github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
119,634 Commits 1 Branch 31 Tags
3edcce52e3ce8a61bf7ef8fa2becd8fa0fa0d0ed
Commit Graph

48635 Commits

Author SHA1 Message Date
Antonio Ojea
3edcce52e3 service cidr controller manager: use new ServiceCIDR API 2023-10-31 21:05:50 +00:00
Antonio Ojea
016c3c9e36 repairip controller: use new ServiceCIDR API 2023-10-31 21:05:06 +00:00
Antonio Ojea
881cf4d54f ipallocator/cidrallocator: use new ServiceCIDR API 
Change-Id: I5b300373e21cc65f6ef171790ef81ee391f1c752

cidrallocator

Change-Id: I13050a9d60360e555b75a13beaa9a923268ec4e8
 2023-10-31 21:05:06 +00:00
Antonio Ojea
7e87806fab default_servicecidr_controller: use new ServiceCIDR API 
Change-Id: I2c53815136e0d985959420911339aacd62e01e78
 2023-10-31 21:05:06 +00:00
Antonio Ojea
5123a93b34 printers: use new ServiceCIDR API 
Change-Id: Iaedeb99fcdb6e27e9987bccb1ccc32fab7da71f6
 2023-10-31 21:05:06 +00:00
Antonio Ojea
c3d9b77d94 update ServiceCIDR API: replace IPv4,IPv6 fields by an array of strings 
https: //docs.google.com/document/d/1-CKDPRHsG6XfnGs-Bb7ptWgDtTq9-hj8aJQpGz1CSh8/edit

Change-Id: If7134a5553b4ecc12b1d58ffc52ebb9f8594778a
 2023-10-31 21:05:06 +00:00
Antonio Ojea
599597ca65 fix race on ServiceCIDR deletion 
When a ServiceCIDR is deleted, the service CIDR controller on the
controller manager verifies that is safe to be deleted before removing
the finalizer, howerver, since the information of deletion takes time to
propragate, there can be a race where the apiserver allocators didn't
receive the information of deletion and assign an IP address that will
be orphan.

To avoid this race, the service cidr controller waits a grace period
before removing the finalizer to ensure the allocators do not assign any
new IP Address from that range before is completely deleted.

Change-Id: Ib34d32c0bdde91c6e84f1d056db9374589b25c0b
 2023-10-31 21:05:06 +00:00
Antonio Ojea
8182c4d9ec make update 
Change-Id: I4007d4f6dda24b5c74f602d35191556f315de222
 2023-10-31 21:05:05 +00:00
Antonio Ojea
4ff80864e1 service cidr controller manager 
Controls the lifecycle of the ServiceCIDRs adding finalizers and
setting the Ready condition in status when they are created, and
removing the finalizers once it is safe to remove (no orphan IPAddresses)

An IPAddress is orphan if there are no ServiceCIDR containing it.

Change-Id: Icbe31e1ed8525fa04df3b741c8a817e5f2a49e80
 2023-10-31 21:05:05 +00:00
Antonio Ojea
164276175f plumb the new multicidr clusterip allocator 2023-10-31 21:05:05 +00:00
Antonio Ojea
65e6938946 make repair loop multi service cidr aware 
The repair loop controller watches the ServiceCIDRs configured
and use them to handle the repair of the IPAddresses assigned
by the kube-apiserver.

Change-Id: I8cfe8fd6285ea91192fc4ec72eaeea1eb004a235

Change-Id: If4be12e2c67b340d86c4efa2f9fb3672f0661636
 2023-10-31 21:05:05 +00:00
Antonio Ojea
63fe539b4e expand IPAllocator to work with multiple ServiceCIDRs 
Create a new allocator that uses the ServiceCIDRs configured in the
system to create IPAllocators.

The CIDRAllocator will create IPAllocators per parent ServiceCIDRs,
since we allow overlapping, there is no need to have an allocator
per ServiceCIDR.
The benefit of the IPAllocator is that uses the informer cache as
storage, hence, it does not need to keep cache and as only as logical
abstraction. This allows to create and delete IPAllocators without
any penalty.

