github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
116,619 Commits 1 Branch 31 Tags 1,019 MiB
83d30f4463
Commit Graph

10246 Commits

Author SHA1 Message Date
Paco Xu
70369bfe29 remove GAed KubeletCredentialProviders 2023-03-31 10:09:58 +08:00
Antoni Zawodny
beb329f4bf Do not look at VPC-related resources outside the cluster's network 2023-03-27 17:44:25 +02:00
Jordan Liggitt
188844c3db
Make prerelease tag optional in CI versions 2023-03-21 09:23:45 -04:00
Jordan Liggitt
2010eaac52
Annotate CI version regexes 2023-03-21 09:08:05 -04:00
Jordan Liggitt
9ba4df15f8
Drop unused regex grouping 2023-03-21 09:08:05 -04:00
Jordan Liggitt
bff737d328
Update comments 2023-03-21 09:08:04 -04:00
Sascha Grunert
630af564be
Update cri-tools to v1.26.1 
Addresses CVE-2022-41723: https://github.com/advisories/GHSA-vvpx-j8f3-3w6h

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2023-03-15 15:22:24 +01:00
Francesco Romani
b430464df0 gce: podresources: don't disable on windows 
Now that podresources socket has been fixed on windows,
we can re-enable on GCE CI.

Signed-off-by: Francesco Romani <fromani@redhat.com>
 2023-03-14 22:39:56 +01:00
Kubernetes Prow Robot
c2ad27aaa2
Merge pull request #115619 from jprzychodzen/cluster-kcm-ccm 
[GCE] [cluster] Split run controllers per controller-manager
 2023-03-14 09:39:34 -07:00
Kubernetes Prow Robot
4f76e4a0fd
Merge pull request #115603 from pacoxu/coredns-v1.10.1 
update coredns to v1.10.1
 2023-03-14 08:36:28 -07:00
Arnaud Meukam
033f4b1772
Stop clear non-existant retention policy rule 
This command is now not necessary and create some noise on the trail
logs.
See: https://github.com/kubernetes/k8s.io/pull/4902

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-13 11:35:10 +01:00
Paco Xu
8bb328680c upgrade cluster-autoscaler v1.26.1 to fix ci warnings 2023-03-13 15:41:28 +08:00
Joseph Anttila Hall
31e1df9ae6
Bump Konnectivity to 0.1.2 2023-03-10 12:48:25 -08:00
Paco Xu
a1def4b9c0 pod-infra-container-image: update comments as it will be removed in couple more releases 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-09 11:14:32 +08:00
torredil
6aebda9b1e Remove AWS legacy cloud provider + EBS in-tree storage plugin 
Signed-off-by: torredil <torredil@amazon.com>
 2023-03-06 14:01:15 +00:00
Arnaud Meukam
471985557a
remove retention policy for staging buckets 
Follow-up of:
  - https://github.com/kubernetes/kubernetes/pull/115634

The current retention policy prevent creation or update of new objects
until the existing one are deleted based on the retention period.

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-02 19:15:29 +01:00
Arnaud Meukam
bf08cc38da
Add retention policy to staging buckets 
Related to:
  - https://github.com/kubernetes/k8s.io/issues/4691

Ensure new staging bucketst are regional and apply lifecycle policy to
the objects of each staging bucket.

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-01 17:25:38 +01:00
cyclinder
4f913dbcdd bump kube-dns to v1.22.20 2023-02-27 14:34:53 +08:00
Paco Xu
b24725eed7 update coredns to v1.10.1 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-02-26 09:25:40 +08:00
Davanum Srinivas
4ecb4670cc
Remove unnecessary ETCD_UNSUPPORTED_ARCH for arm64 
we should only use this env var for `arm`, since `arm64` is fully
supported by etcd folks, let us drop this!

(ex - https://github.com/etcd-io/etcd/releases/tag/v3.5.6)

ppc64le comment should be dropped as well

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-02-16 21:29:13 -05:00
Kubernetes Prow Robot
5d9d06aa47
Merge pull request #115717 from pacoxu/node-dns-v1.22.17 
update node-local-dns to v1.22.17
 2023-02-13 23:43:30 -08:00
Paco Xu
ceb37c3a5c update node-local-dns to 1.22.18 2023-02-14 09:37:35 +08:00
Stephen Kitt
b62165f445
Drop cp from the etcd images 
This was used by migrate-if-needed.sh, but that has been replaced by
the migrate Go program which doesn't need external cp.

