github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
95,046 Commits 1 Branch 31 Tags
1cb1005437b38579f44ed3de467e334a97efc042
Commit Graph

9657 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
4df8d97af0 Merge pull request #95725 from p0lyn0mial/delegated-authz-sar-timeout 
sets explicit timeout for SubjectAccessReview client
 2020-10-27 03:37:59 -07:00
Kubernetes Prow Robot
3d6026499b Merge pull request #95235 from andrewsykim/controlplane-egress-selector 
apiserver: support 'controlplane' as an egress selector type
 2020-10-26 14:45:59 -07:00
Khaled Henidak (Kal)
6675eba3ef dual stack services (#91824) 
* api: structure change

* api: defaulting, conversion, and validation

* [FIX] validation: auto remove second ip/family when service changes to SingleStack

* [FIX] api: defaulting, conversion, and validation

* api-server: clusterIPs alloc, printers, storage and strategy

* [FIX] clusterIPs default on read

* alloc: auto remove second ip/family when service changes to SingleStack

* api-server: repair loop handling for clusterIPs

* api-server: force kubernetes default service into single stack

* api-server: tie dualstack feature flag with endpoint feature flag

* controller-manager: feature flag, endpoint, and endpointSlice controllers handling multi family service

* [FIX] controller-manager: feature flag, endpoint, and endpointSlicecontrollers handling multi family service

* kube-proxy: feature-flag, utils, proxier, and meta proxier

* [FIX] kubeproxy: call both proxier at the same time

* kubenet: remove forced pod IP sorting

* kubectl: modify describe to include ClusterIPs, IPFamilies, and IPFamilyPolicy

* e2e: fix tests that depends on IPFamily field AND add dual stack tests

* e2e: fix expected error message for ClusterIP immutability

* add integration tests for dualstack

the third phase of dual stack is a very complex change in the API,
basically it introduces Dual Stack services. Main changes are:

- It pluralizes the Service IPFamily field to IPFamilies,
and removes the singular field.
- It introduces a new field IPFamilyPolicyType that can take
3 values to express the "dual-stack(mad)ness" of the cluster:
SingleStack, PreferDualStack and RequireDualStack
- It pluralizes ClusterIP to ClusterIPs.

The goal is to add coverage to the services API operations,
taking into account the 6 different modes a cluster can have:

- single stack: IP4 or IPv6 (as of today)
- dual stack: IPv4 only, IPv6 only, IPv4 - IPv6, IPv6 - IPv4

* [FIX] add integration tests for dualstack

* generated data

* generated files

Co-authored-by: Antonio Ojea <aojea@redhat.com>
 2020-10-26 13:15:59 -07:00
Kubernetes Prow Robot
bdde4fb8f5 Merge pull request #93040 from cmluciano/cml/ipvsschedmodules 
ipvs: ensure selected scheduler kernel modules are loaded
 2020-10-26 10:25:17 -07:00
Lukasz Szaszkiewicz
2160cbc53f DelegatingAuthorizationOptions: exposes and sets a default timeout for SubjectAccessReview client 
previously no timeout was set. Requests without explicit timeout might potentially hang forever and lead to starvation of the application.
 2020-10-26 17:11:59 +01:00
Andrew Sy Kim
a0aebf96ec apiserver: support egress selection name 'controlplane' and deprecate 'master' 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-10-26 10:24:16 -04:00
Christopher M. Luciano
51ed242194 ipvs: check for existence of scheduler module and fail if not found 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-10-23 17:17:44 -04:00
Kubernetes Prow Robot
254f3e26ab Merge pull request #95786 from Sh4d1/add_missing_kubeadm_patch 
fix: add missing patch flag for kubeadm init phase control-plane
 2020-10-23 02:27:45 -07:00
Kubernetes Prow Robot
3627a28279 Merge pull request #95723 from aojea/podcidr 
kubeadm: validate podSubnet against node-mask and serviceSubnet max size
 2020-10-23 01:35:45 -07:00
Kubernetes Prow Robot
1257bc5acb Merge pull request #91474 from cici37/pkgController 
Cleanup CCM dependencies
 2020-10-22 23:17:45 -07:00
Antonio Ojea
4e14d1b9a3 kubeadm: validate node-cidr-mask are correct 2020-10-22 17:31:10 +02:00
Antonio Ojea
7fc6b4157b kubeadm validate maximum service subnet size 
Validate that the maximum service subnet size doesn't exceed the
limits.