IPAllocators can allocate IP addresses only if they are ready (not
being deleted)

Change-Id: I3fdda69991907c39cca3120fe2d850f14dcccec2
 2023-10-31 21:05:04 +00:00
Antonio Ojea
d3386e171a add iptree radix tree util 
A radix tree is required to optimize operations with subnets and
IP addresses.

Change-Id: I9fecc291efd39bdd7403c9675c047d6dee6018d2

Change-Id: I72c7bd5920a42bf35305443450c4ba97f857c492
 2023-10-31 21:05:04 +00:00
Antonio Ojea
3b450378e0 bootstrap controller for default ServiceCIDR 
The bootstrap controller for ServiceCIDR ensures that the default
ServiceCIDR is created from the existing flags.

It follows the same behavior than the kubernetes.default Service,
it only creates the default ServiceCIDR if it doesn't exist, but
does not modify it despite the parameters doesn't match.

review: bootstrap controller for default ServiceCIDR
 2023-10-31 21:05:04 +00:00
Antonio Ojea
55a35bebee API printers 
Change-Id: I7a0777bbd0b10e1a849c7891439b00622ec6b09c
 2023-10-31 21:05:04 +00:00
Antonio Ojea
2feb1503e2 Add ServiceCIDR to the REST Registry 
Change-Id: If2ab86505b1ffd94100f575e682702679dd2da72
 2023-10-31 21:05:04 +00:00
Antonio Ojea
391b25197b add apis to apiserver storage 
Change-Id: I33dfbdad98695a6438c55d841139476cb1d740d7
 2023-10-31 21:05:04 +00:00
Antonio Ojea
632081a907 add ServiceCIDR APIs 
Change-Id: Ia084c5505e43033ac34449031a1d32418ca326fd

