Commit Graph

109852 Commits

Author SHA1 Message Date
Lukasz Szaszkiewicz
debace151c cacher: add support for consistent streaming
design details https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/3157-watch-list#design-details
2022-07-28 11:36:01 +02:00
muyangren2
fc6bbf991e add test in cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go for ValidatePort
modify
2022-07-28 17:12:14 +08:00
jupblb
3c46482eb0
Switch initial/final seats type to uint64 2022-07-28 10:48:40 +02:00
cpanato
a94b67c0a0
drop configs for v1.21 due to EOL
Signed-off-by: cpanato <ctadeu@gmail.com>
2022-07-28 10:40:29 +02:00
cpanato
f64841e4d6
Update publishing-bot rules for go1.17.12 and go1.18.4
Signed-off-by: cpanato <ctadeu@gmail.com>
2022-07-28 10:36:23 +02:00
HaoJie Liu
208a66847b Remove unnecessary use of fmt.Sprintf
Signed-off-by: HaoJie Liu <liuhaojie@beyondcent.com>
2022-07-28 16:02:09 +08:00
Dzmitry Pasiukevich
5b3222c540
Update OWNERS 2022-07-28 09:36:41 +02:00
Kubernetes Prow Robot
a4a22a2562
Merge pull request #111419 from muyangren2/json_assert
Fix test order staging/src/k8s.io/component-base/logs/json/json_test.go
2022-07-28 00:29:10 -07:00
Manjunath Kumatagi
095e961657
Update agnhost image to 2.40 2022-07-28 12:19:26 +05:30
Humble Chirammal
b87b7032af update image version of GlusterFS test
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-07-28 11:54:36 +05:30
Humble Chirammal
29ad028396 update base image version of ISCSI test image
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-07-28 11:53:45 +05:30
Humble Chirammal
c158fde1e5 update RBD test image base to Fedora 36
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-07-28 11:45:30 +05:30
dpasiukevich
4c43287ffe Update to latest kubedns and nodelocaldns images. 2022-07-28 07:55:37 +02:00
Kubernetes Prow Robot
1df7b3bed3
Merge pull request #111319 from brianpursley/kubectl-1242
Change kubectl diff to exclude managedFields by default
2022-07-27 19:27:10 -07:00
Kubernetes Prow Robot
3999794253
Merge pull request #111414 from chewong/chewong-emeritus
chore: move chewong to emeritus_approvers
2022-07-27 18:15:22 -07:00
Kubernetes Prow Robot
914406da51
Merge pull request #109601 from shiftstack/dirty_service
Prevent dirty service object leaking between reconciles
2022-07-27 18:15:10 -07:00
Matthew Wong
4068e44f28 Promote CSIMigrationAWS to GA 2022-07-27 16:01:34 -07:00
Nic Cope
0e5401c939 Disable the etcd3 client logger
This logger is responsible for 20% of the API server's memory usage when
many CRDs are installed. See the below issue for more context.

https://github.com/kubernetes/kubernetes/issues/111476

Signed-off-by: Nic Cope <nicc@rk0n.org>
2022-07-27 14:44:49 -07:00
Kubernetes Prow Robot
bdd2e47695
Merge pull request #111472 from deads2k/leases
allow namespace admins to use leases to encourage migration off of configmaps
2022-07-27 13:20:18 -07:00
Kubernetes Prow Robot
a2ffa21eed
Merge pull request #111451 from DangerOnTheRanger/cel-use-case-tests
Add examples of matchExpressions validation as unit tests
2022-07-27 13:20:11 -07:00
Kubernetes Prow Robot
1fe71e7f1b
Merge pull request #111255 from divyenpatel/declare-not-supported-vSphere-versions
declare unsupported vSphere versions for in-tree plugin
2022-07-27 13:20:04 -07:00
Kubernetes Prow Robot
9a73536ff2
Merge pull request #109070 from VilledeMontreal/feat/compSubresourceFlag
Add shell completion for new --subresource flag
2022-07-27 13:19:53 -07:00
Kubernetes Prow Robot
1663ec0851
Merge pull request #111249 from Octopusjust/k8s-pr6
test/e2e/common/node: fix several typo
2022-07-27 11:35:08 -07:00
Kubernetes Prow Robot
4e5711829c
Merge pull request #111228 from Abirdcfly/220716
clean unreachable code
2022-07-27 11:35:00 -07:00
Kubernetes Prow Robot
4cd1c80cea
Merge pull request #111139 from zhoumingcheng/master-u-v2
add unit test for pkg/kubelet/types/ func GetPodStartTime()
2022-07-27 11:34:52 -07:00
Kubernetes Prow Robot
08752b29e3
Merge pull request #110586 from tsisodia10/spell-check-docs
Fix grammar in K8s OpenAPI spec doc
2022-07-27 11:34:40 -07:00
Kubernetes Prow Robot
c27e82604e
Merge pull request #109217 from manugupt1/improve-mount-detection
Improved mount detection using openat2 for kernel 5.10+
2022-07-27 11:34:28 -07:00
Dan Winship
3fdece285b Add IPTablesOwnershipCleanup feature to disable kubelet iptables setup 2022-07-27 13:33:09 -04:00
Dan Winship
39bed84947 update "Networking should recreate its iptables rules" test
Don't assume kubelet will create KUBE-MARK-DROP; look for
KUBE-IPTABLES-HINT now instead.
2022-07-27 13:29:39 -04:00
Dan Winship
02c8210317 Clean up kubelet iptables error messages
Their syntax seems to have gotten mangled in the structured logging
migration...
2022-07-27 13:29:39 -04:00
Dan Winship
b7e977d497 Clean up kubelet iptables setup a bit
Remove some unnecessary code that distinguishes "IPv4-primary" vs
"IPv6-primary" despite it not having any effect.
2022-07-27 13:29:39 -04:00
Kubernetes Prow Robot
e092b6d27b
Merge pull request #111442 from ialidzhikov/k8s-utils@56c0de1e6f
Update `k8s.io/utils` to `9bab9ef40391`
2022-07-27 10:02:39 -07:00
Kubernetes Prow Robot
ec905a4611
Merge pull request #105919 from ravisantoshgudimetla/ps-restricted-updates
PodSecurity: OS based updates to restricted standard
2022-07-27 10:02:28 -07:00
David Eads
184356ae92 allow namespace admins to use leases to encourage migration off of configmaps 2022-07-27 12:58:34 -04:00
Brian Pursley
e88470c31f Change kubectl diff to exclude managedFields by default
Changes kubectl diff to exclude managedFields by default.
Adds a new --show-managed-fields flag that allows you to
include managed fields in the diff.
2022-07-27 12:53:32 -04:00
Kubernetes Prow Robot
610b7839a0
Merge pull request #111399 from Argh4k/i-111290
Modify timeout for etcd healthcheck
2022-07-27 07:36:28 -07:00
Jakub Przychodzeń
7dd4e89a99 Enable 'running_managed_controllers' for KCM nodeipam controller 2022-07-27 14:30:40 +00:00
Kubernetes Prow Robot
ce336550f1
Merge pull request #111444 from wojtek-t/prevent_leaking_goroutines
Prevent from future leaks of goroutines in integration tests
2022-07-27 06:31:52 -07:00
Kubernetes Prow Robot
015fb765b8
Merge pull request #111415 from logicalhan/extended-stability
Add support for summary metrics for stablity checks
2022-07-27 06:31:41 -07:00
Kubernetes Prow Robot
9ad4c5c0a0
Merge pull request #110670 from gnufied/fix-pod-deletion-terminating
Fix pod stuck in termination state when mount fails or gets skipped after kubelet restart
2022-07-27 06:31:29 -07:00
Maciej Wyrzuc
b42045a64f Add additional etcd check to readyz with 2 seconds timeout. 2022-07-27 12:23:02 +00:00
Kubernetes Prow Robot
ce433f87b4
Merge pull request #110266 from danwinship/minimize-prep-reorg
iptables proxy reorg in preparation for minimizing iptables-restore
2022-07-27 04:06:30 -07:00
Xuzheng Chang
ffe4ae23f3 fix ambiguous comments of priorityClass update validation 2022-07-27 15:30:47 +08:00
Nic Cope
c5957c284e Use SHA256 sums to verify discovery cache integrity
This is a little more computationally expensive but reduces the
likelihood of a potentially malicious cache collision.

