github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
115,151 Commits 1 Branch 31 Tags 1,019 MiB
main
Commit Graph

1134 Commits

Author SHA1 Message Date
Taahir Ahmed
6a75e7c40c ClusterTrustBundles: Define types 
This commit is the main API piece of KEP-3257 (ClusterTrustBundles).

This commit:

* Adds the certificates.k8s.io/v1alpha1 API group
* Adds the ClusterTrustBundle type.
* Registers the new type in kube-apiserver.
* Implements the type-specfic validation specified for
  ClusterTrustBundles:
  - spec.pemTrustAnchors must always be non-empty.
  - spec.signerName must be either empty or a valid signer name.
  - Changing spec.signerName is disallowed.
* Implements the "attest" admission check to restrict actions on
  ClusterTrustBundles that include a signer name.

Because it wasn't specified in the KEP, I chose to make attempts to
update the signer name be validation errors, rather than silently
ignored.

I have tested this out by launching these changes in kind and
manipulating ClusterTrustBundle objects in the resulting cluster using
kubectl.
 2023-03-15 20:10:18 -07:00
Dan Winship
068ee321bc Add CloudDualStackNodeIPs feature gate(s) 
Add CloudDualStackNodeIPs feature gates for kubelet and
cloud-controller-manager and use as appropriate.
 2023-03-15 17:15:51 -04:00
Kubernetes Prow Robot
d3a7b5920f
Merge pull request #116046 from sanposhiho/sanposhiho/beta-graduation-container-metric 
feature(hpa): beta graduation for the container resource metrics
 2023-03-15 11:10:15 -07:00
Igor Velichkovich
5e5b3029f3
Matchconditions admission webhooks alpha implementation for kep-3716 (#116261) 
* api changes adding match conditions

* feature gate and registry strategy to drop fields

* matchConditions logic for admission webhooks

* feedback

* update test

* import order

* bears.com

* update fail policy ignore behavior

* update docs and matcher to hold fail policy as non-pointer

* update matcher error aggregation, fix early fail failpolicy ignore, update docs

