github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-01 07:47:56 +00:00
Code Issues Projects Releases Wiki Activity
119,703 Commits 42 Branches 7,905 Tags 1.3 GiB
9e84a02950
Commit Graph

119703 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
9e84a02950
Merge pull request #121672 from pohly/golangci-lint-comment-check-fix 
golangci-lint: tone down comment checking
 2023-11-01 17:47:45 +01:00
Kubernetes Prow Robot
974735854b
Merge pull request #121573 from tukwila/bump_etcd_v3.5.10 
bump etcd newest version: v3.5.10
 2023-11-01 15:33:13 +01:00
Kubernetes Prow Robot
da61382068
Merge pull request #121552 from pohly/klog-update 
klog v2.110.1 update
 2023-11-01 15:32:59 +01:00
Patrick Ohly
248100ce6d golangci-lint: tone down comment checking 
39df946c06 was meant to enable stricter comment checking only for cmd/kubeadm
because the maintainers of that want that. However, the exclude rule didn't
capture all possible error texts and therefore some checks were enabled across
the entire code base.

The extended pattern is now based on the golangci-lint source code.

Also, the hint config didn't suppress any of these checks.
 2023-11-01 14:59:28 +01:00
Kubernetes Prow Robot
2c53de96e4
Merge pull request #121665 from pacoxu/sync-etcd-build 
etcd: add --provenance=false during etcd multi-arch build
 2023-11-01 14:14:23 +01:00
Paco Xu
ceaacc88f0 add --provenance=false during etcd multi-arch build 2023-11-01 17:16:28 +08:00
Kubernetes Prow Robot
375e9ee7c4
Merge pull request #120145 from LingyanYin/inplace_vpa_inprogress_custom_resource_fix 
fix inplace VPA stuck in InProgress when custom resources are specified
 2023-11-01 09:59:32 +01:00
Patrick Ohly
4a380609a9 serviceaccount: fix incorrect usage of %w in Errorf 
Found by govet in combination with new klog where printf-style checking is
enabled.
 2023-11-01 09:32:23 +01:00
Patrick Ohly
878d037d3b dependencies: klog v2.110.1 
Dropping a newline at the end of the message when using klog calls is an
intentional improvement (https://github.com/kubernetes/klog/pull/378)
 2023-11-01 09:32:20 +01:00
Kubernetes Prow Robot
d038b65fee
Merge pull request #121303 from humblec/csinodeexpand-ga 
Promote CSINodeExpandSecret to GA
 2023-11-01 07:32:23 +01:00
guangli.bao
bc1df9e7da bump to newest etcd: v3.5.10 
Signed-off-by: guangli.bao <guangli.bao@daocloud.io>
 2023-11-01 11:59:31 +08:00
Humble Chirammal
3890546265 Update APIs and adjust tests 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 09:28:36 +05:30
Humble Chirammal
77f4178c98 Promote CSINodeExpandSecret to GA 
This feature is in Beta since 1.27 and this has been promoted
to GA in this release.

KEP: https://github.com/kubernetes/enhancements/pull/4239

Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 11:32:05 +08:00
Kubernetes Prow Robot
a8b7e1953f
Merge pull request #121456 from kiashok/addRuntimeClassInCriFeatureGate 
KEP 4216: Add changes for alpha version under RuntimeClassInImageCriApi feature gate
 2023-11-01 03:52:38 +01:00
Kubernetes Prow Robot
6abff7457e
Merge pull request #116516 from aojea/servicecidr 
KEP-1880 Multiple ServiceCIDR ( and IPAddress allocation)
 2023-11-01 03:52:24 +01:00
Kubernetes Prow Robot
bfd67c4454
Merge pull request #121648 from neolit123/1.29-super-admin-conf 
kubeadm: do not poll in TestEnsureAdminClusterRoleBindingImpl
 2023-11-01 01:51:26 +01:00
Kubernetes Prow Robot
593a17d3b6
Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0
 2023-11-01 01:51:17 +01:00
Kubernetes Prow Robot
9b10019b91
Merge pull request #121477 from wzshiming/kep-2681 
Promote KEP-2681 to beta in 1.29
 2023-11-01 01:51:08 +01:00
Kubernetes Prow Robot
257b8c3666
Merge pull request #121046 from danwinship/nftables 
kube-proxy nftables backend
 2023-11-01 01:50:59 +01:00
Kubernetes Prow Robot
960431407c
Merge pull request #120715 from gjkim42/do-not-reuse-memory-of-restartable-init-containers 
Don't reuse memory of a restartable init container
 2023-11-01 01:50:45 +01:00
Kubernetes Prow Robot
e0d6b7eaaa
Merge pull request #121650 from soltysh/fix_ginkgo_setup 
Move invocation to not to cause ginkgo panic
 2023-11-01 00:33:32 +01:00
Kubernetes Prow Robot
fafccc0c9a
Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig
 2023-11-01 00:33:21 +01:00
kiashok
252e1d2dfe Imagepull per runtime class alpha release changes 
This commit does the following:
1. Add RuntimeClassInImageCriApi feature gate
2. Extend pkg/kubelet/container Image struct
3. Adds runtimeHandler string in the following CRI calls
   i.   ImageStatus
   ii.  PullImageRequest
   iii.  RemoveImage

