Commit Graph

1417 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
bf67247124
Merge pull request #93258 from zshihang/token
mv TokenRequest and TokenRequestProjection to GA
2020-10-30 16:36:51 -07:00
cici37
9465d95ea6 Move CCM to staging k8s.io/cloud-provider 2020-10-29 20:50:23 -07:00
Shihang Zhang
ff641f6eb2 mv TokenRequest and TokenRequestProjection to GA 2020-10-29 20:47:01 -07:00
Kubernetes Prow Robot
53913a7c67
Merge pull request #95489 from ankeesler/ankeesler/enj/f/exec_plugin_cluster
exec credential provider: wire in cluster info (superset of #91192)
2020-10-29 18:36:05 -07:00
Kubernetes Prow Robot
a71334b64c
Merge pull request #95925 from deads2k/doc-events
Event: Document TTL and best-effort-ness
2020-10-29 17:40:22 -07:00
Andrew Keesler
c4299d15d5
exec credential provider: ProvideClusterInfo and kubeconfig shadow
- The main idea here is that we want to 1) prevent potentially large CA
  bundles from being set in an exec plugin's environment and 2) ensure
  that the exec plugin is getting everything it needs in order to talk to
  a cluster.
- Avoid breaking existing manual declarations of rest.Config instances by
  moving exec Cluster to kubeconfig internal type.
- Use client.authentication.k8s.io/exec to qualify exec cluster extension.
- Deep copy the exec Cluster.Config when we copy a rest.Config.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-10-29 13:38:42 -04:00
Tim Hockin
4f8fb1d3ca Wipe some fields on service "type" updates
Service has had a problem since forever:

- User creates a service type=LoadBalancer
- We silently allocate them a NodePort
- User changes type to ClusterIP
- We fail the operation because they did not clear NodePort

They never asked for or used the NodePort!

Dual-stack introduced some dependent fields that get auto-wiped on
updates.  This carries it further.

If you squint, you can see Service as a big, messy discriminated union,
with type as the discriminator. Ignoring fields for non-selected
union-modes seems right.

This introduces the potential for an apply loop. Specifically, we will
accept YAML that we did not previously accept. Apply could see the
field in local YAML and not in the server and repeatedly try to patch it
in. But since that YAML is currently an error, it seems like a very low
risk. Almost nobody actually specifies their own NodePort values.

To mitigate this somewhat, we only auto-wipe on updates. The same YAML
would fail to create. This is a little inconsistent. We could
auto-wipe on create, too, at the risk of more potential impact.

To do this properly, we need to know the old and new values, which means
we can not do it in defaulting or conversion. So we do it in strategy.

This change also adds unit tests and updates e2e tests to rely on and
verify this behavior.
2020-10-28 10:41:26 -07:00
David Eads
5edd3763ce generated 2020-10-28 10:34:15 -04:00
Khaled Henidak (Kal)
6675eba3ef
dual stack services (#91824)
* api: structure change

* api: defaulting, conversion, and validation

* [FIX] validation: auto remove second ip/family when service changes to SingleStack

* [FIX] api: defaulting, conversion, and validation

* api-server: clusterIPs alloc, printers, storage and strategy

* [FIX] clusterIPs default on read

* alloc: auto remove second ip/family when service changes to SingleStack

* api-server: repair loop handling for clusterIPs

* api-server: force kubernetes default service into single stack

* api-server: tie dualstack feature flag with endpoint feature flag

* controller-manager: feature flag, endpoint, and endpointSlice controllers handling multi family service

* [FIX] controller-manager: feature flag, endpoint, and endpointSlicecontrollers handling multi family service

* kube-proxy: feature-flag, utils, proxier, and meta proxier

* [FIX] kubeproxy: call both proxier at the same time

* kubenet: remove forced pod IP sorting

* kubectl: modify describe to include ClusterIPs, IPFamilies, and IPFamilyPolicy

* e2e: fix tests that depends on IPFamily field AND add dual stack tests

* e2e: fix expected error message for ClusterIP immutability

* add integration tests for dualstack

the third phase of dual stack is a very complex change in the API,
basically it introduces Dual Stack services. Main changes are:

- It pluralizes the Service IPFamily field to IPFamilies,
and removes the singular field.
- It introduces a new field IPFamilyPolicyType that can take
3 values to express the "dual-stack(mad)ness" of the cluster:
SingleStack, PreferDualStack and RequireDualStack
- It pluralizes ClusterIP to ClusterIPs.

