github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
123,659 Commits 1 Branch 31 Tags 1,019 MiB
30ffa521e6
Commit Graph

1483 Commits

Author SHA1 Message Date
Abu Kashem
ae647032a7
apiserver: remove feature gate APIPriorityAndFairness 2024-07-02 13:00:43 -04:00
Kubernetes Prow Robot
7e1a5a0ea8
Merge pull request #125687 from bart0sh/PR146-DevicePluginCDIDevices-LockToDefault 
kube_features: DevicePluginCDIDevices: LockToDefault
 2024-07-01 17:07:41 -07:00
Kubernetes Prow Robot
79fee524e6
Merge pull request #125483 from wojtek-t/storage_readiness_hook 
Implement resilient watchcache initialization post-start-hook
 2024-07-01 13:48:29 -07:00
Wojciech Tyczyński
a5772bd425 Implement resilient watchcache initialization post-start-hook 2024-07-01 12:54:57 +02:00
Kubernetes Prow Robot
d729af9446
Merge pull request #125591 from p0lyn0mial/upstream-promote-watch-list-to-beta 
Promote WatchList feature to Beta
 2024-07-01 02:31:14 -07:00
Antonio Ojea
7a14b94205 promote feature gate MultiCIDRServiceAllocator to beta disabled by default 2024-06-28 10:38:37 +00:00
Kubernetes Prow Robot
d40676c227
Merge pull request #122047 from aojea/treeless 
KEP-1880 Multiple Service CIDRs: Graduate to Beta (1/2)
 2024-06-28 01:00:20 -07:00
Kubernetes Prow Robot
522e2e5066
Merge pull request #124917 from vinayakankugoyal/kep4633 
KEP-4633: Only allow anonymous auth for configured endpoints.
 2024-06-27 20:39:51 -07:00
Vinayak Goyal
5e6a4937f5 KEP-4633: Allow health-only anonymous auth mode. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-06-28 00:30:05 +00:00
Antonio Ojea
9b1bad431b implement dual write on Service ClusterIP allocator 
MultiCIDRServiceAllocator implements a new ClusterIP allocator based on
IPAddress object to solve the problems and limitations caused by
existing bitmap allocators.

However, during the rollout of new versions, deployments need to support
a skew of one version between kube-apiservers. To avoid the possible
problem where there are multiple Services requests on the skewed
apiservers and that both allocate the same IP to different Services,
the new allocator will implement a dual-write strategy under the
feature gate DisableAllocatorDualWrite.

After the MultiCIDRServiceAllocator is GA, the DisableAllocatorDualWrite
can be enabled safely as all apiservers will run with the new
allocators. The graduation of DisableAllocatorDualWrite can also
be used to clean up the opaque API object that contains the old bitmaps.

If MultiCIDRServiceAllocator is enabled and DisableAllocatorDualWrite is disable
and is a new environment, there is no bitmap object created, hence, the
apiserver will initialize it to be able to write on it.
 2024-06-27 11:33:36 +00:00
Lukasz Szaszkiewicz
0b15903b35 kube-apiserver: promote WatchList feature to beta 2024-06-27 08:49:59 +02:00
Kubernetes Prow Robot
cd19796316
Merge pull request #125475 from AkihiroSuda/rro 
KEP-3857: promote RecursiveReadOnlyMounts feature to beta
 2024-06-26 14:13:39 -07:00
Kubernetes Prow Robot
fb0195df11
Merge pull request #123428 from atiratree/UnhealthyPodEvictionPolicy-GA 
promote PDBUnhealthyPodEvictionPolicy to GA
 2024-06-25 21:56:20 -07:00
Siyuan Zhang
403301bfdf apiserver: Add API emulation versioning. 
Co-authored-by: Siyuan Zhang <sizhang@google.com>
Co-authored-by: Joe Betz <jpbetz@google.com>
Co-authored-by: Alex Zielenski <zielenski@google.com>

Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Kubernetes Prow Robot
9d9b6fb876
Merge pull request #125261 from bart0sh/PR145-DevicePluginCDIDevices-update-GA-milestone 
features: update milestone for DevicePluginCDIDevices
 2024-06-25 08:25:59 -07:00
Ed Bartosh
f53991d111 kube_features: DevicePluginCDIDevices: LockToDefault 2024-06-25 16:14:48 +03:00
Filip Křepinský
68d34580e0 promote PDBUnhealthyPodEvictionPolicy to GA 2024-06-21 16:13:53 +02:00
Marek Siarkowicz
0c0e19b343 Move ConsistentListFromCache to Beta default 2024-06-20 10:56:51 +02:00
Kubernetes Prow Robot
b3db54ea72
Merge pull request #125016 from carlory/promote-portworx-csi-migration-default-on 
Enables the Portworx in-tree driver to Portworx migration feature by default
 2024-06-19 13:26:48 -07:00
Kubernetes Prow Robot
aeed1d0e1a
Merge pull request #124842 from carlory/honor-pv-reclaim-policy-e2e 
Promote HonorPVReclaimPolicy to beta and enable it by default
 2024-06-19 13:26:41 -07:00
carlory
4058178b8c Promote HonorPVReclaimPolicy to beta and enable it by default 2024-06-19 13:51:37 +08:00
Kubernetes Prow Robot
f70115206b
Merge pull request #125082 from alexanderConstantinescu/kep-3836-v131 
KEP 3836 - v1.31 update [promote to GA]
 2024-06-18 17:12:52 -07:00
Kubernetes Prow Robot
2c1aa2bfec
Merge pull request #125459 from MinpengJin/master 
Promote LogarithmicScaleDown to GA
 2024-06-17 20:21:40 -07:00
Sean Sullivan
3ae3b4ea55 Graduate PortForwardWebsockets to Beta 2024-06-15 16:09:23 -07:00
Akihiro Suda
ede79b0470
KEP-3857: promote RecursiveReadOnlyMounts feature to beta 
KEP: https://kep.k8s.io/3857

