github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags 1,019 MiB
479249b3a3
Commit Graph

502 Commits

Author SHA1 Message Date
Paulo Gomes
b451563560
Add seccomp least privilege for kuberuntime 2020-07-08 22:03:29 +01:00
Paulo Gomes
8976e3620f
Add seccomp enforcement and validation based on new GA fields 
Adds seccomp validation.

This ensures that field and annotation values must match when present.

Co-authored-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-06 09:13:25 +01:00
Kubernetes Prow Robot
9a3276548b
Merge pull request #91956 from kinvolk/rata/fix-kubelet-log-on-kill 
kubelet: Fix log typo when killing a container
 2020-06-24 13:30:38 -07:00
Kubernetes Prow Robot
14d9b5d758
Merge pull request #92325 from brianpursley/sync-pod-log 
Add pod and container name in log message when container fails to start
 2020-06-24 04:55:18 -07:00
Brian Pursley
2afc8e0eab Add pod and container name in log message when container fails to start 2020-06-23 12:59:53 -04:00
Rodrigo Campos
82856541fb kubelet: Fix log typo when killing a container 
Signed-off-by: Rodrigo Campos <rodrigo@kinvolk.io>
 2020-06-20 20:15:27 -03:00
Kubernetes Prow Robot
3b466d1c48
Merge pull request #91971 from SergeyKanzhelev/renamesInContainer 
fix linter issues for pkg/kubelet/container
 2020-06-19 21:51:32 -07:00
Sergey Kanzhelev
ee53488f19 fix golint issues in pkg/kubelet/container 2020-06-19 15:48:08 +00:00
Javier Diaz-Montes
3538936587 Adding Bazel deps 2020-06-15 08:58:02 -04:00
Javier Diaz-Montes
9743cda4a7 Adding Kubelet changes to enable SetHostnameAsFQDN feature 
These changes allow to set FQDN as hostname of pods for pods
that set the new PodSpec field setHostnameAsFQDN to true. The PodSpec
new field was added in related PR.

This is PART2 (last) of the changes to enable KEP #1797 and addresses #91036
 2020-06-14 21:26:27 -04:00
Kubernetes Prow Robot
99c50dfd3c
Merge pull request #85225 from DataDog/eric.mountain/cleanup_refmanager_master 
Removes container RefManager
 2020-05-28 16:37:15 -07:00
Kubernetes Prow Robot
b98d9407cf
Merge pull request #91207 from iamchuckss/fixed-width-log-timestamps 
Fix log timestamps to maintain a fixed width
 2020-05-21 18:20:37 -07:00
Davanum Srinivas
0608e8be25
update bazel BUILD files 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-20 10:57:47 -04:00
Davanum Srinivas
5692926914
Move packages for slightly better UX for consumers 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-20 10:57:46 -04:00
iamchuckss
b5a02c4190 Fix log timestamps to be displayed in fixed width 2020-05-19 13:07:56 +08:00
Kubernetes Prow Robot
f4112710f5
Merge pull request #90061 from marosset/runtimehandler-image-spec-annotations 
Add annotations to CRI ImageSpec objects
 2020-05-18 16:29:36 -07:00
Davanum Srinivas
07d88617e5
Run hack/update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:27 -04:00
Kubernetes Prow Robot
96e13de777
Merge pull request #88980 from tedyu/evict-delay-sorting 
Delay sorting of evictUnits slice in kuberuntime_gc
 2020-05-14 21:24:58 -07:00
Kubernetes Prow Robot
f7907083c2
Merge pull request #89160 from tedyu/symlink-first-seen 
Remove potentially unhealthy symlink only for dead containers
 2020-04-28 09:58:07 -07:00
Ted Yu
18e9f33fc6 Remove unhealthy symlink only for dead containers 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-04-21 12:30:51 -07:00
marosset
90367729a3 Adding/updating kubelet/kuberuntime tests 2020-04-20 22:25:05 +00:00
marosset
03479e4d12 kubelet - adding pod annotations to various image calls to get runtime-handler info to CRI 2020-04-17 23:57:09 +00:00
ZP-AlwaysWin
5796b7a32e Repair description 2020-04-17 09:36:38 +08:00
Kubernetes Prow Robot
7061dddf26
Merge pull request #88521 from mattjmcnaughton/mattjmcnaughton/add-error-testing-image-service 
Add error path testing to image handling by `kubeGenericRuntimeManager`
 2020-04-07 22:45:43 -07:00
Kubernetes Prow Robot
0d8b4b5df4
Merge pull request #85994 from coderanger/patch-1 
Tiny typo in a comment.
 2020-04-06 15:41:47 -07:00
Shihang Zhang
b56da85a77 sync api/v1/pod/util with api/pod/util and remove DefaultContainers 2020-03-24 16:42:32 -07:00
Kubernetes Prow Robot
e74ad38854
Merge pull request #89013 from dims/copy-jsonlog-from-docker/docker-locally 
Copy jsonlog from docker/docker locally
 2020-03-19 12:08:37 -07:00
Davanum Srinivas
825f99c396
run update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-17 21:26:07 -04:00
Davanum Srinivas
0c52ffe08f
make local copy of JSONLog 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-17 21:25:55 -04:00
Davanum Srinivas
25c3ddf22e
Just use runtime.NumCPU on windows 
docker folks added NumCPU implementation for windows that
supported hot-plugging of CPUs. The implementation used the
GetProcessAffinityMask to be able to check which CPUs are
active as well.
3707a76921

The golang "runtime" package has also bene using GetProcessAffinityMask
since 1.6 beta1:
6410e67a1e

So we don't seem to need the sysinfo.NumCPU from docker/docker.

