github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
109,927 Commits 1 Branch 31 Tags
7c8a151faaf044cb0f40ef77d6d9ecf18993af3d
Commit Graph

45151 Commits

Author SHA1 Message Date
ialidzhikov
7c8a151faa pkg/scheduler: Replace deprecated func usage from the k8s.io/utils/pointer pkg 2022-08-16 08:39:18 +03:00
Kubernetes Prow Robot
7b1b801295 Merge pull request #111773 from amewayne/fix_mem_leak_in_preemption 
fix a memory leakage problem when calling DryRunPreemption
 2022-08-11 08:36:58 -07:00
amewayne
1457ad548c fix a memory leak problem when calling DryRunPreemption 2022-08-10 12:02:27 +08:00
Kubernetes Prow Robot
3e396dbac5 Merge pull request #111657 from aojea/hc_nodeport 
document that services healthcheckNodePort is inmutable once set
 2022-08-09 13:20:39 -07:00
Kubernetes Prow Robot
759785ea14 Merge pull request #109090 from sarveshr7/multicidr-rangeallocator 
Enhance NodeIPAM to support multiple ClusterCIDRs
 2022-08-07 15:40:18 -07:00
Kubernetes Prow Robot
985c9202cc Merge pull request #110182 from kerthcet/cleanup/remove-potential-goroutine-leak-in-metric-recorder 
Remove potential goroutine leak in testing framework
 2022-08-05 19:14:17 -07:00
Sarvesh Rangnekar
5b801ba9f9 Introduce MultiCIDRRangeAllocator 
MultiCIDRRangeAllocator is a new Range Allocator which makes using
multiple ClusterCIDRs possible. It consists of two controllers, one for
reconciling the ClusterCIDR API objects and the other for allocating
Pod CIDRs to the nodes.

The allocation is based on the rules defined in
https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/2593-multiple-cluster-cidrs
 2022-08-06 00:10:39 +00:00
Kubernetes Prow Robot
64ed914545 Merge pull request #111258 from dobsonj/kep-596-ga-feature-flag 
KEP-596: Move CSIInlineVolume feature to GA
 2022-08-05 13:54:30 -07:00
Kubernetes Prow Robot
137439194d Merge pull request #111721 from alculquicondor/fix-delete-expectations 
Fix deleting UIDs tracking expectations
 2022-08-05 12:07:25 -07:00
Kubernetes Prow Robot
11d4cb52f2 Merge pull request #111693 from kinvolk/rata/userns-support-2022 
volume: FeatureGate access to GetHostIDsForPod()
 2022-08-05 09:37:48 -07:00
Aldo Culquicondor
c1e0dac461 Fix deleting UIDs tracking expectations 
Change-Id: I5dad644cf5cb232ebed0950a14b35a781a38eeb0
 2022-08-05 12:37:31 -04:00
kerthcet
97e3e50493 Remove potential goroutine leak in NewFramework 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2022-08-06 00:05:22 +08:00
Antonio Ojea
5ec9d4a530 doc services healthcheckNodePort is inmutable 2022-08-05 11:51:50 +02:00
Sarvesh Rangnekar
02d944d046 Add a priority queue to implement MultiCIDR tie-breaks 
The Priority is determined as follows:
P0: ClusterCIDR with higher number of matching labels has highest
priority.
P1: ClusterCIDR having cidrSet with fewer allocatable Pod CIDRs has
higher priority.
P2: ClusterCIDR with a PerNodeMaskSize having fewer IPs has higher
priority.
P3: ClusterCIDR having label with lower alphanumeric value has higher
priority.
P4: ClusterCIDR with a cidrSet having a smaller IP address value has
higher priority.
 2022-08-05 01:06:43 +00:00
Sarvesh Rangnekar
b6392a4b07 Add cidrset to support multiple CIDRs 
Add a new cidrset named `multicidrset` which extends the current
cidrset mechanism to track allocatable Pod and Service CIDRs.
multicidrset stores the info about allocated CIDRs in a Map as opposed
to the current cidrset implementation where it is stored in a bitmap.
 2022-08-05 01:06:43 +00:00
Sarvesh Rangnekar
0ee3719d0b Add describer and printer for ClusterCIDR API 2022-08-05 01:06:42 +00:00
Sarvesh Rangnekar
299724d099 Auto generate code for ClusterCIDR API 2022-08-05 01:06:35 +00:00
Sarvesh Rangnekar
7093b10416 Introduce networking/v1alpha1 api, ClusterCIDR type 
Introduce networking/v1alpha1 api group.

Add `ClusterCIDR` type to networking/v1alpha1 api group, this type
will enable the NodeIPAM controller to support multiple ClusterCIDRs.
 2022-08-05 00:54:00 +00:00
Kubernetes Prow Robot
eefcf6aa80 Merge pull request #111113 from mimowo/retriable-pod-failures-job-controller 
Support handling of pod failures with respect to the configured rules
 2022-08-04 13:35:46 -07:00
Jonathan Dobson
0ee8fed853 Add conformance test for CSIInlineVolume feature 2022-08-04 13:06:30 -06:00
Jonathan Dobson
5f774832a5 Move CSIInlineVolume feature to GA 2022-08-04 13:06:30 -06:00
Michal Wozniak
bf9ce70de3 Support handling of pod failures with respect to the specified rules 2022-08-04 18:39:08 +02:00
Rodrigo Campos
4267f2ee0c volume: FeatureGate access to GetHostIDsForPod() 
After the userns PR got merged:
	https://github.com/kubernetes/kubernetes/pull/111090

gnufied decided it might be safer if we feature gate this part of the
code, due to the kubelet volume host type assertion.

