github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 19:01:49 +00:00
Code Issues Projects Releases Wiki Activity
109,827 Commits 42 Branches 7,905 Tags 1.3 GiB
d4795e4bec
Commit Graph

109827 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
d4795e4bec
Merge pull request #111620 from Jiawei0227/storageos 
cleanup: Remove storageos volume plugins from k8s codebase
 2022-08-03 18:05:36 -07:00
Kubernetes Prow Robot
0a2ae7ab3a
Merge pull request #111126 from aramase/kms-v2alpha1-impl 
Implement KMS v2alpha1
 2022-08-03 16:41:43 -07:00
Kubernetes Prow Robot
aee13fc3de
Merge pull request #109706 from alexanderConstantinescu/etp-local-svc 
Avoid re-syncing LBs for ETP=local services
 2022-08-03 16:41:36 -07:00
Kubernetes Prow Robot
a0e702763e
Merge pull request #110495 from alexzielenski/atomic-objectreference 
make ObjectReference field ownership granular
 2022-08-03 14:21:48 -07:00
Jiawei Wang
d52cdeae79 cleanup: Remove storageos volume plugins from k8s codebase 2022-08-03 20:19:59 +00:00
Kubernetes Prow Robot
442574f3a7
Merge pull request #111513 from jingxu97/july/localstorage 
Promote Local storage capacity isolation feature to GA
 2022-08-03 13:05:59 -07:00
Kubernetes Prow Robot
4b6134b6dc
Merge pull request #111090 from kinvolk/rata/userns-support-2022 
Add support for user namespaces phase 1 (KEP 127)
 2022-08-03 13:05:47 -07:00
Anish Ramasekar
f19f3f4099
Implement KMS v2alpha1 
- add feature gate
- add encrypted object and run generated_files
- generate protobuf for encrypted object and add unit tests
- move parse endpoint to util and refactor
- refactor interface and remove unused interceptor
- add protobuf generate to update-generated-kms.sh
- add integration tests
- add defaulting for apiVersion in kmsConfiguration
- handle v1/v2 and default in encryption config parsing
- move metrics to own pkg and reuse for v2
- use Marshal and Unmarshal instead of serializer
- add context for all service methods
- check version and keyid for healthz

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2022-08-03 19:04:47 +00:00
Kubernetes Prow Robot
d6a3a68afc
Merge pull request #111647 from bobbypage/bump_cadvisor_0_45_0 
vendor: Bump cAdvisor to v0.45.0
 2022-08-03 11:11:53 -07:00
Alexander Zielenski
bd648f3f9e
add regression test of formerly atomic claimRef 2022-08-03 10:57:13 -07:00
Rodrigo Campos
8dc98c9b8e Update autogenerated files 
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
b1eaf6a2d9 tests: add e2e tests for userns 
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
138e80819e kubelet: set user namespace options 
Set the user namespace options to use for the pod.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
67b38ffe6e kubelet: propagate errors from namespacesForPod 
it is a preparatory change for the next commit.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
695b30e91c volume: use GetHostIDsForPod() 
This commit only changes the UID/GID if user namespaces is enabled. When
it is enabled, it changes it so the hostUID and hostGID that are mapped
to the currently used UID/GID. This is needed so volumes are created
with the hostUID/hostGID and the user inside the container can read
them.

If user namespaces are disabled for this pod, this is a no-op: there is
no user namespace mapping, so the hostUID/hostGID are the same as inside
the container.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
d07c2688fe kubelet: add GetHostIDsForPod() 
In future commits we will need this to set the user/group of supported
volumes of KEP 127 - Phase 1.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
9b2fc639a0 kubelet: add GetUserNamespaceMappings to RuntimeHelper 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 19:53:22 +02:00
Giuseppe Scrivano
63462285d5 kubelet: add userns manager 
it is used to allocate and keep track of the unique users ranges
assigned to each pod that runs in a user namespace.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Rodrigo Campos
cf8164bccf apis: add validation for HostUsers 
This commit just adds a validation according to KEP-127. We check that
only the supported volumes for phase 1 of the KEP are accepted.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-03 19:53:22 +02:00
Alexander Zielenski
84f795d04a
mark persistentvolume's claimRef as granular 2022-08-03 10:01:14 -07:00
David Porter
d9fda8ab3b vendor: Bump cAdvisor to v0.45.0 
Signed-off-by: David Porter <david@porter.me>
 2022-08-03 09:47:06 -07:00
Alexander Zielenski
133c265530
update kube-openapi 2022-08-03 09:46:39 -07:00
Kubernetes Prow Robot
1a916f278b
Merge pull request #111668 from endocrimes/revert-111627-trim_report 
Revert "e2e: Trim junit reporter to adapt with testgrid"
 2022-08-03 07:49:53 -07:00
Danielle
5b312246c8
Revert "e2e: Trim junit reporter to adapt with testgrid" 2022-08-03 15:45:09 +02:00
Kubernetes Prow Robot
49bcbe648d
Merge pull request #111613 from dims/avoid-hardcoding-os-and-arch-installing-etcd 
Avoid hard coding Operating System and Architecture in hack/lib/etcd.sh
 2022-08-03 06:17:53 -07:00
Kubernetes Prow Robot
cf777ab782
Merge pull request #111627 from chendave/trim_report 
e2e: Trim junit reporter to adapt with testgrid
 2022-08-03 04:51:52 -07:00
Giuseppe Scrivano
482e76dc2c features: add UserNamespacesSupport feature 
define a feature gate for the user namespaces support.  The feature is
not enabled by default.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-03 13:18:11 +02:00
jinxu
0064010cdd Promote Local storage capacity isolation feature to GA 
This change is to promote local storage capacity isolation feature to GA

At the same time, to allow rootless system disable this feature due to
unable to get root fs, this change introduced a new kubelet config
"localStorageCapacityIsolation". By default it is set to true. For
rootless systems, they can set this configuration to false to disable
the feature. Once it is set, user cannot set ephemeral-storage
request/limit because capacity and allocatable will not be set.

