github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 19:56:01 +00:00
Code Issues Projects Releases Wiki Activity
114,957 Commits 42 Branches 7,905 Tags 1.3 GiB
6df64241d0
Commit Graph

114957 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kevin Klues
685688c703 Update DRAManager to allow multiple plugins to process a single claim 
Right now, the v1alpha1 API only passes enough information for one plugin to
process a claim, but the v1alpha2 API will allow for multiple plugins to
process a claim. This commit prepares the code for this upcoming change.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
569ed33d78 Add additional tests to DRAManager checkpointing 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
fd7370b84d Update DRAManager checkpoint to store a map for CDIDevices 
The key of the map is the KubeletPluginName where the CDIDevices originate.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
273a8ffad1 Rename CdiDevices to CDIDevices in dramanager checkpoint 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Alexander Constantinescu
95df201d36 [KCCM]: service controller - Add node.deletionTimestamp predicate 2023-03-13 13:36:55 +01:00
Tim Hockin
0ccab9804a Remove obviously redundant tests 2023-03-13 13:34:48 +01:00
Tim Hockin
f56e62ca14 Add helper funcs to clean up svc controller tests 2023-03-13 13:34:48 +01:00
Damien Grisonnet
d00364902b events: fix EventSeries starting count discrepancy 
The kube-apiserver validation expects the Count of an EventSeries to be
at least 2, otherwise it rejects the Event. There was is discrepancy
between the client and the server since the client was iniatizing an
EventSeries to a count of 1.

According to the original KEP, the first event emitted should have an
EventSeries set to nil and the second isomorphic event should have an
EventSeries with a count of 2. Thus, we should matcht the behavior
define by the KEP and update the client.

Also, as an effort to make the old clients compatible with the servers,
we should allow Events with an EventSeries count of 1 to prevent any
unexpected rejections.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
 2023-03-13 13:31:07 +01:00
Claudiu Belu
e3edf13486 unittests: Adds winstats unittests 
The module pkg/kubelet/winstats has almost no coverage for Windows. This
commit adds unit tests to cover the mentioned module.
 2023-03-13 12:08:15 +00:00
Saza
d34b0275a3
dynamic resource allocation: add timeouts for communiction with plugin (#114844) 
* add timeouts for communication with dra plugin

* move timeout constant to k8s.io/kubernetes/pkg/kubelet/cm/util

* move settings of timeout to pkg/kubelet/plugin/dra/plugin/client.go

* remove timeout constant
 2023-03-13 04:34:56 -07:00
Kubernetes Prow Robot
185cd95b9c
Merge pull request #113443 from yangjunmyfm192085/namespace-contextual-logging 
namespace controller: use contextual logging
 2023-03-13 04:34:44 -07:00
ZhangKe10140699
66bda6c092 deployment controller: use contextual logging 2023-03-13 19:00:44 +08:00
Arnaud Meukam
033f4b1772
Stop clear non-existant retention policy rule 
This command is now not necessary and create some noise on the trail
logs.
See: https://github.com/kubernetes/k8s.io/pull/4902

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-13 11:35:10 +01:00
mtardy
36a2156033 Add a SecurityContextDeny feature gate disabled by default 
Put plugin registration behind the feature gate.
 2023-03-13 10:18:08 +01:00
John Kwiatkoski
69465d2949
Adding test coverage for NewPodContainerManager() (#110220) 2023-03-13 02:08:44 -07:00
Sascha Grunert
1c0a5aa84a
Link apiextensions-apiserver binary statically 
The apiextensions-apiserver itself only depends on the following runtime
libraries when linking dynamically:

```
> ldd _output/bin/apiextensions-apiserver
        linux-vdso.so.1 (0x00007ffd1b39f000)
        libpthread.so.0 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/libpthread.so.0 (0x00007fe836022000)
        libc.so.6 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/libc.so.6 (0x00007fe835e00000)
        /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/ld-linux-x86-64.so.2 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib64/ld-linux-x86-64.so.2 (0x00007fe836029000)
```

We now move the apiextensions-apiserver to become a static binary as
well to achieve maximum portability.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2023-03-13 09:00:36 +01:00
Tom Wieczorek
ffcf653e06
Properly align synctrack.SingleFileTracker struct 
count is used with atomic operations so it must be 64-bit aligned,
otherwise atomic operations will panic. Having it at the top of the
struct will guarantee that, even on 32-bit arches.

