github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
123,579 Commits 1 Branch 31 Tags
d748fc024dfa2909cf0796f9d3eb5dd642c0e4d4
Commit Graph

12288 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
d40676c227 Merge pull request #122047 from aojea/treeless 
KEP-1880 Multiple Service CIDRs: Graduate to Beta (1/2)
 2024-06-28 01:00:20 -07:00
Kubernetes Prow Robot
522e2e5066 Merge pull request #124917 from vinayakankugoyal/kep4633 
KEP-4633: Only allow anonymous auth for configured endpoints.
 2024-06-27 20:39:51 -07:00
Vinayak Goyal
5e6a4937f5 KEP-4633: Allow health-only anonymous auth mode. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-06-28 00:30:05 +00:00
Antonio Ojea
9b1bad431b implement dual write on Service ClusterIP allocator 
MultiCIDRServiceAllocator implements a new ClusterIP allocator based on
IPAddress object to solve the problems and limitations caused by
existing bitmap allocators.

However, during the rollout of new versions, deployments need to support
a skew of one version between kube-apiservers. To avoid the possible
problem where there are multiple Services requests on the skewed
apiservers and that both allocate the same IP to different Services,
the new allocator will implement a dual-write strategy under the
feature gate DisableAllocatorDualWrite.

After the MultiCIDRServiceAllocator is GA, the DisableAllocatorDualWrite
can be enabled safely as all apiservers will run with the new
allocators. The graduation of DisableAllocatorDualWrite can also
be used to clean up the opaque API object that contains the old bitmaps.

If MultiCIDRServiceAllocator is enabled and DisableAllocatorDualWrite is disable
and is a new environment, there is no bitmap object created, hence, the
apiserver will initialize it to be able to write on it.
 2024-06-27 11:33:36 +00:00
SataQiu
7120b3902c kubeadm: improve the error/warning messages of 'validateSupportedVersion' to include the checked resource kind 2024-06-27 18:47:09 +08:00
SataQiu
6190152abd kubeadm: update the long description about 'kubeadm config' command 2024-06-27 15:54:42 +08:00
Kubernetes Prow Robot
921b69b133 Merge pull request #125582 from chrischdi/pr-kubeadm-kep-4471 
kubeadm: implement ControlPlaneKubeletLocalMode
 2024-06-26 20:40:12 -07:00
Kubernetes Prow Robot
3084c15dd9 Merge pull request #125723 from p0lyn0mial/upstream-refactor-watch-list-kcm-units 
kube-controller-manager: refactor watchlist unit tests
 2024-06-26 15:15:22 -07:00
Kubernetes Prow Robot
b29dce0757 Merge pull request #125627 from yt-huang/clean-up 
drop deprecated PollWithContext and adopt PollUntilContextTimeout ins…
 2024-06-26 10:58:55 -07:00
Lukasz Szaszkiewicz
cc7063e96d kube-controller-manager: refactor watchlist unit tests 2024-06-26 12:47:46 +02:00
Siyuan Zhang
379676c4be add DefaultComponentGlobalsRegistry flags in ServerRunOptions 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
4352c4ad27 Add version mapping in ComponentGlobalsRegistry. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
701e5fc374 Add composition flags for emulation version and feature gate. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
403301bfdf apiserver: Add API emulation versioning. 
Co-authored-by: Siyuan Zhang <sizhang@google.com>
Co-authored-by: Joe Betz <jpbetz@google.com>
Co-authored-by: Alex Zielenski <zielenski@google.com>

Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Christian Schlotter
038a94804e kubeadm: implement ControlPlaneKubeletLocalMode 2024-06-24 17:03:33 +02:00
Kubernetes Prow Robot
10ae1dbb52 Merge pull request #125636 from my-git9/certsunused 
kubeadm: Remove unused function in phases/certs
 2024-06-24 02:00:56 -07:00
Kubernetes Prow Robot
498f88803e Merge pull request #125121 from chendave/emeritus 
Move myself(chendave) to the list of emeritus
 2024-06-24 00:16:56 -07:00
xin.li
71d3f9e249 Remove unused function in phases/certs 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2024-06-22 18:47:28 +08:00
yintong.huang
2db1b321e0 drop deprecated PollWithContext and adopt PollUntilContextTimeout instead 
Signed-off-by: yintong.huang <yintong.huang@daocloud.io>
 2024-06-21 19:23:31 +08:00
Marko Mudrinić
33466a6606 kubeadm: Add '--yes' flag to the list of allowed flags 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
 2024-06-18 13:04:17 +02:00
Lubomir I. Ivanov
09078d4810 kubeadM: allow conversion of TimeoutForControlPlane 
v1beta3.ClusterConfiguration.APIServer.TimeoutForControlPlane
must be migrated to {Init|Join}Configuration.Timeouts.
.ControlPlaneComponentHealthCheck.

To achieve this sort of cross-Kind migration do the following:
- Use a temporary, thread-safe variable in timeoututils.go
- Make the order of GVKs in documentMapToInitConfiguration
deterministic.
 2024-06-17 10:07:33 +03:00
Lubomir I. Ivanov
4af99cd676 kubeadm: deprecate v1beta3 
Mark v1beta3 as deprecated by showing a warning when used
and write a note about it in the doc.go file.
 2024-06-17 10:07:33 +03:00
Lubomir I. Ivanov
bc92a0dfe9 kubeadm: continue supporting extraArgs flags for v1beta4 
Flags for kubeadm init such as --apiserver-extra-args prior
to v1beta4 used a map[string]string for pflag.Value storage. This no
longer works since v1beta4 extra args are a slice of Arg.

Add a new flag type argSlice and implement a solution for
parsing these flags.

At the same time deprecate these flags and show a warning
that users should use config.
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
cc539cd600 kubeadm: more validation for Upgrade|ResetConfiguration 
- Add unit tests for ValidateUpgrade|ResetConfiguration
- Add two more validation points in ValidateUpgradeConfiguration
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
8a5f849c66 kubeadm: keep v1beta3 only in required code paths 
Use v1beta4 everywhere and only use v1beta3
in a few required locations:
- kubeadm-config map handling
- unit and integration tests
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
d0c656dc19 kubeadm: don't default ExtraEnvs to an empty slice 
Instead of defaulting ExtraEnvs for CP components to an empty
slice when converting from/to v1beta3 keep it nil.

This allows for expecting a nil value in the internal
config, similarly to ExtraArgs.
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
66c7fc5ab4 kubeadm: update migration logic from v1beta3 to 4 
Treat v1beta4 as non experimental API when migrating.
Update unit tests.
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
fb1fcd2d3b kubeadm: move v1beta4 to high priority in API scheme 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
b9f7661ab8 kubeadm: add missing "kubeadm config print upgrade-defaults" 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
6544d19796 kubeadm: update godoc and comments for v1beta4 
- Include some more examples related to v1beta4 in the doc.go.
- Fix some typos in v1beta4 field comments.
- Add missing JSON tag for UpgradeConfiguration.Apply.SkipPhases.
 2024-06-17 10:07:32 +03:00
Lubomir I. Ivanov
bca0f0836f kubeadm: fix a bug in v1beta3.JoinConfiguration.Discovery.Timeout 
After the introduction of v1beta4 if the user inputs the old
v1beta3 discovery timeout the value is ignored. Fix that
by introducing a conversion to v1beta4.

