github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
88,197 Commits 1 Branch 31 Tags 1,019 MiB
652f52b51c
Commit Graph

2954 Commits

Author SHA1 Message Date
Tim Allclair
ac2b300ed9 Update bazel 2019-10-23 16:43:03 -07:00
Tim Allclair
fea3111554 Forbid label updates by nodes through pod/status 2019-10-23 15:54:40 -07:00
yue9944882
09cf42d67c switch system priority class to versioned (v1) api 
move all the helpers to scheduling v1 helpers

less explicit conversion
 2019-10-24 00:51:57 +08:00
Jacek Kaniuk
e6e026f1ad Allow pod-garbage-collector to get nodes 2019-10-23 16:54:38 +02:00
draveness
1163a1d51e feat: update taint nodes by condition to GA 2019-10-19 09:17:41 +08:00
Kubernetes Prow Robot
4f1c5b8cac
Merge pull request #81940 from carlory/fix-appserver 
fix static check failures
 2019-10-10 12:07:21 -07:00
carlory
f6bb24129e fix static check failures 2019-10-10 22:59:09 +08:00
Jordan Liggitt
92ea33efc5 Clean up TODOs 2019-10-03 09:23:10 -04:00
Mahendra Kariya
3698100224 Fix golint errors in pkg/apis/core (#82919) 
* Fix lint errors related to receiver name

Ref #68026

* Fix lint errors related to comments

Ref #68026

* Fix package name in comments

Ref #68026

* Rename Cpu to CPU

Ref #68026

* Fix lint errors related to naming convention

Ref #68026

* Remove deprecated field

DoNotUse_ExternalID has been deprecated and is not in use anymore.
It has been removed to fix lint errors related to underscores in field
names.

Ref #68026, #61966

* Include pkg/apis/core in golint check

Ref #68026

* Rename var to fix lint errors

Ref #68026

* Revert "Remove deprecated field"

This reverts commit 75e9bfc168077fcb9346e334b59d60a2c997735b.

Ref #82919

* Remove math from godoc

Ref #82919, #68026

* Remove underscore from var name

Ref #68026

* Rename var in staging core api type

Ref #68026
 2019-09-25 11:06:51 -07:00
Kubernetes Prow Robot
327f53ba57
Merge pull request #83064 from liggitt/propagate-context 
Propagate context to remote authorize/authenticate webhook calls
 2019-09-25 09:32:01 -07:00
Jordan Liggitt
b78edd86b8 Plumb context to webhook calls 2019-09-24 21:59:59 -04:00
Jordan Liggitt
4c686ddc1c Propagate context to ExponentialBackoff 2019-09-24 21:59:59 -04:00
Jordan Liggitt
92eb072989 Propagate context to Authorize() calls 2019-09-24 11:14:54 -04:00
Kubernetes Prow Robot
ac8ac0fc17
Merge pull request #82830 from jsafrane/pv-admission-fix 
Do not query the cloud if dynamic PV has all the labels
 2019-09-20 12:27:38 -07:00
Kubernetes Prow Robot
c7619bd770
Merge pull request #80824 from damemi/preemption-e2e-to-integration 
Move PodPriorityResolution e2e to integration
 2019-09-20 12:27:25 -07:00
Mike Dame
ca18b48151 Move PodPriorityResolution e2e to integration 2019-09-19 20:25:03 -04:00
Jan Safranek
a160bf8a59 Do not query the cloud if PV has all the labels 
This saves one cloud API call.
 2019-09-18 14:56:28 +02:00
Yassine TIJANI
18b185b5e8 adding yastij as a reviewer for the runtimeclass admission controller 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
 2019-09-10 20:34:28 +02:00
Kubernetes Prow Robot
0ff92e36f2
Merge pull request #82153 from robscott/endpointslice-rbac 
Adding EndpointSlice RBAC for node-proxier/kube-proxy
 2019-08-30 13:05:14 -07:00
Kubernetes Prow Robot
7acb066dbc
Merge pull request #81969 from logicalhan/livez 
add `/livez` endpoint for liveness probing on the kube-apiserver
 2019-08-29 19:56:31 -07:00
Rob Scott
1f5070e81c
Adding EndpointSlice RBAC for node-proxier/kube-proxy 2019-08-29 16:55:18 -07:00
Han Kang
aa1b2d6d35 add /livez as a liveness endpoint for kube-apiserver 
go fmt

make func private

refactor config_test

Two primary refactorings:

1. config test checkPath method is now each a distinct test
run (which makes it easier to see what is actually failing)

2. TestNewWithDelegate's root path check now parses the json output and
does a comparison against a list of expected paths (no more whitespace
and ordering issues when updating this test, yay).

