Commit Graph

124292 Commits

Author SHA1 Message Date
Jefftree
e3e56eb1e2 CLE storage and type registration changes 2024-07-24 14:38:11 +00:00
Jefftree
3999b98c88 Coordinated Leader Election Alpha API 2024-07-24 14:38:10 +00:00
Kubernetes Prow Robot
ab470aad01
Merge pull request #126220 from saschagrunert/image-volumesource-e2e
[KEP-4639] Add `ImageVolumeSource` node e2e tests
2024-07-24 06:40:50 -07:00
Sascha Grunert
bc452887fa
Add ImageVolumeSource e2e tests
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2024-07-24 13:57:39 +02:00
Kubernetes Prow Robot
ceb58a4dbc
Merge pull request #126323 from saschagrunert/image-volume-runtime-panic
Fix runtime panic in imagevolume `CanSupport` method
2024-07-24 04:57:06 -07:00
Kubernetes Prow Robot
a145f1508d
Merge pull request #125087 from carlory/volumeoptions
remove volumeoptions from VolumePlugin and BlockVolumePlugin
2024-07-24 02:24:20 -07:00
Sascha Grunert
a43cc08ffb
Fix runtime panic in imagevolume CanSupport method
The following tests are failing right now:

- ci-kubernetes-e2e-ec2-alpha-enabled-default
- ci-kubernetes-e2e-gci-gce-alpha-enabled-default

Because of:

```
goroutine 347 [running]:
k8s.io/apimachinery/pkg/util/runtime.logPanic({0x33092b0, 0x4d6ed00}, {0x296a7e0, 0x4c20c10})
        k8s.io/apimachinery/pkg/util/runtime/runtime.go:107 +0xbc
k8s.io/apimachinery/pkg/util/runtime.handleCrash({0x33092b0, 0x4d6ed00}, {0x296a7e0, 0x4c20c10}, {0x4d6ed00, 0x0, 0x1000000004400a5?})
        k8s.io/apimachinery/pkg/util/runtime/runtime.go:82 +0x5e
k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0xc000517be8?})
        k8s.io/apimachinery/pkg/util/runtime/runtime.go:59 +0x108
panic({0x296a7e0?, 0x4c20c10?})
        runtime/panic.go:770 +0x132
k8s.io/kubernetes/pkg/volume/image.(*imagePlugin).CanSupport(0xc00183d140?, 0xc0006a2600?)
        k8s.io/kubernetes/pkg/volume/image/image.go:52 +0x3
k8s.io/kubernetes/pkg/volume.(*VolumePluginMgr).FindPluginBySpec(0xc0008a1388, 0xc000f7ddb8)
        k8s.io/kubernetes/pkg/volume/plugins.go:637 +0x208
k8s.io/kubernetes/pkg/kubelet/volumemanager/cache.(*desiredStateOfWorld).AddPodToVolume(0xc000517bc0, {0xc000e94a50, 0x24}, 0xc00172b208, 0xc000f7ddb8, {0xc0017892a0, 0xe}, {0xc000a4d6ec, 0x3}, {0xc000978af0, ...})
        k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/desired_state_of_world.go:270 +0xf2
k8s.io/kubernetes/pkg/kubelet/volumemanager/populator.(*desiredStateOfWorldPopulator).processPodVolumes(0xc0003e6700, 0xc00172b208, 0xc00183ddd8)
        k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go:319 +0x685
k8s.io/kubernetes/pkg/kubelet/volumemanager/populator.(*desiredStateOfWorldPopulator).findAndAddNewPods(0xc0003e6700)
        k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go:204 +0x2dc
k8s.io/kubernetes/pkg/kubelet/volumemanager/populator.(*desiredStateOfWorldPopulator).populatorLoop(0xc0003e6700)
        k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go:173 +0x18
k8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1(0xc000905eb0?)
        k8s.io/apimachinery/pkg/util/wait/backoff.go:226 +0x33
k8s.io/apimachinery/pkg/util/wait.BackoffUntil(0xc00183df70, {0x32d7340, 0xc000a7be60}, 0x1, 0xc0000b2660)
        k8s.io/apimachinery/pkg/util/wait/backoff.go:227 +0xaf
k8s.io/apimachinery/pkg/util/wait.JitterUntil(0xc000f8bf70, 0x5f5e100, 0x0, 0x1, 0xc0000b2660)
        k8s.io/apimachinery/pkg/util/wait/backoff.go:204 +0x7f
k8s.io/apimachinery/pkg/util/wait.Until(...)
        k8s.io/apimachinery/pkg/util/wait/backoff.go:161
k8s.io/kubernetes/pkg/kubelet/volumemanager/populator.(*desiredStateOfWorldPopulator).Run(0xc0003e6700, {0x32e3228, 0xc000b3faa0}, 0xc0000b2660)
        k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go:158 +0x1a5
created by k8s.io/kubernetes/pkg/kubelet/volumemanager.(*volumeManager).Run in goroutine 335
        k8s.io/kubernetes/pkg/kubelet/volumemanager/volume_manager.go:286 +0x14f
```

