github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,976 Commits 1 Branch 31 Tags 1,019 MiB
ff33efc164
Commit Graph

237 Commits

Author SHA1 Message Date
Sascha Grunert
96fb83c4c1
Implement PodSecurityPolicy enforcement for seccomp GA 
This implements the necessary pieced for the PodSecurityPolicy
enforcement like described in the appropriate KEP section:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#podsecuritypolicy-enforcement

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-10 15:55:21 +02:00
Kubernetes Prow Robot
26f0227019
Merge pull request #91408 from saschagrunert/seccomp-api-migration 
Add seccomp GA version skew for pods
 2020-07-10 04:29:48 -07:00
Kubernetes Prow Robot
dd649bb7ef
Merge pull request #91342 from mgugino-upstream-stage/evict-deleted-ok 
Eviction: ignore PDBs if pods with DeletionTimestamp
 2020-07-09 15:30:33 -07:00
Sascha Grunert
c3ba2d8b8b
Add seccomp GA version skew for pods 
This adds a new conversion function to the pod strategy to handle the
seccomp version skew strategy:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.mdversion-skew-strategy

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-06 16:06:24 +02:00
Paulo Gomes
8976e3620f
Add seccomp enforcement and validation based on new GA fields 
Adds seccomp validation.

This ensures that field and annotation values must match when present.

Co-authored-by: Sascha Grunert <sgrunert@suse.com>
 2020-07-06 09:13:25 +01:00
Michael Gugino
dd49915c55 Eviction: ignore PDBs if pods with DeletionTimestamp 
When using the eviction API, if a pod already has
a non-zero DeletionTimestamp, we don't need to check
PDBs as it has already been marked for deletion.
 2020-06-02 01:06:45 -04:00
Michael Gugino
047b0cee71 Quit retrying early with user supplied resourceVersion 
This commit also updates tests and comments.
 2020-05-28 16:14:45 -04:00
David Eads
4522141f0a reduce complexity in pdb refactor 2020-05-14 15:25:59 -04:00
Michael Gugino
9f80e7a6f8 Allow deletion of pending pods when using PDBS 
Currently, if you have a PDB set, it is possible for
a pod stuck in pending state to be prevented from
deletion even though there are in fact enough healthy
replicas.

This commit allows pods in Pending state to be removed.

This commit also adds associated unit tests.

related-bug: #80389
 2020-05-12 12:44:05 -04:00
Jordan Liggitt
23e9fb1bb5 Fix podIP validation 2020-04-30 19:49:45 -04:00
Shihang Zhang
b56da85a77 sync api/v1/pod/util with api/pod/util and remove DefaultContainers 2020-03-24 16:42:32 -07:00
Ted Yu
af0e1319c3 Allow container visitor to operate on selected container types 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-03-05 11:48:00 -08:00
Ed Bartosh
0eb65bd7da Implement support for multiple sizes huge pages 
This implementation allows Pod to request multiple hugepage resources
of different size and mount hugepage volumes using storage medium
HugePage-<size>, e.g.

spec:
  containers:
    resources:
      requests:
        hugepages-2Mi: 2Mi
        hugepages-1Gi: 2Gi
    volumeMounts:
      - mountPath: /hugepages-2Mi
        name: hugepage-2mi
      - mountPath: /hugepages-1Gi
        name: hugepage-1gi
    ...
  volumes:
    - name: hugepage-2mi
      emptyDir:
        medium: HugePages-2Mi
    - name: hugepage-1gi
      emptyDir:
        medium: HugePages-1Gi

NOTE: This is an alpha feature.
      Feature gate HugePageStorageMediumSize must be enabled for it to work.
 2020-02-19 18:15:40 +02:00
Kubernetes Prow Robot
bd1042080f
Merge pull request #81678 from verb/debug-list 
Add ephemeral containers to streamLocation name suggestions
 2020-02-12 21:36:35 -08:00
Kubernetes Prow Robot
f7eafa1a83
Merge pull request #86896 from yutedz/copy-into-err 
Return the error from copyInto
 2020-02-12 13:54:51 -08:00
Lee Verberne
cc32702e8f Add ephemeral containers to streamLocation name suggestions 
This combines container names into a single list because separating them
into a long, variable length string isn't particularly useful in the
context of an streaming error message.
 2020-02-12 14:49:42 +01:00
Kubernetes Prow Robot
17a6248f76
Merge pull request #87939 from shaloulcy/pod_storage_indexer 
add indexer for pod storage
 2020-02-11 23:15:22 -08:00
shaloulcy
fe312ed74a add index for pod cacher 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-11 09:25:27 +08:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
Alexander Zimmermann
22bd92a390
Changed comments to match with interfaces method description 2020-02-06 11:48:57 +01:00
Alexander Zimmermann
026ba54961
Fixed Golint errors in pkg/registry/core/pod 2020-02-06 11:40:37 +01:00
Ted Yu
5b49d03b84 Return the error from copyInto 2020-01-23 07:48:39 -08:00
yuzhiquan
8d7f383785 cleanup(api-machinery): remove unused struct and variable 2020-01-08 16:57:02 +08:00
yuzhiquan
ca69051475 refactor(pod log):refactor for container valiate, little cleanup 
bug(pod log):TestCheckLogLocation should point out pod name

