Oz N Tiram
552e1549ba
Build: improve documentation of build artifacts
...
As described in #100596 this can surprise newcomers.
This adds a paragraph which explains where are the build
artifacts are and how to use the docker images produced
by the build system.
2021-06-29 23:29:35 +02:00
Kubernetes Prow Robot
92726bf0f3
Merge pull request #103248 from sttts/sttts-crd-converison-test
...
apiextension: fix typo and test case in conversion integration test
2021-06-29 11:20:03 -07:00
Kubernetes Prow Robot
f2e47502fd
Merge pull request #103076 from wzshiming/fix/flake-gracefulnodeshutdown-dbus
...
Fix the GracefulNodeShutdown e2e test running on dbus that refuses to manually start
2021-06-29 11:19:50 -07:00
Kubernetes Prow Robot
dae03ba921
Merge pull request #99364 from p0lyn0mial/upstream-delegated-authn-metrics
...
adds metrics for delegated authn
2021-06-29 11:19:38 -07:00
Kubernetes Prow Robot
01819dd322
Merge pull request #102028 from chrishenzie/read-write-once-pod-access-mode
...
ReadWriteOncePod access mode for PVs and PVCs
2021-06-29 10:04:40 -07:00
Kubernetes Prow Robot
756203fda0
Merge pull request #102576 from dobsonj/101911
...
kubelet: do not call RemoveAll on volumes directory for orphaned pods
2021-06-29 06:54:40 -07:00
Kubernetes Prow Robot
3d87fd6a9a
Merge pull request #103273 from XudongLiuHarold/fix-loadbalancerclass-test-name
...
fix loadbalancerclass integration test funcation name
2021-06-29 05:40:41 -07:00
Kubernetes Prow Robot
ebcb4a2d88
Merge pull request #103104 from pacoxu/npd-088
...
update npd to v0.8.8
2021-06-29 02:30:40 -07:00
Dr. Stefan Schimanski
903d76f558
apiextension: fix typo and test case in conversion integration test
2021-06-29 11:03:24 +02:00
Lukasz Szaszkiewicz
322c18c147
adds metrics for authentication webhook
2021-06-29 09:49:14 +02:00
Kubernetes Prow Robot
1151dc1ee5
Merge pull request #103138 from sbangari/winDsrLoadBalancerServiceFix
...
Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default
2021-06-28 23:26:51 -07:00
Kubernetes Prow Robot
adf561fb96
Merge pull request #96699 from tengqm/kubelet-config-norm
...
Tweak kubelet config comments for consistency and readability
2021-06-28 23:26:40 -07:00
Chris Henzie
b7d732d3d6
Map PV access modes to CSI access modes
2021-06-28 21:25:38 -07:00
Chris Henzie
8db83c89aa
CSI client helpers for NodeGetCapabilities
2021-06-28 21:25:37 -07:00
Chris Henzie
5f98f6cfa4
Update helper methods to print and parse ReadWriteOncePod access mode
2021-06-28 21:25:37 -07:00
Chris Henzie
2b98f8edc7
Enforce ReadWriteOncePod access mode during mount
2021-06-28 21:25:37 -07:00
Chris Henzie
7491d01651
Validate use of the ReadWriteOncePod access mode
...
This will only work if the "ReadWriteOncePod" feature gate is enabled.
Additionally, this access mode will only work when used by itself. This
is because when ReadWriteOncePod is used on a PV or PVC, it renders all
other access modes useless since it is most restrictive.
2021-06-28 21:25:37 -07:00
Chris Henzie
48ba5020a2
ReadWriteOncePod PV access mode and feature gate
2021-06-28 21:25:35 -07:00
Chris Henzie
358d2e0bd1
Export contains access mode helper method
...
Will be used during validation of PVs and PVCs
2021-06-28 21:24:56 -07:00
Chris Henzie
83e3ee780a
Rename access mode contains helper method
...
So it is consistent with other methods performing the same check (one
for internal and external types)
2021-06-28 21:24:56 -07:00
Chris Henzie
dba8ee229e
Add validation options for PersistentVolumeClaims
...
These options provide an extensible way of configuring how PVCs are
validated
2021-06-28 21:24:55 -07:00
Chris Henzie
9ba0eed7c5
Add validation options for PersistentVolumes
...
These options provide an extensible way of configuring how PVs are
validated
2021-06-28 21:24:55 -07:00
Kubernetes Prow Robot
d92f6c424d
Merge pull request #103099 from liggitt/podsecurity
...
PodSecurity admission
2021-06-28 20:46:52 -07:00
Kubernetes Prow Robot
db3a216fbb
Merge pull request #97238 from andrewsykim/kube-proxy-handle-terminating
...
kube-proxy handle terminating endpoints
2021-06-28 20:46:40 -07:00
Harold
477aef192f
fix loadbalancerclass integration test funcation name
2021-06-28 20:07:02 -07:00
Kubernetes Prow Robot
9866f9364e
Merge pull request #103112 from fromanirh/cpumanager-e2e-fixes
...
e2e: node: remove obsolete AlphaFeature tag
2021-06-28 19:36:39 -07:00
pacoxu
ffdf3f5007
update node-problem-detector npd to v0.8.8
...
