github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-31 15:25:57 +00:00
Code Issues Projects Releases Wiki Activity
128,878 Commits 42 Branches 7,905 Tags 1.3 GiB
6a59dcfa1d
Commit Graph

128878 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dan Winship
b031258969 Improve utiliptables error handling when there's no iptables binary 
If `iptables --version` failed, utiliptables.New() would log a warning
and assume that the problem was that you had an implausibly ancient
version of iptables installed. Change it to instead assume that the
problem is that you don't have iptables installed at all (and don't
log anything; the caller will discover this later).
 2025-03-08 10:11:16 -05:00
Dan Winship
f1d0eb4fe4 Add a unit test for utiliptables.New() 2025-03-08 10:11:16 -05:00
Dan Winship
9c98d29795 Remove exec arg from utiliptables.New 
It was there so you could mock the results via a FakeExec, but these
days any unit tests outside of pkg/util/iptables that want to mock
iptables results use a FakeIPTables instead of a real
utiliptables.Interface with a FakeExec.
 2025-03-08 10:11:15 -05:00
Yuki Iwai
e5e76d7c7c chore: Fix incorrect AppArmorProfile.Type marker 
Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
 2025-03-08 15:47:13 +09:00
Kubernetes Prow Robot
0eaee48ecb
Merge pull request #130569 from dims/update-to-latest-cadvisor-v0.52.0 
Update to latest cadvisor @ v0.52.1 and new opencontainer/cgroups and drops opencontainers/runc
 2025-03-07 17:09:51 -08:00
Kubernetes Prow Robot
1d88598555
Merge pull request #130561 from danwinship/more-misc-proxy-cleanup 
more misc proxy cleanup
 2025-03-07 17:09:44 -08:00
Kubernetes Prow Robot
6216201e16
Merge pull request #130485 from aramase/aramase/f/using_sar_for_node_aud_restriction 
Enable dynamic configuration of service account names and audiences for token requests in node audience restriction
 2025-03-07 15:35:45 -08:00
Anish Ramasekar
3f5d30543d
Add integration tests for using SAR with node audience restriction 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2025-03-07 16:25:18 -06:00
Anish Ramasekar
b09ca8c2c8
Use SAR to allow dynamic audiences for node audience restriction 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2025-03-07 16:25:14 -06:00
Kubernetes Prow Robot
2effa5e3cf
Merge pull request #130352 from natasha41575/kubelet-pod-observedgen 
[FG:PodObservedGenerationTracking] Kubelet sets pod `status.observedGeneration` when updating the pod status
 2025-03-07 13:33:45 -08:00
Kubernetes Prow Robot
cd060979bf
Merge pull request #130651 from ahrtr/rc2_20250307 
Build etcd v3.6.0-rc.2 image
 2025-03-07 12:27:53 -08:00
Kubernetes Prow Robot
83b696c720
Merge pull request #130125 from marosset/windows-unit-tests-kubelet-eviction-fixes 
fixing k8s.io/kubernetes/pkg/kubelet/eviction unit tests on Windows
 2025-03-07 12:27:46 -08:00
Davanum Srinivas
97a54dc4b0
update to v1.22.0-rc.0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2025-03-07 13:45:34 -05:00
Kubernetes Prow Robot
a6ad9aa8ad
Merge pull request #130623 from marosset/fix-pkg-volume-util-subpath-unit-tests-windows 
Fixing unit tests in k8s.io/kubernetes/pkg/volume/util/subpath on Win…
 2025-03-07 10:39:48 -08:00
Benjamin Wang
337f1c211d Build etcd v3.6.0-rc.2 image 
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
 2025-03-07 17:48:47 +00:00
Joe Betz
4146900428 Add normalization support to CEL semver library, enable in base env 2025-03-07 12:33:04 -05:00
Kubernetes Prow Robot
0e2a2afc4c
Merge pull request #130635 from zimnx/fix-websocket-read-error 
Return correct error upon websocket message read failure
 2025-03-07 08:45:53 -08:00
Kubernetes Prow Robot
ed99f7dec6
Merge pull request #130153 from wongchar/uncore-v1.33 
node: cpumanager: prefer-align-cpus-by-uncorecache: add test cases and CPU topologies
 2025-03-07 08:45:45 -08:00
Dan Winship
7316d83137 Add warnings to all IP/CIDR-valued fields 2025-03-07 11:00:11 -05:00
Dan Winship
d4c55d06cf Export endpoints, endpointslice, mirroring controller names 2025-03-07 10:52:54 -05:00
Dan Winship
610adebdb7 Add utilvalidation.GetWarningsForIP and .GetWarningsForCIDR 
(And port the existing Service warnings to use them.)
 2025-03-07 10:44:19 -05:00
Dan Winship
34717000da Split out IP validation functions into their own file 
(No code changes.)
 2025-03-07 10:44:19 -05:00
Dan Winship
5e067b6781 Minor IP/CIDR validation cleanups/fixups 
Remove unnecessary duplicate checks for pod.spec.podIPs /
pod.spec.hostIPs / node.spec.podCIDRs. (A list that is known to
contain exactly 2 values, where one is IPv4 and the other is IPv6,
cannot possibly contain duplicates.)

Fix a bad CIDR in the NetworkPolicy validation tests.