Change-Id: Iafc236d456f7185a5c89a65d7b96245e04060013
 2023-10-31 21:05:04 +00:00
Antonio Ojea
16363b6fb4 fix IPAddress.Name validation message 
Change-Id: Idc29166d69c1eadd6e4dac3bf16f4a6739f98be2
 2023-10-31 21:05:04 +00:00
Kubernetes Prow Robot
113f133b2a Merge pull request #121637 from dims/update-to-new-cadvisor-v0.48.1 
Update to new cadvisor v0.48.1
 2023-10-31 21:50:23 +01:00
Kubernetes Prow Robot
00b56955fd Merge pull request #121210 from msau42/owners 
Add sig OWNERS to registry packages
 2023-10-31 20:23:59 +01:00
Kubernetes Prow Robot
dba565193c Merge pull request #121104 from carlory/kep-3751-api-changes 
[KEP-3571] introduce the VolumeAttributesClass API
 2023-10-31 20:23:50 +01:00
Kubernetes Prow Robot
0c93f40374 Merge pull request #120995 from aroradaman/move-get-kernel-version 
move GetKernelVersion out of pkg/proxy/ipvs
 2023-10-31 20:23:41 +01:00
Davanum Srinivas
bd233a2aa5 typo/api change in cadvisor / updated unwanted-dependencies.json 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-10-31 14:30:57 -04:00
Kubernetes Prow Robot
d475c249da Merge pull request #120954 from HirazawaUi/deprecate-kubeProxyVersione-field 
deprecate the kubeProxyVersion field of v1.Node
 2023-10-31 19:16:20 +01:00
Kubernetes Prow Robot
ac6f707155 Merge pull request #120620 from tzneal/sidecar-termination-ordering 
sidecars: terminate sidecars after main containers
 2023-10-31 19:16:11 +01:00
Kubernetes Prow Robot
418e9d08a4 Merge pull request #120592 from AxeZhan/validation_sets 
Use generic set in package "/pkg/apis/core/validation"
 2023-10-31 19:16:02 +01:00
Kubernetes Prow Robot
a5ff0324a9 Merge pull request #120461 from gjkim42/do-not-reuse-device-of-restartable-init-container 
Don't reuse the device of a restartable init container
 2023-10-31 19:15:53 +01:00
Kubernetes Prow Robot
5d03ce7ae4 Merge pull request #120354 from aroradaman/proxy-conntrack-api 
Add support for `nf_conntrack_tcp_be_liberal` sysctl to kube-proxy
 2023-10-31 19:15:44 +01:00
Kubernetes Prow Robot
2c300ef6b0 Merge pull request #120269 from gjkim42/fix-restart-containers-in-right-order-after-podsandbox-changed 
Restart containers in right order with SidecarContainers enabled
 2023-10-31 19:15:35 +01:00
Kubernetes Prow Robot
bfeb3c2621 Merge pull request #119447 from gjkim42/do-not-reuse-cpu-set-of-restartable-init-container 
Don't reuse CPU set of a restartable init container
 2023-10-31 19:15:26 +01:00
Kubernetes Prow Robot
dea3f1a119 Merge pull request #112599 from fabi200123/Adding-Windows-Support-for-InPlaceVerticalScaling 
Adding Windows support for InPlace Pod Vertical Scaling
 2023-10-31 19:15:12 +01:00
Kubernetes Prow Robot
74fefd877f Merge pull request #121638 from tkashem/apf-ga 
apiserver: set APF featuregate to stable
 2023-10-31 15:57:57 +01:00
Abu Kashem
c7fcef1875 apiserver: set APF featuregate to ga 2023-10-31 08:46:24 -04:00
Kubernetes Prow Robot
d84ee0ba69 Merge pull request #121632 from kerthcet/fix/runscoreplugins 
Fix panic when process RunScorePlugins for cap out of range
 2023-10-31 13:14:32 +01:00
Kubernetes Prow Robot
064e86b3d0 Merge pull request #121223 from ritazh/authz-cel 
[StructuredAuthorizationConfig] - CEL integration
 2023-10-31 13:13:56 +01:00
kerthcet
b02aad42fa Fix panic when process RunScorePlugins for cap out of range 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2023-10-31 16:02:16 +08:00
Rita Zhang
31c76e9abb authz: add cel expression to webhook matchconditions 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-10-30 21:48:00 -07:00
carlory
56ab6c5942 generated changes 2023-10-31 11:26:35 +08:00
carlory
ae90a69677 volumeattributesclass and core api changes 2023-10-31 11:18:56 +08:00
Kubernetes Prow Robot
f5a5d83d7c Merge pull request #121089 from tkashem/apf-v1 
Promote APF API to v1
 2023-10-31 02:39:30 +01:00
Michelle Au
c4aab1036f Add sig OWNERS to registry packages 2023-10-31 01:20:16 +00:00
Kubernetes Prow Robot
ab13d0b47c Merge pull request #120780 from munnerz/bound-token-improvements 
Including JTI & node reference in issued service account tokens (kep 4193)
 2023-10-31 01:22:56 +01:00
Kubernetes Prow Robot
e823b56a0b Merge pull request #116932 from my-git9/ut-preemption 
[ut] Increase test coverage for kubelet/pleg
 2023-10-31 01:22:47 +01:00
Kubernetes Prow Robot
af18989486 Merge pull request #116931 from my-git9/CreateListener-ut 
[ut] increase covrage for kubelet/prober/results
 2023-10-31 01:22:29 +01:00
Abu Kashem
b8cd792b36 rename the roundtrip annotation, forbid it in v1 2023-10-30 18:22:51 -04:00
Kubernetes Prow Robot
08070433cc Merge pull request #121373 from cici37/crdGA 
[KEP-2876] Promote CRD validation rule to GA
 2023-10-30 22:42:09 +01:00
James Munnelly
76463e21d4 KEP-4193: bound service account token improvements 2023-10-30 21:15:10 +00:00
Kubernetes Prow Robot
05765a851c Merge pull request #121389 from aleksandra-malinowska/sts-restart-always 
Resubmit "Make StatefulSet restart pods with phase Succeeded"
 2023-10-30 21:11:51 +01:00
Kubernetes Prow Robot
e4212878dd Merge pull request #119208 from atosatto/separate-taint-manager 
Decouple TaintManager from NodeLifeCycleController (KEP-3902)
 2023-10-30 21:11:33 +01:00