Commit Graph

127156 Commits

Author SHA1 Message Date
Patrick Ohly
00faa5e7ae DRA CEL: skip estimating the cost in the scheduler
Compiling a CEL expression used to do the cost estimation, whether the caller
needed the result or not. Now callers can skip it. The scheduler does that,
through the CEL cache.

The main advantage is that failures in the estimator (like panics) are limited
to the apiserver. Performance in the scheduler is not expected to benefit much
because compilation results are cached.
2025-01-24 09:17:19 +01:00
Patrick Ohly
f89e4c08cf DRA CEL: add missing size estimator
Not implementing a size estimator had the effect that strings retrieved from
the attributes were treated as "unknown size", leading to wildly overestimating
the cost and validation errors even for even simple expressions like this:

    device.attributes["qat.intel.com"].services.matches("[^a]?sym")

Maximum number of elements in maps and the maximum length of the driver name
string were also ignored resp. missing. Pre-defined types like
apiservercel.StringType must be avoided because they are defined as having
a zero maximum size.
2025-01-17 14:27:49 +01:00
Kubernetes Release Robot
6473e7b6ca Update CHANGELOG/CHANGELOG-1.32.md for v1.32.1 2025-01-15 15:00:37 +00:00
Kubernetes Release Robot
e9c9be4007 Release commit for Kubernetes v1.32.1 2025-01-15 14:31:54 +00:00
Kubernetes Prow Robot
5fe148234f
Merge pull request #129598 from aravindhp/automated-cherry-pick-of-#129595-upstream-release-1.32
Automated cherry pick of #129595: kubelet: use env vars in node log query PS command
2025-01-14 10:26:35 -08:00
Aravindh Puthiyaparambil
00be157dab
kubelet: use env vars in node log query PS command
- Use environment variables to pass string arguments in the node log
  query PS command
- Split getLoggingCmd into getLoggingCmdEnv and getLoggingCmdArgs
  for better modularization
2025-01-13 14:25:35 -08:00
Kubernetes Prow Robot
e616858316
Merge pull request #129544 from pohly/automated-cherry-pick-of-#129543-origin-release-1.32
Automated cherry pick of #129543: DRA API: bump maximum size of ReservedFor to 256
2025-01-10 11:14:31 -08:00
Patrick Ohly
aba61276ed DRA e2e: adapt to increased ReservedFor limit
We want to be sure that the maximum number of pods per claim are actually
scheduled concurrently. Previously the test just made sure that they ran
eventually.

Running 256 pods only works on more than 2 nodes, so network-attached resources
have to be used. This is what the increased limit is meant for anyway. Because
of the tightened validation of node selectors in 1.32, the E2E test has to
use MatchExpressions because they allow listing node names.
2025-01-10 16:08:34 +01:00
Kubernetes Prow Robot
181bc4773b
Merge pull request #129528 from tnqn/automated-cherry-pick-of-#129201-upstream-release-1.32
Automated cherry pick of #129201: Add watch permission to namespace-controller for WatchListClient feature
2025-01-10 06:00:31 -08:00
Kubernetes Prow Robot
08ec9118a0
Merge pull request #129429 from neolit123/automated-cherry-pick-of-#129418-origin-release-1.32-1735554474
Automated cherry pick of #129418 kubeadm: skip disabled addons in clusterconfig on upgrade
2025-01-09 17:38:31 -08:00
Patrick Ohly
a5de75458e DRA API: bump maximum size of ReservedFor to 256
The original limit of 32 seemed sufficient for a single GPU on a node. But for
shared non-local resources it is too low. For example, a ResourceClaim might be
used to allocate an interconnect channel that connects all pods of a workload
running on several different nodes, in which case the number of pods can be
considerably larger.

256 is high enough for currently planned systems. If we need something even
higher in the future, an alternative approach might be needed to avoid
scalability problems.

Normally, increasing such a limit would have to be done incrementally over two
releases. In this case we decided on
Slack (https://kubernetes.slack.com/archives/CJUQN3E4T/p1734593174791519) to
make an exception and apply this change to current master for 1.33 and backport
it to the next 1.32.x patch release for production usage.

