github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
100,357 Commits 1 Branch 31 Tags 1,019 MiB
040e9c8b51
Commit Graph

611 Commits

Author SHA1 Message Date
Clayton Coleman
4a23269778
feature: Add DaemonSetUpdateSurge feature gate 2020-12-17 09:00:56 -05:00
drfish
a405ec8391 Remove RotateKubeletClientCertificate, AttachVolumeLimit, VolumePVCDataSource feature gates 2020-12-15 12:19:25 +08:00
ialidzhikov
bc432124a2 Remove CSINodeInfo feature gate 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
 2020-12-10 09:58:22 +02:00
wawa0210
6ba3045176
remove the TokenRequest and TokenRequestProjection feature gates 2020-12-09 11:56:25 +08:00
Kubernetes Prow Robot
36f571404f
Merge pull request #96527 from adtac/apfbeta 
promote API priority and fairness types and APIs to beta
 2020-11-13 19:33:04 -08:00
yue9944882
849be447f5 APF: graduate API and types to beta 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
 2020-11-13 23:20:39 +00:00
Laszlo Janosi
c970a46bc1
Mixed protocol support for Services with type=LoadBalancer (#94028) 
* Mixed protocol support for Services with type=LoadBalancer

KEP: https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/20200103-mixed-protocol-lb.md
Add new feature gate to control the support of mixed protocols in Services with type=LoadBalancer
Add new fields to the ServiceStatus
  Add Ports to the LoadBalancerIngress, so cloud provider implementations can report the status of the requested load balanc
er ports
  Add ServiceCondition to the ServiceStatus so Service controllers can indicate the conditions of the Service

* regenerate conflicting stuff
 2020-11-13 13:21:04 -08:00
Lars Ekman
1f4d852f2f Add service.spec.AllocateLoadBalancerNodePorts 2020-11-13 07:37:22 +01:00
Kubernetes Prow Robot
198b2fdb14
Merge pull request #95739 from huffmanca/relax-csi-fsgroup-validation 
Relax validation for CSIVolumeFSGroupPolicy and move to beta
 2020-11-12 17:10:24 -08:00
Kubernetes Prow Robot
94b17881fc
Merge pull request #96454 from Sh4d1/revert_92312 
Revert "Merge pull request #92312 from Sh4d1/kep_1860"
 2020-11-12 16:03:24 -08:00
Kubernetes Prow Robot
765d949bfc
Merge pull request #96440 from robscott/endpointslice-pre-ga 
Adding NodeName to EndpointSlice API, deprecation updates
 2020-11-12 16:03:13 -08:00
ialidzhikov
f6f43adc3e Remove AttachVolumeLimit feature gate 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
 2020-11-13 00:07:46 +02:00
David Porter
16f71c6d47 Implement shutdown manager in kubelet 
Implements KEP 2000, Graceful Node Shutdown:
https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2000-graceful-node-shutdown