Fix some comment typos.
 2025-03-07 10:44:19 -05:00
Dan Winship
b62503dd66 Remove a dead error check in winkernel 
The cmd/kube-proxy code never passes nil for the node IP any more.
 2025-03-07 10:43:58 -05:00
Dan Winship
f001b3916d Remove a stale comment in metaproxier.go 
(NodeHandler was implemented in metaProxier a long time ago.)
 2025-03-07 10:43:56 -05:00
Dan Winship
303593cafe Fix some pkg/proxy comments 
Remove a bunch of comments that are either inaccurate ("the proxier
can only be tested by e2e tests") or weirdly overspecific about
obvious details ("the proxier will not exit if an iptables call
fails").
 2025-03-07 10:43:55 -05:00
Dan Winship
b5e9a8262e Remove exec arg from utilipset.New 
Historically it took an exec argument so you could pass a FakeExec to
mock its behavior in unit tests, but it has a fake implementation now
that is much more useful for unit tests than trying to use the real
implementation with a fake exec. (The unit tests still use fake execs,
but they don't need to use a public constructor.) So remove the exec
args from the public constructors.
 2025-03-07 10:43:52 -05:00
Dan Winship
36f5820ad1 Remove some unused proxy args/fields 
Remove the utilexec.Interface args from the iptables/ipvs constructors
(which have been unused since the conntrack cleanup code was ported to
netlink).

Remove the EventRecorder fields from the iptables/ipvs Proxiers, which
have been unused since we removed the port-opener code in 2022.

Remove the strictARP field from the ipvs Proxier, which has apparently
always been unused (strictARP is only looked at at construct time).
 2025-03-07 10:43:45 -05:00
Dan Winship
13f0449e4c Fix up kube-proxy import ordering/organization. 2025-03-07 10:43:43 -05:00
Oleksandr Redko
834a0d92cf hack: fix settings for forbidigo linter 2025-03-07 17:27:03 +02:00
Kubernetes Prow Robot
ea49618a74
Merge pull request #130489 from p0lyn0mial/upstream-fake-client-pass-opts 
client-gen/fake: pass ListOptions to Watch method
 2025-03-07 07:25:46 -08:00
Joe Betz
c510b93d28 Add tolerant parse option to semver 2025-03-07 10:10:57 -05:00
Kubernetes Prow Robot
4468565250
Merge pull request #130470 from p0lyn0mial/upstream-fake-client-opts-watch 
client-go/gentype/fake: sets opts.Watch true
 2025-03-07 05:21:52 -08:00
Kubernetes Prow Robot
74cb75c884
Merge pull request #130396 from bart0sh/PR173-e2e_node-fix-getting-pod-logs 
e2e_node: remote: fix getting pod logs
 2025-03-07 05:21:45 -08:00
Kubernetes Prow Robot
cf07a65c43
Merge pull request #130612 from carlory/fix-sleep-infinity-on-windows 
Fix non-portable use of "sleep infinity"
 2025-03-07 04:15:52 -08:00
Kubernetes Prow Robot
43560c620a
Merge pull request #130522 from googs1025/feature/integration_filter_TaintToleration 
chore(scheduler): add filter integration tests for missing part plugins: TaintToleration plugin
 2025-03-07 04:15:45 -08:00
Maciej Zimnoch
e1d3aaf861
Return correct error upon websocket message read failure 
This fixes variable passed as error reason upon websocker message read failure.
Previously a wrong variable was passed resulting in returning failure with nil error reason.
 2025-03-07 12:53:50 +01:00
Lukasz Szaszkiewicz
325a54f73d ./hack/update-codegen.sh 2025-03-07 12:43:44 +01:00
Lukasz Szaszkiewicz
d6ea91cf93 client-gen/fake: pass ListOptions to Watch method 2025-03-07 12:43:39 +01:00
Kubernetes Prow Robot
1c9840c58e
Merge pull request #130243 from rata/revert-userns-kernel-check 
Revert userns kernel check
 2025-03-07 02:35:44 -08:00
Kubernetes Prow Robot
c7088e6437
Merge pull request #130260 from Bowser1704/fix/skip-best-effort-pods 
fix(scheduler): skip best-effort pods in BalancedAllocation PreScore
 2025-03-07 01:11:45 -08:00
Patrick Ohly
dfb8ab6521 DRA scheduler: fail in PreFilter when DRAPrioritizedList is disabled and used 
This was previously caught during Filter by the allocator check. Doing it
sooner avoids wasting resources on a pod which ultimately cannot get scheduled.

While at it, be a bit more clear about which feature is disabled. The user
might not know that.
 2025-03-07 08:45:32 +01:00
carlory
0a32e7d6e7 make sure that container is running when execute kubelet exec command 
Signed-off-by: carlory <baofa.fan@daocloud.io>
 2025-03-07 14:42:21 +08:00
Hongqi Yu
d76f40d2f3 fix(scheduler): skip best-effort pods in BalancedAllocation PreScore 
- Refactored `PreScore` method in `balanced_allocation.go` to skip
  best-effort pods.
- Updated unit tests in `balanced_allocation_test.go` to check for
  the new status codes.
 2025-03-07 13:13:02 +08:00
Kubernetes Prow Robot
672f57e2a4
Merge pull request #129909 from YamasouA/refactor/scheduler_perf 
Refactor scheduler_perf runWorkload
 2025-03-06 21:01:52 -08:00
Kubernetes Prow Robot
9d45ea8b9d
Merge pull request #128586 from mortent/DRAPrioritizedList 
Prioritized Alternatives in Device Requests
 2025-03-06 21:01:44 -08:00
Kubernetes Prow Robot
9625c4a2d4
Merge pull request #130627 from jpbetz/declarative-validation-cleanups 
Add all extra_pkgs needed by main API types to validation-gen
 2025-03-06 19:55:44 -08:00
googs1025
032b05114c chore(scheduler): add filter integration tests for missing part plugins: TaintToleration plugin 2025-03-07 09:33:49 +08:00
Joe Betz
9765fe4abb Add all extra_pkgs needed by main API types to validation-gen 2025-03-06 19:45:17 -05:00
Natasha Sarkar
0140842add update testdata for roundtrip and client tests 2025-03-06 22:31:15 +00:00