This breaks downgrades to a 1.32 release without this change if there are
ResourceClaims with a number of consumers > 32 in ReservedFor. In practice,
this breakage is very unlikely because there are no workloads yet which need so
many consumers and such downgrades to a previous patch release are also
unlikely. Downgrades to 1.31 already weren't supported when using DRA v1beta1.
2025-01-09 14:27:03 +01:00
Kubernetes Prow Robot
db14116697
Merge pull request #129495 from MadhavJivrajani/132-go124-webhook-regex-ut
[go1.24][1.32] webhook: alter regex to account for x509sha1 GODEBUG removal
2025-01-09 03:46:39 -08:00
Kubernetes Prow Robot
4466b1347a
Merge pull request #129322 from ardaguclu/automated-cherry-pick-of-#129301-upstream-release-1.32
Automated cherry pick of #129301: Do not attempt to truncate revision history if revisionHistoryLimit is negative
2025-01-09 03:46:31 -08:00
Kubernetes Prow Robot
117a48fcdf
Merge pull request #129455 from neolit123/automated-cherry-pick-of-#129418-origin-release-1.32-1735822604
Automated cherry pick of #129452 kubeadm: fix a bug where the node.skipPhases in UpgradeNodeConfigurat…
2025-01-08 14:06:38 -08:00
Kubernetes Prow Robot
88f4a70c32
Merge pull request #129180 from RomanBednar/automated-cherry-pick-of-#128086-upstream-release-1.32
Automated cherry pick of #128086: prevent unnecessary resolving of iscsi/fc devices to dm
2025-01-08 14:06:31 -08:00
Quan Tian
86ae8b5936 Add watch permission to namespace-controller for WatchListClient feature
The WatchListClient feature is enabled for kube-controller-manager, but
namespace-controller misses the necessary "watch" permission, which
results in 30 error logs being generated every time a namespace is
deleted and falling back to the standard LIST semantics.