modify container if statement

fix typo
 2019-12-30 16:16:45 +08:00
Jordan Liggitt
bb90f0ff94 Install APIs directly for tests 2019-12-13 11:56:29 -05:00
Nan Yu
1fb0dd4ec5 Rename PodDisruptionsAllowed to DisruptionsAllowed in type PodDisruptionBudgetStatus 2019-12-03 14:26:35 -08:00
Kubernetes Prow Robot
050c9471c8
Merge pull request #85644 from liggitt/meta-v1-table 
Switch TableGenerator/TableConvertor interfaces to metav1
 2019-11-28 10:05:18 -08:00
Kubernetes Prow Robot
d356fcfce5
Merge pull request #84921 from clarklee92/FixCollidesWithImportedPackageName 
Variables collide with imported package name
 2019-11-28 01:49:03 -08:00
Jordan Liggitt
36eb250cbb Switch TableGenerator/TableConvertor interfaces to metav1 2019-11-26 13:18:18 -05:00
clarklee92
0649f4064e Variables collides with imported package name 
Such declarations will make using the package exported identifiers impossible after the declaration or create confusion when reading the code.
Signed-off-by: clarklee92 <clarklee1992@hotmail.com>
 2019-11-07 21:44:22 +08:00
yuxiaobo
81e9f21f83 Correct spelling mistakes 
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
 2019-11-06 20:25:19 +08:00
David Eads
867ee1d5ff add insecurebackendproxy 2019-10-16 11:43:17 -04:00
tanjunchen
de3cf23414 remove the repeat word in documents 2019-10-06 23:32:01 +08:00
Di Xu
d4d696d0f2 add legacyBinding for non-Named Binding Creater 2019-08-22 11:46:12 +08:00
Di Xu
b28f62c8ad check pod name with that in pod eviction object 2019-08-22 11:46:12 +08:00
Di Xu
5ed1b8fa29 check pod name with that in binding object 2019-08-22 11:46:12 +08:00
Jordan Liggitt
61774cd717 Plumb context to admission Admit/Validate 2019-08-20 11:11:00 -04:00
Ted Yu
87b2a3129b Propagate error from NewREST 2019-08-12 13:55:35 -07:00
wojtekt
467f5e96ee Fix some golint failures 2019-07-25 20:38:28 +02:00
Lee Verberne
4a753c7a44 Generated code for ephemeral containers API 2019-07-22 11:19:22 +00:00
Lee Verberne
013f049ce0 Add Ephemeral Containers to the Kubernetes core API 2019-07-22 11:19:22 +00:00
Ted Yu
6e98aab26e Rename TriggerPublisherFunc as IndexerFunc 2019-07-18 06:45:51 -07:00
Kubernetes Prow Robot
cb9c6f43a5
Merge pull request #80260 from khenidak/fix-panic-in-pod-strategy 
fix panic in ResourceLocation in case of empty pod ip list
 2019-07-17 21:28:23 -07:00
Khaled Henidak(Kal)
41f313570e fix panic in ResourceLocation in case of empty pod ip list 2019-07-17 18:30:08 +00:00
wojtekt
68fd329e00 Simplify trigger functions in cacher 2019-07-16 08:55:34 +02:00
wojtekt
ee13be2884 Propagate error from creating cacher and storage decorators up 2019-07-15 20:48:30 +02:00
Kubernetes Prow Robot
2542746c1d
Merge pull request #79813 from tedyu/match-container-for-port 
Remove the TODO for container name matching
 2019-07-08 16:00:39 -07:00
Ted Yu
4ca5b45f3d Remove the TODO for container name matching 2019-07-08 09:23:35 -07:00
Kubernetes Prow Robot
e1b757b654
Merge pull request #79812 from tedyu/pdb-decrement 
Populate DisruptedPods field for non-dry run
 2019-07-05 22:00:34 -07:00