github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,326 Commits 1 Branch 31 Tags 1,019 MiB
59a28111be
Commit Graph

9863 Commits

Author SHA1 Message Date
gavinfish
1865a104a9 Remove kubescheduler.config.k8s.io/v1alpha1 2020-03-21 15:11:48 +08:00
marosset
e727149330 Updating vendored files 2020-03-20 21:17:16 +00:00
Kubernetes Prow Robot
ede025af1b
Merge pull request #89232 from apelisse/test-apply-status 
Use discovery to test apply all status
 2020-03-20 03:52:36 -07:00
Kubernetes Prow Robot
77e70e6fd3
Merge pull request #89161 from MikeSpreitzer/informer-doc-redux 
Documented mutation restriction for informer clients
 2020-03-19 20:31:13 -07:00
Kubernetes Prow Robot
3d46b7878c
Merge pull request #89018 from abhiraut/npTypes 
Update code comment for NetworkPolicyPeer
 2020-03-19 20:31:04 -07:00
Kubernetes Prow Robot
1a8561464e
Merge pull request #89147 from sttts/sttts-aggregator-handler-sync 
aggregator: wait for complete proxy handler
 2020-03-19 17:44:49 -07:00
Kubernetes Prow Robot
bd07a408c1
Merge pull request #89159 from dims/move-term-package-to-component-base 
Move term package to component base and switch to moby/term
 2020-03-19 10:27:54 -07:00
Antoine Pelisse
dfe1703ffa Do not reset managedFields in status update strategy 2020-03-19 09:58:46 -07:00
Kubernetes Prow Robot
a98840bc3b
Merge pull request #89169 from jingyih/update_etcd_client_3p4p4 
Update etcd client to v3.4.4 in k8s v1.19
 2020-03-19 06:05:28 -07:00
Kubernetes Prow Robot
2fa96eca4b
Merge pull request #89164 from tkashem/cache-test-fix 
Fix data race issue in unit test
 2020-03-19 06:05:14 -07:00
t-qini
73d246e941 Support create or update VMSS asynchoronously. 2020-03-19 20:41:32 +08:00
Davanum Srinivas
574c75e8fe
Updating dependency github.com/pkg/errors to version v0.9.1 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-19 08:27:42 -04:00
Davanum Srinivas
865fd48482
Updating dependency github.com/google/go-cmp to version v0.3.1 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-19 07:18:10 -04:00
Davanum Srinivas
ee43102806
update vendor 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-19 07:18:10 -04:00
Davanum Srinivas
1d057da2f7
Move k8s.io/apiserver/pkg/util/term to k8s.io/component-base/term 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-19 07:18:09 -04:00
andyzhangx
12c6c81b1a feat: change azure disk api-version 2020-03-19 10:51:53 +00:00
willise
4303e797a6 fix(apimachinery): trivial typo in comment of label 2020-03-19 17:13:45 +08:00
Kubernetes Prow Robot
21d4d13d98
Merge pull request #76776 from wwitzel3/issue-71714 
Add tests for NewFilteredDynamicSharedInformerFactory
 2020-03-19 00:25:13 -07:00
Kubernetes Prow Robot
c1a66a4b02
Merge pull request #89145 from sttts/sttts-apiextensions-discovery-sync 
apiextensions: wait for complete discovery endpoint
 2020-03-18 22:24:57 -07:00
Kubernetes Prow Robot
de931d569e
Merge pull request #89105 from andyzhangx/upgrade-40.2 
Upgrade to azure-sdk v40.2.0
 2020-03-18 22:24:29 -07:00
Kubernetes Prow Robot
f899ad704a
Merge pull request #89069 from enj/enj/i/drop_password_file 
Remove support for basic authentication
 2020-03-18 22:24:20 -07:00
Kubernetes Prow Robot
05134da9b7
Merge pull request #89014 from enj/enj/i/drop_openstack_cred_plugin 
client-go: remove openstack auth plugin
 2020-03-18 22:23:52 -07:00
Kubernetes Prow Robot
b8a65b6d06
Merge pull request #88646 from d-kuro/feature/fix-owner 
Fix ownerReferences.apiVersion for "kubectl create job --from=cronjob/*"
 2020-03-18 22:22:57 -07:00
Kubernetes Prow Robot
73a7fdcd2a
Merge pull request #88165 from brianpursley/kubectl-125 
Fix bug where kubectl completion zsh returns nonzero exit code
 2020-03-18 22:22:44 -07:00
Kubernetes Prow Robot
42972f2a37
Merge pull request #88987 from jiahuif/patch-1 
make filteredZones order predictable by using List() instead of UnsortedList()
 2020-03-18 16:00:43 -07:00
Kubernetes Prow Robot
4bc907f3c9
Merge pull request #88985 from brianpursley/kubectl-667 
Changed kubectl config view to redact user token
 2020-03-18 09:22:48 -07:00
jingyih
f9e0e4c6b4 Update default etcd server to 3.4.4 2020-03-18 00:27:46 -07:00
Kubernetes Prow Robot
0fd4beb089
Merge pull request #83408 from cmluciano/cml/fixcoretypeslinks 
core: fix dead links in core api comments
 2020-03-18 00:14:47 -07:00
Abhishek Raut
7cab5753de Update code comment for NetworkPolicyPeer 
NetworkPolicyPeer in types has an outdated comment from the
times when it only supported ingress rules. Update the comment
to reflect the current usage of the field.
 2020-03-17 21:40:18 -07:00
Kubernetes Prow Robot
7d6d4662a9
Merge pull request #88966 from liggitt/require-table-converter 
Require table converter
 2020-03-17 19:28:39 -07:00
Kubernetes Prow Robot
ed4c2dbf92
Merge pull request #88893 from kinvolk/invidian/kube-apiserver-so-reuseport 
kube-apiserver: use SO_REUSEPORT when creating listener
 2020-03-17 19:28:11 -07:00
Kubernetes Prow Robot
867aab0978
Merge pull request #88881 from immutableT/private-encryption-config 
Hide methods in the encryption config that are not used outside the package.
 2020-03-17 19:28:03 -07:00
Kubernetes Prow Robot
e7e73f7364
Merge pull request #88846 from mborsz/revert-88261-rate 
Revert "Implement ItemBucketRateLimiter"
 2020-03-17 19:27:36 -07:00
Kubernetes Prow Robot
e6c323ffe8
Merge pull request #82785 from ashish-billore/mydevbranch1 
Updated command to start in-cluster deployment
 2020-03-17 19:26:14 -07:00
Kubernetes Prow Robot
d0ef70f1ba
Merge pull request #88629 from alvaroaleman/apierrors-wrapping 
Apierrors Is<<ErrType>>: Support wrapped errors
 2020-03-17 16:21:37 -07:00
Indeed
195568762f add unit test for addTopology() 2020-03-17 13:37:18 -07:00
Jiahui Feng
4c3d40bf50 make filteredZones order predictable 
by using List() instead of UnsortedList()
 2020-03-17 12:35:44 -07:00
Brian Pursley
6fad4ee5e5 Changed kubectl config view to redact token 2020-03-17 15:13:50 -04:00
andyzhangx
dd9474e78e fix: make changes due to azure sdk upgrade 
feat: fix disks client failure

