github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
72,286 Commits 1 Branch 31 Tags
596a20ca8a04e793c368939291e094cca2ee2c39
Commit Graph

32188 Commits

Author SHA1 Message Date
zhangyue
596a20ca8a fix typo: namspace -> namespace 
Signed-off-by: zhangyue <zy675793960@yeah.net>
 2018-11-20 21:47:27 +08:00
Clayton Coleman
3464222267 Revert "Make bootstrap client cert loading part of rotation" 
This reverts commit 0af19875ad.

Revert "Ensure the bootstrap rotation code is tested by forcing rotation"

This reverts commit de293b2d7d.
 2018-11-17 10:24:39 -05:00
k8s-ci-robot
e3420cc46f Merge pull request #70494 from RenaudWasTaken/pluginwatcher 
Ignore non socket files in the kubelet plugin watcher
 2018-11-16 22:46:42 -08:00
k8s-ci-robot
3be3510814 Merge pull request #69890 from smarterclayton/bootstrap_retry 
Make bootstrap client cert loading part of rotation
 2018-11-16 22:46:33 -08:00
k8s-ci-robot
ec2e767e59 Merge pull request #71167 from msau42/block-beta 
Promote raw block volume support to beta
 2018-11-16 20:28:03 -08:00
k8s-ci-robot
df8ad8eae1 Merge pull request #71166 from Random-Liu/fix-kubelet-panic 
Fix kubelet panic.
 2018-11-16 20:27:53 -08:00
k8s-ci-robot
7e621ccb08 Merge pull request #71063 from Huang-Wei/nodeinfo-clone-panic 
fix a scheduler panic due to internal cache inconsistency
 2018-11-16 20:27:44 -08:00
k8s-ci-robot
1f3057b7fb Merge pull request #70898 from Huang-Wei/preemption-issue 
ensure scheduler preemptor behaves in an efficient/correct path
 2018-11-16 20:27:35 -08:00
k8s-ci-robot
f38cc95505 Merge pull request #62692 from mikedanese/trev2 
authn: extend authenticator.Token to support audience validation
 2018-11-16 20:27:25 -08:00
Clayton Coleman
de293b2d7d Ensure the bootstrap rotation code is tested by forcing rotation 
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.

Verify that we choose the correct client.
 2018-11-16 21:50:52 -05:00
Clayton Coleman
0af19875ad Make bootstrap client cert loading part of rotation 
Ensure that bootstrap+clientcert-rotation in the Kubelet can:

1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds

Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).

Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.

Preserve existing behavior where:

1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
   the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
 2018-11-16 21:50:26 -05:00
k8s-ci-robot
4821291398 Merge pull request #71095 from msau42/csi-devicepath 
Remove devicePath dependency for CSI volumes
 2018-11-16 18:22:24 -08:00
k8s-ci-robot
f877b2257a Merge pull request #71074 from jsafrane/volume-manager-races 
Fix race between MountVolume and UnmountDevice
 2018-11-16 18:22:14 -08:00
Renaud Gaubert
1a3fbf1f13 Update e2e tests to include CSI 2018-11-17 01:52:57 +01:00
Renaud Gaubert
229418f261 Update pluginwatcher to ignore CSI metadata dir and non socket files 2018-11-17 01:51:00 +01:00
k8s-ci-robot
b6bbb01f04 Merge pull request #71058 from verult/nodeinfomanager-retry 
Augmenting API call retry in nodeinfomanager; Revert #70891
 2018-11-16 16:31:40 -08:00
Michelle Au
18453b01e6 Tolerate apiserver being older than controller-manager 2018-11-16 16:31:27 -08:00
Mike Danese
effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
Mike Danese
ed17876e52 plumb apiAudience to TokenReview registry 2018-11-16 19:30:42 -05:00
Lantao Liu
59e80cdac3 Fix kubelet panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-11-16 16:21:57 -08:00
Michelle Au
974d47ecf8 Remove devicePath dependency for CSI volumes 2018-11-16 15:40:35 -08:00
Mike Danese
162699ca30 autogenerated 2018-11-16 17:54:33 -05:00
Mike Danese
04837fdef1 authn: add Audiences to TokenReview 2018-11-16 17:54:33 -05:00
Wei Huang
b4fd11512a ensure scheduler preemptor behaves in an efficient/correct path 
- don't update nominatedMap cache when Pop() an element from activeQ
- instead, delete the nominated info from cache when it's "assumed"
- unit test behavior adjusted
- expose SchedulingQueue in factory.Config
 2018-11-16 14:22:15 -08:00
k8s-ci-robot
9878253c3c Merge pull request #70998 from deads2k/client-07-listwatchtimeout 
update the client generator to set a client-side timeout
 2018-11-16 13:19:57 -08:00
Wei Huang
a86ba8b3c4 fix a scheduler panic due to internal cache inconsistency 2018-11-16 13:02:13 -08:00
Cheng Xing
ca18690ceb Augmenting API call retry in nodeinfomanager 2018-11-16 13:00:22 -08:00
k8s-ci-robot
4e9c2a7a9b Merge pull request #71114 from Lion-Wei/ipvs-reuse 
fix IPVS low throughput issue
 2018-11-16 12:04:00 -08:00
k8s-ci-robot
e26b730143 Merge pull request #71103 from Pingan2017/autoscale-sts-kubectl 
support statefulset in kubectl autoscale command
 2018-11-16 12:03:51 -08:00
k8s-ci-robot
1b059e577c Merge pull request #71101 from seans3/qos-resource-fix 
kubectl: small internal to external type fix
 2018-11-16 12:03:41 -08:00
Matthew Wong
9bbf768ad6 Fix BlockVolume feature gate toggling in validation & defaults unit tests 2018-11-16 13:38:59 -05:00
Matthew Wong
dd517c9ff2 Update all tests to account for BlockVolume enabled by default 2018-11-16 13:38:59 -05:00
Matthew Wong
2ff98f7832 Promote BlockVolume to beta 2018-11-16 13:38:59 -05:00
David Eads
8f7edec615 generated 2018-11-16 12:41:17 -05:00
Jordan Liggitt
733dd9dfd7 Add tests to ensure feature gate changes don't escape kubelet/scheduler packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt
de8bf9b63d fix scheduler and kubelet unit tests leaking feature flag changes 2018-11-16 10:52:53 -05:00
Jordan Liggitt
248d661327 Add tests to ensure storage feature gate changes don't escape packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt
358c092abe fix storage unit tests leaking feature flag changes 2018-11-16 10:52:52 -05:00
Michelle Au
fd64c08240 Fix storage feature gate test setting 2018-11-16 10:49:40 -05:00
k8s-ci-robot
7c4d097faf Merge pull request #71104 from yue9944882/chore/follow-up-cli-describer-externalization 
Follow-up of #70950: Duplicated versioned client in describer
 2018-11-16 07:34:39 -08:00
k8s-ci-robot
92fe9d9491 Merge pull request #71081 from vladimirvivien/kubelet-plugin-watcher-ga-fix 
Kubelet Plugin Registration GA migration fix
 2018-11-16 05:13:18 -08:00
Jan Safranek
5283537401 Fixed clearing of devicePath after UnmountDevice 
UnmountDevice must not clear devicepath, because such devicePath
may come from node.status (e.g. on AWS) and subsequent MountDevice
operation (that may be already enqueued) needs it.
 2018-11-16 13:24:42 +01:00
k8s-ci-robot
666739ac0c Merge pull request #70580 from tsmetana/check-pvc-binding-again 
PV Controller: fix recycling
 2018-11-16 03:56:33 -08:00
k8s-ci-robot
6fc60428a7 Merge pull request #71020 from saad-ali/updateCSI10 
Bump CSI Spec to 1.0.0 and gRPC to 1.13.0
 2018-11-16 01:53:21 -08:00
k8s-ci-robot
1cdc918e11 Merge pull request #70728 from Pingan2017/remove-kubectl-run-container 
Remove deprecated kubectl command aliases 'run-container'
 2018-11-16 01:53:11 -08:00
k8s-ci-robot
a856c7ab1d Merge pull request #70973 from ping035627/k8s-181113 
Refactor New function
 2018-11-15 23:52:54 -08:00
liangwei
f39060c604 set net/ipv4/vs/conn_reuse_mode to 0 2018-11-16 15:17:24 +08:00
k8s-ci-robot
cde4c9ebe1 Merge pull request #68635 from mkimuram/issue/68424 
CSI block volume refactor to fix target path
 2018-11-15 21:35:42 -08:00
zuoxiu.jm
5ede82cdc7 fixes duplicated describer client 2018-11-16 11:30:05 +08:00
Pingan2017
c3bb1c4601 support statefulset in kubectl autoscale command 2018-11-16 10:42:39 +08:00