Signed-off-by: Nic Cope <nicc@rk0n.org>
2022-07-27 00:13:30 -07:00
Nic Cope
288a17fd33 Use sha256 to sanitize discovery HTTP cache keys
This helps avoid (potentially malicious) collisions when reading and
writing cache data.

Signed-off-by: Nic Cope <nicc@rk0n.org>
2022-07-27 00:13:30 -07:00
Nic Cope
7a2c6a432f Use checksums instead of fsyncs to manage discovery cache corruption
Part of the API discovery cache uses an HTTP RoundTripper that
transparently caches responses to disk. The upstream implementation of
the disk cache is hard coded to call Sync() on every file it writes.
This has noticably poor performance on modern Macs, which ask their disk
controllers to flush all the way to persistant storage because Go uses
the `F_FULLFSYNC` fnctl. Apple recommends minimizing this behaviour in
order to avoid degrading performance and increasing disk wear.

The content of the discovery cache is not critical; it is indeed just a
cache and can be recreated by hitting the API servers' discovery
endpoints. This commit replaces upstream httpcache's diskcache
implementation with a similar implementation that can use CRC-32
checksums to detect corrupted cache entries at read-time. When such an
entry is detected (e.g. because it was only partially flushed to
permanent storage before the host lost power) the cache will report a
miss. This causes httpcache to fall back to its underlying HTTP
transport (i.e. the real API server) and re-cache the resulting value.

Apart from adding CRC-32 checksums and avoiding calling fsync this
implementation differs from upstream httpcache's diskcache package in
that it uses FNV-32a hashes rather than MD5 hashes of cache keys in
order to generate filenames.

Signed-off-by: Nic Cope <nicc@rk0n.org>
2022-07-27 00:13:30 -07:00
Nic Cope
eace469065 Add a benchmark for the discovery cache RoundTripper
This benchmark is intended to demonstrate a performance improvement
gained by removing fsyncs. Refer to the below issue for more detail.

https://github.com/kubernetes/kubernetes/issues/110753

Signed-off-by: Nic Cope <nicc@rk0n.org>
2022-07-27 00:13:30 -07:00
Dave Chen
819c12276b kubeadm: move getClientSet to cmd utils
`getClientSet` is used by both cmd `token` and `reset`, move this
method to cmd utils to decouple it from one specific cmd.

Signed-off-by: Dave Chen <dave.chen@arm.com>
2022-07-27 15:13:09 +08:00
HaoJie Liu
2247217c0e cleanup: fix some error log capitalization
Signed-off-by: HaoJie Liu <liuhaojie@beyondcent.com>
2022-07-27 15:07:03 +08:00
Manu Gupta
44bea35804 Return unwrapped ErrNotExist when EvalSymlink returns PathError
By default filepath.EvalSymlink returns PathError. When a file is
not found, we should unwrap it and return ErrNotExist as this
is what this function expects.

Similar to the comment at:
https://github.com/kubernetes/kubernetes/pull/109217#discussion_r896272206
2022-07-26 23:24:23 -07:00