- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
The "pause" pods that are being run in the scheduling tests are
sometimes launched in system namespaces. Therefore even if a test
is considered to be running on a "baseline" Pod Security admission
level, its "baseline" pods would fail to run if the global PSa
enforcement policy is set to "restricted" - the system namespaces
have no PSa labels.
The "pause" pods run by this test can actually easily run with
"restricted" security context, and so this patch turns them
into just that.
This dependency was updated in 6b864dc4e1, but using
a version that's 1 commit ahead of the latest (v1.0.1) release. As a consequence,
any project that uses k8s.io/component-base as a dependency, but that prefers to
use tagged releases, will be required to add a `replace` rule in their `go.mod`.
Looking at the difference between the currently used version and the last release,
the only difference is the addition of a `go.mod`:
https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.1...c182affec369
While it can help to have a `go.mod` to resolve the minimum version of (indirect)
dependencies, in this case, the (minimum) versions of dependencies defined in this
module's `go.mod` are quite a bit behind the version defined in k8s' own go.mod,
so would already be up-to-date.
Based on the above, it looks like the `go.mod` (currently) doesn't provide much
value, and it would be safe to roll back 1 commit to use the tagged/released
version of this module.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
COS-85 is very old OS image and is EoL in September 2022. Update to the
latest stable LTS version of COS.
Signed-off-by: David Porter <david@porter.me>
The experimental-watch-progress-notify-interval flag specifies an interval
at which etcd sends data to the kube-api server.
It is used by the WatchBookmark feature which is GA since 1.17.
It will be used by a new WatchList feature which is Alpha since 1.25
In addition to that the feature was graduated to GA (non-experiment) in etcd 3.5 without any code changes
The evictorLock only protects zonePodEvictor and zoneNoExecuteTainter.
processTaintBaseEviction showed indications of increased lock contention
among goroutines (see issue 110341 for more details).
The refactor done is to ensure that all codepaths in that function that
hold the evictorLock AND make API calls under the lock, are now making
API calls outside the lock and the lock is held only for accessing either
zonePodEvictor or zoneNoExecuteTainter or both.
Two other places where the refactor was done is the doEvictionPass and
doNoExecuteTaintingPass functions which make multiple API calls under
the evictorLock.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
