github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 04:06:03 +00:00
Code Issues Projects Releases Wiki Activity
89,025 Commits 42 Branches 7,905 Tags 1.3 GiB
2364c10e2e
Commit Graph

89025 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yu-Ju Hong
2364c10e2e
kubelet: Don't delete pod until all container status is available 
After a pod reaches a terminal state and all containers are complete
we can delete the pod from the API server. The dispatchWork method
needs to wait for all container status to be available before invoking
delete. Even after the worker stops, status updates will continue to
be delivered and the sync handler will continue to sync the pods, so
dispatchWork gets multiple opportunities to see status.

The previous code assumed that a pod in Failed or Succeeded had no
running containers, but eviction or deletion of running pods could
still have running containers whose status needed to be reported.

This modifies earlier test to guarantee that the "fallback" exit
code 137 is never reported to match the expectation that all pods
exit with valid status for all containers (unless some exceptional
failure like eviction were to occur while the test is running).
 2020-03-04 13:34:25 -05:00
Clayton Coleman
ad3d8949f0
kubelet: Preserve existing container status when pod terminated 
The kubelet must not allow a container that was reported failed in a
restartPolicy=Never pod to be reported to the apiserver as success.
If a client deletes a restartPolicy=Never pod, the dispatchWork and
status manager race to update the container status. When dispatchWork
(specifically podIsTerminated) returns true, it means all containers
are stopped, which means status in the container is accurate. However,
the TerminatePod method then clears this status. This results in a
pod that has been reported with status.phase=Failed getting reset to
status.phase.Succeeded, which is a violation of the guarantees around
terminal phase.

Ensure the Kubelet never reports that a container succeeded when it
hasn't run or been executed by guarding the terminate pod loop from
ever reporting 0 in the absence of container status.
 2020-03-04 13:34:24 -05:00
Clayton Coleman
6d98b0a0f4
Test that an always-fail container can't report the pod Succeeded 
The kubelet can race when a pod is deleted and report that a container succeeded
when it instead failed, and thus the pod is reported as succeeded. Create an e2e
test that demonstrates this failure.
 2020-03-04 13:34:20 -05:00
Kubernetes Prow Robot
b5b675491b
Merge pull request #86173 from soltysh/cli_defaults 
stop defaulting kubeconfig to http://localhost:8080
 2020-03-04 07:23:47 -08:00
Kubernetes Prow Robot
f692f5cfcd
Merge pull request #88049 from mtaufen/provider-info-agnhost 
Update agnhost to test OIDC validation of JWT tokens
 2020-03-04 03:43:47 -08:00
Kubernetes Prow Robot
497a998ba6
Merge pull request #88654 from ddebroy/gmsa-disable1 
Promote GMSA support for Windows to GA
 2020-03-04 02:32:01 -08:00
Kubernetes Prow Robot
4d19c6f2ad
Merge pull request #87537 from uthark/oatamanenko/apiversion 
Fixes #87506 Add apiVersion to involvedObject
 2020-03-04 02:31:47 -08:00
Kubernetes Prow Robot
c2593d3fa7
Merge pull request #88669 from mkimuram/snapfromfile 
Add FromFile and FromExistingClassName support for SnapshotClass in external storage e2e test
 2020-03-04 01:10:00 -08:00
Kubernetes Prow Robot
71cfd2a3db
Merge pull request #88460 from soltysh/filename_exec 
Wire --filename flag to exec
 2020-03-04 01:09:47 -08:00
Kubernetes Prow Robot
bd6640a8e0
Merge pull request #88769 from deads2k/SNI 
Support TLS Server Name overrides in kubeconfig file
 2020-03-03 23:18:00 -08:00
Kubernetes Prow Robot
76245147f3
Merge pull request #88598 from jennybuckley/base-image 
Update etcd debian base image to v2.0.0
 2020-03-03 23:17:47 -08:00
Kubernetes Prow Robot
cadd51783b
Merge pull request #88783 from neolit123/1.18-fix-kubectl-auth-verbosity 
client-go: use klog.V(3) for the cert-rotation controller start/stop
 2020-03-03 21:06:09 -08:00
Kubernetes Prow Robot
0535520f6e
Merge pull request #88758 from soltysh/hide_last_applied 
Hide kubectl.kubernetes.io/last-applied-configuration in describe
 2020-03-03 21:06:01 -08:00
Kubernetes Prow Robot
cd23e78c3d
Merge pull request #88684 from saad-ali/updateMountLib 
Update AzureFile and CephFS to use MountSensitive
 2020-03-03 21:05:48 -08:00
Deep Debroy
16d221e407 Promote GMSA to GA 
Signed-off-by: Deep Debroy <ddebroy@docker.com>
 2020-03-04 02:56:21 +00:00
Kubernetes Prow Robot
aeb88b6ecd
Merge pull request #88587 from cmluciano/cml/v1beta1paths 
Adding PathType to Ingress
 2020-03-03 18:13:47 -08:00
Lubomir I. Ivanov
b2677b1e57 client-go: use klog.V(3) for the cert-rotation controller start/stop 
Introduce a verbosity level for the start and stop notifications,
so that regular calls to commands such as:
  "kubectl auth ..."
would only contain the "yes" / "no" output.
 2020-03-04 01:35:17 +02:00
Kubernetes Prow Robot
25d241eda2
Merge pull request #85642 from claudiubelu/tests/guestbook-workers-update-image 
test images: Updates agnhost guestbook subcommand
 2020-03-03 15:33:47 -08:00
Charles Eckman
5ceecd3ba3 Update agnhost to test OIDC validation of JWT tokens 
Extends agnhost with the capability to validate a mounted token against
the API server's OIDC endpoints.

