github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-05 18:24:07 +00:00
Code Issues Projects Releases Wiki Activity
122,180 Commits 42 Branches 7,905 Tags 1.3 GiB
a2fb1b51ac
Commit Graph

122180 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
3ec6a38795
Merge pull request #123828 from klueska/non-nil-parameters 
dra scheduler: ensure that we never have nil claim/class parameters
 2024-03-11 14:35:57 -07:00
Kubernetes Prow Robot
e062f925ae
Merge pull request #123732 from serathius/parallel-featureflags 
Fix SetFeatureGateDuringTest handling of Parallel tests
 2024-03-11 13:32:48 -07:00
Marek Siarkowicz
9fcf279e2b Fix SetFeatureGateDuringTest handling of Parallel tests 
Stop using defer as parallel subtest will might result in main test
finishing before subtest.

Fatal when same flag is set twice.
 2024-03-11 20:08:52 +01:00
Kubernetes Prow Robot
016d8b11ae
Merge pull request #123865 from dims/disable-aws-drivers-for-in-tree-volumes-test 
Disable `aws` drivers for `In-tree Volumes` test
 2024-03-11 11:26:13 -07:00
Kubernetes Prow Robot
57c89abb45
Merge pull request #123792 from mimowo/propose-api-comments-fix 
Adjust the Job field API comments and validation to the current state
 2024-03-11 11:26:04 -07:00
Kubernetes Prow Robot
2010ca8c5a
Merge pull request #123849 from AkihiroSuda/fix-123848 
e2e_node: mount_rro: skip if feature gate is disabled; fix error string comparison
 2024-03-11 08:51:34 -07:00
Davanum Srinivas
4aed5652ed
Disable aws drivers for In-tree Volumes test 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2024-03-11 11:08:39 -04:00
Kevin Klues
21a0dd1d70 dra scheduler: create default claim/class parameters instead of nil 
Without this, the scheduler was crashing in newClaimController() in
pkg/scheduler/framework/plugins/dynamicresources/structuredparameters.go

The code in newClaimController() assumes that the parameters are not nil.
Furthermore it assumes that there is at least one DriverRequest populated in
order to allocate any resources to a claim.

This PR adds logic to define default claim/class parameters that will allow
allocation to proceed even if an end user doesn't provide any class or claim
parameters themselves.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2024-03-11 13:57:16 +00:00
Kevin Klues
fc2134c84c dra kubelet: fix error log 
Previously we were returning the error string from 'err' (which is nil), when
we should have been returning it from result.Error. Without this it is hard to
debug issues with NodeUnprepareResources.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2024-03-11 13:51:29 +00:00
Lukasz Szaszkiewicz
a953539fb5 client-go/cache/reflector: use metav1.InitialEventsAnnotationKey 2024-03-11 13:07:44 +01:00
Lukasz Szaszkiewicz
ed2b92c3df apiserver/storage: use metav1.InitialEventsAnnotationKey const 2024-03-11 13:07:39 +01:00
Lukasz Szaszkiewicz
a40f25f8e6 apiserver/pkg/storage/utils: remove unused EverythingFunc 
since we don't provide compatibility guarantees for the storage
package it is okay to simply remove unused function.
 2024-03-11 11:47:02 +01:00
Kubernetes Prow Robot
b3926d137c
Merge pull request #123831 from klueska/fix-unprepare-resources 
Add StructuredResourceModel to UnprepareResources call
 2024-03-11 03:25:14 -07:00
Kubernetes Prow Robot
05ccec23aa
Merge pull request #123856 from aramase/aramase/t/reload_int_test_fix 
fix test flake in TestStructuredAuthenticationConfigReload
 2024-03-11 02:22:32 -07:00
Anish Ramasekar
51c26b7002
fix test flake in TestStructuredAuthenticationConfigReload 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-10 22:36:26 -07:00
xin.li
a4fe397ebd kubeadm: increase ut converage for config/upgradeconfiguration 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2024-03-11 13:27:24 +08:00
Akihiro Suda
ea14ccdf13
e2e_node: mount_rro: fix error string comparison 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-11 11:50:25 +09:00
Akihiro Suda
5cc1e56248
e2e_node: mount_rro: add SkipUnlessFeatureGateEnabled(RecursiveReadOnlyMounts) 
Fix issue 123848