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-06-13 08:58:03 +09:00
Kubernetes Prow Robot
7943c17867
Merge pull request #124329 from chrishenzie/remove-readwriteoncepod-feature-gate 
Remove ReadWriteOncePod feature gate
 2024-06-12 15:51:23 -07:00
Alexander Constantinescu
d1d7ce4d78 KEP 3836 - v1.31 update [promote to GA] 2024-06-11 16:42:57 +02:00
MinpengJin
bcd30b6998 Promote LogarithmicScaleDown to GA 2024-06-11 15:59:43 +08:00
Kubernetes Prow Robot
eef6c6082d
Merge pull request #124642 from wojtek-t/resilient_watchcache_initialization 
Implement ResilientWatchCacheInitialization
 2024-06-06 18:38:14 -07:00
Kubernetes Prow Robot
e702c2e0b6
Merge pull request #124574 from zhangweikop/master 
enable kubelet server to dynamically load tls certificate files
 2024-06-06 09:16:29 -07:00
Wei Zhang
171882b33b add feature gate ReloadKubeletServerCertificateFile 2024-06-05 23:26:11 +00:00
Kubernetes Prow Robot
d8b33e32b1
Merge pull request #125168 from kaisoz/jobreadypods-fg-removal 
Remove the `JobReadyPods` feature flag
 2024-06-05 11:36:58 -07:00
Wojciech Tyczyński
a8ef6e9f01 Implement ResilientWatchCacheInitialization 2024-06-04 10:36:46 +02:00
Ed Bartosh
a240cc6190 features: update milestone for DevicePluginCDIDevices 2024-06-01 00:12:42 +03:00
James Munnelly
5481e630de KEP-4193: promote ServiceAccountTokenNodeBinding feature to beta 2024-05-31 12:16:03 +01:00
Kubernetes Prow Robot
72226c7511
Merge pull request #123315 from bart0sh/PR134-graduate-DevicePluginCDIDevices-to-GA 
Graduate DevicePluginCDIDevices to GA
 2024-05-30 08:17:06 -07:00
Shingo Omura
552fd7e850
KEP-3619: Fine-grained SupplementalGroups control (#117842) 
* Add `Linux{Sandbox,Container}SecurityContext.SupplementalGroupsPolicy` and `ContainerStatus.user` in cri-api

* Add `PodSecurityContext.SupplementalGroupsPolicy`, `ContainerStatus.User` and its featuregate

* Implement DropDisabledPodFields for PodSecurityContext.SupplementalGroupsPolicy and ContainerStatus.User fields

* Implement kubelet so to wire between SecurityContext.SupplementalGroupsPolicy/ContainerStatus.User and cri-api in kubelet

* Clarify `SupplementalGroupsPolicy` is an OS depdendent field.

* Make `ContainerStatus.User` is initially attached user identity to the first process in the ContainerStatus

It is because, the process identity can be dynamic if the initially attached identity
has enough privilege calling setuid/setgid/setgroups syscalls in Linux.

* Rewording suggestion applied

* Add TODO comment for updating SupplementalGroupsPolicy default value in v1.34

* Added validations for SupplementalGroupsPolicy and ContainerUser

* No need featuregate check in validation when adding new field with no default value

* fix typo: identitiy -> identity
 2024-05-29 15:40:29 -07:00
Tomas Tormo
ce56b2ca58 Remove JobReadyPods feature flag 2024-05-27 13:09:52 +00:00
carlory
8e4a6f3bed Enables the Portworx in-tree driver to Portworx migration feature by default 2024-05-21 18:50:20 +08:00
Kubernetes Prow Robot
119f9b3e7c
Merge pull request #124675 from cici37/fgForCost 
Adding a deprecating featurer gate to fix cost
 2024-05-13 08:52:04 -07:00
Kensei Nakada
2ea7d8f523 graduate MatchLabelKeysInPodAffinity to Beta 2024-05-11 10:40:28 +00:00
Cici Huang
d6e4115ead Adding the feature gates to fix cost for VAP and webhook matchConditions. 2024-05-10 22:07:40 +00:00
carlory
c8e91b9bc2 CephRBD volume plugin ( ) and its csi migration support were removed in this release 2024-05-09 22:55:34 +08:00
Kubernetes Prow Robot
0a8d2f770e
Merge pull request #124462 from carlory/remove-fg-CSINodeExpandSecret 
remove feature-gate CSINodeExpandSecret
 2024-05-08 13:58:21 -07:00
Kubernetes Prow Robot
132c49c40b
Merge pull request #124738 from xuzhenglun/master 
Remove GA ServiceNodePortStaticSubrange feature gate
 2024-05-08 12:23:29 -07:00
Kubernetes Prow Robot
1af6bc992c
Merge pull request #123845 from HirazawaUi/promote-DisableNodeKubeProxyVersion-to-beta 
promote DisableNodeKubeProxyVersion feature gate to beta
 2024-05-08 12:23:19 -07:00
xuzhenglun
6d7a194e85
Remove GA ServiceNodePortStaticSubrange feature gate 2024-05-08 15:15:02 +08:00
Kubernetes Prow Robot
e6547701f1
Merge pull request #124681 from jpbetz/field-selector-beta 
Promote custom resource field selectors to beta
 2024-05-07 10:39:05 -07:00
Kubernetes Prow Robot
54687f317b
Merge pull request #124673 from jpbetz/retry-beta 
Promote RetryGenerateName to beta
 2024-05-06 15:11:56 -07:00
Joe Betz
d16ff3d77f Promote CRD field selectors to beta 2024-05-06 11:53:03 -04:00