github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
110,078 Commits 1 Branch 31 Tags 1,019 MiB
22cb7ac766
Commit Graph

2917 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
e26acc06a0
Merge pull request #99098 from JornShen/cleanup_makeServiceWithClusterIp 
cleanup TestNormalizeClusterIPs
 2021-02-17 11:58:42 -08:00
Kubernetes Prow Robot
4f1dd5d2fb
Merge pull request #96987 from soltysh/drop_batch-alpha 
Drop batch/v2alpha1
 2021-02-17 06:35:06 -08:00
Nikhita Raghunath
6cef3a4e33 *: remove nikhiljindal from OWNERS 2021-02-16 10:59:26 +05:30
Nikhita Raghunath
dc3f59c881 *: remove mbohlool from reviewers 2021-02-16 10:59:27 +05:30
Nikhita Raghunath
6b12c96a9b *: remove madhusudancs from reviewers 2021-02-16 10:59:26 +05:30
Nikhita Raghunath
b11516d69f *: move gmarek to emeritus_approvers 2021-02-16 10:59:19 +05:30
Kubernetes Prow Robot
3d8dd2517f
Merge pull request #98201 from pacoxu/limit-range/fix 
fix duplicate validation error for quota editing
 2021-02-15 12:53:05 -08:00
jornshen
1e09a758c5 do some cleanup on TestNormalizeClusterIPs 2021-02-16 00:32:00 +08:00
Maciej Szulik
7d9f36cd85
Generated changes 2021-02-12 17:51:15 +01:00
Maciej Szulik
3dab7462d1
Drop batch/v2alpha1 API 2021-02-12 17:51:12 +01:00
Kubernetes Prow Robot
ee2b7a5049
Merge pull request #98049 from pacoxu/enhancements/redir-links 
fix all keps links 404 for kep folder migration
 2021-02-01 21:48:28 -08:00
Ricardo Katz
b7c82bb83c
Add EndPort to Network Policy - Alpha (#97058) 
* Fix merge conflict in kube_features

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Correct some nits

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy
 2021-02-01 19:24:28 -08:00
pacoxu
a10bdfed09 fix all keps links 404 for kep folder migration 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-02-01 19:41:59 +08:00
pacoxu
8bd7a09224 fix duplicate validation error for quota editing 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-01-27 03:21:24 +08:00
David Eads
37cc89ed8d finish removal of exportoptions 2021-01-22 13:47:31 -05:00
Kubernetes Prow Robot
661eae7c7c
Merge pull request #97814 from deads2k/podlogs-metrics 
add metrics for insecure backend proxy
 2021-01-21 13:27:00 -08:00
Kubernetes Prow Robot
52833a2b4e
Merge pull request #97861 from alculquicondor/test-job-strategy 
Test enabled and disabled gates for Job strategy
 2021-01-20 10:38:21 -08:00
Kubernetes Prow Robot
09bcf0723a
Merge pull request #97155 from sanwishe/master 
cleanup unused type conversion
 2021-01-15 11:15:51 -08:00
David Eads
782a7a5426 add metrics for insecure backend proxy 2021-01-14 15:26:37 -05:00
Kubernetes Prow Robot
94a623a45a
Merge pull request #90299 from josephw/send-static-retry-after-when-hitting-pod-disruption-budget 
Set a static Retry-After when evicting a pod is not allowed.
 2021-01-11 07:19:07 -08:00
Joseph Walton
fb61854bd2 Set a static Retry-After when evicting a pod is not allowed. 
Follow the original TODO from back in c86b84c with the errors added
in d3be1ac. Edit the TODO to make clear that a dynamic response would
still be ideal.

Dramatically reduce the time based on suggestion in PR, and remove name from TODO
as not currently active.
 2021-01-11 23:23:35 +11:00
Tim Hockin
625713008d Make REST Decorator funcs not return error 2021-01-08 11:00:39 -08:00
Aldo Culquicondor
568b71151e Test enabled and disabled gates for Job strategy 
Change-Id: Ie93c9019e7d67573573b8d4b53ae32ab8fb22d39
 2021-01-08 13:57:09 -05:00
Kubernetes Prow Robot
7602472a52
Merge pull request #97652 from gavinfish/benchmark-rbac 
ApiServer: Add benchmark for ensureRBACPolicy
 2021-01-07 10:57:05 -08:00
Kubernetes Prow Robot
c5cc25d1cb
Merge pull request #97615 from wojtek-t/immutable_secrets_ga 
Promote Immutable Secrets/ConfigMaps to Stable
 2021-01-07 00:03:45 -08:00
Kubernetes Prow Robot
07bd985724
Merge pull request #96561 from ialidzhikov/cleanup/csi-node-info 
Remove CSINodeInfo feature gate
 2021-01-05 11:46:00 -08:00
drfish
5711625518 Add benchmark for ensureRBACPolicy 2021-01-02 11:03:06 +08:00
wojtekt
8ce71fbae2 Autogenerated 2020-12-30 16:00:41 +01:00
wojtekt
0f88bbe9b1 Promote Immutable Secrets/ConfigMaps feature to GA 2020-12-30 16:00:41 +01:00
Kubernetes Prow Robot
974cf4c9c2
Merge pull request #89828 from wojtek-t/suggestions_for_delete 
Try to avoid etcd.Get as part of Delete operation
 2020-12-17 12:54:26 -08:00
Clayton Coleman
c37c93f47a
validation: Handle presence of MaxSurge on DaemonSet 
When the maxsurge daemonset gate is disabled, the registry and validation
must properly handle stripping the field. In the special case where that
would leave the MaxUnavailable field set to 0, we must set it to 1 which
is the default value.
 2020-12-17 09:00:56 -05:00
wojtekt
c2d61896f4 Add suggestion to storage interface Delete method 2020-12-16 08:12:57 +01:00
ialidzhikov
bc432124a2 Remove CSINodeInfo feature gate 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
 2020-12-10 09:58:22 +02:00
Mingzhi Jiang
dd830ca4ee cleanup unused type conversion 2020-12-07 09:51:01 +00:00
Lars Ekman
a0e613363a service.spec.AllocateLoadBalancerNodePorts followup 2020-11-24 08:10:43 +01:00
Kubernetes Prow Robot
36f571404f
Merge pull request #96527 from adtac/apfbeta 
promote API priority and fairness types and APIs to beta
 2020-11-13 19:33:04 -08:00
Adhityaa Chandrasekar
642b114830 flowcontrol bootstrap: give catch-all PL more concurrency share 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
 2020-11-13 23:20:42 +00:00
yue9944882
849be447f5 APF: graduate API and types to beta 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
 2020-11-13 23:20:39 +00:00
Laszlo Janosi
c970a46bc1
Mixed protocol support for Services with type=LoadBalancer (#94028) 
* Mixed protocol support for Services with type=LoadBalancer

KEP: https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/20200103-mixed-protocol-lb.md
Add new feature gate to control the support of mixed protocols in Services with type=LoadBalancer
Add new fields to the ServiceStatus
  Add Ports to the LoadBalancerIngress, so cloud provider implementations can report the status of the requested load balanc
er ports
  Add ServiceCondition to the ServiceStatus so Service controllers can indicate the conditions of the Service

* regenerate conflicting stuff
 2020-11-13 13:21:04 -08:00
Lars Ekman
8fca0f9955 Update generated files 2020-11-13 07:42:58 +01:00
Lars Ekman
1f4d852f2f Add service.spec.AllocateLoadBalancerNodePorts 2020-11-13 07:37:22 +01:00
Kubernetes Prow Robot
198b2fdb14
Merge pull request #95739 from huffmanca/relax-csi-fsgroup-validation 
Relax validation for CSIVolumeFSGroupPolicy and move to beta
 2020-11-12 17:10:24 -08:00
Kubernetes Prow Robot
94b17881fc
Merge pull request #96454 from Sh4d1/revert_92312 
Revert "Merge pull request #92312 from Sh4d1/kep_1860"
 2020-11-12 16:03:24 -08:00
Kubernetes Prow Robot
765d949bfc
Merge pull request #96440 from robscott/endpointslice-pre-ga 
Adding NodeName to EndpointSlice API, deprecation updates
 2020-11-12 16:03:13 -08:00
Christian Huffman
6b9348e878 Relax validation for CSIVolumeFSGroupPolicy 2020-11-12 16:26:20 -05:00
Kubernetes Prow Robot
27c2525a13
Merge pull request #96444 from roycaihw/rbac-hook-retry-503 
RBAC initialization: actually retry if we failed to reconcile some objects
 2020-11-12 13:17:01 -08:00
Shihang Zhang
d2859cd89b plumb service account token down to csi driver 2020-11-12 09:26:43 -08:00
Rob Scott
b98cab7740
Updating EndpointSlice strategy to cover alpha NodeName field 2020-11-11 18:25:54 -08:00
Haowei Cai
9bf7fcfc76 actually retry if we failed to reconcile some objects 
retry RBAC initialization for up to 30 seconds, kill server on failure
 2020-11-11 15:39:12 -08:00
Sergey Kanzhelev
06da0e5e74 GA of RuntimeClass feature gate and API 2020-11-11 19:22:32 +00:00
Patrik Cyvoct
d29665cc17
Revert "Merge pull request #92312 from Sh4d1/kep_1860" 
This reverts commit ef16faf409, reversing
changes made to 2343b8a68b.
 2020-11-11 10:26:53 +01:00
Derek Carr
45bd6cb186 Downward API hugepages 2020-11-10 16:09:13 -05:00
Kubernetes Prow Robot
4261200724
Merge pull request #93873 from roycaihw/storage-version/handler 
Apiserver updates storageversions API and filters certain write requests during bootstrap
 2020-11-09 17:30:41 -08:00
Chao Xu
22452917c2 make some rbac and scheduling post start hooks tolerate the apiserver 
bootstrap delay caused by installing storage versions.
 2020-11-08 18:53:40 -08:00
Patrik Cyvoct
7bdf2af648
fix review 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-11-07 10:00:51 +01:00
Patrik Cyvoct
0153b96ab8
fix review 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-11-07 10:00:27 +01:00
Andrew Sy Kim
7cf19e5fb7 endpointslice API: rename 'accepting' condition to 'serving' condition 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-11-05 19:18:45 -05:00
Andrew Sy Kim
80046582d7 endpointslice API strategy: drop disabled fields 'accepting' and 'terminating' 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-11-05 19:18:45 -05:00
Kubernetes Prow Robot
56c1be8317
Merge pull request #95603 from soltysh/api_extensions 
Introduce api-extensions category in k8s apiserver
 2020-11-04 13:25:07 -08:00
Kubernetes Prow Robot
95c56ada4b
Merge pull request #96112 from wojtek-t/remove_variadic_from_storage_interface 
Remove variadic argument from storage interface
 2020-11-02 11:57:00 -08:00
Kubernetes Prow Robot
cf4a33c549
Merge pull request #95761 from ingvagabund/move-rbac-under-component-helpers 
Move pkg/registry/rbac code imported by kubectl under component helpers
 2020-11-02 11:56:29 -08:00
Jan Chaloupka
a5920f7edb Move helpers from pkg/registry/rbac/reconciliation and pkg/registry/rbac/validation under k8s.io/component-helpers 2020-11-02 17:51:16 +01:00
Kubernetes Prow Robot
d1c296431e
Merge pull request #96059 from knight42/refactor/migrate-health-check 
refactor: migrate health checks of control-plane off insecure port in tests
 2020-11-02 08:21:08 -08:00
wojtekt
8b98305858 Remove variadic argument from storage interface 2020-11-02 16:08:23 +01:00
knight42
3c4d6859c8
refactor: migrate health checks of control-plane off insecure port in tests 
Signed-off-by: knight42 <anonymousknight96@gmail.com>
 2020-10-31 11:39:25 +08:00
Kubernetes Prow Robot
bf67247124
Merge pull request #93258 from zshihang/token 
mv TokenRequest and TokenRequestProjection to GA
 2020-10-30 16:36:51 -07:00
Shihang Zhang
ff641f6eb2 mv TokenRequest and TokenRequestProjection to GA 2020-10-29 20:47:01 -07:00
Tim Hockin
a4c9330683 Populate ClusterIPs on read 
Old stored services will not have the `clusterIPs` field when read back
without this.

