github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 05:57:25 +00:00
Code Issues Projects Releases Wiki Activity
102,324 Commits 42 Branches 7,905 Tags 1.3 GiB
995278c9fb
Commit Graph

102324 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
ac554af79b
Merge pull request #103142 from serathius/etcd-3.5.0 
Upgrade etcd to 3.5.0
 2021-07-07 12:40:22 -07:00
Abu Kashem
d9e3fbff94
apf: fix bootstrap ensurer log message 2021-07-07 15:01:46 -04:00
atiratree
33e6ebc8f8 update translations 2021-07-07 20:16:09 +02:00
atiratree
1e0f695afa fix translations location in update-translations.sh 2021-07-07 20:01:25 +02:00
Kubernetes Prow Robot
006d5b8539
Merge pull request #103524 from bergerhoffer/help-text-updates 
Minor adjustments to descriptions and example text
 2021-07-07 10:44:12 -07:00
Kubernetes Prow Robot
b93cd81609
Merge pull request #103481 from wojtek-t/pf_watch_tracker 
Add watch tracker to APF for request cost estimation
 2021-07-07 10:44:06 -07:00
Kubernetes Prow Robot
896cf744cb
Merge pull request #103420 from raisaat/pods-api-test-fix 
Fix pkg/api/pod/util tests to ensure feature gate is set
 2021-07-07 10:43:53 -07:00
Kubernetes Prow Robot
20be00980c
Merge pull request #103232 from astraw99/fix_delete_nil_pointer 
Fix delete nil pointer panic
 2021-07-07 10:43:41 -07:00
Jordan Liggitt
6408f3dffc Update generated files 2021-07-07 12:02:21 -04:00
Jordan Liggitt
250f47a45c Rename to capabilities_restricted 2021-07-07 12:02:21 -04:00
Jordan Liggitt
08608a24f1 Update dropCapabilities check/fixtures 2021-07-07 12:02:12 -04:00
Kubernetes Prow Robot
657c6fe033
Merge pull request #103407 from brianpursley/visit-order-tests 
Added unit tests for ExpandPathsToFileVisitors
 2021-07-07 08:57:08 -07:00
Kubernetes Prow Robot
f166221f10
Merge pull request #103390 from ironyman/validators 
Use system-validators v1.5.0
 2021-07-07 08:56:56 -07:00
Kubernetes Prow Robot
eaba61b4de
Merge pull request #103276 from NetApp/data-source-ref 
Add DataSourceRef field to PVC spec
 2021-07-07 08:56:44 -07:00
novahe
ce257266aa client-go: copying object to fix data race (#103148) 2021-07-07 23:44:14 +08:00
ravisantoshgudimetla
2c116055f7 [disruptioncontroller] Don't error for unmanaged pods 
As of now, we allow PDBs to be applied to pods via
selectors, so there can be unmanaged pods(pods that
don't have backing controllers) but still have PDBs associated.
Such pods are to be logged instead of immediately throwing
a sync error. This ensures disruption controller is
not frequently updating the status subresource and thus
preventing excessive and expensive writes to etcd.
 2021-07-07 10:42:24 -04:00
mgutierrez98
a8793dcb3e Implement check_dropAllCapabilities.go and test/fixtures_dropAllCapabilities.go 2021-07-07 09:41:15 -04:00
Kubernetes Prow Robot
b289fbb03d
Merge pull request #103409 from andrewsykim/service-internal-traffic-policy-e2e 
test/e2e/network: add test for Service internalTrafficPolicy
 2021-07-07 06:18:43 -07:00
Joachim Bartosik
3fadea4ea2 Bump version of Addon Resizer used by Metrics Server 
To pull in two fixes it needs to continue working in 1.22:

- Updated dependencies,
- Using new metric for getting node count.
 2021-07-07 14:48:52 +02:00
Andrea Hoffer
6b736f3484 Minor adjustments to descriptions and example text 2021-07-07 08:27:51 -04:00
wojtekt
cea1dcfeed Add watch tracker to APF for request cost estimation 2021-07-07 11:05:30 +02:00
Kubernetes Prow Robot
17f6f28621
Merge pull request #103468 from Huang-Wei/fix-sched-cc 
instantiates scheduler ComponentConfig after parsing feature gates
 2021-07-07 01:22:43 -07:00
wojtekt
2df05df698 Avoid code duplication in watchcache 2021-07-07 09:41:28 +02:00
Mengjiao Liu
96406b915d Clean up the remaining master names in test/integration 2021-07-07 15:39:59 +08:00
wojtekt
7f1c4977d7 Refinements to pick queue logic in P&F 2021-07-07 08:58:49 +02:00
Kubernetes Prow Robot
ec39cc2eaf
Merge pull request #103507 from CaoDonghui123/updateurl 
update  kubectl url
 2021-07-06 23:56:43 -07:00
Akihiro Suda
26e83ac4d4
kubelet: ignore /dev/kmsg error when running in userns 
oomwatcher.NewWatcher returns "open /dev/kmsg: operation not permitted" error,
when running with sysctl value `kernel.dmesg_restrict=1`.

