github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,720 Commits 1 Branch 31 Tags
30857658e42d08f58da0abc170a17adcaeeaae87
Commit Graph

49410 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
2b521e5f8e Merge pull request #123405 from cici37/vapGA 
[KEP-3488]Promote ValidatingAdmissionPolicy to GA
 2024-03-05 18:29:53 -08:00
Kubernetes Prow Robot
695072027d Merge pull request #123730 from pohly/dra-status-update-fix 
dra api: fix status updates
 2024-03-05 17:31:15 -08:00
Kubernetes Prow Robot
87f9b3891e Merge pull request #123385 from HirazawaUi/allow-special-characters 
Allow almost all printable ASCII characters in environment variables
 2024-03-05 17:31:06 -08:00
Kubernetes Prow Robot
5b4d97dc5a Merge pull request #122541 from aojea/headless_selector 
Implement a field selector for ClusterIP on Services
 2024-03-05 17:30:57 -08:00
Kubernetes Prow Robot
3686ceb5b8 Merge pull request #122745 from kannon92/swap-no-swap-default 
[KEP-2400] add no swap as the default option for swap
 2024-03-05 16:32:40 -08:00
cici37
5d83282823 Auto updates 2024-03-05 16:00:21 -08:00
cici37
de506ce7ac Promote ValidatingAdmissionPolicy to GA. 2024-03-05 16:00:21 -08:00
Kubernetes Prow Robot
df1eccae38 Merge pull request #123543 from jiahuif-forks/feature/validating-admission-policy/excluded-resources 
ValidatingAdmissionPolicy: exclude brink-able resources.
 2024-03-05 13:45:01 -08:00
Kubernetes Prow Robot
5f4a20e65d Merge pull request #120718 from gjkim42/add-restartable-init-containers-to-pod-resources-api 
Make PodResources API include restartable init containers
 2024-03-05 13:44:54 -08:00
Kevin Hannon
6a4e19a4ec add no swap as the default option for swap 2024-03-05 16:10:42 -05:00
Patrick Ohly
27df75c577 dra api: fix status updates 
Changing object meta is not supposed to be possible via status updates. For
example, it circumvents RBAC permission checks.
 2024-03-05 21:39:24 +01:00
Jiahui Feng
6b03166bed update to inject only the list of excluded resources. 2024-03-05 11:11:10 -08:00
Kubernetes Prow Robot
180c6bdc25 Merge pull request #122056 from dhenkel92/keep-pdb-condition 
keep existing PDB conditions when updating status
 2024-03-05 10:40:42 -08:00
Michał Woźniak
e568a77a93 Support for the Job managedBy field (alpha) (#123273) 
* support for the managed-by label in Job

* Use managedBy field instead of managed-by label

* Additional review remarks

* Review remarks 2

* review remarks 3

* Skip cleanup of finalizers for job with custom managedBy

* Drop the performance optimization

* imrpove logs
 2024-03-05 09:25:15 -08:00
Kubernetes Prow Robot
a81411594a Merge pull request #123226 from ivanvc/add-suspend-to-jobs-table 
printers: Add Job status to jobs table
 2024-03-05 09:25:06 -08:00
Antonio Ojea
5122fe0732 don't watch headless services on kubelet 
The kubelet watches services only to generate the environment variables
inside a pod, but headless services are not needed for this.

Change-Id: I22ee2b3352f8fe71cddfafa6f09b768c0a0e26b4
 2024-03-05 17:16:48 +00:00
Antonio Ojea
0595ec7942 implement field selector for clusterIP on services 
This will allow components that don't need to watch headless services
(heavily used on ai/ml workloads) to filter them server side.

