github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,390 Commits 1 Branch 31 Tags 1,019 MiB
fcd6c19c24
Commit Graph

12062 Commits

Author SHA1 Message Date
carlory
db8e106e3f Code Refactor: using struct option rather than a long list of parameters 
Co-authored-by: Shida Qiu <shidaqiu2018@gmail.com>
 2023-10-13 17:17:03 +08:00
Kubernetes Prow Robot
801932c012
Merge pull request #120825 from pacoxu/kubeadm-skew-match 
kubeadm: adjust kubeadm skew policy for upgrades
 2023-10-12 16:00:02 +02:00
SataQiu
adae1e33ea kubeadm: remove AlphaDisclaimer for certs phases 2023-10-12 15:11:12 +08:00
Paco Xu
7b1d87383e add kubelet policy skew test for kubeadm 2023-10-12 11:17:05 +08:00
Kubernetes Prow Robot
b47aa1c20e
Merge pull request #120808 from aroradaman/proxy-conntrack-udp-timeouts 
Adding option to configure UDP timeouts for conntrack
 2023-10-12 01:59:55 +02:00
Daman Arora
15ae6cc160 pkg/proxy: add flag to configure udp conntrack timeouts 
Signed-off-by: Daman Arora <aroradaman@gmail.com>
 2023-10-12 03:08:21 +05:30
Kubernetes Prow Robot
12458285b9
Merge pull request #120788 from chendave/componentCfg 
kubeadm: Remove the support of configurable component configs
 2023-10-11 04:42:53 +02:00
Dr. Stefan Schimanski
0f989046d0
kube-apiserver: move cloud provider validation into options 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2023-10-10 22:43:23 +02:00
Kubernetes Prow Robot
87611b10db
Merge pull request #121072 from danwinship/kube-proxy-unit-tests 
Fix regression in cmd/kube-proxy/app unit test speed
 2023-10-10 19:07:16 +02:00
Dan Winship
f3c786cbda Fix regression in cmd/kube-proxy/app unit test speed 2023-10-09 07:08:22 -04:00
SataQiu
c3bf541ede kubeadm: clean up unnecessary references to UnknownCRISocket 2023-10-08 16:57:45 +08:00
Kubernetes Prow Robot
10827a193a
Merge pull request #121045 from my-git9/fixetcdutk 
kubeadm: fix wrong ut for util/etcd
 2023-10-08 07:03:01 +02:00
xin.li
20db4ef3d6 kubeadm: fix wrong ut for util/etcd 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-10-07 21:57:20 +08:00
Kubernetes Prow Robot
0554675d78
Merge pull request #121020 from chendave/set_opt 
kubeadm: Optimize the logic to override the arguments
 2023-10-07 11:58:31 +02:00
Kubernetes Prow Robot
bb06804e52
Merge pull request #120828 from SataQiu/fix-kubeadm-cri-20230922 
kubeadm: fix the bug that kubeadm always do CRI detection when --config is passed even if it is not required by the subcommand
 2023-10-07 11:58:22 +02:00
Kubernetes Prow Robot
854d0e7fc8
Merge pull request #120956 from my-git9/clusterinfout 
kubeadm: increase ut converage for bootstraptoken/clusterinfo
 2023-10-06 13:43:22 +02:00
Dave Chen
e8e22f645d kubeadm: Optimize the logic to override the arguments 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-10-06 19:01:00 +08:00
xin.li
8510057e2d kubeadm: increase ut converage for bootstraptoken/clusterinfo 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-10-06 18:36:02 +08:00
Dan Winship
b2f0052d27 Make a certain ipv4-vs-ipv6 config error non-fatal, for backward compat 2023-10-05 12:57:29 -04:00
Dan Winship
9242cb1934 Rearrange kube-proxy config fields / CLI flags to make more sense. 2023-09-30 10:19:07 -04:00
Dan Winship
44cb330aa0 Improve kube-proxy config / CLI documentation 2023-09-30 10:18:16 -04:00
Kubernetes Prow Robot
c54c6b2383
Merge pull request #120938 from ptsgr/fix-linter 
Refactoring variable declaration and value setting
 2023-09-29 10:56:43 -07:00
Kubernetes Prow Robot
afe4c041f3
Merge pull request #120530 from my-git9/node-ut 
kubeadm: add unit test for phases/bootstraptoken/node/token.go
 2023-09-29 07:08:43 -07:00
Egor Pats
5ebde41efb Refactoring variable declaration and value setting 2023-09-29 16:17:28 +03:00
Kubernetes Prow Robot
dc28eeaa3a
Merge pull request #120565 from skitt/drop-deprecated-pointer-kube-proxy 
kube-proxy: drop deprecated pointer package
 2023-09-29 02:24:42 -07:00
Kubernetes Prow Robot
29ff98ff37
Merge pull request #120417 from neolit123/1.29-v1beta4-ecdsa 
kubeadm: add v1beta4.ClusterConfiguration.EncryptionAlgorithm
 2023-09-28 02:38:33 -07:00
xin.li
e320fadebe kubeadm: add unit test for phases/bootstraptoken/node/token.go 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-09-28 16:42:29 +08:00
Gunju Kim
a0610a97b3
pkg/kubelet/cm: Remove deprecated sets.String and sets.Int 
This removes deprecated sets.String and sets.Int
- replace sets.String with sets.Set[string]
- replace sets.Int with sets.Set[int]
- replace sets.NewString with sets.New[string]
- replace sets.NewInt with sets.New[int]
- replace sets.(OLD).List with sets.List(NEW)
 2023-09-27 22:02:15 +09:00
caoyingjunz
2172ea6083
Fix typos: update Enpoint to Endpoint 2023-09-26 21:23:44 +08:00
SataQiu
1a68195626 kubeadm: fix the bug that kubeadm always do CRI detection when --config is passed even if it is not required by subcommand 2023-09-25 16:35:47 +08:00
Paco Xu
534a0941e8 kubeadm: change kubelet skew to apiserver to n-3 2023-09-22 20:46:29 +08:00
Lubomir I. Ivanov
b5bffb6d97 kubeadm: add v1beta4.ClusterConfiguration.EncryptionAlgorithm 
Add v1beta4.ClusterConfiguration.EncryptionAlgorithm field (string)
and allow the user to configure the cluster asymetric encryption
algorithm to be either "RSA" (default, 2048 pkey size) or "ECDSA" (P-256).
Add validation and fuzzing. Conversion from v1beta3 is not required
because an empty field value is accepted and defaulted to RSA if needed.

Leverage the existing configuration option (feature gate) PublicKeysECDSA
but rename the backend fields, arguments, function names to be more
generic - EncryptionAlgorithm instead of PublicKeyAlgorithm.
That is because once the feature gate is enabled the algorithm
configuration also applies to private keys. It also uses the kubeadm API
type (string) instead of the x509.PublicKeyAlgorithm enum (int).

Deprecate the PublicKeysECDSA feature gate with a message.
It should be removed with the release of v1beta4 or maximum one release
later (it is an alpha FG).
 2023-09-21 11:48:48 +03:00
Dave Chen
d8cf68e75f kubeadm: Nominate myself (chendave) as kubeadm approver 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-09-21 15:00:53 +08:00
Dave Chen
0786fcc941 kubeadm: Remove the support of configurable component configs 
`kubeadm upgrade plan` uses to support the configure of component
configs(kubeproxy and kubelet) in a config file and then check if
the version is supported or not, if it's not supported it will be
marked as a unsupported version and require to manually upgrade
the component.

This feature will make the upgrade config API much harder as this
violates the no-mutation principle for upgrade, and we have seen it's
quite problematic to do like this.

This change removes the support of configurable component configs for
`kubeadm upgrade plan`, along with the removal, the logic to parse
the config file to decide whether a manual upgrade for the component
configs is needed is removed as well.

NOTE that API is not changed, i.e. `ManualUpgradeRequired` is not removed
from `ComponentConfigVersionState` but it's no-op now.

Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-09-21 13:26:13 +08:00
Kubernetes Prow Robot
89b4153d4d
Merge pull request #116884 from mengjiao-liu/contextual-logging-scheduler-plugin-nodevolumelimits 
Change the scheduler plugins FactoryAdapter function to use context parameter to pass logger
 2023-09-20 11:26:00 -07:00
Mengjiao Liu
a7466f44e0 Change the scheduler plugins PluginFactory function to use context parameter to pass logger 
- Migrated pkg/scheduler/framework/plugins/nodevolumelimits to use contextual logging
- Fix golangci-lint validation failed
- Check for plugins creation err
 2023-09-20 17:49:54 +08:00
Kubernetes Prow Robot
144baff189
Merge pull request #120598 from neolit123/1.29-kubeadm-ownders-cleanup 
/cmd/kubeadm,/test/e2e*: update OWNERS for fabriziopandini & RA489
 2023-09-19 21:39:59 -07:00
Etienne Champetier
272b23cc7a kubelet: fix log when using --reserved-cpus 
Fixes ae381fcf09
 2023-09-18 16:52:19 -04:00
Kubernetes Prow Robot
0241da314e
Merge pull request #120514 from fengxsong/patch-1 
fix: check if initsystem service exists
 2023-09-15 14:08:23 -07:00
Kubernetes Prow Robot
4fd8bd9975
Merge pull request #118568 from qiutongs/node-startup-latency 
Create a node startup latency tracker
 2023-09-15 13:00:12 -07:00
Kubernetes Prow Robot
d393d4e151
Merge pull request #120574 from logicalhan/cslis 
promote component SLIs to GA; remove feature gates for component slis
 2023-09-14 22:52:12 -07:00
Kubernetes Prow Robot
c9114abd92
Merge pull request #120607 from gccio/variable-name-conflit-with-import-package 
variable name should not conflit with import package
 2023-09-14 20:36:12 -07:00
gccio
79d0dde4a8 replace hardcode string with exists variable 2023-09-15 08:37:15 +08:00
Stephen Kitt
9990307146
kube-scheduler: drop deprecated pointer package 
This replaces deprecated k8s.io/utils/pointer functions with their ptr
equivalent.

Signed-off-by: Stephen Kitt <skitt@redhat.com>
 2023-09-13 09:42:19 +02:00
Kubernetes Prow Robot
9eb53ec78a
Merge pull request #120602 from SataQiu/fix-kubeadm-20230912 
kubeadm: fix flaky test TestManifestFilesAreEqual
 2023-09-12 10:02:12 -07:00
SataQiu
15ce5dd990 kubeadm: fix flaky-test TestManifestFilesAreEqual 2023-09-12 23:44:44 +08:00
gccio
4f20a72ea0 variable name should not conflit with import package, replace the variable name 2023-09-12 23:23:43 +08:00
Kubernetes Prow Robot
24bc34b1bf
Merge pull request #120516 from togettoyou/cleanup-client-go 
cleanup: Replace the deprecated NewMemCacheClient with memory.NewMemCacheClient
 2023-09-12 07:48:24 -07:00
Kubernetes Prow Robot
e2b03d41c5
Merge pull request #120561 from chendave/dependency 
kubeadm: remove reference of k8s.io/kubernetes/pkg/apis/core/v1
 2023-09-12 03:44:12 -07:00
Lubomir I. Ivanov
3d91ffc6f9 /cmd/kubeadm,/test/e2e*: update OWNERS for fabriziopandini & RA489 
- move fabriziopandini to emeritus_approvers for /test/e2e*
and /cmd/kubeadm. fabriziopandini remains in /OWNERS_ALIASES
under sig-cluster-lifecycle-leads.
- remove RA489 as reviewer for /test/e2e* and /cmd/kubeadm
 2023-09-12 12:35:40 +03:00
SataQiu
4e0c8a9752 kubeadm: remove reference of k8s.io/kubernetes/pkg/apis/core/v1 
Co-authored-by: Dave Chen <dave.chen@arm.com>
 2023-09-12 17:09:19 +08:00
Kubernetes Prow Robot
35199e42a4
Merge pull request #120549 from pacoxu/kubeadm-etcd-manifests 
kubeadm: fix diff order and add tests for new default value manifest
 2023-09-12 00:44:13 -07:00
Paco Xu
4d105eb1ce add TestUnmarshalJson for UniversalUnmarshal 2023-09-12 14:41:07 +08:00
Kubernetes Prow Robot
51a8ee26f2
Merge pull request #120567 from skitt/drop-deprecated-pointer-kubeadm 
kubeadm: drop deprecated pointer package
 2023-09-11 20:18:10 -07:00
Kubernetes Prow Robot
74f6c263d8
Merge pull request #118544 from sohankunkerkar/remove-sandbox-image-ref 
pkg/kubelet: allow sandbox image pinning from CRI
 2023-09-11 11:52:12 -07:00
Lars Ekman
0df4a69f5c
Kube-proxy: Get nodeIPs for both families with dual-stack (#119525) 
* Kube-proxy: handle dual-stack in detectNodeIPs()

* Updates
 2023-09-11 09:30:23 -07:00
Han Kang
e6435e98ed promote component SLIs to GA; remove feature gates for component slis 2023-09-11 09:15:32 -07:00
Stephen Kitt
e2c1c0d34a
kubeadm: drop deprecated pointer package 
This replaces deprecated k8s.io/utils/pointer functions with their ptr
equivalent.

Signed-off-by: Stephen Kitt <skitt@redhat.com>
 2023-09-11 16:41:12 +02:00
Stephen Kitt
357d7804b8
kube-proxy: drop deprecated pointer package 
This replaces deprecated k8s.io/utils/pointer functions with their ptr
equivalent.

Signed-off-by: Stephen Kitt <skitt@redhat.com>
 2023-09-11 16:38:37 +02:00
Paco Xu
678b958567 use universal decoder and add a check on default dns Policy of static pod for test 2023-09-11 22:31:35 +08:00
Qiutong Song
d3eb082568 Create a node startup latency tracker 
Signed-off-by: Qiutong Song <songqt01@gmail.com>
 2023-09-11 05:54:25 +00:00
Paco Xu
2d86c333f5 add test case for generating etcd manifests 2023-09-11 10:35:50 +08:00
Paco Xu
912041ce41 kubeadm: fix diff order and add test for new default value manifest 2023-09-11 10:35:50 +08:00
SaumyaBhushan
df5c1bb1ea added documentation about the format of certificateKey 
Signed-off-by: SaumyaBhushan <saumya.bhushan666@gmail.com>
 2023-09-10 19:50:42 +05:30
Kubernetes Prow Robot
fd8f2c7fc6
Merge pull request #120541 from pacoxu/kubeadm-fix-hash 
kubeadm: add log for static pod manifest diff
 2023-09-09 06:08:08 -07:00
Paco Xu
b443a841e3 kubeadm: add log for static pod manifest diff 2023-09-09 20:00:31 +08:00
Kubernetes Prow Robot
4c0d37e767
Merge pull request #120521 from SataQiu/clean-kubeadm-20230908 
kubeadm: remove 'system:masters' organization from apiserver-etcd-client certificate
 2023-09-08 05:26:25 -07:00
Kubernetes Prow Robot
4c43a25e6a
Merge pull request #119274 from tukwila/test_addons 
kubeadm: add tests in ./cmd/phases/init/addons_test.go
 2023-09-08 05:26:13 -07:00
guangli.bao
9feaefb5cb Increase ut for kubeadm phases init addon 
rename field casename to name
do go lint check
Update addons_test.go to remove whitespace

Signed-off-by: guangli.bao <guangli.bao@daocloud.io>
 2023-09-08 15:35:17 +08:00
SataQiu
3e2bad02dc kubeadm: remove 'system:masters' organization from apiserver-etcd-client certificate 2023-09-08 15:01:00 +08:00
Junhao Zou
43c05e98ca
cleanup: Replace the deprecated NewMemCacheClient with memory.NewMemCacheClient 2023-09-08 11:57:46 +08:00
fengxsong
a69f56e137
fix: check if initsystem service exists 
when detecting whether a service exists, if it does not, the output result will be like "Unit noneexists.service could not be found." on ubuntu:20.04
 2023-09-08 11:15:07 +08:00
Jordan Liggitt
9f76d8d45a
Track vendor status of unwanted deps 2023-09-06 21:48:30 -04:00
Kubernetes Prow Robot
9f3cfbbcdb
Merge pull request #120448 from aroradaman/revert-103174-rancher-33360 
Revert "Do not attempt to overwrite higher system (sysctl) values"
 2023-09-06 12:35:16 -07:00
Kubernetes Prow Robot
f68c66f96d
Merge pull request #119142 from aramase/aramase/f/kep_3331_add_feature_flag 
[StructuredAuthenticationConfig] Add feature flag and wire up `--authentication-config` flag
 2023-09-05 13:08:51 -07:00
Daman Arora
b97cb6dd00
Revert "Do not attempt to overwrite higher system (sysctl) values" 2023-09-06 00:42:48 +05:30
Lubomir I. Ivanov
7c75b018d5 cmd/kube-apiserver: add .import-restrictions 
Allow only /pkg, /plugin, /third_party, /cmd/kube-apiserver, /test/utils.
This disallows imports of other cmd packages like cmd/kubeadm.
 2023-09-05 16:03:28 +03:00
Lubomir I. Ivanov
6ec8dbe5b5 cmd/kube-apiserver: avoid importing the kubeadm pkiutils package 
The package "k8s.io/kubernetes/cmd/kubeadm/app/util/pkiutil"
is used for a couple of function calls:
- pkiutil.NewCertAndKey() to generate a cert/key pair
- pkiutil.WriteCertAndKey() to write the pair to disk