The goal is to add coverage to the services API operations,
taking into account the 6 different modes a cluster can have:

- single stack: IP4 or IPv6 (as of today)
- dual stack: IPv4 only, IPv6 only, IPv4 - IPv6, IPv6 - IPv4

* [FIX] add integration tests for dualstack

* generated data

* generated files

Co-authored-by: Antonio Ojea <aojea@redhat.com>
2020-10-26 13:15:59 -07:00
Arjun Naik
0fec7b0f7e Added functionality and API for pod autoscaling based on container resources
Signed-off-by: Arjun Naik <anaik@redhat.com>
2020-10-21 21:10:05 +02:00
cici37
0d2002229f Add back openapi gen for generic types and clean up doc.go 2020-10-16 10:54:15 -07:00
cici37
ae8ce0d190 Move cmd/controller-manager to k8s.io/controller-manager and cloud specific configs to k8s.io/cloud-provider. 2020-10-08 13:23:16 -07:00
Kubernetes Prow Robot
6e9475bcd3
Merge pull request #94910 from yashvardhan-kukreja/issue-94602/fix-comment-declaration-event
Cleaned up: the potentially misleading comment under Event struct
2020-10-05 06:23:06 -07:00
Yashvardhan Kukreja
07d0b4a8bc
Cleaned up and fixed: the potentially misleading comments around Event struct 2020-10-05 15:28:59 +05:30
Joe Betz
8874bdf004 Tag LabelSelector with +structType=atomic 2020-10-01 06:12:34 -07:00
Matthew Cary
f2e23afcf1 Adds filtering of hosts to DialContexts.
The provided DialContext wraps existing clients' DialContext in an attempt to
preserve any existing timeout configuration. In some cases, we may replace
infinite timeouts with golang defaults.

