github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
114,998 Commits 1 Branch 31 Tags 1,019 MiB
815b1bf0d8
Commit Graph

23107 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
815b1bf0d8
Merge pull request #116558 from klueska/update-dra-kubeletplugin-v1alpha2 
Update kubeletplugin API for DRA to v1alpha2
 2023-03-14 19:27:06 -07:00
Kubernetes Prow Robot
ae36991498
Merge pull request #116332 from klueska/extend-resourceclaimstatus 
Update resource.AllocationResult with a slice of ResourceHandlers
 2023-03-14 19:26:50 -07:00
Kubernetes Prow Robot
9053b5dc2c
Merge pull request #116119 from vinaykul/restart-free-pod-vertical-scaling-fixes 
Restructure resize policy naming and set default resize policy values
 2023-03-14 19:26:42 -07:00
Kubernetes Prow Robot
15040e1c86
Merge pull request #115123 from aramase/v2beta1 
[KMSv2] Generate proto API and update feature gate for beta
 2023-03-14 19:26:25 -07:00
Kubernetes Prow Robot
f44d561c1f
Merge pull request #115075 from aojea/ipaddress 
IPAddress allocator
 2023-03-14 19:26:13 -07:00
Kubernetes Prow Robot
2c8dffdd5f
Merge pull request #116619 from MadhavJivrajani/fix-subresource-e2e-flake 
test/e2e: Fix flaking subresource test
 2023-03-14 17:45:02 -07:00
Kubernetes Prow Robot
fa5253976c
Merge pull request #116551 from SergeyKanzhelev/standaloneMode 
Test kubelet standalone mode
 2023-03-14 17:44:47 -07:00
Kubernetes Prow Robot
f22504a9ba
Merge pull request #116539 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.9.1, gomega v1.27.3
 2023-03-14 17:44:40 -07:00
Kubernetes Prow Robot
f7bcff44cd
Merge pull request #116425 from jsafrane/flip-selinux 
Flip SELinuxMountReadWriteOncePod to Beta
 2023-03-14 16:34:41 -07:00
Anish Ramasekar
ad698cc0ae
[KMSv2] Generate proto API and update feature gate for beta 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-03-14 23:18:16 +00:00
Kevin Klues
579295e727 Update kubeletplugin API for DynamicResourceAllocation to v1alpha2 
This PR makes the NodePrepareResources() and NodeUnprepareResource()
calls of the kubeletplugin API for DynamicResourceAllocation
symmetrical. It wasn't clear how one would use the set of CDIDevices
passed back in the NodeUnprepareResource() of the v1alpha1 API, and the
new API now passes back the full ResourceHandle that was originally
passed to the Prepare() call. Passing the ResourceHandle is strictly
more informative and a plugin could always (re)derive the set of
CDIDevice from it.

This is a breaking change, but this release is scheduled to break
multiple APIs for DynamicResourceAllocation, so it makes sense to do
this now instead of later.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-14 23:09:44 +00:00
Antonio Ojea
ca1cba8f91 integration etcd data 2023-03-14 22:58:11 +00:00
Antonio Ojea
23252d70b4 add integration test 2023-03-14 22:58:11 +00:00
Kevin Klues
6ba9b91604 Update e2e tests for recent changes to resource.k8s.io/v1alpha2 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-14 22:34:19 +00:00
Kubernetes Prow Robot
fbfc887a09
Merge pull request #116556 from pohly/dra-podschedulingcontext 
dra: PodScheduling -> PodSchedulingContext
 2023-03-14 15:14:34 -07:00
Kubernetes Prow Robot
900278dd41
Merge pull request #116390 from alexzielenski/kubectl/explain/openapiv3/on-by-default 
kubectl explain: use openapiv3 by default
 2023-03-14 15:14:26 -07:00
Madhav Jivrajani
87b64744dc test/e2e: Fix flaking subresource test 
Avoid comparing fields that might end up changing
between two invocations of kubectl.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-03-15 03:42:17 +05:30
Patrick Ohly
fe59e091eb dependencies: ginkgo v2.9.1, gomega v1.27.4 
They contain some nice-to-have improvements (for example, better printing of
errors with gomega/format.Object) but nothing that is critical right now.