Unroll and simplify the functions to obtain the same functionality
while removing the cmd/kubeadm dependency.
 2023-09-05 14:14:47 +03:00
Kubernetes Prow Robot
cd04f47e8b
Merge pull request #120381 from my-git9/dnsut1 
kubeadm: increase ut coverage for addons/dns/dns.go
 2023-09-03 20:21:47 -07:00
Kubernetes Prow Robot
03762cbcb5
Merge pull request #120316 from dims/move-to-new-repo-for-reference 
New repo who dis? distribution/reference
 2023-09-02 21:05:11 -07:00
xin.li
6f55437472 kubeadm: increase ut coverage for addons/dns/dns.go 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-09-03 11:07:59 +08:00
Davanum Srinivas
ceaed508ce
Validate the cloud-provider passed in and the corresponding feature flags 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-09-02 13:08:04 -04:00
Kubernetes Prow Robot
83f2d89dc9
Merge pull request #120313 from dairlair/patch-1 
Refactor checkErr func
 2023-08-31 22:02:42 -07:00
Davanum Srinivas
889c8e919b
New repo who dis? distribution/reference 
github.com/docker/distribution/reference has a new home github.com/distribution/reference

and a new tag v0.5.0. Let's switch to that.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-08-31 21:53:40 -04:00
dairlair
3c5a58c5f8
Refactor checkErr func 
I moved a simpler condition to the beginning of the function (when the error == nil). This has substantially streamlined the function for readability and comprehension of its logic flow.
 2023-08-31 17:29:08 +03:00
Anish Ramasekar
9e1ff1e512
add loading config and wire feature flag 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-08-30 23:14:56 +00:00
Quan Tian
2b69daa960 Allow specifying ExternalTrafficPolicy for ClusterIP Services with ExternalIPs 
When defining a ClusterIP Service, we can specify externalIP, and the
traffic policy of externalIP is subject to externalTrafficPolicy.
However, the policy can't be set when type is not NodePort or
LoadBalancer, and will default to Cluster when kube-proxy processes the
Service.

This commit updates the defaulting and validation of Service to allow
specifying ExternalTrafficPolicy for ClusterIP Services with
ExternalIPs.

Signed-off-by: Quan Tian <qtian@vmware.com>
 2023-08-30 23:56:47 +08:00
Kubernetes Prow Robot
3cf3702d1e
Merge pull request #119346 from chendave/clean_testcases 
kubeadm: Remove the usage to print the default component configs for `reset` and `join`
 2023-08-30 04:38:48 -07:00
Dave Chen
879dad9c2f kubeadm: Remove the usage to print the default component configs for reset and join 
component configs is only needed for `kubeadm init`, the `join` and `reset` doesn't
need to provid the config with component configs.

Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-08-30 15:38:21 +08:00
Sohan Kunkerkar
d5690f12b6 pkg/kubelet: allow sandbox image pinning from CRI 
As part of this change, the code responsible for managing the sandbox
image within the kubelet has been removed. Previously, the kubelet used
to prevent sandbox image from the garbage collection process. However,
with this update, the responsibility of managing the sandbox containers
has been shifted to the CRI implementation itself. By allowing sandbox
image pinning from CRI, we improve efficiency and simplify the kubelet's
interaction with the container runtime. As a result, the kubelet can now
rely on the container runtime's built-in mechanisms for sandbox container
lifecycle management.

Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
 2023-08-29 15:34:51 -04:00
Kubernetes Prow Robot
973ea2d376
Merge pull request #120228 from pacoxu/kubeadm-learner-etcd-beta 
kubeadm: promote EtcdLearnerMode to beta
 2023-08-29 06:29:21 -07:00
Kubernetes Prow Robot
34b85c593d
Merge pull request #120198 from pacoxu/kubeadm-swap 
kubeadm: update swap warning for v1.28 change
 2023-08-29 04:53:32 -07:00
Paco Xu
618e40c61b kubeadm: promote EtcdLearnerMode to beta 2023-08-29 16:11:05 +08:00
Kubernetes Prow Robot
c7a04e10a6
Merge pull request #120153 from SataQiu/clean-scheduler-20230824 
using wait.PollUntilContextTimeout instead of deprecated wait.Poll/PollWithContext/PollImmediate/PollImmediateWithContext methods for scheduler
 2023-08-28 02:11:42 -07:00
Paco Xu
eb0afbc7d0 kubeadm: update swap warning for v1.28 change 2023-08-28 15:46:23 +08:00
Kubernetes Prow Robot
d4572d58db
Merge pull request #120186 from chendave/testcase_exported 
kubeadm: Add testcases for exported method `ValueFromFlagsOrConfig`
 2023-08-27 00:47:22 -07:00
Kubernetes Prow Robot
4cb47f2ba1
Merge pull request #120116 from tukwila/update-coredns-v1.11.0 
update coredns to v1.11.1
 2023-08-26 10:17:21 -07:00
SataQiu
628bbb9ef8 kubeadm: add supported etcd version for v1.29 2023-08-26 20:43:04 +08:00
Dave Chen
dcbe7755bf kubeadm: Add testcases for exported method ValueFromFlagsOrConfig 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-08-26 18:41:43 +08:00
guangli.bao
78538bd303 update coredns to v1.11.0 
update coredns to v1.11.1
update coredns-kubeadm to 1.11.1
bump up corefile-migration to v1.0.21 based on https://github.com/coredns/corefile-migration/releases/tag/v1.0.21
fix dns_test ut failure

Signed-off-by: guangli.bao <guangli.bao@daocloud.io>
 2023-08-26 17:15:46 +08:00
Kubernetes Prow Robot
10c622e99a
Merge pull request #119994 from SataQiu/remove-scheduler-v1beta3 
scheduler: remove deprecated v1beta3 KubeSchedulerConfiguration component config
 2023-08-24 15:31:17 -07:00
SataQiu
5524f1651a using wait.PollUntilContextTimeout instead of deprecated wait.Poll/PollWithContext/PollImmediate/PollImmediateWithContext methods for scheduler 2023-08-24 18:35:59 +08:00
Kubernetes Prow Robot
2e6eafca3f
Merge pull request #119503 from wojtek-t/pagination_ga 
Graduate APIListChunking to GA
 2023-08-23 10:39:29 -07:00
Patrick Ohly
ce9e668a93 golangci-lint: suppress one issue, demote others to "hints" 
The voting in https://github.com/kubernetes/kubernetes/issues/117288 led to
one check that got rejected ("ifElseChain: rewrite if-else to switch
statement") and several that are "nice to know".

golangci-lint's support for issue "severity" is too limited to identify "nice
to know" issues in the output (filtering is only by linter without considering
the issue text; not part of text output). Therefore a third configuration gets
added which emits all issues (must fix and nits). The intention is to use
the "strict" configuration in pull-kubernetes-verify and the "hints"
configuration in a new non-blocking pull-kubernetes-linter-hints.

That way, "must fix" issues will block merging while issues that may be useful
will show up in a failed optional job. However, that job then also contains
"must fix" issues, partly because filtering out those would make the
configuration a lot larger and is likely to be unreliably (all "must fix"
issues would need to be identified and listed), partly because it may be useful
to have all issues in one place.