go fmt

modify and simplify existing integration test for readyz/livez

simplify integration test

set default rbac policy rules for livez

rename a few functions and the entrypoint command line argument (and etcetera)

simplify interface for installing readyz and livez and make auto-register completion a bootstrapped check

untangle some of the nested functions, restructure the code
 2019-08-29 14:13:19 -07:00
Rob Scott
75f6c24923
Adding EndpointSlice controller 2019-08-28 21:13:27 -07:00
Tim Allclair
2e08288144 Remove conflict logic from PodTolerationRestriction 2019-08-26 15:31:15 -07:00
Kubernetes Prow Robot
ce8cccb966
Merge pull request #81072 from draveness/feature/runtime-class-scheduling-admission-plugin 
[RuntimeClassScheduling] Update runtime class admission plugin - Part2
 2019-08-23 22:26:37 -07:00
Kubernetes Prow Robot
6b47754740
Merge pull request #81627 from tallclair/copy 
Delete duplicate resource.Quantity.Copy()
 2019-08-22 11:13:13 -07:00
Di Xu
34cab8f80a populate object name for admission attributes when CREATE 2019-08-22 11:46:12 +08:00
draveness
5732c6370a feat: update runtime class admission plugin 2019-08-22 09:06:58 +08:00
Jordan Liggitt
61774cd717 Plumb context to admission Admit/Validate 2019-08-20 11:11:00 -04:00
Tim Allclair
49f50484b8 Delete duplicate resource.Quantity.Copy() 2019-08-19 17:23:14 -07:00
Kubernetes Prow Robot
a6aea3fcd8
Merge pull request #81265 from jfbai/replace-status-too-many-request 
Replace self defined const StatusTooManyRequests with http.StatusTooM…
 2019-08-19 15:09:31 -07:00
Kubernetes Prow Robot
273e9262bb
Merge pull request #80342 from draveness/feature/remove-critical-pod-annotation 
feat: cleanup pod critical pod annotations feature
 2019-08-15 07:20:34 -07:00
Jianfei Bai
07077a8aa5 Replace self defined const StatusTooManyRequests with http.StatusTooManyRequests. 2019-08-12 20:52:12 +08:00
draveness
495faa22db feat: cleanup pod critical pod annotations feature 2019-08-09 08:41:23 +08:00
Jordan Liggitt
8b155e82d8 Use the escalate verb for clusterroleaggregator rather than cluster-admin permissions 2019-08-08 17:59:12 -04:00
Kirill Shirinkin
5e9da75df2 Allow aggregate-to-view roles to get jobs status (#77866) 
* Allow aggregate-to-edit roles to get jobs status

Right now users/accounts with role `admin` or `edit` can create, update and delete jobs, but are not allowed to pull the status of a job that they create.  This change extends `aggregate-to-edit` rules to include `jobs/status`.

* Move jobs/status to aggregate-to-view rules

* Add aggregate-to-view policy to view PVCs status

* Update fixtures to include new read permissions

* Add more status subresources

* Update cluster-roles.yaml

* Re-order deployment permissions

* Run go fmt

* Add more permissions

* Fix tests

* Re-order permissions in test data

* Automatically update yamls
 2019-07-26 11:59:22 -07:00
Kubernetes Prow Robot
ab3bf7237d
Merge pull request #79565 from tedyu/runtime-cls 
Return the error from validateOverhead in RuntimeClass#Validate
 2019-07-19 12:37:24 -07:00
draveness
d83526d253 Revert "feat: cleanup pod critical pod annotations feature" 
This reverts commit b6d41ee5cc.
 2019-07-18 13:31:12 +08:00
Kubernetes Prow Robot
642a06e552
Merge pull request #79554 from draveness/feature/remove-critical-pod-annotation 
feat: cleanup pod critical pod annotations feature
 2019-07-11 22:03:04 -07:00
Kubernetes Prow Robot
2659b3755a
Merge pull request #80030 from yastij/bootstrap-policy 
add rbac for events.k8s.io apiGroup to system:kube-scheduler
 2019-07-11 11:25:20 -07:00
Yassine TIJANI
a024d48eba add rbac for events.k8s.io apiGroup to system:kube-scheduler 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
 2019-07-11 16:10:32 +02:00
Kubernetes Prow Robot
d11eb67c02
Merge pull request #79621 from egernst/admission-fixups 
RuntimeClass-admission: fixup comment, simplify nested ifs
 2019-07-11 05:36:55 -07:00
Jordan Liggitt
2899abb65c Populate API version in synthetic authorization requests 2019-07-10 21:29:25 -04:00
draveness
b6d41ee5cc feat: cleanup pod critical pod annotations feature 2019-07-11 08:54:19 +08:00
Ted Yu
059243fbd2 Return the error from validateOverhead in RuntimeClass#Validate 2019-07-10 17:32:53 -07:00
Eric Ernst
d409619284 RuntimeClass-admission: fixup comment, simplify nested ifs 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-07-02 10:49:49 -07:00
Kubernetes Prow Robot
64a2be8e44
Merge pull request #79387 from tedyu/cont-helper-early 
Restore early return for podSpecHasContainer
 2019-07-01 15:09:45 -07:00
Kubernetes Prow Robot
6a2d0f67d1
Merge pull request #79527 from wojtek-t/cleanup_etcd_dir_1 
Cleanup etcd code
 2019-06-29 07:37:22 -07:00
wojtekt
cba13eb9ad Autogenerate code 2019-06-29 15:26:09 +02:00
Kubernetes Prow Robot
e4f1588352
Merge pull request #78484 from egernst/runtimeclass-admission 
Runtimeclass admission
 2019-06-28 23:35:24 -07:00
wojtekt
fd819f8fdc Move APIObjectVersioner 2019-06-28 21:16:49 +02:00
Eric Ernst
824a9e592a runtimeclass-admissioN: add owners file 
add initial owners file for RuntimeClass admission controller

