kubernetes

Author	SHA1	Message	Date
Dan Winship	abb1a458a9	Create an nftables.Interface in nftables proxier And update most of the comments to refer to "nftables" rather than "iptables" (even though it doesn't actually do any nftables updating at this point). For now the proxy also internally creates a utiliptablestesting.FakeIPTables to keep the existing sync code compiling.	2023-10-31 17:38:29 -04:00
Dan Winship	1a530457f9	Drop unit tests of iptables-specific unit test helpers (We'll eventually have nftables versions.)	2023-10-31 17:33:53 -04:00
Dan Winship	958e80ca3b	Clarify nftables/proxier.go by distinguishing nat/filter table KUBE-SERVICES chains (It is confusing, but allowed, to have distinct "KUBE-SERVICES" chains in "nat" and "filter" in iptables, but in nftables the "type nat" and "type filter" chains end up in the same table, so we'll need different names for the two.)	2023-10-31 17:33:53 -04:00
Dan Winship	3abdda9800	Simplify nftables/proxier.go by using string rather than utiliptables.Chain Change the svcPortInfo and endpointInfo fields to string rather than utiliptables.Chain, and various fixups from there. Also use a proper set for activeNATChains, and fix the capitalization of endpointInfo.chainName.	2023-10-31 17:33:53 -04:00
Dan Winship	96e53f64f4	Simplify nftables/proxier.go by removing the "args" reuse since that will be done differently in nftables	2023-10-31 17:33:53 -04:00
Dan Winship	6535ac1e61	Simplify nftables/proxier.go by removing Monitor stuff since it shouldn't be necessary	2023-10-31 17:33:53 -04:00
Dan Winship	ecb7752f0b	Simplify nftables/proxier.go by removing HaveRandomFully checks	2023-10-31 17:33:53 -04:00
Dan Winship	5f09106063	Simplify nftables/proxier.go by dropping "-j ACCEPT" rules	2023-10-31 17:33:53 -04:00
Dan Winship	1a6b9b811e	Simplify nftables/proxier.go by removing localhost nodeport support and related route_localnet setting / anti-martian-packet rule	2023-10-31 17:33:53 -04:00
Dan Winship	e7c35d27f7	Simplify nftables/proxier.go by removing partial syncing Since optimization will be done differently in nftables.	2023-10-31 17:33:53 -04:00
Dan Winship	39a5af1d0a	Simplify nftables/proxier.go by removing large-cluster mode since things will be optimized differently in nftables	2023-10-31 17:33:53 -04:00
Dan Winship	a70653143e	Add a dummy nftables kube-proxy backend which is just a copy of iptables	2023-10-31 17:31:42 -04:00
Kubernetes Prow Robot	113f133b2a	Merge pull request #121637 from dims/update-to-new-cadvisor-v0.48.1 Update to new cadvisor v0.48.1	2023-10-31 21:50:23 +01:00
Kubernetes Prow Robot	00b56955fd	Merge pull request #121210 from msau42/owners Add sig OWNERS to registry packages	2023-10-31 20:23:59 +01:00
Kubernetes Prow Robot	dba565193c	Merge pull request #121104 from carlory/kep-3751-api-changes [KEP-3571] introduce the VolumeAttributesClass API	2023-10-31 20:23:50 +01:00
Kubernetes Prow Robot	0c93f40374	Merge pull request #120995 from aroradaman/move-get-kernel-version move GetKernelVersion out of pkg/proxy/ipvs	2023-10-31 20:23:41 +01:00
Davanum Srinivas	bd233a2aa5	typo/api change in cadvisor / updated unwanted-dependencies.json Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2023-10-31 14:30:57 -04:00
Kubernetes Prow Robot	d475c249da	Merge pull request #120954 from HirazawaUi/deprecate-kubeProxyVersione-field deprecate the kubeProxyVersion field of v1.Node	2023-10-31 19:16:20 +01:00
Kubernetes Prow Robot	ac6f707155	Merge pull request #120620 from tzneal/sidecar-termination-ordering sidecars: terminate sidecars after main containers	2023-10-31 19:16:11 +01:00
Kubernetes Prow Robot	418e9d08a4	Merge pull request #120592 from AxeZhan/validation_sets Use generic set in package "/pkg/apis/core/validation"	2023-10-31 19:16:02 +01:00
Kubernetes Prow Robot	a5ff0324a9	Merge pull request #120461 from gjkim42/do-not-reuse-device-of-restartable-init-container Don't reuse the device of a restartable init container	2023-10-31 19:15:53 +01:00
Kubernetes Prow Robot	5d03ce7ae4	Merge pull request #120354 from aroradaman/proxy-conntrack-api Add support for `nf_conntrack_tcp_be_liberal` sysctl to kube-proxy	2023-10-31 19:15:44 +01:00