The previous approach of manually keeping two configs in sync with special
comments didn't scale to three configs. Now a single golangci.yaml.in with
text/template constructs contains the source for all three configs. A new
simple CLI frontend for text/template (cmd/gotemplate) is used by
hack/update-golangci-lint-config.sh to generate the three flavors.
 2023-08-22 20:39:23 +02:00
Kubernetes Prow Robot
e043bc08d4
Merge pull request #119156 from neolit123/1.28-add-support-for-dup-extraargs 
kubeadm add support for structured ExtraArgs
 2023-08-21 02:49:22 -07:00
Kubernetes Prow Robot
a1fdef7d01
Merge pull request #120072 from SataQiu/fix-kubeadm-20230820 
kubeadm: fix the bug that `--image-repository` flag is missing for some init phase sub-commands
 2023-08-21 01:27:22 -07:00
SataQiu
093093593c kubeadm: fix the field path for JoinControlPlane.CertificateKey validation 2023-08-20 17:35:18 +08:00
SataQiu
700b55b3b2 kubeadm: fix the bug that --image-repository flag is missing for some init phase sub-commands 2023-08-20 17:18:00 +08:00
Kubernetes Prow Robot
5b2167482d
Merge pull request #120064 from SataQiu/feat-kubeadm-20230819 
kubeadm: add validation to verify that the CertificateKey is a valid hex encoded AES key
 2023-08-19 23:59:21 -07:00
SataQiu
75a80d5aba kubeadm: add validation to verify that the CertificateKey is a valid hex encoded AES key 2023-08-20 12:47:02 +08:00
Kubernetes Prow Robot
8377e0f538
Merge pull request #120042 from chendave/typo_namespaces 
kubeadm: Fix typo where API group is not correct
 2023-08-19 05:53:21 -07:00
Kubernetes Prow Robot
595a57940a
Merge pull request #120039 from chendave/move_testcases 
kubeadm: Move the method used only in the test to `postupgrade_test.go`
 2023-08-18 07:12:39 -07:00
Kubernetes Prow Robot
e2afa175e4
Merge pull request #120040 from chendave/unused_args 
kubeadm: Cleanup the unused input parameters
 2023-08-18 05:38:30 -07:00
Dave Chen
f407b31d42 kubeadm: Fix typo where API group is not correct 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-08-18 17:26:39 +08:00
Dave Chen
72af21e1a1 kubeadm: Cleanup the unused input parameters 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-08-18 17:20:22 +08:00
Dave Chen
1eb6282016 kubeadm: Move the method used only in the test to postupgrade_test.go 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-08-18 16:59:08 +08:00
xin.li
fd3f82531f kubeadm: increase ut coverage fo util/kubeconfig 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-08-18 14:49:59 +08:00
SataQiu
427b703c37 scheduler: remove deprecated v1beta2 KubeSchedulerConfiguration 2023-08-17 13:27:21 +08:00
Kubernetes Prow Robot
4f874a224a
Merge pull request #119562 from my-git9/proxyut 
kubeadm: increase ut for cmd/kubeadm/app/phases/addons/proxy
 2023-08-16 19:44:21 -07:00
git-jxj
a5b3a4b738
cleanup: Update deprecated FromInt to FromInt32 (#119858) 
* redo commit

* apply suggestions from liggitt

* update Parse function based on suggestions
 2023-08-16 09:33:01 -07:00
Lubomir I. Ivanov
7a6e056bbd kubeadm: add TODO for NewMapStringString() and CLI extra-args 2023-08-16 13:27:05 +03:00
Lubomir I. Ivanov
f3da0d4ed3 kubeadm: update the rest of the code base for structured ExtraArgs 
In all places map[string]string compounds were used directly
for extra args. Modify said locations to use []Arg
and the new utilities Get/SetArgValue(), ArgumentsTo/FromCommand().
 2023-08-16 13:27:05 +03:00
Lubomir I. Ivanov
a505c7160e kubeadm: adapt the validation and utils for structured ExtraArgs 
Use []kubeadm.Arg instead of map[string]string when
validating ExtraArgs in the API.

Add new GetArgValue() and SetArgValue() utilities
and tests in apis/kubeadm.

Add new utils for constucting commands from and to
a []kubeadm.Arg slice.
 2023-08-16 13:27:05 +03:00
Lubomir I. Ivanov
bc6fcb72a8 kubeadm: add structured ExtraArgs in v1beta4 
Add a new type Arg that holds a dedicated Name and Value.
Instead of using map[string]string for ExtraArgs in the
API use []Arg.

Adapt v1beta3 conversion to convert to/from the
legacy map[string]string.
 2023-08-16 13:27:05 +03:00
Kubernetes Prow Robot
b51ad13bf7
Merge pull request #119938 from my-git9/certlist-ut 
kubeadm: increase ut for certs/certlist
 2023-08-16 01:22:37 -07:00
Kubernetes Prow Robot
85e018634c
Merge pull request #119859 from SataQiu/fix-healthcheck-client-cert-20230809 
kubeadm: remove 'system:masters' organization from etcd/healthcheck-client certificate
 2023-08-16 01:22:26 -07:00
Kubernetes Prow Robot
0491866c64
Merge pull request #119753 from pacoxu/kubeadm-reset-nil 
kubeadm: fix nil pointer when etcd member is already removed
 2023-08-15 23:12:26 -07:00
Kubernetes Prow Robot
ad15077193
Merge pull request #119742 from liggitt/unwanted-deps 
Catch direct references to unwanted dependencies in kubernetes modules
 2023-08-15 21:04:27 -07:00
Kubernetes Prow Robot
b406e49123
Merge pull request #119515 from haojue/dev/postupgradecomment 
adjust order and fix typo for kube upgrade
 2023-08-15 19:42:50 -07:00
xin.li
4950521ad8 kubeadm: increase ut for certs/certlist 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-08-16 10:04:03 +08:00
Kubernetes Prow Robot
5054f2954d
Merge pull request #119279 from chendave/dryrun_init 
kubeadm: Make dry-run is configurable in initConfiguration and joinConfiguration
 2023-08-15 15:18:03 -07:00
Kubernetes Prow Robot
1acd489dca
Merge pull request #118455 from linxiulei/managedFields 
Trim managedFields in controller-manager
 2023-08-15 15:17:12 -07:00
Kubernetes Prow Robot
322acc0f88
Merge pull request #117977 from liggitt/available-resources 
Drop AvailableResources from controller context
 2023-08-15 15:16:39 -07:00
Patrick Ohly
6ddcdef29a kube-proxy: fix combination of --config and logging command line flags 
When parsing a config file, all settings derived from command line flags are
discarded because only the config settings are used. That has been the
traditional behavior for non-logging flags.

But `--config ... -v=4` used to work until
71ef0dafa7 added logging to the configuration.
To restore the original behavior, kube-proxy now:
- parses flags
- reads the config file
- applies logging settings from the flags to the config loaded from file
- uses that merged config
 2023-08-10 11:14:04 +02:00
SataQiu
5fb543a411 kubeadm: remove 'system:masters' organization from etcd/healthcheck-client certificate 2023-08-09 19:23:06 +08:00
Paco Xu
3a2c4d6f09 kubeadm: fix nil pointer when etcd member is already removed 2023-08-04 11:37:00 +08:00
Jordan Liggitt
a5fff9a5d0
Catch direct references to unwanted dependencies in kubernetes modules 2023-08-02 15:44:25 -04:00
Jordan Liggitt
b6ae858e01
Drop AvailableResources from controller context 2023-08-01 14:52:45 -04:00
xin.li
1b8fb69d9e kubeadm: increase ut for cmd/kubeadm/app/phases/addons/proxy 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-07-26 16:28:07 +08:00
Daman Arora
4e10ff91c5 pkg/proxy: move proxier health eventing to cmd/kube-proxy 
Signed-off-by: Daman Arora <aroradaman@gmail.com>
 2023-07-24 20:09:46 +05:30
haojue
6d244728b9 adjust order and fix typo for kube upgrade 2023-07-22 00:03:41 -04:00
Alexander Zielenski
ef8670c946 refactor: replace usage of v1alpha1 with v1beta1 
v1alpha -> v1beta

fill in DenyAction where there is no ParameterNotFoundAction
 2023-07-21 13:41:24 -07:00
Wojciech Tyczyński
6acfa3cb4a Graduate APIListChunking to GA 2023-07-21 14:09:40 +02:00
jackcui
9d8959224c add explanation for large-cluster-size-threshold arg about multiple zones cluster 2023-07-21 17:25:51 +08:00
Alexander Zielenski
88becfc0ba api: add v1beta1 ValidatingAdmissionPolicy/Binding types and storage 2023-07-20 13:24:09 -07:00
Kubernetes Prow Robot
8c1dc65da9
Merge pull request #119390 from sohankunkerkar/add-dropin 
cmd/kubelet: implement drop-in configuration directory for kubelet
 2023-07-18 19:44:02 -07:00
Sohan Kunkerkar
06a81d1395 cmd/kubelet: implement drop-in configuration directory for kubelet 
This implements a drop-in configuration directory for the kubelet
by introducing a "--config-dir" flag. Users can provide individual
kubelet config snippets in separate files, formatted similarly to
kubelet.conf. The kubelet will process the files in alphanumeric order,
appending configurations if subfield(s) doesn't exist, overwriting them if
they do, and handling lists by overwriting instead of merging.