(Note that this is PR is an effort to get away from dependencies from
docker/docker)

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-17 15:53:52 -04:00
Eric Mountain
22e0ee768b Removes container RefManager 2020-03-16 14:30:57 +01:00
zyu
78e2668539 Delay sorting of evictUnits slice in kuberuntime_gc 
Signed-off-by: zyu <yuzhihong@gmail.com>
 2020-03-09 12:24:42 -07:00
mattjmcnaughton
f215096715
Add error path testing to image handling by kubeGenericRuntimeManager 
In https://github.com/kubernetes/kubernetes/pull/88372, we added the
ability to inject errors to the `FakeImageService`. Use this ability to
test the error paths executed by the `kubeGenericRuntimeManager` when
underlying `ImageService` calls fail.

I don't foresee this change having a huge impact, but it should set a
good precedent for test coverage, and should the failure case behavior
become more "interesting" or risky in the future, we already will have
the scaffolding in place with which we can expand the tests.
 2020-02-25 08:27:30 -05:00
Patrick Lang
63ff616aa8 Adding Windows CPU limit tests 2020-02-24 19:46:39 +00:00
Patrick Lang
19acf7d051 Fix cpu resource limit on Windows 2020-02-24 19:46:39 +00:00
Kubernetes Prow Robot
d0983b562d
Merge pull request #84731 from verb/ec-pid 
Add namespace targeting mode to CRI and kubelet
 2020-02-20 04:29:17 -08:00
Kubernetes Prow Robot
d8b325b534
Merge pull request #85856 from adelina-t/cpu_requests_fix_ctrd 
Fix Cpu Requests priority Windows.
 2020-02-07 15:19:58 -08:00
Kubernetes Prow Robot
d90dd93855
Merge pull request #82111 from xieyanker/xieyanker-patch-2 
remove stateCheckPeriod
 2020-02-05 04:17:55 -08:00
Lee Verberne
4d4e111f01 Generated code for kubelet namespace targeting 2020-01-30 15:31:43 +01:00
Lee Verberne
9a6d50cb2a Add namespace targeting to the kubelet 2020-01-30 15:31:43 +01:00
sewon.oh
463442aa29
Update container hugepage limit when creating the container 
Unit test for updating container hugepage limit
Add warning message about ignoring case.
Update error handling about hugepage size requirements

Signed-off-by: sewon.oh <sewon.oh@samsung.com>
 2020-01-28 09:35:02 +09:00
danielqsj
1a9b121764 remove deprecated metrics of kubelet 2020-01-10 16:46:52 +08:00
Kubernetes Prow Robot
9ddbc90039
Merge pull request #84191 from langyenan/getTypedVersion 
invoke getTypedVersion() instead of direct runtime call
 2019-12-10 16:04:19 -08:00
ianlang
babdcd0d14 invoke getTypedVersion() instead of direct runtime call 2019-12-09 15:31:45 +08:00
Kubernetes Prow Robot
e624d1b7bf
Merge pull request #85001 from bmoix/fix-golint-kubelet-httpgetter 
kubelet: rename HTTPGetter interface
 2019-12-06 17:05:53 -08:00
Kubernetes Prow Robot
c9f690d418
Merge pull request #85170 from timyinshi/logSymlink 
modify dockerID to containerID
 2019-12-06 14:27:35 -08:00
Noah Kantrowitz
0ac25f51fc
Tiny typo in a comment. 2019-12-06 01:32:09 -08:00
Adelina Tuvenie
bc7d254317 Fix Cpu Requests priority Windows. 
For Windows, CPU Requests ( Shares, Count and Maximum ) are mutually exclusive, however
Kubernetes sends them all anyway in the pod spec.
When using dockershim this is not an issue, as Docker checks for this specific situation
here: 1bd184a4c2/daemon/daemon_windows.go (L87-L106)

However, when using CRI-Containerd this pods fail to spawn with an error from hcsshim.

This PR intends to filter these values before they are sent to the CRI and not rely on the
runtime for it.

Related to: https://github.com/kubernetes/kubernetes/issues/84804
 2019-12-04 19:32:26 +02:00
Kubernetes Prow Robot
4e45328e65
Merge pull request #83123 from aramase/dualstack-downward-api 
Dualstack downward api
 2019-11-14 22:13:42 -08:00