fix: revert api-version change

revert disks client change
 2020-03-17 13:48:26 +00:00
Dr. Stefan Schimanski
34f57377ae apiextensions: wait for complete discovery endpoint 2020-03-17 14:05:09 +01:00
Dr. Stefan Schimanski
e77ef0e649 aggregator: wait for complete proxy handler 2020-03-17 14:03:34 +01:00
Abu Kashem
7dc075673c
Fix data race issue in unit test 
TestDispatchingBookmarkEventsWithConcurrentStop can use processEvent
instead of `dispatchEvent` to avoid data race conditions with
`Cacher.watchersBuffer`.
 2020-03-16 19:11:50 -04:00
Mike Spreitzer
c4774de94a Documented mutation restriction for informer clients 
Also brushed up some other informer comments for readability and
nitpicking accuracy.
 2020-03-16 17:38:14 -04:00
jingyih
1f7ccbcfc3 Pin go.etcd.io/etcd to 3.4.4 and rebuild vendor 2020-03-16 11:55:49 -07:00
Wayne Witzel III
2064d90e92 add tests for NewFilteredDynamicSharedInformerFactory namespace 
Signed-off-by: Wayne Witzel III <witzelw@vmware.com>
 2020-03-16 11:48:13 -04:00
Pengfei Ni
2d981b36c9 Fix isCurrentInstance for Windows by removing the dependency of hostname 2020-03-16 01:08:23 +00:00
Nick Santos
435b40aa1e cache: add error handling to informers 
When creating an informer, this adds a way to add custom error handling, so that
Kubernetes tooling can properly surface the errors to the end user.

Fixes https://github.com/kubernetes/client-go/issues/155
 2020-03-13 20:25:31 -04:00
Mateusz Gozdek
dfe1f968ac
kube-apiserver: use SO_REUSEPORT when creating listener on Unix systems 
So multiple instances of kube-apiserver can bind on the same address and
port, to provide seamless upgrades.

Signed-off-by: Mateusz Gozdek <mateusz@kinvolk.io>
 2020-03-13 23:55:57 +01:00
andyzhangx
da20cc202f chore: upgrade to azure-sdk v40.2.0 
chore: use autorest v0.9.6

fix go module issue

fix go module error
 2020-03-13 11:51:25 +00:00
Rob Scott
a68d712f12
Removing ConfigMap as suggestion for IngressClass parameters 
As this is a a local object reference from a global object, referencing a ConfigMap would not be possible. Controller specific custom resources are a much better fit here, allowing for better validation.
 2020-03-12 11:15:34 -07:00
Alvaro Aleman
3244350046 Apierrors Is<<ErrType>>: Support wrapped errors 2020-03-12 10:22:58 +01:00
Monis Khan
df292749c9
Remove support for basic authentication 
This change removes support for basic authn in v1.19 via the
--basic-auth-file flag.  This functionality was deprecated in v1.16
in response to ATR-K8S-002: Non-constant time password comparison.

Similar functionality is available via the --token-auth-file flag
for development purposes.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-11 20:55:47 -04:00
Antoine Pelisse
5813a3fbfb Make FieldsV1 String() more useful 2020-03-11 11:04:18 -07:00
Kubernetes Prow Robot
cb38560422
Merge pull request #89002 from ArchangelSDY/azure-vmss-cache 
Fix VMSS cache content
 2020-03-11 00:23:35 -07:00
Monis Khan
7a7bc9bcfb
client-go: drop github.com/gophercloud/gophercloud dep 
Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-10 22:10:54 -04:00
Monis Khan
0beb8ea0fe
client-go: remove openstack auth plugin 
The openstack auth plugin was deprecated in v1.11 in favor of the
"client-keystone-auth" credential plugin.  This change removes the
plugin in v1.19 (eight releases seems more than sufficient notice).

