github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-10 04:27:54 +00:00
Code Issues Projects Releases Wiki Activity
121,758 Commits 42 Branches 7,905 Tags 1.3 GiB
096e948905
Commit Graph

121758 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Patrick Ohly
096e948905 dra scheduler: support structured parameters 
When a claim uses structured parameters, as indicated by the resource class
flag, the scheduler is responsible for allocating it. To do this it needs to
gather information about available node resources by watching
NodeResourceSlices and then match the in-tree claim parameters against those
resources.
 2024-03-07 22:21:04 +01:00
Patrick Ohly
a92d2a4cea noderestriction admission: lock down create of NodeResourceSlice 
The proper value of NodeName must be checked here for create because
the node authorizer cannot do it.
 2024-03-07 16:15:52 +01:00
Patrick Ohly
2e34e187c9 node authorizer: lock down access for NodeResourceSlice 
The kubelet running on one node should not be allowed to access
NodeResourceSlice objects belonging to some other node, as defined by the
NodeResourceSlice.NodeName field.
 2024-03-07 16:15:52 +01:00
Patrick Ohly
39bbcedbca dra api: add structured parameters 
NodeResourceSlice will be used by kubelet to publish resource information on
behalf of DRA drivers on the node. NodeName and DriverName in
NodeResourceSlice must be immutable. This simplifies tracking the different
objects because what they are for cannot change after creation.

The new field in ResourceClass tells scheduler and autoscaler that they are
expected to handle allocation.