Co-authored-by: Arvinderpal Wander <awander@gmail.com>
 2020-10-22 17:30:59 +02:00
Antonio Ojea
8b52995d32 kubeadm: validate podSubnet against node-cidr-mask 
the controller manager should validate the podSubnet against the node-mask
because if they are incorrect can cause the controller-manager to fail.

We don't need to calculate the node-cidr-masks, because those should
be provided by the user, if they are wrong we fail in validation.
 2020-10-22 16:24:13 +02:00
Patrik Cyvoct
5fc4b4ea8f fix: add missing patch flag for kubeadm init phase control-plane 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-10-22 10:46:50 +02:00
Kubernetes Prow Robot
3fe372c3da Merge pull request #95631 from alculquicondor/enable-default-spreading 
Graduate DefaultPodTopologySpread to beta
 2020-10-20 07:58:09 -07:00
Kubernetes Prow Robot
3175b59ac2 Merge pull request #94489 from ialidzhikov/fix/volume-expand 
Do not assume storageclass is still in-tree after csi migration
 2020-10-19 15:08:07 -07:00
cici37
95acec5a3b Move client_builder to k8s.io/controller-manager 2020-10-19 14:48:22 -07:00
Aldo Culquicondor
87c8349bdc Graduate DefaultPodTopologySpread to beta 
And set to enabled by default

Change-Id: Ie4cc4758c52492924cb0663450f2747908cb5882
 2020-10-19 16:58:09 -04:00
He Jie Xu
6e55b88725 Reorder default Filter plugins to have UnschedulableAndUnresolvable first 2020-10-14 09:40:51 +00:00
Kubernetes Prow Robot
475849eafa Merge pull request #95426 from neolit123/1.20-add-output-to-generate-csr 
kubeadm: add some output to the generate-csr command
 2020-10-12 19:31:21 -07:00
Kubernetes Prow Robot
1dff024e64 Merge pull request #91014 from cici37/apiConfig 
Move cmd/controller-manager to k8s.io/controller-manager
 2020-10-12 15:17:22 -07:00
Lubomir I. Ivanov
bae6b93d5c kubeadm: add some output to the generate-csr command 
Currently the "generate-csr" command does not have any output.
Pass an io.Writer (bound to os.Stdout from /cmd) to the functions
responsible for generating the kubeconfig / certs keys and CSRs.

If nil is passed these functions don't output anything.
 2020-10-12 19:05:45 +03:00
SataQiu
646f4e2b62 make new command functions to keep private when they are not required to be public 2020-10-10 12:03:02 +08:00
James Sturtevant
78ca71857b Update Windows Pause version to 1.4.0 2020-10-08 15:39:31 -07:00
cici37
ae8ce0d190 Move cmd/controller-manager to k8s.io/controller-manager and cloud specific configs to k8s.io/cloud-provider. 2020-10-08 13:23:16 -07:00
Dan Winship
75242fce7a kubelet: allow specifying dual-stack node IPs on bare metal 
Discussion is ongoing about how to best handle dual-stack with clouds
and autodetected IPs, but there is at least agreement that people on
bare metal ought to be able to specify two explicit IPs on dual-stack
hosts, so allow that.
 2020-10-07 17:25:54 -04:00
cici37
33e23c4005 Move cloud related feature gates to controller-manager 2020-10-05 10:19:08 -07:00
Kubernetes Prow Robot
aa1f912868 Merge pull request #94915 from Lion-Wei/fix-cleanup 
fix kube-proxy cleanup
 2020-09-30 06:21:24 -07:00
Kubernetes Prow Robot
902ed94bba Merge pull request #95134 from zgfh/add_note_for_kubeadm_cert_renew 
kubeadm: add note for kubeadm cert renew
 2020-09-29 06:27:26 -07:00
Kubernetes Prow Robot
604569482f Merge pull request #94504 from neolit123/1.20-warning-cert-bounds-client-side 
kubeadm: print warnings on invalid cert period instead of erroring out
 2020-09-29 02:49:25 -07:00
Alan Zhu
b9067e5a0c add note for kubeadm cert renew 2020-09-29 09:05:40 +08:00
Lubomir I. Ivanov
477c41f36d kubeadm: deprecate self-hosting support 
Deprecate the experimental command "alpha self-hosting" and its
sub-command "pivot" that can be used to create a self-hosting
control-plane from static Pods.
 2020-09-28 22:24:24 +03:00
Kubernetes Prow Robot
db9f1e91d9 Merge pull request #94988 from neolit123/1.20-tollerate-missing-ca-key-on-join 
kubeadm: warn but do not error out on missing CA keys on CP join
 2020-09-28 06:36:48 -07:00
Daniel Smith
13b6a929bc It's an 'Instance' of apiserver 2020-09-24 16:14:29 -04:00
Kubernetes Prow Robot
770eb2c4a0 Merge pull request #94871 from neolit123/1.20-kubeadm-remove-experimental-kustomize 
kubeadm: remove the --experimental-kustomize feature
 2020-09-24 08:16:06 -07:00
Lubomir I. Ivanov
7c783fa374 kubeadm: make the CP join handling of kubeconfig similar to "init" 
The kubeconfig phase of "kubeadm init" detects external CA mode
and skips the generation of kubeconfig files. The kubeconfig
handling during control-plane join executes
CreateJoinControlPlaneKubeConfigFiles() which requires the presence
of ca.key when preparing the spec of a kubeconfig file and prevents
usage of external CA mode.