* Add new FeatureGate `GracefulNodeShutdown` to control
enabling/disabling the feature
* Add two new KubeletConfiguration options
  * `ShutdownGracePeriod` and `ShutdownGracePeriodCriticalPods`
* Add new package, `nodeshutdown` that implements the Node shutdown
manager
  * The node shutdown manager uses the systemd inhibit package, to
  create an system inhibitor, monitor for node shutdown events, and
  gracefully terminate pods upon a node shutdown.
 2020-11-12 21:47:55 +00:00
Christian Huffman
01f70d69b7 Move CSIVolumeFSGroupPolicy to beta 2020-11-12 16:28:54 -05:00
Kubernetes Prow Robot
4b46d44e0c
Merge pull request #96327 from robscott/app-protocol-ga 
Graduating AppProtocol to GA
 2020-11-12 13:16:39 -08:00
Shihang Zhang
d2859cd89b plumb service account token down to csi driver 2020-11-12 09:26:43 -08:00
Kubernetes Prow Robot
12d9183da0
Merge pull request #95718 from SergeyKanzhelev/runtimeClass2 
RuntimeClass GA
 2020-11-12 00:44:51 -08:00
Kubernetes Prow Robot
d233111f5b
Merge pull request #94196 from andrewsykim/registry-creds 
kubelet: add alpha credential provider plugins
 2020-11-11 19:59:11 -08:00
Kubernetes Prow Robot
bffdc87241
Merge pull request #95282 from xing-yang/snapshot_ga 
Move Snapshot to GA
 2020-11-11 17:34:50 -08:00
Rob Scott
e9573eef4c
Adding EndpointSliceNodeName feature gate 2020-11-11 16:50:29 -08:00
Kubernetes Prow Robot
667d1c2c3f
Merge pull request #93370 from alaypatel07/add-new-cronjob-controller 
Add cronjob controller v2
 2020-11-11 15:42:50 -08:00
Sergey Kanzhelev
06da0e5e74 GA of RuntimeClass feature gate and API 2020-11-11 19:22:32 +00:00
Patrik Cyvoct
d29665cc17
Revert "Merge pull request #92312 from Sh4d1/kep_1860" 
This reverts commit ef16faf409, reversing
changes made to 2343b8a68b.
 2020-11-11 10:26:53 +01:00
Kubernetes Prow Robot
a27a357ba1
Merge pull request #86102 from derekwaynecarr/downward-api 
Add support for hugepages in downward API
 2020-11-10 21:43:57 -08:00
Alay Patel
8d7dd4415e add cronjob_controllerv2.go 2020-11-10 17:32:06 -05:00
Derek Carr
45bd6cb186 Downward API hugepages 2020-11-10 16:09:13 -05:00
Kubernetes Prow Robot
6068f12e90
Merge pull request #96376 from gnufied/fsgroup-change-policy-beta 
Move fsGroupChangePolicy feature to beta
 2020-11-10 12:43:45 -08:00
Kubernetes Prow Robot
02528ce91a
Merge pull request #96247 from saikat-royc/iss-95590 
e2e test for PodFsGroupChangePolicy feature
 2020-11-10 11:45:03 -08:00
Andrew Sy Kim
ab04386e8f feature gates: add KubeletCredentialProviders feature gate 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-11-10 13:44:06 -05:00
Kubernetes Prow Robot
347e4e9e22
Merge pull request #96205 from qingsenLi/k8s201104-ga 
Remove TaintBasedEvictions Feature Gate
 2020-11-09 20:56:40 -08:00
Hemant Kumar
006020b71e Move fsGroupChangePolicy feature to beta 2020-11-09 21:49:11 -05:00
Saikat Roychowdhury
23207436cd Enable ConfigurableFSGroupPolicy feature gate 2020-11-09 21:06:48 +00:00
Rob Scott
b044fadf66
Graduating AppProtocol to GA 2020-11-09 11:08:19 -08:00
Andrew Sy Kim
0b6ef21233 features: add ExecProbeTimeout feature gate 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-11-09 13:05:08 -05:00
Patrik Cyvoct
7977e0ac44
add owner for feature gate 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-11-07 10:00:48 +01:00
Patrik Cyvoct
0153b96ab8
fix review 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-11-07 10:00:27 +01:00
Sergey Kanzhelev
d049e9e4d3
Change the features removal note 2020-11-06 15:27:47 -08:00
Derek Carr
7eb37a7497 Add support to size memory backed volumes 2020-11-06 09:35:14 -05:00
Andrew Sy Kim
9a7c3c4c34 feature gate: add gate EndpointSliceTerminatingCondition 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-11-05 19:18:45 -05:00
Shihang Zhang
d40f0c43c4 separate RootCAConfigMap from BoundServiceAccountTokenVolume 2020-11-04 17:10:39 -08:00
10177505
8b691f9583 Remove TaintBasedEvictions Feature Gate 2020-11-04 11:37:40 +08:00
Brian Byrne
5fe43caddb Remove service load balancer feature gate 2020-11-03 13:56:16 -05:00
xing-yang
c0eaee3494 Move Snapshot to GA 2020-11-03 03:14:18 +00:00
Shihang Zhang
ff641f6eb2 mv TokenRequest and TokenRequestProjection to GA 2020-10-29 20:47:01 -07:00
Arjun Naik
0fec7b0f7e Added functionality and API for pod autoscaling based on container resources 
Signed-off-by: Arjun Naik <anaik@redhat.com>
 2020-10-21 21:10:05 +02:00
Kubernetes Prow Robot
0900340b98
Merge pull request #95505 from wawa0210/fix-94490 
Action Required: Windows hyper-v container featuregate is deprecated in 1.20 and will be removed in 1.21
 2020-10-20 11:22:20 -07:00
wawa0210
e7f319870a
Warn that hyper-v featuregate will be deprecated in 1.20 and will be removed in 1.21 2020-10-20 08:37:55 +08:00
Aldo Culquicondor
87c8349bdc Graduate DefaultPodTopologySpread to beta 
And set to enabled by default