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-10 22:10:54 -04:00
Savitha Raghunathan
3234d34714 moving volume plugin dir to kubelet config - part 1 2020-03-10 16:22:29 -04:00
Jordan Liggitt
96fadf9ed2 Define default table converters for missing resources 2020-03-10 15:22:37 -04:00
Jordan Liggitt
7cbb74d089 Require listers to implement TableConverter 2020-03-10 15:22:36 -04:00
Jordan Liggitt
fa12441ab9 Preserve target apiVersion when decoding into unstructured lists 2020-03-10 10:31:56 -04:00
Dayang Shen
ce3644ca59 Fix VMSS cache content 
Using reference to a loop iterator variable is common mistake because it
takes different values in each loop iteration.
 2020-03-10 19:17:48 +08:00
Kubernetes Prow Robot
5877945048
Merge pull request #88739 from julianvmodesto/diff-server-side-field-manager 
Set field manager for kubectl diff --server-side
 2020-03-09 18:57:35 -07:00
Jordan Liggitt
a941755a39 Clarify cached object type in apiserver log 2020-03-09 15:09:30 -04:00
Kubernetes Prow Robot
0bb125e731
Merge pull request #87487 from skilxn-go/master 
Move TaintBasedEvictions feature gates to GA
 2020-03-09 09:03:45 -07:00
Kubernetes Prow Robot
381a372455
Merge pull request #88879 from JoshVanL/88878-apiserver-webhook-config-panic 
Checks error for loading audit webhook config to prevent panic
 2020-03-09 06:05:40 -07:00
skilxn-go
6b8fc8dc5e Move TaintBasedEvictions feature gates to GA 2020-03-09 10:49:00 +08:00
Marius Ziemke
ef2eaa4f8f fix kubectl port-forward for services with explicit local port 2020-03-08 17:49:18 +01:00
tianhongw
50de627302 fix golint errors in staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc 2020-03-07 22:35:10 +08:00
Kubernetes Prow Robot
71ad0a9020
Merge pull request #88875 from apelisse/apply-no-op 
SSA: Applying same object twice should be a no-op the second time
 2020-03-07 01:13:34 -08:00
Kubernetes Prow Robot
b30c9a3aba
Merge pull request #88929 from liggitt/expansions 
client-go: plumb context to expansions methods
 2020-03-06 20:35:34 -08:00
Kubernetes Prow Robot
ab40772439
Merge pull request #88911 from tkashem/readyz-shutdown 
/readyz should start returning failure on shutdown initiation
 2020-03-06 14:53:34 -08:00
Jordan Liggitt
d8abacba40 client-go: update expansions callers 2020-03-06 16:50:41 -05:00
Jordan Liggitt
4c034278f4 client-go: add context/options to expansions methods 2020-03-06 16:50:31 -05:00
Kubernetes Prow Robot
f52cbea102
Merge pull request #88910 from liggitt/metadata-context 
Metadata client: plumb context
 2020-03-06 13:18:04 -08:00
Kubernetes Prow Robot
cf4d797b5d
Merge pull request #88906 from liggitt/dynamic-delete 
Dynamic client: plumb context
 2020-03-06 13:17:54 -08:00
Kubernetes Prow Robot
d90b37f16e
Merge pull request #88714 from MikeSpreitzer/apf-finer-metrics2 
Extend API Priority and Fairness metrics
 2020-03-06 13:17:36 -08:00
Kubernetes Prow Robot
179fe40d06
Merge pull request #88599 from julianvmodesto/scale-ctx-opts 
Add context and options to scale client
 2020-03-06 13:17:08 -08:00
Kubernetes Prow Robot
1836f95260
Merge pull request #88549 from caesarxuchao/egressSelector-metrics 
Add metrics for egress dials
 2020-03-06 11:05:24 -08:00
Kubernetes Prow Robot
7c7ce47c01
Merge pull request #88781 from ibuildthecloud/master 
Disable HTTP2 while proxying a "Connection: upgrade" request
 2020-03-06 08:43:24 -08:00
Jordan Liggitt
b7c2faf26c client-go dynamic client: add context to callers 2020-03-06 10:56:23 -05:00
Abu Kashem
4134494fa5
/readyz should start returning failure on shutdown initiation 
Currently, /readyz starts reporting failure after ShutdownDelayDuration
elapses. We expect /readyz to start returning failure as soon as
shutdown is initiated. This gives the load balancer a window defined by
ShutdownDelayDuration to detect that /readyz is red and stop sending
traffic to this server.
 2020-03-06 10:55:45 -05:00
Jordan Liggitt
cb4ee9334b client-go metadata: plumb context 2020-03-06 10:42:18 -05:00
Jordan Liggitt
6fa54d715f client-go dynamic context 2020-03-06 10:21:23 -05:00
Jordan Liggitt
b19dc3a474 client-go dynamic client: update DeleteOptions callers 2020-03-06 10:21:23 -05:00
Jordan Liggitt
161b7513f7 client-go dynamic client: pass DeleteOptions by value 2020-03-06 10:20:27 -05:00
Christian Huffman
d0890533a9 Updated files after rebase 2020-03-06 08:56:59 -05:00
Christian Huffman
c6fd25d100 Updated CSIDriver references 2020-03-06 08:21:26 -05:00
Christian Huffman
726af6bd7f Moved CSIDriver to GA 2020-03-06 08:17:26 -05:00
Kubernetes Prow Robot
5708511499
Merge pull request #88708 from mikedanese/deleteopts 
Migrate clientset metav1.DeleteOpts to pass-by-value
 2020-03-05 23:09:23 -08:00
Chao Xu
1e78fc0bf0 generaetd 2020-03-05 22:27:02 -08:00
Chao Xu
bac9351c64 refactor egress dialer construction code and add unit test 2020-03-05 22:23:56 -08:00
Chao Xu
fbb1fb8902 add metrics and traces for egress dials 2020-03-05 22:23:56 -08:00
Kubernetes Prow Robot
c45e836386
Merge pull request #88862 from munnerz/code-gen-mixed-case-imports 
Use versioned autoscaling API in code-generator examples
 2020-03-05 21:39:39 -08:00
Kubernetes Prow Robot
264e2f1744
Merge pull request #88488 from gnufied/implement-fix-recursive-chown 
Implement changes for fsgroup recursive chown
 2020-03-05 21:39:30 -08:00
Kubernetes Prow Robot
6c8cdb9162
Merge pull request #88850 from enj/enj/i/dynamic_cert_fixes 
Fix dynamic certificates issues
 2020-03-05 20:05:05 -08:00
Kubernetes Prow Robot
fa78f6b1a0
Merge pull request #88794 from MikeSpreitzer/full-nru-match 
Generalized NonResourcePolicyRule.NonResourceURLs impl
 2020-03-05 20:04:47 -08:00
Kubernetes Prow Robot
8b8dd79d53
Merge pull request #88768 from damemi/extenders-cc 
Add Extenders to v1alpha2 Component Config
 2020-03-05 20:04:28 -08:00
Kubernetes Prow Robot
db73df3abe
Merge pull request #88644 from MikeSpreitzer/literal-match-tests 
Added non-randomized tests of matching FlowSchema rules
 2020-03-05 20:04:20 -08:00
Kubernetes Prow Robot
f605ab0b08
Merge pull request #88502 from caesarxuchao/make-egress-api-beta 
Promote the egressSelector API to beta
 2020-03-05 20:04:02 -08:00
Kubernetes Prow Robot
c812375ed6
Merge pull request #88465 from alvaroaleman/utilerrors-implement-errors-is 
Utilerrors.Aggregate: Allow using with errors.Is()
 2020-03-05 20:03:53 -08:00
Kubernetes Prow Robot
50c0a698d8
Merge pull request #87553 from MikeSpreitzer/shared-informer-comments-redux 
More refinement of comments and parameter names for informers
 2020-03-05 20:02:50 -08:00
d-kuro
a433e2d545 Remove bazel deps package 
https://prow.k8s.io/view/gcs/kubernetes-jenkins/pr-logs/pull/88646/pull-kubernetes-verify/1235744517118758914
 2020-03-06 12:31:46 +09:00
d-kuro
b78ab3515e Fix ownerReferences.apiVersion for kubectl create job --from=cronjob 2020-03-06 12:24:02 +09:00
immutablet
922e0bfaec Hide methods in the encryption config that are not used outside the package. 2020-03-05 16:54:27 -08:00
Darren Shepherd
eb9cf777dc Disable HTTP2 while proxying a "Connection: upgrade" request 
When proxying connection upgrade requests, like websockets, we dial
the target and then manually write the http.Request to the wire,
bypassing the http.Client.  In this scenario we are by default using
HTTP/1.1 from both the client and to the target server we are proxying.
Because of this we must disable HTTP2 in the TLS handshake so that the
server does not think we are writing a HTTP2 request. We do this by
setting the TLSConfig.NextProtos field to "http/1.1".