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-27 15:59:59 -07:00
Ted Yu
cf7c164ae3 Restore early return for podSpecHasContainer 2019-06-26 14:17:13 +08:00
Kubernetes Prow Robot
07ee0c3e8b
Merge pull request #79378 from verb/alwayspull-aggregate-errs 
Return all errors in alwayspullimages admission plugin validation
 2019-06-25 17:01:41 -07:00
Kubernetes Prow Robot
22fb6fd174
Merge pull request #77595 from bertinatto/volume_limits 
Volume Scheduling Limits
 2019-06-25 17:01:16 -07:00
Lee Verberne
d88c928733 Generated build file for alwayspullimages 2019-06-25 18:45:30 +00:00
Lee Verberne
bd5f4117e5 Return all errors in alwayspullimages.Validate() 2019-06-25 18:11:51 +00:00
Kubernetes Prow Robot
1215aa73d2
Merge pull request #79176 from verb/debug-iterate-containers 
Add helpers for iterating containers in a pod
 2019-06-25 09:32:52 -07:00
Fabio Bertinatto
00b0ab86af Update scheduler to use volume limits from CSINode 2019-06-25 16:30:54 +02:00
Kubernetes Prow Robot
ad095324bf
Merge pull request #79309 from draveness/feature/cleanup-CSIPersistentVolume-feature-gates 
feat: cleanup feature gates for CSIPersistentVolume
 2019-06-25 01:15:03 -07:00
draveness
8e9472ba79 feat: cleanup feature gates for CSIPersistentVolume 2019-06-25 09:00:12 +08:00
Kubernetes Prow Robot
6f0f62b2c4
Merge pull request #77211 from dixudx/bootstrap_token_refactor 
Bootstrap token refactor
 2019-06-24 13:36:36 -07:00
Kubernetes Prow Robot
2109c1a7a3
Merge pull request #79310 from draveness/feature/cleanup-KubeletPluginsWatcher-feature-gates 
feat: cleanup feature gates for KubeletPluginsWatcher
 2019-06-23 23:04:09 -07:00
draveness
35bc5dc6b6 feat: cleanup feature gates for KubeletPluginsWatcher 2019-06-23 16:59:36 +08:00
draveness
ca6003bc75 feat: cleanup PodPriority features gate 2019-06-23 11:57:24 +08:00
Lee Verberne
a0b57ad3db Update BUILD files for container helper 2019-06-21 08:32:04 +00:00
Lee Verberne
ee821e2a04 Create helpers for iterating containers in a pod 2019-06-21 08:32:04 +00:00
Di Xu
5056161d4d auto-generated 2019-06-20 17:06:26 +08:00
Di Xu
af9ae4c11a refactor bootstrap token utils 2019-06-20 15:43:44 +08:00
Eric Ernst
e8608300c2 autogenerated code update based in new plugin 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-19 17:20:11 -07:00
Eric Ernst
247dab3578 introduce RuntimeClass admission controller 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-19 17:20:11 -07:00
Han Kang
54dcf5c9c4 add readyz endpoint for kube-apiserver readiness checks 
add startup sequence duration and readyz endpoint