Fixes https://github.com/kubernetes/kubernetes/issues/126317

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2024-07-24 09:54:03 +02:00
carlory
c4851c64a0 remove volumeoptions from VolumePlugin and BlockVolumePlugin 2024-07-24 14:07:02 +08:00
Kubernetes Prow Robot
57d197fb89
Merge pull request #124430 from AllenXu93/fix-kubelet-restart-notReady
fix node notReady in first sync period after kubelet restart
2024-07-23 21:20:40 -07:00
Kubernetes Prow Robot
c75e30d049
Merge pull request #126294 from aojea/nosnat
e2e test for No SNAT
2024-07-23 20:12:33 -07:00
Kubernetes Prow Robot
5af1710d90
Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
Implement resource health in pod status (KEP 4680)
2024-07-23 20:12:24 -07:00
Kubernetes Prow Robot
49ff255074
Merge pull request #126308 from cici37/hotFix
Update with stdlib errors
2024-07-23 18:02:07 -07:00
Kubernetes Prow Robot
59776b57e7
Merge pull request #126306 from siyuanfoundation/env-var
Add KUBE_EMULATED_VERSION env variable to set the emulated-version of scheduler and controller manager.
2024-07-23 18:02:00 -07:00
Kubernetes Prow Robot
d97cf3a1eb
Merge pull request #126303 from bart0sh/PR150-dra-refactor-checkpoint-upstream
DRA: refactor checkpointing
2024-07-23 18:01:53 -07:00
Kubernetes Prow Robot
39a80796b6
Merge pull request #122628 from sanposhiho/pod-smaller-events
add(scheduler/framework): implement smaller Pod update events
2024-07-23 18:01:46 -07:00
Kubernetes Prow Robot
638128e74f
Merge pull request #119019 from gjkim42/add-e2e-node-test-restarting-the-kubelet
Add node serial e2e tests that simulate the kubelet restart
2024-07-23 18:01:36 -07:00
Sergey Kanzhelev
62f96d2748 set AllocatedResourcesStatus in the Pod Status 2024-07-24 00:29:35 +00:00
Sergey Kanzhelev
3790ee2fe8 reset fields when the feature gate was not set 2024-07-24 00:29:35 +00:00
Sergey Kanzhelev
2253b53b58 generated files 2024-07-24 00:29:35 +00:00
Sergey Kanzhelev
16e8911fdc add AllocatedResourcesStatus field to ContainerStatus 2024-07-24 00:29:34 +00:00
Kubernetes Prow Robot
1353c08110
Merge pull request #126298 from vinayakankugoyal/apparmortest
Update AppArmor e2e tests to use both containers[*].securityContext.appArmorProfile field and annotations.
2024-07-23 15:45:29 -07:00
Cici Huang
a48a92c72e
Allowing direct CEL reserved keyword usage in CRD (#126188)
* automatically escape reserved keywords for direct usage

* Add reserved keyword support in a ratcheting way, add tests.