Signed-off-by: Darren Shepherd <darren@rancher.com>
 2020-03-05 17:31:22 -07:00
JoshVanL
1bb6ed9bdc
Checks error for loading audit webhook config to prevent panic 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2020-03-05 23:30:50 +00:00
Antoine Pelisse
5231c6815c managedfields: Update Apply time if neither object nor managedfields have changed 2020-03-05 15:19:50 -08:00
Antoine Pelisse
df41fd932b Bump sigs.k8s.io/structured-merge-diff to v3 2020-03-05 15:19:50 -08:00
Antoine Pelisse
7120abe698 fieldmanager: Add failing test for no-op apply actually writing to etcd 2020-03-05 15:19:50 -08:00
Antoine Pelisse
39681aa580 fieldmanager: Move ManagedFields update logic into its own class 2020-03-05 15:19:50 -08:00
Mike Danese
76f8594378 more artisanal fixes 
Most of these could have been refactored automatically but it wouldn't
have been uglier. The unsophisticated tooling left lots of unnecessary
struct -> pointer -> struct transitions.
 2020-03-05 14:59:47 -08:00
Mike Danese
c58e69ec79 automated refactor 2020-03-05 14:59:46 -08:00
Mike Danese
86bd06c882 update clients 2020-03-05 14:13:59 -08:00
Mike Danese
d9671045ff update client gen 2020-03-05 14:13:59 -08:00
Mike Dame
1d7006c38d Add Extenders to scheduler v1alpha2 component config 2020-03-05 16:42:15 -05:00
Christopher M. Luciano
912f05bafb
ingress: add alternate resource backend 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-05 16:08:44 -05:00
Mike Spreitzer
c7b098ac6c Renaming: "Change" -> "Add" for consistency with underlying method 2020-03-05 15:17:33 -05:00
Mike Spreitzer
8a1b603209 Fix queued request accounting, extended queueset test 2020-03-05 15:13:46 -05:00
Christopher M. Luciano
e931e30647
ingress: allow wildcard hosts in IngressRule 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-05 13:44:48 -05:00
James Munnelly
834331088f Use versioned autoscaling API group in code-generator examples 2020-03-05 17:50:25 +00:00
Kubernetes Prow Robot
ab7c75ff3e
Merge pull request #88763 from p0lyn0mial/dynamiccertificates-cleanup 
cleans up dynamiccertificates package
 2020-03-05 07:19:04 -08:00
Kubernetes Prow Robot
318918cac4
Merge pull request #88716 from zhouya0/show_kubectl_describe_ingress_error 
Show kubectl describe ingress error
 2020-03-05 07:18:51 -08:00
Kubernetes Prow Robot
55bfdc6024
Merge pull request #88004 from verb/cli-debug 
Add kubectl debug alpha command
 2020-03-05 07:18:37 -08:00
Monis Khan
2cd6abece4
dynamic certs: pass valid object to event recorder 
Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-05 09:48:29 -05:00
Monis Khan
3bc918e484
dynamic certs: use correct name with event recorder 
Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-05 09:48:29 -05:00
Monis Khan
86a5993007
dynamic certs: do not copy mutex via shallow copy of tls.Config 
go vet error:

call of dynamiccertificates.NewDynamicServingCertificateController
copies lock value: crypto/tls.Config contains sync.Once contains
sync.Mutex

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-05 09:48:28 -05:00
Maciej Borsz
01c62f6726
Revert "Implement ItemBucketRateLimiter" 2020-03-05 14:35:19 +01:00
Kubernetes Prow Robot
0836b583f7
Merge pull request #85289 from serathius/remove-prometheus-controller-endpointslice 
Remove prometheus references from pkg/controller/endpointslice
 2020-03-05 02:58:37 -08:00
Kubernetes Prow Robot
45ac57fb67
Merge pull request #88815 from enj/enj/i/events_same_default_ns 
Use the same default namespace across event recorders
 2020-03-04 20:13:37 -08:00
Kubernetes Prow Robot
59c6d339cd
Merge pull request #88636 from NetApp/generic-datasource 
Add generic DataSource feature gate
 2020-03-04 20:13:28 -08:00
Kubernetes Prow Robot
cd1ddbf5cc
Merge pull request #88600 from apelisse/at-most-every 
SHOULD NOT HAPPEN: logging "SHOULD NOT HAPPEN" errors more than once per second
 2020-03-04 20:13:18 -08:00
zhouya0
773b890b05 Show kubectl describe ingress error 2020-03-05 10:58:43 +08:00
Mike Spreitzer
4a4852ca9a Hopefully plainer test strings 2020-03-04 21:47:19 -05:00
Hemant Kumar
053baaf143 Update generated files 
update generated code
 2020-03-04 21:23:31 -05:00
Hemant Kumar
f7509d277e Define new type for storing volume fsgroupchangepolicy 
Address review comments for api change
 2020-03-04 21:23:27 -05:00
Julian V. Modesto
bacc2c4960 Set field manager for kubectl diff --server-side. 
Bonus: check diff only dry-runs without persisting.