Co-authored-by: Yu Qi Zhang <jerzhang@redhat.com>
 2023-07-18 21:41:14 -04:00
Richa Banker
c1aef65640 Add integration test 2023-07-18 17:36:30 -07:00
Richa Banker
cd5f3d9f9d Add impl for uvip 2023-07-18 17:36:22 -07:00
Eric Lin
173b5a75b9 Trim managedFields in controller-manager 
Signed-off-by: Eric Lin <exlin@google.com>
 2023-07-18 18:31:26 +00:00
Kubernetes Prow Robot
ff90c1cc73
Merge pull request #119374 from danwinship/kep-3178-ga 
move KEP-3178 IPTablesOwnershipCleanup to GA
 2023-07-17 15:53:47 -07:00
Dan Winship
f1e7386fbc Deprecate now-unused kubelet iptables flags 2023-07-17 16:51:47 -04:00
Peter Hunt
bfa62e0009 kubelet: retry RuntimeConfig call and prep for nil values from GetLinux 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2023-07-17 13:05:30 -04:00
Markus Lehtonen
d7797fbc61 kubelet: get cgroup driver config from CRI 
This patch modifies kubelet to get the cgroup driver setting from the
CRI runtime using the newly added RuntimeConfig rpc. The new code path
only takes place if the KubeletCgroupDriverFromCRI feature gate is
enabled. If the runtime returns a not-implemented error kubelet falls
back to using the cgroupDriver configuration option, with a log message
instructing the user to upgrade to w newer container runtime. Other rpc
errors cause kubelet to exit as is the case if the runtime returns an
unknown cgroup driver.
 2023-07-17 12:27:05 -04:00
Markus Lehtonen
fd434003f3 kubelet: initialization of runtime service earlier in the startup 
This patch refactors the kubelet startup code to initialize the runtime
service earlier in the startup sequence. We want this to be able to
query the cgroup driver setting from the CRI befure initializing the
cgroup manager.
 2023-07-17 12:27:05 -04:00
Dave Chen
2ce07981af kubeadm: Make dry-run is configurable in joinConfiguration 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-17 17:37:50 +08:00
Dave Chen
f5a6797e56 kubeadm: Make dry-run is configurable in initConfiguration 
The `dry-run` flag was able to use with the config file, since it was not
configurable in the config file.

Make it configurable in v1beta4, so that eventually, kubeadm could deprecate
the flag and suggest to use the config file instead.

Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-17 17:37:45 +08:00
Kubernetes Prow Robot
16534deedf
Merge pull request #119351 from SataQiu/fix-kubeadm-20230716 
kubeadm: remove the limitation that the 'ignorePreflightErrors' field can not be set to 'all' in kubeadm config file
 2023-07-16 22:07:07 -07:00
Kubernetes Prow Robot
7c4eb66b6f
Merge pull request #119319 from chendave/validate_config 
kubeadm: Support `kubeadm config validate` for ResetConfiguration
 2023-07-16 19:41:07 -07:00
Kubernetes Prow Robot
71f8a2405d
Merge pull request #119333 from liggitt/flushfrequencystring 
Conditionally serialize flushFrequency as int
 2023-07-16 07:09:06 -07:00
Jordan Liggitt
6c0ea702d4
Conditionally serialize flushFrequency as int 2023-07-16 08:37:37 -04:00
SataQiu
bd9b78d686 kubeadm: remove the limitation that the 'ignorePreflightErrors' field can not be set to 'all' in kubeadm config file, and keep CLI / config consistent 2023-07-16 12:37:12 +08:00
Kubernetes Prow Robot
f34365789d
Merge pull request #116470 from alexanderConstantinescu/kep-3836-impl 
[Kube-proxy]: Implement KEP-3836
 2023-07-15 05:43:04 -07:00
Dave Chen
b883f30501 kubeadm: Support kubeadm config validate for ResetConfiguration 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-15 19:29:18 +08:00
Kubernetes Prow Robot
871e6b5b8d
Merge pull request #119313 from chendave/migrate_config 
kubeadm: Support `kubeadm config migrate` for ResetConfiguration
 2023-07-15 00:31:22 -07:00
Dave Chen
8f9e2cb8a8 kubeadm: Support kubeadm config migrate for ResetConfiguration 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-15 13:18:47 +08:00
SataQiu
22f0f2e210 kubeadm: add 'kubeadm config print reset-defaults' command for ResetConfiguration 2023-07-15 11:14:28 +08:00
Kubernetes Prow Robot
cab65e2008
Merge pull request #118816 from PiotrProkop/topo-opts-to-beta 
topologymanager: Promote support for improved multi-numa alignment in Topology Manager to beta
 2023-07-14 16:55:08 -07:00
Kubernetes Prow Robot
24fe6f38f1
Merge pull request #119057 from vadasambar/feat/scheduler/expose-load-config-func 
refactor: export `loadConfigFile` as a public function `LoadConfigFile`
 2023-07-14 06:25:48 -07:00
Kubernetes Prow Robot
95c8d61918
Merge pull request #113583 from chendave/POC_resetCfg 
kubeadm: implementation of `ResetConfiguration` API types
 2023-07-14 04:05:48 -07:00
Dave Chen
2a907e6004 kubeadm: fix fuzzing for ResetConfiguration 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-14 17:03:37 +08:00
Dave Chen
2e6715bc77 kubeadm: implementation of ResetConfiguration API types 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-14 17:03:31 +08:00
Kubernetes Prow Robot
bea27f82d3
Merge pull request #118209 from pohly/dra-pre-scheduled-pods 
dra: pre-scheduled pods
 2023-07-13 14:43:37 -07:00
Jiahui Feng
049614f884
ValidatingAdmissionPolicy controller for Type Checking (#117377) 
* [API REVIEW] ValidatingAdmissionPolicyStatucController config.

worker count.

* ValidatingAdmissionPolicyStatus controller.

* remove CEL typechecking from API server.

* fix initializer tests.

* remove type checking integration tests

from API server integration tests.

* validatingadmissionpolicy-status options.

* grant access to VAP controller.

* add defaulting unit test.

* generated: ./hack/update-codegen.sh

* add OWNERS for VAP status controller.

* type checking test case.
 2023-07-13 13:41:50 -07:00
Patrick Ohly
80ab8f0542 dra: handle scheduled pods in kube-controller-manager 
When someone decides that a Pod should definitely run on a specific node, they
can create the Pod with spec.nodeName already set. Some custom scheduler might
do that. Then kubelet starts to check the pod and (if DRA is enabled) will
refuse to run it, either because the claims are still waiting for the first
consumer or the pod wasn't added to reservedFor. Both are things the scheduler
normally does.

Also, if a pod got scheduled while the DRA feature was off in the
kube-scheduler, a pod can reach the same state.

The resource claim controller can handle these two cases by taking over for the
kube-scheduler when nodeName is set. Triggering an allocation is simpler than
in the scheduler because all it takes is creating the right
PodSchedulingContext with spec.selectedNode set. There's no need to list nodes
because that choice was already made, permanently. Adding the pod to
reservedFor also isn't hard.

What's currently missing is triggering de-allocation of claims to re-allocate
them for the desired node. This is not important for claims that get created
for the pod from a template and then only get used once, but it might be
worthwhile to add de-allocation in the future.
 2023-07-13 21:27:11 +02:00
Kubernetes Prow Robot
20e60a03df
Merge pull request #110863 from claudiubelu/path-filepath-update-2 
Replaces path.Operation with filepath.Operation (part 2)
 2023-07-13 09:56:37 -07:00
Kubernetes Prow Robot
d37c62dcbf
Merge pull request #117800 from cyclinder/loggin_format 
Add '--logging-format' flag to kube-proxy
 2023-07-13 08:40:37 -07:00
cyclinder
71ef0dafa7 add flag 'logging-format' to kube-proxy 2023-07-13 14:33:33 +08:00
vadasambar
c52911e59a docs: add comment describing LoadConfigFromFile 2023-07-13 09:59:39 +05:30
vadasambar
5c18810f35 chore: update license date for configfile tests 2023-07-13 09:59:39 +05:30
vadasambar
72aeb96132 test: add tests for LoadConfigFromFile 2023-07-13 09:59:39 +05:30
vadasambar
b3373ae273 refactor: make only LoadConfigFromFile public 
- `loadConfig` can be made public again when needed (not required now)
 2023-07-13 09:59:39 +05:30
vadasambar
8e284389a5 feat: make loadConfig and loadConfigFile public functions 
- so that users who import kube-scheduler libraries can use these functions to read kube scheduler config
 2023-07-13 09:59:39 +05:30
Patrick Ohly
7d064812bb kube-controller-manager: finish conversion to contextual logging 
This removes all exceptions and fixes the remaining unconverted log calls.
 2023-07-12 14:57:29 +02:00
Kubernetes Prow Robot
745cfa35bd
Merge pull request #119147 from mengjiao-liu/contextual-logging-controller-disruption 
Migrate /pkg/controller/disruption to structured and contextual logging
 2023-07-12 03:35:25 -07:00
Kubernetes Prow Robot
5130dad2cf
Merge pull request #118408 from danwinship/local-detector 
kube-proxy local traffic detector single-vs-dual-stack cleanup
 2023-07-11 21:19:11 -07:00
Mengjiao Liu
19869478c1 Migrate /pkg/controller/disruption to structured and contextual logging 2023-07-12 11:30:45 +08:00
PiotrProkop
f855a23b45 topologymanager: promote TopologyManagerPolicyOptions feature to beta 
* Promote TopologyManagerPolicyOptions feature to beta
* Promote PreferClosestNUMANodes TopologyManagerPolicyOption to beta

