github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-20 10:20:51 +00:00
Code Issues Projects Releases Wiki Activity
114,932 Commits 42 Branches 7,874 Tags 1.3 GiB
b2c8190ee7
Commit Graph

114932 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
bfc23bbf19
Merge pull request #115966 from aojea/lb_mixed 
don't process unsupported loadbalancers with mixed protocols
 2023-03-13 15:23:00 -07:00
Kubernetes Prow Robot
611273a5bb
Merge pull request #115253 from danwinship/proxy-update-healthchecknodeport 
Split out HealthCheckNodePort stuff from service/endpoint map Update()
 2023-03-13 15:22:48 -07:00
Damien Grisonnet
ac394c5c19 Cleanup deprecated metrics 
Remove the following deprecated metrics:
- node_collector_evictions_number
- scheduler_e2e_scheduling_duration_seconds

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
 2023-03-13 22:55:34 +01:00
Tim Hockin
35eb667e32
Update generated files 2023-03-13 14:45:33 -07:00
Rodrigo Campos
ec0410a266
kubelet: Move userns manager to its own package 
To that end, we need to add one kubelet getter listPodsFromDisk(). Other
than that, it is a pretty trivial move.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-03-13 22:28:04 +01:00
Rodrigo Campos
16d76f6813
kubelet: Don't reserve mapping for userns phase II 
Latest changes to KEP-127 removed that phase, so let's stop reserving
those IDs for that.

While we are there, we replace 0 for 0*65536 as before we had a bug that
we were not multiplying the index, to avoid bugs in the future.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-03-13 22:28:04 +01:00
Rodrigo Campos
8af3cce7fe
kubelet: remove GetHostIDsForPod() 
Now KEP-127 relies on idmap mounts to do the ID translation and we won't
do any chowns in the kubelet.

This patch just removes the usage of GetHostIDsForPod() in
operationexecutor to do the chown, and also removes the
GetHostIDsForPod() method from the kubelet volume interface.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-03-13 22:28:03 +01:00
Giuseppe Scrivano
9075404dc4
kubelet: use idmapped mounts for all volumes 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2023-03-13 22:28:03 +01:00
Giuseppe Scrivano
79a34cf6a4
cri-api: add mappings for volumes 
add the definitions for the ID mappings to use at runtime for the
volume mount.  This is supported only on Linux where idmapped mounts
are used to perform the runtime mapping.

The new fields are mapped directly to the field in the OCI runtime
specs:

https://github.com/opencontainers/runtime-spec/blob/main/config.md#posix-platform-mounts

The CRI runtime will pass the mappings to the OCI runtime as-is.