This includes some renaming for clarity and expanded comments, and a new
test for default on read.
 2020-10-29 20:40:39 -07:00
Maciej Szulik
9a4dfec2be
Introduce api-extensions category in k8s apiserver 
This category includes:
1. mutating admission configs
2. validating admission configs
3. CRDs
4. APIServices
 2020-10-29 16:44:26 +01:00
Tim Hockin
4f8fb1d3ca Wipe some fields on service "type" updates 
Service has had a problem since forever:

- User creates a service type=LoadBalancer
- We silently allocate them a NodePort
- User changes type to ClusterIP
- We fail the operation because they did not clear NodePort

They never asked for or used the NodePort!

Dual-stack introduced some dependent fields that get auto-wiped on
updates.  This carries it further.

If you squint, you can see Service as a big, messy discriminated union,
with type as the discriminator. Ignoring fields for non-selected
union-modes seems right.

This introduces the potential for an apply loop. Specifically, we will
accept YAML that we did not previously accept. Apply could see the
field in local YAML and not in the server and repeatedly try to patch it
in. But since that YAML is currently an error, it seems like a very low
risk. Almost nobody actually specifies their own NodePort values.

To mitigate this somewhat, we only auto-wipe on updates. The same YAML
would fail to create. This is a little inconsistent. We could
auto-wipe on create, too, at the risk of more potential impact.

To do this properly, we need to know the old and new values, which means
we can not do it in defaulting or conversion. So we do it in strategy.

This change also adds unit tests and updates e2e tests to rely on and
verify this behavior.
 2020-10-28 10:41:26 -07:00
Tim Hockin
c5f3e560e4 Make some methods into non-methods 2020-10-28 10:41:26 -07:00
Khaled Henidak (Kal)
6675eba3ef
dual stack services (#91824) 
* api: structure change

* api: defaulting, conversion, and validation

* [FIX] validation: auto remove second ip/family when service changes to SingleStack

* [FIX] api: defaulting, conversion, and validation

* api-server: clusterIPs alloc, printers, storage and strategy

* [FIX] clusterIPs default on read

* alloc: auto remove second ip/family when service changes to SingleStack

* api-server: repair loop handling for clusterIPs

* api-server: force kubernetes default service into single stack

* api-server: tie dualstack feature flag with endpoint feature flag

* controller-manager: feature flag, endpoint, and endpointSlice controllers handling multi family service

* [FIX] controller-manager: feature flag, endpoint, and endpointSlicecontrollers handling multi family service

* kube-proxy: feature-flag, utils, proxier, and meta proxier

* [FIX] kubeproxy: call both proxier at the same time

* kubenet: remove forced pod IP sorting

* kubectl: modify describe to include ClusterIPs, IPFamilies, and IPFamilyPolicy

* e2e: fix tests that depends on IPFamily field AND add dual stack tests

* e2e: fix expected error message for ClusterIP immutability

* add integration tests for dualstack

the third phase of dual stack is a very complex change in the API,
basically it introduces Dual Stack services. Main changes are:

- It pluralizes the Service IPFamily field to IPFamilies,
and removes the singular field.
- It introduces a new field IPFamilyPolicyType that can take
3 values to express the "dual-stack(mad)ness" of the cluster:
SingleStack, PreferDualStack and RequireDualStack
- It pluralizes ClusterIP to ClusterIPs.

The goal is to add coverage to the services API operations,
taking into account the 6 different modes a cluster can have:

- single stack: IP4 or IPv6 (as of today)
- dual stack: IPv4 only, IPv6 only, IPv4 - IPv6, IPv6 - IPv4

* [FIX] add integration tests for dualstack

* generated data

* generated files

Co-authored-by: Antonio Ojea <aojea@redhat.com>
 2020-10-26 13:15:59 -07:00
Arjun Naik
0fec7b0f7e Added functionality and API for pod autoscaling based on container resources 
Signed-off-by: Arjun Naik <anaik@redhat.com>
 2020-10-21 21:10:05 +02:00
Michael Gugino
717be0cd44 Allow deletion of unhealthy pods if enough healthy 
Currently, if you have a PDB with 0 disruptions
available and you attempt to evict a non-healthy
pod, the eviction request will always fail.  This
is because the eviction API does not currently
take in to account that the pod you are removing
is the unhealthy one.

This commit accounts for trying to evict an
unhealthy pod as long as there are enough healthy
pods to satisfy the PDB's requirements.  To
protect against race conditions, a ResourceVersion
constraint is enforced.  This will ensure that
the target pod does not go healthy and allow
any race condition to occur which might disrupt
too many pods at once.

This commit also eliminates superfluous class to
DeepCopy for the deleteOptions struct.
 2020-10-20 12:59:23 -04:00
Dan Winship
3a110546ed Move SCTP to GA 2020-10-15 08:56:33 -04:00
Zsolt Prontvai
c244e175e2 Fix golint failures in pkg/registry/core/replicationcontroller 2020-10-03 12:56:14 +01:00
Kubernetes Prow Robot
def8fe3b4e
Merge pull request #94685 from verb/ec-admission 
Convert to EphemeralContainers for validation in EphemeralContainersREST
 2020-09-30 00:29:25 -07:00
Kubernetes Prow Robot
0f39af90ed
Merge pull request #94364 from wojtek-t/efficient_watch_resumption 
Efficient watch resumption
 2020-09-25 15:42:48 -07:00
Kubernetes Prow Robot
63d4a03270
Merge pull request #94947 from phillc/master 
Replace 'the the ' with 'the '
 2020-09-23 20:28:04 -07:00
Kubernetes Prow Robot
f728fbaa62
Merge pull request #94501 from ialidzhikov/nit/labels-staticcheck 
Fix staging/src/k8s.io/apimachinery/pkg/labels golint findings
 2020-09-22 12:23:51 -07:00
phillc
adbc7c2172
find . -type f \( -name "*.go" -or -name "*.md" \) -print0 | xargs -0 gsed -i 's/the the /the /g' 2020-09-21 16:37:12 -04:00
Jordan Liggitt
71fcc2298d Fix resource location for ipv6 pods 2020-09-16 11:24:07 -04:00
wojtekt
fbd65a265a Pipe newFunc to etcd3 storage layer 2020-09-15 08:19:12 +02:00
David Eads
c0c033b12f generated 2020-09-14 09:24:41 -04:00
David Eads
c7911a384c remove pod presets 2020-09-14 09:24:40 -04:00
ialidzhikov
88fadb24c1 Fix staging/src/k8s.io/apimachinery/pkg/labels golint findings 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
 2020-09-10 18:55:17 +03:00
Lee Verberne
bf0a33d1de Use EphemeralContainers for storage validation 
When updating ephemeral containers, convert Pod to EphemeralContainers
in storage validation. This resolves a bug where admission webhook
validation fails for ephemeral container updates because the webhook
client cannot perform the conversion.

Also enable the EphemeralContainers feature gate for the admission
control integration test, which would have caught this bug.
 2020-09-10 17:24:52 +02:00
Haowei Cai
07506ab384 generated 2020-09-08 19:14:36 -07:00
Chao Xu
86dd4ce3b5 Let kube-apiserver host the storage version API 
Co-authored-by: Haowei Cai <haoweic@google.com>
 2020-09-08 19:14:36 -07:00
Kubernetes Prow Robot
1f708f6e62
Merge pull request #94112 from damemi/sort-endpoints 
Remove canonicalization of endpoints by endpoints controller for better comparison
 2020-09-04 22:13:40 -07:00
Antonio Ojea
0004b199d5 do not mutate endpoints in the apiserver 
the endpoints API handler was using the Canonicalize() method to
reorder the endpoints, however, due to differences with the
endpoint controller RepackSubsets(), the controller was considering
the endpoints different despite they were not, generating unnecessary
updates evert resync period.
 2020-09-04 08:42:45 -04:00
Jordan Liggitt
68dd0b7f27 Deflake TestServiceRegistryExternalTrafficHealthCheckNodePortUserAllocation 2020-09-03 16:31:03 -04:00
Daniel Smith
a86afc12df update scripts 2020-09-02 10:49:40 -07:00
Daniel Smith
75f835aa08 move port definitions to a common location 2020-09-02 10:48:25 -07:00
Kubernetes Prow Robot
0a1aa394b7
Merge pull request #92987 from nikhita/cleanup-owners-apimachinery 
apimachinery: remove inactive members from OWNERS
 2020-08-27 19:08:33 -07:00
Zhou Peng
d253551e89 [pkg/registry/admissionregistration]: fixup wrong copy&paste godoc 
This was introduced at commit: fc5a613c17

Signed-off-by: Zhou Peng <p@ctriple.cn>
 2020-08-23 00:48:55 +08:00
Kubernetes Prow Robot
bdb99c8e09
Merge pull request #93906 from aojea/flakeSvc 
Deflake TestServiceRegistryUpdateDryRun test
 2020-08-18 15:45:10 -07:00
Antonio Ojea
b276b4775f Deflake TestServiceRegistryUpdateDryRun test 
The test suite was using a /24 cluster network for the allocator.
The ip allocator, if no ip is specified when creating the cluster,
picks one randomly, that means that we had 1/256 chances of
collision.

The TestServiceRegistryUpdateDryRun was creating a service without
a ClusterIP, the ip allocator assigned one random, and it was
never deleting it. The same test was checking later if one
specific IP was not allocated, not taking into consideration
that the same ip may have allocated to the first Service.