Signed-off-by: Quan Tian <quan.tian@broadcom.com>
2025-01-08 23:34:09 +08:00
Kubernetes Prow Robot
a40d8d675f
Merge pull request #129178 from liggitt/automated-cherry-pick-of-#129059-upstream-release-1.32
Automated cherry pick of #129059: Isolate mock signer for externaljwt tests
2025-01-07 16:28:28 +01:00
Madhav Jivrajani
12aed7a3dd webhook: alter regex to account for x509sha1 GODEBUG removal
go1.24 removes the x509sha1 GODEBUG variable, and with it the
support for SHA-1 signed certs. This commit alters the regex
in unit tests to account for that and prep for go1.24.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
2025-01-06 15:10:07 -08:00
Kubernetes Prow Robot
0d452a0e5b
Merge pull request #129286 from ameukam/automated-cherry-pick-of-#129095-upstream-release-1.32
Automated cherry pick of #129095: fetch cni plugins from GitHub releases
2025-01-06 12:32:16 +01:00
SataQiu
d449f70f85 kubeadm: fix a bug where the node.skipPhases in UpgradeNodeConfiguration is not respected by 'kubeadm upgrade node' 2025-01-02 14:58:01 +02:00
Kubernetes Prow Robot
642efbb595
Merge pull request #129423 from cpanato/update-go1234-rel132
[release-1.32][go] Bump images, dependencies and versions to go 1.23.4 and distroless iptables
2024-12-30 16:02:13 +01:00
Lubomir I. Ivanov
6fba589914 kubeadm: skip disabled addons in clusterconfig on upgrade
If an addon is disabled in the ClusterConfiguration skip it
on upgrade in the repsective subphase of 'addons'.
2024-12-30 12:35:12 +02:00
cpanato
f6bda97565
Bump images, dependencies and versions to go 1.23.4 and distroless iptables
Signed-off-by: cpanato <ctadeu@gmail.com>
2024-12-30 09:09:07 +01:00
Kubernetes Prow Robot
826f0910e4
Merge pull request #129234 from gnufied/automated-cherry-pick-of-#129085-upstream-release-1.32
Automated cherry pick of #129085: Fix volume expansion offline e2e
2024-12-20 08:48:08 +01:00
Arda Güçlü
60c9a5ecbd Do not attempt to truncate revision history if revisionHistoryLimit is negative 2024-12-20 10:02:28 +03:00
upodroid
dedd4df0a2 fetch cni plugins from GitHub releases 2024-12-18 19:48:06 +01:00
Hemant Kumar
d19cb5cd52 Fix volume expansion offline 2024-12-16 10:39:58 -05:00
Roman Bednar
83b0e0b730 prevent unnecessary resolving of iscsi/fc devices to dm 2024-12-12 15:57:59 +01:00
Jordan Liggitt
de1303fb14
Isolate mock signer for externaljwt tests 2024-12-12 09:32:11 -05:00
Kubernetes Release Robot
2413b97219 Update CHANGELOG/CHANGELOG-1.32.md for v1.32.0 2024-12-11 18:19:59 +00:00
Kubernetes Release Robot
70d3cc986a Release commit for Kubernetes v1.32.0 2024-12-11 17:59:15 +00:00
Kubernetes Release Robot
ac32886440 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-11 00:11:39 +00:00
Kubernetes Release Robot
8a39b60620 CHANGELOG: Update directory for v1.31.4 release 2024-12-10 19:52:56 +00:00
Kubernetes Release Robot
3fe11b26f8 CHANGELOG: Update directory for v1.30.8 release 2024-12-10 19:35:52 +00:00
Kubernetes Release Robot
135c7d19ca CHANGELOG: Update directory for v1.29.12 release 2024-12-10 12:00:08 +00:00
Kubernetes Release Robot
4c081a4b01 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-07 12:05:59 +00:00
Kubernetes Prow Robot
a499facee6
Merge pull request #128954 from sanposhiho/conflict-error
fix(e2e): retry on conflict when deleting extended resource
2024-12-07 07:08:00 +00:00
Kubernetes Release Robot
22b14e54a4 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-06 18:04:35 +00:00
Kubernetes Prow Robot
bfe431b53e
Merge pull request #129103 from liggitt/drop-winreadlinkvolume
Drop use of winreadlinkvolume godebug option
2024-12-06 17:26:01 +00:00
Jordan Liggitt
3046fe23d4
Drop use of winreadlinkvolume godebug option 2024-12-06 02:43:45 -05:00
Kubernetes Release Robot
009a5abde4 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-05 22:44:56 +00:00
Kubernetes Release Robot
dfbb58027a Update CHANGELOG/CHANGELOG-1.32.md for v1.32.0-rc.2 2024-12-05 18:08:48 +00:00
Kubernetes Release Robot
a27498ef42 CHANGELOG: Update directory for v1.32.0-rc.2 release 2024-12-05 18:08:47 +00:00
Kubernetes Release Robot
5bdab6ed11 Release commit for Kubernetes v1.32.0-rc.2 2024-12-05 17:40:31 +00:00
Kubernetes Release Robot
6f3c354fb5 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-05 04:45:41 +00:00
Kubernetes Prow Robot
1504f10e79
Merge pull request #129081 from stlaz/fg_remote_uid
featuregate UID in RequestHeader authenticator
2024-12-04 23:43:06 +00:00
Kubernetes Release Robot
f5900aab68 Merge remote-tracking branch 'origin/master' into release-1.32 2024-12-04 22:44:43 +00:00
Monis Khan
779d76176a
Update tests to handle RemoteRequestHeaderUID
Signed-off-by: Monis Khan <mok@microsoft.com>
2024-12-04 16:04:36 -05:00
Kubernetes Prow Robot
6fc64a261c
Merge pull request #129083 from liggitt/go1.23windows
Revert to go1.22 windows filesystem stdlib behavior
2024-12-04 18:33:02 +00:00
Jordan Liggitt
3878a3a6de
Revert to go1.22 windows filesystem stdlib behavior 2024-12-04 10:44:55 -05:00