github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,776 Commits 1 Branch 31 Tags
4e8ccf01872bb452a482113fc170eb57d7dff6f1
Commit Graph

39517 Commits

Author SHA1 Message Date
Wei Huang
4e8ccf0187 Refactor and expose common preemption functions 2020-07-11 23:17:21 -07:00
Kubernetes Prow Robot
d06ff65943 Merge pull request #92876 from Huang-Wei/pdbLister 
Add pdbLister as a member field of struct DefaultPreemption
 2020-07-11 20:57:42 -07:00
Kubernetes Prow Robot
c23a4b08d7 Merge pull request #92874 from chelseychen/event-api 
Fix a few places where source field is empty when creating events via events/v1
 2020-07-11 20:57:31 -07:00
Kubernetes Prow Robot
11348a38d7 Merge pull request #92871 from liggitt/kube-features 
Move proxy features to kube_features
 2020-07-11 20:57:22 -07:00
Kubernetes Prow Robot
63926cf8e7 Merge pull request #92862 from giuseppe/cgroup-fix-leaks 
vendor: update github.com/opencontainers/runc
 2020-07-11 20:57:11 -07:00
Kubernetes Prow Robot
fa31f9fd26 Merge pull request #92860 from aojea/iptMonitor 
iptables: don't do reverse DNS lookups
 2020-07-11 20:57:02 -07:00
Kubernetes Prow Robot
016c2f64de Merge pull request #92840 from adtac/listers 
selectorspread: access listers in plugin instantiation
 2020-07-11 20:56:23 -07:00
Kubernetes Prow Robot
67ec4b3cd7 Merge pull request #92838 from tnqn/endpointslicetrack-leak 
Fix memory leak in endpointSliceTracker
 2020-07-11 20:56:13 -07:00
Kubernetes Prow Robot
76e3b255e1 Merge pull request #92836 from aojea/minsyncperiod 
kube-proxy iptables min-sync-period default 1sec
 2020-07-11 20:56:03 -07:00
Kubernetes Prow Robot
23903c7f7c Merge pull request #92825 from ZeroMagic/azurefile-tag 
Add tags support for Azure File Driver
 2020-07-11 20:55:50 -07:00
Kubernetes Prow Robot
70f68dbf74 Merge pull request #92856 from saschagrunert/psp-seccomp-ga 
Implement PodSecurityPolicy enforcement for seccomp GA
 2020-07-11 15:35:22 -07:00
Kubernetes Prow Robot
93e76f5081 Merge pull request #92442 from tedyu/grace-period-with-map 
Respect grace period when removing mirror pod
 2020-07-10 17:49:23 -07:00
Kubernetes Prow Robot
5a5cb56e11 Merge pull request #92816 from divyenpatel/change-migration-flag-to-beta 
Set CSIMigrationvSphere feature gates to beta
 2020-07-10 15:43:21 -07:00
Kubernetes Prow Robot
36b4c2942b Merge pull request #92815 from Huang-Wei/bypass-prefilter-svcaffinity 
Bypass PreFilter in ServiceAfffinity if AffinityLabels arg is not present
 2020-07-10 15:43:11 -07:00
Kubernetes Prow Robot
fbc9cf0894 Merge pull request #92797 from ahg-g/ahg-prefilter 
Return a FitError when PreFilter fails with unschedulable status
 2020-07-10 15:42:31 -07:00
Kubernetes Prow Robot
26da0ea91e Merge pull request #92794 from klueska/upstream-more-tests-get-preferred-allocation 
Add more tests for device plugin's GetPreferredAllocation() API
 2020-07-10 15:42:21 -07:00
Kubernetes Prow Robot
0cb7e320a5 Merge pull request #92784 from pohly/generic-ephemeral-inline-volumes 
generic ephemeral inline volumes
 2020-07-10 15:41:46 -07:00
Kubernetes Prow Robot
a6378d8b12 Merge pull request #92779 from fisherxu/patch-2 
Return err when create ContainerLogsDir failed
 2020-07-10 15:41:37 -07:00
Kubernetes Prow Robot
4efed03276 Merge pull request #91637 from robscott/endpointslice-mirroring 
Adding new EndpointSlice Mirroring Controller
 2020-07-10 10:19:48 -07:00
Sascha Grunert
96fb83c4c1 Implement PodSecurityPolicy enforcement for seccomp GA 
This implements the necessary pieced for the PodSecurityPolicy
enforcement like described in the appropriate KEP section:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#podsecuritypolicy-enforcement

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-10 15:55:21 +02:00
Kubernetes Prow Robot
26f0227019 Merge pull request #91408 from saschagrunert/seccomp-api-migration 
Add seccomp GA version skew for pods
 2020-07-10 04:29:48 -07:00
Kubernetes Prow Robot
dd649bb7ef Merge pull request #91342 from mgugino-upstream-stage/evict-deleted-ok 
Eviction: ignore PDBs if pods with DeletionTimestamp
 2020-07-09 15:30:33 -07:00
Patrick Ohly
ff3e5e06a7 GenericEphemeralVolume: initial implementation 
The implementation consists of
- identifying all places where VolumeSource.PersistentVolumeClaim has
  a special meaning and then ensuring that the same code path is taken
  for an ephemeral volume, with the ownership check
- adding a controller that produces the PVCs for each embedded
  VolumeSource.EphemeralVolume
- relaxing the PVC protection controller such that it removes
  the finalizer already before the pod is deleted (only
  if the GenericEphemeralVolume feature is enabled): this is
  needed to break a cycle where foreground deletion of the pod
  blocks on removing the PVC, which waits for deletion of the pod

