github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
111,839 Commits 1 Branch 31 Tags 1,019 MiB
cf912a2512
Commit Graph

10336 Commits

Author SHA1 Message Date
Jan Safranek
cf912a2512 Update SELinux context log 
SELinux context discovered from Pod is not final, it can be cleared when a
volume plugin does not support SELinux or the volume is not
ReadWriteOncePod. Update the existing log line + add a new one for easier
debugging.
 2022-11-08 11:17:38 +01:00
Jan Safranek
e575e60ea4 Reconstruct SELinux mount option 
When reconstructing volumes from disk after kubelet restart, reconstruct
also context=XYZ mount option and add it to the ActualStateOfWorld.
 2022-11-08 11:17:38 +01:00
Kubernetes Prow Robot
64af9e03f1
Merge pull request #111597 from 249043822/evictionmessage 
make eviction message more clear
 2022-11-07 21:52:19 -08:00
Kubernetes Prow Robot
f328d3dc3d
Merge pull request #113291 from mengjiao-liu/fix-podAndContainerStatsFromCRI 
Fix stats for podAndContainerStatsFromCRI
 2022-11-07 19:48:17 -08:00
ZhangKe10140699
62177fd36d make eviction message more clear 2022-11-08 10:07:02 +08:00
Kubernetes Prow Robot
243ba086e7
Merge pull request #112914 from PiotrProkop/topology-manager-policies-flag 
node: topologymanager:  Improved multi-numa alignment in Topology Manager
 2022-11-07 16:00:51 -08:00
Kubernetes Prow Robot
47952e0917
Merge pull request #112360 from mimowo/handling-pod-failures-beta-kubelet 
Add pod disruption conditions for kubelet-initiated failures
 2022-11-07 16:00:40 -08:00
Kubernetes Prow Robot
43a2bb4df4
Merge pull request #111772 from pacoxu/image-pull-time 
kubelet: make the image pull time more accurate in event
 2022-11-07 14:52:16 -08:00
Kubernetes Prow Robot
1c230d519e
Merge pull request #113262 from jsafrane/rework-reconstruction 
Rework volume reconstruction
 2022-11-07 12:42:29 -08:00
Kubernetes Prow Robot
2ef00038d3
Merge pull request #112961 from marosset/windows-hostnetwork-alpha 
Windows hostnetwork alpha
 2022-11-07 12:42:16 -08:00
Michal Wozniak
4e732e20d0 Do not revert the pod condition if there might be running containers, skip condition update instead. 2022-11-07 16:22:29 +01:00
Michal Wozniak
52cd6755eb Add pod disruption conditions for kubelet initiated failures 2022-11-07 11:23:22 +01:00
Jan Safranek
9a98f7318b Increase verbosity of volume reconstruction messages 
Add volume reconstruction logs to V(2) to see initial kubelet
ActualStateOfWorld after kubelet start. Kubelet logs SetUp / TearDown
events at V(2) already, so we can track the whole volume mount state in
V(2) logs.
 2022-11-07 11:05:27 +01:00
Jan Safranek
286e19c460 Add node name parameter 
Add nodeName to MarkVolumeAsAttached. MarkVolumeAsAttached implementation
in kubelet does not use the parameter, but it could do that in the future.
 2022-11-07 10:50:23 +01:00
Mengjiao Liu
2940484a9a Fix stats for podAndContainerStatsFromCRI 2022-11-07 10:41:45 +08:00
Paco Xu
41902853fd image pull event include duration with waiting 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-11-06 13:42:44 +08:00
Paco Xu
054ceab58d kubelet: make the image pull time more accurate in event 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-11-06 13:42:44 +08:00
David Ashpole
64af1adace
Second attempt: Plumb context to Kubelet CRI calls (#113591) 
* plumb context from CRI calls through kubelet

