github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-14 22:33:34 +00:00
Code Issues Projects Releases Wiki Activity
125,197 Commits 42 Branches 8,000 Tags 1.3 GiB
d425353c13
Commit Graph

125197 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
a8d354bf39
Merge pull request #126122 from HirazawaUi/remove-unused-options 
kubelet: Remove unused run container options
 2024-07-19 18:05:16 -07:00
bzsuni
3c448ff29d Build etcd image of v3.5.15 
Signed-off-by: bzsuni <bingzhe.sun@daocloud.io>
 2024-07-20 08:16:18 +08:00
Kubernetes Prow Robot
14b34fc255
Merge pull request #125834 from tallclair/log-cleanup 
[kubelet] Cleanup incorrect log about static pod status change
 2024-07-19 16:58:54 -07:00
Kubernetes Prow Robot
64ba17c605
Merge pull request #125571 from liggitt/filter-auth-02-sar 
add field and label selectors to authorization
 2024-07-19 15:30:01 -07:00
Kubernetes Prow Robot
ec8015daac
Merge pull request #124273 from panoswoo/fix/124255 
Remove missing extended resources from init containers
 2024-07-19 15:29:53 -07:00
cici37
1e5062c5d4 Auto update 2024-07-19 22:26:40 +00:00
cici37
95dbfa1c3d Promote metrics for VAP and CRD validation rules to beta. 2024-07-19 22:26:32 +00:00
Jefftree
0898842b3c use context for tests 2024-07-19 20:12:05 +00:00
Kubernetes Prow Robot
fa15f12fb5
Merge pull request #126174 from dobsonj/corruptedmnt-enodev 
mount-utils: treat syscall.ENODEV as corrupted mount
 2024-07-19 13:08:48 -07:00
fsl
99680bfd76 hack/tools: bump google.golang.org/protobuf to v1.31.0 for v1.34.2 
Signed-off-by: fengshunli <1171313930@qq.com>
 2024-07-20 03:40:40 +08:00
Jefftree
a5791b344c Validate CABundle when writing CRD 2024-07-19 19:38:54 +00:00
Vadim Rutkovsky
77e84efe31
featuregate: clone queriedFeatures only when mutation is needed 
Avoid allocating memory when cloned set of queried features is not necessary
 2024-07-19 21:07:12 +02:00
Jordan Liggitt
5f22dd7c1a
Add integration test exercising webhook selector authz 2024-07-19 15:06:52 -04:00
Jordan Liggitt
9f8f36708a
Fixup lint warning 2024-07-19 15:06:52 -04:00
Jordan Liggitt
4d535db8be
Add selector authorization to the Node authorizer 2024-07-19 15:06:51 -04:00
Jordan Liggitt
a1398a8cca
Add structured labelSelector / fieldSelector to authorization webhook match conditions 2024-07-19 15:06:50 -04:00
Jordan Liggitt
83bd512861
Adjust CEL cost calculation and versioning for authorization library 2024-07-19 15:06:49 -04:00
David Eads
be2e32fa3e
Add CEL fieldSelector / labelSelector support to authorizer library 2024-07-19 15:06:49 -04:00
Jordan Liggitt
03d48b7683
Move CEL env initialization out of package init() 
This ensures compatibility version and feature gates can be initialized
before cached CEL environments are created.
 2024-07-19 15:06:48 -04:00
Jordan Liggitt
1d2ad282cf
Improve CEL cost tests to catch unhandled estimates or types 2024-07-19 15:06:47 -04:00
David Eads
92e3445e9d
add field and label selectors to authorization attributes 
Co-authored-by: Jordan Liggitt <liggitt@google.com>
 2024-07-19 15:06:47 -04:00
Kubernetes Prow Robot
b3e769b72e
Merge pull request #126228 from googs1025/fix_informer 
chore(Job):  make trivial improvements to job controller unit test
 2024-07-19 12:03:24 -07:00
Kubernetes Prow Robot
6f3f115378
Merge pull request #126222 from macsko/dont_lock_activeq_twice_in_activate_in_scheduling_queue 
Don't lock activeQ twice when activating pod in scheduling queue
 2024-07-19 12:03:10 -07:00
David Eads
f5e5bef2e0
generate 2024-07-19 14:35:37 -04:00
David Eads
90f0b88b6a
add subjectaccessreview field and label selectors 
Co-authored-by: Jordan Liggitt <liggitt@google.com>
 2024-07-19 14:34:49 -04:00
Kubernetes Prow Robot
acaec0c23a
Merge pull request #126124 from cici37/feature/validating-admission-policy/metrics-improvement 
Feature/validating admission policy/metrics improvement
 2024-07-19 10:34:58 -07:00
Kubernetes Prow Robot
ce961fdc84
Merge pull request #125165 from carlory/clean-volume-util 
remove unused functions in volume/util
 2024-07-19 10:34:45 -07:00
Antonio Ojea
0c10b4534c bump kube-network-policies to v0.5.0 2024-07-19 16:55:47 +00:00
googs1025
6626b9ce28 chore(Job): remove deprecated fake.NewSimpleClientset method 2024-07-19 23:46:29 +08:00
googs1025
75a4cfbd58 chore(Job): use ctx.Done() instead of stopCh 2024-07-19 23:43:36 +08:00
googs1025
af5b8bed70 chore(Job): use WaitForCacheSync method after sharedInformerFactory Start 2024-07-19 23:41:20 +08:00
bells17
e1aa8197ed
volumebinding: scheduler queueing hints - CSIStorageCapacity (#124961) 
* volumebinding: scheduler queueing hints - CSIStorageCapacity