Kubernetes Prow Robot	2c300ef6b0	Merge pull request #120269 from gjkim42/fix-restart-containers-in-right-order-after-podsandbox-changed Restart containers in right order with SidecarContainers enabled	2023-10-31 19:15:35 +01:00
Kubernetes Prow Robot	bfeb3c2621	Merge pull request #119447 from gjkim42/do-not-reuse-cpu-set-of-restartable-init-container Don't reuse CPU set of a restartable init container	2023-10-31 19:15:26 +01:00
Kubernetes Prow Robot	dea3f1a119	Merge pull request #112599 from fabi200123/Adding-Windows-Support-for-InPlaceVerticalScaling Adding Windows support for InPlace Pod Vertical Scaling	2023-10-31 19:15:12 +01:00
Kubernetes Prow Robot	74fefd877f	Merge pull request #121638 from tkashem/apf-ga apiserver: set APF featuregate to stable	2023-10-31 15:57:57 +01:00
Abu Kashem	c7fcef1875	apiserver: set APF featuregate to ga	2023-10-31 08:46:24 -04:00
Kubernetes Prow Robot	d84ee0ba69	Merge pull request #121632 from kerthcet/fix/runscoreplugins Fix panic when process RunScorePlugins for cap out of range	2023-10-31 13:14:32 +01:00
Kubernetes Prow Robot	064e86b3d0	Merge pull request #121223 from ritazh/authz-cel [StructuredAuthorizationConfig] - CEL integration	2023-10-31 13:13:56 +01:00
kerthcet	b02aad42fa	Fix panic when process RunScorePlugins for cap out of range Signed-off-by: kerthcet <kerthcet@gmail.com>	2023-10-31 16:02:16 +08:00
Rita Zhang	31c76e9abb	authz: add cel expression to webhook matchconditions Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-10-30 21:48:00 -07:00
carlory	56ab6c5942	generated changes	2023-10-31 11:26:35 +08:00
carlory	ae90a69677	volumeattributesclass and core api changes	2023-10-31 11:18:56 +08:00
Kubernetes Prow Robot	f5a5d83d7c	Merge pull request #121089 from tkashem/apf-v1 Promote APF API to v1	2023-10-31 02:39:30 +01:00
Michelle Au	c4aab1036f	Add sig OWNERS to registry packages	2023-10-31 01:20:16 +00:00
Kubernetes Prow Robot	ab13d0b47c	Merge pull request #120780 from munnerz/bound-token-improvements Including JTI & node reference in issued service account tokens (kep 4193)	2023-10-31 01:22:56 +01:00
Kubernetes Prow Robot	e823b56a0b	Merge pull request #116932 from my-git9/ut-preemption [ut] Increase test coverage for kubelet/pleg	2023-10-31 01:22:47 +01:00
Kubernetes Prow Robot	af18989486	Merge pull request #116931 from my-git9/CreateListener-ut [ut] increase covrage for kubelet/prober/results	2023-10-31 01:22:29 +01:00
Abu Kashem	b8cd792b36	rename the roundtrip annotation, forbid it in v1	2023-10-30 18:22:51 -04:00
Kubernetes Prow Robot	08070433cc	Merge pull request #121373 from cici37/crdGA [KEP-2876] Promote CRD validation rule to GA	2023-10-30 22:42:09 +01:00
James Munnelly	76463e21d4	KEP-4193: bound service account token improvements	2023-10-30 21:15:10 +00:00
Kubernetes Prow Robot	05765a851c	Merge pull request #121389 from aleksandra-malinowska/sts-restart-always Resubmit "Make StatefulSet restart pods with phase Succeeded"	2023-10-30 21:11:51 +01:00
Kubernetes Prow Robot	e4212878dd	Merge pull request #119208 from atosatto/separate-taint-manager Decouple TaintManager from NodeLifeCycleController (KEP-3902)	2023-10-30 21:11:33 +01:00
Kubernetes Prow Robot	ceea5fd0cb	Merge pull request #119109 from jiahuif-forks/feature/validating-admission-policy/crd-typechecking ValidatingAdmissionPolicy - Type Checking for API Expensions types	2023-10-30 21:11:19 +01:00
Kubernetes Prow Robot	b84e4a1333	Merge pull request #121608 from carlory/cleanup-003 fix wrong controller name for ephemeralController	2023-10-30 18:49:12 +01:00
Jordan Liggitt	79c5b3ca6f	Mirror apiserver feature gates to kube feature gates file for consistent enablement	2023-10-30 10:22:37 -04:00
Andrea Tosatto	ccda2d6fd4	kube-controller-manager: Decouple TaintManager from NodeLifeCycleController (KEP-3902)	2023-10-30 12:23:56 +00:00
Abu Kashem	233bc2449d	apiserver: fix apf enablement with runtime-config	2023-10-30 08:18:41 -04:00
Abu Kashem	730d10a8fb	apiserver: add generated files for flowcontrol api change	2023-10-30 08:18:41 -04:00
Abu Kashem	9fd2ab419a	apiserver: allow zero value for the 'nominalConcurrencyShares' field	2023-10-30 08:18:40 -04:00

1 2 3 4 5 ...

48628 Commits