github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-22 03:11:40 +00:00
Code Issues Projects Releases Wiki Activity
114,719 Commits 42 Branches 7,905 Tags 1.3 GiB
16d76f6813
Commit Graph

114719 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rodrigo Campos
16d76f6813
kubelet: Don't reserve mapping for userns phase II 
Latest changes to KEP-127 removed that phase, so let's stop reserving
those IDs for that.

While we are there, we replace 0 for 0*65536 as before we had a bug that
we were not multiplying the index, to avoid bugs in the future.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-03-13 22:28:04 +01:00
Rodrigo Campos
8af3cce7fe
kubelet: remove GetHostIDsForPod() 
Now KEP-127 relies on idmap mounts to do the ID translation and we won't
do any chowns in the kubelet.

This patch just removes the usage of GetHostIDsForPod() in
operationexecutor to do the chown, and also removes the
GetHostIDsForPod() method from the kubelet volume interface.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-03-13 22:28:03 +01:00
Giuseppe Scrivano
9075404dc4
kubelet: use idmapped mounts for all volumes 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2023-03-13 22:28:03 +01:00
Giuseppe Scrivano
79a34cf6a4
cri-api: add mappings for volumes 
add the definitions for the ID mappings to use at runtime for the
volume mount.  This is supported only on Linux where idmapped mounts
are used to perform the runtime mapping.

The new fields are mapped directly to the field in the OCI runtime
specs:

https://github.com/opencontainers/runtime-spec/blob/main/config.md#posix-platform-mounts

The CRI runtime will pass the mappings to the OCI runtime as-is.

Related to KEP-127.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2023-03-13 22:21:32 +01:00
Kubernetes Prow Robot
de9ce03f19
Merge pull request #116542 from enj/enj/f/go1.20 
Explicit bump to go 1.20
 2023-03-13 13:24:55 -07:00
Kubernetes Prow Robot
c237ddb226
Merge pull request #116045 from sanposhiho/sanposhiho/message 
fix(HPA): make a difference in SuccessfulRescale  events between the resource metric and the container resource metric
 2023-03-13 13:24:47 -07:00
Kubernetes Prow Robot
5cd7297148
Merge pull request #116540 from danwinship/conntrack-owners 
copy pkg/proxy OWNERS to pkg/util/conntrack
 2023-03-13 12:15:09 -07:00
Kubernetes Prow Robot
077ca3b736
Merge pull request #116477 from twz123/synctrack-64bit-alignment 
Properly align synctrack.SingleFileTracker struct
 2023-03-13 12:15:02 -07:00
Kubernetes Prow Robot
02a654a635
Merge pull request #116043 from sanposhiho/featuregate-check 
fix(HPA): ignore the container resource metrics in HPA controller when the feature gate is disabled
 2023-03-13 12:14:50 -07:00
Kubernetes Prow Robot
087868a436
Merge pull request #116476 from smarterclayton/context_wait_2 
wait: Split the wait package up into individual files to make refactors easier
 2023-03-13 10:39:00 -07:00
Kubernetes Prow Robot
3106a5c553
Merge pull request #116301 from andyzhangx/remove-azuredisk-code 
Remove Azure disk in-tree storage plugin
 2023-03-13 10:38:48 -07:00
Monis Khan
ba471884fb
Explicit bump to go 1.20 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-13 12:47:36 -04:00
Kubernetes Prow Robot
3b1fc60d80
Merge pull request #116523 from pacoxu/CSIStorageCapacity-v1beta1-remove 
Remove storage.k8s.io/v1beta1 API version of CSIStorageCapacity
 2023-03-13 09:28:50 -07:00
Dan Winship
eaa0791b56 copy pkg/proxy OWNERS to pkg/util/conntrack 2023-03-13 11:20:36 -04:00
Kubernetes Prow Robot
a0b1bee7c5
Merge pull request #115840 from atosatto/remove-taint-manager-cli 
Remove enable-taint-manager and pod-eviction-timeout CLI flags
 2023-03-13 08:13:10 -07:00
Kubernetes Prow Robot
492a08c916
Merge pull request #113525 from 249043822/br-context-logging-deployment 
deployment controller: use contextual logging
 2023-03-13 08:13:02 -07:00
Kubernetes Prow Robot
34537c1a1d
Merge pull request #110864 from claudiubelu/adds-unittests 
unittests: Adds winstats unittests
 2023-03-13 08:12:50 -07:00
Kubernetes Prow Robot
ab5100893a
Merge pull request #116533 from ameukam/remove-gcs-retention-action 
Stop clear non-existant retention policy rule
 2023-03-13 07:02:56 -07:00
Kubernetes Prow Robot
9c5eebaf3f
Merge pull request #115879 from mtardy/scdeny-warning 
`SecurityContextDeny` admission plugin: add warning on creation
 2023-03-13 07:02:48 -07:00
Kubernetes Prow Robot
85524e7da6
Merge pull request #116518 from tzneal/refactor-remote-runner 
test: refactor remote test running
 2023-03-13 05:56:59 -07:00
Kubernetes Prow Robot
4a7ba05691
Merge pull request #116510 from flant/whoami-beta 
Promote whoami kubectl command
 2023-03-13 05:56:47 -07:00
Claudiu Belu
e3edf13486 unittests: Adds winstats unittests 
The module pkg/kubelet/winstats has almost no coverage for Windows. This
commit adds unit tests to cover the mentioned module.
 2023-03-13 12:08:15 +00:00
Saza
d34b0275a3
dynamic resource allocation: add timeouts for communiction with plugin (#114844) 
* add timeouts for communication with dra plugin

