github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-31 15:25:57 +00:00
Code Issues Projects Releases Wiki Activity
115,151 Commits 42 Branches 7,905 Tags 1.3 GiB
master
Commit Graph

73 Commits

Author SHA1 Message Date
TommyStarK
d570ab8bc5 plugin/pkg/admission: Replace deprecated pointer function 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2023-01-04 14:12:32 +01:00
Hemant Kumar
9343cce20b remove ExpandPersistentVolume feature gate 2022-03-24 10:02:47 -04:00
Hemant Kumar
4d956f053a Fix bug with node restriction blocking pvc.status.resizestatus change 2022-01-21 10:03:26 -05:00
Davanum Srinivas
9405e9b55e
Check in OWNERS modified by update-yamlfmt.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2021-12-09 21:31:26 -05:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
Michael Beaumont
a5a6762d33
Move pkg/kubelet/apis to k8s.io/kubelet/pkg/apis 2021-02-09 21:37:39 +01:00
ialidzhikov
bc432124a2 Remove CSINodeInfo feature gate 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
 2020-12-10 09:58:22 +02:00
Mike Danese
84995167d6 hoist error message change in token registry to noderestriction 
The token registry error message was changed in
5eefd7d012 to exclude some object details.
This error comes from noderestriction under some circumstances. Let's
make sure they match.

Change-Id: If9240f5c1a131d27dce389e2c6eca6c33d681f3b
 2020-12-02 10:58:25 -08:00
Shihang Zhang
ff641f6eb2 mv TokenRequest and TokenRequestProjection to GA 2020-10-29 20:47:01 -07:00
Kubernetes Prow Robot
ccfdc09f35
Merge pull request #91683 from tedyu/mirror-pod-owner-ref 
Mirror pod without OwnerReference should not be created
 2020-09-25 11:02:48 -07:00
xufei 00416946
f787db2508 return err directly when nodename is not consistent in cert 2020-07-25 09:10:32 +08:00
Ted Yu
9f95fdd3cd Mirror pod without OwnerReference should not be created 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-06-21 08:00:17 -07:00
Jordan Liggitt
ba4d2aa076 Restrict node labels on Node create 2020-04-20 16:26:24 -04:00
Ted Yu
e0dbbf0a65 Visitors of Configmaps and Secrets should specify which containers to visit 
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
 2020-03-20 07:59:44 -07:00
Tim Allclair (St. Clair)
581d3e26c9 Restrict mirror pod owner references (#84657) 
* Restrict mirror pod owners.

See http://git.k8s.io/enhancements/keps/sig-auth/20190916-noderestriction-pods.md

