github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,032 Commits 1 Branch 31 Tags
59bf8b02e63aa82195fe4e66904a61979d5a6735
Commit Graph

49191 Commits

Author SHA1 Message Date
HyunSu1768
59bf8b02e6 Refactoring to encourage use of switch case 2024-02-16 19:50:13 +09:00
Kubernetes Prow Robot
91ee30074b Merge pull request #123174 from danwinship/cidr-validation-cleanup 
Make CIDR validation consistent
 2024-02-15 18:37:20 -08:00
Kubernetes Prow Robot
66d038d84d Merge pull request #121946 from liggitt/reload-authz 
KEP-3221: Implement authorization configuration file reloading
 2024-02-15 18:37:13 -08:00
Kubernetes Prow Robot
ad6477e342 Merge pull request #123322 from bjhaid/bjhaid-topology-verbosity 
[kube-proxy] add log verbosity to endpoint topology hint loop.
 2024-02-15 12:50:54 -08:00
Ayodele Abejide
71479b5577 [kube-proxy] add log verbosity to endpoint topology hint loop. 
We enabled topology hint on one of our services and this log line was
emitted ~92 million times in one day from one cluster tripping our log
quota for that cluster, as it is the log line cannot be disabled via the
`-v` flag because it does not specify verbosity.

I think more log locations need to set verbosity at which they are
logged, but this one is currently hurting the most.
 2024-02-15 18:26:19 +00:00
Kubernetes Prow Robot
47f92ce231 Merge pull request #123242 from mimowo/fast-backoff-for-replacment-policy-tests 
Improve accuracy of the PodsCreationTotal metric and use fast pod failure backoff for ReplacementPolicy integration tests
 2024-02-15 09:54:53 -08:00
Michal Wozniak
f84d643c20 Use the Defer for pod replacement policy 2024-02-15 17:37:31 +01:00
Kubernetes Prow Robot
b65508b477 Merge pull request #123158 from AkihiroSuda/nodeconditiontype-godoc 
core/v1: remove comment about non-existing constants
 2024-02-15 08:16:20 -08:00
Michal Wozniak
115dc90633 Increase accuracy of the pods_creation_total metric and improve test exec time 2024-02-15 10:59:01 +01:00
Kubernetes Prow Robot
58c77d7b63 Merge pull request #122887 from jpbetz/retry-generate-name-create 
Implement KEP-4420: Retry Generate Name
 2024-02-14 21:07:24 -08:00
Kubernetes Prow Robot
72c3c7c924 Merge pull request #123282 from enj/enj/i/authn_config_algs 
Support all key algs with structured authn config
 2024-02-14 18:08:32 -08:00
Kubernetes Prow Robot
68bbbd0359 Merge pull request #123300 from antoninbas/nodeipam-controller-remove-unused-field 
Remove unused lookupIP field in NodeIPAM Controller struct
 2024-02-14 17:00:13 -08:00
Kubernetes Prow Robot
8e11104f0b Merge pull request #121461 from alexzielenski/apiserver/apiextensions/ratcheting-beta 
KEP-4008: CRDValidationRatcheting Bump Feature Gate To Beta
 2024-02-14 15:56:47 -08:00
Kubernetes Prow Robot
5b2c919583 Merge pull request #114301 from harshanarayana/kubelet/log-rotate-improvements 
kubelet: enable configurable rotation duration and parallel rotate
 2024-02-14 15:56:38 -08:00
Jordan Liggitt
5dc92ada06 Implement authz config file reloading 2024-02-14 18:09:15 -05:00
Jordan Liggitt
3a98e60a71 Move authz construction to reloader 2024-02-14 18:03:21 -05:00
Kubernetes Prow Robot
684a9975fe Merge pull request #122919 from alexzielenski/apiserver/policy/mutating-initial 
Refactor AdmissionPolicy for code sharing with mutating
 2024-02-14 14:52:26 -08:00
Jordan Liggitt
2b00035b5f Split construction of authorizer / ruleResolver 2024-02-14 17:06:18 -05:00
Jordan Liggitt
1fddc948ed Split node/rbac/abac construction 2024-02-14 17:03:10 -05:00
Jordan Liggitt
49124293c3 Store constructed node/rbac/abac authorizers 2024-02-14 17:03:07 -05:00
Antonin Bas
75a3069294 Remove unused lookupIP field in NodeIPAM Controller struct 
I am not sure why this was originally required, but it doesn't seem to
have been used for years.

Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
 2024-02-14 13:28:35 -08:00
Jordan Liggitt
5f4cb8b09a Move kube-apiserver authz validation functions 2024-02-14 10:00:11 -05:00
Monis Khan
b5e0068325 Support all key algs with structured authn config 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-14 09:40:25 -05:00
AxeZhan
630ff96f9d Revert "Scheduler first fit" 2024-02-14 20:43:59 +08:00
Kubernetes Prow Robot
14f8f5519d Merge pull request #121719 from ruiwen-zhao/metric-size 
Add image pull duration metric with bucketed image size
 2024-02-13 16:23:50 -08:00
Kubernetes Prow Robot
79e11fe563 Merge pull request #122703 from TommyStarK/fix/dra-manager-should-timeout 
dra: increase timeout in setupFakeDRADriverGRPCServer to prevent tests to flake
 2024-02-13 09:33:17 -08:00
Kubernetes Prow Robot
bd0e1e2d9e Merge pull request #121554 from kaisoz/fix-job-controller-panics 
Check if time is nil before logging
 2024-02-13 09:33:04 -08:00
Kubernetes Prow Robot
3bf9477b52 Merge pull request #122472 from pacoxu/flowcontrolv1 
flowcontrol: set the serialization version to v1
 2024-02-12 13:17:48 -08:00
Alexander Zielenski
8b14116509 refactor: move vap into parent policy folder 
also renames to remove stutter