The controller was derived from the endpointslices controller.
 2020-07-09 23:29:24 +02:00
Kubernetes Prow Robot
3a5e7ea986 Merge pull request #92752 from chendave/skip_preemption 
Cut off the cost to run filter plugins when no victim pods are found
 2020-07-09 09:10:10 -07:00
Kubernetes Prow Robot
10aeb93e07 Merge pull request #92736 from robscott/endpointslice-proxying-beta 
Graduating EndpointSliceProxying to beta for Linux
 2020-07-09 09:09:48 -07:00
Kubernetes Prow Robot
d9b084a9d1 Merge pull request #89629 from fatedier/subpath 
Modified subpath configmap mount fails when container restarts
 2020-07-09 09:06:32 -07:00
Kubernetes Prow Robot
70e09f2c24 Merge pull request #88842 from angao/fit-arg 
add args for NodeResourcesFit plugin
 2020-07-09 05:04:10 -07:00
Patrick Ohly
32fdf688b3 GenericEphemeralVolume: 'make update' for API 2020-07-09 11:03:03 +02:00
Patrick Ohly
c05c8e915b GenericEphemeralVolume: feature gate, API, documentation 
As explained in
https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1698-generic-ephemeral-volumes,
CSI inline volumes are not suitable for more "normal" kinds of storage
systems. For those a new approach is needed: "generic ephemeral inline
volumes".
 2020-07-09 11:02:59 +02:00
Giuseppe Scrivano
0d2a493a8f kubelet: skip setting the devices cgroup 
use the new libcontainer feature of skipping setting the devices
cgroup.  This is necessary on cgroup v2 to avoid leaking a eBPF
program every time the cgroup is re-configured.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2020-07-09 09:37:46 +02:00
Kubernetes Prow Robot
83f50ba0e8 Merge pull request #92542 from dgrisonnet/cli-fix-event-series 
Fix v1beta1.Event printing in kubectl
 2020-07-09 00:05:30 -07:00
Kubernetes Prow Robot
55d77ade67 Merge pull request #92489 from alculquicondor/sig-storage-ownership 
Add SIG storage owner aliases
 2020-07-09 00:05:20 -07:00
Kubernetes Prow Robot
94a08e159a Merge pull request #92387 from pohly/csi-storage-capacity 
CSI storage capacity check
 2020-07-09 00:04:59 -07:00
Kubernetes Prow Robot
c2e6e147be Merge pull request #92160 from YuikoTakada/add_deprecated_description_scheduling_duration_seconds 
Add Deprecated description to metrics scheduling_duration_seconds
 2020-07-09 00:04:48 -07:00
Kubernetes Prow Robot
1e3eeba9fa Merge pull request #91577 from knabben/kubelet-bootstrap 
kubelet: remove the --bootstrap-checkpoint-path feature
 2020-07-09 00:03:41 -07:00
Kubernetes Prow Robot
4ee555252c Merge pull request #83710 from edwardstudy/ed/typo 
Fix comment typos in pkg/kubelet/prober
 2020-07-09 00:02:58 -07:00
ZeroMagic
7e7cf6a314 add tags support for azure file driver 
Signed-off-by: ZeroMagic <jiliu8@microsoft.com>
 2020-07-09 03:47:24 +00:00
Ted Yu
a76a959294 Respect grace period when removing mirror pod 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-07-08 13:38:24 -07:00
Wei Huang
d65a97848e codegen 2020-07-08 09:58:42 -07:00
Wei Huang
4b26ef2217 Remove DisablePreemption field from SchedulerConfig v1beta1 
DisablePreemption field can be removed as it can be deduced from PostFilterPlugins.
 2020-07-08 09:58:42 -07:00
Antonio Ojea
924553b7ee iptables don't do reverse DNS lookups 
the iptables monitor was using iptables -L to list the chains,
without the -n option, so it was trying to do reverse DNS lookups.
A side effect is that it was holding the lock, so other components
could not use it.
We can use -S instead of -L -n to avoid this, since we only want
to check the chain exists.
 2020-07-08 18:39:22 +02:00
Divyen Patel
e01de65444 setting CSIMigrationvSphere feature gates to beta 2020-07-08 07:36:44 -07:00
Chelsey Chen
e010436e2a Update conversion between ReportingController and Source.Component 2020-07-08 08:46:38 -04:00
Damien Grisonnet
ceb8c2fbf4 Fix v1beta1 events printing in kubectl 
printers: handle series when printing events
printers: handle singleton when printing events

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
 2020-07-08 12:09:41 +02:00
Rob Scott
8039cf9bb1 Graduating EndpointSliceProxying to beta for Linux 2020-07-07 14:18:03 -07:00
Wei Huang
9d377eb655 Add pdbLister as a member field of struct DefaultPreemption 2020-07-07 12:25:53 -07:00
Jordan Liggitt
8d03ace92b Move proxy features to kube_features 2020-07-07 12:34:18 -04:00
Quan Tian
087682584d Fix memory leak in endpointSliceTracker 
endpointSliceTracker creates a set of resource versions for each
service, the resource versions in the set could be deleted when
endpointslices are deleted, but the set and its key in the map is never
deleted, leading to memory leak.

This patch deletes the set if the service is deleted, and stops
initializing an empty set when "read-only" methods "Has" and "Stale" are
called.
 2020-07-08 00:15:30 +08:00
Kubernetes Prow Robot
5afc42de95 Merge pull request #78373 from tedyu/sort-init-container 
Sort init container statuses using non-nested loop
 2020-07-07 09:13:58 -07:00
Adhityaa Chandrasekar
832a53acdb selectorspread: access listers in plugin instantiation 2020-07-07 14:45:28 +00:00