github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 04:06:03 +00:00
Code Issues Projects Releases Wiki Activity
104,731 Commits 42 Branches 7,905 Tags 1.3 GiB
8ef1255cdd
Commit Graph

104731 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dan Winship
8ef1255cdd proxy/iptables: Abstract out code for writing service-chain-to-endpoint-chain rules 
The same code appeared twice, once for the SVC chain and once for the
XLB chain, with the only difference being that the XLB version had
more verbose comments.
 2021-11-09 20:59:33 -05:00
Dan Winship
4c64008181 proxy/iptables: Abstract out shared OpenLocalPort code 
Also, in the NodePort code, fix it to properly take advantage of the
fact that GetNodeAddresses() guarantees that if it returns a
"match-all" CIDR, then it doesn't return anything else. That also
makes it unnecessary to loop over the node addresses twice.
 2021-11-09 20:59:30 -05:00
Dan Winship
9cd0552ddd proxy/iptables: Remove unnecessary /32 and /128 in iptables rules 
If you pass just an IP address to "-s" or "-d", the iptables command
will fill in the correct mask automatically.

Originally, the proxier was just hardcoding "/32" for all of these,
which was unnecessary but simple. But when IPv6 support was added, the
code was made more complicated to deal with the fact that the "/32"
needed to be "/128" in the IPv6 case, so it would parse the IPs to
figure out which family they were, which in turn involved adding some
checks in case the parsing fails (even though that "can't happen" and
the old code didn't check for invalid IPs, even though that would
break the iptables-restore if there had been any).

Anyway, all of that is unnecessary because we can just pass the IP
strings to iptables directly rather than parsing and unparsing them
first.

(The diff to proxier_test.go is just deleting "/32" everywhere.)
 2021-11-09 09:32:50 -05:00
Dan Winship
62672d06e6 proxy/iptables: fix a bug in node address error handling 
If GetNodeAddresses() fails (eg, because you passed the wrong CIDR to
`--nodeport-addresses`), then any NodePort services would end up with
only half a set of iptables rules. Fix it to just not output the
NodePort-specific parts in that case (in addition to logging an error
about the GetNodeAddresses() failure).
 2021-11-09 09:32:50 -05:00
Dan Winship
ab67a942ca proxy/iptables, proxy/ipvs: Remove an unnecessary check 
The iptables and ipvs proxiers both had a check that none of the
elements of svcInfo.LoadBalancerIPStrings() were "", but that was
already guaranteed by the svcInfo code. Drop the unnecessary checks
and remove a level of indentation.
 2021-11-09 09:32:50 -05:00
Kubernetes Prow Robot
a9ad15c421
Merge pull request #105292 from ravisantoshgudimetla/podOS-field-kubelet 
Pod os field kubelet
 2021-11-09 06:19:47 -08:00
Kubernetes Prow Robot
3ae56ab320
Merge pull request #106174 from markusthoemmes/buildx-check 
Make the docker buildx check call --help
 2021-11-09 04:31:46 -08:00
Kubernetes Prow Robot
927914dec7
Merge pull request #105969 from shivanshu1333/feature4/master/105841 
Migrated scheduler file `cache.go` to structured logging
 2021-11-09 02:05:39 -08:00
Kubernetes Prow Robot
d3ef2e393b
Merge pull request #106058 from marosset/host-process-containers-beta 
Move WindowsHostProcessContainers feature-gate to Beta
 2021-11-08 19:59:39 -08:00
ravisantoshgudimetla
889d45d3fb [kubelet] Reject pods with OS field mismatch 
Once kubernetes#104613 and kubernetes#104693
merge, we'll have OS field in pod spec. Kubelet should start rejecting pods
where pod.Spec.OS and node's OS(using runtime.GOOS) won't match
 2021-11-08 19:18:15 -05:00
Tim Hockin
731dc8cf74
Fix regression in kube-proxy (#106214) 
* Fix regression in kube-proxy

Don't use a prepend() - that allocates.  Instead, make Write() take
either strings or slices (I wish we could express that better).

