Commit Graph

3819 Commits

Author SHA1 Message Date
Khaled Henidak (Kal)
a53e2eaeab
move IPv6DualStack feature to stable. (#104691)
* kube-proxy

* endpoints controller

* app: kube-controller-manager

* app: cloud-controller-manager

* kubelet

* app: api-server

* node utils + registry/strategy

* api: validation (comment removal)

* api:pod strategy (util pkg)

* api: docs

* core: integration testing

* kubeadm: change feature gate to GA

* service registry and rest stack

* move feature to GA

* generated
2021-09-24 16:30:22 -07:00
saad-ali
beb17fe10b Remove VolumeSubpath feature gate
Remove the VolumeSubpath feature gate.

Feature gate convention has been updated since this was introduced to
indicate that they "are intended to be deprecated and removed after a
feature becomes GA or is dropped.".
2021-09-17 01:59:23 -07:00
Tim Hockin
52f54ce90d Svc REST: clean up defaultOnRead to be consistent
Headless+selectorless -> RequireDualStack

Headless+selector -> SingleStack

Add test cases to cover this and ExternalName and dual-stack init (which
I think can never trigger, but best to be safe).
2021-09-16 11:17:45 -07:00
Tim Hockin
b6da6c9c0f Svc REST: Add InternalTrafficPolicy tests
Remove older form.
2021-09-11 11:30:01 -07:00
Tim Hockin
5363f1646f Svc REST: Add new model of feature tests
This scaffolding allows us to assert more on each test case, and more
consistently.

Set input fields from output fields IFF they are expected AND not set on
input.  This allows us to verify the "after" state (expected) whether
the test case specified the value or not, and still pass the generic
cmp.Equal.

Use this in a few tests to prove its worth, more to do.

Some of the existing tests that are focused on create and delete can
probably be replaced by these.

This could be used in other test cases that are open-coding a lot of the
same stuff.  Later commits.
2021-09-11 11:30:00 -07:00
Tim Hockin
e338c9db4b Svc REST: Set Cluster IPs during dry-run Create
Dry-run should behave like a real API call and return valid results.
2021-09-11 10:57:01 -07:00
Tim Hockin
237434bd42 Svc REST: Overhaul Create test wrt dual-stack
This includes a few cases.

1) TestCreateIgnoresIPFamilyForExternalName: Prove that ExternalName is
ignored for dual-stack.  A small set of test cases were chosen to
demonstrate.

2) TestCreateIgnoresIPFamilyWithoutDualStack: Prove that when the
dual-stack gate is off, all services are ignored for dual-stack.  A
small set of test cases were chosen to demonstrate

3) TestCreateInitIPFields: Run over a huge array of test cases for
dual-stack.  This was generated by this program:
https://gist.github.com/thockin/cccc9c9a580b4830ee0946ddd43eeafe and
then updated by hand.
2021-09-11 10:56:03 -07:00
Tim Hockin
73503a4936 Fix a small regression in Service updates
Prior to 1.22 a user could change NodePort values within a service
during an update, and the apiserver would allocate values for any that
were not specified.

Consider a YAML like:

```
apiVersion: v1
kind: Service
metadata:
  name: foo
spec:
  type: NodePort
  ports:
  - name: p
    port: 80
  - name: q
    port: 81
  selector:
    app: foo
```

When this is created, nodeport values will be allocated for each port.
Something like:

```
apiVersion: v1
kind: Service
metadata:
  name: foo
spec:
  clusterIP: 10.0.149.11
  type: NodePort
  ports:
  - name: p
    nodePort: 30872
    port: 80
    protocol: TCP
    targetPort: 9376
  - name: q
    nodePort: 31310
    port: 81
    protocol: TCP
    targetPort: 81
  selector:
    app: foo
```

If the user PUTs (kubectl replace) the original YAML, we would see that
`.nodePort = 0`, and allocate new ports.  This was ugly at best.

In 1.22 we fixed this to not allocate new values if we still had the old
values, but instead re-assign them.  Net new ports would still be seen
as `.nodePort = 0` and so new allocations would be made.

This broke a corner case as follows:

Prior to 1.22, the user could PUT this YAML:

```
apiVersion: v1
kind: Service
metadata:
  name: foo
spec:
  type: NodePort
  ports:
  - name: p
    nodePort: 31310 # note this is the `q` value
    port: 80
  - name: q
    # note this nodePort is not specified
    port: 81
  selector:
    app: foo
```

The `p` port would take the `q` port's value.  The `q` port would be
seen as `.nodePort = 0` and a new value allocated.  In 1.22 this results
in an error (duplicate value in `p` and `q`).

This is VERY minor but it is an API regression, which we try to avoid,
and the fix is not too horrible.