This fixes panics like that one observed in kube-apiserver:

    E0310 13:48:47.476124     676 runtime.go:77] Observed a panic: unaligned 64-bit atomic operation
    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.logPanic({0x2482378, 0x2db2ff8})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:75 +0x94
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:49 +0x78
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
    panic: unaligned 64-bit atomic operation [recovered]
    	panic: unaligned 64-bit atomic operation

    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:56 +0xf4
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
 2023-03-13 08:37:13 +01:00
Paco Xu
49032c394c The storage.k8s.io/v1beta1 API version of CSIStorageCapacity will no longer be served in v1.27. 2023-03-13 15:06:04 +08:00
JunYang
f5bd8c86d4 namespace controller: use contextual logging 2023-03-13 14:59:17 +08:00
Kubernetes Prow Robot
ca7804fe13
Merge pull request #115909 from sding3/integration-test-for-debug-profiles-general-baseline 
add integration tests for debug profiles general & baseline
 2023-03-12 22:32:41 -07:00
Kubernetes Prow Robot
16bc942a6b
Merge pull request #113464 from mengjiao-liu/contextual-logging-controller-bootstrap 
Migrate `pkg/controller/bootstrap` to contextual logging
 2023-03-12 20:12:42 -07:00
Todd Neal
23f71f0eba refactor remote test running 2023-03-12 21:26:01 -05:00
Mengjiao Liu
e56f3e0781 Migrate pkg/controller/bootstrap to contextual logging 2023-03-13 10:18:40 +08:00
vinay kulkarni
1e01358ea2 Initialize pod resource allocation checkpoint manager to noop 
This avoids accidentally introducing null pointer access if manager
functions were called outside of InPlacePodVerticalScaling feature gate.
 2023-03-13 00:16:44 +00:00
Kubernetes Prow Robot
3c6e419cc3
Merge pull request #116450 from vinaykul/restart-free-pod-vertical-scaling-api 
Rename ContainerStatus.ResourcesAllocated to ContainerStatus.AllocatedResources
 2023-03-12 16:06:40 -07:00
Kubernetes Prow Robot
a32050e6cb
Merge pull request #116201 from sanposhiho/metric-scheduling-gate 
add(scheduler): implement "plugin_execution_duration_seconds" metric in PreEnqueue
 2023-03-12 13:52:40 -07:00
Kubernetes Prow Robot
3710d93d14
Merge pull request #115976 from ii/pending_eligible_endpoints 
Create pending_eligible_endpoints.yaml and move endpoints from ineligible_endpoints.yaml
 2023-03-12 12:20:51 -07:00
Kubernetes Prow Robot
a4a0fd44d8
Merge pull request #115912 from moshe010/dra-checkpoint 
kubelet DRA: Add checkpointing mechanism in the DRA Manager
 2023-03-12 12:20:40 -07:00
Kubernetes Prow Robot
e413e6a59c
Merge pull request #116312 from sanposhiho/move-label 
cleanup(scheduler): move metric labels to metrics package
 2023-03-12 10:48:40 -07:00
Kubernetes Prow Robot
f944743953
Merge pull request #116509 from cpanato/distroless-ip 
Update distroless-iptables and setcap images
 2023-03-12 08:44:39 -07:00
cpanato
609ae51395
Updated setcap to use released image registry.k8s.io/build-image/setcap:bullseye-v1.4.2 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-03-12 15:26:56 +01:00
cpanato
7b0b87e057
Updated distroless iptables to use released image registry.k8s.io/build-image/distroless-iptables:v0.2.2 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-03-12 15:26:15 +01:00
m.nabokikh
c2cadd2b60 Promote whoami kubectl command 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-12 15:24:31 +01:00
Moshe Levi
2c79af0d63 kubelet dra: add unit tests for checkpoint 
Signed-off-by: Moshe Levi <moshele@nvidia.com>
 2023-03-12 09:13:19 +02:00
tangwz
3766e060e5 Avoid using negative words in PreFilter and PreScore tests. 2023-03-12 15:06:26 +08:00
Kensei Nakada
fafbed3b1d
fix the error message 2023-03-12 14:48:48 +09:00
Kensei Nakada
639007b28e cleanup(scheduler): move metric labels to metrics package 2023-03-12 05:10:29 +00:00
Kensei Nakada
6697467062 add(scheduler): implement "plugin_execution_duration_seconds" metric in PreEnqueue 2023-03-12 04:45:52 +00:00
mantuliu
4204251acf Remove unnecessary int64 type conversion 
Signed-off-by: mantuliu <240951888@qq.com>
 2023-03-12 09:50:09 +08:00
Kubernetes Prow Robot
ead7d66ee1
Merge pull request #116500 from dims/revert-linx-arm-workaround 
Revert "Disable unified build and static init optimization for tests"
 2023-03-11 13:04:40 -08:00
Kubernetes Prow Robot
cc3855e0cf
Merge pull request #116170 from aojea/watch_instead_poll_system_namespaces 
Watch instead poll system namespaces
 2023-03-11 11:24:39 -08:00
Davanum Srinivas
320cb6d9ef
Revert "Disable unified build and static init optimization for tests" 
This reverts commit e20d77bb79.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-11 14:09:16 -05:00
Kubernetes Prow Robot
bb6c6fad2c
Merge pull request #115742 from dims/drop-32-bit-platforms 
Drop 32 bit linux/arm platform
 2023-03-11 06:12:40 -08:00
kannon92
aef8cbab89 Add batch.kubernetes.io to labels created in the Job controller. 2023-03-11 12:27:38 +00:00
Vadim Rutkovsky
556d774945 kubelet: create top-level traces for pod sync and GC 
This starts new top level OpenTelemetry spans every time syncPod or image / container GC is invoked
 2023-03-11 10:42:14 +01:00
andyzhangx
c2b2a7622f revert azuredisk test removal change 
revert

