kubernetes

Author	SHA1	Message	Date
Anish Ramasekar	77241d3125	Add `apiserver_encryption_config_controller_automatic_reloads_total` metric - Adds `apiserver_encryption_config_controller_automatic_reloads_total` metric with status label for encryption config reload success/failure. - Deprecated `apiserver_encryption_config_controller_automatic_reload_failures_total` and `apiserver_encryption_config_controller_automatic_reload_success_total` Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2024-02-12 21:47:46 -08:00
Anish Ramasekar	75695dae10	move encryption config types to standard API server config location Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2023-12-18 20:54:24 +00:00
Nilekh Chaudhari	e95b7c6d8b	feat: updates encryption config file watch logic to polling Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com> fix (#2) Signed-off-by: Monis Khan <mok@microsoft.com>	2023-10-30 16:20:39 +00:00
Kubernetes Prow Robot	ebf46ce1b4	Merge pull request #121485 from ritazh/kmsv2-ga [KMSv2] promote KMSv2 and KMSv2KDF to GA	2023-10-27 02:23:50 +02:00
Rita Zhang	a9b1adbafc	[KMSv2] promote KMSv2 and KMSv2KDF to GA Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-10-26 15:05:31 -07:00
Nilekh Chaudhari	a92c1269e2	test: fixes hot reload flake Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-10-25 01:14:00 +00:00
Nilekh Chaudhari	71a1565d06	revert: reverts fixes for TestEncryptionConfigHotReload flake Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-10-25 01:08:04 +00:00
Nilekh Chaudhari	d9c967113f	tests: fixes flake in TestEncryptionConfigHotReload Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-10-23 18:03:05 +00:00
Rita Zhang	7710128636	kms: remove livez check Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-09-12 08:48:26 -07:00
Rita Zhang	43ccf6c4e8	kmsv2: add apiserver identity to metrics Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-09-09 15:31:32 -07:00
Monis Khan	657cc2045e	kmsv2: enable KMSv2KDF feature gate by default Signed-off-by: Monis Khan <mok@microsoft.com>	2023-09-05 15:20:10 -04:00
Monis Khan	95121fe846	kmsv2: add legacy data integration test Signed-off-by: Monis Khan <mok@microsoft.com>	2023-09-01 15:33:28 -04:00
Kubernetes Prow Robot	a99e377a54	Merge pull request #120221 from enj/enj/i/kms_cache_metrics_lock kmsv2: fix race in simpleCache.set when setting cache size metric	2023-09-01 10:00:31 -07:00
Monis Khan	b10697c788	kmsv2: fix race in simpleCache.set when setting cache size metric Signed-off-by: Monis Khan <mok@microsoft.com>	2023-08-31 16:26:58 -04:00
Kubernetes Prow Robot	9c25ce6f3e	Merge pull request #119540 from SataQiu/clean-apiserver-20230724 Remove the deprecated kube-apiserver identity lease garbage collector for k8s.io/component=kube-apiserver	2023-08-28 10:49:42 -07:00
Rita Zhang	d86e72202c	kmsv2 test feature enablement unit test Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-08-18 15:28:32 -07:00
Rita Zhang	67769438e1	kmsv2 test feature enablement disablement and restart Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-07-25 09:50:59 -07:00
SataQiu	213ed03c00	remove deprecated kube-apiserver identity lease garbage collector	2023-07-25 10:10:18 +08:00
Kubernetes Prow Robot	773a6b1e46	Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand kmsv2: KDF based nonce extension	2023-07-21 16:10:19 -07:00
Monis Khan	bf49c727ba	kmsv2: KDF based nonce extension Signed-off-by: Monis Khan <mok@microsoft.com>	2023-07-21 15:25:52 -04:00
Richa Banker	cd5f3d9f9d	Add impl for uvip	2023-07-18 17:36:22 -07:00
Nilekh Chaudhari	131216fa8f	chore: hashes keyID Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-07-13 20:42:09 +00:00
HirazawaUi	5289a7b029	fix fd leaks and failed file removing for test directory	2023-05-09 09:22:31 -05:00
Kubernetes Prow Robot	8a58c00c2a	Merge pull request #117735 from nilekhc/fix-TestKMSv2Healthz-flake [KMSv2] fix: fixes flake in TestKMSv2Healthz	2023-05-04 15:45:33 -07:00
Kante Yin	a7035f5459	Pass Context to StartTestServer Signed-off-by: Kante Yin <kerthcet@gmail.com>	2023-05-04 10:25:09 +08:00
Nilekh Chaudhari	9d19c207d2	fix: fixes flake in TestKMSv2Healthz Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-05-02 21:01:48 +00:00
Rita Zhang	906f0607ef	Clean up kms test Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-03-28 22:36:41 -07:00
Kubernetes Prow Robot	50070e664b	Merge pull request #116626 from nilekhc/fix-kmsv2-healthz-flake [KMSv2] fix: increases timeout to avoid flake	2023-03-14 20:28:34 -07:00
Kubernetes Prow Robot	15040e1c86	Merge pull request #115123 from aramase/v2beta1 [KMSv2] Generate proto API and update feature gate for beta	2023-03-14 19:26:25 -07:00
Nilekh Chaudhari	c09aa7dead	fix: increases timeout to avoid flake Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-03-15 00:18:58 +00:00