* final cleanup

* openapi gen
 2023-03-14 20:28:26 -07:00
Kubernetes Prow Robot
c072cae4d0
Merge pull request #108838 from nckturner/webhook-framework 
Webhook framework for cloud controller manager
 2023-03-14 20:28:14 -07:00
Kubernetes Prow Robot
f44d561c1f
Merge pull request #115075 from aojea/ipaddress 
IPAddress allocator
 2023-03-14 19:26:13 -07:00
Kubernetes Prow Robot
f7bcff44cd
Merge pull request #116425 from jsafrane/flip-selinux 
Flip SELinuxMountReadWriteOncePod to Beta
 2023-03-14 16:34:41 -07:00
Kubernetes Prow Robot
1586138519
Merge pull request #115750 from saschagrunert/otel-beta 
Graduate `KubeletTracing` feature to beta
 2023-03-14 16:34:33 -07:00
Nick Turner
86f4136003 Webhook framework for cloud controller manager 
Provides framework for CCMs to host webhooks.
 2023-03-14 23:28:05 +00:00
Antonio Ojea
befd131fa1 add feature gate 
Add MultiCIDRServiceAllocator feature gate.
 2023-03-14 22:58:11 +00:00
Kubernetes Prow Robot
e8acfc45ba
Merge pull request #116610 from xing-yang/vSphere_lock 
Lock CSIMigrationvSphere feature gate for k8s 1.27
 2023-03-14 15:15:05 -07:00
Kubernetes Prow Robot
28fa3cbbf1
Merge pull request #115847 from moshe010/pod-resource-api-dra-upstream 
Extend the PodResources API to include resources allocated by DRA
 2023-03-14 14:12:26 -07:00
Moshe Levi
91234c701e kube features: add KubeletPodResourcesDynamicResources and KubeletPodResourcesGet 
Signed-off-by: Moshe Levi <moshele@nvidia.com>
 2023-03-14 19:33:03 +02:00
Aravindh Puthiyaparambil
d52cbd4a5a
feature: Add NodeLogQuery feature gate 
Enable the query endpoint only if this gate is enabled in addition to
the EnableNodeLogQuery kubelet config option.
 2023-03-14 08:45:18 -07:00
Divyen Patel
eca25d9e12 lock CSIMigrationvSphere feature gate 2023-03-14 19:57:57 +05:30
Jan Safranek
a84dc2d5c5 Flip SELinuxMountReadWriteOncePod to Beta 
And enable all e2e tests by default. They're still behind
`[Feature:SELinux]` tag to ensure the underlying OS supports SELinux.
 2023-03-14 14:32:38 +01:00
Kubernetes Prow Robot
cd56332d06
Merge pull request #116501 from mattcary/ss-beta 
Graduate StatefulSetAutoDelete to beta
 2023-03-13 19:31:20 -07:00
Kubernetes Prow Robot
da20948492
Merge pull request #115621 from humblec/node-secret-beta 
promote CSINodeExpandSecret feature to Beta
 2023-03-13 17:51:24 -07:00
Matthew Cary
1d6df8233c Graduate StatefulSetAutoDelete to beta 
Change-Id: Iee385580d313c69fbb8a893eb5c165aa0b75725d
 2023-03-13 17:09:29 -07:00
Kubernetes Prow Robot
3106a5c553
Merge pull request #116301 from andyzhangx/remove-azuredisk-code 
Remove Azure disk in-tree storage plugin
 2023-03-13 10:38:48 -07:00
Kubernetes Prow Robot
9c5eebaf3f
Merge pull request #115879 from mtardy/scdeny-warning 
`SecurityContextDeny` admission plugin: add warning on creation
 2023-03-13 07:02:48 -07:00
mtardy
36a2156033 Add a SecurityContextDeny feature gate disabled by default 
Put plugin registration behind the feature gate.
 2023-03-13 10:18:08 +01:00
Kensei Nakada
c77182b01a feature(hpa): beta graduation for the container resource metrics 2023-03-12 13:36:19 +00:00
Kubernetes Prow Robot
c6f3007071
Merge pull request #115967 from harche/evented_pleg_metrics 
Graduate Evented PLEG to Beta
 2023-03-10 17:34:40 -08:00
Kubernetes Prow Robot
d8fe845415
Merge pull request #116108 from Jefftree/agg-discovery-enb 
Enable Aggregated Discovery for Beta
 2023-03-10 10:48:39 -08:00
Kubernetes Prow Robot
4b7bd457c4
Merge pull request #115204 from alexanderConstantinescu/kccm-del-taint-pred 
[KCCM - service controller]: KEP-3458 implementation
 2023-03-10 04:35:06 -08:00
Kubernetes Prow Robot
8fbfbd9653
Merge pull request #115260 from pwschuurman/kep-3335-statefulset-start-ordinal-beta 
Move StatefulSetStartOrdinal feature gate to beta
 2023-03-09 21:34:30 -08:00
andyzhangx
5d0a54dcb5 remove Azure Disk in-tree driver code 
fix
 2023-03-09 13:24:08 +00:00
Alexander Constantinescu
e30c49b0e8 Add StableLoadBalancerNodeSet feature gate 2023-03-09 12:03:21 +01:00
Kubernetes Prow Robot
8d5c96fed2
Merge pull request #116093 from swatisehgal/topologymanager-ga-graduation 
node: topologymgr: Graduate Kubelet Topology Manager to GA
 2023-03-08 16:56:06 -08:00
Maksim Nabokikh
c1431af4f8
KEP-3325: Promote SelfSubjectReview to Beta (#116274) 
* Promote SelfSubjectReview to Beta

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Fix whoami API

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Fixes according to code review