Modify CreateJoinControlPlaneKubeConfigFiles() to skip generating
the kubeconfig files if external CA mode is detected.
 2020-09-24 18:12:00 +03:00
Lubomir I. Ivanov
05b77fe99f kubeadm: warn but do not error out on missing CA keys on CP join 
- Modify validateCACertAndKey() to print warnings for missing keys
instead of erroring out.
- Update unit tests.

This allows doing a CP node join in a case where the user has:
- copied shared certificates to the new CP node, but not copied
ca.key files, treating the cluster CAs as external
- signed other required certificates in advance
 2020-09-24 18:11:59 +03:00
Kubernetes Prow Robot
3aa546923c Merge pull request #94586 from BedivereZero/master 
Stop container before remove for Docker
 2020-09-23 10:14:25 -07:00
Kubernetes Prow Robot
7a2812ca60 Merge pull request #94938 from yagonobre/certs-graduate 
Graduate kubeadm alpha certs command
 2020-09-23 08:36:10 -07:00
Yago Nobre
2f19cf7cbc Graduate kubeadm alpha certs command 2020-09-23 10:13:45 -03:00
Kubernetes Prow Robot
18782e9996 Merge pull request #94884 from arghya88/remove-deprecated-scheduler-metrics 
removing deprecated scheduler metrics
 2020-09-22 14:42:32 -07:00
Kubernetes Prow Robot
86a9087896 Merge pull request #89962 from wangrzneu/master 
make kubectl/kubeadm completion script support busybox
 2020-09-22 12:21:23 -07:00
Arghya Sadhu
c62f0dd165 removing deprecated scheduler metrics 2020-09-22 21:04:15 +05:30
knight42
36eb74a803 refactor(kubeadm): make alpha kubeconfig user command accpet --config 
Signed-off-by: knight42 <anonymousknight96@gmail.com>
 2020-09-22 23:10:41 +08:00
Kubernetes Prow Robot
dd466bccde Merge pull request #94527 from brahmaroutu/mount-utils-2 
Change code to use  staging/k8s.io/mount-utils
 2020-09-21 17:46:47 -07:00
Kubernetes Prow Robot
4304f4bdbd Merge pull request #94869 from neolit123/1.20-remove-upgrade-node-kubelet-flag 
kubeadm: remove the --kubelet-version flag for "upgrade node"
 2020-09-21 12:55:52 -07:00
Kubernetes Prow Robot
f682c4f142 Merge pull request #94816 from neolit123/1.20-relax-kubeconfig-server-validation 
kubeadm: relax the validation of kubeconfig server URLs
 2020-09-21 10:04:33 -07:00
Kubernetes Prow Robot
6568625dc7 Merge pull request #94919 from fabriziopandini/remove-kubeadm-audit 
Remove kubeadm audit package
 2020-09-20 08:38:29 -07:00
Kubernetes Prow Robot
fcbeee92f5 Merge pull request #94347 from povsister/kube-proxy-help-msg 
Make kubeconfig command-line help message of kube-proxy more precise
 2020-09-19 17:32:29 -07:00
fabriziopandini
66b8847dbf Remove kubeadm audit package 2020-09-19 17:20:39 +02:00