Anish Ramasekar	ad698cc0ae	[KMSv2] Generate proto API and update feature gate for beta Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2023-03-14 23:18:16 +00:00
Antonio Ojea	23252d70b4	add integration test	2023-03-14 22:58:11 +00:00
Monis Khan	832d6f0e19	kmsv2: re-use DEK while key ID is unchanged This change updates KMS v2 to not create a new DEK for every encryption. Instead, we re-use the DEK while the key ID is stable. Specifically: We no longer use a random 12 byte nonce per encryption. Instead, we use both a random 4 byte nonce and an 8 byte nonce set via an atomic counter. Since each DEK is randomly generated and never re-used, the combination of DEK and counter are always unique. Thus there can never be a nonce collision. AES GCM strongly encourages the use of a 12 byte nonce, hence the additional 4 byte random nonce. We could leave those 4 bytes set to all zeros, but there is no harm in setting them to random data (it may help in some edge cases such as live VM migration). If the plugin is not healthy, the last DEK will be used for encryption for up to three minutes (there is no difference on the behavior of reads which have always used the DEK cache). This will reduce the impact of a short plugin outage while making it easy to perform storage migration after a key ID change (i.e. simply wait ten minutes after the key ID change before starting the migration). The DEK rotation cycle is performed in sync with the KMS v2 status poll thus we always have the correct information to determine if a read is stale in regards to storage migration. Signed-off-by: Monis Khan <mok@microsoft.com>	2023-03-14 10:23:50 -04:00
Nilekh Chaudhari	9382fab9b6	feat: implements encrypt all Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-03-08 22:18:49 +00:00
Yuan Chen	a24aef6510	Replace a function closure Replace more closures with pointer conversion Replace deprecated Int32Ptr to Int32	2023-02-27 09:13:36 -08:00
Anish Ramasekar	c9b8ad6a55	[KMSv2] restructure kms staging dir Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2023-02-21 22:40:25 +00:00
Anish Ramasekar	de3b2d525b	[KMSv2] Add metrics for grpc service Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2023-02-09 18:51:37 +00:00
Nilekh Chaudhari	b3f326722d	chore: improves tests Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2023-01-30 23:18:14 +00:00
Anish Ramasekar	4804baa011	kmsv2: implement expire cache with clock Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2023-01-25 22:50:32 +00:00
Kubernetes Prow Robot	285e7969b2	Merge pull request #114544 from ritazh/kmsv2-keyid-staleness [KMSv2] Use status key ID to determine staleness of encrypted data	2023-01-19 10:28:16 -08:00
Rita Zhang	510ac9b391	kmsv2: use status key ID to update staleness of encrypted data Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2023-01-19 08:09:24 -08:00
Kubernetes Prow Robot	46f3821bf4	Merge pull request #114586 from andrewsykim/apiserver-lease-rename Rename apiserver identity lease labels to apiserver.kubernetes.io/identity	2023-01-17 21:36:34 -08:00
Krzysztof Ostrowski	b7701b00ea	apiserver/kmsv2: mv Service interface into kmsv2 Signed-off-by: Krzysztof Ostrowski <kostrows@redhat.com>	2023-01-17 10:05:16 +01:00
Andrew Sy Kim	a7de3e15a5	apiserver: use the identity value in the apiserver identity hash Signed-off-by: Andrew Sy Kim <andrewsy@google.com>	2023-01-13 16:20:14 -05:00
Andrew Sy Kim	fb066a883d	apiserver: update lease identity prefix from kube-apiserver- to apiserver- Signed-off-by: Andrew Sy Kim <andrewsy@google.com>	2023-01-13 15:37:22 -05:00
Andrew Sy Kim	423539cf96	test/integration/controlplane: add new apiserver identity test TestLeaseGarbageCollectionWithDeprecatedLabels Signed-off-by: Andrew Sy Kim <andrewsy@google.com>	2023-01-13 15:37:22 -05:00
TommyStarK	9e885bce35	test/integration: Replace deprecated pointer function Signed-off-by: TommyStarK <thomasmilox@gmail.com>	2023-01-05 18:38:40 +01:00
Monis Khan	cb3410e1b7	kms: use different context for server lifecycle and initial load Signed-off-by: Monis Khan <mok@microsoft.com>	2022-11-16 16:44:23 -05:00
Kubernetes Prow Robot	e62cfabf93	Merge pull request #112050 from nilekhc/kms-hot-reload Implements hot reload of the KMS `EncryptionConfiguration`	2022-11-08 17:24:12 -08:00
Nilekh Chaudhari	761b7822fc	feat: implements kms encryption config hot reload This change enables hot reload of encryption config file when api server flag --encryption-provider-config-automatic-reload is set to true. This allows the user to change the encryption config file without restarting kube-apiserver. The change is detected by polling the file and is done by using fsnotify watcher. When file is updated it's process to generate new set of transformers and close the old ones. Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>	2022-11-08 21:47:59 +00:00

1 2

82 Commits