Rename from `clock` to `eventclock`.
Simplify by removing the prohibition on an EventFunc suspending and
resuming activity.
Remove "EventClock" from names to avoid stuttering.
Start to consolidate test code under fairqueuing/testing/.
This change optimizes the kubeadm/etcd `AddMember` client-side function
by stopping early in the backoff loop when a peer conflict is found
(indicating the member has already been added to the etcd cluster). In
this situation, the function will stop early and relay a call to
`ListMembers` to fetch the current list of members to return. With this
optimization, front-loading a `ListMembers` call is no longer necessary,
as this functionally returns the equivalent response.
This helps reduce the amount of time taken in situational cases where an
initial client request to add a member is accepted by the server, but
fails client-side.
This situation is possible situationally, such as if network latency
causes the request to timeout after it was sent and accepted by the
cluster. In this situation, the following loop would occur and fail with
an `ErrPeerURLExist` response, and would be stuck until the backoff
timeout was met (roughly ~2min30sec currently).
Testing Done:
* Manual testing with an etcd cluster. Initial "AddMember` call was
successful, and the etcd manifest file was identical to prior version
of these files. Subsequent calls to add the same member succeeded
immediately (retaining idempotency), and the resulting manifest file
remains identical to previous version as well. The difference, this
time, is the call finished ~2min25sec faster in an identical test in
the environment tested with.
So we can move off of the apimachinery clock package.
Switch queueset to new clocks.
Removed event clocks based on apimachinery clocks,
because this PR introduces ones based on k8s.io/utils/clock .
Removed interface that is implemented by only one interesting type.
Simplify RealEventClock::EventAfterTime.
The purell package at github.com/PuerkitoBio/purell is no longer maintained and in k/k repo under kubeadm package its been used for normalizing the URL. This commit removes the dependency on this package and creates a local function for normalizing the URL within the preflight package under cmd/kubeadm.
Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
chore: add new line at end of the file
Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
fix: remove unused mod from vendor modules file
Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
This is to check if runc 1.0.0 (to be released shortly) works with k8s.
The commands used were (roughly):
hack/pin-dependency.sh github.com/opencontainers/runc v1.0.0
hack/lint-dependencies.sh
# Follow its recommendations.
hack/pin-dependency.sh github.com/cilium/ebpf v0.6.1
hack/pin-dependency.sh github.com/opencontainers/selinux v1.8.2
hack/pin-dependency.sh github.com/sirupsen/logrus v1.8.1
# Recheck.
hack/lint-dependencies.sh
GO111MODULE=on go mod edit -dropreplace github.com/willf/bitset
hack/update-vendor.sh
# Recheck.
hack/lint-dependencies.sh
hack/update-internal-modules.sh
# Recheck.
hack/lint-dependencies.sh
[v2: rebased, updated runc 3a0234e1fe2e82 -> 2f8e8e9d977500]
[v3: testing master + runc pr 3019]
[v4: updated to 93a01cd4d0b7a0f08a]
[v5: updated to f093cca13d3cf8a484]
[v6: rebased]
[v7: updated to runc v1.0.0]
[v8: rebased]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Improve concurrency and cache for credential provider
Removed lock from "Provide" as it can be called in parallel
from image puller. To avoid execing for the same image concurrently
wrapped exec in singleflight.
Purging the cache for expried data with 15mins interval only when
a request for credential is made.
KEP:2133
Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
heketi that is dependency for glusterfs was updated to import a fork of jwt-go that fixes
a high severity CVE-2020-26160 by importing a forked repo (form3tech-oss/jwt-go) that fixes
the CVE as the original repo (dgrijalva/jwt-go) has a fix with breaking changes and
the repo is generally loosely maintained.
This fork is already being used in other places in kubernetes. Heketi 10.3.0 includes this fix.
NOTE: The vulnerable function is not used by heketi or kubernetes. So the vulnerable package is a
transitive dependency and this fix will reduce false postive CVE alerts on kubernetes
Bumped github.com/auth0/go-jwt-middleware to v1.0.0 which removes dgrijalva/jwt-go cleanly
Fixing test failures: pull-kubernetes-dependencies
Removing unused dependencies in replace block to fix test failures: pull-kubernetes-dependencies
Bump go-jwt-middleware to v1.0.1 to *not* pull in examples only deps
