github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
107,607 Commits 1 Branch 31 Tags
120da3bb9b33b00a6050eb846ea0c31005f89291
Commit Graph

44357 Commits

Author SHA1 Message Date
David Ashpole
120da3bb9b fix copylock vet errors in component-base metrics 2022-03-31 15:07:11 +00:00
Maciej Wyrzuc
1108bed763 Revert "Field status.hostIPs added for Pod (#101566)" 
This reverts commit 61b3c028ba.
 2022-03-31 12:39:45 +00:00
Kubernetes Prow Robot
f2e5c16545 Merge pull request #109060 from thockin/kube-proxy-rule-cleanups-after-106497 
Kube proxy rule reorg XLB->EXT
 2022-03-31 00:11:01 -07:00
Sarvesh Rangnekar
b9792a9dae Introduce APIs to support multiple ClusterCIDRs (#108290) 
* Introduce networking/v1alpha1 api, ClusterCIDRConfig type

Introduce networking/v1alpha1 api group.

Add `ClusterCIDRConfig` type to networking/v1alpha1 api group, this type
will enable the NodeIPAM controller to support multiple ClusterCIDRs.

* Change ClusterCIDRConfig.NodeSelector type in api

* Fix review comments for API

* Update ClusterCIDRConfig API Spec

Introduce PerNodeHostBits field, remove PerNodeMaskSize
 2022-03-30 19:39:00 -07:00
Kubernetes Prow Robot
5223c1efef Merge pull request #97081 from Nordix/issue-93456 
Ipvs: non-local access to externalTrafficPolicy:Local
 2022-03-30 13:37:56 -07:00
Kubernetes Prow Robot
d4ac0ebecb Merge pull request #109072 from jiahuif-forks/feature/leader-migration/to-ga 
Graduate Leader Migration to GA
 2022-03-30 10:58:24 -07:00
Tim Hockin
40e21e310f Elide the -FW- chain when possible 
This makes it epsilon harder to reason about but saves one chain
declaration and one rule per service-port usually.
 2022-03-30 09:55:34 -07:00
Tim Hockin
7726b5f9fc kube-proxy: inline args in most cases 2022-03-30 09:55:34 -07:00
Tim Hockin
c4271c9a6f Rename tests to avoid underscores 2022-03-30 09:55:34 -07:00
Tim Hockin
9ed6b73495 kube-proxy: comment endpoint in SEP jumps 2022-03-30 09:55:34 -07:00
Tim Hockin
0e47dc3a65 kube-proxy: remove old TODO 2022-03-30 09:55:33 -07:00
Tim Hockin
30c1523708 kube-proxy: Renames for readability 2022-03-30 09:55:32 -07:00
Tim Hockin
f1553f58c5 kube-proxy: Remove now unneeded rule 
Now that NodePorts jump to EXT, we don't need a specific rule for
loopback source detection.
 2022-03-30 09:54:40 -07:00
Tim Hockin
db932a0ab1 kube-proxy: Rework LB VIP capture logic 
* Comments
* If there are multiple VIPs, don't declare the fwChain multiple times.
* Don't emit the last -j DROP if there's no source ranges
 2022-03-30 09:54:40 -07:00
Tim Hockin
07b2585927 kube-proxy: Rename XLB -> EXT 
This changes the "XLB" chain into the "EXT" chain - the "external
destinations" chain.
 2022-03-30 09:54:38 -07:00
Tim Hockin
482f3bc4bf kube-proxy: all external jumps to XLB chain 
This makes the "destination" policy model clearer.  All external
destination captures now jump to the "XLB chain, which is the main place
that masquerade is done (removing it from most other places).

This is simpler to trace - XLB *always* exists (as long as you have an
external exposure) and never gets bypassed.
 2022-03-30 09:52:18 -07:00
Tim Hockin
dd0fc6b354 kube-proxy: print line number for test failures 2022-03-29 18:48:27 -07:00
Tim Hockin
ef959f00af kube-proxy: clean up tests 
No functional changes, much whitespace.

Make assertIPTablesRulesEqual() *not* sort the `expected` value - make
the test cases all be pre-sorted.  This will make followup commits
cleaner.