This commit adds more robust testing of this logic.
2021-08-30 12:42:17 -07:00
Sascha Grunert
cdbfd009da
Mention seccomp annotation removal in v1.25
This patch adds removal warnings for the deprecated seccomp annotation,
which is targeting removal in v1.25.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2021-08-16 17:02:54 +02:00
Kubernetes Prow Robot
e799d7b191
Merge pull request #99023 from verb/1.21-securitycontext
Allow setting securityContext in ephemeral containers
2021-07-09 20:50:46 -07:00
Kubernetes Prow Robot
81065fd085
Merge pull request #103532 from thockin/fix-91459-service-update-allocs
Service: Fix semantics for Update wrt allocations
2021-07-08 05:59:05 -07:00
Kubernetes Prow Robot
36a7426aa5
Merge pull request #99144 from bart0sh/PR0094-promote-HugePageStorageMediumSize-to-GA
promote huge page storage medium size to GA
2021-07-07 18:09:05 -07:00
Tim Hockin
80dda49ce2 Service: Fix semantics for Update wrt allocations
It is not uncommon for users to Create a Service and not specify things
like ClusterIP and NodePort, which we then allocate for them.  They same
that YAML somewhere and later use it again in an Update, but then it
fails.

That's because we detected them trying to set a ClusterIP from a value
to "", which is not allowed.  If it was just NodePort, they would
actually succeed and reallocate a new port.

After this change, we try to "patch" updates where the user did not
specify those values from the old object.
2021-07-07 17:09:12 -07:00
Kubernetes Prow Robot
7bfd0b0503
Merge pull request #103467 from thockin/svc-alloc-lb-nodeports-bug
Fix small bug with AllocateLoadBalancerNodePorts
2021-07-07 17:05:40 -07:00
Kubernetes Prow Robot
896cf744cb
Merge pull request #103420 from raisaat/pods-api-test-fix
Fix pkg/api/pod/util tests to ensure feature gate is set
2021-07-07 10:43:53 -07:00
Kubernetes Prow Robot
eaba61b4de
Merge pull request #103276 from NetApp/data-source-ref
Add DataSourceRef field to PVC spec
2021-07-07 08:56:44 -07:00
Ben Swartzlander
00dba76918 Add DataSourceRef field to PVC spec
Modify the behavior of the AnyVolumeDataSource alpha feature gate to enable
a new field, DataSourceRef, rather than modifying the behavior of the
existing DataSource field. This allows addition Volume Populators in a way
that doesn't risk breaking backwards compatibility, although it will
result in eventually deprecating the DataSource field.
2021-07-06 21:17:41 -04:00
Tim Hockin
5b787aa184 Clean up testing of AllocateLoadBalancerNodePorts
We only need one "tweak" function, and it should be set automatically in
most cases.
2021-07-06 16:36:51 -07:00
Raisaat Rashid
68dadd40d6 Fix pkg/api/pod/util tests to ensure feature gate is set
Fixing this led to finding a bug in how the TestDropProbeGracePeriod
unit tests were written, so this patch also includes a fix for that.

Co-Authored-By: Elana Hashman <ehashman@redhat.com>
2021-07-06 13:34:54 -05:00
Andrew Sy Kim
28f3f36505
Promote the ServiceInternalTrafficPolicy field to Beta and on by default (#103462)
* pkg/features: promote the ServiceInternalTrafficPolicy field to Beta and on by default

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/api/service/testing: update Service test fixture functions to set internalTrafficPolicy=Cluster by default

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/apis/core/validation: add more Service validation tests for internalTrafficPolicy

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service/storage: fix failing Service REST storage tests to use internalTrafficPolicy: Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service/storage: add two test cases for Service REST TestServiceRegistryInternalTrafficPolicyClusterThenLocal and TestServiceRegistryInternalTrafficPolicyLocalThenCluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service: update strategy unit tests to expect default
internalTrafficPolicy=Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/proxy/ipvs: fix unit test Test_EndpointSliceReadyAndTerminatingLocal to use internalTrafficPolicy=Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/apis/core: update fuzzers to set Service internalTrafficPolicy field

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/api/service/testing: refactor Service test fixtures to use Tweak funcs

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2021-07-06 06:16:30 -07:00
Hanlin Shi
24592ca989 Update the related tests
1. add AllocateLoadBalancerNodePorts fields in specs for validation test cases
2. update fuzzer
3. in resource quota e2e, allocate node port for loadbalancer type service and
   exceed the node port quota