Signed-off-by: Stephen Kitt <skitt@redhat.com>
 2023-02-13 18:06:59 +01:00
Antonio Ojea
07fc074a67 Revert "use kube-proxy defaults values for CI" 
This reverts commit bafeacd14d.
 2023-02-13 11:41:34 +00:00
Jakub Przychodzeń
544456608f Split run controllers per controller-manager 2023-02-08 14:40:04 +00:00
Mohamed Zaian
90570b7595 etcd: Update to version 3.5.7 2023-01-27 17:24:00 +01:00
Mohamed Zaian
e98853ec28 etcd: Build image 3.5.7-0 2023-01-26 14:44:24 +01:00
Kubernetes Prow Robot
afe936fee5
Merge pull request #115191 from jkh52/zero-one-one 
Bump konnectivity-client to v0.1.1
 2023-01-20 17:56:02 -08:00
Joseph Anttila Hall
5c01971f2a Bump konnectivity-client to v0.1.1 
Fixes memory leaks.
Upgrades GRPC and ProtoBuf versions.
 2023-01-19 04:35:31 +00:00
Aditi Sharma
d83c37c311 Update CNI version to 1.2.0 
Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
 2023-01-18 13:24:40 +05:30
David Porter
a3b44b574f cluster/gce: Fetch image from image family 
Currently, we hardcode the exact image to use in cluster/gce. This is
problematic as the image gets stale very frequently and has old versions
of components such as containerd, kernel, and CVE issues.

Instead, fetch the latest image from the image family. This will ensure
the image will stay up to date. Each image change in image family is
expected to be minor. Switching to a new LTS milestone will require
updating the image family set.

Also add new kube-up environment variables to allow controlling the image
family used, namely:

* IMAGE_FAMILY - default image family to use
* MASTER_IMAGE_FAMILY - image family for master to use (defaults to
  IMAGE_FAMILY if unset)
* NODE_IMAGE_FAMILY - image family for node to use (defaults to
  IMAGE_FAMILY if unset)

Signed-off-by: David Porter <david@porter.me>
 2023-01-13 17:34:56 -08:00
Kubernetes Prow Robot
8cb2339730
Merge pull request #114548 from haircommander/cri-tools-1.26 
update cri-tools to 1.26.0
 2023-01-09 06:53:28 -08:00
Joseph Anttila Hall
7df98deda0 Bump konnectivity-client to v0.0.35 
./hack/pin-dependency.sh sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.35
./hack/update-codegen.sh
./hack/update-vendor.sh

Manual adjustments:
vendor/modules.txt
cluster/gce/addons/konnectivity-agent/konnectivity-agent-ds.yaml
cluster/gce/manifests/konnectivity-server.yaml
 2023-01-03 20:23:29 +00:00
Antonio Ojea
e3d0452bcf store cloud-controller-manager logs 
Change-Id: I26ae13c921590b622ce73c101db828c653bd65ff
 2022-12-20 11:39:18 +00:00
Peter Hunt
f41cd1c3dc update cri-tools to 1.26.0 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2022-12-16 16:27:01 -05:00
Kubernetes Prow Robot
d2ed6d355e
Merge pull request #114279 from pacoxu/coredns-v1.10.0 
update coredns to v1.10.0
 2022-12-10 12:21:52 -08:00
Kubernetes Prow Robot
9d3b1cd038
Merge pull request #114229 from aojea/min-sync-period 
use kube-proxy defaults values for CI
 2022-12-10 07:54:59 -08:00
Kubernetes Prow Robot
ce9b912ca6
Merge pull request #114085 from saschagrunert/gcb-docker-gcloud-bump 
Bump gcb-docker-gcloud to `v20221007-69e0da97ef`
 2022-12-10 06:04:33 -08:00
Kubernetes Prow Robot
89f6cb39d5
Merge pull request #114071 from Mskxn/master 
Fix a potential goroutine leak
 2022-12-10 06:04:17 -08:00
Kubernetes Prow Robot
da8a78ebd2
Merge pull request #113267 from hoskeri/cleanup-kubelet-admin-role 
Remove unused RBAC rule from system:kubelet-api-admin
 2022-12-09 14:33:33 -08:00
Paco Xu
d65ea5e712 update coredns kube up to v1.10.0 2022-12-05 10:08:32 +08:00
Antonio Ojea
bafeacd14d use kube-proxy defaults values for CI 
Change-Id: I8b9bcd62a0df8c1f90623a53ad3ba7fb31b2a4f3
 2022-12-01 10:32:12 +00:00
Msk
1444f089fc Fix go routine leaks 
Close the channel instead of write to it to avoid hanging goroutine.
 2022-12-01 00:29:59 +08:00
Paco Xu
75f89875f8 use etcd 3.5.6-0 after promotion 2022-11-24 09:45:56 +08:00
Sascha Grunert
c032d7993a
Bump gcb-docker-gcloud to v20221007-69e0da97ef 
Update the container images used in cloudbuild to their latest version.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2022-11-23 16:03:28 +01:00
Davanum Srinivas
efd8723ece
Bump GOLANG_VERSION to build etcd (from 1.16.x to 1.17.x) 
Also fix REVISION back to `0` this was missed in the previous PR

