github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 12:15:52 +00:00
Code Issues Projects Releases Wiki Activity
109,814 Commits 42 Branches 7,905 Tags 1.3 GiB
4b6134b6dc
Commit Graph

109814 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
4b6134b6dc
Merge pull request #111090 from kinvolk/rata/userns-support-2022 
Add support for user namespaces phase 1 (KEP 127)
 2022-08-03 13:05:47 -07:00
Kubernetes Prow Robot
d6a3a68afc
Merge pull request #111647 from bobbypage/bump_cadvisor_0_45_0 
vendor: Bump cAdvisor to v0.45.0
 2022-08-03 11:11:53 -07:00
Rodrigo Campos
8dc98c9b8e Update autogenerated files 
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
b1eaf6a2d9 tests: add e2e tests for userns 
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
138e80819e kubelet: set user namespace options 
Set the user namespace options to use for the pod.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
67b38ffe6e kubelet: propagate errors from namespacesForPod 
it is a preparatory change for the next commit.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
695b30e91c volume: use GetHostIDsForPod() 
This commit only changes the UID/GID if user namespaces is enabled. When
it is enabled, it changes it so the hostUID and hostGID that are mapped
to the currently used UID/GID. This is needed so volumes are created
with the hostUID/hostGID and the user inside the container can read
them.

If user namespaces are disabled for this pod, this is a no-op: there is
no user namespace mapping, so the hostUID/hostGID are the same as inside
the container.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
d07c2688fe kubelet: add GetHostIDsForPod() 
In future commits we will need this to set the user/group of supported
volumes of KEP 127 - Phase 1.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
9b2fc639a0 kubelet: add GetUserNamespaceMappings to RuntimeHelper 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
63462285d5 kubelet: add userns manager 
it is used to allocate and keep track of the unique users ranges
assigned to each pod that runs in a user namespace.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
cf8164bccf apis: add validation for HostUsers 
This commit just adds a validation according to KEP-127. We check that
only the supported volumes for phase 1 of the KEP are accepted.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
David Porter
d9fda8ab3b vendor: Bump cAdvisor to v0.45.0 
Signed-off-by: David Porter <david@porter.me>
 2022-08-03 09:47:06 -07:00
Kubernetes Prow Robot
1a916f278b
Merge pull request #111668 from endocrimes/revert-111627-trim_report 
Revert "e2e: Trim junit reporter to adapt with testgrid"
 2022-08-03 07:49:53 -07:00
Danielle
5b312246c8
Revert "e2e: Trim junit reporter to adapt with testgrid" 2022-08-03 15:45:09 +02:00
Kubernetes Prow Robot
49bcbe648d
Merge pull request #111613 from dims/avoid-hardcoding-os-and-arch-installing-etcd 
Avoid hard coding Operating System and Architecture in hack/lib/etcd.sh
 2022-08-03 06:17:53 -07:00
Kubernetes Prow Robot
cf777ab782
Merge pull request #111627 from chendave/trim_report 
e2e: Trim junit reporter to adapt with testgrid
 2022-08-03 04:51:52 -07:00
Giuseppe Scrivano
482e76dc2c features: add UserNamespacesSupport feature 
define a feature gate for the user namespaces support.  The feature is
not enabled by default.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 13:18:11 +02:00
Kubernetes Prow Robot
aea9f9887d
Merge pull request #111645 from vinaykul/restart-free-pod-vertical-scaling-cri 
CRI changes to support in-place pod resize
 2022-08-02 21:27:51 -07:00
Natasha Sarkar
83c3c37a87
Update kubectl kustomize to kyaml/v0.13.9, cmd/config/v0.10.9, api/v0.12.1, kustomize/v4.5.7 (#111606) 2022-08-02 20:13:51 -07:00
Kubernetes Prow Robot
cb41d5002c
Merge pull request #111061 from pacoxu/key-encipherment-optional 
modify the signing/approving controller to tolerate either set of usages for kubelet client and serving certificates
 2022-08-02 18:55:51 -07:00
Kubernetes Prow Robot
182e0989ec
Merge pull request #111646 from alculquicondor/fix_failed_suceeded 
Fix JobTrackingWithFinalizers when a pod succeeds after the job fails
 2022-08-02 17:45:52 -07:00
Aldo Culquicondor
ca8cebe5ba Fix JobTrackingWithFinalizers when a pod succeeds after the job fails 
Change-Id: I3be351fb3b53216948a37b1d58224f8fbbf22b47
 2022-08-02 19:33:06 -04:00
Kubernetes Prow Robot
6fbeacdf73
Merge pull request #111435 from soltysh/cronjob_timezone_beta 
Promote CronJobTimeZone to beta
 2022-08-02 16:23:51 -07:00
Vinay Kulkarni
09fb5da465 CRI changes to support implementation of in-place pod resize (generated files) 2022-08-02 15:44:52 -07:00
Vinay Kulkarni
007d93ad08 Handle UpdateContainerResources for Windows in v1alpha2 2022-08-02 15:31:00 -07:00
Vinay Kulkarni
0ef263c3b0 CRI changes to support implementation of in-place pod resize. 