Change-Id: Ie4cc4758c52492924cb0663450f2747908cb5882
 2020-10-19 16:58:09 -04:00
Kubernetes Prow Robot
c71519e53d
Merge pull request #95267 from twosigma/betahostnamefqdn 
SetHostnameAsFQDN will be beta in v1.20, enable feature gate by default.
 2020-10-19 13:26:14 -07:00
Dan Winship
3a110546ed Move SCTP to GA 2020-10-15 08:56:33 -04:00
Renaud Gaubert
c5fc646363 Disable the Accelerator metrics by default 2020-10-05 12:47:26 -07:00
Javier Diaz-Montes
fd7c02dd9a SetHostnameAsFQDN will be beta in v1.20, enable feature gate by default. 2020-10-02 16:51:49 -04:00
Kubernetes Prow Robot
b1b6464ea4
Merge pull request #94581 from knabben/remote-external-policy-gate 
LockToDefault the ExternalPolicyForExternalIP feature gate
 2020-09-16 12:35:20 -07:00
Amim Knabben
a18e5de51a LockToDefault the ExternalPolicyForExternalIP feature gate 2020-09-16 13:16:33 -04:00
Kalya Subramanian
747e1e7466 Graduate WinOverlay to Beta 2020-09-15 13:11:14 -07:00
Kubernetes Prow Robot
33c58af0f0
Merge pull request #94510 from pacoxu/fix/94500 
remove DefaultIngressClass feature gate for 1.20
 2020-09-15 08:58:07 -07:00
Michael Taufen
4f850f97de Graduate ServiceAccountIssuerDiscovery to beta 2020-09-11 12:01:47 -07:00
tangwz
a143803066 remove feature gate SupportIPVSProxyMode. 2020-09-10 09:03:00 +08:00
Kubernetes Prow Robot
293a53f2c0
Merge pull request #94140 from derekwaynecarr/pid-ga 
Promote PidLimits to GA
 2020-09-09 06:35:52 -07:00
pacoxu
291b36e00b remove DefaultIngressClass feature gate for 1.20 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2020-09-04 14:15:43 +08:00
Derek Carr
6f2153986a Promote PidLimits to GA 2020-08-24 13:57:48 -04:00
Matthias Bertschy
ea14585500 Remove StartupProbe featuregate and related logic 2020-08-22 15:09:52 +02:00
Kubernetes Prow Robot
ae7dce72ce
Merge pull request #91930 from RenaudWasTaken/DisableAcceleratorUsageMetrics 
Add DisableAcceleratorUsageMetrics Feature Gate
 2020-07-22 09:16:06 -07:00
Kubernetes Prow Robot
96c057ab48
Merge pull request #92001 from huffmanca/include-csidriver-fsgroup 
Include CSIDriver capability to indicate fsGroup support
 2020-07-16 09:11:42 -07:00
Renaud Gaubert
34dc785c0b Add the DisableAcceleratorUsageMetrics feature gate 
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
 2020-07-13 20:52:06 +00:00
Kubernetes Prow Robot
11348a38d7
Merge pull request #92871 from liggitt/kube-features 
Move proxy features to kube_features
 2020-07-11 20:57:22 -07:00
Christian Huffman
58bd3e5230 Include CSIDriver SupportsFsGroup 2020-07-11 23:29:24 -04:00
Kubernetes Prow Robot
5a5cb56e11
Merge pull request #92816 from divyenpatel/change-migration-flag-to-beta 
Set CSIMigrationvSphere feature gates to beta
 2020-07-10 15:43:21 -07:00
Kubernetes Prow Robot
0cb7e320a5
Merge pull request #92784 from pohly/generic-ephemeral-inline-volumes 
generic ephemeral inline volumes
 2020-07-10 15:41:46 -07:00
Kubernetes Prow Robot
10aeb93e07
Merge pull request #92736 from robscott/endpointslice-proxying-beta 
Graduating EndpointSliceProxying to beta for Linux
 2020-07-09 09:09:48 -07:00
Patrick Ohly
c05c8e915b GenericEphemeralVolume: feature gate, API, documentation 
As explained in
https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1698-generic-ephemeral-volumes,
CSI inline volumes are not suitable for more "normal" kinds of storage
systems. For those a new approach is needed: "generic ephemeral inline
volumes".
 2020-07-09 11:02:59 +02:00
Divyen Patel
e01de65444 setting CSIMigrationvSphere feature gates to beta 2020-07-08 07:36:44 -07:00
Rob Scott
8039cf9bb1
Graduating EndpointSliceProxying to beta for Linux 2020-07-07 14:18:03 -07:00
Jordan Liggitt
8d03ace92b Move proxy features to kube_features 2020-07-07 12:34:18 -04:00
Patrick Ohly
22aeb81e84 CSIStorageCapacity: CSIStorageCapacity API 
This adds the CSIStorageCapacity API change for
https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1472-storage-capacity-tracking
 2020-07-03 21:54:14 +02:00
Patrick Ohly
158d70aeff features: CSIStorageCapacity 
This will cover all extensions required for tracking of storage
capacity that is provided by CSI drivers.
 2020-07-03 13:24:01 +02:00
Kubernetes Prow Robot
a138be8722
Merge pull request #92686 from pohly/csi-ephemeral-volumes-beta 
CSI ephemeral volumes: documentation and owner update
 2020-07-01 23:14:37 -07:00
Patrick Ohly
99b5b13394 CSI ephemeral volumes: documentation and owner update 
The promotion to beta missed some code locations. The owner also
changed since the feature was initially designed and implemented.