Make the test output cleaner when this fails.

Use dedent everywhere for easier reading.
 2022-03-29 18:48:27 -07:00
Tim Hockin
99330d407a kube-proxy: internal renames 2022-03-29 18:48:27 -07:00
Jefftree
8e88d46210 Switch beta flag on 2022-03-29 17:49:56 -07:00
Jefftree
67d3dbfaae Separate OpenAPI V2 and V3 Config 2022-03-29 17:49:56 -07:00
Kubernetes Prow Robot
b0254c8a0b Merge pull request #108758 from fengzixu/improvement-volume-health 
re-push "add volume kubelet_volume_stats_health_abnormal to kubelet #105585"
 2022-03-29 17:35:34 -07:00
Kubernetes Prow Robot
9fe98d8bab Merge pull request #108736 from NetApp/any-volume-data-source-beta 
Update AnyVolumeDataSource feature gate to beta
 2022-03-29 17:35:25 -07:00
Kubernetes Prow Robot
92c30bf6bd Merge pull request #108724 from sanposhiho/cycle-state 
use `sync.Map` in CycleState for better performance
 2022-03-29 17:35:13 -07:00
Kubernetes Prow Robot
1266744002 Merge pull request #108693 from gnufied/enable-rwx-call-all-nodes 
Enable node-expansion to be called on all nodes for RWX volumes
 2022-03-29 17:35:05 -07:00
Kubernetes Prow Robot
57a739bdf2 Merge pull request #108691 from andrewsykim/proxy-terminating-endpoints 
Apply ProxyTerminatingEndpoints to all traffic policies
 2022-03-29 17:34:57 -07:00
Kubernetes Prow Robot
1cddd38956 Merge pull request #108256 from bertinatto/kubelet-attach-detach 
Update EnableControllerAttachDetach documentation
 2022-03-29 17:34:49 -07:00
Kubernetes Prow Robot
0f2300575c Merge pull request #108032 from deejross/kep3140-cronjob-timezone 
KEP 3140: TimeZone support for CronJob
 2022-03-29 17:34:20 -07:00
Kubernetes Prow Robot
dd1e43332a Merge pull request #107476 from alculquicondor/job-ready 
Graduate JobReadyPods to beta
 2022-03-29 16:08:06 -07:00
Lars Ekman
61085a7589 Ipvs: non-local access to externalTrafficPolicy:Local 
Allow access to externalTrafficPolicy:Local services from PODs
not on a node where a server executes. Problem described in #93456
 2022-03-29 21:42:39 +02:00
Fabio Bertinatto
8150cf8d96 Update EnableControllerAttachDetach documentation 
The kubelet does not support attach/detach operations on CSI volumes. As
a result, CSI volumes rely on the Attach/Detach controller enabled.
 2022-03-29 16:20:06 -03:00
Shiming Zhang
61b3c028ba Field status.hostIPs added for Pod (#101566) 
* Add FeatureGate PodHostIPs