To avoid any randomness, we create the first Service with a specific
IP address.
 2020-08-18 22:02:55 +02:00
Jordan Liggitt
f87a846e65 Validate ingress TLS secretName in v1 2020-08-12 10:13:08 -04:00
Kubernetes Prow Robot
96c057ab48
Merge pull request #92001 from huffmanca/include-csidriver-fsgroup 
Include CSIDriver capability to indicate fsGroup support
 2020-07-16 09:11:42 -07:00
Kubernetes Prow Robot
c23a4b08d7
Merge pull request #92874 from chelseychen/event-api 
Fix a few places where source field is empty when creating events via events/v1
 2020-07-11 20:57:31 -07:00
Christian Huffman
58bd3e5230 Include CSIDriver SupportsFsGroup 2020-07-11 23:29:24 -04:00
Nikhita Raghunath
db495ea983 apimachinery: remove inactive members from OWNERS 2020-07-11 19:28:24 +05:30
Sascha Grunert
96fb83c4c1
Implement PodSecurityPolicy enforcement for seccomp GA 
This implements the necessary pieced for the PodSecurityPolicy
enforcement like described in the appropriate KEP section:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#podsecuritypolicy-enforcement

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-10 15:55:21 +02:00
Kubernetes Prow Robot
26f0227019
Merge pull request #91408 from saschagrunert/seccomp-api-migration 
Add seccomp GA version skew for pods
 2020-07-10 04:29:48 -07:00
Kubernetes Prow Robot
dd649bb7ef
Merge pull request #91342 from mgugino-upstream-stage/evict-deleted-ok 
Eviction: ignore PDBs if pods with DeletionTimestamp
 2020-07-09 15:30:33 -07:00
Kubernetes Prow Robot
94a08e159a
Merge pull request #92387 from pohly/csi-storage-capacity 
CSI storage capacity check
 2020-07-09 00:04:59 -07:00
Chelsey Chen
e010436e2a Update conversion between ReportingController and Source.Component 2020-07-08 08:46:38 -04:00
Sascha Grunert
c3ba2d8b8b
Add seccomp GA version skew for pods 
This adds a new conversion function to the pod strategy to handle the
seccomp version skew strategy:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.mdversion-skew-strategy

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-06 16:06:24 +02:00
Paulo Gomes
8976e3620f
Add seccomp enforcement and validation based on new GA fields 
Adds seccomp validation.

This ensures that field and annotation values must match when present.

Co-authored-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-06 09:13:25 +01:00
Patrick Ohly
9a66e8e1b5 CSIStorageCapacity: 'make update' 2020-07-03 21:54:14 +02:00
Patrick Ohly
1089954fa6 CSIStorageCapacity: CSIDriver.Spec.StorageCapacity field 
This is needed to inform the Kubernetes pod scheduler whether it has
to check CSIStorageCapacity objects for available capacity.
 2020-07-03 21:54:14 +02:00
Patrick Ohly
22aeb81e84 CSIStorageCapacity: CSIStorageCapacity API 
This adds the CSIStorageCapacity API change for
https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1472-storage-capacity-tracking
 2020-07-03 21:54:14 +02:00
Kubernetes Prow Robot
1b871091b9
Merge pull request #91645 from chelseychen/event-api 
Promote new Event API to v1
 2020-07-02 04:16:46 -07:00
Kubernetes Prow Robot
94e1c54735
Merge pull request #92655 from BenTheElder/cleanup-some-owners 
Cleanup some owners
 2020-07-01 23:14:08 -07:00
Chelsey Chen
c90330d8f4 Auto generated changes 2020-07-01 10:50:34 -04:00
Chelsey Chen
75612c1746 Promote new Event API to v1 2020-07-01 10:50:28 -04:00
Benjamin Elder
2abc8afece eparis to emeritus 2020-06-30 09:50:44 -07:00
Benjamin Elder
960ef085e9 zmerlynn to emeritus 2020-06-30 09:43:59 -07:00
Kubernetes Prow Robot
2e12311d2e
Merge pull request #91606 from danwinship/service-ipallocator-cleanups 
Service IPAllocator cleanups
 2020-06-30 00:02:27 -07:00
Mark Janssen
e3a0ca2731 Fix staticcheck failures for pkg/registry/... 
Errors from staticcheck:
pkg/registry/autoscaling/horizontalpodautoscaler/storage/storage_test.go:207:7: this value of err is never used (SA4006)
pkg/registry/core/namespace/storage/storage.go:256:5: options.OrphanDependents is deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +optional  (SA1019)
pkg/registry/core/namespace/storage/storage.go:257:11: options.OrphanDependents is deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +optional  (SA1019)
pkg/registry/core/namespace/storage/storage.go:266:5: options.OrphanDependents is deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +optional  (SA1019)
pkg/registry/core/namespace/storage/storage.go:267:11: options.OrphanDependents is deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +optional  (SA1019)
pkg/registry/core/persistentvolumeclaim/storage/storage_test.go:165:2: this value of err is never used (SA4006)
pkg/registry/core/resourcequota/storage/storage_test.go:202:7: this value of err is never used (SA4006)
pkg/registry/core/service/ipallocator/allocator_test.go:338:2: this value of other is never used (SA4006)
pkg/registry/core/service/portallocator/allocator_test.go:199:2: this value of other is never used (SA4006)
pkg/registry/core/service/storage/rest_test.go:1843:2: this value of location is never used (SA4006)
pkg/registry/core/service/storage/rest_test.go:1849:2: this value of location is never used (SA4006)
pkg/registry/core/service/storage/rest_test.go:3174:20: use net.IP.Equal to compare net.IPs, not bytes.Equal (SA1021)
pkg/registry/core/service/storage/rest_test.go:3178:20: use net.IP.Equal to compare net.IPs, not bytes.Equal (SA1021)
pkg/registry/core/service/storage/rest_test.go:3185:20: use net.IP.Equal to compare net.IPs, not bytes.Equal (SA1021)
pkg/registry/core/service/storage/rest_test.go:3189:20: use net.IP.Equal to compare net.IPs, not bytes.Equal (SA1021)
 2020-06-21 17:23:42 +02:00
Kubernetes Prow Robot
342bcf55e8
Merge pull request #89937 from aojea/portAllocator2 
portAllocator sync local data before allocate
 2020-06-18 19:03:10 -07:00
Kubernetes Prow Robot
53f3699cf9
Merge pull request #89778 from cmluciano/cml/ingressv1 
ingress: Add Ingress to v1 API and update backend to defaultBackend
 2020-06-16 23:10:39 -07:00
Kubernetes Prow Robot
fbc78f53b7
Merge pull request #91590 from knight42/fix/repair-node-port 
fix(service::repair): accept same nodePort with different protocols
 2020-06-15 18:14:10 -07:00
knight42
136849728c
address comments 2020-06-13 09:30:20 +08:00
Kubernetes Prow Robot
9ccf6f7de7
Merge pull request #91818 from wojtek-t/remove_cachesize 
Remove heuristic watchcache sizes
 2020-06-10 22:43:24 -07:00
knight42
e0d125b046
fix(service::repair): accept same nodePort with different protocols 
Signed-off-by: knight42 <anonymousknight96@gmail.com>
 2020-06-10 23:35:07 +08:00
Kubernetes Prow Robot
d01cc01ab4
Merge pull request #91400 from danwinship/ipfamily-validation 
service: fix IPFamily validation and defaulting problems
 2020-06-08 17:55:18 -07:00
Kubernetes Prow Robot
04dec17d5b
Merge pull request #90342 from liggitt/scale-patch 
patch scale subresources inside guaranteedupdate loop
 2020-06-08 15:11:19 -07:00
wojtekt
5ceb53987b Remove heuristic watchcache sizes 2020-06-08 13:32:52 +02:00
Kubernetes Prow Robot
3f8bb1bf50
Merge pull request #91685 from liggitt/csr-v1 
CertificateSigningRequest v1 API
 2020-06-05 15:30:14 -07:00
Jordan Liggitt
a504445086 Generated files 
Change-Id: I598d686849f4b97846757b227f5191bac031798b
 2020-06-05 04:58:14 +00:00
Jordan Liggitt
e0f5cca410 Copy CSR v1beta1 to v1 
* Remove prerelease tags
* Update copyright, package, imports to v1
* Remove signerName, usages, and condition status defaulting
 2020-06-05 00:47:24 -04:00
Kubernetes Prow Robot
e422e9a3f4
Merge pull request #91595 from jpbetz/get-list-storage-options 
Introduce GetOptions and ListOptions to storage interface
 2020-06-03 12:18:11 -07:00
Joe Betz
4c99949ae6 Add GetOptions and ListOptions to storage interface 2020-06-03 10:21:38 -07:00
Kubernetes Prow Robot
84861d2102
Merge pull request #91558 from liggitt/csr-e2e 
Add e2e coverage for the CertificateSigningRequest API, enable patch support for approval subresource
 2020-06-02 06:28:15 -07:00
Kubernetes Prow Robot
5fb9e35e57
Merge pull request #90191 from liggitt/csr-status 
CSR condition status, lastTransitionTime, versioned validation
 2020-06-01 23:34:15 -07:00
Michael Gugino
dd49915c55 Eviction: ignore PDBs if pods with DeletionTimestamp 
When using the eviction API, if a pod already has
a non-zero DeletionTimestamp, we don't need to check
PDBs as it has already been marked for deletion.
 2020-06-02 01:06:45 -04:00
Dan Winship
f6dcc1c07e Minor tweak to IPv6 service IP allocation 
The service allocator skips the "broadcast address" in the service
CIDR, but that concept only applies to IPv4 addressing.
 2020-06-01 08:16:18 -04:00
Dan Winship
4a7c86c105 make test a bit more generic 2020-06-01 08:13:27 -04:00
Dan Winship
ddebbfd806 update for APIs being moved to utilnet 
Several of the functions in pkg/registry/core/service/ipallocator were
moved to k8s.io/utils/net, but then the original code was never
updated to used to the vendored versions.

(utilnet's version of RangeSize does not have the IPv6 special case
that the original code did, so we need to move that to
NewAllocatorCIDRRange now.)
 2020-05-30 17:40:02 -04:00
Kubernetes Prow Robot
d1586ea3f9
Merge pull request #91502 from deads2k/dyn-audit-removal-00 
remove --feature-gates=DynamicAuditing
 2020-05-29 11:56:20 -07:00
Kubernetes Prow Robot
825eb77c88
Merge pull request #83906 from mgugino-upstream-stage/pdb-exclude-pending 
Allow deletion of pending pods when using PDBS
 2020-05-29 11:55:34 -07:00
Jordan Liggitt
e11404ac1f Add patch support for certificatesigningrequests/approval 2020-05-29 11:50:44 -04:00
Jordan Liggitt
7049149181 Generated files 2020-05-28 16:53:23 -04:00
Michael Gugino
047b0cee71 Quit retrying early with user supplied resourceVersion 
This commit also updates tests and comments.
 2020-05-28 16:14:45 -04:00
Jordan Liggitt
aed0621f2e Plumb version info to validation, separate main/status/approval validation 2020-05-28 12:20:40 -04:00
David Eads
e857adbdfd remove-api 2020-05-27 16:58:05 -04:00
Kubernetes Prow Robot
0e37bcce2c
Merge pull request #88385 from tallclair/node-reviews 
Remove tallclair from some OWNERS files
 2020-05-24 20:23:11 -07:00
Clayton Coleman
c6b833ac3c service: fix IPFamily validation and defaulting problems 
If the dual-stack flag is enabled and the cluster is single stack IPv6,
the allocator logic for service clusterIP does not properly handle rejecting
a request for an IPv4 family. Return a 422 Invalid on the ipFamily field
when the dual stack flag is on (as it would when it hits beta) and the
cluster is configured for single-stack IPv6.