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-11-23 10:02:03 -05:00
Paco Xu
a8b22ff28c upgrade etcd 3.5.6 for image build 2022-11-22 17:08:12 +08:00
Kubernetes Prow Robot
591fc0d8ab
Merge pull request #113858 from aojea/ingress_nightly 
Fix kubernetes/gce-ingress jobs
 2022-11-15 10:56:47 -08:00
Antonio Ojea
962dbbba48 fix glbc jobs 
use latest stable version
add permissions for endpointslices
 2022-11-15 13:39:59 +00:00
Mark Rossetti
534f052a8d
Updating pause image refernces to 3.9 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2022-11-14 10:24:54 -08:00
Andrew Sy Kim
545835e288 cluster: remove KUBE_TEST_IGNORE_CLOUDPROVIDER_TAINT which is no longer needed 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-11-05 22:04:19 -04:00
Andrew Sy Kim
3242ca8ab1 cluster: fix cloud-controller-manager.manifest to use priorityClassName instead of priorityClass 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-11-04 19:35:39 -04:00
Walter Fender
99156b5bdc Turn on CCM in kube-up when cloudprovider=external 
Currently if we disable cloud provider by the following
CLOUD_PROVIDER_FLAG=external
KUBE_FEATURE_GATES=DisableCloudProviders=true,DisableKubeletCloudCredentialProviders=true
we can no longer schedule workloads due to taints and a lack of
node configuration.
This pulls a CCM image from K/cloud-provider-gcp to run tests.
This is a pre-step for taking the above feature gates to beta.
It does not address the last known good dependency issue.
Specifically the CCM image is built on top of client-go and staging.
However this image will be an "old" verison of those libraries.
So it does not test if those libraries work in the CCM.

Fix shellcheck errors.
Add CCM_FEATURE_GATES for testing.
Switching to extended regex from perl regex.
Adding instrumentation to cluster configuration.
Improved regex to not greedily get key-value pairs.
Fixed issue with error on regex no line match.
Switch credentialprovider version to v1alpha1
 2022-11-03 10:38:23 -07:00
Kubernetes Prow Robot
25dc4c4f32
Merge pull request #112980 from swatisehgal/devicemanager-ga-graduation 
node: devicemgr: Graduate Kubelet DeviceManager to GA
 2022-11-02 13:17:01 -07:00
Swati Sehgal
752fa093e0 node: devicemgr: GA graduation implies Feature Gate is ON by default 
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
 2022-11-02 11:05:20 +00:00
Paco Xu
9e8dc1d4a5 cleanup psp related rbac in cluster addons 2022-10-31 11:29:20 +08:00
Abhijit Hoskeri
9f2ac979ae Remove unused RBAC rule from system:kubelet-api-admin 
cd54bd94e9 removes the
handlers for /spec from the kubelet server.

Cleanup the RBAC rules as well.