* Add HostIPs field and update PodIPs field

* Types conversion

* Add dropDisabledStatusFields

* Add HostIPs for kubelet

* Add fuzzer for PodStatus

* Add status.hostIPs in ConvertDownwardAPIFieldLabel

* Add status.hostIPs in validEnvDownwardAPIFieldPathExpressions

* Downward API support for status.hostIPs

* Add DownwardAPI validation for status.hostIPs

* Add e2e to check that hostIPs works

* Add e2e to check that Downward API works

* Regenerate
 2022-03-29 11:46:07 -07:00
Ben Swartzlander
08948ca779 Update AnyVolumeDataSource feature gate to beta 
Default to enabled
Fix validation of null-updates/patches when the "old" PVC was persisted by
an older version. Add upgrade integration tests written by liggitt.
 2022-03-29 13:39:48 -04:00
Kubernetes Prow Robot
05b59e7717 Merge pull request #107681 from andyzhangx/azuredisk-migration-ga 
mark AzureDisk CSI migration as GA
 2022-03-29 10:24:55 -07:00
Ross Peoples
d26e6cca72 make update after timeZone support for CronJob 2022-03-29 11:40:46 -05:00
Ross Peoples
dbb3906a09 Fix for timeZone validation and strategy 2022-03-29 11:40:34 -05:00
Kubernetes Prow Robot
6c96ac04ff Merge pull request #101218 from gjkim42/add-taint-toleration-check 
kubelet: check taint/toleration before accepting pods
 2022-03-29 09:16:56 -07:00
Andrew Sy Kim
53439020a4 pkg/proxy/ipvs: add unit tests Test_EndpointSliceOnlyReadyAndTerminatingCluster and Test_EndpointSliceReadyAndTerminatingCluster for validating ProxyTerminatingEndpoints when the traffic policy is 'Cluster' 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-03-29 11:37:15 -04:00
Andrew Sy Kim
718a655e42 pkg/proxy/iptables: add and fix existing unit tests based on changes to ProxyTermintingEndpoints 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-03-29 11:37:15 -04:00
Andrew Sy Kim
e2e0b6fca8 pkg/proxy: update CategorizeEndpoints to apply ProxyTerminatingEndpoints to all traffic policies 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-03-29 11:06:58 -04:00
Aldo Culquicondor
8c00f510ef Graduate JobReadyPods to beta 
Set podUpdateBatchPeriod to 1s

Change-Id: I8a10fd8f8559adad9df179b664b8c82851607855
 2022-03-29 10:07:41 -04:00
Kensei Nakada
136cf57809 use sync.Map in CycleState for better performance 2022-03-29 13:19:50 +00:00
Kubernetes Prow Robot
1ea07d482a Merge pull request #108126 from sanposhiho/doc/generatedname 
fix the doc about generateName conflict
 2022-03-29 02:58:47 -07:00
Ricardo Katz
42a1201082 Implementation on Network Policy Status (#107963) 
* Implement status subresource in NetworkPolicy

* add NetworkPolicyStatus generated files

* Fix comments in netpol status review
 2022-03-29 01:52:48 -07:00
Kubernetes Prow Robot
fe8a663860 Merge pull request #109029 from ehashman/runc-1.1.0 
Dep bump to runc 1.1.0, cadvisor 0.44.0
 2022-03-28 22:45:10 -07:00
Kubernetes Prow Robot
c290874532 Merge pull request #109089 from deepakkinni/deprecate-vc-70u2-below-releases-v2 
deprecate vsphere releases less than 7.0u2 for in-tree vsphere volumes
 2022-03-28 19:25:11 -07:00
Kubernetes Prow Robot
f85ff4b574 Merge pull request #82162 from krmayankk/maxun 
API: maxUnavailable for StatefulSet
 2022-03-28 17:57:10 -07:00
Divyen Patel
009286019e deprecate vsphere releases less than 7.0u2 for in-tree vsphere volume plugin 2022-03-29 06:15:22 +05:30
Kir Kolyshkin
37761a329e pkg/kubelet: changes to update runc to 1.1.0 
The changes (mostly in pkg/kubelet/cm) are there to adopt changed
runc 1.1 API, and simplify things a bit. In particular:

1. simplify cgroup manager instantiation, using a new, easier way of
   libcontainers/cgroups/manager.New;

2. replace libcontainerAdapter with a boolean variable (all it did
   was passing on whether systemd manager should be used);

3. trivial change due to removed cgroupfs.HugePageSizes and added
    cgroups.HugePageSizes();

4. do not calculate cgroup paths in update / destroy, since libcontainer
   cgroup managers now calculate the paths upon creation (previously,
   they were doing that only in Apply, so using e.g. Set or Destroy right
   after creation was impossible without specifying paths).

We currently still calculate cgroup paths in Exists -- this is to be
addressed separately.

Co-Authored-By: Elana Hashman <ehashman@redhat.com>
 2022-03-28 16:23:20 -07:00
Kubernetes Prow Robot
4fdca04f35 Merge pull request #109059 from danwinship/kube-iptables-hint 
Create a KUBE-IPTABLES-HINT chain
 2022-03-28 15:24:04 -07:00