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-11 11:50:25 +09:00
Kubernetes Prow Robot
ebc1a7b7fb
Merge pull request #123847 from wangzhen127/update-npd-configure 
Support fetching NPD from github releases in standalone mode
 2024-03-10 19:23:49 -07:00
Kubernetes Prow Robot
611dbaa055
Merge pull request #122790 from carlory/fix-121696 
Fix flaky test: Test_Run_OneVolumeDetachFailNodeWithReadWriteOnce
 2024-03-10 19:23:40 -07:00
Kubernetes Prow Robot
1f22594c9a
Merge pull request #123742 from thockin/cleanup_underscore_tmp 
Cleanup _tmp usage
 2024-03-10 17:53:44 -07:00
Kubernetes Prow Robot
52e857756b
Merge pull request #123846 from carlory/fix-update-go-workspace 
Fix the dirname command in macOS does not have a -z option
 2024-03-10 16:11:40 -07:00
Zhen Wang
3ce6c104e2 Support fetching NPD from github releases in standalone mode 
We stop releasing NPD tar files to gs://kubernetes-release. This PR
changes it to pull from github release notes by default. It still
supports overriding the defaults and pulling from a GCS bucket,
which is used by NPD CI tests.
 2024-03-10 21:49:29 +00:00
carlory
56da06b6dd Fix the dirname command in macOS does not have a -z option 2024-03-10 23:44:10 +08:00
Kubernetes Prow Robot
8f80e01467
Merge pull request #123719 from enj/enj/f/authn_config_beta 
Mark StructuredAuthenticationConfiguration feature gate as beta
 2024-03-09 17:09:56 -08:00
Kubernetes Prow Robot
09093f270a
Merge pull request #123793 from aramase/aramase/f/authn_config_reload_metrics 
Add metrics for authentication config reload
 2024-03-09 15:58:55 -08:00
Anish Ramasekar
62ac88b9ea
Add metrics for authentication config reload 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-09 14:40:22 -08:00
Kubernetes Prow Robot
77ecfb7800
Merge pull request #123525 from enj/enj/f/authn_config_reload 
Add dynamic reload support for authentication configuration
 2024-03-09 14:13:37 -08:00
Monis Khan
b4935d910d
Add dynamic reload support for authentication configuration 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-09 14:29:33 -05:00
Kubernetes Prow Robot
eafd2897e2
Merge pull request #123180 from AkihiroSuda/rro 
KEP-3857: Recursive Read-only (RRO) mounts
 2024-03-09 11:01:50 -08:00
Kevin Klues
13a6dcc21c dra kubelet: add StructuredResourceModel to UnprepareResources call 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2024-03-09 18:08:14 +00:00
Akihiro Suda
d4925ce8f8
e2e: KEP-3857: Recursive Read-only (RRO) mounts 
Usage:
```
make test-e2e-node \
  TEST_ARGS='--service-feature-gates=RecursiveReadOnlyMounts=true --kubelet-flags="--feature-gates=RecursiveReadOnlyMounts=true"' \
  FOCUS="Mount recursive read-only" SKIP=""
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 03:00:59 +09:00
Akihiro Suda
c7f52b34f3
kubelet: KEP-3857: Recursive Read-only (RRO) mounts 
See <https://kep.k8s.io/3857>.

An example manifest:
```yaml
apiVersion: v1
kind: Pod
metadata:
  name: rro
spec:
  volumes:
    - name: mnt
      hostPath:
        # tmpfs is mounted on /mnt/tmpfs
        path: /mnt
  containers:
    - name: busybox
      image: busybox
      args: ["sleep", "infinity"]
      volumeMounts:
        # /mnt-rro/tmpfs is not writable
        - name: mnt
          mountPath: /mnt-rro
          readOnly: true
          mountPropagation: None
          recursiveReadOnly: IfPossible
        # /mnt-ro/tmpfs is writable
        - name: mnt
          mountPath: /mnt-ro
          readOnly: true
        # /mnt-rw/tmpfs is writable
        - name: mnt