The error is negligible for KubeletInUserNamespace.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-07-07 14:23:31 +09:00
Akihiro Suda
192790c52f
kube-proxy: allow running in userns 
Ignore an error during setting RLIMIT_NOFILE.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-07-07 14:23:31 +09:00
Akihiro Suda
dbe0155139
kubelet/cm: ignore sysctl error when running in userns 
Errors during setting the following sysctl values are ignored:
- vm.overcommit_memory
- vm.panic_on_oom
- kernel.panic
- kernel.panic_on_oops
- kernel.keys.root_maxkeys
- kernel.keys.root_maxbytes

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-07-07 14:23:29 +09:00
Akihiro Suda
b16323e37c
New feature gate: KubeletInUserNamespace 
Enables support for running kubelet in a user namespace.
The user namespace has to be created before running kubelet.
All the node components such as CRI need to be running in the same user namespace.

See kubernetes/enhancements PR 1371 (merged) and issue 2033.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-07-07 14:22:55 +09:00
Kubernetes Prow Robot
656d00e894
Merge pull request #103496 from neolit123/1.22-add-defaulting-v1beta3-imagepull 
kubeadm: statically default ImagePullPolicy in v1beta3
 2021-07-06 22:11:48 -07:00
Kubernetes Prow Robot
72f28fb8b3
Merge pull request #103445 from tallclair/podsecurity-attrs 
Move pod-security-admission to an external Attributes interface
 2021-07-06 22:11:39 -07:00
Samuel Roth
9e87082b85
[Pod Security] Baseline + restricted policy checks for seccomp (#103341) 
* podsecurity: add seccomp policy checks

* podsecurity: generated seccomp fixtures
 2021-07-06 22:11:28 -07:00
Kubernetes Prow Robot
2547c5bb97
Merge pull request #103307 from aojea/kubelet_podIPs 
podIPs order match node IP family preference (Downward API)
 2021-07-06 22:11:20 -07:00
Kubernetes Prow Robot
561959f682
Merge pull request #102823 from ehashman/kep-2400-swap 
Alpha node swap support
 2021-07-06 22:11:11 -07:00
Kubernetes Prow Robot
99f77725c8
Merge pull request #102677 from yuzhiquan/deprecated-warning-for-drain 
Deprecated message for ignore-errors flag
 2021-07-06 22:11:03 -07:00
Kubernetes Prow Robot
60475ee5c2
Merge pull request #102181 from enj/enj/i/deprecate_gcp_azure 
Deprecate azure and gcp in-tree auth plugins
 2021-07-06 22:10:55 -07:00
Kubernetes Prow Robot
7df432f78f
Merge pull request #99582 from chendave/fix_config 
custom plugin config should take precedence over default plugin config
 2021-07-06 22:10:43 -07:00
astraw99
af19d7f415 fix delete nil pointer panic 2021-07-07 12:45:13 +08:00
Kubernetes Prow Robot
1affd894cf
Merge pull request #98431 from wawa0210/fix-98253 
fix kubectl alpha debug node does not work on tainted(NoExecute) nodes
 2021-07-06 21:04:42 -07:00
Kubernetes Prow Robot
e1acbbd8fd
Merge pull request #99961 from margocrawf/master 
Introduce Impersonate-UID header
 2021-07-06 18:46:43 -07:00
Ben Swartzlander
00dba76918 Add DataSourceRef field to PVC spec 
Modify the behavior of the AnyVolumeDataSource alpha feature gate to enable
a new field, DataSourceRef, rather than modifying the behavior of the
existing DataSource field. This allows addition Volume Populators in a way
that doesn't risk breaking backwards compatibility, although it will
result in eventually deprecating the DataSource field.
 2021-07-06 21:17:41 -04:00
Tim Hockin
5b787aa184 Clean up testing of AllocateLoadBalancerNodePorts 
We only need one "tweak" function, and it should be set automatically in
most cases.
 2021-07-06 16:36:51 -07:00
Tim Hockin
eae4a19bd3 Fix small bug with AllocateLoadBalancerNodePorts 
If the user specified a port, DO reserve it, even if they asked you not
to allocate new ports.
 2021-07-06 16:36:51 -07:00
Kubernetes Prow Robot
ca0c8275b4
Merge pull request #103484 from wojtek-t/pf_queue_picker 
Update the logic to pick the best queue in P&F
 2021-07-06 16:22:22 -07:00
Kubernetes Prow Robot
15222a599f
Merge pull request #103244 from verult/fsgroup-to-csi 
Delegate applying FSGroup to CSI driver through NodeStageVolume and NodePublishVolume
 2021-07-06 16:22:10 -07:00
Antonio Ojea
a7469cf680 sort and filter exposed Pod IPs 
runtimes may return an arbitrary number of Pod IPs, however, kubernetes
only takes into consideration the first one of each IP family.

The order of the IPs are the one defined by the Kubelet:
- default prefer IPv4
- if NodeIPs are defined, matching the first nodeIP family

PodIP is always the first IP of PodIPs.

The downward API must expose the same IPs and in the same order than
the pod.Status API object.
 2021-07-07 00:15:31 +02:00
Tim Allclair
cf6ba6096f Move pod-security-admission to an external Attributes interface 2021-07-06 15:15:15 -07:00
Monis Khan
6bfaeaf916
Deprecate azure and gcp in-tree auth plugins 
With the client-go credential plugin functionality going GA in 1.22,
it is now time to deprecate these legacy integrations.

Signed-off-by: Monis Khan <mok@vmware.com>
 2021-07-06 17:18:25 -04:00
Elana Hashman
5584725605
Explicitly set LimitedSwap case with fallthrough 2021-07-06 13:50:09 -07:00