Co-authored-by: Takahiro HATORI <tahatori@zlab.co.jp>
 2020-03-04 20:20:07 -05:00
Ben Swartzlander
e8b09d3644 Add AnyVolumeDataSource feature gate 
Allow any custom resource to be the data source of a PVC, if the
AnyVolumeDataSource feature gate is enabled. This is an alpha feature.
 2020-03-04 18:55:50 -05:00
Kubernetes Prow Robot
e865c0b219
Merge pull request #88686 from j-griffith/upgrade_cloning_to_ga 
Mark PVCDataSource featuregate as GA
 2020-03-04 13:19:06 -08:00
Antoine Pelisse
389dd0a499 Don't log "SHOULD NOT HAPPEN" errors more than once per second 2020-03-04 11:21:52 -08:00
Monis Khan
167d6a2c8b
Use the same default namespace across event recorders 
Signed-off-by: Monis Khan <mok@vmware.com>
 2020-03-04 13:49:33 -05:00
Lee Verberne
e5b655938e Add kubectl debug alpha command 
This first version of `kubectl alpha debug` is an import of the existing
kubectl-debug plugin, which supports adding ephemeral containers to
running pods. This attempts to follow patterns used by other kubectl
commands such as run, exec and scale.
 2020-03-04 19:20:04 +01:00
Kubernetes Prow Robot
d682c83890
Merge pull request #88765 from brianpursley/kubectl-816-take2 
Change kubectl cluster-info dump to not display output location message when output is stdout
 2020-03-04 10:20:02 -08:00
Kubernetes Prow Robot
48676adba9
Merge pull request #88567 from answer1991/feature/close-connection-when-over-load 
add a new filter goaway which could send GOAWAY probabilistically to help balance HTTP2 requests
 2020-03-04 10:19:49 -08:00
j-griffith
9044fbfc5d Update VolumePVCDatasource to GA for 1.18 
Updates the VolumePVCDataSource featuregate (cloning) to GA for the 1.18 k8s
release.
 2020-03-04 10:48:30 -07:00
Kubernetes Prow Robot
b5b675491b
Merge pull request #86173 from soltysh/cli_defaults 
stop defaulting kubeconfig to http://localhost:8080
 2020-03-04 07:23:47 -08:00
Alvaro Aleman
212190e25e Utilerrors.Aggregate: Allow using with errors.Is() 2020-03-04 14:12:56 +01:00
Kubernetes Prow Robot
497a998ba6
Merge pull request #88654 from ddebroy/gmsa-disable1 
Promote GMSA support for Windows to GA
 2020-03-04 02:32:01 -08:00
Kubernetes Prow Robot
71cfd2a3db
Merge pull request #88460 from soltysh/filename_exec 
Wire --filename flag to exec
 2020-03-04 01:09:47 -08:00
Kubernetes Prow Robot
bd6640a8e0
Merge pull request #88769 from deads2k/SNI 
Support TLS Server Name overrides in kubeconfig file
 2020-03-03 23:18:00 -08:00
Kubernetes Prow Robot
cadd51783b
Merge pull request #88783 from neolit123/1.18-fix-kubectl-auth-verbosity 
client-go: use klog.V(3) for the cert-rotation controller start/stop
 2020-03-03 21:06:09 -08:00
Kubernetes Prow Robot
0535520f6e
Merge pull request #88758 from soltysh/hide_last_applied 
Hide kubectl.kubernetes.io/last-applied-configuration in describe
 2020-03-03 21:06:01 -08:00
Kubernetes Prow Robot
cd23e78c3d
Merge pull request #88684 from saad-ali/updateMountLib 
Update AzureFile and CephFS to use MountSensitive
 2020-03-03 21:05:48 -08:00
Mike Spreitzer
2e97d3c873 Generalized NonResourcePolicyRule.NonResourceURLs impl 
... to match the comment on that field.

Also generalized the test case generator to exercise the new
generality.
 2020-03-04 00:00:39 -05:00
Deep Debroy
16d221e407 Promote GMSA to GA 
Signed-off-by: Deep Debroy <ddebroy@docker.com>
 2020-03-04 02:56:21 +00:00
Kubernetes Prow Robot
aeb88b6ecd
Merge pull request #88587 from cmluciano/cml/v1beta1paths 
Adding PathType to Ingress
 2020-03-03 18:13:47 -08:00
Lubomir I. Ivanov
b2677b1e57 client-go: use klog.V(3) for the cert-rotation controller start/stop 
Introduce a verbosity level for the start and stop notifications,
so that regular calls to commands such as:
  "kubectl auth ..."
would only contain the "yes" / "no" output.
 2020-03-04 01:35:17 +02:00
Kubernetes Prow Robot
9d0cbb7503
Merge pull request #88673 from jsafrane/block-feature-ga 
Promote block volumes to GA
 2020-03-03 12:17:12 -08:00
Kubernetes Prow Robot
b9696133ff
Merge pull request #88655 from soltysh/deprecate_generator 
Deprecate --generator flag from kubectl create commands
 2020-03-03 12:17:01 -08:00
Kubernetes Prow Robot
481b04cf7c
Merge pull request #88487 from zioproto/issues/69314-tier-config-support 
Use compute v1 api to specify network tier
 2020-03-03 12:16:52 -08:00
Tim Allclair
db3392ed12
Always include remoteAddr in source IP list for audit (#87167) 
* Always include remoteAddr in source IP list for audit

Since the remoteAddr is much harder to spoof than headers, always include it in
the list of source IPs used in audit logs.