The family is now defaulted or cleared in BeforeCreate/BeforeUpdate,
and is either inherited from the previous object (if nil or unchanged),
or set to the default strategy's family as necessary. The existing
family defaulting when cluster ip is provided remains in the api
section. We add additonal family defaulting at the time we allocate
the IP to ensure that IPFamily is a consequence of the ClusterIP
and prevent accidental reversion. This defaulting also ensures that
old clients that submit a nil IPFamily for non ClusterIP services
receive a default.

To properly handle validation, make the strategy and the validation code
path condition on which configuration options are passed to service
storage. Move validation and preparation logic inside the strategy where
it belongs. Service validation is now dependent on the configuration of
the server, and as such ValidateConditionService needs to know what the
allowed families are.
 2020-05-23 11:08:19 -04:00
Christopher M. Luciano
2b091f60ca
ingress: Add Ingress to v1 API and update backend to defaultBackend 
ingress: use new serviceBackend split

ingress: remove all v1beta1 restrictions on creation

This change removes creation and update restrictions enforced by
k8s 1.18 for not allowing resource backends.

Paths are no longer
required to be valid regex and a PathType is now user-specified
and no longer defaulted.

Also remove all TODOs in staging/net/v1 types

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-05-22 11:57:41 -04:00
Kubernetes Prow Robot
fdbb960354
Merge pull request #90934 from iobuf/cronjob 
CronJob: cleanup legacy ScheduledJob vars,docs
 2020-05-19 20:35:11 -07:00
Davanum Srinivas
07d88617e5
Run hack/update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:27 -04:00
David Eads
4522141f0a reduce complexity in pdb refactor 2020-05-14 15:25:59 -04:00
Kubernetes Prow Robot
77a86a52c0
Merge pull request #91034 from liggitt/ingress-validation 
Ingress validation
 2020-05-12 21:01:11 -07:00
Jordan Liggitt
8f7b8105a1 Remove ingress regex path requirement 2020-05-12 15:38:15 -04:00
Michael Gugino
9f80e7a6f8 Allow deletion of pending pods when using PDBS 
Currently, if you have a PDB set, it is possible for
a pod stuck in pending state to be prevented from
deletion even though there are in fact enough healthy
replicas.

This commit allows pods in Pending state to be removed.

This commit also adds associated unit tests.

related-bug: #80389
 2020-05-12 12:44:05 -04:00
Tim Allclair
029a144ae9 Remove tallclair from some OWNERS files 2020-05-11 11:44:38 -07:00
Zhou Peng
b33e202397 CronJob: cleanup legacy ScheduledJob vars,docs 
Signed-off-by: Zhou Peng <p@ctriple.cn>
 2020-05-10 00:45:21 +08:00
Kubernetes Prow Robot
68ade56a47
Merge pull request #90534 from apelisse/mutatinggcfields-fieldmanager 
Changes to ManagedFields is not mutation for GC
 2020-05-09 07:23:50 -07:00
Jordan Liggitt
23e9fb1bb5 Fix podIP validation 2020-04-30 19:49:45 -04:00
Antoine Pelisse
89b68bacf1 Changes to ManagedFields is not mutation for GC 2020-04-29 09:29:43 -07:00
Kubernetes Prow Robot
43cd2ff239
Merge pull request #89549 from happinesstaker/sa-rotate 
Monitoring safe rollout of time-bound service account token.
 2020-04-22 17:01:58 -07:00
Jiajie Yang
ae0e52d28c Monitoring safe rollout of time-bound service account token. 2020-04-22 11:59:16 -07:00
Jie Shen
363bb39142
Use utils.net to parse ports instead of atoi (#89120) 2020-04-21 20:55:52 -07:00
Jordan Liggitt
dab2a830da Fix conflicts patching scale subresources 2020-04-21 16:36:24 -04:00
Antonio Ojea
e3df13439a fix service allocation concurrency issues 
The service allocator is used to allocate ip addresses for the
Service IP allocator and NodePorts for the Service NodePort
allocator. It uses a bitmap backed by etcd to store the allocation
and tries to allocate the resources directly from the local memory
instead from etcd, that can cause issues in environment with
high concurrency.

It may happen, in deployments with multiple apiservers, that the
resource allocation information is out of sync, this is more
sensible with NodePorts, per example:

1. apiserver A create a service with NodePort X
2. apiserver B deletes the service
3. apiserver A creates the service again

If the allocation data of apiserver A wasn't refreshed with the
deletion of apiserver B, apiserver A fails the allocation because
the data is out of sync. The Repair loops solve the problem later,
but there are some use cases that require to improve the concurrency
in the allocation logic.

We can try to not do the Allocation and Release operations locally,
and try instead to check if the local data is up to date with etcd,
and operate over the most recent version of the data.
 2020-04-20 09:50:00 +02:00
Antonio Ojea
cb87793d57 Add unit test to portallocator storage 
Add unit test for the portallocator storage based on
the ipallocator ones.

pkg/registry/core/service/ipallocator/storage/storage_test.go
 2020-04-20 09:49:59 +02:00
Kubernetes Prow Robot
cc75cd5aba
Merge pull request #90036 from MikeSpreitzer/fix-psh-name 
Regularize name of PostStartHook injecting APF config objects
 2020-04-11 19:07:47 -07:00
Kubernetes Prow Robot
ee6b88ddf9
Merge pull request #90000 from SataQiu/staging-scheduler-20200409 
scheduler: remove direct import to pkg/master/ports
 2020-04-11 10:46:01 -07:00
Kubernetes Prow Robot
7f1641b8b2
Merge pull request #89914 from SataQiu/dual-stack-20200407 
Dual-stack: fix the bug that isValidAddress only checks the first IP even a Pod has more than one address
 2020-04-11 09:25:48 -07:00
SataQiu
41d3e44a2f scheduler: remove direct import to pkg/master/ports 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-04-11 13:56:53 +08:00
Mike Spreitzer
3501f7c470 Regularize the name of the post-start-hook that injects APF config objects 
Name it analogously to its companion that launches the consumer of
APF config objects.
 2020-04-09 20:59:56 -04:00
SataQiu
e71f84b1c4 dual-stack: fix the bug that isValidAddress only checks the first IP even a Pod has more than one address 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-04-09 16:17:34 +08:00
Artur Gadelshin
3ab5ea09ed Fix goling issues for pkg/registry/apps 2020-04-08 23:12:29 +02:00
Kubernetes Prow Robot
b215be875c
Merge pull request #89530 from tklauser/use-bits-onescount 
Use OnesCount8 from math/bits to implement countBits
 2020-04-02 21:40:13 -07:00
SataQiu
b66fd46cd5 fix the bug that Service clusterIP does not respect specified ipFamily 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-03-29 17:19:52 +08:00
Tobias Klauser
811f9d8abf Use OnesCount8 from math/bits to implement countBits 
This allows to drop the bitCounts table. Also, bits.OnesCount8 can be
intrinsified to a single instruction on several GOARCHes.
 2020-03-26 16:58:48 +01:00
Shihang Zhang
b56da85a77 sync api/v1/pod/util with api/pod/util and remove DefaultContainers 2020-03-24 16:42:32 -07:00
Kubernetes Prow Robot
d20b6cd44d
Merge pull request #89252 from odinuge/hugepages-relax-node-validation 
Relax huge page node validation
 2020-03-23 13:52:47 -07:00
Kubernetes Prow Robot
ede025af1b
Merge pull request #89232 from apelisse/test-apply-status 
Use discovery to test apply all status
 2020-03-20 03:52:36 -07:00
Antoine Pelisse
dfe1703ffa Do not reset managedFields in status update strategy 2020-03-19 09:58:46 -07:00
Odin Ugedal
19f0519b2d
Relax huge page node validation 
A relaxed version was added in 1.18, and this will disable the
validation all together.
 2020-03-19 14:09:13 +01:00
Kubernetes Prow Robot
34f03ae9d4
Merge pull request #89001 from SataQiu/cleanup-20200310 
Use utilnet.GetIndexedIP instead of replicating the function locally
 2020-03-18 22:23:25 -07:00
Jordan Liggitt
96fadf9ed2 Define default table converters for missing resources 2020-03-10 15:22:37 -04:00
SataQiu
776fa5e76f use utilnet.GetIndexedIP instead of replicating the function locally 2020-03-10 18:03:53 +08:00
Christian Huffman
c6fd25d100 Updated CSIDriver references 2020-03-06 08:21:26 -05:00
Kubernetes Prow Robot
5708511499
Merge pull request #88708 from mikedanese/deleteopts 
Migrate clientset metav1.DeleteOpts to pass-by-value
 2020-03-05 23:09:23 -08:00
Mike Danese
c58e69ec79 automated refactor 2020-03-05 14:59:46 -08:00
Ted Yu
af0e1319c3 Allow container visitor to operate on selected container types 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-03-05 11:48:00 -08:00
Rob Scott
f38904d6f4
Adding PathType to Ingress 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-03 11:11:16 -08:00
Rob Scott
132d2afca0
Adding IngressClass to networking/v1beta1 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-01 18:17:09 -08:00
James Munnelly
a983356caa Add signerName field to CSR resource spec 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2020-02-27 10:17:55 +00:00
Kubernetes Prow Robot
86141c0cce
Merge pull request #88503 from robscott/app-protocol 
Adding AppProtocol to Service and Endpoints Ports
 2020-02-26 00:20:40 -08:00
Rob Scott
6a33727632
Adding AppProtocol to Service and Endpoints Ports 2020-02-25 17:42:34 -08:00
Kubernetes Prow Robot
851efa8a34
Merge pull request #84051 from bart0sh/PR0079-multiple-sizes-hugepages 
Implement support for multiple sizes huge pages
 2020-02-25 14:40:27 -08:00
taesun_lee
d578c02975 Fix pkg/registry typos in some error message, variable names etc 
error message : differerence -> difference
comment : Ingresss -> Ingress
comment : ObjeceMeta -> ObjectMeta
test case name meta : selectpor -> selector
variable name : secondaryRegistery -> secondaryRegistry
variable name : autosclaerOut -> autoscalerOut
 2020-02-25 15:45:20 +09:00
Ed Bartosh
0eb65bd7da Implement support for multiple sizes huge pages 
This implementation allows Pod to request multiple hugepage resources
of different size and mount hugepage volumes using storage medium
HugePage-<size>, e.g.