Change-Id: Id6befbcacec27ad383e336b7189289f55c1c0a68
 2022-10-21 11:57:07 -07:00
Benjamin Elder
64ed5964d5 permit self-assignment line for clarity and also fear of touching get-kube.sh 2022-10-20 16:22:11 -07:00
Benjamin Elder
4c7189f54b fix SC2267 GNU xargs -i is deprecated in favor of -I{} in cluster/gce/util.sh 
see: https://www.shellcheck.net/wiki/SC2267
 2022-10-19 23:46:18 -07:00
Kubernetes Prow Robot
51185b77a3
Merge pull request #112901 from vinaykul/ubuntu-kube-up-fix 
Fix 'ctr not found' error with gce kube-up for Ubuntu OS deployments
 2022-10-17 18:05:18 -07:00
Kubernetes Prow Robot
2e1da6590e
Merge pull request #113045 from wewark/master 
Update to latest kubedns and nodelocaldns images.
 2022-10-14 03:38:57 -07:00
Kubernetes Prow Robot
b601769721
Merge pull request #112924 from marosset/remove-20h2-windows-images 
cleanup: Remove out-of-support Windows 20H2 images
 2022-10-13 11:25:15 -07:00
Khaled Hamed
74db48f510
Update to latest kubedns and nodelocaldns images. 2022-10-13 14:48:37 +02:00
Mark Rossetti
ecd543be04
Remove out-of-support Windows 20H2 images 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2022-10-12 14:43:51 -07:00
Jordan Liggitt
dd0910691f
Move root approvers to subdirs 2022-10-10 13:43:03 -04:00
Jordan Liggitt
04b178b49b
Make root approval non-recursive 2022-10-10 08:26:53 -04:00
Vinay Kulkarni
eaf8bd87af Fix 'ctr not found' error with gce kube-up for Ubuntu OS deployments 2022-10-06 11:36:48 -07:00
Walter Fender
4f6894d206 Adding flag for testing to ignore cloud provider taint. 
Adding the ability to ignore no schedule flags in testing.
Specifically node.cloudprovider.kubernetes.io/uninitialized:NoSchedule
Fix shellcheck complaint.
 2022-10-06 10:54:35 -07:00
Arnaud Meukam
9987e4635f
Test startup: make staging bucket regional 
Make GCS buckets created by the e2e tests regional.
There are by default multi-regional in US location. The change is
introduced to minimize GCS global cost.
GCS new pricing changed since Oct 1, 2022. See https://cloud.google.com/storage/pricing-announce

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2022-10-05 06:34:04 +02:00
Kubernetes Prow Robot
b4b67c9ca5
Merge pull request #112781 from humblec/gce-new 
Update sidecar controllers to latest versions in the e2e
 2022-09-29 22:18:28 -07:00
Humble Chirammal
b3a3d8cb6b Update sidecar controllers to latest versions in the e2e 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2022-09-29 22:13:11 +05:30
Kubernetes Prow Robot
bc3d78aa55
Merge pull request #112726 from dims/drop-unsupported-iks-configuration-for-kubemark 
Drop unsupported iks configuration for kubemark
 2022-09-29 04:06:54 -07:00
Maciej Borsz
7af94d7e95 Remove ssh firewall only when we delete network 2022-09-29 07:25:20 +00:00
Walter Fender
1dfdfc4bb5 Bump konnectivity-client to v0.0.33 
Bump konnectivity network proxy to v0.0.33.
Includes a couple bug fixes for better handling of dial failures.
[Agent &
Server](https://github.com/kubernetes-sigs/apiserver-network-proxy/commits/v0.0.33)
include numerous other fixes.
Pin goleak to 1.2
 2022-09-26 17:06:49 -07:00
Davanum Srinivas
908ec2a496
Drop unsupported iks configuration for kubemark 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-09-25 17:33:22 -04:00
Walter Fender
56eb2bcff4 Honor the CLOUD_PROVIDER_FLAG flag. 
We were not passing the flag from deploying machine to the machine
being deployed to. Now passing the flag.
 2022-09-23 19:03:01 -07:00
Kubernetes Prow Robot
188b65c92f
Merge pull request #110826 from humblec/test-failure 
Fix the test failure on volume snapshot
 2022-09-22 12:50:52 -07:00
Kubernetes Prow Robot
ac868b17d6
Merge pull request #112058 from saschagrunert/cri-tools-v1.25 
Update cri-tools to v1.25.0
 2022-09-21 16:59:07 -07:00
Humble Chirammal
40621d4351 Fix the test failure on volume snapshot 
Since we have upgraded to snapshot controller version to v6, the
snapshot tests looks to be failing in the testgrid. It has been mainly
because the latest version of snapshot controller stopped serving
v1beta1 APIs. The sidecar image versions in the tests also has to be
updated to make sure these are compatible.