* Fixed points mentioned in the review

* Fixed points mentioned in the review

* Update pkg/scheduler/framework/plugins/volumebinding/volume_binding.go

Co-authored-by: Kensei Nakada <handbomusic@gmail.com>

* Update pkg/scheduler/framework/plugins/volumebinding/volume_binding_test.go

Co-authored-by: Kensei Nakada <handbomusic@gmail.com>

* Fixed points mentioned in the review

* volume_binding.go を更新

Co-authored-by: Kensei Nakada <handbomusic@gmail.com>

---------

Co-authored-by: Kensei Nakada <handbomusic@gmail.com>
 2024-07-19 07:53:52 -07:00
Jonathan Dobson
4cec4e7422 mount-utils: treat syscall.ENODEV as corrupted mount 2024-07-19 08:14:30 -06:00
Kensei Nakada
7ef3cf5d07 feature: support queueing_hint_execution_duration_seconds metric 2024-07-19 23:13:07 +09:00
mprahl
a54ba917be Allow calling Stop multiple times on RetryWatcher 
This makes the Stop method idempotent so that if Stop is called multiple
times, it does not cause a panic due to closing a closed channel.

Signed-off-by: mprahl <mprahl@users.noreply.github.com>
 2024-07-19 08:54:41 -04:00
Gunju Kim
45a243e102
Add node serial e2e tests that simulate the kubelet restart 
This adds node e2e tests to make sure a completed init container is not
restarted due to the kubelet restart.
 2024-07-19 21:18:34 +09:00
Kubernetes Prow Robot
01eb9f4754
Merge pull request #125929 from sanposhiho/requeueing-metrics 
add: implement event_handling_duration_seconds metric
 2024-07-19 04:43:00 -07:00
Rodrigo Campos
6f81aa6aa9 pkg/kubelet/kuberuntime: Add userns tests for NamespacesForPod 
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2024-07-19 12:32:57 +02:00
cpanato
9d5a7ff859
Bump images, dependencies and versions to go 1.23rc2 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-07-19 11:33:28 +02:00
cpanato
5c269fecf8
Bump images, dependencies and versions to go 1.23rc1 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-07-19 11:33:24 +02:00
Maciej Skoczeń
7421ded6f9 Don't lock activeQ twice when activating pod in scheduling queue 2024-07-19 09:18:42 +00:00
Kubernetes Prow Robot
77e12aeca9
Merge pull request #126207 from thockin/ingress-backend-port-atomic 
Make ServiceBackendPort an atomic struct
 2024-07-18 19:24:26 -07:00
Kubernetes Prow Robot
7f2c167b9c
Merge pull request #126203 from danwinship/kube-proxy-bad-ips 
validate that kube-proxy handles "bad" IPs/CIDRs correctly
 2024-07-18 19:24:18 -07:00
Kubernetes Prow Robot
25935965c5
Merge pull request #125782 from aborrero/master 
procMount: fix default value documentation
 2024-07-18 19:24:11 -07:00
Kubernetes Prow Robot
27fa59a8af
Merge pull request #125656 from gyuho/recent-stats-check-error-for-error-level-logging 
feat(kubelet/stats): match cadvisor error to lower not found stats log level
 2024-07-18 19:24:01 -07:00
Kubernetes Prow Robot
f2428d66cc
Merge pull request #125163 from pohly/dra-kubelet-api-version-independent-no-rest-proxy 
DRA: make kubelet independent of the resource.k8s.io API version
 2024-07-18 17:47:48 -07:00
Kubernetes Prow Robot
5fc7032a0e
Merge pull request #126156 from pohly/kubelet-test-enhancements 
kubelet test enhancements
 2024-07-18 14:50:54 -07:00
Kubernetes Prow Robot
fa7fcde5a4
Merge pull request #125813 from aojea/node_csr_ips 
Node Request Certificates require to have IPs
 2024-07-18 14:50:48 -07:00
Patrick Ohly
a7396fdd3f kubelet: grant permission for DeleteCollection also with RBAC 
If the node authorizer is active, RBAC rules are not needed. But if it's
disabled, kubelet needs to get permission through RBAC. In contrast to the
authorizer code which is a bit more flexible and isn't directly tied to the
current kubelet implementation (i.e. it allows list+delete instead of just
deletecollection), the RBAC entry is just for what the current kubelet does
because it's a bit easier to change.
 2024-07-18 23:30:09 +02:00
Patrick Ohly
7701a48bd6 dra kubelet: bump gRPC API to v1alpha4 
The previous changes are an API break, therefore we need a new version.
 2024-07-18 23:30:09 +02:00