* clean up extra timeouts

* try fixing incorrectly cancelled context
 2022-11-05 06:02:13 -07:00
Mark Rossetti
f4305db4ee
populate namespace options in runtimeapi.WindowsSandboxSecurityContext + unit tests 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2022-11-04 09:29:39 -07:00
Kubernetes Prow Robot
c8a3657bde
Merge pull request #113307 from andrewsykim/apiserver-identity-hostname 
apiserver identity: use persistent names for lease objects
 2022-11-04 07:28:25 -07:00
Kubernetes Prow Robot
1bf4af4584
Merge pull request #111930 from azylinski/new-histogram-pod_start_sli_duration_seconds 
New histogram: Pod start SLI duration
 2022-11-04 07:28:14 -07:00
Jan Safranek
20c5cc0a39 Add unit test for failed mount after reconstruction 
To preserve fix in https://github.com/kubernetes/kubernetes/pull/110670,
add an unit test that check a volume is *uncertain* even after final mount
error when it was reconstructed.

And actually fix a regression introduced in the previous patch.
 2022-11-04 12:25:21 +01:00
Andrew Sy Kim
72f2e1cc0d lease controller: update NewController to accept leaseName as a parameter, remove NewControllerWithLeaseName 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
 2022-11-04 00:44:13 -04:00
Kubernetes Prow Robot
79014dd6da
Merge pull request #113216 from astraw99/ftr-add-backoff-container 
Add container name in the `BackOff` event message
 2022-11-03 21:24:13 -07:00
Jan Safranek
6d810f2cd4 Add unit tests 2022-11-03 17:54:58 +01:00
Jan Safranek
3a79466ddd Reshuffle functions between reconstruct and reconstruc_common 
Move common functions to reconstruc_common.go and functions used only for
the current (old) reconstruction to reconstruct.go
 2022-11-03 16:55:13 +01:00
Jan Safranek
44b72d0348 Move new reconciler logic into reconciler_new.go 
Move reconciler logic from reconstruct{new}.go to:
- reconciler.go - only the functionality used by the current (old)
  reconciler.
- reconciler_new.go - only the functionality used by the new reconciler.
- reconciler_common.go - common functions.
 2022-11-03 16:55:13 +01:00
Jan Safranek
fc245b339b Refactor ConstructVolumeSpec 
Return a struct from ConstructVolumeSpec to be able to add more fields to
it later.
 2022-11-03 16:55:13 +01:00
Jan Safranek
2dc8cc13a4 Remove SyncReconstructedVolume call 
With the new reconstruction, AWS.MarkVolumeAsMounted will update outer spec
name with the correct value from Pod.
 2022-11-03 16:55:12 +01:00
Jan Safranek
e0f3e5c457 Rework volume reconstruction 
Subsequent SELinux work (see http://kep.k8s.io/1710) will need
ActualStateOfWorld populated around the time kubelet starts mounting
volumes.

Therefore reconstruct volumes before starting reconciler, but do not depend
on the desired state of world populated nor node.status - both need a
working API server, which may not be available at that time.

All reconstructed volumes are marked as Uncertain and reconciler will sort
them out - call SetUp to ensure the volume is really mounted when a pod
needs the volume or call TearDown then there is no such pod.

Finish the reconstruction when the API server becomes available:
- Clean up volumes that failed reconstruction and are not needed.

- Update devicePath of reconstructed volumes from node.status. Make sure
  not to overwrite devicePath that may have been updated when the volume
  was mounted by reconcile().

Hiding all this rework behind SELinuxMountReadWriteOncePod FeatureGate,
just to make sure we have a way back if this commit is buggy.
 2022-11-03 16:55:12 +01:00
PiotrProkop
75bb437a6b Improved multi-numa alignment in Topology Manager: implement closest numa policy 
Signed-off-by: PiotrProkop <pprokop@nvidia.com>
 2022-11-03 10:45:25 +01:00
PiotrProkop
d5dd42dfac Improved multi-numa alignment in Topology Manager: introduce TopologyManagerOptions 
Signed-off-by: PiotrProkop <pprokop@nvidia.com>
 2022-11-03 10:45:21 +01:00
PiotrProkop
58ef3f202a Improved multi-numa alignment in Topology Manager: add NUMAInfo 
Signed-off-by: PiotrProkop <pprokop@nvidia.com>
 2022-11-03 10:45:09 +01:00
PiotrProkop
daee219210 Improved multi-numa alignment in Topology Manager: add topology-manager-policy-options flag in Kubelet 
This patch adds new Kubelet option topologyManagerPolicyOptions.
To introduce new TopologyManager options, first we need to introduce new
flag called `topology-manager-policy-options` to allow users to modify
behaviour of best-effort and restricted policies.