* WIP: switch to intf

* WIP: less appends

* tests and ipvs
 2021-11-08 15:14:49 -08:00
Kubernetes Prow Robot
cda360c59f
Merge pull request #104613 from ravisantoshgudimetla/reconcile-labels 
[kubelet]: Reconcile OS and arch labels periodically
 2021-11-08 14:15:19 -08:00
Kubernetes Prow Robot
03fc2eeda2
Merge pull request #106210 from cynepco3hahue/e2e_node_fixes_after_dynamic_confiuration 
e2e_node: fixes after dynamic configuration removal
 2021-11-08 13:12:09 -08:00
Kubernetes Prow Robot
701c2b7942
Merge pull request #106196 from mauriciopoppe/gce-windows-ssh-fix 
Fix creation of the administrator_keys_file file with many users
 2021-11-08 13:11:57 -08:00
Kubernetes Prow Robot
0940dd6fc4
Merge pull request #106163 from aojea/conntrack_readiness 
kube-proxy consider endpoint readiness to delete UDP stale conntrack entries
 2021-11-08 13:11:44 -08:00
Kubernetes Prow Robot
61138d3740
Merge pull request #105854 from NikhilSharmaWe/non-serial 
Added non-serialized metrics for windows, for 3 pods
 2021-11-08 13:11:32 -08:00
Kubernetes Prow Robot
8b463cd141
Merge pull request #105406 from marosset/kubelet-metrics-for-host-process-containers 
Adding kubelet metrics for started and failed to start HostProcess containers
 2021-11-08 13:11:20 -08:00
Kubernetes Prow Robot
97125e76f3
Merge pull request #103626 from jkh52/tweak-konnectivity 
Konnectivity Proxy: move proxy-agent cpu limit to request.
 2021-11-08 12:11:20 -08:00
Kubernetes Prow Robot
ae550b62da
Merge pull request #106122 from rezakrimi/issue/105862 
making some apiserver metrics stable
 2021-11-08 10:55:19 -08:00
Nikhil Sharma
8c896612e9 Added non-serialized metrics for windows, for 3 pods 2021-11-08 23:13:53 +05:30
Kubernetes Prow Robot
bafa87c553
Merge pull request #105817 from yylt/edit 
Fix edit command
 2021-11-08 09:15:20 -08:00
Kubernetes Prow Robot
c9baa14d70
Merge pull request #105794 from margocrawf/master 
--as-uid flag in kubectl and kubeconfigs.
 2021-11-08 07:03:13 -08:00
Sai Harsha Kottapalli
17919b1841
Refactor Apply cmd to split flags from options (#102240) 
* Refactor Apply cmd to split flags from options

* refactor code

* fix subcommands
 2021-11-08 07:02:00 -08:00
Kubernetes Prow Robot
73f4064fff
Merge pull request #105295 from neolit123/1.23-add-output-v1alpha2 
kubeadm: add a new output/v1alpha2 API; deprecate output/v1alpha1
 2021-11-08 06:01:11 -08:00
Kubernetes Prow Robot
67a7d4056a
Merge pull request #103634 from CKchen0726/remove_unnecessary_code 
remove unnecessary function after PR #88885 merged
 2021-11-08 06:00:59 -08:00
Artyom Lukianov
117141eee3 e2e_node: fix tests after Kubelet dynamic configuration removal 
- CPU manager
- Memory Manager
- Topology Manager

Signed-off-by: Artyom Lukianov <alukiano@redhat.com>
 2021-11-08 09:42:24 +02:00
Kubernetes Prow Robot
582c4ebe26
Merge pull request #106217 from nikhita/fix-go-version-publishing-bot 
staging/publishing: fix go version for go1.16.10
 2021-11-07 22:02:52 -08:00
Nikhita Raghunath
5deae0121e staging/publishing: fix go version for go1.16.10 2021-11-08 10:16:07 +05:30
Kubernetes Prow Robot
33de444861
Merge pull request #103095 from haircommander/podAndContainerStatsFromCRI-feature-gate 
Kubelet: implement support for podAndContainerStatsFromCRI
 2021-11-07 18:26:53 -08:00
Kubernetes Prow Robot
fa040a9945
Merge pull request #106213 from cheftako/try_clean 
Bump konnectivity to v0.0.25
 2021-11-07 15:46:52 -08:00
Walter Fender
fbc13f22f8 Bump konnectivity to v0.0.25 
/kind feature

Bump konnectivity network proxy to v0.0.25.
Includes fixes for a few resource leaks.
Adds better logging for debugging.
Moves to golang1.17.
Adds additional keepalives.
Fixes HTTP-CONNECT goroutine leak.