spec:
  containers:
    resources:
      requests:
        hugepages-2Mi: 2Mi
        hugepages-1Gi: 2Gi
    volumeMounts:
      - mountPath: /hugepages-2Mi
        name: hugepage-2mi
      - mountPath: /hugepages-1Gi
        name: hugepage-1gi
    ...
  volumes:
    - name: hugepage-2mi
      emptyDir:
        medium: HugePages-2Mi
    - name: hugepage-1gi
      emptyDir:
        medium: HugePages-1Gi

NOTE: This is an alpha feature.
      Feature gate HugePageStorageMediumSize must be enabled for it to work.
 2020-02-19 18:15:40 +02:00
Mike Spreitzer
b142868eaf Version the API Priority and Fairness FieldManager values 2020-02-14 13:50:11 -05:00
Kubernetes Prow Robot
77e8c75f32
Merge pull request #87754 from MikeSpreitzer/apf-filter5 
Add twice refactored filter and config consumer for API Priority and Fairness
 2020-02-13 16:54:46 -08:00
Kubernetes Prow Robot
bd1042080f
Merge pull request #81678 from verb/debug-list 
Add ephemeral containers to streamLocation name suggestions
 2020-02-12 21:36:35 -08:00
Kubernetes Prow Robot
f7eafa1a83
Merge pull request #86896 from yutedz/copy-into-err 
Return the error from copyInto
 2020-02-12 13:54:51 -08:00
Lee Verberne
cc32702e8f Add ephemeral containers to streamLocation name suggestions 
This combines container names into a single list because separating them
into a long, variable length string isn't particularly useful in the
context of an streaming error message.
 2020-02-12 14:49:42 +01:00
Kubernetes Prow Robot
17a6248f76
Merge pull request #87939 from shaloulcy/pod_storage_indexer 
add indexer for pod storage
 2020-02-11 23:15:22 -08:00
Mike Spreitzer
73614ddd4e Added API Priority and Fairness filter and config consumer 2020-02-10 22:54:40 -05:00
shaloulcy
fe312ed74a add index for pod cacher 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-11 09:25:27 +08:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
Alexander Zimmermann
22bd92a390
Changed comments to match with interfaces method description 2020-02-06 11:48:57 +01:00
Alexander Zimmermann
026ba54961
Fixed Golint errors in pkg/registry/core/pod 2020-02-06 11:40:37 +01:00
Odin Ugedal
6e411b6c0a
Add support for pre-allocated hugepages with 2 sizes 
Remove the validation for pre-allocated hugepages on node level.
Validation is currently the only thing making it impossible to use
pre-allocated huge pages in more than one size.

We have now quite a few reports from real users that this feature is
welcome.
 2020-01-23 17:38:22 +01:00
Ted Yu
5b49d03b84 Return the error from copyInto 2020-01-23 07:48:39 -08:00
Kubernetes Prow Robot
37d9c22abe
Merge pull request #86377 from wojtek-t/immutable_secrets_api 
API for immutable Secrets and ConfigMaps
 2020-01-18 05:25:35 -08:00
wojtekt
9174905ae7 Autogenerated 2020-01-12 21:09:05 +01:00
wojtekt
e612ebfdff Immutable field and validation 2020-01-12 20:51:31 +01:00
Kubernetes Prow Robot
c0e245fa0e
Merge pull request #85268 from yue9944882/feat/flow-control-defaulting 
Bootstrap flow-control objects
 2020-01-11 12:27:37 -08:00
yue9944882
70dea6e4a8 review: several fixes and addressing comments 2020-01-11 01:46:31 +08:00
yuzhiquan
8d7f383785 cleanup(api-machinery): remove unused struct and variable 2020-01-08 16:57:02 +08:00
yue9944882
fe8ad90afa bootstrap flow-control objects 
typo

wrap bootstrap-creation-flow w/ wait.PollUtil

go wait
 2020-01-06 20:35:03 +08:00
Kubernetes Prow Robot
a443014dfc
Merge pull request #86621 from yuzhiquan/patch-pod 
refactor (pod log) container valiate
 2019-12-30 02:41:39 -08:00
yuzhiquan
ca69051475 refactor(pod log):refactor for container valiate, little cleanup 
bug(pod log):TestCheckLogLocation should point out pod name

modify container if statement

fix typo
 2019-12-30 16:16:45 +08:00
danielqsj
5bc0e26c19 unify alias of api errors under pkg and staging 2019-12-26 16:42:28 +08:00
Jordan Liggitt
6a1354252d Add unit test for extended ipv4 service IP range 2019-12-22 22:32:42 -05:00
Jordan Liggitt
df4f5c1a30 Revert "remove ipallocator in favor of k/utils net package" 
This reverts commit f984b4c7a2.
 2019-12-22 22:31:25 -05:00
Kubernetes Prow Robot
6a919f2b54
Merge pull request #85903 from liggitt/disable-deprecated-apis 
Remove ability to re-enable serving deprecated APIs
 2019-12-13 16:19:36 -08:00
Jordan Liggitt
0387cc7cb3 Update generated files 2019-12-13 12:23:39 -05:00
Jordan Liggitt
f2f22b84cd Delete ReplicationControllerDummy 2019-12-13 12:21:33 -05:00
Jordan Liggitt
3df9e86a4e Remove ability to re-enable serving deprecated APIs 2019-12-13 12:21:33 -05:00
Jordan Liggitt
5d5b444c4d Remove use of testapi codecs, selflink, resourcepath functions 2019-12-13 11:56:29 -05:00
Jordan Liggitt
bb90f0ff94 Install APIs directly for tests 2019-12-13 11:56:29 -05:00
Kubernetes Prow Robot
b8ce44f006
Merge pull request #85863 from nan-yu/pdb_status_renaming 
Rename PodDisruptionsAllowed to DisruptionsAllowed in type PodDisruptionBudgetStatus
 2019-12-05 15:54:49 -08:00
Kubernetes Prow Robot
ac5dc1fc68
Merge pull request #85844 from shaloulcy/add_configmap_predicate_func 
add PredicateFunc for configmap
 2019-12-03 19:45:12 -08:00
Kubernetes Prow Robot
bb9981e19f
Merge pull request #85046 from hvaara/fix-golint-pkg-registry--storage 
Fix golint issues in pkg/registry/.../storage
 2019-12-03 15:47:11 -08:00
Nan Yu
1fb0dd4ec5 Rename PodDisruptionsAllowed to DisruptionsAllowed in type PodDisruptionBudgetStatus 2019-12-03 14:26:35 -08:00
shaloulcy
efa34ba484 add PredicateFunc for configmap 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2019-12-03 20:18:27 +08:00
Kubernetes Prow Robot
050c9471c8
Merge pull request #85644 from liggitt/meta-v1-table 
Switch TableGenerator/TableConvertor interfaces to metav1
 2019-11-28 10:05:18 -08:00
Kubernetes Prow Robot
d356fcfce5
Merge pull request #84921 from clarklee92/FixCollidesWithImportedPackageName 
Variables collide with imported package name
 2019-11-28 01:49:03 -08:00
Kubernetes Prow Robot
ef1af14cab
Merge pull request #85172 from c3y1huang/fix/golint_failure/Remove-pkg.registry.apps.replicaset 
Fix golint failures for pkg/registry/apps/replicaset
 2019-11-27 01:09:21 -08:00
Jordan Liggitt
a1595da534 Attach runtimeclass printer 2019-11-26 13:20:52 -05:00
Jordan Liggitt
03910e99da Attach resourcequota printer 2019-11-26 13:20:52 -05:00
Jordan Liggitt
5448a8b526 Add webhook printers 2019-11-26 13:18:18 -05:00
Jordan Liggitt
cc7e7245a3 Add CSINode/CSIDriver printers 2019-11-26 13:18:18 -05:00
Jordan Liggitt
36eb250cbb Switch TableGenerator/TableConvertor interfaces to metav1 2019-11-26 13:18:18 -05:00
Kubernetes Prow Robot
4c50ee993c
Merge pull request #85339 from mm4tt/endpointslice_cache 
Increase cache size for EndpointSlices.
 2019-11-15 10:10:50 -08:00
Matt Matejczyk
44452995d6 Increase cache size for endpointslices. 
It should match what we have for endpoints as endpointslices is
replacing them and # updates of endpointslices should be roughly the
same as # updates of endpoints.

Otherwise, kube-proxy may start loosing watches for endpointslices (we believe this is
what currently happens in scale tests, will create an issue for that
soon).
 2019-11-15 11:25:07 +01:00
Roc Chan
c9cf3f5b72 Service Topology implementation 
* Implement Service Topology for ipvs and iptables proxier
* Add test files
* API validation
 2019-11-15 13:36:43 +08:00
Jordan Liggitt
114e71b9de Avoid constructing table printer on every componentstatus request 2019-11-14 16:30:12 -05:00
Kubernetes Prow Robot
547fdcc164
Merge pull request #85174 from zhouya0/add_table_convertor_componentstatus 
add table convertor to componentstatus
 2019-11-14 11:20:01 -08:00
zhouya0
7302a98560 add table convertor to componentstatus 2019-11-14 17:31:37 +08:00
Kubernetes Prow Robot
64f4be5b32
Merge pull request #84390 from robscott/endpointslice-beta 
Promoting EndpointSlices to beta
 2019-11-13 17:27:50 -08:00
Kubernetes Prow Robot
e9ce31bcb3
Merge pull request #85219 from mm4tt/lease_cache_size 
Increase cache size for leases
 2019-11-13 14:52:00 -08:00
Rob Scott
a7e589a8c6
Promoting EndpointSlices to beta 2019-11-13 14:20:19 -08:00
Kubernetes Prow Robot
b32a3d9ca4
Merge pull request #82690 from draveness/feature/graduate-ResourceQuotaScopeSelectors-to-ga 
feat: graduate ResourceQuotaScopeSelectors to GA - part2
 2019-11-13 13:01:25 -08:00
Kubernetes Prow Robot
c5609071d8
Merge pull request #84971 from robscott/endpointslice-iptypes 
Splitting IP address type into IPv4 and IPv6 for EndpointSlices
 2019-11-13 09:26:36 -08:00
Matt Matejczyk
68a66f454d Increase cache size for leases 
The default size (100) is not enough for large clusters and results in
unnecessary restarts of kube-controller-manager watcher for leases, see http://perf-dash.k8s.io/#/?jobname=gce-5000Nodes&metriccategoryname=APIServer&metricname=LoadRequestCount&Resource=leases&Scope=cluster&Subresource=&Verb=LIST

This PR will make it match what we have for nodes.
 2019-11-13 16:23:12 +01:00
draveness
5cb92260a6 feat: graduate ResourceQuotaScopeSelectors to GA 2019-11-13 14:07:22 +08:00
Chin-Ya Huang
92c7e8e802 Fix golint failures 
* Remove pkg/registry/apps/replicaset