Signed-off-by: PiotrProkop <pprokop@nvidia.com>
 2022-11-03 09:45:33 +01:00
Sascha Grunert
f9707064cf
Remove CRI v1alpha2 
After the removal of dockershim we can finally also drop support for CRI
v1alpha2.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2022-11-03 09:13:43 +01:00
Kubernetes Prow Robot
98742f9d77
Merge pull request #110747 from harshanarayana/cleanup/GIT-110737/logging-improvements 
structured-logging: replace KObjs with KObjSlice for logging
 2022-11-03 00:49:34 -07:00
Kubernetes Prow Robot
6754265580
Merge pull request #109757 from STRRL/enriching-unit-test-for-container-manager 
Add testcases for pkg/kubelet/cm/pod_container_manager_linux.go
 2022-11-02 23:45:35 -07:00
Kubernetes Prow Robot
3cf75a2f76
Merge pull request #103177 from arkbriar/support_cancelable_exec_stream 
Support cancelable SPDY executor stream
 2022-11-02 19:47:36 -07:00
Kubernetes Prow Robot
433787d25b
Merge pull request #113018 from fromanirh/cpumanager-ga-features 
node: kubelet: cpumgr: CPU Manager to GA
 2022-11-02 14:41:01 -07:00
Kubernetes Prow Robot
25dc4c4f32
Merge pull request #112980 from swatisehgal/devicemanager-ga-graduation 
node: devicemgr: Graduate Kubelet DeviceManager to GA
 2022-11-02 13:17:01 -07:00
Francesco Romani
a6b928d90c kubelet: cpumgr: internal variable trivial rename 
CPUManager is going GA, thus it makes little sense
to keep the names of the internal configuration
variables `Experimental*`.

Trivial rename only.

Signed-off-by: Francesco Romani <fromani@redhat.com>
 2022-11-02 18:41:42 +01:00
Francesco Romani
5e12338a22 node: cpumgr: address golint complains 
Add docstrings and trivial fixes.

Signed-off-by: Francesco Romani <fromani@redhat.com>
 2022-11-02 18:41:42 +01:00
Francesco Romani
ff44dc1932 cpumanager: the FG is locked to default (ON) 
hence we can remove the if() guards, the feature
is always available.

Signed-off-by: Francesco Romani <fromani@redhat.com>
 2022-11-02 18:41:41 +01:00
Jan Safranek
989e391d08 Move all volume reconstruction code into separate files 
There is no code change, just moving code around and preparing for the
subsequent commit.
 2022-11-02 15:58:21 +01:00
Antonio Ojea
9c2b333925 Revert "plumb context from CRI calls through kubelet" 
This reverts commit f43b4f1b95.
 2022-11-02 13:37:23 +00:00
astraw99
244598af80 Add back-off restarting failed container name 2022-11-02 20:46:32 +08:00
Swati Sehgal
40741681a2 node: devicemgr: Address warnings from golint 
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
 2022-11-02 11:05:20 +00:00
Swati Sehgal
8b29eded52 node: devicemgr: Remove devicePluginEnabled field from container mgr 
With graduation of device plugins to GA in 1.26, the feature gate is
enabled by default so `devicePluginEnabled` field no longer needs to
be passed at the time of Container Manager creation.

In addition to that, we remove the `ManagerStub` as it is no longer
needed.

Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
 2022-11-02 11:05:20 +00:00
Swati Sehgal
752fa093e0 node: devicemgr: GA graduation implies Feature Gate is ON by default 
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
 2022-11-02 11:05:20 +00:00
Kubernetes Prow Robot
5899432f92
Merge pull request #113481 from rphillips/fixes/77063 
kubelet: fix pod log line corruption when using timestamps and long lines
 2022-11-01 19:59:50 -07:00