Signed-off-by: PiotrProkop <pprokop@nvidia.com>
 2023-07-11 15:06:57 +02:00
Kubernetes Prow Robot
50782ce5ab
Merge pull request #119198 from jadhaj/fix-115385 
Document address family of listening INET sockets
 2023-07-11 03:19:23 -07:00
Kubernetes Prow Robot
8f1852bb44
Merge pull request #115295 from Namanl2001/pkg/controller/endpointslice 
Migrated `pkg/controller/endpointslice` and `pkg/controller/endpointslicemirroring` to contextual logging
 2023-07-11 03:19:12 -07:00
Kubernetes Prow Robot
42e1e72105
Merge pull request #119130 from SataQiu/clean-sheduler-20230706 
Remove deprecated scheduler CLI flags
 2023-07-10 14:03:11 -07:00
Naman
645cb90732 migrated pkg/controller/endpointslicemirroring to contextual logging 
Signed-off-by: Naman <namanlakhwani@gmail.com>
 2023-07-11 01:43:30 +05:30
Naman
09849b09cf migrated pkg/controller/endpointslice to contextual logging 
Signed-off-by: Naman <namanlakhwani@gmail.com>
 2023-07-11 01:28:22 +05:30
Jad Haj Yahya
de07643095 Document address family of listening INET sockets 2023-07-10 15:01:13 +03:00
Alexander Constantinescu
9b1c4c7b57 Implement KEP-3836 
TL;DR: we want to start failing the LB HC if a node is tainted with ToBeDeletedByClusterAutoscaler.
This field might need refinement, but currently is deemed our best way of understanding if
a node is about to get deleted. We want to do this only for eTP:Cluster services.

The goal is to connection draining terminating nodes
 2023-07-10 10:30:54 +02:00
SataQiu
3a5268502f Remove deprecated scheduler CLI flags 2023-07-07 23:33:33 +08:00
Kubernetes Prow Robot
6f9d1d38d8
Merge pull request #118817 from pohly/dra-delete-claims 
DRA: improve handling of completed pods
 2023-07-06 10:15:15 -07:00
Kubernetes Prow Robot
8c1bf4f461
Merge pull request #116930 from fatsheep9146/contextual-logging-cleanup 
contextual logging cleanup
 2023-07-06 07:39:03 -07:00
Kubernetes Prow Robot
e5efa0a5ee
Merge pull request #117108 from pohly/test-integration-race-detection-component-base-logs 
component-base/logs: improve handling of re-applying a configuration
 2023-07-05 21:29:08 -07:00
Ziqi Zhao
dfc1838379 Migrated pkg/controller/volume|util|replicaset|nodeipam to contextual logging 
Signed-off-by: Ziqi Zhao <zhaoziqi9146@gmail.com>
 2023-07-06 07:39:52 +08:00
Patrick Ohly
02efe09abe component-base/logs: improve handling of re-applying a configuration 
Normal binaries should never have to do this. It's not safe when there are
already some goroutines running which might do logging. Therefore the new
default is to return an error when a binary accidentally re-applies.

A few unit ensure that there are no goroutines and have to call the functions
more then once. The new ResetForTest API gets used by those to enable changing the
logging settings more than once in the same process.

Integration tests use the same code as the normal binaries. To make reuse of
that code safe, component-base/logs can be configured to silently ignore any
additional calls. This addresses data races that were found when enabling -race
for integration tests. To catch cases where the integration test does want
to modify the config, the old and new config get compared and an error is
raised when it's not the same.

To avoid having to modify all integration tests which start test servers,
reconfiguring component-base/logs is done by the test server packages.
 2023-07-05 19:08:54 +02:00
Patrick Ohly
7f5a02fc7e dra resourceclaim controller: enhance logging 
Adding logging to event handlers makes it more obvious why (or why not) claims
and pods need to be processed.
 2023-07-05 16:10:20 +02:00
Dan Winship
e2900da46a Remove unnecessary utiliptables.Interface arg from local detectors 
getLocalDetector() used to pass a utiliptables.Interface to
NewDetectLocalByCIDR() so that NewDetectLocalByCIDR() could verify
that the passed-in CIDR was of the same family as the iptables
interface. It would make more sense for getLocalDetector() to verify
this itself and just *not call NewDetectLocalByCIDR* if the families
don't match, and that's what the code does now. So there's no longer
any need to pass the utiliptables.Interface to the local detector.
 2023-07-05 09:11:23 -04:00
Dan Winship
7690c6e812 Simplify getDualStackLocalDetectorTuple 
Since the single-stack and dual-stack local-detector-getters now have
the same behavior in terms of error-checking and dual-stack config, we
can just replace the contents of getDualStackLocalDetectorTuple() with
a pair of calls to getLocalDetector().
 2023-07-05 09:09:54 -04:00
Dan Winship
cefd50a753 Improve the single-stack LocalDetector behavior 
1. When bringing up a single-stack kube-proxy in a dual-stack cluster,
allow using either the primary or secondary IP family.

2. Since the earlier config-checking code will already have bailed out
if the single-stack configuration is unusably broken, we don't need to
do that here. Instead, just return a no-op local detector if there are
no usable CIDRs of the expected IP family.
 2023-07-05 09:06:25 -04:00
Dan Winship
bfccfa7016 Add names to the getLocalDetector unit tests, use t.Run 2023-07-05 09:06:25 -04:00
Kubernetes Prow Robot
4c18d40af1
Merge pull request #119075 from chendave/test_gv 
kubeadm: check the GV after the config migration
 2023-07-04 22:00:54 -07:00
Kubernetes Prow Robot
76227fdb3d
Merge pull request #118874 from my-git9/dns-ut 
kubeadm: increase ut coverage kubeadm/app/phases/dns
 2023-07-04 19:30:54 -07:00
Dave Chen
31943cc3f4 kubeadm: check the GV after the config migration 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-05 10:04:12 +08:00
Kubernetes Prow Robot
68b7685b2a
Merge pull request #119081 from sttts/sttts-public-ip-validation-move 
kube-apiserver: move "public IP matches IP family" check to option validation
 2023-07-04 14:28:54 -07:00
Dr. Stefan Schimanski
4149933ed2
kube-apiserver: move "public IP matches IP family" check to option validation 2023-07-04 22:28:27 +02:00
Kubernetes Prow Robot
8d0e46a5ec
Merge pull request #119041 from sttts/sttts-move-back-master-count 
cmd/kube-apiserver: move back master count variable from generic controlplane
 2023-07-04 13:22:54 -07:00
Kubernetes Prow Robot
0235a5a206
Merge pull request #118707 from pacoxu/unwanted-status-order 
update the unwanted-dependencies order
 2023-07-04 12:20:54 -07:00
xin.li
c26e1ba10c [UT] increase coverage kubeadm/app/phases/dns 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-07-04 22:11:32 +08:00
Kubernetes Prow Robot
3149875175
Merge pull request #119059 from pacoxu/migrate-experimental-v1beta4 
kubeadm: fix "migrate config --allow-experimental-api" to print v1beta4 kubeadm configurations instead of v1beta3
 2023-07-04 06:28:53 -07:00
Kubernetes Prow Robot
75889ecec5
Merge pull request #119003 from danwinship/proxy-single-dual 
do a better job of validating IP family of kube-proxy config
 2023-07-04 02:16:53 -07:00
Paco Xu
01b1174c11 kubeadm: fix "migrate config --allow-experimental-api" to print v1beta4 kubeadm configurations instead of v1beta3 2023-07-04 15:20:43 +08:00
Kubernetes Prow Robot
746b88c6ff
Merge pull request #118867 from chendave/env_custom 
kubeadm: Support custom env in control plane component
 2023-07-03 22:02:52 -07:00
Dave Chen
c68a6b0745 kubeadm: fix fuzzing for ExtraEnvs defined in the control plane component 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-04 10:01:26 +08:00
Dave Chen
80b035a116 kubeadm: Support custom env in control plane component 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2023-07-04 09:57:07 +08:00
Dan Winship
a966d18608 Double-check the proxy configuration vs the available IP families 2023-07-03 08:34:06 -04:00
Dr. Stefan Schimanski
36e458612a
cmd/kube-apiserver: move back master count variable from generic controlplane 2023-07-03 13:20:29 +02:00
Kubernetes Prow Robot
14b08b82e4
Merge pull request #118941 from neolit123/1.28-restore-test-function-for-config-migrate 
kubeadm: restore and generalize the TestMigrateOldConfig test
 2023-07-01 03:18:48 -07:00
Dan Winship
1f2bf32e95 Figure out single-stack/dual-stack support before creating the proxier 
Rather than having this as part of createProxier(), explicitly figure
out what IP families the proxier can support beforehand, and bail out
if this conflicts with the detected IP family.
 2023-06-30 17:43:04 -04:00
Dan Winship
8abfa89e82 Move proxy platformSetup call, and do LocalDetector setup from there 2023-06-30 17:39:36 -04:00
Dan Winship
ebb0fdd4f6 Don't explicitly filter config.NodePortAddresses by IP family 
There's no need to do this any more: proxyutil.NodePortAddresses does
it itself.
 2023-06-30 12:32:59 -04:00
Dan Winship
a74b9fde3a Don't pass around full node in proxy constructor, just pass PodCIDRs 2023-06-30 11:30:17 -04:00
Lubomir I. Ivanov
0537c1da56 kubeadm: move migrate / validate tests out of config_tests.go 
Place the tests in common_tests.go on the backend side in
common_tests.go. A test for migrate TestMigrateOldConfig
was already present there. Apply slightly better coverage to it
and rename desc -> name.

