/lgtm
/approve
/retitle [WIP] <TITLE>
is:pr is:open -label:"do-not-merge/work-in-progress" -label:"do-not-merge/invalid-commit-message" -label:"do-not-merge/hold" -label:"language/en" -label:"language/it" -label:"language/zh" -label:"language/ru" -label:"language/ko" -label:"language/vi" -label:"language/de" -label:"language/es" -label:"language/ja" -label:"language/id" -label:"language/fr" -label:"language/hi" -label:"language/pt"
VMs that have side channel mitigations enabled while running on Fusion on Mac OS 11.0 or later or on Workstation on Windows hosts with virtualization based security enabled may run slowly.
The root cause of the performance degradation is most likely due to mitigations for side channel attacks such as Spectre and Meltdown. Side channel attacks allow unauthorized read access by malicious processes or virtual machines to the contents of protected kernel or host memory. CPU vendors have introduced a number of features to protect data against this class of attacks such as indirect branch prediction barriers, single thread indirect branch predictor mode, indirect branch restricted speculation mode and L1 data cache flushing. While these features are effective at preventing side channel attacks they can cause noticeable performance degradation in some cases.
Right click the VM > Settings... > Options [tab
(source: https://github.com/zparnold/k8s-docs-pr-botherer)
You'll need to fill in the GITHUB_TOKEN= with a personal access token you generate.
Run with docker:
# The k8s-docs-pr-botherer image is <9 MBFixes errors in Kubernetes v1.22+:
kubelet cgroup driver: \"cgroupfs\" is different from docker cgroup driver: \"systemd\""kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: \"cgroupfs\""By setting both to use systemd as preferred by kubeadm.
Kubeadm: remove the automatic detection and matching of cgroup drivers for Docker. For new clusters if you have not configured the cgroup driver explicitly you might get a failure in the kubelet on driver mismatch (kubeadm clusters should be using the systemd driver). Also remove the IsDockerSystemdCheck preflight check (warning) that checks if the Docker cgroup driver is set to systemd. Ideally such detection / coordination should be on the side of CRI implementers and the kubelet. Please see the page on [how to configure cgroup drivers](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/
This is specifically for testing unreleased k8s components. Most of this is from https://cloud.google.com/artifact-registry/docs/docker/quickstart
| #cloud-config | |
| autoinstall: | |
| version: 1 | |
| ssh: | |
| install-server: true | |
| # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise. | |
| allow-pw: false | |
| # "[late-commands] are run in the installer environment with the installed system mounted at /target." |
Shoutout @del13r for posting a great tutorial on the community forum and indepth feedback on GitHub issues.
Ecowitt can only send stats to HTTP API endpoints and we want to keep our Home Assistant secure via HTTP/s access only.
# The beauty of this CI setup is that it will build any valid DOCKERFILE by setting a few variables.
# See how at https://github.com/firepress-org/rclone-in-docker/blob/master/README-CI.md
# Requires secrets on github: DOCKERHUB_PASSWORD, TOKEN_SLACK
# Update DOCKERFILE_NAME if you are using a special Dockerfile name
# The way we define variables is a hack. See why: https://bit.ly/2ZEAt6u
#
# GNU v3 | Please credit the author if you are re-using some of it :-p