The "is handled by an external CSI driver" to "by certain external CSI
drivers" change is supposed to avoid the misconception that this
volume type will work with arbitrary CSI drivers.
 2020-07-01 09:19:18 +02:00
Alex Wang
209117413f
Promote NonPreempt feature gate to beta (#91899) 
* update nonpreempt featuregate to beta

* update
 2020-06-30 00:02:56 -07:00
RAKESH REDDY BANDI
d44a20f9ca Rename DefaultPodTopologySpread plugin #91994 2020-06-27 13:46:31 -04:00
Kubernetes Prow Robot
656a01fb04
Merge pull request #90592 from bart0sh/PR0089-promote-HugePageStorageMediumSize-to-Beta 
Promote HugePageStorageMediumSize feature to Beta
 2020-06-21 11:00:38 -07:00
Kubernetes Prow Robot
907a526919
Merge pull request #91699 from twosigma/hostnamefqdn_kubelet 
Allow setting FQDN in hostname
 2020-06-19 11:36:29 -07:00
Ed Bartosh
1540557dc1 Promote HugePageStorageMediumSize feature to Beta 2020-06-19 14:13:38 +03:00
Christopher M. Luciano
92506a98fc
ingress: Update IngressClass feature and admission controller for v1 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-06-17 12:11:31 -04:00
Kubernetes Prow Robot
59033b5ee4
Merge pull request #88932 from janosi/sctp-beta 
Change SCTPSupport default value to true
 2020-06-15 05:27:56 -07:00
Javier Diaz-Montes
4112d8db20 Adding new PodSpec field called setHostnameAsFQDN and SetHostnameAsFQDN gate 
These changes add a new field, called setHostnameAsFQDN, to the PodSpec. This
field is a bool that will be used to indicate whether we would like
FQDN be set as hostname or not.

This is PART1 of the changes to enable KEP #1797 and addresses #91036
 2020-06-14 21:26:26 -04:00
Kubernetes Prow Robot
ded1f58779
Merge pull request #90911 from divyenpatel/vsphere-csi-migration 
Support for vSphere in-tree volumes migration to vSphere CSI driver
 2020-06-13 04:25:55 -07:00
Jordan Liggitt
e5e557e902 apiserver: add API server plumbing for adding warnings 2020-06-11 16:04:19 -04:00
Kubernetes Prow Robot
17630c34cf
Merge pull request #91793 from alculquicondor/new-default-spread 
Use PodTopologySpread for default spreading
 2020-06-10 17:13:38 -07:00
Kubernetes Prow Robot
9089568465
Merge pull request #91780 from liggitt/csr-v1-rotate-kubelet-client 
CSR v1 - promote RotateKubeletClientCertificate to GA
 2020-06-10 17:13:24 -07:00
Aldo Culquicondor
170f81cff3 Use PodTopologySpread for default spreading 
Under the feature gate DefaultPodTopologySpread, which will disable the legacy DefaultPodTopologySpread plugin from the default algorithm providers.

Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-06-09 14:59:42 -04:00
Divyen Patel
148ef06a3d vSphere in-tree volumes migration to vSphere CSI driver 2020-06-08 16:17:02 -07:00
SataQiu
932e61aefa deprecate ResourceLimitsPriorityFunction feature gate in the scheduler 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-06-08 22:20:14 +08:00
Jordan Liggitt
71d77b54fd Promote RotateKubeletClientCertificate to GA 2020-06-05 18:45:01 -04:00
Wei Huang
133dde6358
Remove EvenPodsSpread featuregate and related logic 2020-06-02 11:24:12 -07:00
Kubernetes Prow Robot
3fc7831cd8
Merge pull request #90896 from andyzhangx/azure-migration 
feat: azure disk migration go beta in 1.19
 2020-06-01 08:39:56 -07:00
David Eads
ed4e6f1026 remove dynamic audit 2020-05-27 15:18:53 -04:00
andyzhangx
a39eeda381 feat: azure disk and azure file migration go beta 
fix comments
 2020-05-27 02:31:38 +00:00
Julian V. Modesto
df0ee9f88b Mark the server-side dry-run feature as GA 2020-05-05 17:13:24 -04:00
Kubernetes Prow Robot
df1a4c4e55
Merge pull request #90537 from freehan/enable-externalip 
Enable externalPolicyForExternalIP by default
 2020-04-27 16:28:04 -07:00
Minhan Xia
432ad6c677 enable externalPolicyForExternalIP by default 2020-04-27 14:52:14 -07:00
wojtekt
0360e4d1a1 Promote Immutable Secrets/ConfigMaps feature to Beta 2020-04-20 18:04:43 +02:00
Kubernetes Prow Robot
28c442ee2f
Merge pull request #90126 from smarterclayton/features_default 
Promote service exclusion and legacy node role to beta
 2020-04-15 01:12:03 -07:00
Kubernetes Prow Robot
864b4bcc1e
Merge pull request #90023 from robscott/app-protocol-beta 
Graduating ServiceAppProtocol to beta
 2020-04-13 22:49:11 -07:00
Clayton Coleman
2369ef090e
Promote service exclusion and legacy node role to beta 
We did not promote these to beta in 1.18 but will do so in 1.19.
As per the KEP we do not set disable LegacyNodeRoleBehavior to false
until 1.20.
 2020-04-13 21:00:57 -04:00
tanjunchen
dea7660ccd pkg/features/:Remove PodShareProcessNamespace feature 2020-04-13 11:06:09 +08:00
Rob Scott
0493a30805
Graduating ServiceAppProtocol to beta 2020-04-09 12:12:54 -07:00
Kevin Taylor
9fd48b4039 Remove VolumeSubpathEnvExpansion Feature Gate 2020-03-27 16:28:33 +00:00
Minhan Xia
df9a567f3f add feature gate ExternalPolicyForExternalIP for the bug fix 2020-03-13 14:59:39 -07:00
skilxn-go
6b8fc8dc5e Move TaintBasedEvictions feature gates to GA 2020-03-09 10:49:00 +08:00
Laszlo Janosi
1c393c73a6 Change SCTPSupport default value to true 2020-03-06 23:35:15 +01:00
Hemant Kumar
73611a473f Fix expected version for csidriver 
Add a comment about GA feature
 2020-03-06 08:21:26 -05:00
Christian Huffman
c6fd25d100 Updated CSIDriver references 2020-03-06 08:21:26 -05:00
Christian Huffman
726af6bd7f Moved CSIDriver to GA 2020-03-06 08:17:26 -05:00
Kubernetes Prow Robot
264e2f1744
Merge pull request #88488 from gnufied/implement-fix-recursive-chown 
Implement changes for fsgroup recursive chown
 2020-03-05 21:39:30 -08:00
Kubernetes Prow Robot
48541a0b16
Merge pull request #87650 from nolancon/beta-feature-gate 
Update TopologyManager Feature Gate
 2020-03-05 20:03:04 -08:00
Hemant Kumar
f7509d277e Define new type for storing volume fsgroupchangepolicy 
Address review comments for api change
 2020-03-04 21:23:27 -05:00
Ben Swartzlander
e8b09d3644 Add AnyVolumeDataSource feature gate 
Allow any custom resource to be the data source of a PVC, if the
AnyVolumeDataSource feature gate is enabled. This is an alpha feature.
 2020-03-04 18:55:50 -05:00
Kubernetes Prow Robot
e865c0b219
Merge pull request #88686 from j-griffith/upgrade_cloning_to_ga 
Mark PVCDataSource featuregate as GA
 2020-03-04 13:19:06 -08:00
j-griffith
9044fbfc5d Update VolumePVCDatasource to GA for 1.18 
Updates the VolumePVCDataSource featuregate (cloning) to GA for the 1.18 k8s
release.
 2020-03-04 10:48:30 -07:00
Kubernetes Prow Robot
497a998ba6
Merge pull request #88654 from ddebroy/gmsa-disable1 
Promote GMSA support for Windows to GA
 2020-03-04 02:32:01 -08:00
Deep Debroy
16d221e407 Promote GMSA to GA 
Signed-off-by: Deep Debroy <ddebroy@docker.com>
 2020-03-04 02:56:21 +00:00
Kubernetes Prow Robot
9d0cbb7503
Merge pull request #88673 from jsafrane/block-feature-ga 
Promote block volumes to GA
 2020-03-03 12:17:12 -08:00
nolancon
1e613e5a4c Update TopologyManager Feature Gate: 
- Alpha to Beta.
- True by default.
- Remove redundant validation checks.
 2020-03-02 03:32:05 +00:00
Rob Scott
132d2afca0
Adding IngressClass to networking/v1beta1 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-01 18:17:09 -08:00
Kubernetes Prow Robot
901a884c71
Merge pull request #88338 from egernst/PodOverhead-beta 
Upgrade PodOverhead to beta
 2020-02-28 15:12:40 -08:00
Jan Safranek
2c1b743766 Promote block volume features to GA 2020-02-28 20:48:38 +01:00
Eric Ernst
4637991632 Update PodOverhead feature gate for beta 
Update from alpha to beta, and make the PodOverhead feature gate true by
default.