comment
 2024-02-12 10:58:24 -08:00
Kubernetes Prow Robot
015e76aa24 Merge pull request #122846 from marosset/cri-stats-windows-fix 
[KEP-2371] Fixing bug with windows criStatsProvider sometimes not reporting AvailableBytes correctly
 2024-02-12 10:57:28 -08:00
Mark Rossetti
5ba3883be0 Adding unit test for makeWinContainerStats 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2024-02-12 09:56:58 -08:00
Kubernetes Prow Robot
7bea14097b Merge pull request #122612 from mtardy/remove-scdeny 
auth: remove SecurityContextDeny admission plugin
 2024-02-12 08:37:13 -08:00
Akihiro Suda
5c825d8a22 core/v1: remove comment about non-existing constants 
`NodeReachable`, `NodeLive`, `NodeSchedulable`, and `NodeRunnable` are mentioned
as "built-in set of conditions" but some of them do not exist in the current API.

Updated `pkgs/apis/core/types.go` too for consistency.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-02-12 23:16:43 +09:00
Kubernetes Prow Robot
ad19beaa83 Merge pull request #123117 from kerthcet/fix/wild-resource 
Fix registered wildcard clusterEvents doesn't work in scheduler requeueing
 2024-02-09 10:34:15 -08:00
Dan Winship
593b1c6c63 Do service.spec.LoadBalancerSourceRanges validation inline 
Inline the LoadBalancerSourceRanges parsing to make it more obvious
what it's requiring (and more importantly, *not* requiring), and
change it to use IsValidCIDR as well.
 2024-02-09 10:43:20 -05:00
Dan Winship
d930215794 Update service.Spec.LoadBalancerSourceRanges validation tests 
In preparation for rewriting LoadBalancerSourceRanges validation,
add/update the existing unit tests to cover some of the more exciting
edge cases of the existing validation code:

  - The values in service.Spec.LoadBalancerSourceRanges are allowed to
    have arbitrary whitespace around them.

  - The annotation must be unset for non-LoadBalancer services, but
    for LoadBalancer services, "set but empty" and "whitespace-only"
    are treated the same as "unset".

  - The annotation value is only validated if the field is not set.

Also fix some of the existing tests to be more precise about what they
are testing.

Also fix the CIDR values to actually be valid. Sigh.
 2024-02-09 10:43:20 -05:00
Harsha Narayana
ab8c784ee9 kubelet: enable configurable rotation duration and parallel rotate 2024-02-09 16:49:11 +05:30
ruiwen-zhao
0f5cf6c1cd Add image pull duration metric with bucketed image size 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2024-02-08 00:30:31 +00:00
Yuki Iwai
c8d18da437 Scheduler: Fix the feature stage of preemptionPolicy in the API comment 
Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
 2024-02-08 08:13:00 +09:00
Kubernetes Prow Robot
9b3d8a9063 Merge pull request #123162 from tnqn/flush-on-startup 
kube-proxy: flush nftables base chains on startup
 2024-02-07 14:25:37 -08:00
Quan Tian
42672ee2ea Make comment about reject action more accurate 
Signed-off-by: Quan Tian <qtian@vmware.com>
 2024-02-07 23:57:47 +08:00
Quan Tian
c7e48f1ebf kube-proxy: flush nftables base chains on startup 
Do an extra "add+delete" once to ensure all previous base chains in the
table will be recreated. Otherwise, altering properties (e.g. priority)
of these chains would fail the transaction.

Signed-off-by: Quan Tian <qtian@vmware.com>
 2024-02-07 23:57:40 +08:00
Dan Winship
7a56b6e3f7 Add validation.IsValidCIDR 
Move apivalidation.ValidateCIDR to apimachinery, and rename it and
change its return value to match the other functions.

Also, add unit tests.

(Also, while updating NetworkPolicy validation for the API change, fix
a variable name that implied that IPBlock.Except[] is IP-valued rather
than CIDR-valued.)
 2024-02-07 09:48:01 -05:00
cpanato
ac9482d15f update distroless-iptables to v0.5.0 debian-base to bookworm-v1.0.1 and setcap to bookworm-v1.0.1 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-02-07 11:46:19 +01:00
Kubernetes Prow Robot
052bce26f4 Merge pull request #122931 from danwinship/ip-validation-cleanup 
consistently use IsValidIP for IP validation
 2024-02-06 15:58:15 -08:00
Kubernetes Prow Robot
862ff187ba Merge pull request #123001 from tkashem/apf-allow-zero-concurrency 
Allow zero value for the 'nominalConcurrencyShares' field
 2024-02-06 09:08:18 -08:00
Kubernetes Prow Robot
e566bd7769 Merge pull request #121952 from sanposhiho/optimize-csi 
add(nodevolumelimits): return UnschedulableAndUnresolvable when PVC is not found
 2024-02-06 07:16:28 -08:00
Kubernetes Prow Robot
920333b5fb Merge pull request #123134 from danwinship/kep-3705-to-ga 
KEP-3705 CloudDualStackNodeIPs to GA
 2024-02-05 23:25:55 -08:00
Kubernetes Prow Robot
244fbf94fd Merge pull request #122698 from daniel-hutao/feat-1 
Code Cleanup: Redundant String Conversions and Spelling/Grammar Corrections
 2024-02-05 16:57:07 -08:00
Kubernetes Prow Robot
77775d4546 Merge pull request #123052 from jsafrane/clean-file-subpath 
Fix cleanup of file subpaths
 2024-02-05 11:42:58 -08:00