Signed-off-by: Chin-Ya Huang <chin-ya.huang@suse.com>
 2019-11-13 11:00:12 +08:00
Kubernetes Prow Robot
c580a12c8e
Merge pull request #83568 from bertinatto/volume_limits_ga 
Promote volume limits to GA
 2019-11-12 11:50:22 -08:00
Rob Scott
0fa9981e01
Splitting IP address type into IPv4 and IPv6 for EndpointSlices 2019-11-12 09:03:53 -08:00
Kubernetes Prow Robot
bcb171b375
Merge pull request #85059 from chiehting/registry/golint 
Fix golint issues in pkg/registry/core/service/storage
 2019-11-12 06:04:05 -08:00
Fabio Bertinatto
affcd0128b Promote volume limits to GA 2019-11-12 09:43:53 +01:00
Kubernetes Prow Robot
dff236e3b2
Merge pull request #82078 from SeongJuMoon/fix/storage-wrong-typo 
fix wrong typo stoageMap to storageMap
 2019-11-11 23:14:06 -08:00
Kubernetes Prow Robot
ebbe4baf13
Merge pull request #83914 from guineveresaenger/ato-demo 
Removes pkg/registry/core/secret/storage from golint failures
 2019-11-10 16:29:41 -08:00
chiehting
193f38beae Fix golint issues in pkg/registry/core/service/storage 2019-11-10 15:34:51 +08:00
Roy Hvaara
cfc34712c2
Fix golint issues in pkg/registry/.../storage 2019-11-10 00:22:51 +01:00
yue9944882
3d1b5d0e9a flowcontrol rest storage implementation 2019-11-08 14:27:14 +08:00
clarklee92
0649f4064e Variables collides with imported package name 
Such declarations will make using the package exported identifiers impossible after the declaration or create confusion when reading the code.
Signed-off-by: clarklee92 <clarklee1992@hotmail.com>
 2019-11-07 21:44:22 +08:00
Kubernetes Prow Robot
46472773cb
Merge pull request #84836 from yuxiaobo96/k8s-checks 
Correct spelling mistakes
 2019-11-06 12:21:11 -08:00
yuxiaobo
81e9f21f83 Correct spelling mistakes 
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
 2019-11-06 20:25:19 +08:00
Kubernetes Prow Robot
2aeacf025b
Merge pull request #84723 from hypnoglow/fix-golint-kubeapiserver 
Fix golint issues in pkg/kubeapiserver
 2019-11-05 22:18:20 -08:00
Igor Zibarev
03dfa1a641 Fix golint issues in pkg/kubeapiserver 2019-11-05 22:25:32 +03:00
Kubernetes Prow Robot
1d1385af91
Merge pull request #83474 from msau42/topology-ga 
CSI Topology ga
 2019-11-04 15:28:27 -08:00
Ziheng Liu
8a6fdfd648 Fix a data race in registrytest 
Signed-off-by: Ziheng Liu <lzhfromustc@gmail.com>
 2019-10-28 19:22:06 -04:00
Michelle Au
603a2aa8a9 Add CSINode to storage/v1 2019-10-28 13:41:13 -07:00
Kubernetes Prow Robot
c2513c8ae3
Merge pull request #82603 from robscott/endpointslice-kubectl-fix 
Fixing EndpointSlice kubectl output
 2019-10-25 13:03:39 -07:00
Kubernetes Prow Robot
2152e1f0d5
Merge pull request #83864 from mrbobbytables/update-misc-api-machinery-owners 
Prune inactive owners from pkg/* misc api-machinery related OWNERS files
 2019-10-24 16:55:38 -07:00
Kubernetes Prow Robot
5238e1c80f
Merge pull request #76362 from yue9944882/chore/follow-up-prune-internal-client-scheduling-v1-api 
Follow-up of #71136: Switch system priority class usage to versioned (v1) api
 2019-10-23 22:03:06 -07:00
Kubernetes Prow Robot
748a866d56
Merge pull request #84122 from smarterclayton/delete_success 
storage: Deleting a namespace while spec.finalizers pending should not error
 2019-10-23 12:51:10 -07:00
yue9944882
09cf42d67c switch system priority class to versioned (v1) api 
move all the helpers to scheduling v1 helpers

less explicit conversion
 2019-10-24 00:51:57 +08:00
Kubernetes Prow Robot
9fa1bc8003
Merge pull request #83422 from yastij/remove-ipallocator 
remove ipallocator in favor of k/utils net package
 2019-10-22 12:52:13 -07:00
Yassine TIJANI
f984b4c7a2 remove ipallocator in favor of k/utils net package 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
 2019-10-22 18:37:13 +02:00
Clayton Coleman
2ddeb94b56
storage: Deleting a namespace while spec.finalizers pending should not error 
All objects with graceful deletion allow multiple DELETE calls in the pending
state. Namespace is the one outlier, and the error here predates graceful
deletion and finalizers. We should make this behavior consistent with other
calls and merely indicate success and return the state of the object, the
same as if there were pending metadata finalizers.

Clients that previously checked for a conflict error during delete to know
that the server is already deleting will now no longer receive an error
(as if the object were rapidly deleted). There is a small chance that some
clients have error checking for this state, but a much larger chance that
clients that want to trigger a delete of the namespace do not handle this
error case.

Discovered in an e2e test that used the framework namespace and triggered
deletion of that ns itself, and then the AfterEach step in e2e failed
because the namespace was already pending deletion.
 2019-10-19 23:08:17 -04:00
Kubernetes Prow Robot
cb19b56831
Merge pull request #83419 from deads2k/insecure-backend-proxy 
Insecure backend proxy
 2019-10-16 13:58:38 -07:00
David Eads
867ee1d5ff add insecurebackendproxy 2019-10-16 11:43:17 -04:00
guineveresaenger
82123dc261 Removes pkg/registry/core/secret/storage from golint failures 2019-10-14 14:28:32 -04:00
Ted Yu
0779296bf3 Check error return from snapshot Restore 2019-10-13 10:08:20 -07:00
Bob Killen
75f76d15bd
Prune inactive owners from pkg/* misc api-machinery related OWNERS files. 2019-10-13 08:46:12 -04:00
tanjunchen
de3cf23414 remove the repeat word in documents 2019-10-06 23:32:01 +08:00
Rob Scott
57757b65c7
Fixing EndpointSlice kubectl output 2019-09-24 13:12:23 -07:00
Jordan Liggitt
92eb072989 Propagate context to Authorize() calls 2019-09-24 11:14:54 -04:00
Jan Janik
80cb726110 Match label and fields selectors in ComponentStatus List API 2019-09-07 21:56:58 +12:00
Kubernetes Prow Robot
7e906ae145
Merge pull request #82047 from roberthbailey/owners 
Remove myself from reviewers across the repo
 2019-09-04 04:35:00 -07:00
Kubernetes Prow Robot
550fb1bfc3
Merge pull request #79386 from khenidak/phase2-dualstack 
Phase 2 dualstack
 2019-08-28 20:39:56 -07:00
Kubernetes Prow Robot
6c9f26ca3a
Merge pull request #80766 from robscott/discovery-api 
Adding Discovery API for EndpointSlice
 2019-08-28 14:44:09 -07:00
Khaled Henidak(Kal)
c27e0b029d phase 2: generated items 2019-08-28 16:11:46 +00:00
Khaled Henidak(Kal)
93c06821e6 Phase 2: service and endpoint processing 2019-08-28 15:59:43 +00:00
Khaled Henidak(Kal)
5e8ccda71c phase 2: api types + defaulting + validation + disabled fields handling 2019-08-28 15:59:43 +00:00
Moon SeongJu
23b2eadf88 fix wrong typo stoageMap to storageMap 2019-08-28 23:19:10 +09:00
Robert Bailey
9d211ab352 Remove myself from reviewers across the repo so that PRs are no 
longer assigned to me by blunderbuss.

Move myself to be an emeritus approver for the cluster directory.
 2019-08-27 16:10:16 -07:00
Rob Scott
f80cee9280
Adding discovery/v1alpha1 API for EndpointSlices 2019-08-26 14:50:00 -07:00
Kubernetes Prow Robot
087aafc18d
Merge pull request #80568 from pohly/ephemeral-mode-check 
ephemeral mode check
 2019-08-26 11:53:40 -07:00
Tim Hockin
ec60426793 Add dropDisbledFields() to service 2019-08-22 21:36:39 -07:00
Di Xu
d4d696d0f2 add legacyBinding for non-Named Binding Creater 2019-08-22 11:46:12 +08:00
Di Xu
b28f62c8ad check pod name with that in pod eviction object 2019-08-22 11:46:12 +08:00
Di Xu
5ed1b8fa29 check pod name with that in binding object 2019-08-22 11:46:12 +08:00
Jordan Liggitt
61774cd717 Plumb context to admission Admit/Validate 2019-08-20 11:11:00 -04:00
Kubernetes Prow Robot
b581f97009
Merge pull request #81325 from tedyu/etcd-ret-err 
Propagate error from NewEtcd
 2019-08-16 10:26:09 -07:00
Ted Yu
2374f9ad7c Propagate error from NewEtcd 2019-08-14 16:46:23 -07:00
Patrick Ohly
b60f08e24b storage: validate CSIDriver.Spec.VolumeLifecycleModes 
This ensures that users get a good error message early on when trying
to do something that isn't okay:

  $ kubectl create -f csi-hostpath-driverinfo.yaml
  The CSIDriver "hostpath.csi.k8s.io" is invalid: spec.volumeLifecycleModes: Unsupported value: "foobar": supported values: "persistent", "ephemeral"
 2019-08-13 23:12:48 +02:00
Patrick Ohly
f7742fd31a storage: generated files for CSIDriver.Spec.VolumeLifecycleModes 2019-08-13 23:11:42 +02:00
Patrick Ohly
029fd47757 storage: introduce CSIDriver.Spec.VolumeLifecycleModes 
Using a "normal" CSI driver for an inline ephemeral volume may have
unexpected and potentially harmful effects when the driver gets a
NodePublishVolume call that it isn't expecting. To prevent that mistake,
driver deployments for a driver that supports such volumes must:
- deploy a CSIDriver object for the driver
- list "ephemeral" as one of the supported modes

The default is "persistent", so existing deployments continue to work
and are automatically protected against incorrect usage.

