github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,853 Commits 1 Branch 31 Tags
30422d5f2247a68ac3d8d10ca103de4e1535656f
Commit Graph

83 Commits

Author SHA1 Message Date
Patrick Ohly
1d653e6185 test: use cancelation from ktesting 
The return type of ktesting.NewTestContext is now a TContext. Code
which combined it WithCancel often didn't compile anymore (cannot overwrite
ktesting.TContext with context.Context). This is a good thing because all of
that code can be simplified to let ktesting handle the cancelation.
 2024-03-01 07:51:22 +01:00
Anish Ramasekar
77241d3125 Add apiserver_encryption_config_controller_automatic_reloads_total 
metric

- Adds `apiserver_encryption_config_controller_automatic_reloads_total`
  metric with status label for encryption config reload success/failure.
- Deprecated `apiserver_encryption_config_controller_automatic_reload_failures_total` and `apiserver_encryption_config_controller_automatic_reload_success_total`

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-12 21:47:46 -08:00
Anish Ramasekar
75695dae10 move encryption config types to standard API server config location 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-12-18 20:54:24 +00:00
Nilekh Chaudhari
e95b7c6d8b feat: updates encryption config file watch logic to polling 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>

fix (#2)

Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-10-30 16:20:39 +00:00
Kubernetes Prow Robot
ebf46ce1b4 Merge pull request #121485 from ritazh/kmsv2-ga 
[KMSv2] promote KMSv2 and KMSv2KDF to GA
 2023-10-27 02:23:50 +02:00
Rita Zhang
a9b1adbafc [KMSv2] promote KMSv2 and KMSv2KDF to GA 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-10-26 15:05:31 -07:00
Nilekh Chaudhari
a92c1269e2 test: fixes hot reload flake 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-10-25 01:14:00 +00:00
Nilekh Chaudhari
71a1565d06 revert: reverts fixes for TestEncryptionConfigHotReload flake 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-10-25 01:08:04 +00:00
Nilekh Chaudhari
d9c967113f tests: fixes flake in TestEncryptionConfigHotReload 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-10-23 18:03:05 +00:00
Rita Zhang
7710128636 kms: remove livez check 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-09-12 08:48:26 -07:00
Rita Zhang
43ccf6c4e8 kmsv2: add apiserver identity to metrics 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-09-09 15:31:32 -07:00
Monis Khan
657cc2045e kmsv2: enable KMSv2KDF feature gate by default 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-09-05 15:20:10 -04:00
Monis Khan
95121fe846 kmsv2: add legacy data integration test 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-09-01 15:33:28 -04:00
Kubernetes Prow Robot
a99e377a54 Merge pull request #120221 from enj/enj/i/kms_cache_metrics_lock 
kmsv2: fix race in simpleCache.set when setting cache size metric
 2023-09-01 10:00:31 -07:00
Monis Khan
b10697c788 kmsv2: fix race in simpleCache.set when setting cache size metric 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-08-31 16:26:58 -04:00
Kubernetes Prow Robot
9c25ce6f3e Merge pull request #119540 from SataQiu/clean-apiserver-20230724 
Remove the deprecated kube-apiserver identity lease garbage collector for k8s.io/component=kube-apiserver
 2023-08-28 10:49:42 -07:00
Rita Zhang
d86e72202c kmsv2 test feature enablement unit test 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-08-18 15:28:32 -07:00
Rita Zhang
67769438e1 kmsv2 test feature enablement disablement and restart 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-07-25 09:50:59 -07:00
SataQiu
213ed03c00 remove deprecated kube-apiserver identity lease garbage collector 2023-07-25 10:10:18 +08:00
Kubernetes Prow Robot
773a6b1e46 Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand 
kmsv2: KDF based nonce extension
 2023-07-21 16:10:19 -07:00
Monis Khan
bf49c727ba kmsv2: KDF based nonce extension 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-07-21 15:25:52 -04:00
Richa Banker
cd5f3d9f9d Add impl for uvip 2023-07-18 17:36:22 -07:00
Nilekh Chaudhari
131216fa8f chore: hashes keyID 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-07-13 20:42:09 +00:00
HirazawaUi
5289a7b029 fix fd leaks and failed file removing for test directory 2023-05-09 09:22:31 -05:00
Kubernetes Prow Robot
8a58c00c2a Merge pull request #117735 from nilekhc/fix-TestKMSv2Healthz-flake 
[KMSv2] fix: fixes flake in TestKMSv2Healthz
 2023-05-04 15:45:33 -07:00
Kante Yin
a7035f5459 Pass Context to StartTestServer 
Signed-off-by: Kante Yin <kerthcet@gmail.com>
 2023-05-04 10:25:09 +08:00
Nilekh Chaudhari
9d19c207d2 fix: fixes flake in TestKMSv2Healthz 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-05-02 21:01:48 +00:00
Rita Zhang
906f0607ef Clean up kms test 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-03-28 22:36:41 -07:00
Kubernetes Prow Robot
50070e664b Merge pull request #116626 from nilekhc/fix-kmsv2-healthz-flake 
[KMSv2] fix: increases timeout to avoid flake
 2023-03-14 20:28:34 -07:00
Kubernetes Prow Robot
15040e1c86 Merge pull request #115123 from aramase/v2beta1 
[KMSv2] Generate proto API and update feature gate for beta
 2023-03-14 19:26:25 -07:00
Nilekh Chaudhari
c09aa7dead fix: increases timeout to avoid flake 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-03-15 00:18:58 +00:00
Anish Ramasekar
ad698cc0ae [KMSv2] Generate proto API and update feature gate for beta 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-03-14 23:18:16 +00:00
Antonio Ojea
23252d70b4 add integration test 2023-03-14 22:58:11 +00:00
Monis Khan
832d6f0e19 kmsv2: re-use DEK while key ID is unchanged 
This change updates KMS v2 to not create a new DEK for every
encryption.  Instead, we re-use the DEK while the key ID is stable.

