Commit Graph

111381 Commits

Author SHA1 Message Date
Zbynek Roubalik
1cefcdea2d add --concurrent-horizontal-pod-autoscaler-syncs flag to kube-controller-manager
Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com>
2022-10-17 17:39:31 +02:00
Jordan Liggitt
5f75c39cb0
Fix SELinux PodSecurity message when only user or role are set 2022-10-17 11:25:10 -04:00
kerthcet
1582c42e2b Fix metrics time durations in schedulerCycle and bindingCycle
Signed-off-by: kerthcet <kerthcet@gmail.com>
2022-10-17 23:24:24 +08:00
Davanum Srinivas
20de240d5b
Bump log level for health check warning for missing components
Default api server manifest whose liveness check looks like:
"/livez?exclude=etcd&exclude=kms-provider-0&exclude=kms-provider-1"

Which causes spurious messages in apiserver logs every 10 mins:
```
W1017 00:03:39.938956       9 healthz.go:256] cannot exclude some health checks, no health checks are installed matching "kms-provider-0","kms-provider-1"
```

Let's not log excessive messages especially at warning level. We should
do this at a higher level (6 instead of 4).

NOTE: we don't change the message returned to the http request, we keep
that as-is (does not change on log level)

Also see:
https://github.com/aws/eks-distro/blob/v1-19-eks-12/projects/kubernetes/kubernetes/1-19/patches/0016-EKS-PATCH-apiserver-healthz-upper-log-verbosity-for-.patch

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-10-17 11:09:13 -04:00
Kubernetes Prow Robot
64b98495ec
Merge pull request #113102 from SataQiu/clean-scheduler-20221017
scheduler: remove unused constant DefaultBindTimeoutSeconds from VolumeBinding plugin
2022-10-17 06:59:18 -07:00
Kubernetes Prow Robot
3b8cfefaee
Merge pull request #113005 from chendave/dry-run-prepare
kubeadm: Enable `dry-run` mode for phase of `control-plane-prepare certs`
2022-10-17 06:59:07 -07:00
Patrick Ohly
b667933741 e2e: adapt to modified Ginkgo output 2022-10-17 15:12:41 +02:00
Roman Bednar
f5693a4008 restart claim sync when PVC is updated
We should not rely on syncUnboundClaim() to do nothing after it updates
PVC with a default storage class until next re-sync but instead restart
the sync explicitly to make sure we hit isDelayBindingMode() and
findBestMatchForClaim() immediately right after the PVC update.
2022-10-17 14:05:39 +02:00
Kubernetes Prow Robot
ea231f5252
Merge pull request #113097 from pohly/e2e-fix-all-nodes-ready
e2e: skip AllNodesReady when the test skipped framework initialization
2022-10-17 04:39:19 -07:00
Kubernetes Prow Robot
e1812683e3
Merge pull request #113042 from swatisehgal/memorymgr-fix-rejection-test
node: e2e: memorymgr: Fix test failure
2022-10-17 04:39:07 -07:00
Kubernetes Prow Robot
2126509ab2
Merge pull request #111339 from chendave/debugoptions
e2e: Remove ginkgo option `output-interceptor-mode`
2022-10-17 03:35:09 -07:00
Dave Chen
b3f91f0c02 kubeadm: Enable dry-run mode for phase of control-plane-prepare certs
- All certs will be created under the folder of `/etc/kubernetes/tmp/kubeadm-join-dryrunxxx`
if the `dry-run` mode is enabled.

- Try to make each phase idempotent by resetting the cert dir with `dry-run` mode

Signed-off-by: Dave Chen <dave.chen@arm.com>
2022-10-17 18:29:53 +08:00
Patrick Ohly
d1dbf7ae3e dependencies: update to gomega v1.22.1 and ginkgo v2.3.1
This adds support for timeouts and intermediate reports in Eventually and
Consistently.
2022-10-17 12:12:54 +02:00
SataQiu
ba925a8393 scheduler: remove unused constant DefaultBindTimeoutSeconds from VolumeBinding plugin 2022-10-17 17:25:59 +08:00
Kubernetes Prow Robot
cb16d50068
Merge pull request #113094 from chendave/fix_errmsg
kubeadm: fix the err msg if the token format is not match
2022-10-17 02:05:08 -07:00
Patrick Ohly
3c162af45f e2e: skip AllNodesReady when the test skipped framework initialization
This addresses a problem caused by
https://github.com/kubernetes/kubernetes/pull/112043: because the AfterEach
which invokes AllNodesReady always runs, including tests that skipped early,
those tests ran into a nil pointer access. This increased the size of log
files. The tests still worked.
2022-10-17 10:27:14 +02:00
Dave Chen
6694b6bf9a kubeadm: fix the err msg if the token format is not match
Previously, the err msg will repeat the token ID of the form "[a-z0-9]{6}"
if the token doesn't match with the desired format.