* Address feedback, refactor test

* Verify node owner UID
 2019-11-14 20:52:16 -08:00
Kubernetes Prow Robot
94efa988f4
Merge pull request #84813 from deads2k/admission-feature-gates 
remove global variable dependency from admission plugins
 2019-11-12 10:23:14 -08:00
David Eads
83f6f2717e remove global variable dep in admission 2019-11-12 10:55:14 -05:00
Kubernetes Prow Robot
9cf309ed59
Merge pull request #82049 from andrewsykim/ga-node-instance-type-label 
Promote Node Instance Type Label to GA
 2019-11-08 13:47:58 -08:00
Kubernetes Prow Robot
ae15368355
Merge pull request #84351 from wojtek-t/promote_node_lease_to_GA 
Promote node lease to GA
 2019-11-08 09:00:15 -08:00
Andrew Sy Kim
560b8efb79 noderestriction: update node restriction unit tests to use stable instance-type label 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-11-08 11:17:58 -05:00
Andrew Sy Kim
4c194d52da kubelet: set both deprecated Beta and GA labels for zone/region topology from the cloud provider 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-11-07 21:22:04 -05:00
wojtekt
ffad401b4e Promote NodeLease feature to GA 2019-11-05 09:01:12 +01:00
Michelle Au
603a2aa8a9 Add CSINode to storage/v1 2019-10-28 13:41:13 -07:00
Tim Allclair
ac2b300ed9 Update bazel 2019-10-23 16:43:03 -07:00
Tim Allclair
fea3111554 Forbid label updates by nodes through pod/status 2019-10-23 15:54:40 -07:00
Jordan Liggitt
92ea33efc5 Clean up TODOs 2019-10-03 09:23:10 -04:00
Di Xu
34cab8f80a populate object name for admission attributes when CREATE 2019-08-22 11:46:12 +08:00
Jordan Liggitt
61774cd717 Plumb context to admission Admit/Validate 2019-08-20 11:11:00 -04:00
draveness
35bc5dc6b6 feat: cleanup feature gates for KubeletPluginsWatcher 2019-06-23 16:59:36 +08:00
Miguel Bernabeu
f47da8a75d Fix golint violations in several plugins 2019-05-23 20:00:06 +02:00
Joe Betz
900d652a9a Update tests for: Pass {Operation}Option to Webhooks 2019-05-14 10:49:43 -07:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
Antoine Pelisse
55f9eeed6c Ignore changes to managed field in noderestriction 
The validation is failing because the managedfields are changed when the
object is updated. We don't have a good way to verify that the changes
are only the ones that are supposed to happen, so we'll just ignore them
for now.
 2019-03-06 13:48:38 -08:00
Xing Yang
85867e5625 Modify node admission and node authorizer 2019-03-04 16:42:12 -08:00
Mehdy Bohlool
d08bc3774d Mechanical changes due to signature change for Admit and Validate functions 2019-02-16 13:28:47 -08:00
Kubernetes Prow Robot
b50c643be0
Merge pull request #73540 from rlenferink/patch-5 
Updated OWNERS files to include link to docs
 2019-02-08 09:05:56 -08:00
Davanum Srinivas
b975573385
move pkg/kubelet/apis/well_known_labels.go to staging/src/k8s.io/api/core/v1/ 
Co-Authored-By: Weibin Lin <linweibin1@huawei.com>

Change-Id: I163b2f2833e6b8767f72e2c815dcacd0f4e504ea
 2019-02-05 13:39:07 -05:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Jordan Liggitt
16e355791f Improve node authorizer and noderestriction forbidden messages 2018-11-24 09:31:10 -05:00
Jordan Liggitt
9fb2dcad5e Limit kubelets from updating their own labels 2018-11-13 23:48:47 -05:00
David Zhu
4621887037 Updated test files with new fields 2018-11-08 19:45:01 -08:00
Jordan Liggitt
4cbdc98df3 node-isolation approvers/reviewers 2018-11-06 00:57:39 -05:00
Cheng Xing
94d649b590 Rearranged feature flags 2018-09-07 17:45:27 -07:00
Cheng Xing
becc6a9c19 Implemented logic in kubelet for registering node info, including wiring to CSINodeInfo; added unit tests for node updates; updated RBAC, NodeAuthorizer, NodeRestriction. 2018-09-06 19:16:51 -07:00
Michael Taufen
1b7d06e025 Kubelet creates and manages node leases 
This extends the Kubelet to create and periodically update leases in a
new kube-node-lease namespace. Based on [KEP-0009](https://github.com/kubernetes/community/blob/master/keps/sig-node/0009-node-heartbeat.md),
these leases can be used as a node health signal, and will allow us to
reduce the load caused by over-frequent node status reporting.

- add NodeLease feature gate
- add kube-node-lease system namespace for node leases
- add Kubelet option for lease duration
- add Kubelet-internal lease controller to create and update lease
- add e2e test for NodeLease feature
- modify node authorizer and node restriction admission controller
to allow Kubelets access to corresponding leases
 2018-08-26 16:03:36 -07:00
yue9944882
bc1fb1f7e8 node authz/ad externalization 2018-08-09 10:57:30 +08:00
jennybuckley
adafb1365e Support dry run in admission plugins 2018-08-06 10:37:44 -07:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Mike Danese
f39ec8b333 add myself as an approver in various auth related directories 
matching the subprojects I work on:

https://docs.google.com/document/d/1RJvnSPOJ3JC61gerCpCpaCtzQjRcsZ2tXkcyokr6sLY/edit
 2018-05-17 11:32:37 -07:00
Jordan Liggitt
15bcfd5e00
Prevent nodes from updating taints 2018-05-15 13:54:33 -04:00