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2020-02-27 17:27:06 +00:00
Kubernetes Prow Robot
86141c0cce
Merge pull request #88503 from robscott/app-protocol 
Adding AppProtocol to Service and Endpoints Ports
 2020-02-26 00:20:40 -08:00
Rob Scott
6a33727632
Adding AppProtocol to Service and Endpoints Ports 2020-02-25 17:42:34 -08:00
Kubernetes Prow Robot
851efa8a34
Merge pull request #84051 from bart0sh/PR0079-multiple-sizes-hugepages 
Implement support for multiple sizes huge pages
 2020-02-25 14:40:27 -08:00
Kubernetes Prow Robot
71b7b5175a
Merge pull request #87790 from marosset/windows-run-as-username-stable 
Moving Windows RunAsUserName feature to GA
 2020-02-24 17:46:21 -08:00
marosset
d44a30f0ed Moving Windows RunAsUserName feature to GA 2020-02-20 22:08:18 +00:00
Tim Allclair
98ad7416fa Start deprecation process for StreamingProxyRedirects 2020-02-19 10:53:45 -08:00
Ed Bartosh
0eb65bd7da Implement support for multiple sizes huge pages 
This implementation allows Pod to request multiple hugepage resources
of different size and mount hugepage volumes using storage medium
HugePage-<size>, e.g.

spec:
  containers:
    resources:
      requests:
        hugepages-2Mi: 2Mi
        hugepages-1Gi: 2Gi
    volumeMounts:
      - mountPath: /hugepages-2Mi
        name: hugepage-2mi
      - mountPath: /hugepages-1Gi
        name: hugepage-1gi
    ...
  volumes:
    - name: hugepage-2mi
      emptyDir:
        medium: HugePages-2Mi
    - name: hugepage-1gi
      emptyDir:
        medium: HugePages-1Gi

NOTE: This is an alpha feature.
      Feature gate HugePageStorageMediumSize must be enabled for it to work.
 2020-02-19 18:15:40 +02:00
Wei Huang
c93dffdfc4
E2E tests for PodTopologySpread 2020-02-14 16:48:35 -08:00
Charles Eckman
5a176ac772 Provide OIDC discovery endpoints 
- Add handlers for service account issuer metadata.
- Add option to manually override JWKS URI.
- Add unit and integration tests.
- Add a separate ServiceAccountIssuerDiscovery feature gate.