Signed-off-by: Dave Chen <dave.chen@arm.com>
2022-10-17 15:59:18 +08:00
Kubernetes Prow Robot
162aaf77f2
Merge pull request #112714 from PuneetPunamiya/split-describe-command
Refactors describe command to split flags from options
2022-10-17 00:07:07 -07:00
zackzhangkai
5a1ca395b2 fix typo
Signed-off-by: zackzhangkai <zhangkaiamm@gmail.com>
2022-10-17 14:10:09 +08:00
PuneetPunamiya
568f55a82b Refactors describe command to split flags from options
Signed-off-by: Puneet Punamiya ppunamiy@redhat.com
2022-10-17 09:44:14 +05:30
Davanum Srinivas
09968e6c03
(aws_credentials): update ecr url validation regex
Updates the regex for ECR URL validation to support isolated regions
and includes additional testcases for these.

Signed-off-by: Jyoti Mahapatra <jyotima@amazon.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-10-16 19:13:47 -04:00
Davanum Srinivas
715f2af8e2
Pass region to sts client
First, this change explicitly sets the region from metadata.
Second, it uses .WithSTSRegionalEndpoint(endpoints.RegionalSTSEndpoint)
to enable the regional STS endpoint. This is required because, as of
SDK v1.42.23, the default is legacy (endpoints.LegacySTSEndpoint).

Signed-off-by: Nick Turner <nic@amazon.com>
Signed-off-by: Rasita Pai <prasita@amazon.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-10-16 11:39:19 -04:00
Davanum Srinivas
af76f3b72a
Bump AWS libraries to latest
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-10-16 11:38:08 -04:00
Kubernetes Prow Robot
48608cfe60
Merge pull request #113082 from knabben/knabben/kube-proxy-comment
Fixing words in the comment
2022-10-15 16:07:06 -07:00
Amim Knabben
c0d323f1f6 Fixing words in the comment 2022-10-15 15:54:41 -03:00
Shiming Zhang
0005364363
Fix NPE (#112999)
* Fix NPE

* bump version
2022-10-15 10:43:05 -07:00
Kubernetes Prow Robot
6f579d3ceb
Merge pull request #111616 from ndixita/credential-api-ga
Move the Kubelet Credential Provider feature to GA and Update the Credential Provider API to GA
2022-10-15 07:53:09 -07:00
Kubernetes Prow Robot
b6e8dfec61
Merge pull request #113057 from Richabanker/kube-proxy-metrics-slis
add metrics/slis to kube-proxy health checks
2022-10-15 06:49:05 -07:00
lixiaobing1
7892175acd replace WithInsecure() with WithTransportCredentials() 2022-10-15 16:41:53 +08:00
Kubernetes Prow Robot
83c2585716
Merge pull request #112891 from ii/create-namespace-finalizer-test
Write e2e test for replaceCoreV1NamespaceFinalize +1 Endpoints
2022-10-14 21:25:23 -07:00
Kubernetes Prow Robot
c5bc8f929b
Merge pull request #112860 from nckturner/remove-log-line
Remove log line from expiration cache
2022-10-14 21:25:16 -07:00
Kubernetes Prow Robot
b9c2e53fbc
Merge pull request #112587 from k1cn9ggtuc/typo-fix
fix a typo in test/conformance/walk.go
2022-10-14 21:25:04 -07:00
Kubernetes Prow Robot
8fb8bb4e9a
Merge pull request #112374 from Argh4k/no-stack-timeout
do not print status stack in case of timeout from timeout handler
2022-10-14 19:39:05 -07:00
Kubernetes Prow Robot
353e00796e
Merge pull request #112988 from alexzielenski/update-kube-openapi
update kube-openapi
2022-10-14 17:31:29 -07:00
Kubernetes Prow Robot
d754183866
Merge pull request #112163 from aojea/static_allocation_ga
graduate ServiceIPStaticSubrange to GA
2022-10-14 17:31:18 -07:00
Kubernetes Prow Robot
6705015101
Merge pull request #112133 from knabben/remove-kproxy-userspace
Remove kube-proxy userspace modes
2022-10-14 17:31:06 -07:00
Tim Allclair
ea28a21a67 Rename WithAuditID to WithAuditInit 2022-10-14 16:04:35 -07:00
Tim Allclair
f1d684b7b6 Consolidate AuditContext 2022-10-14 16:04:34 -07:00
Kubernetes Prow Robot
afbce897a9
Merge pull request #111096 from brianpursley/api-resources-categories
Add categories to kubectl api-resources wide output and add --categories flag
2022-10-14 14:19:07 -07:00
Kubernetes Prow Robot
cf18b5098e
Merge pull request #109590 from twilight0620/mytest
code check modify
2022-10-14 13:13:05 -07:00
Yuan Chen
7297f48f12 Add profile level percentageOfNodesToScore
Fix conversion errors