Co-authored-by: penghez (GitHub handle)
 2024-06-13 09:41:07 +03:00
Kubernetes Prow Robot
9c5643f8fc Merge pull request #125390 from TommyStarK/kube-apiserserver/remove-deprecated-otel-NewNoopTracerProvider 
kube-apiserver: remove deprecated otel NewNoopTracerProvider
 2024-06-11 17:49:44 -07:00
Kubernetes Prow Robot
c77d954273 Merge pull request #125388 from neolit123/1.31-fix-kubeconfig-ecdsa 
kubeadm: fix the generation of ECDSA keys in kubeconfig files
 2024-06-11 09:18:35 -07:00
Lubomir I. Ivanov
40d185637c kubeadm: add UT for ClusterConfiguration.EncryptionAlgorithmType() 2024-06-11 12:39:24 +03:00
Quan Tian
9d71e5338d Remove unused sysctl parameter from nftables proxy 
Signed-off-by: Quan Tian <quan.tian@broadcom.com>
 2024-06-08 21:48:54 +08:00
Kavin
dce2322933 Inherit certPhaseFlags for SA 2024-06-08 12:05:45 +05:30
TommyStarK
cce8551272 kube-apiserver: remove deprecated otel NewNoopTracerProvider 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2024-06-07 19:57:37 +02:00
Lubomir I. Ivanov
02ed1aee71 kubeadm: fix the generation of ECDSA keys in kubeconfig files 
When the PublicKeysECDSA feature gate is used or the new
v1beta4.ClusterConfiguration.EncryptionAlgorithm field is used
with "ECDSA-P256" as value, make sure that this is reflected
in the "cert spec" used to generate private keys and they end
up as "EC keys".
 2024-06-07 20:04:18 +03:00
Kubernetes Prow Robot
f057f2de1c Merge pull request #124956 from TommyStarK/remove-deprecated-otel-noop-tracer 
cmd/kubelet: remove deprecated otel NewNoopTracerProvider
 2024-06-06 17:05:34 -07:00
Kubernetes Prow Robot
548d50da98 Merge pull request #125157 from carlory/kubeadm-2563 
kubeadm: update warning message for the swap check
 2024-06-03 04:20:55 -07:00
carlory
f5c69fde39 kubeadm: update warning message for the swap check 
Co-authored-by: Lubomir I. Ivanov <neolit123@gmail.com>
 2024-06-03 17:09:20 +08:00
Kubernetes Prow Robot
2d8a3ad572 Merge pull request #125265 from neolit123/1.31-use-actual-kubelet-address-port 
kubeadm: use the actual configured kubelet healthz address:port
 2024-06-02 23:14:32 -07:00
Lubomir I. Ivanov
52302e4ad5 kubeadm: use the actual configured kubelet healthz address:port 
When doing a kubelet health check on init/join, do not
hardcode the "localhost" address. Instead, use the
KubeletConfiguration HealthzBindAddress and HealthzPort
fields.
 2024-06-01 10:10:31 +03:00
Humble Chirammal
07ef65a834 make use of etcd v3.5.14 in the builds. 
https://github.com/etcd-io/etcd/releases/tag/v3.5.14

This release has been built with GO 1.21.10

Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2024-06-01 09:06:35 +05:30
Kubernetes Prow Robot
8565e37525 Merge pull request #125127 from my-git9/ut-compute 
kubeadm: increase ut coverage for compute
 2024-05-31 02:41:37 -07:00
xin.li
d24d82eda9 kubeadm: increase ut coverage for compute 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2024-05-31 16:39:51 +08:00
Kubernetes Prow Robot
b503409e9c Merge pull request #124363 from claudiubelu/unittests-11 
unittests: Fixes unit tests for Windows (part 11)
 2024-05-30 08:17:24 -07:00
Kubernetes Prow Robot
fc6c7d743d Merge pull request #124069 from carlory/clean-100000 
fix ProbeControllerVolumePlugins func
 2024-05-30 08:17:15 -07:00
Kubernetes Prow Robot
2acdbae664 Merge pull request #125178 from my-git9/unusedfunction 
kubeadm: remove some unused function
 2024-05-30 06:47:02 -07:00
Sascha Grunert
51a36294a3 kubeadm: check only for RuntimeReady condition 
We only check for the `RuntimeReady` condition instead of anything else
like the `NetworkReady` to allow kubeadm to provision the cluster.

Refers to https://github.com/kubernetes/kubernetes/pull/124685#issuecomment-2138655482
Follow-up on: https://github.com/kubernetes/kubernetes/pull/124685

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2024-05-30 08:33:22 +02:00