github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags 1,019 MiB
479249b3a3
Commit Graph

24 Commits

Author SHA1 Message Date
Jordan Liggitt
ba4d2aa076 Restrict node labels on Node create 2020-04-20 16:26:24 -04:00
David Eads
83f6f2717e remove global variable dep in admission 2019-11-12 10:55:14 -05:00
Tim Allclair
ac2b300ed9 Update bazel 2019-10-23 16:43:03 -07:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
Xing Yang
85867e5625 Modify node admission and node authorizer 2019-03-04 16:42:12 -08:00
Davanum Srinivas
b975573385
move pkg/kubelet/apis/well_known_labels.go to staging/src/k8s.io/api/core/v1/ 
Co-Authored-By: Weibin Lin <linweibin1@huawei.com>

Change-Id: I163b2f2833e6b8767f72e2c815dcacd0f4e504ea
 2019-02-05 13:39:07 -05:00
Jordan Liggitt
9fb2dcad5e Limit kubelets from updating their own labels 2018-11-13 23:48:47 -05:00
Cheng Xing
becc6a9c19 Implemented logic in kubelet for registering node info, including wiring to CSINodeInfo; added unit tests for node updates; updated RBAC, NodeAuthorizer, NodeRestriction. 2018-09-06 19:16:51 -07:00
Michael Taufen
1b7d06e025 Kubelet creates and manages node leases 
This extends the Kubelet to create and periodically update leases in a
new kube-node-lease namespace. Based on [KEP-0009](https://github.com/kubernetes/community/blob/master/keps/sig-node/0009-node-heartbeat.md),
these leases can be used as a node health signal, and will allow us to
reduce the load caused by over-frequent node status reporting.

- add NodeLease feature gate
- add kube-node-lease system namespace for node leases
- add Kubelet option for lease duration
- add Kubelet-internal lease controller to create and update lease
- add e2e test for NodeLease feature
- modify node authorizer and node restriction admission controller
to allow Kubelets access to corresponding leases
 2018-08-26 16:03:36 -07:00
yue9944882
bc1fb1f7e8 node authz/ad externalization 2018-08-09 10:57:30 +08:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Jordan Liggitt
8161033be4
Make node restriction admission pod lookups use an informer 2018-05-10 07:53:46 -04:00
Mike Danese
b43cd7307d noderestriction: restrict nodes TokenRequest permission 
nodes should only be able to create TokenRequests if:
* token is bound to a pod
* binding has uid and name
* the pod exists
* the pod is running on that node
 2018-02-26 13:46:19 -08:00
Jeff Grafton
ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Jeff Grafton
efee0704c6 Autogenerate BUILD files 2017-12-23 13:12:11 -08:00
Hemant Kumar
1b76b0b2ff Allow node to update PVC's status 
Implement node policy feature gates
Add tests for node policy update
 2017-11-22 14:32:50 -05:00
Dr. Stefan Schimanski
bec617f3cc Update generated files 2017-11-09 12:14:08 +01:00
Jeff Grafton
aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Jeff Grafton
a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton
33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
Michael Taufen
443d58e40a Dynamic Kubelet Configuration 
Alpha implementation of the Dynamic Kubelet Configuration feature.
See the proposal doc in #29459.
 2017-08-08 12:21:37 -07:00
Daniel Fernandes Martins
81ba522bbe Make NodeRestriction admission allow evictions for bounded pods 2017-07-20 14:20:03 -03:00
Jordan Liggitt
2106a2bbe5
Check live pod on cache miss before forbidding node deletion 2017-06-05 12:09:15 -04:00
Jordan Liggitt
6fd36792f1
Add NodeRestriction admission plugin 2017-05-18 16:43:42 -04:00