ResourceClaimParameters and ResourceClassParameters are new types for telling
in-tree components how to handle claims.
 2024-03-07 16:15:31 +01:00
Patrick Ohly
eb1470d60d scheduler: fix assume cache with no index 
The assume cache in the volumbinding plugin can be created with no separate
index, but List then failed because it tried to use the empty index name
instead of using the store's List function.
 2024-03-07 16:09:44 +01:00
Kubernetes Prow Robot
bf7fcfdc7f
Merge pull request #123776 from dims/adjust-gpu-test-to-work-with-latest-nvidia-daemonset 
Adjust GPU test to work with latest nvidia daemonset on AWS/ec2
 2024-03-07 06:30:55 -08:00
Kubernetes Prow Robot
a035f5b19e
Merge pull request #123774 from cici37/vapGA 
Enabled conformance test for GA feature.
 2024-03-07 06:30:48 -08:00
Kubernetes Prow Robot
fb1d8b015d
Merge pull request #123798 from cpanato/update-bot 
Update publishing-bot rules to Go 1.21.8
 2024-03-07 05:24:39 -08:00
cpanato
48daa91857
Update publishing-bot rules to Go 1.21.8 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-03-07 06:32:51 -05:00
Kubernetes Prow Robot
a31a465405
Merge pull request #123735 from thockin/master 
Don't embed plural exceptions in tools
 2024-03-07 02:08:27 -08:00
Davanum Srinivas
30857658e4
Adjust GPU test to work with latest nvidia daemonset 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2024-03-06 21:42:21 -05:00
Kubernetes Prow Robot
2ec63e0d28
Merge pull request #123482 from sanposhiho/hpa-containerresource-graduation 
graduate HPAContainerMetrics to stable
 2024-03-06 17:37:36 -08:00
Kubernetes Prow Robot
c726b2b3a3
Merge pull request #123431 from aramase/aramase/f/kep_3331_multiple_jwt_authenticator 
Support multiple JWT authenticators with structured authn config
 2024-03-06 17:37:29 -08:00
cici37
758dc53510 Enabled conformance test for VAP which is GAed. 2024-03-06 23:53:20 +00:00
Kubernetes Prow Robot
05cb0a55c8
Merge pull request #123696 from aramase/aramase/f/kep_3331_v1beta1_api 
Duplicate v1alpha1 AuthenticationConfiguration to v1beta1
 2024-03-06 15:35:28 -08:00
Kubernetes Prow Robot
bd25605619
Merge pull request #123435 from tallclair/apparmor-ga 
AppArmor fields API
 2024-03-06 15:35:14 -08:00
Tim Hockin
df7f5fca27
Don't embed plural exceptions in tools 2024-03-06 14:57:46 -08:00
Anish Ramasekar
39e1c9108c
Support multiple JWT authenticators with structured authn config 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-06 14:42:32 -08:00
Kubernetes Prow Robot
e0621034be
Merge pull request #123750 from cpanato/update-go 
[go] Bump images, dependencies and versions to go 1.22.1 and distroless iptables
 2024-03-06 12:35:50 -08:00
Tim Allclair
2d86cbf261 Separate feature-gate for AppArmor fields 2024-03-06 10:46:32 -08:00
Tim Allclair
22068e0cc7 Validate annotation & field match in PodTemplate 2024-03-06 10:46:31 -08:00
Tim Allclair
06caf32ecd Validate localhost profile max length 2024-03-06 10:46:31 -08:00
Tim Allclair
0eb5f52d06 Rename AppArmor annotation constants with Deprecated 2024-03-06 10:46:31 -08:00
cpanato
70221e8405
[go] Bump images, dependencies and versions to go 1.22.1 and distroless iptables 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-03-06 13:09:17 -05:00
Kubernetes Prow Robot
5f2c9e73c0
Merge pull request #123759 from liggitt/update-workspace 
Avoid clearing go version in go.work update script
 2024-03-06 10:07:23 -08:00
Kubernetes Prow Robot
a5f5f44157
Merge pull request #123758 from liggitt/protobump 
[CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
 2024-03-06 07:49:01 -08:00
Jordan Liggitt
6f2842c08c
Avoid clearing go version in go.work update script 2024-03-06 10:04:49 -05:00
Jordan Liggitt
c6673d2346
Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0 2024-03-06 09:47:28 -05:00
Kubernetes Prow Robot
546f7c3086
Merge pull request #123738 from kannon92/fail-limited-swap-cgroup-v1 
[KEP-2400]: Fail limited swap cgroup v1
 2024-03-05 19:30:34 -08:00
Kubernetes Prow Robot
2b521e5f8e
Merge pull request #123405 from cici37/vapGA 
[KEP-3488]Promote ValidatingAdmissionPolicy to GA
 2024-03-05 18:29:53 -08:00
Kubernetes Prow Robot
39b085d936
Merge pull request #121725 from cubxxw/patch-1 
fix: code style untidy  and update version.sh
 2024-03-05 18:29:44 -08:00
Kubernetes Prow Robot
695072027d
Merge pull request #123730 from pohly/dra-status-update-fix 
dra api: fix status updates
 2024-03-05 17:31:15 -08:00
Kubernetes Prow Robot
87f9b3891e
Merge pull request #123385 from HirazawaUi/allow-special-characters 
Allow almost all printable ASCII characters in environment variables
 2024-03-05 17:31:06 -08:00
Kubernetes Prow Robot
5b4d97dc5a
Merge pull request #122541 from aojea/headless_selector 
Implement a field selector for ClusterIP on Services
 2024-03-05 17:30:57 -08:00
Kevin Hannon
e90782bec8 fail LimitedSwap with cgroupv1 2024-03-05 20:19:27 -05:00
Kubernetes Prow Robot
3686ceb5b8
Merge pull request #122745 from kannon92/swap-no-swap-default 
[KEP-2400] add no swap as the default option for swap
 2024-03-05 16:32:40 -08:00
cici37
5d83282823 Auto updates 2024-03-05 16:00:21 -08:00
cici37
de506ce7ac Promote ValidatingAdmissionPolicy to GA. 2024-03-05 16:00:21 -08:00
Kubernetes Prow Robot
262399065d
Merge pull request #123729 from seans3/streaming-owners 
Adds OWNERS files to client-go streaming dirs
 2024-03-05 14:46:02 -08:00
Kubernetes Prow Robot
751e3e9745
Merge pull request #123713 from aojea/missing_providerid 
node-controller require providerID to initialize a node
 2024-03-05 14:45:53 -08:00
Kubernetes Prow Robot
5fd38a8c78
Merge pull request #122907 from sohankunkerkar/prepare-kep-3983-for-beta 
[KEP-4419]: promote KubeletConfigDropInDir feature to beta
 2024-03-05 14:45:39 -08:00
Kubernetes Prow Robot
1e4124b081
Merge pull request #123726 from haircommander/kubelet_t 
e2e_node: use kubelet_exec_t instead of bin_t for kubelet
 2024-03-05 13:45:14 -08:00
Kubernetes Prow Robot
2bed0087c3
Merge pull request #123722 from atiratree/e2e-kubectl-delete-fix 
fix e2e test for kubectl interactive delete
 2024-03-05 13:45:07 -08:00
Kubernetes Prow Robot
df1eccae38
Merge pull request #123543 from jiahuif-forks/feature/validating-admission-policy/excluded-resources 
ValidatingAdmissionPolicy: exclude brink-able resources.
 2024-03-05 13:45:01 -08:00
Kubernetes Prow Robot
5f4a20e65d
Merge pull request #120718 from gjkim42/add-restartable-init-containers-to-pod-resources-api 
Make PodResources API include restartable init containers
 2024-03-05 13:44:54 -08:00
Kevin Hannon
6a4e19a4ec add no swap as the default option for swap 2024-03-05 16:10:42 -05:00
Kubernetes Prow Robot
7a20def5ba
Merge pull request #123721 from enj/enj/i/authn_config_doc_nesting 
Fix AuthenticationConfiguration docs around nested claims via CEL
 2024-03-05 12:41:51 -08:00
Kubernetes Prow Robot
6efef796f6
Merge pull request #122998 from MikeSpreitzer/add-deletion-handling 
Add DeletionHandlingObjectToName
 2024-03-05 12:41:45 -08:00
Patrick Ohly
27df75c577 dra api: fix status updates 
Changing object meta is not supposed to be possible via status updates. For
example, it circumvents RBAC permission checks.
 2024-03-05 21:39:24 +01:00
Tim Allclair
ec325b328d Match annotations against pod AppArmor field 2024-03-05 12:22:50 -08:00