          mountPath: /mnt-rw
```

Requirements:
- Feature gate "RecursiveReadOnlyMounts" to be enabled
- Linux kernel >= 5.12
- runc >= 1.1

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 03:00:59 +09:00
Akihiro Suda
6f12e1d8e5
kubelet: expose containerStatuses.volumeMounts 
For KEP-3857: Recursive Read-only (RRO) mounts

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 03:00:59 +09:00
Akihiro Suda
dd0882a83e
kubelet: expose node.status.runtimeClasses 
For KEP-3857: Recursive Read-only (RRO) mounts

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 03:00:59 +09:00
Akihiro Suda
8db07446f1
api: validate RecursiveReadOnlyMounts 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 02:59:30 +09:00
Alvaro Aleman
b2eb6e7d03 Nodelifecycle: Emit event when deletion failed 
The nodelifecycle controller emits an event before it deletes a node.
Failures doing so for example due to a webhook are pretty hidden though,
as they are only logged in the controller-manager.

This change makes us emit an event for failing to delete a node
including the error as well.
 2024-03-09 11:51:36 -05:00
Akihiro Suda
8828530fd5
node: dropDisabledFields: recognize RecursiveReadOnlyMounts gate 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:13 +09:00
Akihiro Suda
ce1918875f
pod: dropDisabledFields: recognize RecursiveReadOnlyMounts 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:12 +09:00
Akihiro Suda
d940886d0a
api: KEP-3857: Recursive Read-only (RRO) mounts 
This commit modifies the following files:

- pkg/apis/core/types.go
- staging/src/k8s.io/api/core/v1/types.go

Other changes were auto-generated by running `make update`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:12 +09:00
Akihiro Suda
0b1a507b00
pkg/features: add RecursiveReadOnlyMounts 
For KEP-3857: Recursive Read-only (RRO) mounts

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:10 +09:00
Akihiro Suda
76081a10c2
kubelet: RuntimeHandler: add SupportsRecursiveReadOnlyMounts 
For KEP-3857: Recursive Read-only (RRO) mounts

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:09 +09:00
Akihiro Suda
27f24a62e3
kubelet: change map[string]RuntimeHandler to []RuntimeHandler 
The map is changed to an array so as to retain the order of the original array
propagated from the CRI runtime.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:07 +09:00
Kubernetes Prow Robot
d3d06c3c7e
Merge pull request #123826 from tenzen-y/use-fake-client-job-unit 
Job: Use the fake clock in TestTrackJobStatusAndRemoveFinalizers
 2024-03-08 15:11:13 -08:00
Kubernetes Prow Robot
28c4d00c7d
Merge pull request #123344 from nilekhc/svm-controller 
[Storage Version Migration] feat: implements Storage Version Migration
 2024-03-08 13:45:16 -08:00
Yuki Iwai
f2508df279 Job: Use the fake clock in TestTrackJobStatusAndRemoveFinalizers 
Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
 2024-03-09 06:09:05 +09:00
Kubernetes Prow Robot
9a160fa780
Merge pull request #123737 from enj/enj/i/cel_email_verified 
Require email_verified to be used when email is set as username via CEL
 2024-03-08 11:25:37 -08:00
Nilekh Chaudhari
9161302e7f
feat: implements svm controller 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2024-03-08 19:25:10 +00:00
Monis Khan
121607e809
Require email_verified to be used when email is set as username via CEL 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-08 12:59:05 -05:00
Michal Wozniak
79fe37537c Adjust the validation to the current state 2024-03-08 17:43:24 +01:00