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

---------

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-08 15:42:33 -08:00
Jefftree
361391117d Enable aggregated discovery 2023-03-08 23:03:52 +00:00
Kubernetes Prow Robot
4a896644de
Merge pull request #116235 from Jefftree/oas-ga 
Promote OpenAPI V3 to GA
 2023-03-08 14:44:20 -08:00
Kubernetes Prow Robot
8b413d224a
Merge pull request #116342 from msau42/unlock 
Unlock CSIMigrationvSphere feature gate
 2023-03-08 11:27:24 -08:00
Michelle Au
4c0ed3b52e Unlock CSIMigrationvSphere feature gate until there is a supported vSphere CSI driver available 2023-03-07 20:26:27 +00:00
Kubernetes Prow Robot
2c8f63f693
Merge pull request #115268 from jsafrane/split-reconstruction 
Split volume reconstruction refactoring from SELinuxMountReadWriteOncePod
 2023-03-07 10:44:34 -08:00
Maciej Szulik
1b825c179b
Promote CronJob TZ to GA 2023-03-07 12:58:57 +01:00
Kubernetes Prow Robot
7a4c4eaae7
Merge pull request #116291 from denkensk/match-label-beta 
feat: graduate matchLabelKeys in podTopologySpread to beta
 2023-03-06 09:24:57 -08:00
torredil
6aebda9b1e Remove AWS legacy cloud provider + EBS in-tree storage plugin 
Signed-off-by: torredil <torredil@amazon.com>
 2023-03-06 14:01:15 +00:00
Swati Sehgal
04438aa6f8 node: topologymgr: Graduate Kubelet Topology Manager to GA 
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
 2023-03-06 12:47:59 +00:00
Alex Wang
13b941e120 feat: graduate matchLabelKeys in podTopologySpread to beta 2023-03-06 14:46:17 +08:00
Jefftree
0da57ddc49 Promote OpenAPI V3 to GA 2023-03-02 22:55:00 +00:00
Sergey Kanzhelev
e360de48b2 GRPCContainerProbe is GA 2023-03-02 22:07:59 +00:00
Harshal Patil
d971809b49 Graduate Evented PLEG to Beta 
Signed-off-by: Harshal Patil <harpatil@redhat.com>
 2023-02-28 13:57:30 -05:00
ahg-g
2ecd24011a Graduate JobMutableNodeSchedulingDirectives feature to GA 2023-02-28 15:47:13 +00:00
Vinay Kulkarni
76962b0fa7 In-place Pod Vertical Scaling - API changes 
1. Define ContainerResizePolicy and add it to Container struct.
 2. Add ResourcesAllocated and Resources fields to ContainerStatus struct.
 3. Define ResourcesResizeStatus and add it to PodStatus struct.
 4. Add InPlacePodVerticalScaling feature gate and drop disabled fields.
 5. ResizePolicy validation & defaulting and Resources mutability for CPU/Memory.
 6. Various fixes from code review feedback (originally committed on Apr 12, 2022)
KEP: /enhancements/keps/sig-node/1287-in-place-update-pod-resources
 2023-02-24 17:18:04 +00:00
Peter Schuurman
a68b28a362 Move StatefulSetStartOrdinal feature gate to beta 2023-02-23 16:35:45 -08:00
Daniel Vega-Myhre
d41302312e update validation logic so completions is mutable iff completions is modified in tandem with parallelsim so completions == parallelism 2023-02-23 03:25:16 +00:00
Kubernetes Prow Robot
06b6644fcf
Merge pull request #115815 from Huang-Wei/pod-scheduling-readiness-beta 
Graduate PodSchedulingReadiness to beta
 2023-02-21 14:24:32 -08:00
Kubernetes Prow Robot
07e7e72c07
Merge pull request #115721 from saschagrunert/downward-api-huge-pages-ga 
Graduate `DownwardAPIHugePages` feature to stable / GA
 2023-02-21 09:15:57 -08:00