Specially useful for kubelet and kube-proxy

Co-authored-by: Jianbo Ma <sakuranlbj@gmail.com>

Change-Id: I6434d2c8c77aaf725ec5c07acbcda14311f24bfa

Change-Id: Iba9e25afb90712facfb3dee25c500bbe08ef38fc
 2024-03-05 17:16:42 +00:00
Kubernetes Prow Robot
bc00c9eef0 Merge pull request #123366 from kerthcet/feat/support-initcontainer 
Consider initContainer images in pod scheduling
 2024-03-05 08:24:30 -08:00
Kubernetes Prow Robot
13f40e9759 Merge pull request #123686 from kerthcet/fix/flaky-test-on-multi-profile 
[Scheduler] Fix flaky test on multi profiles waitingPods
 2024-03-05 04:41:09 -08:00
HirazawaUi
fa3c101439 relax validation pod envfrom 2024-03-05 17:09:15 +08:00
HirazawaUi
e56240b2e1 add validation method at the top level 2024-03-05 17:09:10 +08:00
kerthcet
5b072a59a2 Fix flaky test on multi profiles waiting pod 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2024-03-05 14:54:33 +08:00
Kubernetes Prow Robot
dc3f5ec6cc Merge pull request #112957 from mxpv/log-dir 
Allow changing pod log directory
 2024-03-04 21:07:06 -08:00
Kubernetes Prow Robot
26600b17ab Merge pull request #123561 from enj/enj/i/validate_jwt_sa_iss 
Prevent conflicts between service account and jwt issuers
 2024-03-04 20:07:24 -08:00
Kubernetes Prow Robot
a76a3e031f Merge pull request #123487 from gauravkghildiyal/kep-4444 
Introduce trafficDistribution field for Kubernetes Services
 2024-03-04 20:07:15 -08:00
Kubernetes Prow Robot
229ebabc0a Merge pull request #123336 from HyunSu1768/hyunsu1768/use-switch-cases 
Refactoring to encourage use of switch case
 2024-03-04 20:07:06 -08:00
Kubernetes Prow Robot
699984f25a Merge pull request #123641 from liggitt/authz-config-beta-gate 
Promote StructuredAuthorizationConfiguration feature gate to beta
 2024-03-04 18:38:23 -08:00
Kubernetes Prow Robot
5b6d8a4293 Merge pull request #123532 from serathius/separate-rpc 
Move cacher watch to separate rpc preventing starvation
 2024-03-04 18:38:14 -08:00
Kubernetes Prow Robot
439f7df65b Merge pull request #122320 from armstrongli/master 
allow service NodePort to be updated to 0 in case AllocateLoadBalance…
 2024-03-04 18:38:05 -08:00
Kubernetes Prow Robot
6929a11f69 Merge pull request #123481 from sanposhiho/mindomain-stable 
graduate MinDomainsInPodTopologySpread to stable
 2024-03-04 17:18:53 -08:00
Kubernetes Prow Robot
f745503112 Merge pull request #123413 from seans3/tunneling-spdy-websockets 
PortForward: Tunnel SPDY through WebSockets
 2024-03-04 17:18:44 -08:00
Kubernetes Prow Robot
e4ee7b005c Merge pull request #123323 from gjkim42/add-ValidateInitContainerStateTransition 
Validate restartable init container state transition
 2024-03-04 16:21:30 -08:00
Kubernetes Prow Robot
1c789a9d46 Merge pull request #122422 from neolit123/1.30-update-hostaliases-note 
core/v1: remove note about hostAliases not working with hostNetwork
 2024-03-04 16:21:21 -08:00
Gaurav Ghildiyal
ec6fd2befa Add options construct to EndpointSlice NewReconciler for the new trafficDistributionEnabled field 2024-03-04 15:40:22 -08:00
Kubernetes Prow Robot
46a2137c1b Merge pull request #123639 from liggitt/authz-metrics 
Add authorization webhook duration/count/failopen metrics
 2024-03-04 14:09:30 -08:00
Kubernetes Prow Robot
6c8dc1d1ed Merge pull request #123609 from veshij/fix 
[kubernetes/scheduler] use lockless diagnosis collection in findNodes…
 2024-03-04 11:23:50 -08:00
Kubernetes Prow Robot
4ed7f6b4c4 Merge pull request #123583 from saschagrunert/image-id-container-status 
Add `image_id` to CRI `ContainerStatus` message
 2024-03-04 11:23:41 -08:00
Sean Sullivan
8b447d8c97 portforward: tunnel spdy through websockets 2024-03-04 11:10:30 -08:00
Jordan Liggitt
79b344d85e Add authorization webhook duration/count/failopen metrics 2024-03-04 14:01:15 -05:00
Kubernetes Prow Robot
89cbd94e68 Merge pull request #123593 from giuseppe/userns-use-kubelet-user-mappings 
KEP-127: kubelet: honor kubelet user mappings
 2024-03-04 10:24:52 -08:00
Kubernetes Prow Robot
d34fbeb0a3 Merge pull request #123446 from linxiulei/hit_cache 
Hit APIServer cache when testing healthiness
 2024-03-04 10:24:45 -08:00
Monis Khan
05e1eff793 Prevent conflicts between service account and jwt issuers 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-04 11:40:02 -05:00
Jan Safranek
c4163a9cb8 Add label with access mode to SELinux metrics 
In the KEP 1710 we promised to have all SELinux metrics with access mode
label, so cluster admin is able to distinguish when RWOP volumes are
failing to mount (-> SELinuxMountReadWriteOncePod feature gate must be
disabled) or volumes with any other access modes are failing (->
SELinuxMount feature gate must be disabled).

Adding the label to kubelet is quite straightforward, there were some
changes needed in the e2e test. Now grabMetrics() collects values of all
SELinux related metrics with all labels. It only skips unrelated volume
plugins. And waitForMetricIncrease gets metric with all labels on input, so
it can check that say RWOP metric increased and RWX one did not.
 2024-03-04 13:16:56 +01:00
Marek Siarkowicz
31d404b182 Prevent watch cache starvation, by moving its watch to separate RPC and add a SeparateCacheWatchRPC feature flag to disable this behavior 2024-03-04 12:51:06 +01:00
Gaurav Ghildiyal
51f86b9124 Change kube-proxy behaviour to consider hints when ServiceTrafficDistribution feature gate is enabled 2024-03-03 22:46:03 -08:00
Gaurav Ghildiyal
51a3fa2e6f Start reconciling on the new field 2024-03-03 22:46:03 -08:00
Gaurav Ghildiyal
646fd200b8 Run 'make update' 2024-03-03 22:46:00 -08:00
Gaurav Ghildiyal
996d11d4e8 Add new field trafficDistribution to Service spec 2024-03-03 22:34:17 -08:00
Kubernetes Prow Robot
e4a14fe0f5 Merge pull request #123575 from Huang-Wei/pod-scheduling-readiness-stable 
Graduate PodSchedulingReadiness to stable
 2024-03-03 22:29:38 -08:00
Kubernetes Prow Robot
1fceb815ac Merge pull request #123437 from tenzen-y/fix-job-validatioin-test-name 
Job: Fix test case names for the validations
 2024-03-02 13:33:18 -08:00