Related to KEP-127.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2023-03-13 22:21:32 +01:00
Davanum Srinivas
a889cc7f79
prevent initializing the same flag more than once 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-13 17:07:00 -04:00
Alexander Zielenski
ce3385ab1f enable openapiv3 by default 2023-03-13 14:03:41 -07:00
Udesh Udayakumar
64182b2d7a
"contails" -> "contains" updated 2023-03-13 14:00:27 -07:00
Kubernetes Prow Robot
de9ce03f19
Merge pull request #116542 from enj/enj/f/go1.20 
Explicit bump to go 1.20
 2023-03-13 13:24:55 -07:00
Kubernetes Prow Robot
c237ddb226
Merge pull request #116045 from sanposhiho/sanposhiho/message 
fix(HPA): make a difference in SuccessfulRescale  events between the resource metric and the container resource metric
 2023-03-13 13:24:47 -07:00
Justin SB
f17a319dc6 prunev2: Implement basic pruning 
Implement the basic prune strategy where we find-by-label and then
delete unknown objects.
 2023-03-13 20:06:59 +00:00
Kubernetes Prow Robot
5cd7297148
Merge pull request #116540 from danwinship/conntrack-owners 
copy pkg/proxy OWNERS to pkg/util/conntrack
 2023-03-13 12:15:09 -07:00
Kubernetes Prow Robot
077ca3b736
Merge pull request #116477 from twz123/synctrack-64bit-alignment 
Properly align synctrack.SingleFileTracker struct
 2023-03-13 12:15:02 -07:00
Kubernetes Prow Robot
02a654a635
Merge pull request #116043 from sanposhiho/featuregate-check 
fix(HPA): ignore the container resource metrics in HPA controller when the feature gate is disabled
 2023-03-13 12:14:50 -07:00
Mark Rossetti
b3a67abec7
Updating perfCounterUpdatePerioud for Windows to 10 seconds 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2023-03-13 12:13:24 -07:00
m.nabokikh
d5aa8351e3 Fix DescribeTable for selfsubjectreview e2e 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-13 20:06:10 +01:00
Tim Allclair
ea974280dc Fix broken API docs URLs 2023-03-13 11:37:59 -07:00
Tim Allclair
3808920328 Add a script to verify that URLs in API documentation are valid 2023-03-13 11:37:59 -07:00
Kubernetes Prow Robot
087868a436
Merge pull request #116476 from smarterclayton/context_wait_2 
wait: Split the wait package up into individual files to make refactors easier
 2023-03-13 10:39:00 -07:00
Kubernetes Prow Robot
3106a5c553
Merge pull request #116301 from andyzhangx/remove-azuredisk-code 
Remove Azure disk in-tree storage plugin
 2023-03-13 10:38:48 -07:00
Monis Khan
ba471884fb
Explicit bump to go 1.20 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-13 12:47:36 -04:00
Davanum Srinivas
be42dcfd73
re-organize remote e2e test to be pluggable 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-13 12:33:47 -04:00
Kubernetes Prow Robot
3b1fc60d80
Merge pull request #116523 from pacoxu/CSIStorageCapacity-v1beta1-remove 
Remove storage.k8s.io/v1beta1 API version of CSIStorageCapacity
 2023-03-13 09:28:50 -07:00
Sergey Kanzhelev
009a2cbbc8 initialize feature gates in test project 2023-03-13 16:16:03 +00:00
Dan Winship
eaa0791b56 copy pkg/proxy OWNERS to pkg/util/conntrack 2023-03-13 11:20:36 -04:00
Kubernetes Prow Robot
a0b1bee7c5
Merge pull request #115840 from atosatto/remove-taint-manager-cli 
Remove enable-taint-manager and pod-eviction-timeout CLI flags
 2023-03-13 08:13:10 -07:00
Kubernetes Prow Robot
492a08c916
Merge pull request #113525 from 249043822/br-context-logging-deployment 
deployment controller: use contextual logging
 2023-03-13 08:13:02 -07:00
Kubernetes Prow Robot
34537c1a1d
Merge pull request #110864 from claudiubelu/adds-unittests 
unittests: Adds winstats unittests
 2023-03-13 08:12:50 -07:00
Kubernetes Prow Robot
ab5100893a
Merge pull request #116533 from ameukam/remove-gcs-retention-action 
Stop clear non-existant retention policy rule
 2023-03-13 07:02:56 -07:00
Kubernetes Prow Robot
9c5eebaf3f
Merge pull request #115879 from mtardy/scdeny-warning 
`SecurityContextDeny` admission plugin: add warning on creation
 2023-03-13 07:02:48 -07:00
Kubernetes Prow Robot
85524e7da6
Merge pull request #116518 from tzneal/refactor-remote-runner 
test: refactor remote test running
 2023-03-13 05:56:59 -07:00
Kubernetes Prow Robot
4a7ba05691
Merge pull request #116510 from flant/whoami-beta 
Promote whoami kubectl command
 2023-03-13 05:56:47 -07:00
Kevin Klues
685688c703 Update DRAManager to allow multiple plugins to process a single claim 
Right now, the v1alpha1 API only passes enough information for one plugin to
process a claim, but the v1alpha2 API will allow for multiple plugins to
process a claim. This commit prepares the code for this upcoming change.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
569ed33d78 Add additional tests to DRAManager checkpointing 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
fd7370b84d Update DRAManager checkpoint to store a map for CDIDevices 
The key of the map is the KubeletPluginName where the CDIDevices originate.

Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Kevin Klues
273a8ffad1 Rename CdiDevices to CDIDevices in dramanager checkpoint 
Signed-off-by: Kevin Klues <kklues@nvidia.com>
 2023-03-13 12:52:41 +00:00
Damien Grisonnet
d00364902b events: fix EventSeries starting count discrepancy 
The kube-apiserver validation expects the Count of an EventSeries to be
at least 2, otherwise it rejects the Event. There was is discrepancy
between the client and the server since the client was iniatizing an
EventSeries to a count of 1.

According to the original KEP, the first event emitted should have an
EventSeries set to nil and the second isomorphic event should have an
EventSeries with a count of 2. Thus, we should matcht the behavior
define by the KEP and update the client.

Also, as an effort to make the old clients compatible with the servers,
we should allow Events with an EventSeries count of 1 to prevent any
unexpected rejections.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
 2023-03-13 13:31:07 +01:00
Claudiu Belu
e3edf13486 unittests: Adds winstats unittests 
The module pkg/kubelet/winstats has almost no coverage for Windows. This
commit adds unit tests to cover the mentioned module.
 2023-03-13 12:08:15 +00:00
Saza
d34b0275a3
dynamic resource allocation: add timeouts for communiction with plugin (#114844) 
* add timeouts for communication with dra plugin