KEP: /enhancements/keps/sig-node/1287-in-place-update-pod-resources
 2022-08-02 15:08:25 -07:00
Kubernetes Prow Robot
90f9a52db6
Merge pull request #111467 from RomanBednar/retro-sc-assignment 
Allow retroactive storage class assigment to PVCs
 2022-08-02 15:05:57 -07:00
Kubernetes Prow Robot
236fd8efba
Merge pull request #111448 from cici37/testForCelBeta 
Move e2e test from alpha with feature promoted to beta
 2022-08-02 15:05:45 -07:00
Giuseppe Scrivano
9e9b23fd3c
pkg/apis, staging: add HostUsers to pod spec 
It is used to request that a pod runs in a unique user namespace.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-02 23:47:58 +02:00
Giuseppe Scrivano
eee5fa8b8d
volume: use the effective uid 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-02 23:47:58 +02:00
Paco Xu
e6176c28b7 modify the signing/approving controller to tolerate either set of usages for kubelet client and serving certificates 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-08-03 05:12:04 +08:00
Kubernetes Prow Robot
8f3b2813dc
Merge pull request #111642 from harche/evented_pleg_cri_changes 
Update CRI API to support Evented PLEG
 2022-08-02 13:59:16 -07:00
Kubernetes Prow Robot
1de16be28f
Merge pull request #111462 from jprzychodzen/controllers 
Enable 'running_managed_controllers' for KCM/CCM controllers: routes, services and cloud-node
 2022-08-02 13:59:09 -07:00
Kubernetes Prow Robot
369a465fae
Merge pull request #111301 from mattcary/migration-feature 
Upgrade CSIMigrationGCE feature gate to GA
 2022-08-02 13:58:57 -07:00
Kubernetes Prow Robot
9fb1f67af7
Merge pull request #111278 from arpitsardhana/master 
KEP-3327: Add CPUManager policy option to align CPUs by Socket instead of by NUMA node
 2022-08-02 13:58:45 -07:00
Kubernetes Prow Robot
448e48b8a6
Merge pull request #111633 from pohly/ginkgo-no-color 
ginkgo: disable color escape sequences by default when not connected to a terminal
 2022-08-02 12:48:25 -07:00
Kubernetes Prow Robot
22eab136f6
Merge pull request #111557 from alexzielenski/update-smd-422 
update smd to 4.2.3
 2022-08-02 12:48:17 -07:00
Kubernetes Prow Robot
96439a0c3c
Merge pull request #111547 from kerthcet/feat/mark-cc-v1beta2-deprecated 
Deprecate kubescheduler ComponentConfig v1beta2
 2022-08-02 12:48:06 -07:00
Kubernetes Prow Robot
d4c7542878
Merge pull request #111522 from ii/promote-namespace-status-test 
Promote NamespaceStatus endpoints test +3 Endpoints
 2022-08-02 12:47:54 -07:00
Roman Bednar
2f533cd572 add tests for pv controller 2022-08-02 20:52:04 +02:00
Roman Bednar
a0a5aa3680 allow retroactive storage class assignment in pv controller 2022-08-02 20:52:04 +02:00
Roman Bednar
42b24b7baf move storage class helpers to utils 2022-08-02 20:52:04 +02:00
Roman Bednar
caf2f41084 add tests for pvc update validation 2022-08-02 20:52:04 +02:00
Roman Bednar
f051cc7e0e allow pvc spec StorageClass name mutation if the feature is enabled 2022-08-02 20:52:04 +02:00
Roman Bednar
0f0d61f91c pass down feature gate to PVC validation opts 2022-08-02 20:52:04 +02:00
Roman Bednar
d19f6fba29 add RetroactiveDefaultStorageClass feature gate 2022-08-02 20:52:04 +02:00
Kubernetes Prow Robot
bc4c4930ff
Merge pull request #111475 from alculquicondor/clear_pod_disruption 
Add worker to clean up stale DisruptionTarget condition
 2022-08-02 11:38:18 -07:00
Kubernetes Prow Robot
d40bc18461
Merge pull request #105126 from sallyom/tracing-kubelet 
kubelet tracing instrumentation
 2022-08-02 11:38:06 -07:00
Kubernetes Prow Robot
c20ab84692
Merge pull request #104386 from shawnhanx/ut_2 
Add unit tests for registry/admissionregistration/validatingwebhookconfiguration
 2022-08-02 11:37:54 -07:00
Harshal Patil
668b2440c5 Update CRI API to support Evented PLEG 
Signed-off-by: Harshal Patil <harpatil@redhat.com>
 2022-08-03 00:01:13 +05:30