This commit contains the API change. Generated code and manual code
which uses the new API follow.
 2019-08-13 23:11:36 +02:00
Kubernetes Prow Robot
890b50f98b
Merge pull request #80952 from tedyu/storage-ret-err 
Propagate error from NewREST
 2019-08-12 18:21:52 -07:00
Ted Yu
87b2a3129b Propagate error from NewREST 2019-08-12 13:55:35 -07:00
Mark Janssen
231d2a9617 Fix golint failures of pkg/registry/core/event 2019-08-06 21:13:55 +02:00
wojtekt
467f5e96ee Fix some golint failures 2019-07-25 20:38:28 +02:00
wojtekt
117a0e525d Unify secret and configmap triggers 2019-07-25 20:35:20 +02:00
Lee Verberne
4a753c7a44 Generated code for ephemeral containers API 2019-07-22 11:19:22 +00:00
Lee Verberne
013f049ce0 Add Ephemeral Containers to the Kubernetes core API 2019-07-22 11:19:22 +00:00
Ted Yu
6e98aab26e Rename TriggerPublisherFunc as IndexerFunc 2019-07-18 06:45:51 -07:00
Kubernetes Prow Robot
cb9c6f43a5
Merge pull request #80260 from khenidak/fix-panic-in-pod-strategy 
fix panic in ResourceLocation in case of empty pod ip list
 2019-07-17 21:28:23 -07:00
Khaled Henidak(Kal)
41f313570e fix panic in ResourceLocation in case of empty pod ip list 2019-07-17 18:30:08 +00:00
wojtekt
68fd329e00 Simplify trigger functions in cacher 2019-07-16 08:55:34 +02:00
wojtekt
ee13be2884 Propagate error from creating cacher and storage decorators up 2019-07-15 20:48:30 +02:00
Kubernetes Prow Robot
25ab6d82ec
Merge pull request #79645 from wojtek-t/cleanup_etcd_dir_3 
Move etcd/util to etcd3/
 2019-07-12 22:39:04 -07:00
Kubernetes Prow Robot
4b3b536c51
Merge pull request #79741 from khenidak/node-dropDisabledFields-cleanup 
clean up: node dropDisabledFields
 2019-07-11 17:02:00 -07:00
Kubernetes Prow Robot
3dd8add5d2
Merge pull request #79549 from liggitt/admission-webhooks-v1 
Promote admission webhook API to v1
 2019-07-11 17:01:34 -07:00
Kubernetes Prow Robot
ab960c612c
Merge pull request #80007 from liggitt/populate-version-authorization-check 
Populate API version in synthetic authorization requests
 2019-07-10 22:59:07 -07:00
Jordan Liggitt
2899abb65c Populate API version in synthetic authorization requests 2019-07-10 21:29:25 -04:00
Jordan Liggitt
b15aed6409 Generated 2019-07-10 17:38:09 -04:00
Jordan Liggitt
08b15d32f7 Require webhook names to be unique in v1 2019-07-10 17:38:09 -04:00
Kubernetes Prow Robot
2542746c1d
Merge pull request #79813 from tedyu/match-container-for-port 
Remove the TODO for container name matching
 2019-07-08 16:00:39 -07:00
Ted Yu
4ca5b45f3d Remove the TODO for container name matching 2019-07-08 09:23:35 -07:00
Jordan Liggitt
e24377f190 Install/register v1 admission registration types 2019-07-08 09:49:29 -04:00
Kubernetes Prow Robot
e1b757b654
Merge pull request #79812 from tedyu/pdb-decrement 
Populate DisruptedPods field for non-dry run
 2019-07-05 22:00:34 -07:00
Ted Yu
2dae73e3d9 Populate DisruptedPods field for non-dry run 2019-07-05 04:37:29 +08:00
chenyixiang
874b3249e5 Get the pdb when conflict instead of relisting 
Change-Id: I50ff6fede509c9b4f81db62718d2150a3c45522f
 2019-07-04 16:19:15 +08:00
Khaled Henidak(Kal)
69c7fc19e3 clean up: node dropDisabledFields 2019-07-03 18:21:30 +00:00
Khaled Henidak(Kal)
2b77667718 vendor updates 2019-07-02 22:26:26 +00:00
Khaled Henidak(Kal)
81468e2696 api: dropDisabledFields 2019-07-02 15:39:06 +00:00
Khaled Henidak(Kal)
54d42e6a65 types modifications + conversion + conversion testing 2019-07-02 15:39:05 +00:00
wojtekt
23d9d6b1d0 Move etcd/util to etcd3/ 2019-07-02 10:39:12 +02:00
wojtekt
a756e20cb5 Update autogenerated files 2019-07-01 15:02:49 +02:00
wojtekt
7497260e54 Move etcd/testing to etcd3/testing 2019-07-01 15:02:49 +02:00
Kubernetes Prow Robot
22fb6fd174
Merge pull request #77595 from bertinatto/volume_limits 
Volume Scheduling Limits
 2019-06-25 17:01:16 -07:00
Kubernetes Prow Robot
1215aa73d2
Merge pull request #79176 from verb/debug-iterate-containers 
Add helpers for iterating containers in a pod
 2019-06-25 09:32:52 -07:00
Fabio Bertinatto
b90ca5b2a7 Auto-generated code for volume limits API 2019-06-25 16:30:54 +02:00
Fabio Bertinatto
13e30b6342 Add volume limits API changes 2019-06-25 16:30:54 +02:00
Kubernetes Prow Robot
ccc85adf88
Merge pull request #78659 from tedyu/rm-vol-attach 
Remove redundant assignment to volumeAttachment
 2019-06-22 18:41:16 -07:00
Kubernetes Prow Robot
3c7e2a7221
Merge pull request #78718 from SataQiu/fix-golint-20190605 
Fix some golint failures of pkg/registry
 2019-06-21 18:52:37 -07:00
Lee Verberne
ee821e2a04 Create helpers for iterating containers in a pod 2019-06-21 08:32:04 +00:00
Eric Ernst
5e09568c8e pod-overhead: autogenerated code updates 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-18 08:05:35 -07:00
Eric Ernst
ec8ef0df20 pod overhead: drop from RuntimeClass base on feature-gate 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-18 08:05:35 -07:00
SataQiu
213d07af8d fix some golint failures of pkg/registry 2019-06-05 15:29:59 +08:00
Ted Yu
5e60c406da Remove redundant assignment to volumeAttachment 2019-06-03 10:48:27 -07:00
Kubernetes Prow Robot
b7fa33ec15
Merge pull request #77703 from ddebroy/inline-mig-1 
API changes to support migration of inline in-tree volumes to CSI
 2019-05-31 12:23:19 -07:00
wangqingcan
52f3380ef3 change preempting to PreemptionPolicy 2019-05-31 12:42:05 +08:00
wangqingcan
5c9438c691 non-preempting-priorityclass 
Co-authored-by: Vallery Lancey <vallery@zeitgeistlabs.io>
Co-authored-by: Tan shanshan <tan.shanshan@zte.com.cn>
 2019-05-31 12:37:07 +08:00
Deep Debroy
c34309acdf API changes to support CSI migration of inline volumes 
Signed-off-by: Deep Debroy <ddebroy@docker.com>
 2019-05-30 09:34:47 +00:00
Chao Xu
7bb4a3bace Run deleteValidation at the storage layer so that it will be retried on 
conflict.

Adding unit test verify that deleteValidation is retried.

adding e2e test verifying the webhook can intercept configmap and custom
resource deletion, and the existing object is sent via the
admissionreview.OldObject.

update the admission integration test to verify that the existing object
is passed to the deletion admission webhook as oldObject, in case of an
immediate deletion and in case of an update-on-delete.
 2019-05-17 09:54:11 -07:00
yue9944882
34c4a6e057 Cherrypicking #66535 
validate deletion admission object

backward compatibility: add validation for direct storage delete calls

apply nil validation to existing tests

revert behavior changes in deleteCollection call

fixes validation on wiring graceful deletion

remove nil validation check

continue admission check on not found error
 2019-05-17 09:50:16 -07:00
Jordan Liggitt
fba885a0d2 Handle updates removing remaining finalizers on deleted objects 2019-05-15 17:17:39 -04:00
David McCormick
3537eed826 Remove the generation altering code - validate an update for a PDB by running ValidatePodDisruptionBudget only. 2019-05-14 12:25:23 +01:00
David McCormick
5b9e4f1e88 Rebase allow updates to pdbs to latest upstream master 2019-05-14 12:25:22 +01:00
Antoine Pelisse
e017436bef Fix missing pdb in test 2019-05-10 14:58:22 -07:00
Kubernetes Prow Robot
09c4e10333
Merge pull request #74021 from andrewsykim/move-features-component-base 
Move feature gate package from k8s.io/apiserver to k8s.io/component-base
 2019-05-08 13:06:34 -07:00
Daniel (Shijun) Qian
5268f69405 fix duplicated imports of k8s code (#77484) 
* fix duplicated imports of api/core/v1

* fix duplicated imports of client-go/kubernetes

* fix duplicated imports of rest code

* change import name to more reasonable
 2019-05-08 10:12:47 -07:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
danielqsj
142fe19f2d fix increment-decrement lint error 2019-05-06 13:14:51 +08:00
Kubernetes Prow Robot
83f769c2a3
Merge pull request #77139 from cmluciano/cml/ingressnetv1beta1default 
ingress: use networking api group for default storage of ingress
 2019-05-02 16:22:18 -07:00
Kubernetes Prow Robot
b07f311322
Merge pull request #76882 from SataQiu/fix-golint-controller-20190422 
Fix golint failures of pkg/controller/certificates/approver, etc
 2019-05-02 03:16:18 -07:00
SataQiu
538776d6ad fix golint failures of pkg/registry/rbac/role 2019-05-02 10:36:35 +08:00
SataQiu
55d1b5e3d4 fix golint failures of pkg/registry/rbac/clusterrole 2019-05-02 10:35:47 +08:00
Christopher M. Luciano
dd891bbbb8
ingress: generated files netv1beta1 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2019-05-01 15:29:08 -04:00
Christopher M. Luciano
4bac85c162
ingress: use networking api group for default storage of ingress 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>

The change to registrytest was found by liggitt to mitigate a NPE error.
This is necessary since ingress is a cohabitating resource that is not
stored in the default version for the networking resource.