Co-authored-by: Michael Taufen <mtaufen@google.com>
 2020-03-03 15:27:47 -08:00
Masaki Kimura
401b85e547 Add FromFile and FromExistingClassName support for SnapshotClass in external storage e2e test 2020-03-03 20:28:32 +00:00
Kubernetes Prow Robot
861c918a44
Merge pull request #88761 from aleksandra-malinowska/cluster-autoscaler-1.18.0-beta.0 
Update Cluster Autoscaler version to 1.18.0-gke.0
 2020-03-03 12:18:31 -08:00
Kubernetes Prow Robot
0773f108c7
Merge pull request #88710 from SataQiu/ipvs-readme-20200302 
kube-proxy: small cleanup for ipvs readme
 2020-03-03 12:18:22 -08:00
Kubernetes Prow Robot
9d0cbb7503
Merge pull request #88673 from jsafrane/block-feature-ga 
Promote block volumes to GA
 2020-03-03 12:17:12 -08:00
Kubernetes Prow Robot
b9696133ff
Merge pull request #88655 from soltysh/deprecate_generator 
Deprecate --generator flag from kubectl create commands
 2020-03-03 12:17:01 -08:00
Kubernetes Prow Robot
481b04cf7c
Merge pull request #88487 from zioproto/issues/69314-tier-config-support 
Use compute v1 api to specify network tier
 2020-03-03 12:16:52 -08:00
Kubernetes Prow Robot
bfb3fb54b4
Merge pull request #88240 from soltysh/pod_conditions 
Present more concrete information about pod readiness
 2020-03-03 12:15:42 -08:00
Kubernetes Prow Robot
62dc3ea6d1
Merge pull request #87368 from 928234269/fix_staticcheck01 
fix staticcheck errors in pkg/controller/daemon.
 2020-03-03 12:15:28 -08:00
Tim Allclair
db3392ed12
Always include remoteAddr in source IP list for audit (#87167) 
* Always include remoteAddr in source IP list for audit

Since the remoteAddr is much harder to spoof than headers, always include it in
the list of source IPs used in audit logs.

* Add v6 tests
 2020-03-03 12:15:14 -08:00
saad-ali
3784438b56 Prevent CephFS from logging senstive options 2020-03-03 11:20:08 -08:00
saad-ali
548b297a00 Prevent AzureFile from logging senstive options 2020-03-03 11:20:08 -08:00
saad-ali
727582311f Fix MountError Test 2020-03-03 11:20:08 -08:00
saad-ali
22e8189f40 Update dep k8s.io/utils to 0a110f9eb7ab 2020-03-03 11:20:08 -08:00
Rob Scott
f38904d6f4
Adding PathType to Ingress 
Co-authored-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-03 11:11:16 -08:00
David Eads
9dcbc0bf90 update override behavior for kubectl --tls-server-name 2020-03-03 13:23:30 -05:00
Maciej Szulik
02cd65d7bb
Squash pkg/describe/versioned/ into pkg/describe/ 2020-03-03 19:20:06 +01:00
Suresh Kumar Ponnusamy
37c81ed79a Support TLS Server Name overrides in kubeconfig file 
Signed-off-by: Suresh Kumar Ponnusamy <suresh.ponnusamy@freshworks.com>
 2020-03-03 12:55:18 -05:00
Kubernetes Prow Robot
06b798781a
Merge pull request #88591 from smarterclayton/status_update 
kubelet: Avoid sending no-op patches
 2020-03-03 09:43:38 -08:00
Maciej Szulik
07dc17ffd9
Provide more verbose empty config error based on the context 2020-03-03 18:42:19 +01:00
Kubernetes Prow Robot
0a2a69add2
Merge pull request #88760 from munnerz/signername-follow-up 
signerName: extend client-go ensureCompatibility and additional unit tests
 2020-03-03 07:51:39 -08:00
Aleksandra Malinowska
472a935294 Update Cluster Autoscaler version to 1.18.0-gke.0 2020-03-03 14:42:25 +01:00
James Munnelly
4144a2a1cf Add unit tests for IsKubeletClientCSR and IsKubeletServingCSR 2020-03-03 13:14:32 +00:00
James Munnelly
c2367bd5da Extend client-go csr package to invalidate CSRs based on signerName 2020-03-03 13:14:04 +00:00
Maciej Szulik
c77b297bab
Hide kubectl.kubernetes.io/last-applied-configuration in describe 2020-03-03 12:54:00 +01:00
Maciej Szulik
9dac1699bf
Wire --filename flag to exec 2020-03-03 12:16:52 +01:00
Kubernetes Prow Robot
c86aec0564
Merge pull request #88745 from mborsz/slice3 
Implement simple endpoint slice batching
 2020-03-03 03:03:38 -08:00
Kubernetes Prow Robot
ac55a51034
Merge pull request #85056 from pohsienshih/volume/golint 
Fix golint issues for pkg/volume/rbd
 2020-03-03 01:37:37 -08:00
Kubernetes Prow Robot
5726fa2184
Merge pull request #88747 from BenTheElder/approvers 
update cluster/ approvers
 2020-03-03 00:17:51 -08:00
Kubernetes Prow Robot
9ee75e48c9
Merge pull request #88681 from Huang-Wei/fix-pts-e2e-flak 
Fix an e2e flake for preemption with hard PodTopologySpread
 2020-03-03 00:17:37 -08:00
Maciej Borsz
49b11b5431 Implement simple endpoint slice batching 2020-03-03 08:16:42 +01:00
Kubernetes Prow Robot
1c4f1edfba
Merge pull request #88746 from andrewsykim/test-framework-pkg-apis 
test/e2e/framework: remove dependencies to internal APIs
 2020-03-02 22:13:46 -08:00