* Add v6 tests
 2020-03-03 12:15:14 -08:00
saad-ali
22e8189f40 Update dep k8s.io/utils to 0a110f9eb7ab 2020-03-03 11:20:08 -08:00
Rob Scott
f38904d6f4
Adding PathType to Ingress 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-03 11:11:16 -08:00
David Eads
9dcbc0bf90 update override behavior for kubectl --tls-server-name 2020-03-03 13:23:30 -05:00
Maciej Szulik
02cd65d7bb
Squash pkg/describe/versioned/ into pkg/describe/ 2020-03-03 19:20:06 +01:00
Suresh Kumar Ponnusamy
37c81ed79a Support TLS Server Name overrides in kubeconfig file 
Signed-off-by: Suresh Kumar Ponnusamy <suresh.ponnusamy@freshworks.com>
 2020-03-03 12:55:18 -05:00
Maciej Szulik
07dc17ffd9
Provide more verbose empty config error based on the context 2020-03-03 18:42:19 +01:00
Brian Pursley
6de140567b Changed kubectl cluster-info dump to not display "Cluster info dumped to standard output" message when output is stdout 2020-03-03 09:18:16 -05:00
Lukasz Szaszkiewicz
413960e49b cleans up dynamiccertificates package 2020-03-03 14:38:18 +01:00
James Munnelly
c2367bd5da Extend client-go csr package to invalidate CSRs based on signerName 2020-03-03 13:14:04 +00:00
Maciej Szulik
c77b297bab
Hide kubectl.kubernetes.io/last-applied-configuration in describe 2020-03-03 12:54:00 +01:00
Maciej Szulik
9dac1699bf
Wire --filename flag to exec 2020-03-03 12:16:52 +01:00
Kubernetes Prow Robot
c86aec0564
Merge pull request #88745 from mborsz/slice3 
Implement simple endpoint slice batching
 2020-03-03 03:03:38 -08:00
Maciej Borsz
49b11b5431 Implement simple endpoint slice batching 2020-03-03 08:16:42 +01:00
Mike Spreitzer
f535a9c9ed Make some metrics finer-grained, add dispatch counts, note immediate reject 
Also add testing of metrics for queuesets.
 2020-03-03 01:36:18 -05:00
chenjun.cj
81f46b64a3 add a new generic filter goaway 2020-03-03 14:18:26 +08:00
Kubernetes Prow Robot
eaceb7bf5c
Merge pull request #88419 from Jefftree/netproxy-udstoken 
Add support for token authentication with network proxy
 2020-03-02 22:13:37 -08:00
Kubernetes Prow Robot
53d63e11a2
Merge pull request #88584 from willise/master 
fix: remove conflict comment of taint "Value"
 2020-03-02 20:03:37 -08:00
Kubernetes Prow Robot
79e1ad2f4b
Merge pull request #88744 from jackkleeman/kubelet-handle-intermed 
Support intermediate certificate in certificate store
 2020-03-02 16:16:54 -08:00
Kubernetes Prow Robot
7dccfd6121
Merge pull request #87631 from immutableT/extract-auth-metrics 
Factor-out metrics related logic from authentication logic.
 2020-03-02 16:16:19 -08:00
Kubernetes Prow Robot
a019609d5d
Merge pull request #87508 from jennybuckley/large-obj 
Don't save managedFields if object is too large
 2020-03-02 16:16:05 -08:00
Kubernetes Prow Robot
4b1ee392c1
Merge pull request #79083 from jackkleeman/client-cert-file-reload 
Add ability to reload client certificates from disk
 2020-03-02 16:15:53 -08:00
Kubernetes Prow Robot
d115206309
Merge pull request #88609 from yue9944882/chore/follow-up-metrics 
Preserve legacy inflight metrics and fixes registration
 2020-03-02 14:50:06 -08:00
Kubernetes Prow Robot
e1a69aee41
Merge pull request #86837 from inductor/feature/update_japaense_translation_for_kubectl 
Update po file for kubectl Japanese translation
 2020-03-02 14:49:39 -08:00
Jan Safranek
3af671011a Generated API 2020-03-02 22:21:42 +01:00
Jack Kleeman
83a223f5ee Support intermediate certificate in certificate store 2020-03-02 20:24:04 +00:00
Jefftree
0989770135 Update network proxy to v0.0.7 2020-03-02 10:09:00 -08:00
David Eads
b19ad9e7a7
stop defaulting kubeconfig to http://localhost:8080 2020-03-02 18:32:16 +01:00
Jack Kleeman
929b1559a0 Add ReloadCertFromDisk flag to rest.Config and to kubeconfig which allows the provided client certificate files to be reloaded from disk (currently on every use) 
Close outbound connections when using a cert callback and certificates rotate. This means that we won't get into a situation where we have open TLS connections using expires certs, which would get unauthorized errors at the apiserver

Attempt to retrieve a new certificate if open connections near expiry, to prevent the case where the cert expires but we haven't yet opened a new TLS connection and so GetClientCertificate hasn't been called.

Move certificate rotation logic to a separate function

Rely on generic transport approach to handle closing TLS client connections in exec plugin; no need to use a custom dialer as this is now the default behaviour of the transport when faced with a cert callback. As a result of handling this case, it is now safe to apply the transport approach even in cases where there is a custom Dialer (this will not affect kubelet connrotation behaviour, because that uses a custom transport, not just a dialer).

Check expiry of the full TLS certificate chain that will be presented, not only the leaf. Only do this check when the certificate actually rotates. Start the certificate as a zero value, not nil, so that we don't see a rotation when there is in fact no client certificate

Drain the timer when we first initialize it, to prevent immediate rotation. Additionally, calling Stop() on the timer isn't necessary.

Don't close connections on the first 'rotation'

Remove RotateCertFromDisk and RotateClientCertFromDisk flags.

Instead simply default to rotating certificates from disk whenever files are exclusively provided.