Signed-off-by: Hanlin Shi <shihanlin9@gmail.com>
2021-07-02 21:58:41 +00:00
Tim Hockin
54b6a416fb Service REST test: better IP and port alloc checks 2021-07-01 23:01:36 -07:00
Tim Hockin
a3b05033f6 Move endpoints test-helper funcs to a package 2021-07-01 18:26:45 -07:00
Tim Hockin
175f4f3387 Move service test-helper funcs to a package 2021-07-01 18:26:45 -07:00
Kubernetes Prow Robot
21f41b8e82
Merge pull request #101711 from hbagdi/ingressclass-namespaced-params-beta
graduate IngressClassNamespacedParams to beta
2021-06-29 17:07:03 -07:00
Lee Verberne
70765fa24d Allow securityContext in EphemeralContainers 2021-06-25 18:47:22 +02:00
Kubernetes Prow Robot
3d6e0694bb
Merge pull request #101294 from twosigma/gasethostnamefqdn
Promote setHostnameAsFQDN feature to GA
2021-06-09 09:07:48 -07:00
Jordan Liggitt
8d9dd7b6ea Avoid warning on seccomp field usage 2021-06-01 11:18:14 -04:00
Gunju Kim
d9681d7266 AllowExpandedDNSConfig if haveSameExpandedDNSConfig(newPod, oldPod) 2021-05-27 07:10:15 +09:00
Gunju Kim
6317ce63c6 Add feature gate ExpandedDNSConfig
ExpandedDNSConfig allows kubernetes to have expanded DNS(Domain Name
System) configuration
2021-05-27 07:10:13 +09:00
Kubernetes Prow Robot
5be51c9fbf
Merge pull request #102186 from Jiawei0227/scaleio
Add warning for removed and deprecated plugin
2021-05-23 01:15:37 -07:00
Jiawei Wang
cc089c0400 Add warning for deprecated and removed plugin 2021-05-20 21:20:44 -07:00
Kubernetes Prow Robot
6e4e32985a
Merge pull request #99576 from marosset/windows-host-process-work
Windows host process work
2021-05-20 14:16:15 -07:00
Kubernetes Prow Robot
f52ab3845d
Merge pull request #101099 from pacoxu/podpreset-clean
remove pod preset testdata and args
2021-05-20 10:40:36 -07:00
Kubernetes Prow Robot
c115435adc
Merge pull request #101688 from liggitt/field-warnings
Add field-level warning plumbing and add pod spec warnings
2021-05-19 17:23:04 -07:00
marosset
93da0fd45d API support for Windows host process containers
Co-authored-by: James Sturtevant <jstur@microsoft.com>
2021-05-19 16:24:13 -07:00
Jordan Liggitt
ecdecafdc8 Add warning evaluation for pod specs 2021-05-18 10:42:36 -04:00
Ed Bartosh
c12aa0f6b7 promote HugePageStorageMediumSize to GA 2021-05-10 15:57:55 +03:00
Kubernetes Prow Robot
d9abcee491
Merge pull request #100936 from lojies/cleanuppkgapi
code cleanup for pkg/api and pkg/apis
2021-05-07 13:31:25 -07:00
Javier Diaz-Montes
baa88b26cd Remove feature gate to GA the setHostnameAsFQDN feature 2021-05-04 13:35:31 -04:00
Harry Bagdi
60377ba1a3 graduate IngressClassNamespacedParams to beta 2021-05-03 15:00:40 -07:00
卢振兴10069964
4e447acab0 code cleanup for pkg/api and pkg/apis 2021-04-28 08:57:23 +08:00
pacoxu
e9a3b92985 remove pod preset testdata and args
Signed-off-by: pacoxu <paco.xu@daocloud.io>
2021-04-14 16:23:23 +08:00
Monis Khan
91241eac9b
Prune stale entries from OWNERS files
Signed-off-by: Monis Khan <mok@vmware.com>
2021-04-13 20:54:50 -04:00
Kubernetes Prow Robot
d51f15ed0d
Merge pull request #100885 from enj/enj/i/auth_owners
Update sig-auth OWNERS
2021-04-12 22:18:49 -07:00
Monis Khan
bca4993004
Update auth OWNERS files to only use aliases
Signed-off-by: Monis Khan <mok@vmware.com>
2021-04-07 10:46:03 -04:00
Jie Shen
3807a92df0 Use cmp.Diff instead of diff.Object* in pkg/api 2021-03-20 21:40:34 +08:00
Elana Hashman
7df1259d09
Generated changes for probe terminationGracePeriodSeconds 2021-03-11 16:40:40 -08:00
Elana Hashman
c88512d34f
Add feature flag ProbeTerminationGracePeriod, test field drop in API 2021-03-11 14:38:00 -08:00
Fangyuan Li
7ed2f1d94d Implements Service Internal Traffic Policy
1. Add API definitions;
2. Add feature gate and drops the field when feature gate is not on;
3. Set default values for the field;
4. Add API Validation
5. add kube-proxy iptables and ipvs implementations
6. add tests
2021-03-07 16:52:59 -08:00