* move timeout constant to k8s.io/kubernetes/pkg/kubelet/cm/util

* move settings of timeout to pkg/kubelet/plugin/dra/plugin/client.go

* remove timeout constant
 2023-03-13 04:34:56 -07:00
Kubernetes Prow Robot
185cd95b9c
Merge pull request #113443 from yangjunmyfm192085/namespace-contextual-logging 
namespace controller: use contextual logging
 2023-03-13 04:34:44 -07:00
ZhangKe10140699
66bda6c092 deployment controller: use contextual logging 2023-03-13 19:00:44 +08:00
Arnaud Meukam
033f4b1772
Stop clear non-existant retention policy rule 
This command is now not necessary and create some noise on the trail
logs.
See: https://github.com/kubernetes/k8s.io/pull/4902

Signed-off-by: Arnaud Meukam <ameukam@gmail.com>
 2023-03-13 11:35:10 +01:00
mtardy
36a2156033 Add a SecurityContextDeny feature gate disabled by default 
Put plugin registration behind the feature gate.
 2023-03-13 10:18:08 +01:00
John Kwiatkoski
69465d2949
Adding test coverage for NewPodContainerManager() (#110220) 2023-03-13 02:08:44 -07:00
Sascha Grunert
1c0a5aa84a
Link apiextensions-apiserver binary statically 
The apiextensions-apiserver itself only depends on the following runtime
libraries when linking dynamically:

```
> ldd _output/bin/apiextensions-apiserver
        linux-vdso.so.1 (0x00007ffd1b39f000)
        libpthread.so.0 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/libpthread.so.0 (0x00007fe836022000)
        libc.so.6 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/libc.so.6 (0x00007fe835e00000)
        /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib/ld-linux-x86-64.so.2 => /nix/store/4nlgxhb09sdr51nc9hdm8az5b08vzkgx-glibc-2.35-163/lib64/ld-linux-x86-64.so.2 (0x00007fe836029000)
```

We now move the apiextensions-apiserver to become a static binary as
well to achieve maximum portability.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2023-03-13 09:00:36 +01:00
Tom Wieczorek
ffcf653e06
Properly align synctrack.SingleFileTracker struct 
count is used with atomic operations so it must be 64-bit aligned,
otherwise atomic operations will panic. Having it at the top of the
struct will guarantee that, even on 32-bit arches.

This fixes panics like that one observed in kube-apiserver:

    E0310 13:48:47.476124     676 runtime.go:77] Observed a panic: unaligned 64-bit atomic operation
    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.logPanic({0x2482378, 0x2db2ff8})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:75 +0x94
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:49 +0x78
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
    panic: unaligned 64-bit atomic operation [recovered]
    	panic: unaligned 64-bit atomic operation

    goroutine 141 [running]:
    k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
    	vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:56 +0xf4
    panic({0x2482378, 0x2db2ff8})
    	/usr/local/go/src/runtime/panic.go:884 +0x218
    runtime/internal/atomic.panicUnaligned()
    	/usr/local/go/src/runtime/internal/atomic/unaligned.go:8 +0x24
    runtime/internal/atomic.Load64(0x685f794)
    	/usr/local/go/src/runtime/internal/atomic/atomic_arm.s:280 +0x14
    k8s.io/client-go/tools/cache/synctrack.(*SingleFileTracker).HasSynced(0x685f790)
    	vendor/k8s.io/client-go/tools/cache/synctrack/synctrack.go:115 +0x3c
    k8s.io/client-go/tools/cache.(*processorListener).HasSynced(0x6013e60)
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:907 +0x20
    k8s.io/client-go/tools/cache.WaitForCacheSync.func1()
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:332 +0x50
    k8s.io/apimachinery/pkg/util/wait.ConditionFunc.WithContext.func1({0x2dcf274, 0x607c600})
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:222 +0x1c
    k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext({0x2dcf274, 0x607c600}, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:262 +0x64
    k8s.io/apimachinery/pkg/util/wait.waitForWithContext({0x2dcf274, 0x607c600}, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:649 +0x11c
    k8s.io/apimachinery/pkg/util/wait.poll({0x2dcf274, 0x607c600}, 0x1, 0x64a6060, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:600 +0xc4
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntilWithContext({0x2dcf274, 0x607c600}, 0x5f5e100, 0x6382050)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:551 +0x60
    k8s.io/apimachinery/pkg/util/wait.PollImmediateUntil(0x5f5e100, 0x6298020, 0x607c600)
    	vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:542 +0x48
    k8s.io/client-go/tools/cache.WaitForCacheSync(0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:329 +0x80
    k8s.io/client-go/tools/cache.WaitForNamedCacheSync({0x283c5e1, 0xf}, 0x607c600, {0x6298000, 0x3, 0x3})
    	vendor/k8s.io/client-go/tools/cache/shared_informer.go:316 +0xe8
    created by k8s.io/kubernetes/plugin/pkg/auth/authorizer/node.AddGraphEventHandlers
    	plugin/pkg/auth/authorizer/node/graph_populator.go:65 +0x5b0
 2023-03-13 08:37:13 +01:00