Specifically:

We no longer use a random 12 byte nonce per encryption.  Instead, we
use both a random 4 byte nonce and an 8 byte nonce set via an atomic
counter.  Since each DEK is randomly generated and never re-used,
the combination of DEK and counter are always unique.  Thus there
can never be a nonce collision.  AES GCM strongly encourages the use
of a 12 byte nonce, hence the additional 4 byte random nonce.  We
could leave those 4 bytes set to all zeros, but there is no harm in
setting them to random data (it may help in some edge cases such as
live VM migration).

If the plugin is not healthy, the last DEK will be used for
encryption for up to three minutes (there is no difference on the
behavior of reads which have always used the DEK cache).  This will
reduce the impact of a short plugin outage while making it easy to
perform storage migration after a key ID change (i.e. simply wait
ten minutes after the key ID change before starting the migration).

The DEK rotation cycle is performed in sync with the KMS v2 status
poll thus we always have the correct information to determine if a
read is stale in regards to storage migration.

Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-14 10:23:50 -04:00
Nilekh Chaudhari
9382fab9b6 feat: implements encrypt all 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-03-08 22:18:49 +00:00
Yuan Chen
a24aef6510 Replace a function closure 
Replace more closures with pointer conversion

Replace deprecated Int32Ptr to Int32
 2023-02-27 09:13:36 -08:00
Anish Ramasekar
c9b8ad6a55 [KMSv2] restructure kms staging dir 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-02-21 22:40:25 +00:00
Anish Ramasekar
de3b2d525b [KMSv2] Add metrics for grpc service 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-02-09 18:51:37 +00:00
Nilekh Chaudhari
b3f326722d chore: improves tests 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-01-30 23:18:14 +00:00
Anish Ramasekar
4804baa011 kmsv2: implement expire cache with clock 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-01-25 22:50:32 +00:00
Kubernetes Prow Robot
285e7969b2 Merge pull request #114544 from ritazh/kmsv2-keyid-staleness 
[KMSv2] Use status key ID to determine staleness of encrypted data
 2023-01-19 10:28:16 -08:00
Rita Zhang
510ac9b391 kmsv2: use status key ID to update staleness of encrypted data 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-01-19 08:09:24 -08:00
Kubernetes Prow Robot
46f3821bf4 Merge pull request #114586 from andrewsykim/apiserver-lease-rename 
Rename apiserver identity lease labels to apiserver.kubernetes.io/identity
 2023-01-17 21:36:34 -08:00
Krzysztof Ostrowski
b7701b00ea apiserver/kmsv2: mv Service interface into kmsv2 
Signed-off-by: Krzysztof Ostrowski <kostrows@redhat.com>
 2023-01-17 10:05:16 +01:00
Andrew Sy Kim
a7de3e15a5 apiserver: use the identity value in the apiserver identity hash 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2023-01-13 16:20:14 -05:00
Andrew Sy Kim
fb066a883d apiserver: update lease identity prefix from kube-apiserver- to apiserver- 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2023-01-13 15:37:22 -05:00
Andrew Sy Kim
423539cf96 test/integration/controlplane: add new apiserver identity test TestLeaseGarbageCollectionWithDeprecatedLabels 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2023-01-13 15:37:22 -05:00
TommyStarK
9e885bce35 test/integration: Replace deprecated pointer function 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2023-01-05 18:38:40 +01:00
Monis Khan
cb3410e1b7 kms: use different context for server lifecycle and initial load 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2022-11-16 16:44:23 -05:00
Kubernetes Prow Robot
e62cfabf93 Merge pull request #112050 from nilekhc/kms-hot-reload 
Implements hot reload of the KMS `EncryptionConfiguration`
 2022-11-08 17:24:12 -08:00