- scaleio: tcp connect/keepalive values changed from 0/15 to 30/30
- storageos: no change
2020-09-18 00:07:32 +00:00
David Eads
c0c033b12f generated 2020-09-14 09:24:41 -04:00
David Eads
4172068d93 remove generated podpreset 2020-09-14 09:24:40 -04:00
Haowei Cai
07506ab384 generated 2020-09-08 19:14:36 -07:00
Kubernetes Prow Robot
3f9123fc30
Merge pull request #94010 from ghostsquad/docs/hpa-v2beta-type-missing-external
docs(api): 📝  Fix HPA docs with addition of "External" type
2020-09-04 03:32:09 -07:00
Matthew Fenwick
d407129cf7 modify DNS-1123 error messages to indicate that RFC 1123 is not followed exactly 2020-09-02 08:04:04 -04:00
Kubernetes Prow Robot
08d20fb1d9
Merge pull request #94161 from RyPeck/mark-volume-projection-as-optional
Make ProjectedVolumeSource optional
2020-08-29 15:44:22 -07:00
Weston McNamee
b9e5f5cbed
chore(openapi-spec): 📦 regenerate 2020-08-28 10:13:10 -07:00
Kubernetes Prow Robot
597eb78b25
Merge pull request #94160 from matthyx/startupprobe-ga
Remove StartupProbe featuregate and related logic
2020-08-27 06:42:49 -07:00
Kubernetes Prow Robot
1814612d34
Merge pull request #87919 from SomtochiAma/update-api-docs
Adds additional documentation for job status
2020-08-27 01:19:02 -07:00
Matthias Bertschy
ea14585500 Remove StartupProbe featuregate and related logic 2020-08-22 15:09:52 +02:00
Ryan Peck
9d16863e2f Make ProjectedVolumeSource optional 2020-08-21 10:27:44 -04:00
Jordan Liggitt
44a8d72d32 Mark componentstatus as deprecated 2020-07-30 17:25:26 -04:00
Kubernetes Prow Robot
05f6812c2d
Merge pull request #90822 from deads2k/csr-separate-signer-flags-02
allow setting different certificates for kube-controller-managed CSR signers
2020-07-18 03:10:50 -07:00
Christian Huffman
e65f0f565a Updated dependencies 2020-07-11 23:29:24 -04:00
Christian Huffman
58bd3e5230 Include CSIDriver SupportsFsGroup 2020-07-11 23:29:24 -04:00
Kubernetes Prow Robot
0cb7e320a5
Merge pull request #92784 from pohly/generic-ephemeral-inline-volumes
generic ephemeral inline volumes
2020-07-10 15:41:46 -07:00
Kubernetes Prow Robot
4efed03276
Merge pull request #91637 from robscott/endpointslice-mirroring
Adding new EndpointSlice Mirroring Controller
2020-07-10 10:19:48 -07:00
Somtochi Onyekwere
49751e33e9 Adds additional documentation for job status 2020-07-10 08:34:33 +01:00
David Eads
e88fecf26b allow setting different certificates for kube-controller-managed CSR signers 2020-07-09 08:14:55 -04:00
Patrick Ohly
32fdf688b3 GenericEphemeralVolume: 'make update' for API 2020-07-09 11:03:03 +02:00
Kubernetes Prow Robot
94a08e159a
Merge pull request #92387 from pohly/csi-storage-capacity
CSI storage capacity check
2020-07-09 00:04:59 -07:00
Rob Scott
e701cb0205
Enabling the EndpointSliceMirroring controller, adding related config 2020-07-06 12:43:34 -07:00
Paulo Gomes
8976e3620f
Add seccomp enforcement and validation based on new GA fields
Adds seccomp validation.

This ensures that field and annotation values must match when present.

Co-authored-by: Sascha Grunert <sgrunert@suse.com>
2020-07-06 09:13:25 +01:00
Kubernetes Prow Robot
faff3c5378
Merge pull request #91527 from danwinship/ipfamily-api-docs
api: update Service.Spec.IPFamily docs
2020-07-03 16:36:47 -07:00
Patrick Ohly
9a66e8e1b5 CSIStorageCapacity: 'make update' 2020-07-03 21:54:14 +02:00
Patrick Ohly
22aeb81e84 CSIStorageCapacity: CSIStorageCapacity API
This adds the CSIStorageCapacity API change for
https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1472-storage-capacity-tracking
2020-07-03 21:54:14 +02:00
Kubernetes Prow Robot
1b871091b9
Merge pull request #91645 from chelseychen/event-api
Promote new Event API to v1
2020-07-02 04:16:46 -07:00
Kubernetes Prow Robot
a138be8722
Merge pull request #92686 from pohly/csi-ephemeral-volumes-beta
CSI ephemeral volumes: documentation and owner update
2020-07-01 23:14:37 -07:00
Kubernetes Prow Robot
da37b7ff2b
Merge pull request #92329 from liggitt/crd-deprecation
Add deprecated, deprecationWarning fields to CRDs
2020-07-01 23:12:44 -07:00
Chelsey Chen
c90330d8f4 Auto generated changes 2020-07-01 10:50:34 -04:00
Patrick Ohly
ac959b03ea result of 'make update' 2020-07-01 09:33:54 +02:00
Alex Wang
209117413f
Promote NonPreempt feature gate to beta (#91899)
* update nonpreempt featuregate to beta

* update
2020-06-30 00:02:56 -07:00
Joe Betz
04676ff58c Generate files for addition of ResourceVersionMatch parameter 2020-06-25 20:52:56 -07:00
Jordan Liggitt
30e39c71e2 Add deprecated, deprecationWarning fields to CRDs 2020-06-24 18:06:09 -04:00