add rbac bootstrapping policy for readyz

add integration test around grace period and readyz

rename startup sequence duration flag

copy health checks to fields

rename health-check installed boolean, refactor clock injection logic

cleanup clock injection code

remove todo about poststarthook url registration from healthz
 2019-06-17 11:16:13 -07:00
wangqingcan
52f3380ef3 change preempting to PreemptionPolicy 2019-05-31 12:42:05 +08:00
wangqingcan
5c9438c691 non-preempting-priorityclass 
Co-authored-by: Vallery Lancey <vallery@zeitgeistlabs.io>
Co-authored-by: Tan shanshan <tan.shanshan@zte.com.cn>
 2019-05-31 12:37:07 +08:00
Kubernetes Prow Robot
b8eecd671d
Merge pull request #69941 from miguelbernadi/fix-golint-issues-68026 
Fix golint issues in plugin/pkg/admission
 2019-05-30 08:38:26 -07:00
Vladimir Vivien
8e0cf65310 Enforce pod security policy for CSI inline 2019-05-29 15:38:21 -04:00
Joe Betz
cc2e3616f0 Add WithReinvocationTesting utility for ensuring that admission plugin reinvocation is idempotent 2019-05-28 15:10:22 -07:00
Joe Betz
9b504c474c Fix podpreset merging of envFrom to be idempontent 2019-05-28 11:16:56 -07:00
Morten Torkildsen
f1883c9e8c Support scale subresource for PDBs (#76294) 
* Support scale subresource for PDBs

* Check group in finder functions

* Small fixes and more tests
 2019-05-23 22:24:17 -07:00
Miguel Bernabeu
f47da8a75d Fix golint violations in several plugins 2019-05-23 20:00:06 +02:00
Kubernetes Prow Robot
d5876954e1
Merge pull request #76178 from humblec/endpoint 
Create endpoint/service early to avoid unwanted create/delete volume transaction.
 2019-05-22 09:58:09 -07:00
Zihong Zheng
bff5f08e19 Allow service controller role to patch service status 
Co-authored-by: Josh Horwitz <horwitzja@gmail.com>
 2019-05-16 17:30:43 -07:00
Joe Betz
900d652a9a Update tests for: Pass {Operation}Option to Webhooks 2019-05-14 10:49:43 -07:00
Kubernetes Prow Robot
09c4e10333
Merge pull request #74021 from andrewsykim/move-features-component-base 
Move feature gate package from k8s.io/apiserver to k8s.io/component-base
 2019-05-08 13:06:34 -07:00
Daniel (Shijun) Qian
5268f69405 fix duplicated imports of k8s code (#77484) 
* fix duplicated imports of api/core/v1

* fix duplicated imports of client-go/kubernetes

* fix duplicated imports of rest code

* change import name to more reasonable
 2019-05-08 10:12:47 -07:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
Jordan Liggitt
58f2cdccf7 Add quota admission test for decreasing usage without covering quota 2019-05-02 10:29:08 -04:00
Mansi Agarwal
4466f97d0e Accept admission request if resource is being deleted 2019-04-30 10:59:27 -07:00
Jordan Liggitt
4e6a8fbd15 Short-circuit quota admission rejection on zero-delta updates 2019-04-26 17:30:20 -07:00
Humble Chirammal
7544b53693 Create endpoint/service early to avoid unwanted create/delete volume transaction. 
At times, for some reason endpoint/service creation can fail in a setup. As we
currently create endpoint/service after volume creation, later we need rollback
of this volume transaction if endpoint/service creation failed. Considering
endpoint/service creation is light weight, this patch promote endpoint/service
creation to an early stage.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2019-04-10 19:06:27 +05:30
Bobby (Babak) Salamat
16a7cbd320 generated files 2019-04-05 14:30:52 -07:00
Bobby (Babak) Salamat
8574e3e3f4 Use Scheduling V1 API instead of Scheduling v1beta1 2019-04-05 14:21:45 -07:00
Kubernetes Prow Robot
16db83b257
Merge pull request #75985 from ravisantoshgudimetla/fix-pod-toleration 
Fix besteffort pods for conflicting tolerations
 2019-04-05 07:43:20 -07:00
ravisantoshgudimetla
82ffd14c0d Fix besteffort pods for conflicting tolerations 
Signed-off-by: ravisantoshgudimetla <ravisantoshgudimetla@gmail.com>
 2019-04-02 10:37:27 -04:00
Guoliang Wang
128fd8843d Move cloud-specific roles out of RBAC bootstrap 2019-04-02 19:17:53 +08:00
Kubernetes Prow Robot
484043a6d1
Merge pull request #75627 from ialidzhikov/fix-lint-error 
Fix lint issues
 2019-03-29 14:48:59 -07:00
Kubernetes Prow Robot
a8cbb22506
Merge pull request #74747 from liggitt/quota-deadlock 
quota controller fixes
 2019-03-27 09:04:48 -07:00
Kubernetes Prow Robot
ccc90b2ba6
Merge pull request #75680 from tallclair/psp-refactor 
Clean up some PodSecurityPolicy code
 2019-03-26 21:59:01 -07:00
Jordan Liggitt
bef996d0a4 Only reject quota admission if status is missing relevant usage 2019-03-26 23:15:40 -04:00
Kubernetes Prow Robot
531dbd409f
Merge pull request #75445 from shinytang6/enhance/fmt 
Replace all time.Now().Sub with time.Since
 2019-03-26 13:55:17 -07:00