* move timeout constant to k8s.io/kubernetes/pkg/kubelet/cm/util

* move settings of timeout to pkg/kubelet/plugin/dra/plugin/client.go

* remove timeout constant
 2023-03-13 04:34:56 -07:00
Kubernetes Prow Robot
185cd95b9c
Merge pull request #113443 from yangjunmyfm192085/namespace-contextual-logging 
namespace controller: use contextual logging
 2023-03-13 04:34:44 -07:00
ZhangKe10140699
66bda6c092 deployment controller: use contextual logging 2023-03-13 19:00:44 +08:00
Arnaud Meukam
033f4b1772
Stop clear non-existant retention policy rule 
This command is now not necessary and create some noise on the trail
logs.
See: https://github.com/kubernetes/k8s.io/pull/4902

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-13 11:35:10 +01:00
mtardy
36a2156033 Add a SecurityContextDeny feature gate disabled by default 
Put plugin registration behind the feature gate.
 2023-03-13 10:18:08 +01:00
John Kwiatkoski
69465d2949
Adding test coverage for NewPodContainerManager() (#110220) 2023-03-13 02:08:44 -07:00
Tom Wieczorek
ffcf653e06
Properly align synctrack.SingleFileTracker struct 
count is used with atomic operations so it must be 64-bit aligned,
otherwise atomic operations will panic. Having it at the top of the
struct will guarantee that, even on 32-bit arches.

This fixes panics like that one observed in kube-apiserver:

    E0310 13:48:47.476124     676 runtime.go:77] Observed a panic: unaligned 64-bit atomic operation
    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.logPanic({0x2482378, 0x2db2ff8})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:75 +0x94
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:49 +0x78
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
    panic: unaligned 64-bit atomic operation [recovered]
    	panic: unaligned 64-bit atomic operation

    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:56 +0xf4
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
 2023-03-13 08:37:13 +01:00
Paco Xu
49032c394c The storage.k8s.io/v1beta1 API version of CSIStorageCapacity will no longer be served in v1.27. 2023-03-13 15:06:04 +08:00
JunYang
f5bd8c86d4 namespace controller: use contextual logging 2023-03-13 14:59:17 +08:00
Kubernetes Prow Robot
ca7804fe13
Merge pull request #115909 from sding3/integration-test-for-debug-profiles-general-baseline 
add integration tests for debug profiles general & baseline
 2023-03-12 22:32:41 -07:00
Kubernetes Prow Robot
16bc942a6b
Merge pull request #113464 from mengjiao-liu/contextual-logging-controller-bootstrap 
Migrate `pkg/controller/bootstrap` to contextual logging
 2023-03-12 20:12:42 -07:00
Todd Neal
23f71f0eba refactor remote test running 2023-03-12 21:26:01 -05:00
Mengjiao Liu
e56f3e0781 Migrate pkg/controller/bootstrap to contextual logging 2023-03-13 10:18:40 +08:00
Kubernetes Prow Robot
3c6e419cc3
Merge pull request #116450 from vinaykul/restart-free-pod-vertical-scaling-api 
Rename ContainerStatus.ResourcesAllocated to ContainerStatus.AllocatedResources
 2023-03-12 16:06:40 -07:00
Kubernetes Prow Robot
a32050e6cb
Merge pull request #116201 from sanposhiho/metric-scheduling-gate 
add(scheduler): implement "plugin_execution_duration_seconds" metric in PreEnqueue
 2023-03-12 13:52:40 -07:00
Kubernetes Prow Robot
3710d93d14
Merge pull request #115976 from ii/pending_eligible_endpoints 
Create pending_eligible_endpoints.yaml and move endpoints from ineligible_endpoints.yaml
 2023-03-12 12:20:51 -07:00
Kubernetes Prow Robot
a4a0fd44d8
Merge pull request #115912 from moshe010/dra-checkpoint 
kubelet DRA: Add checkpointing mechanism in the DRA Manager
 2023-03-12 12:20:40 -07:00
Kubernetes Prow Robot
e413e6a59c
Merge pull request #116312 from sanposhiho/move-label 
cleanup(scheduler): move metric labels to metrics package
 2023-03-12 10:48:40 -07:00
Kubernetes Prow Robot
f944743953
Merge pull request #116509 from cpanato/distroless-ip 
Update distroless-iptables and setcap images
 2023-03-12 08:44:39 -07:00
cpanato
609ae51395
Updated setcap to use released image registry.k8s.io/build-image/setcap:bullseye-v1.4.2 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-03-12 15:26:56 +01:00
cpanato
7b0b87e057
Updated distroless iptables to use released image registry.k8s.io/build-image/distroless-iptables:v0.2.2 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-03-12 15:26:15 +01:00
m.nabokikh
c2cadd2b60 Promote whoami kubectl command 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-12 15:24:31 +01:00
Moshe Levi
2c79af0d63 kubelet dra: add unit tests for checkpoint 
Signed-off-by: Moshe Levi <moshele@nvidia.com>
 2023-03-12 09:13:19 +02:00
Kensei Nakada
fafbed3b1d
fix the error message 2023-03-12 14:48:48 +09:00
Kensei Nakada
639007b28e cleanup(scheduler): move metric labels to metrics package 2023-03-12 05:10:29 +00:00
Kensei Nakada
6697467062 add(scheduler): implement "plugin_execution_duration_seconds" metric in PreEnqueue 2023-03-12 04:45:52 +00:00
Kubernetes Prow Robot
ead7d66ee1
Merge pull request #116500 from dims/revert-linx-arm-workaround 
Revert "Disable unified build and static init optimization for tests"
 2023-03-11 13:04:40 -08:00
Kubernetes Prow Robot
cc3855e0cf
Merge pull request #116170 from aojea/watch_instead_poll_system_namespaces 
Watch instead poll system namespaces
 2023-03-11 11:24:39 -08:00