Fixes # N/A

```release-note
NONE
```

```docs
NONE
```

Update the images.
 2021-11-07 14:34:09 -08:00
Kubernetes Prow Robot
0c6f1b4e2a
Merge pull request #106209 from cpanato/go1173 
[go1.17] Update to go1.17.3
 2021-11-07 12:42:53 -08:00
Carlos Panato
abbf8c3bed
[go1.17] Update to go1.17.3 
Signed-off-by: Carlos Panato <ctadeu@gmail.com>
 2021-11-07 16:29:35 +01:00
Shivanshu Raj Shrivastava
bb31040f06
migrate cache.go to structured logging 2021-11-07 19:20:39 +05:30
ravisantoshgudimetla
3af5d37be7 [node][e2e test]: Make sure reconcile labels is working fine 2021-11-06 19:21:58 -04:00
Kubernetes Prow Robot
d92a443ca7
Merge pull request #106102 from alculquicondor/delete-pod-tombstone 
Ensure deletion of pods in queues and cache
 2021-11-06 10:52:51 -07:00
Mauricio Poppe
ff0afb6169 Fix creation of the administrator_keys_file file with many users 2021-11-06 03:14:13 +00:00
Kubernetes Prow Robot
bdb9c0824c
Merge pull request #106158 from thockin/kp-cleanup 
kube-proxy iptables code clarity cleanups
 2021-11-05 17:20:51 -07:00
Kubernetes Prow Robot
88c000e766
Merge pull request #106189 from prameshj/dnsimage 
Update to latest kubedns and nodelocaldns images.
 2021-11-05 16:22:51 -07:00
ravisantoshgudimetla
21c5c2ec5c [kubelet][podadmission]: Validate and reject pods with mismatching labels 2021-11-05 18:47:43 -04:00
ravisantoshgudimetla
02c1bac0b6 [kubelet]: Sync label periodically 2021-11-05 18:47:43 -04:00
Kubernetes Prow Robot
4ce435cc95
Merge pull request #105251 from calvin0327/issue-upgrade-coredns 
Update corefile-migration to v1.0.14 and update coredns to 1.8.6
 2021-11-05 14:48:39 -07:00
Kubernetes Prow Robot
8e968c83ba
Merge pull request #105621 from shawnhanx/kubetypes 
fix kubelet/types is imported more than once
 2021-11-05 13:46:40 -07:00
Margo Crawford
7e079f5144 --as-uid flag in kubectl and kubeconfigs. 
This corresponds to previous work to allow impersonating UIDs:
* Introduce Impersonate-UID header: #99961
* Add UID to client-go impersonation config #104483

Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2021-11-05 13:23:49 -07:00
Pavithra Ramesh
f43c21448b Update to latest kubedns and nodelocaldns images. 2021-11-05 12:50:06 -07:00
Kubernetes Prow Robot
6d9008b1b0
Merge pull request #105934 from jsafrane/dont-ignore-selinux 
Don't guess SELinux support on error
 2021-11-05 12:44:51 -07:00
Kubernetes Prow Robot
0b0007ae68
Merge pull request #105421 from brianpursley/kubernetes-105146 
Fix bug where using kubectl patch with $deleteFromPrimitiveList on an empty or nonexistent list adds the item to be removed
 2021-11-05 12:44:40 -07:00
Tim Hockin
f662170ff7 kube-proxy: make iptables buffer-writing cleaner 2021-11-05 12:28:19 -07:00
Tim Hockin
f558554ce0 kube-proxy: minor cleanup 
Get rid of overlapping helper functions.
 2021-11-05 12:28:19 -07:00
Antonio Ojea
909925b492 kube-proxy: fix stale detection logic 
The logic to detect stale endpoints was not assuming the endpoint
readiness.

We can have stale entries on UDP services for 2 reasons:
- an endpoint was receiving traffic and is removed or replaced
- a service was receiving traffic but not forwarding it, and starts
to forward it.

Add an e2e test to cover the regression
 2021-11-05 20:14:56 +01:00