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2019-05-01 15:14:11 -04:00
Kubernetes Prow Robot
b4cc2a5523
Merge pull request #76051 from zhouhaibing089/rm-orphan-by-default 
namespace: remove gc finalizers based on delete options
 2019-04-30 16:10:56 -07:00
zhouhaibing089
a458e9bb85 namespace: remove gc finalizers based on delete options 
This makes the behavior being consistent with generic store, The
orphan finalizer should be removed if the delete options does not
specify propagarionPolicy as orphan.
 2019-04-26 16:13:41 -07:00
Kubernetes Prow Robot
28172ec17c
Merge pull request #76969 from apelisse/fix-dry-run-eviction 
Fix eviction dry-run
 2019-04-24 21:44:56 -07:00
Antoine Pelisse
37f266349c Fix eviction dry-run 2019-04-24 09:51:26 -07:00
Jordan Liggitt
2a5c25aca5 Copy object sent to validating admission 2019-04-24 08:59:28 -04:00
Serguei Bezverkhi
6fe28ee957 Adding non persistent review test 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-04-23 18:02:40 -04:00
Jordan Liggitt
a4576ec5a6 Fix binding and eviction admission 2019-04-23 10:31:34 -04:00
Jordan Liggitt
cc3252d13d Fix deploymentrollback to be named creator, populate object name in admission 2019-04-20 03:33:36 -04:00
Jordan Liggitt
dced88e703 Fix scale subresource when used with admission webhooks 2019-04-20 03:33:36 -04:00
Jordan Liggitt
aee1997a19 quiet integration test logs 2019-04-20 02:20:31 -04:00
Davanum Srinivas
7b8c9acc09
remove unused code 
Change-Id: If821920ec8872e326b7d85437ad8d2620807799d
 2019-04-19 08:36:31 -04:00
Sean Sullivan
abfc5bbbf7 Rename TablePrinter interface to TableGenerator 2019-04-16 12:55:30 -07:00
Kubernetes Prow Robot
552d1ebd70
Merge pull request #76237 from mkumatag/fix_storage_test 
Fix the TestUpdate
 2019-04-09 13:58:59 -07:00
Jordan Liggitt
e377e9fed9 Fix up cronjob and job registry tests to not use testapi 2019-04-09 13:30:34 -04:00
Jordan Liggitt
56f3f6eec7 Use kubeapiserver storage config for registry tests 2019-04-09 13:26:05 -04:00
Manjunath A Kumatagi
6aa06adcfe Remove storageapi api check 2019-04-09 11:05:38 -04:00
yue9944882
65ba58a9a5 remove internal client dependency in pkg/* 2019-04-09 21:43:51 +08:00
Manjunath A Kumatagi
485605e133 Fix the TestUpdate 2019-04-07 13:45:45 +05:30
Kubernetes Prow Robot
ec64aef25f
Merge pull request #74321 from yastij/signal-undecorated-storage-event 
use cache size to signal undecorated storage
 2019-03-24 03:21:05 -07:00
Kubernetes Prow Robot
ed4258e5c0
Merge pull request #75264 from smarterclayton/optimize_rbac_visit 
Avoid allocating when performing VisitRulesFor on service accounts
 2019-03-20 19:19:35 -07:00
Kubernetes Prow Robot
6f9bf5fe98
Merge pull request #71548 from smarterclayton/watch_converted 
Support Table and PartialObjectMetadata on watch
 2019-03-19 22:42:22 -07:00
Yassine TIJANI
8261d3d9a6 use cache size to signal undecorated storage 2019-03-19 23:48:07 +01:00
Tim Allclair
e6ea4f0538 Don't follow non-local redirects for http probes 2019-03-15 11:04:30 -07:00
Clayton Coleman
4c87a14e6b
Avoid allocating when performing VisitRulesFor on service accounts 
Service account authorization checks are done frequently and were
observed to perform 7% of allocations on a system running e2e tests.
The allocation comes from when we walk the authorization rules to
find matching service accounts.

Optimize the check for service account names to avoid allocating.
 2019-03-13 17:40:21 -04:00
ajatprabha
4ddc198c39
pin ResourceVersion precondition only when specified 2019-03-12 17:00:41 +05:30
ajatprabha
42f0a36f44
check for ResourceVersion conflict in separate if block 2019-03-12 17:00:39 +05:30
ajatprabha
8f48d76271
add ResourceVersion to DeleteOptions.Preconditions 2019-03-12 17:00:39 +05:30
Chao Xu
3b618af0d4 Expose storage version hash 2019-03-11 10:26:56 -07:00
Clayton Coleman
3230a0b4fd
Support Table and PartialObjectMetadata on watch 
Clean up the code paths that lead to objects being transformed and output with negotiation.
Remove some duplicate code that was not consistent. Now, watch will respond correctly to
Table and PartialObjectMetadata requests. Add unit and integration tests.

When transforming responses to Tables, only the first watch event for a given type will
include the columns. Columns will not change unless the watch is restarted.

Add a volume attachment printer and tighten up table validation error cases.

Disable protobuf from table conversion because Tables don't have protobuf because they
use `interface{}`
 2019-03-08 13:03:59 -05:00
Kubernetes Prow Robot
e318642946
Merge pull request #74998 from mbohlool/pippin 
Webhook configurations can choose which version of Review request they accept
 2019-03-08 03:01:26 -08:00
Mehdy Bohlool
f7dff4725f Add AdmissionReviewVersions to admissionregistration and default it 2019-03-07 15:02:16 -08:00
Tim Allclair
820a1dc96b Add node.k8s.io/v1beta1 API 2019-03-07 11:57:12 -08:00
Tim Allclair
63f61a6714 Migrate RuntimeClass to internal API 2019-03-07 11:07:54 -08:00
Xing Yang
bb45b8ee34 Make CSINodeInfo and CSIDriver Core APIs 
This PR is the first step to transition CSINodeInfo and CSIDriver
CRD's to in-tree APIs. It adds them to the existing API group
“storage.k8s.io” as core storage APIs.
 2019-03-02 12:31:05 -08:00
Kubernetes Prow Robot
f16035600a
Merge pull request #73807 from dekkagaijin/discovery-hardening 
harden the default RBAC discovery clusterrolebindings
 2019-03-01 21:49:30 -08:00
Jake Sanders
9c7d31928d harden the default RBAC discovery clusterrolebindings 2019-03-01 18:45:05 -08:00
Lubomir I. Ivanov
e29c6e1b38 go-1.12: fix 'go vet' failures 2019-03-01 18:48:17 +02:00
Kubernetes Prow Robot
5ebdf3e3f2
Merge pull request #74574 from SataQiu/fix-golint-20190226 
fix some golint failures in pkg/registry/...
 2019-02-26 18:12:19 -08:00
SataQiu
9e4c8950be fix some golint failures in pkg/registry/... 2019-02-26 22:36:52 +08:00
Jordan Liggitt
d1e865ee34 Update client callers to use explicit versions 2019-02-26 08:36:30 -05:00
Kubernetes Prow Robot
3afa003126
Merge pull request #73555 from bsalamat/priority_to_ga 
Graduate PriorityClass API to GA
 2019-02-22 16:14:49 -08:00
Bobby (Babak) Salamat
1dac6d03e3 generated files 2019-02-22 10:51:15 -08:00
Bobby (Babak) Salamat
453498fe2c Graduate PriorityClass to GA 2019-02-22 10:51:13 -08:00
Jordan Liggitt
f139218ac0 generated files 2019-02-20 23:32:46 -05:00
Jordan Liggitt
8c28d3f63c Add networking.k8s.io/v1beta1 Ingress 2019-02-20 16:41:14 -05:00
Jordan Liggitt
6c0b1b87f0 generated files 2019-02-20 16:41:14 -05:00
Jordan Liggitt
47cb9559be Move internal Ingress type from extensions to networking 2019-02-20 16:41:12 -05:00
Kubernetes Prow Robot
a887ae8344
Merge pull request #74208 from lrx0014/unittest 
fixes: some wrong comments
 2019-02-18 22:45:49 -08:00
renxiang
8c8a9f850b fixes: some wrong comments 2019-02-18 19:02:28 +08:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable 
Remove executable file permission from OWNERS files
 2019-02-14 23:55:45 -08:00
Kubernetes Prow Robot
1b8c8f1daf
Merge pull request #73831 from jennybuckley/apply-create-service 
Honor forceAllowCreate in service registry
 2019-02-14 13:59:44 -08:00
Kubernetes Prow Robot
ce4fd07b06
Merge pull request #71564 from liggitt/reconcile-details 
Improve reconcile output to explain what changes are being made
 2019-02-12 18:45:13 -08:00
Jennifer Buckley
1a5e48e29d Honor forceAllowCreate in service registry 2019-02-11 11:05:30 -08:00
Kubernetes Prow Robot
b50c643be0
Merge pull request #73540 from rlenferink/patch-5 
Updated OWNERS files to include link to docs
 2019-02-08 09:05:56 -08:00
Jordan Liggitt
4271384966 Call conditional validation from create/update strategies 2019-02-05 23:09:31 -05:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Kubernetes Prow Robot
c5fa271dfb
Merge pull request #62979 from wackxu/comment 
fix priorityclass strategy comment
 2019-02-01 07:44:15 -08:00
Jordan Liggitt
cdfb5d3170 Make pod eviction trigger graceful deletion to match deletion via API 2019-01-25 23:35:49 -05:00
Jordan Liggitt
1a15d80967 generated 2019-01-23 16:34:44 -05:00
Jordan Liggitt
17aa60686e Deprecate and remove use of alpha metadata.initializers field, remove IncludeUninitialized options 2019-01-23 16:34:43 -05:00
Jordan Liggitt
dc1fa870bf Remove alpha InitializerConfiguration types, Initializers admission plugin 2019-01-23 11:37:39 -05:00
Justin SB
dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Rajath Agasthya
da6c97f710 Remove ExpandPersistentVolumes feature gate from validation 
Drops new PV Status.Conditions if old PV Status.Conditions was not set.
 2019-01-10 12:43:20 -08:00
Kubernetes Prow Robot
8728ecc27d
Merge pull request #72664 from sbezverk/ResourceQuotaScopeSelectors 
Move ResourceQuotaSelector out of validation
 2019-01-08 02:02:59 -08:00
Serguei Bezverkhi
d79475c801 add ResourceQuotaSelector validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-01-07 23:15:39 -05:00
Jordan Liggitt
12dd768bee Pass pod annotations into DropDisabledFields() 2019-01-07 14:44:20 -05:00
Kubernetes Prow Robot
dba49e60aa
Merge pull request #72249 from liggitt/resource-runtime-config 
Allow enabling/disabling specific extensions/v1beta1 resources
 2019-01-02 13:58:21 -08:00
Jordan Liggitt
e016e132f5 Allow enabling/disabling specific extensions/v1beta1 resources 2019-01-02 10:15:21 -05:00
Jordan Liggitt
c5dfe6b612 Update feature-gate handling of TTLSecondsAfterFinished 2018-12-29 19:36:43 -05:00
Serguei Bezverkhi
e61b76fb8c node config_source 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2018-12-29 13:19:37 -05:00
Kubernetes Prow Robot
52b6b4086f
Merge pull request #72250 from sbezverk/AllowVolumeExpansion 
AllowVolumeExpansion validation and tests
 2018-12-26 16:20:24 -08:00
Kubernetes Prow Robot
d476af7c19
Merge pull request #72282 from rkojedzinszky/master 
storage_scheduling: retry operation as intended
 2018-12-23 01:00:09 -08:00
Kubernetes Prow Robot
35061468cc
Merge pull request #72271 from jhrv/call_validate_for_rollback 
call createValidation before rollback. Fixes #72256
 2018-12-21 16:03:51 -08:00
Johnny Horvi
954987f8f6 call createValidation before rollback. Fixes #72256 2018-12-21 20:10:19 +01:00
Richard Kojedzinszky
a8c70aadd1 storage_scheduling: retry operation as intended 
Fixes #72163
 2018-12-21 17:22:00 +01:00