Signed-off-by: kiashok <kiashok@microsoft.com>
 2023-10-31 15:52:46 -07:00
Kubernetes Prow Robot
715cd17c0d
Merge pull request #121645 from p0lyn0mial/upstream-fix-race-in-test-forget-watcher 
bring back: cacher: when forgeting a watcher, call stopWatcherLocked multiple times
 2023-10-31 22:57:08 +01:00
Kubernetes Prow Robot
3eba6fc9ad
Merge pull request #121628 from andrewsykim/cloud-pvl-admission 
cluster/gce: add webhook to replace PersistentVolumeLabel admission controller
 2023-10-31 22:56:59 +01:00
Kubernetes Prow Robot
84aca4ac74
Merge pull request #121579 from gjkim42/test-enable-sidecarcontainers 
Promote SidecarContainers feature to beta
 2023-10-31 22:56:50 +01:00
Dan Winship
0993bb78ef Redo service dispatch with maps 2023-10-31 17:54:53 -04:00
Dan Winship
9d71513ac1 Redo no-endpoint handling with maps 2023-10-31 17:54:53 -04:00
Dan Winship
4128631d0f Redo LoadBalancerSourceRanges firewall using sets 2023-10-31 17:54:53 -04:00
Dan Winship
edaa1d735b Redo --nodeport-addresses handling with a set 2023-10-31 17:54:53 -04:00
Dan Winship
ef1347b06d Port NAT rules to nftables (and backend is now functional) 2023-10-31 17:54:51 -04:00
Dan Winship
0c5c620b4f Port filter rules to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
6cff415305 Port service/endpoint chain creation/cleanup to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
2735ad541e Port table setup/cleanup code to nftables 2023-10-31 17:40:30 -04:00
Dan Winship
bcced184c5 Replace "iptables-restore" sync in nftables/proxier.go with (trivial) "nft -f -" sync 2023-10-31 17:38:32 -04:00
Dan Winship
93860a5217 Distinguish iptables-based and nftables-based backends, do startup cleanup 
When switching from iptables or ipvs to nftables, clean up old
iptables/ipvs rules. When switching the other way, clean up old
nftables rules.
 2023-10-31 17:38:32 -04:00
Dan Winship
abb1a458a9 Create an nftables.Interface in nftables proxier 
And update most of the comments to refer to "nftables" rather than
"iptables" (even though it doesn't actually do any nftables updating
at this point).

For now the proxy also internally creates a
utiliptablestesting.FakeIPTables to keep the existing sync code
compiling.
 2023-10-31 17:38:29 -04:00
Dan Winship
1a530457f9 Drop unit tests of iptables-specific unit test helpers 
(We'll eventually have nftables versions.)
 2023-10-31 17:33:53 -04:00
Dan Winship
958e80ca3b Clarify nftables/proxier.go by distinguishing nat/filter table KUBE-SERVICES chains 
(It is confusing, but allowed, to have distinct "KUBE-SERVICES" chains
in "nat" and "filter" in iptables, but in nftables the "type nat" and
"type filter" chains end up in the same table, so we'll need different
names for the two.)
 2023-10-31 17:33:53 -04:00
Dan Winship
3abdda9800 Simplify nftables/proxier.go by using string rather than utiliptables.Chain 
Change the svcPortInfo and endpointInfo fields to string rather than
utiliptables.Chain, and various fixups from there.

Also use a proper set for activeNATChains, and fix the capitalization
of endpointInfo.chainName.
 2023-10-31 17:33:53 -04:00
Dan Winship
96e53f64f4 Simplify nftables/proxier.go by removing the "args" reuse 
since that will be done differently in nftables
 2023-10-31 17:33:53 -04:00
Dan Winship
6535ac1e61 Simplify nftables/proxier.go by removing Monitor stuff 
since it shouldn't be necessary
 2023-10-31 17:33:53 -04:00
Dan Winship
ecb7752f0b Simplify nftables/proxier.go by removing HaveRandomFully checks 2023-10-31 17:33:53 -04:00
Dan Winship
5f09106063 Simplify nftables/proxier.go by dropping "-j ACCEPT" rules 2023-10-31 17:33:53 -04:00
Dan Winship
1a6b9b811e Simplify nftables/proxier.go by removing localhost nodeport support 
and related route_localnet setting / anti-martian-packet rule
 2023-10-31 17:33:53 -04:00
Dan Winship
e7c35d27f7 Simplify nftables/proxier.go by removing partial syncing 
Since optimization will be done differently in nftables.
 2023-10-31 17:33:53 -04:00
Dan Winship
39a5af1d0a Simplify nftables/proxier.go by removing large-cluster mode 
since things will be optimized differently in nftables
 2023-10-31 17:33:53 -04:00
Dan Winship
a70653143e Add a dummy nftables kube-proxy backend which is just a copy of iptables 2023-10-31 17:31:42 -04:00
Antonio Ojea
ce5a22d54c hack/update-codegen 
Change-Id: I929e8fe0313ec2e0aef2b26a5138cd88bdfe8914
 2023-10-31 21:07:44 +00:00
Antonio Ojea
3b69bd6a9b servicecidrs controller clarify condition false reevaluation 
Change-Id: I0eb8d39abe9b7b0ce6472ff426e9a62e7155aae1
 2023-10-31 21:05:58 +00:00