Add integration test for client certificate rotation

Simplify logic; rotate every 5 mins

Instead of trying to be clever and checking for rotation just before an
expiry, let's match the logic of the new apiserver cert rotation logic
as much as possible. We write a controller that checks for rotation
every 5 mins. We also check on every new connection.

Respond to review

Fix kubelet certificate rotation logic

The kubelet rotation logic seems to be broken because it expects its
cert files to end up as cert data whereas in fact they end up as a
callback. We should just call the tlsConfig GetCertificate callback
as this obtains a current cert even in cases where a static cert is
provided, and check that for validity.

Later on we can refactor all of the kubelet logic so that all it does is
write files to disk, and the cert rotation work does the rest.

Only read certificates once a second at most

Respond to review

1) Don't blat the cert file names
2) Make it more obvious where we have a neverstop
3) Naming
4) Verbosity

Avoid cache busting

Use filenames as cache keys when rotation is enabled, and add the
rotation later in the creation of the transport.

Caller should start the rotating dialer

Add continuous request rotation test

Rebase: use context in List/Watch

Swap goroutine around

Retry GETs on net.IsProbableEOF

Refactor certRotatingDialer

For simplicity, don't affect cert callbacks

To reduce change surface, lets not try to handle the case of a changing
GetCert callback in this PR. Reverting this commit should be sufficient
to handle that case in a later PR.

This PR will focus only on rotating certificate and key files.
Therefore, we don't need to modify the exec auth plugin.