That is a great catch and this patch just moves the code inside the
feature gate if.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-04 14:08:29 +02:00
Jan Safranek
f9c7ce5b9c Add unit tests for DesiredStateOfWorldPopulator 2022-08-04 10:51:59 +02:00
Jan Safranek
39f0d78714 Add unit tests for GetPodVolumeNames 2022-08-04 10:51:57 +02:00
Jan Safranek
260912490e Add a coment about handling same volumes with different contexts 2022-08-04 10:51:56 +02:00
Jan Safranek
a01e720a1a Rename IsRWOP 
To be able to update content of the function to other access modes when we
implement SELinux mount for more of them.
 2022-08-04 10:51:54 +02:00
Jan Safranek
1490d51028 Remove noisy log 
The error would be logged every reconciler sync (100 ms).
 2022-08-04 10:51:53 +02:00
Jan Safranek
0793ecee3a Add unit tests for ASW.AddPodToVolume 2022-08-04 10:51:52 +02:00
Jan Safranek
17d850ee0e Add interface for SELinuxOptionsToFileLabel 
github.com/opencontainers/selinux/go-selinux needs OS that supports SELinux
and SELinux enabled in it to return useful data, therefore add an interface
in front of it, so we can mock its behavior in unit tests.
 2022-08-04 10:51:51 +02:00
Jan Safranek
d9f792633d Add AddPodToVolume unit tests with SELinux 2022-08-04 10:51:50 +02:00
Jan Safranek
8d6b721ddd Extract SELinux context error handling into a common func 
Add handlerSELinuxMetricError() which bumps the right metric + either
consumes a SELinux error or lets it propagate up the stack.
 2022-08-04 10:51:48 +02:00
Jan Safranek
4df3f58737 Add SELinux feature check for iSCSI volume plugin 
In theory the check is not necessary, but for sake of robustness and
completenes, let's check SELinuxMountReadWriteOncePod feature gate before
assuming anything about SELinux labels.
 2022-08-04 10:51:47 +02:00
Jan Safranek
49148ddfd0 Extract getSELinuxLabel from AddPodToVolume 
To keep the function smaller.
 2022-08-04 10:51:46 +02:00
Jan Safranek
5c90474f38 Add SELinux mount support to CSI driver 
With some minor refactoring to use common getCSIDriver function.
 2022-08-04 10:51:45 +02:00
Jan Safranek
de7f5b66ed Fix existing unit tests 2022-08-04 10:51:44 +02:00
Jan Safranek
b2e18c0b20 Add metrics for SELinux context mount 
Add separate _errors and _warnings to capture volumes that were rejected
from those will be rejected when the feature is expanded to all access
mode.
 2022-08-04 10:51:43 +02:00
Jan Safranek
48b0751269 Add SELinux context tracking to volume manager 
Both ActualStateOfWorld and DesiredStateOfWorld must track SELinux context
of volume mounts.
 2022-08-04 10:51:41 +02:00
Jan Safranek
4cfb277e8b Implement mounting with -o context= in iSCSI volume plugin 2022-08-04 10:51:31 +02:00
Jan Safranek
cdb3ead5a9 Add SupportsSELinuxContextMount 
Add a new call to VolumePlugin interface and change all its
implementations.

Kubelet's VolumeManager will be interested whether a volume supports
mounting with -o conext=XYZ or not to hanle SetUp() / MountDevice()
accordingly.
 2022-08-04 10:51:28 +02:00
Jan Safranek
f99cf5180e Add SELinux mount option to NewMounter() and MountDevice() 
Let volume plugins decide if they want to mount volumes with "-o
context=XYZ" or let the container runtime relabel the volume on container
startup.

Using NewMounter, as it's the call where a volume plugin gets the other MountOptions.
 2022-08-04 10:51:11 +02:00
Jan Safranek
f2fd9c1c16 Regenerate files 2022-08-04 10:51:01 +02:00
Jan Safranek
189f19a698 Update generation when SELinuxMount is changed 2022-08-04 10:51:00 +02:00
Jan Safranek
3efeeef346 Add CSIDriverSpec.SELinuxMount 
The new field tells Kubernetes if the CSI driver supports mounting of
volumes with -o context=XYZ or not.
 2022-08-04 10:51:00 +02:00
Jan Safranek
34dc6b2587 Add SELinuxMountReadWriteOncePod feature gate 2022-08-04 10:51:00 +02:00
Kubernetes Prow Robot
b661944b65 Merge pull request #110939 from Abirdcfly/deleteutil 
don't quota events.k8s.io events by default
 2022-08-03 20:49:46 -07:00
Kubernetes Prow Robot
d4795e4bec Merge pull request #111620 from Jiawei0227/storageos 
cleanup: Remove storageos volume plugins from k8s codebase
 2022-08-03 18:05:36 -07:00
Kubernetes Prow Robot
a0e702763e Merge pull request #110495 from alexzielenski/atomic-objectreference 
make ObjectReference field ownership granular
 2022-08-03 14:21:48 -07:00
Jiawei Wang
d52cdeae79 cleanup: Remove storageos volume plugins from k8s codebase 2022-08-03 20:19:59 +00:00
Kubernetes Prow Robot
442574f3a7 Merge pull request #111513 from jingxu97/july/localstorage 
Promote Local storage capacity isolation feature to GA
 2022-08-03 13:05:59 -07:00