This commit add missing RBAC rules for the controller as per the
latest version.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2022-09-16 19:39:47 +05:30
Davanum Srinivas
0f6b9b883c
etcd: Updated to v3.5.5 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-09-15 21:05:13 -04:00
Davanum Srinivas
4e650c3c7c
etcd: Build image 3.5.5-0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-09-15 15:37:10 -04:00
Kubernetes Prow Robot
43a5c7b4e2
Merge pull request #112446 from gcampbell12/gc/update-dns-addon 
Update kube-dns and nodelocaldns to 1.22.11
 2022-09-14 15:39:33 -07:00
George Campbell
4f5ccb834e
Update kube-dns and nodelocaldns to 1.22.11 2022-09-14 14:34:45 +01:00
Humble Chirammal
c2a7bfd6b4 removal of glusterfs in-tree driver code from the source 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2022-09-13 20:11:50 +05:30
Artur Żyliński
f35799f6b1 Fix: Refactor firewall-rules list to read-array 2022-09-12 10:20:50 +02:00
Matthew Cary
8a0e0c7f79 Remove race between kubelet startup and mounter rootfs 
Change-Id: I18d5a7d1f8c475c96da3c4166802ac76e91b3b52
 2022-09-01 15:58:43 -07:00
Sascha Grunert
0ed8dd211a
Update cri-tools to v1.25.0 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2022-08-26 11:55:40 +02:00
Kubernetes Prow Robot
5fa65e989b
Merge pull request #111495 from ndixita/node-e2e-gcp-cred-provider 
Configure and install out-of-tree gcp credential provider
 2022-08-23 21:20:00 -07:00
Kubernetes Prow Robot
da558e44ca
Merge pull request #111906 from tosi3k/apiserver-godebug 
Add a possibility of setting GODEBUG env var for kube-apiserver binary
 2022-08-23 20:08:45 -07:00
Kubernetes Prow Robot
07bca2d791
Merge pull request #67782 from dims/yank-in-tree-openstack-cloud-provider 
Remove in-tree openstack cloud provider
 2022-08-23 18:59:48 -07:00
Kubernetes Prow Robot
6e46517905
Merge pull request #111694 from ialidzhikov/enh/unprivileged-node-local-dns 
Run node-local-dns in non-privileged mode
 2022-08-23 17:17:41 -07:00
Dixita Narang
d1deca1cb4 Configure and install out-of-tree gcp credential provider 2022-08-23 00:59:17 +00:00
Davanum Srinivas
9bbf01bae9
Remove references to openstack and cinder 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-08-22 16:43:14 -04:00
Antoni Zawodny
a8fb0cab49 Add a possibility of setting GODEBUG env var for kube-apiserver binary 2022-08-18 11:19:52 +02:00
ialidzhikov
bfe98c0c2a Run node-local-dns in non-privileged mode 2022-08-05 14:18:27 +03:00
Brian Pursley
c2238b46a2 Change cluster/gce/util to wait for firewall rule creation 
Add kube::util::wait-for-jobs in create-network() to wait
for background firewall rule creation, and if any fail, log
a message and exit with the failed job's return code.
 2022-08-03 17:23:27 -04:00
Kubernetes Prow Robot
e5a649d4f6
Merge pull request #111493 from dpasiukevich/patch-1 
Update OWNERS
 2022-07-28 14:13:11 -07:00
Dzmitry Pasiukevich
5b3222c540
Update OWNERS 2022-07-28 09:36:41 +02:00
dpasiukevich
4c43287ffe Update to latest kubedns and nodelocaldns images. 2022-07-28 07:55:37 +02:00
David Porter
ead45ba74d test: cluster: Bump to COS 97 image 
COS-85 is very old OS image and is EoL in September 2022. Update to the
latest stable LTS version of COS.

Signed-off-by: David Porter <david@porter.me>
 2022-07-25 14:48:27 -07:00