Fix copyright year
 2020-03-02 17:20:16 +00:00
Kubernetes Prow Robot
e9d502e4fc
Merge pull request #88663 from deads2k/enable-profiling-by-default 
update kube-controller-manager and kube-scheduler to match kube-apiserver defaults
 2020-03-02 07:24:43 -08:00
yue9944882
1cb42445d7 hack/update-vendor.sh 2020-03-02 21:44:58 +08:00
Mike Spreitzer
dbe8436144 Replaced uber atomic with sync atomic, removed unneded "blank import" 2020-03-02 21:36:26 +08:00
Julian V. Modesto
da3c3432d8 Add context and options to scale client 2020-03-02 00:03:26 -05:00
Kubernetes Prow Robot
fdb2cb4c88
Merge pull request #88509 from robscott/ingress-v1beta1-class 
Adding IngressClass to networking/v1beta1
 2020-03-01 20:58:42 -08:00
Rob Scott
132d2afca0
Adding IngressClass to networking/v1beta1 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-01 18:17:09 -08:00
Kubernetes Prow Robot
1d407216e7
Merge pull request #88699 from feiskyer/vmss-update-improvement 
Improve performance for VMSS LoadBalancerBackendAddressPools updates
 2020-03-01 17:40:42 -08:00
Pengfei Ni
7f270038d3 Remove unused function aggregateGoroutinesWithDelay 2020-03-01 11:11:51 +00:00
Pengfei Ni
0f4cfe58d8 Switch to UpdateVMs() for updating VMSS backend address pool 2020-03-01 04:46:51 +00:00
immutablet
c0bad80e5b Factor-out metrics related logic from authentication logic. 2020-02-29 16:39:09 -08:00
Jordan Liggitt
f205e3dd59 Use only v1 CRD resources in e2e tests 2020-02-29 17:34:26 -05:00
Marek Siarkowicz
4ea52da628 Remove prometheus references from pkg/controller/endpointslice 2020-02-29 15:10:23 +01:00
Pengfei Ni
2af26dca97 Add UpdateVMs() for VMSS client to allow update multiple VMSSVMs by 
sequential sync requests and concurent async requests.
 2020-02-29 12:52:00 +00:00
Kubernetes Prow Robot
665c6648eb
Merge pull request #87485 from gavinfish/kubectl_pkg_config 
Staticcheck: vendor/k8s.io/kubectl/pkg/cmd/exec|config|certificates
 2020-02-29 02:26:39 -08:00
Kubernetes Prow Robot
03b7f272c8
Merge pull request #88246 from munnerz/csr-signername-controllers 
Update CSR controllers & kubelet to respect signerName field
 2020-02-28 23:38:39 -08:00
Kubernetes Prow Robot
5488fe547d
Merge pull request #86431 from SamyCoenen/patch-1 
Update README.md
 2020-02-28 21:30:39 -08:00
Kubernetes Prow Robot
b378b17560
Merge pull request #88675 from julianvmodesto/hide-server-dry-run 
Hide deprecated --server-dry-run for kubectl apply
 2020-02-28 18:44:57 -08:00
Kubernetes Prow Robot
a84cbd0a42
Merge pull request #88674 from enj/enj/t/paging_with_filter 
storage: confirm that paging and predicate filtering work together
 2020-02-28 18:44:47 -08:00
Kubernetes Prow Robot
268d0a1d3a
Merge pull request #85870 from Jefftree/authn-netproxy 
Use Network Proxy with Authentication & Authorizer Webhooks
 2020-02-28 18:44:39 -08:00
Kubernetes Prow Robot
a54e1a8a04
Merge pull request #88448 from aramase/ipv6 
azure: add support for single stack IPv6
 2020-02-28 17:12:38 -08:00
Kubernetes Prow Robot
86568a8773
Merge pull request #88661 from eloyekunle/feat/update-crd-map-keys-docs 
update map keys api doc with validation requirements
 2020-02-28 15:12:52 -08:00
Monis Khan
002c75442d
storage: confirm that paging and predicate filtering work together 
This change adds the TestListContinuationWithFilter test which
confirms that paging with a predicate that does not match everything
results in the correct amount of calls to TransformFromStorage and
KV.Get.  The partial result of each paging call is also asserted.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-02-28 17:34:04 -05:00
Jefftree
61fa4e6c09 Address comment and remove if condition 2020-02-28 14:22:19 -08:00
Julian V. Modesto
7b214c96b0 Hide deprecated --server-dry-run for kubectl apply 2020-02-28 16:20:05 -05:00
Samy Coenen
7638aae77e
Update README.md 2020-02-28 21:33:03 +01:00
Samy Coenen
10049500c1
Update README.md 2020-02-28 21:30:40 +01:00
Jan Safranek
2c1b743766 Promote block volume features to GA 2020-02-28 20:48:38 +01:00
Chao Xu
3fbb549fb7 Promote the egressselector API to beta 2020-02-28 11:29:45 -08:00
David Eads
aa07992a44 update kube-controller-manager and kube-scheduler to match kube-apiserver defaults 2020-02-28 11:18:00 -05:00
Elijah Oyekunle
2f5468f1ae update map keys api doc with validation requirements 2020-02-28 16:31:06 +01:00
Elijah Oyekunle
2e187415fd extend CRD map and set validation 2020-02-28 16:00:59 +01:00
Kubernetes Prow Robot
7587ab3ef3
Merge pull request #88620 from andyzhangx/fix-remediation-issue 
fix: azure disk remediation issue
 2020-02-28 04:26:38 -08:00
Maciej Szulik
be6ac856f1
Deprecate --generator flag from kubectl create commands 2020-02-28 11:58:53 +01:00
tipok
6885919986
fix BusyBox sed 
BusyBox sed works the same way as GNU sed
 2020-02-28 11:06:30 +01:00
willise
cb477d3cc1 fix: remove conflict comment of taint "Value" 2020-02-28 17:59:57 +08:00
Kubernetes Prow Robot
c7d7cf72e0
Merge pull request #86636 from zhouya0/fix_kubectl_create_deployment_image_name 
fix kubectl create deployment image name
 2020-02-27 22:10:37 -08:00
Mike Spreitzer
21f78f3348 Added non-randomized tests of matching FlowSchema rules 2020-02-27 23:36:19 -05:00
Kubernetes Prow Robot
e25ff53a6f
Merge pull request #88540 from damemi/move-extender-api-to-staging 
Move scheduler extender API V1 to staging k8s.io/kube-scheduler
 2020-02-27 20:20:52 -08:00
Kubernetes Prow Robot
79377454e8
Merge pull request #88637 from jktomer/priority-fairness-flag 
Rename --enable-inflight-quota-handler to --enable-priority-and-fairness
 2020-02-27 18:00:38 -08:00
Jefftree
cd57b830c1 audit webhook use network proxy 2020-02-27 17:47:23 -08:00
Jefftree
1b38199ea8 pass Dialer instead of egressselector to webhooks 2020-02-27 17:47:23 -08:00
Jefftree
d318e52ffe authentication webhook via network proxy 2020-02-27 17:47:23 -08:00
Mike Dame
e398302dc7 Add OWNERS and testing to external extender/v1 api 2020-02-27 17:45:48 -05:00
Jonathan Tomer
711c1e1720 Rename --enable-inflight-quota-handler to --enable-priority-and-fairness. 
The old flag name doesn't make sense with the renamed API Priority and
Fairness feature, and it's still safe to change the flag since it hasn't done
anything useful in a released k8s version yet.
 2020-02-27 14:04:37 -08:00
Kubernetes Prow Robot
8392baf492
Merge pull request #88632 from liggitt/admission-feature 
Remove global variable dependency from runtimeclass admission
 2020-02-27 13:52:39 -08:00
jennybuckley
ccd9e4e2de Don't save managedFields if object is too large 2020-02-27 12:41:44 -08:00
Jordan Liggitt
57ea7a11a6 Remove global variable dependency from runtimeclass admission 2020-02-27 15:23:52 -05:00
Kubernetes Prow Robot
641616362d
Merge pull request #88133 from julianvmodesto/dry-run-tests 
Cleanup --dry-run values in tests, docs, and scripts
 2020-02-27 11:33:42 -08:00
Kubernetes Prow Robot
882b6f8440
Merge pull request #87776 from brianpursley/kubectl-813 
Default grace period to 0 when --force is used to delete an object
 2020-02-27 11:33:28 -08:00
Mike Dame
18ffaf5608 Move scheduler extender API V1 to staging k8s.io/kube-scheduler 2020-02-27 12:10:59 -05:00
Brian Pursley
852e661f3d Fixed bug where jsonpath expression with a nested range does not process subsequent nodes 2020-02-27 11:03:27 -05:00
James Munnelly
d5dae04898 certificates: update controllers to understand signerName field 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2020-02-27 15:54:31 +00:00
Kubernetes Prow Robot
650220fa64
Merge pull request #88134 from jennybuckley/rate-limit-log-2 
Improve rate limiter latency logging and add component-base metric
 2020-02-27 07:03:32 -08:00
andyzhangx
567cb6c605 fix: azure disk remediation issue 2020-02-27 14:21:48 +00:00
James Munnelly
a983356caa Add signerName field to CSR resource spec 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2020-02-27 10:17:55 +00:00
yue9944882
11656478be register metrics from comp-base 2020-02-27 17:21:02 +08:00
Kubernetes Prow Robot
09edbcdeb5
Merge pull request #87999 from damemi/deprecate-algo-source 
Deprecate scheduler AlgorithmSource from v1alpha2 ComponentConfig
 2020-02-27 00:15:19 -08:00
Kubernetes Prow Robot
6b13befdfb
Merge pull request #83446 from Elias481/fix-pr-49445 
Fix behaivour of aws-load-balancer-security-groups annotation
 2020-02-26 22:47:19 -08:00
Kubernetes Prow Robot
12d9ad0c93
Merge pull request #88578 from andrewsykim/remove-dupe-patch-service 
GCE: remove duplicate patch service function
 2020-02-26 19:39:57 -08:00
Anish Ramasekar
ee00896712
add support for single stack IPv6 2020-02-26 13:34:24 -08:00
Kubernetes Prow Robot
5ceddce539
Merge pull request #88577 from corneliusweig/w/plugin-and-krew-documentation 
Add documentation around plugins
 2020-02-26 13:34:05 -08:00
Kubernetes Prow Robot
a726c9c9cb
Merge pull request #88435 from andrewsykim/ccm-clean-up 
move well known cloud provider taints to k8s.io/cloud-provider/api
 2020-02-26 13:33:41 -08:00