Additional notes:
- If not explicitly overridden, the JWKS URI will be based on
  the API server's external address and port.

- The metadata server is configured with the validating key set rather
than the signing key set. This allows for key rotation because tokens
can still be validated by the keys exposed in the JWKs URL, even if the
signing key has been rotated (note this may still be a short window if
tokens have short lifetimes).

- The trust model of OIDC discovery requires that the relying party
fetch the issuer metadata via HTTPS; the trust of the issuer metadata
comes from the server presenting a TLS certificate with a trust chain
back to the from the relying party's root(s) of trust. For tests, we use
a local issuer (https://kubernetes.default.svc) for the certificate
so that workloads within the cluster can authenticate it when fetching
OIDC metadata. An API server cannot validly claim https://kubernetes.io,
but within the cluster, it is the authority for kubernetes.default.svc,
according to the in-cluster config.

Co-authored-by: Michael Taufen <mtaufen@google.com>
 2020-02-11 16:23:31 -08:00
Kubernetes Prow Robot
652f52b51c
Merge pull request #85637 from dims/cinder-migration-flag 
Flip CSIMigrationOpenStack flag to be beta and off by default
 2020-02-08 21:49:52 -08:00
Jordan Liggitt
57724766bc Remove deprecated GA feature gates 2020-01-23 13:44:21 -05:00
Kubernetes Prow Robot
37d9c22abe
Merge pull request #86377 from wojtek-t/immutable_secrets_api 
API for immutable Secrets and ConfigMaps
 2020-01-18 05:25:35 -08:00
Rob Scott
469de65c25
Enabling EndpointSlice feature gate by default 
This enables the EndpointSlice controller by default, but does not make
kube-proxy a consumer of the EndpointSlice API.
 2020-01-17 16:19:29 -08:00
Rob Scott
47b2593d59
Creating new EndpointSliceProxying feature gate for kube-proxy 
This creates a new EndpointSliceProxying feature gate to cover EndpointSlice
consumption (kube-proxy) and allow the existing EndpointSlice feature gate to
focus on EndpointSlice production only. Along with that addition, this enables
the EndpointSlice feature gate by default, now only affecting the controller.

The rationale here is that it's really difficult to guarantee all EndpointSlices
are created in a cluster upgrade process before kube-proxy attempts to consume
them. Although masters are generally upgraded before nodes, and in most cases,
the controller would have enough time to create EndpointSlices before a new node
with kube-proxy spun up, there are plenty of edge cases where that might not be
the case. The primary limitation on EndpointSlice creation is the API rate limit
of 20QPS. In clusters with a lot of endpoints and/or with a lot of other API
requests, it could be difficult to create all the EndpointSlices before a new
node with kube-proxy targeting EndpointSlices spun up.

Separating this into 2 feature gates allows for a more gradual rollout with the
EndpointSlice controller being enabled by default in 1.18, and EndpointSlices
for kube-proxy being enabled by default in the next release.
 2020-01-17 16:17:40 -08:00
wojtekt
e612ebfdff Immutable field and validation 2020-01-12 20:51:31 +01:00
Kubernetes Prow Robot
3ccdad175a
Merge pull request #86210 from draveness/feature/remove-ga-flags 
feat: remove several feature gates in 1.18
 2020-01-09 13:28:50 -08:00
Matthias Bertschy
6603f41a13 Promote StartupProbe to beta for 1.18 2019-12-15 14:49:34 +01:00
draveness
02f335d476 feat: remove several feature gates in 1.18 2019-12-12 18:17:14 +08:00
Davanum Srinivas
837fd41c42
Flip CSIMigrationOpenStack flag to be beta and off by default 2019-11-26 06:36:16 -05:00
Kubernetes Prow Robot
81af5baff8
Merge pull request #85237 from leakingtapan/ebs-migration-flag 
Flip CSIMigrationAWS flag to be beta and off by default
 2019-11-18 12:33:42 -08:00
Kubernetes Prow Robot
5848ee4945
Merge pull request #85365 from robscott/endpointslice-default-off 
Disabling EndpointSlice feature gate by default
 2019-11-15 17:57:50 -08:00
Rob Scott
37aa219fff
Disabling EndpointSlice feature gate by default 
Given the significance this change would have we've decided to hold off
on enabling this by default until we can have better test coverage and
more real world usage of the feature.
 2019-11-15 14:54:35 -08:00