revert vendor changes

revert

revert

fix
 2023-03-11 07:10:05 +00:00
Francesco Romani
b837a0c1ff kubelet: podresources: DOS prevention with builtin ratelimit 
Implement DOS prevention wiring a global rate limit for podresources
API. The goal here is not to introduce a general ratelimiting solution
for the kubelet (we need more research and discussion to get there),
but rather to prevent misuse of the API.

Known limitations:
- the rate limits value (QPS, BurstTokens) are hardcoded to
  "high enough" values.
  Enabling user-configuration would require more discussion
  and sweeping changes to the other kubelet endpoints, so it
  is postponed for now.
- the rate limiting is global. Malicious clients can starve other
  clients consuming the QPS quota.

Add e2e test to exercise the flow, because the wiring itself
is mostly boilerplate and API adaptation.
 2023-03-11 08:00:54 +01:00
Kubernetes Prow Robot
c6f3007071
Merge pull request #115967 from harche/evented_pleg_metrics 
Graduate Evented PLEG to Beta
 2023-03-10 17:34:40 -08:00
Kubernetes Prow Robot
0804a86ce6
Merge pull request #116286 from thockin/logging_int_cmp 
bash: compare numbers numerically, not lexically
 2023-03-10 16:30:39 -08:00
Jiahui Feng
e1678f2b64 generated: UPDATE_COMPATIBILITY_FIXTURE_DATA 
(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)
 2023-03-10 16:22:01 -08:00