Change-Id: I48a52e737c6a09e9131454db6ad31247b56c000a
 2022-08-02 23:45:48 -07:00
Kubernetes Prow Robot
aea9f9887d
Merge pull request #111645 from vinaykul/restart-free-pod-vertical-scaling-cri 
CRI changes to support in-place pod resize
 2022-08-02 21:27:51 -07:00
Natasha Sarkar
83c3c37a87
Update kubectl kustomize to kyaml/v0.13.9, cmd/config/v0.10.9, api/v0.12.1, kustomize/v4.5.7 (#111606) 2022-08-02 20:13:51 -07:00
Kubernetes Prow Robot
cb41d5002c
Merge pull request #111061 from pacoxu/key-encipherment-optional 
modify the signing/approving controller to tolerate either set of usages for kubelet client and serving certificates
 2022-08-02 18:55:51 -07:00
Kubernetes Prow Robot
182e0989ec
Merge pull request #111646 from alculquicondor/fix_failed_suceeded 
Fix JobTrackingWithFinalizers when a pod succeeds after the job fails
 2022-08-02 17:45:52 -07:00
Aldo Culquicondor
ca8cebe5ba Fix JobTrackingWithFinalizers when a pod succeeds after the job fails 
Change-Id: I3be351fb3b53216948a37b1d58224f8fbbf22b47
 2022-08-02 19:33:06 -04:00
Kubernetes Prow Robot
6fbeacdf73
Merge pull request #111435 from soltysh/cronjob_timezone_beta 
Promote CronJobTimeZone to beta
 2022-08-02 16:23:51 -07:00
Vinay Kulkarni
09fb5da465 CRI changes to support implementation of in-place pod resize (generated files) 2022-08-02 15:44:52 -07:00
Vinay Kulkarni
007d93ad08 Handle UpdateContainerResources for Windows in v1alpha2 2022-08-02 15:31:00 -07:00
Vinay Kulkarni
0ef263c3b0 CRI changes to support implementation of in-place pod resize. 
KEP: /enhancements/keps/sig-node/1287-in-place-update-pod-resources
 2022-08-02 15:08:25 -07:00
Kubernetes Prow Robot
90f9a52db6
Merge pull request #111467 from RomanBednar/retro-sc-assignment 
Allow retroactive storage class assigment to PVCs
 2022-08-02 15:05:57 -07:00
Kubernetes Prow Robot
236fd8efba
Merge pull request #111448 from cici37/testForCelBeta 
Move e2e test from alpha with feature promoted to beta
 2022-08-02 15:05:45 -07:00
Giuseppe Scrivano
9e9b23fd3c
pkg/apis, staging: add HostUsers to pod spec 
It is used to request that a pod runs in a unique user namespace.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-08-02 23:47:58 +02:00
Giuseppe Scrivano
eee5fa8b8d
volume: use the effective uid 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-08-02 23:47:58 +02:00
Paco Xu
e6176c28b7 modify the signing/approving controller to tolerate either set of usages for kubelet client and serving certificates 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-08-03 05:12:04 +08:00
Kubernetes Prow Robot
8f3b2813dc
Merge pull request #111642 from harche/evented_pleg_cri_changes 
Update CRI API to support Evented PLEG
 2022-08-02 13:59:16 -07:00
Kubernetes Prow Robot
1de16be28f
Merge pull request #111462 from jprzychodzen/controllers 
Enable 'running_managed_controllers' for KCM/CCM controllers: routes, services and cloud-node
 2022-08-02 13:59:09 -07:00
Kubernetes Prow Robot
369a465fae
Merge pull request #111301 from mattcary/migration-feature 
Upgrade CSIMigrationGCE feature gate to GA
 2022-08-02 13:58:57 -07:00
Kubernetes Prow Robot
9fb1f67af7
Merge pull request #111278 from arpitsardhana/master 
KEP-3327: Add CPUManager policy option to align CPUs by Socket instead of by NUMA node
 2022-08-02 13:58:45 -07:00
Kubernetes Prow Robot
448e48b8a6
Merge pull request #111633 from pohly/ginkgo-no-color 
ginkgo: disable color escape sequences by default when not connected to a terminal
 2022-08-02 12:48:25 -07:00
Kubernetes Prow Robot
22eab136f6
Merge pull request #111557 from alexzielenski/update-smd-422 
update smd to 4.2.3
 2022-08-02 12:48:17 -07:00
Kubernetes Prow Robot
96439a0c3c
Merge pull request #111547 from kerthcet/feat/mark-cc-v1beta2-deprecated 
Deprecate kubescheduler ComponentConfig v1beta2
 2022-08-02 12:48:06 -07:00
Kubernetes Prow Robot
d4c7542878
Merge pull request #111522 from ii/promote-namespace-status-test 
Promote NamespaceStatus endpoints test +3 Endpoints
 2022-08-02 12:47:54 -07:00