Signed-off-by: pacoxu <paco.xu@daocloud.io>
Co-Authored-By: vteratipally <vteratipally@users.noreply.github.com>
2021-06-29 09:35:32 +08:00
Kubernetes Prow Robot
ee459b8969
Merge pull request #103265 from fromanirh/e2e-node-fix-npd
...
e2e: node: fix npd test failures bumping image
2021-06-28 17:03:50 -07:00
Kubernetes Prow Robot
15d3c3a5e2
Merge pull request #102821 from ehashman/phase-fix
...
Ensure kubelet statuses can handle loss of container runtime state
2021-06-28 15:38:40 -07:00
Kubernetes Prow Robot
38f012320f
Merge pull request #101947 from cynepco3hahue/memory_manager_move_to_beta
...
memory manager: move to beta
2021-06-28 15:38:28 -07:00
Jordan Liggitt
6f9011a4ae
PodSecurity: vendor: generated files
...
Co-authored-by: Tim Allclair <timallclair@gmail.com>
2021-06-28 17:46:00 -04:00
Jordan Liggitt
b8bdcf6441
PodSecurity: update dependencies
2021-06-28 17:46:00 -04:00
Jordan Liggitt
724fbfbb69
PodSecurity: test: generate fixture data
2021-06-28 17:46:00 -04:00
Jordan Liggitt
93c6f8969a
PodSecurity: check: addCapabilities
2021-06-28 17:45:59 -04:00
Jordan Liggitt
3733e209c9
PodSecurity: check: allowPrivilegeEscalation
2021-06-28 17:45:36 -04:00
Jordan Liggitt
a8206ef58b
PodSecurity: check: runAsNonRoot
2021-06-28 17:45:36 -04:00
Jordan Liggitt
12ea930aae
PodSecurity: check: selinux
...
Co-authored-by: Tim Allclair <timallclair@gmail.com>
2021-06-28 17:45:36 -04:00
Jordan Liggitt
42dc070b47
PodSecurity: kube-apiserver integration test
2021-06-28 17:45:36 -04:00
Jordan Liggitt
f39bddd767
PodSecurity: kube-apiserver: admission wiring
2021-06-28 17:45:35 -04:00
Jordan Liggitt
65a42a483c
PodSecurity: pkg/features: feature gate
2021-06-28 17:45:35 -04:00
Tim Allclair
02a6187757
PodSecurity: admission: admission library
...
Co-authored-by: Jordan Liggitt <liggitt@google.com>
2021-06-28 17:45:35 -04:00
Jordan Liggitt
29f5ebf1fe
PodSecurity: test: framework
2021-06-28 17:45:35 -04:00
Tim Allclair
1436d35779
PodSecurity: policy: registry
...
Co-authored-by: Jordan Liggitt <liggitt@google.com>
2021-06-28 17:45:35 -04:00
Jordan Liggitt
5183ea0bf0
PodSecurity: metrics: stub interface
...
Co-authored-by: Tim Allclair <timallclair@gmail.com>
2021-06-28 17:45:35 -04:00
Jordan Liggitt
a3ba921b16
PodSecurity: admission/api: configuration API
...
Admission configuration:
- user, namespace, runtimeclass exemptions
- default policy levels and versions
- defaulting
- load and serialization helpers
Co-authored-by: Tim Allclair <timallclair@gmail.com>
2021-06-28 17:45:34 -04:00
Tim Allclair
9ce17c8773
PodSecurity: api: runtime API
...
Label keys, values, and parsing helper functions
Co-authored-by: Jordan Liggitt <liggitt@google.com>
2021-06-28 17:45:34 -04:00
Kubernetes Prow Robot
bb309b5706
Merge pull request #103249 from wangyysde/update-kubeadm-help-msg
...
correct example command of kubeadm help
2021-06-28 14:24:28 -07:00
Kubernetes Prow Robot
51e1969d9c
Merge pull request #103133 from marwanad/allow-scheduler-to-patch-conditions
...
switch scheduler to generate the merge patch on pod status instead of the full pod
2021-06-28 12:46:28 -07:00
Kubernetes Prow Robot
556f8500ff
Merge pull request #102859 from MikeSpreitzer/add-r-metrics
...
Add APF metrics about R(t)
2021-06-28 11:40:28 -07:00
Kubernetes Prow Robot
cd5d3e690e
Merge pull request #103153 from josephburnett/v2beta2
...
Move HPA v2beta2 deprecation to 1.23.
2021-06-28 10:33:25 -07:00