Changed the order

update

update

fix manaul coversions

keep the global parameter for backward compatibility

Address Wei's comments

Fix an error

Fix issues

Add unit tests for validation

Fix a comment

Address comments

Update comments

fix verifiation errors

Add tests for scheme_test.go

Convert percentageOfNodesToScore to pointer

Fix errors

Resolve conflicts

Fix testing errors

Address Wei's comments

Revert IntPtr to Int changes

Address comments

Not overrite percentageOfNodesToScore

Fix a bug

Fix a bug

change errs to err

Fix a nit

Remove duplication

Address comments

Fix lint warning

Fix an issue

Update comments

Clean up

Address comments

Revert changes to defaults

fix unit test error

Update

Fix tests

Use default PluginConfigs
2022-10-14 13:01:06 -07:00
Alexander Zielenski
e6e6dd826d
refactor to use Schema(contentType) 2022-10-14 12:46:36 -07:00
Kubernetes Prow Robot
cf4d2cc545
Merge pull request #110498 from yangjunmyfm192085/updatechangelog24
CHANGELOG fix some format error of changelog1.24
2022-10-14 12:00:43 -07:00
Kubernetes Prow Robot
0ef0fa0e82
Merge pull request #112824 from gjkim42/promote-expandeddnsconfig-to-beta
Promote ExpandedDNSConfig feature to beta stage
2022-10-14 10:54:58 -07:00
Kubernetes Prow Robot
5e775e3c83
Merge pull request #112558 from aojea/ipam_owners
update sig-network reviewers/approvers on controller manager
2022-10-14 10:54:46 -07:00
Chris Henzie
f6d9c27722 e2e test for ReadWriteOncePod PV access mode
Adds two tests for the enforcement of the ReadWriteOncePod
PersistentVolume access mode.

1. Tests that when two Pods are scheduled that reference the same
   ReadWriteOncePod PVC, the latter-scheduled Pod will be marked
   unschedulable because the PVC is in-use.
2. Tests that when two Pods are scheduled on the same node (setting
   Pod.Spec.NodeName to bypass scheduling for the second Pod), the
   latter Pod will fail to start because the PVC is already mounted on
   the Node.

Included are changes to update the hostpath CSI driver to accept new CSI
access modes. Its sidecar containers are already at supported versions
for ReadWriteOncePod and don't need updating. The GCP PD CSI driver does
not yet support the new CSI access modes, but its sidecar containers are
at supported versions and so the feature will work.

To support ReadWriteOncePod, the following CSI sidecars must be updated
to these versions or greater:
 - csi-provisioner:v3.0.0+
 - csi-attacher:v3.3.0+
 - csi-resizer:v1.3.0+

For more details, see:
https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/2485-read-write-once-pod-pv-access-mode/README.md
2022-10-14 09:15:36 -07:00
Antonio Ojea
bea96abac3 test dualstack services with assigned clusterIPs 2022-10-14 15:53:49 +00:00
Kubernetes Prow Robot
52b47dac4f
Merge pull request #113026 from Richabanker/scheduler-metrics-slis
add metrics/slis to kube-scheduler health checks
2022-10-14 08:48:57 -07:00
Kubernetes Prow Robot
5c36a3c372
Merge pull request #110902 from 0xff-dev/master
convert int32 to pointer using library function
2022-10-14 08:48:46 -07:00
Brian McQueen
61f04e6f20 restored QEMUVERSION and slim-stretch and removed arch linux/arm64v8 #109295 2022-10-14 06:52:34 -07:00