Fix typo in argument oldConfig -> config in ValidateConfig().
 2023-06-30 18:14:10 +03:00
Kubernetes Prow Robot
7bac0cee89
Merge pull request #118946 from SataQiu/clean-kubeadm-20230629 
kubeadm: remove unused Kind and Resource functions from output API
 2023-06-29 02:51:47 -07:00
Kubernetes Prow Robot
4036b6fb41
Merge pull request #118922 from champtar/kubeadm-backdate-ca 
kubeadm: backdate generated CAs
 2023-06-28 12:28:56 -07:00
SataQiu
24f4785e3e kubeadm: remove unused Kind and Resource functions from output API 2023-06-29 00:16:38 +08:00
SataQiu
90f82d05ce kubeadm: remove unused Kind and Resource functions from kubeadm internal API 2023-06-28 23:36:53 +08:00
Lubomir I. Ivanov
fd15c6791a kubeadm: restore and generalize the TestMigrateOldConfig test 
The test required two APIs to be available to test for migration.
Keep it simple and use a variable "gv" on top of the function body
to easily swap the version to be tested once an old API is deleted.
e.g. currently v1beta3 is the "old" API, v1beta4 is the "new" one.

Ultimately, this test only makes sure that the expected kinds are
available post migration.
 2023-06-28 18:21:57 +03:00
Kubernetes Prow Robot
52457842d1
Merge pull request #117055 from cyclinder/csi_migration 
remove CSI-migration gate
 2023-06-28 04:28:31 -07:00
Kubernetes Prow Robot
ddbf3575a7
Merge pull request #116729 from AxeZhan/handlers_sync 
[Scheduler] Make sure handlers have synced before scheduling
 2023-06-28 01:26:31 -07:00
Etienne Champetier
812556365b kubeadm: backdate generated CAs by 5 minutes 
This allow for a small time jump backward after
certificates generation.

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
 2023-06-28 00:12:29 -04:00
Kubernetes Prow Robot
1c32c3bd9f
Merge pull request #118866 from neolit123/1.28-add-v1beta4-to-scheme 
kubeadm: add v1beta4 to scheme; add --allow-experimental-api flag
 2023-06-27 08:56:44 -07:00
kidddddddddddddddddddddd
9c7166ff63 wait for eventhandlers to sync before run scheduler 2023-06-27 23:19:34 +08:00
Kubernetes Prow Robot
f7967af3bd
Merge pull request #118633 from sttts/sttts-controlplane-split 
kube-apiserver: split apart generic control plane options
 2023-06-26 13:56:29 -07:00
Dr. Stefan Schimanski
764da8a01d
FIXUP: cmd/kube-apiserver/app/options: split apart controlplane part 2023-06-26 21:50:38 +02:00
Dr. Stefan Schimanski
1b3779baa0
MOVE: cmd/kube-apiserver/app/options: split apart controlplane part 2023-06-26 21:50:37 +02:00
Kubernetes Prow Robot
96d853f4b8
Merge pull request #118870 from SataQiu/kubeadm-clean-v1beta4 
kubeadm: remove unused Kind and Resource functions from v1beta4 API
 2023-06-26 09:40:29 -07:00
SataQiu
4298953c26 kubeadm: remove unused Kind and Resource functions from v1beta4 API 2023-06-26 22:11:52 +08:00
Dr. Stefan Schimanski
6e079545c4
cmd/kube-apiserver: move options completion into options package 2023-06-26 15:20:40 +02:00
Lubomir I. Ivanov
f04484fe77 kubeadm: add the --allow-experimental-api flag to "config" commands 
Add the flag --allow-experimental-api to the "config migrate" and
"config validate" commands. The flag allows validating / migrating-to
a unreleased / experimental API version.

Add a new experimentalAPIVersions map in validateSupportedVersion()
that contains v1beta4.
 2023-06-26 13:50:47 +03:00
Lubomir I. Ivanov
0774f779d5 kubeadm: add v1beta4 to the kubeadm API scheme 
The highest priority is still v1beta3.
 2023-06-26 13:43:47 +03:00
Kubernetes Prow Robot
027ac5a426
Merge pull request #118762 from neolit123/1.28-kubeadm-add-v1beta4-boilerplate 
kubeadm: add v1beta4 API boilerplate
 2023-06-25 22:05:08 -07:00
Kubernetes Prow Robot
4f6a750bbf
Merge pull request #115813 from atiratree/controller-aliases 
Introduce controller aliases for KCM and CCM
 2023-06-22 04:55:39 -07:00
Kubernetes Prow Robot
28296ba59e
Merge pull request #113994 from mengjiao-liu/contextual-logging-controller-certificates 
certificate controller: use contextual logging
 2023-06-21 09:03:42 -07:00
Lubomir I. Ivanov
edb59e9bc7 kubeadm: move token defaulting and related constants to token package 
Move the defaulting of the BootstrapToken type inside the
bootstraptoken/v1 package. This prevents an error where
codegen complains that a defaulter for the type exists in both
the kubeadm v1beta3 and v1beta4.

Adapt kubeadm code to use the defaulter function and constants
that were moved to bootstraptoken/v1.

