The rules for address parsing are:
* Explicitly specified addresses must bind successfully
* `localhost` is pinned to `127.0.0.1` and `::1` and at least one of those must bind successfully
This change also makes output of the command consistent
between runs with the same arguments.
Previously the command was using the range via map of addresses
which sometimes was producing different output because the order
of values is not guaranteed in Go.
Kubernetes-commit: 4ee2010111af602988bf9bedf66d1a0c36419b09
Currently the fake client will return a default empty Object when a
Patch action is submitted on a missing Object. The correct behavior is to
instead propagate the NotFound error.
Kubernetes-commit: 96d0588440a96c5eba8b3ba0810563ad1e1a08b6
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
* github.com/kubernetes/repo-infra
* k8s.io/gengo/
* k8s.io/kube-openapi/
* github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods
Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
The backoff value is baseDelay*2^<num-failures> in ItemExponentialFailureRateLimiter.When . But the comment is baseDelay*10^<num-failures>.
Kubernetes-commit: c1fa760b75970fbd0c142971f1142754cb4ea3fc
It's very easy to add glog.Info(config) calls for debugging (or actual
logging). In some scenarios those configs will carry sensitive tokens
and those tokens will end up in logs or response bodies.
Leaking of those stringified configs compromises the cluster.
Also implement fmt.GoStringer.
Kubernetes-commit: c9ad1d7339b164dfba0846ec49fa4a52474d3e23
This patch changes the renewed lease log level from 4 to 5 of leaderelection.go
Fix: #69743
Kubernetes-commit: 920db78bea84d4bb015970547cda5a1df4f79a04
Initial allocation of several maps as the sizes are known
Signed-off-by: Adrián Orive <adrian.orive.oneca@gmail.com>
Kubernetes-commit: 2299f45f52464beff889fce7be1f66642a92b791
Ensure that bootstrap+clientcert-rotation in the Kubelet can:
1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds
Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).
Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.
Preserve existing behavior where:
1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
Kubernetes-commit: 0af19875add7deb562b2cf7bf6b1d273c44bab1b