"go mod tidy" was run manually in
staging/src/k8s.io/kms/internal/plugins/mock (https://github.com/kubernetes/kubernetes/pull/116613
not merged yet).
 2023-03-14 22:26:27 +01:00
Kubernetes Prow Robot
60be214af1
Merge pull request #116599 from justinsb/kubectl_applyset_e2e_test 
kubectl prunev2: simple e2e/integration test
 2023-03-14 14:13:33 -07:00
Kubernetes Prow Robot
c0ef73222f
Merge pull request #116522 from robscott/topology-1-27-updates 
Introducing Topology Mode Annotation, Deprecating Topology Hints Annotation
 2023-03-14 14:12:48 -07:00
Sergey Kanzhelev
1e6281e4a2 first iteration to add standalone mode 2023-03-14 20:46:41 +00:00
Alexander Zielenski
4fb6385140 fix test to look for FIELD: not RESOURCE: when a field was looked up 2023-03-14 12:47:09 -07:00
Kubernetes Prow Robot
abb6328661
Merge pull request #116590 from MadhavJivrajani/e2e-kubectl-subresource 
test/e2e: Add e2e tests for kubectl --subresource
 2023-03-14 12:38:42 -07:00
Kubernetes Prow Robot
1cb334960c
Merge pull request #116591 from gjkim42/add-service-feature-gates-to-e2e_node 
Add service-feature-gates argument to node_e2e
 2023-03-14 10:41:17 -07:00
Kubernetes Prow Robot
94ed45ab4a
Merge pull request #116568 from pacoxu/fix-alpha-feature-ci 
get pvc again to get the pv name that bound to the PVC
 2023-03-14 10:41:09 -07:00
Kubernetes Prow Robot
bab2774b21
Merge pull request #116517 from dims/re-organize-remote-e2e-test-to-be-pluggable 
re-organize remote e2e test to be pluggable
 2023-03-14 10:41:00 -07:00
Kubernetes Prow Robot
4950f51903
Merge pull request #116155 from enj/enj/f/dek_reuse 
kmsv2: re-use DEK while key ID is unchanged
 2023-03-14 10:40:28 -07:00
Kubernetes Prow Robot
49649c89ea
Merge pull request #113584 from yangjunmyfm192085/volume-contextual-logging 
volume: use contextual logging
 2023-03-14 10:40:16 -07:00
justinsb
04ae8e9b2e kubectl prunev2: simple e2e/integration test 
Starting with the most basic e2e test, checking that we can create and
prune configmaps.
 2023-03-14 16:45:29 +00:00
Kubernetes Prow Robot
f769c66aa8
Merge pull request #113622 from 249043822/br-context-logging-daemon 
daemonset: use contextual logging
 2023-03-14 09:38:28 -07:00
Kubernetes Prow Robot
204a9a1f17
Merge pull request #116459 from ffromani/podresources-ratelimit-minimal 
add podresources DOS prevention using rate limit
 2023-03-14 08:36:45 -07:00
Madhav Jivrajani
a466b7f5aa test/e2e: Add e2e tests for kubectl --subresource 
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-03-14 21:01:44 +05:30
Davanum Srinivas
a1d157bf32
Add some missing flags 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-14 10:36:25 -04:00
Kubernetes Prow Robot
689fc37dd2
Merge pull request #112334 from dgrisonnet/fix-eventseries-count 
Fix EventSeries starting count discrepancy
 2023-03-14 07:28:16 -07:00
Monis Khan
832d6f0e19
kmsv2: re-use DEK while key ID is unchanged 
This change updates KMS v2 to not create a new DEK for every
encryption.  Instead, we re-use the DEK while the key ID is stable.

