github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
115,189 Commits 1 Branch 31 Tags
75f17eb38fc8bbcb360d43dffce6e27a7159d43f
Commit Graph

47040 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
de109979a1 Merge pull request #116138 from cvvz/fix-114207 
fix: the volume is not detached after the pod and PVC objects are deleted
 2023-04-11 15:35:48 -07:00
Kubernetes Prow Robot
4893c66a48 Merge pull request #116134 from cvvz/fix-111933 
fix: After a Node is down and take some time to get back to up again, the mount point of the evicted Pods cannot be cleaned up successfully.
 2023-04-11 15:35:41 -07:00
Kubernetes Prow Robot
779abe6ebe Merge pull request #115399 from 3u13r/feat/documentTLS13Exception 
Add note about TLS 1.3 cipher suites
 2023-04-11 15:35:27 -07:00
Kubernetes Prow Robot
0c969ad660 Merge pull request #115133 from ffromani/podresources-windows 
node: create podresources endpoint also on windows
 2023-04-11 15:35:19 -07:00
Kubernetes Prow Robot
32cb4a6dc5 Merge pull request #115100 from HirazawaUi/delte-pkg-controller-unused-functions 
delete unused functions in pkg/controller directory
 2023-04-11 15:35:12 -07:00
Kubernetes Prow Robot
e77ca49022 Merge pull request #114898 from AxeZhan/volumerestrictions 
feature(volume_restrictions): return Skip in PreFilter
 2023-04-11 15:35:04 -07:00
Kubernetes Prow Robot
d0fc9d16ce Merge pull request #114800 from haoruan/feature-8976-spew-sprintf-refactor 
Capture spew.Sprintf() with all our favorite config into a util func
 2023-04-11 15:34:57 -07:00
Kubernetes Prow Robot
eb78b75a2c Merge pull request #114746 from yangjunmyfm192085/fixtestcase 
fix test cases that may be incorrect
 2023-04-11 15:34:50 -07:00
Kubernetes Prow Robot
4e6da50c56 Merge pull request #113800 from pacoxu/patch-4 
add sig/storage label for pkg/controller/volume package PR
 2023-04-11 15:34:31 -07:00
Harshal Patil
1972dd1005 Do not log entire pod struct while attaching the volume 
Signed-off-by: Harshal Patil <harpatil@redhat.com>
 2023-04-05 20:24:12 -04:00
Michal Wozniak
b5dd5f1f3a Investigate and fix the handling of Succeeded pods in DaemonSet 2023-04-04 19:21:15 +02:00
HirazawaUi
397cc73dc9 delete unused functions in pkg/controller directory 2023-03-28 22:41:20 +08:00
Hao Ruan
f638e2849f replaced spew.Sprintf with a util pretty print function 2023-03-27 09:24:22 +08:00
Kubernetes Prow Robot
0c62b122c0 Merge pull request #116857 from vinaykul/restart-free-pod-vertical-scaling-fixes 
Call function that validates resize policy for in-place pod resize feature
 2023-03-24 10:42:21 -07:00
Paco Xu
b83600de01 fix nil pointer dereference panic for deprecated metrics 2023-03-24 18:50:43 +08:00
kidddddddddddddddddddddd
8d644fbc72 return skip in volumerestrictions 2023-03-23 23:14:24 +08:00
Lior Lieberman
6843c52060 remove kubernetes.io/grpc standard protocol 2023-03-22 18:33:49 +00:00
vinay kulkarni
0e9dd5c51d Call function that validates in-place vpa resize policy 2023-03-22 16:19:19 +00:00
Kubernetes Prow Robot
3cf9f66e90 Merge pull request #116743 from thockin/docs-clarify-publish-not-ready-endpoints 
Clarify EPSlice docs wrt the Ready conditions
 2023-03-21 23:14:35 -07:00
Kubernetes Prow Robot
c7cc7886e2 Merge pull request #116702 from vinaykul/restart-free-pod-vertical-scaling-podmutation-fix 
Fix pod object update that may cause data race
 2023-03-21 19:26:36 -07:00
Kubernetes Prow Robot
9c6414cdfe Merge pull request #116792 from pacoxu/fix-safe-sysctl-windows 
safe-sysctl: skip checking for windows
 2023-03-21 17:39:59 -07:00
vinay kulkarni
f41702b8d2 Return updatedPod if resize upon successful checkpointing of allocated resources 2023-03-22 00:24:00 +00:00
Paco Xu
e154b73535 safe-sysctl: skip checking for windows 2023-03-22 07:40:29 +08:00
Kubernetes Prow Robot
b2b9395c51 Merge pull request #116800 from claudiubelu/windows-remove-dns-check 
kubelet: Read DNS Config options from file for Windows
 2023-03-21 16:36:00 -07:00
Claudiu Belu
c68bc27f73 kubelet: Read DNS Config options from file for Windows 
A previous commit added the capability to read the DNS configuration options
from a Windows host, while removing the capability to read from a resolv.conf-like
file.

This commit addresses this issue: if the given ``--resolv-conf`` option is not set to
``Host``, it will consider it as a file, preserving the previous behavior.
 2023-03-21 22:21:57 +00:00
Kubernetes Prow Robot
94daf7f4b2 Merge pull request #116806 from sourcelliu/improvemap 
Improve the performance of map usage
 2023-03-21 11:30:24 -07:00
Kubernetes Prow Robot
956fa9b9ce Merge pull request #116785 from enj/enj/i/clean_front_proxy_headers 
Clear front proxy headers after authentication is complete
 2023-03-21 11:30:11 -07:00
Monis Khan
e9866d2794 Clear front proxy headers after authentication is complete 
This matches the logic we have for the Authorization header as well
as the impersonation headers.

Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-21 10:51:22 -04:00
mantuliu
0567c93b2a Improve the performance of map usage 
Signed-off-by: mantuliu <240951888@qq.com>
 2023-03-21 20:37:53 +08:00
Jiahui Feng
33c3fe3f74 differentiate kinds of expressions. 2023-03-20 12:13:21 -07:00
Kubernetes Prow Robot
15894cfc85 Merge pull request #116550 from alculquicondor/fix-bind-uid 
Preserve UID and ResourceVersion in BindingREST
 2023-03-20 08:49:20 -07:00
Aldo Culquicondor
62889f416c Preserve UID/ResourceVersion in the BindingREST endpoint 
Change-Id: If4023da10c455963a320fdb9fc2a73c099bea3db
 2023-03-20 10:29:25 -04:00
Tim Hockin
78530ec0a8 Clarify EPSlice docs wrt the Ready conditions 
`publishNotReadyAddresses` is an explicit override, so this makes it
clear that is OK.
 2023-03-19 09:28:58 -07:00
vinay kulkarni
d753893260 Do not modify original pod object when processing pod resource resize 2023-03-18 17:57:25 +00:00
Kubernetes Prow Robot
fe91bc257b Merge pull request #116554 from atiratree/eviction-resource-version-fix 
API-initiated eviction: handle deleteOptions correctly
 2023-03-17 16:59:15 -07:00
Kubernetes Prow Robot
c14e0983fb Merge pull request #116684 from vinaykul/restart-free-pod-vertical-scaling-fixes 
Add missing unit test for resource resize policy defaulting
 2023-03-17 15:13:17 -07:00
Filip Křepinský
51c0e2374f API-initiated eviction: handle deleteOptions correctly 
when adding a DisruptionTarget condition into a pod that will be deleted

- handle ResourceVersion and Preconditions correctly
- handle DryRun option correctly

Co-authored-by: Jordan Liggitt jordan@liggitt.net
 2023-03-17 22:18:07 +01:00
vinay kulkarni
358474b71d Explicitly return from checkpoint update failures. SyncPod will retry 2023-03-17 18:00:04 +00:00
Paco Xu
5134520a3b add lock in volume manager reconciler to avoid data race 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-17 21:29:10 +08:00
vinay kulkarni
f66e8848ee Fix pod object update that may cause data race 2023-03-17 08:50:52 +00:00
Paco Xu
7afcfe1826 kubelet: use filepath.Clean before init, validate it in setupDataDirs 2023-03-17 15:45:39 +08:00
vinay kulkarni
0ee5d43d74 Add unit tests covering ephemeral storage resource combinations 2023-03-17 05:43:30 +00:00
vinay kulkarni
07c567a848 Add missing unit test for resource resize policy defaulting 2023-03-17 05:43:30 +00:00
Michal Wozniak
3d68f362c3 Give terminal phase correctly to all pods that will not be restarted 2023-03-16 21:25:29 +01:00
Clayton Coleman
58d1dc669f kubelet: Remove status manager channel 
The status manager channel forces all container status to be
processed, even if multiple updates are generated in succession.
Instead of queueing the updates, just remember which ones changed
and process them in a batch. This should reduce QPS load from
the Kubelet for status, reduce latency of status propagation to
the API in general, and is easier to reason about.

This also prevents status from being lost when the channel is
full - all updates sent by SetPodStatus are guaranteed to be
recorded. Changing to remove the channel allows us to set a
marker flag when the pod worker state machine completes that
avoids the status manager having to call into the pod worker
directly.
 2023-03-16 21:22:43 +01:00
Kubernetes Prow Robot
a34e37c996 Merge pull request #113218 from ahmedtd/kep-3257 
Add certificates.k8s.io/v1alpha1 ClusterTrustBundle
 2023-03-16 11:13:20 -07:00
Sathyanarayanan Saravanamuthu
c84c8add70 Decouple batch/job back-off logic from workqueues (#114768) 
* batch/job: decouple backoff from workqueue

Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>

* Resolving review comments

* Resolving more review comments

* Resolving review comments

Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>

* Computing finish time to now when FinishedAt is unix epoch

* Addressing review comments

Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>

---------

Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2023-03-16 10:15:21 -07:00
Taahir Ahmed
2e4b637bf8 ClusterTrustBundles: make update 2023-03-15 20:10:59 -07:00
Taahir Ahmed
6a75e7c40c ClusterTrustBundles: Define types 
This commit is the main API piece of KEP-3257 (ClusterTrustBundles).

This commit:

* Adds the certificates.k8s.io/v1alpha1 API group
* Adds the ClusterTrustBundle type.
* Registers the new type in kube-apiserver.
* Implements the type-specfic validation specified for
  ClusterTrustBundles:
  - spec.pemTrustAnchors must always be non-empty.
  - spec.signerName must be either empty or a valid signer name.
  - Changing spec.signerName is disallowed.
* Implements the "attest" admission check to restrict actions on
  ClusterTrustBundles that include a signer name.

Because it wasn't specified in the KEP, I chose to make attempts to
update the signer name be validation errors, rather than silently
ignored.

I have tested this out by launching these changes in kind and
manipulating ClusterTrustBundle objects in the resulting cluster using
kubectl.
 2023-03-15 20:10:18 -07:00
Kubernetes Prow Robot
a4302915c9 Merge pull request #116305 from danwinship/cloud-node-ips 
KEP-3705 cloud dual-stack --node-ip
 2023-03-15 18:27:14 -07:00