NOTE: technically this is a breaking change for direct users of
v1beta3/SetDefaults_BootstrapToken().
 2023-06-21 13:34:21 +03:00
Kubernetes Prow Robot
2d60430a16
Merge pull request #118730 from my-git9/ut-features 
[UT] increase coverage ut for kubeadm/app/features
 2023-06-20 07:54:36 -07:00
Lubomir I. Ivanov
eecac05871 kubeadm: add v1beta4 API boilerplate 
Create v1beta4 by copying v1beta3.
 2023-06-20 14:33:30 +03:00
xin.li
180c2332bf [UT] increase coverage ut for kubeadm/app/features 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2023-06-20 12:57:22 +08:00
Filip Křepinský
85d9339ef8 add KCM names into CCM cmd allowed import-restrictions 2023-06-19 15:01:01 +02:00
Filip Křepinský
4e6a3fb9c1 deduplicate cloud provider controller names 
and move the to cloud-provider module
 2023-06-19 15:01:01 +02:00
Filip Křepinský
e5f5a9bfdb use controller names for CLI FlagSets to show the names in help 2023-06-19 15:01:01 +02:00
Filip Křepinský
cd56748ec5 reference controllers correctly from CLI help 2023-06-19 15:01:01 +02:00
Filip Křepinský
9fd8f568fe introduce CCM controller aliases and unify controller names 2023-06-19 15:01:01 +02:00
Filip Křepinský
94792d85de simplify TestValidateControllersOptions test 2023-06-19 15:00:59 +02:00
Filip Křepinský
9730951136 introduce KCM controller aliases and unify controller names 2023-06-19 14:59:33 +02:00
Lubomir I. Ivanov
ede2ec22b6 kubeadm: drop older etcd versions from kubeadm support 
- drop versions < 1.22 in the etcd map
- use 3.5.9-0 for >= 1.22 versions
- make the minimum version for external etcd 3.4.13-4 and max 3.5.9-0
- update images_test to not rely on a pinned etcd version in tests

note: the image 3.4.18-0 was never released in registry.k8s.io!
 2023-06-18 15:38:53 +03:00
Paco Xu
f44029705f exit 1 if status are not as expected(order) 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-06-18 14:09:50 +08:00
Kubernetes Prow Robot
47e79b8156
Merge pull request #116910 from fatsheep9146/job-controller-contextual-logging 
Migrated pkg/controller/job to contextual logging
 2023-06-14 08:00:18 -07:00
Ziqi Zhao
7bc449d7e0 add contextual logging to job-controller 
Signed-off-by: Ziqi Zhao <zhaoziqi9146@gmail.com>
 2023-06-14 13:40:02 +08:00
carlory
5e048041e4 remove helper function for unused storage feature in pkg/proxy/util 2023-06-13 09:22:59 +08:00
Kubernetes Prow Robot
2353dac98a
Merge pull request #117964 from ytinirt/patch-1 
Update --image-gc-low-threshold option's description
 2023-06-12 13:46:26 -07:00
Kubernetes Prow Robot
32048b1467
Merge pull request #117550 from borgerli/cron-job-syncs 
add --concurrent-cron-job-syncs flag for kube-controller-manager
 2023-06-12 13:46:19 -07:00
Kubernetes Prow Robot
03486cec21
Merge pull request #116530 from pacoxu/undepreated-provider-id 
undeprecate kubelet --provider-id flag
 2023-06-12 13:45:58 -07:00
Kubernetes Prow Robot
49d7b3f0a0
Merge pull request #118596 from SataQiu/fix-kubelet-20230610 
kubelet: mark '--azure-container-registry-config' flag as deprecated
 2023-06-12 12:44:10 -07:00
Kubernetes Prow Robot
8a0b1bbf24
Merge pull request #118095 from carlory/patch-002 
remove unused pv informer from expand_controller
 2023-06-12 11:43:58 -07:00
SataQiu
910630fbea kubelet: mark '--azure-container-registry-config' flag as deprecated 2023-06-10 00:52:24 +08:00
Kubernetes Prow Robot
b2042d6ce4
Merge pull request #118338 from aroradaman/mv-ipset 
move pkg/util/ipset inside pkg/proxy/ipvs
 2023-06-09 08:14:24 -07:00
Kubernetes Prow Robot
577d524f08
Merge pull request #118513 from danwinship/proxy-node-ip 
kube-proxy startup node IP detection
 2023-06-08 17:30:12 -07:00
Kubernetes Prow Robot
de7360d9bc
Merge pull request #118115 from TommyStarK/gh_118090 
kube-proxy: remove log warning about not using config file
 2023-06-08 15:40:24 -07:00
Kubernetes Prow Robot
7ef5ec499d
Merge pull request #117029 from Rajalakshmi-Girish/prune-junit-xml 
Add flag to prune PASSED subtests in junit xml and have top level tests
 2023-06-07 06:18:24 -07:00
Dr. Stefan Schimanski
77cf37ee54
STRUCTURE: cmd/kube-apiserver: move admission construction back from controlplane 2023-06-07 10:11:04 +03:00
Dr. Stefan Schimanski
7961812bed
STRUCTURE: cmd/kube-apiserver: move OpenAPI construction back from controlplane 2023-06-07 10:11:04 +03:00
Dr. Stefan Schimanski
43be9c3a0a
MOVE: cmd/kube-apiserver: move genericapiserver construction into controlplane package 2023-06-07 10:11:04 +03:00
Dr. Stefan Schimanski
9be6e7bb33
STRUCTURE: cmd/kube-apiserver/app: stratify construction with options/config/server 2023-06-07 10:05:43 +03:00
Dr. Stefan Schimanski
e6ed4c7934
CLEANUP: cmd/kube-apiserver/app: remove trivial funcs 2023-06-07 10:05:43 +03:00
Dr. Stefan Schimanski
f7d4e90b5c
MOVE: cmd/kube-apiserver/app.createAPIExtensionsConfig -> pkg/controlplane 2023-06-07 10:05:43 +03:00
Dan Winship
4962e6eacb Squash detectNodeIP and nodeIPTuple together 2023-06-06 20:48:00 -04:00
Dan Winship
b69b34bec6 Move a kube-proxy unit test to the correct file 2023-06-06 16:01:03 -04:00
Kubernetes Prow Robot
5a5ebfd88b
Merge pull request #118499 from aojea/kproxy_podcidr_alt 
kube-proxy avoid race condition using LocalModeNodeCIDR
 2023-06-06 12:18:11 -07:00
Kubernetes Prow Robot
6f116dc4d5
Merge pull request #118416 from sttts/sttts-etcd-options-complete 
k8s.io/apiserver: remove skewed completion from EtcdOptions
 2023-06-06 09:20:22 -07:00
Antonio Ojea
26801d6541 kube-proxy avoid race condition using LocalModeNodeCIDR 
Since kube-proxy in LocalModeNodeCIDR needs to obtain the PodCIDR
assigned to the node it watches for the Node object.

However, kube-proxy startup process requires to have these watches in
different places, that opens the possibility of having a race condition
if the same node is recreated and a different PodCIDR is assigned.

Initializing the second watch with the value obtained in the first one
allows us to detect this situation.

Change-Id: I6adeedb6914ad2afd3e0694dcab619c2a66135f8
Signed-off-by: Antonio Ojea <aojea@google.com>
 2023-06-06 15:03:22 +00:00
Rajalakshmi Girish
dddbecb47e prune's xml files to display only top level tests and failed sub-tests 2023-06-06 05:26:00 -07:00
Dr. Stefan Schimanski
e9e4acb1dd
k8s.io/apiserver: remove skewed completion from EtcdOptions 2023-06-06 08:32:34 +03:00
cyclinder
8e4228a8c1 remove CSI-migration gate 2023-06-04 18:40:17 +08:00
Dr. Stefan Schimanski
f351c6d1ec
k8s.io/apiserver: apply storage object count tracker implicitly 2023-06-02 20:24:06 +02:00
Kubernetes Prow Robot
2eb4eac581
Merge pull request #118353 from SataQiu/fix-kubeadm-test-20230531 
kubeadm: add command-line integration test to ensure that the supported etcd version is always available for the stable Kubernetes version
 2023-06-02 04:40:53 -07:00
Andy Zhang
1ce285ad3d
Revert "removed the deprecated azureFile in-tree storage plugin" 2023-06-02 10:20:53 +08:00
SataQiu
daa7115907 kubeadm: add deprecation message for UpgradeAddonsBeforeControlPlane feature gate 2023-06-01 23:06:26 +08:00
Kubernetes Prow Robot
33a2438de9
Merge pull request #118341 from pacoxu/add-pacoxu-kubeadm 
add pacoxu to kubeadm approvers
 2023-06-01 04:33:46 -07:00
SataQiu
d49c43abde kubeadm: add integration test to ensure that the supported etcd version is always available for the stable Kubernetes version 2023-06-01 18:45:06 +08:00
TommyStarK
db2389ba9c kube-proxy: remove log warning about not using config file 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2023-06-01 11:48:16 +02:00
carlory
07a1aea2de remove unused cloudprovider param from the ProbeControllerVolumePlugins func 2023-05-31 23:08:41 +08:00
Kubernetes Prow Robot
23698d3e9f
Merge pull request #118335 from pacoxu/revert-118316-fix-kubeadm-20230529 
Revert "kubeadm: add --feature-gates flag for kubeadm upgrade node"
 2023-05-31 02:01:57 -07:00
Paco Xu
f2a5e247eb add pacoxu to kubeadm approvers list 2023-05-31 10:34:42 +08:00
Daman Arora
2d8c820741 move pkg/util/ipset inside pkg/proxy/ipvs 
Signed-off-by: Daman Arora <aroradaman@gmail.com>
 2023-05-31 00:30:20 +05:30