Specifically:

We no longer use a random 12 byte nonce per encryption.  Instead, we
use both a random 4 byte nonce and an 8 byte nonce set via an atomic
counter.  Since each DEK is randomly generated and never re-used,
the combination of DEK and counter are always unique.  Thus there
can never be a nonce collision.  AES GCM strongly encourages the use
of a 12 byte nonce, hence the additional 4 byte random nonce.  We
could leave those 4 bytes set to all zeros, but there is no harm in
setting them to random data (it may help in some edge cases such as
live VM migration).

If the plugin is not healthy, the last DEK will be used for
encryption for up to three minutes (there is no difference on the
behavior of reads which have always used the DEK cache).  This will
reduce the impact of a short plugin outage while making it easy to
perform storage migration after a key ID change (i.e. simply wait
ten minutes after the key ID change before starting the migration).

The DEK rotation cycle is performed in sync with the KMS v2 status
poll thus we always have the correct information to determine if a
read is stale in regards to storage migration.

Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-14 10:23:50 -04:00
Gunju Kim
cdf501f77b
Add service-feature-gates argument to node_e2e 
This separates the "service-feature-gates" argument from the
"feature-gates" to set feature gates of API service independently.
 2023-03-14 22:54:30 +09:00
Jan Safranek
a84dc2d5c5 Flip SELinuxMountReadWriteOncePod to Beta 
And enable all e2e tests by default. They're still behind
`[Feature:SELinux]` tag to ensure the underlying OS supports SELinux.
 2023-03-14 14:32:38 +01:00
zhucan
80ff4b90a5 e2e: test for node expand volume with secrets failed 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
 2023-03-14 21:12:31 +08:00
Paco Xu
a5587de2e4 print all calls when compare CSI call failed 2023-03-14 18:03:08 +08:00
Patrick Ohly
fec5233668 api: resource.k8s.io PodScheduling -> PodSchedulingContext 
The name "PodScheduling" was unusual because in contrast to most other names,
it was impossible to put an article in front of it. Now PodSchedulingContext is
used instead.
 2023-03-14 10:18:08 +01:00
Paco Xu
4e5171b396 upgrade csi provisioner to v3.4.0 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Paco Xu
40d543a59d check node expand secret ref and fix CSI calls compare failure 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Paco Xu
2f71a635af get pvc again to get the pv name that bound to the PVC 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Patrick Ohly
29941b8d3e api: resource.k8s.io v1alpha1 -> v1alpha2 
For Kubernetes 1.27, we intend to make some breaking API changes:
- rename PodScheduling -> PodSchedulingHints (https://github.com/kubernetes/kubernetes/issues/114283)
- extend ResourceClaimStatus (https://github.com/kubernetes/enhancements/pull/3802)

We need to switch from v1alpha1 to v1alpha2 for that.
 2023-03-14 07:52:03 +01:00
Kubernetes Prow Robot
152876a3eb
Merge pull request #115668 from jiahuif-forks/feature/validating-admission-policy/type-system 
Type System for ValidatingAdmissionPolicy
 2023-03-13 23:27:09 -07:00
Kubernetes Prow Robot
6612af0af0
Merge pull request #110304 from RomanBednar/resize-e2e 
add e2e test for correct resizing of a snaphot restore
 2023-03-13 22:27:08 -07:00
Kubernetes Prow Robot
cd56332d06
Merge pull request #116501 from mattcary/ss-beta 
Graduate StatefulSetAutoDelete to beta
 2023-03-13 19:31:20 -07:00
Rob Scott
e23af041f5
Introducing Topology Mode Annotation, Deprecating Topology Hints 
Annotation

As part of this change, kube-proxy accepts any value for either
annotation that is not "disabled".

Change-Id: Idfc26eb4cc97ff062649dc52ed29823a64fc59a4
 2023-03-14 02:23:11 +00:00
ZhangKe10140699
7198bcffcd daemonset: use contextual logging 2023-03-14 08:50:27 +08:00
杨军10092085
361e4ff0fa volume: use contextual logging 2023-03-14 08:37:30 +08:00