---------

Co-authored-by: Wenxue Zhao <ballista01@outlook.com>
2024-07-23 15:45:20 -07:00
Kubernetes Prow Robot
fa4b8f32ac
Merge pull request #125935 from gjkim42/fix-125880
Terminate restartable init containers ignoring not-started containers
2024-07-23 15:45:11 -07:00
Kubernetes Prow Robot
2a372a99bc
Merge pull request #126290 from tenzen-y/use-type-parameters-instead-of-casting
Job: Use type parameters instead of type casting for the ptr libraries
2024-07-23 14:40:28 -07:00
Kubernetes Prow Robot
f93fe412c7
Merge pull request #126281 from saschagrunert/oci-volume-docs
[KEP-4639] Mention that `fsGroupChangePolicy` has no effect
2024-07-23 14:40:14 -07:00
Kubernetes Prow Robot
320f1ab30d
Merge pull request #126182 from sohankunkerkar/fix-procmount
test/e2e/windows: drop securityContext test for ProcMount
2024-07-23 14:39:51 -07:00
Ed Bartosh
c0d922e786 DRA: Kubelet code cleanup 2024-07-24 00:27:52 +03:00
cici37
ac2c450da7 Update with stdlib errors 2024-07-23 21:16:53 +00:00
Ed Bartosh
59555c6a62 DRA: move dra/checkpont/* to dra/state/* 2024-07-24 00:12:10 +03:00
Ed Bartosh
35fbbc5cfd DRA: use crc32.ChecksumIEEE to calculate checkpoint checksum 2024-07-24 00:10:39 +03:00
Ed Bartosh
59daed75d6 DRA: refactor checkpointing
Co-authored-by: Kevin Klues <klueska@gmail.com>
2024-07-24 00:10:30 +03:00
Siyuan Zhang
e79d20dcfc Add KUBE_EMULATED_VERSION env variable to set the emulated-version of scheduler and controller manager.
Signed-off-by: Siyuan Zhang <sizhang@google.com>
2024-07-23 13:51:36 -07:00
Kubernetes Prow Robot
c2fdeca4ab
Merge pull request #126145 from carlory/kep-3751-api
[KEP-3751] Promote VolumeAttributesClass to beta
2024-07-23 13:31:05 -07:00
Kubernetes Prow Robot
107f621462
Merge pull request #126108 from gnufied/changes-volume-recovery
Reduce state changes when expansion fails and mark certain failures as infeasible
2024-07-23 13:30:56 -07:00
Kubernetes Prow Robot
ad805387e2
Merge pull request #126291 from haircommander/proc-mount-disable
disable ProcMountType by default
2024-07-23 12:21:38 -07:00
Drew Sirenko
16c2ad5b84
Add labels to PVCollector bound/unbound PVC metrics for VolumeAttributesClass Feature (#126166)
* Add labels to PVCollector bound/unbound PVC metrics

* fixup! Add labels to PVCollector bound/unbound PVC metrics

* wip: Fix 'Unknown
    Decorator'

* fixup! Add labels to PVCollector bound/unbound PVC metrics
2024-07-23 12:21:29 -07:00
Kubernetes Prow Robot
c01bc31fa2
Merge pull request #126163 from haircommander/procMount-baseline
PSA: allow procMount type Unmasked in baseline
2024-07-23 12:21:20 -07:00
Kubernetes Prow Robot
13d9d7c689
Merge pull request #124819 from carlory/add-warning-MountOptionAnnotation
mark volume.beta.kubernetes.io/mount-options as deprecated
2024-07-23 12:21:11 -07:00
Kubernetes Prow Robot
e83fca8dd9
Merge pull request #124530 from sttts/sttts-controlplane-plumbing-split
Step 12 - Add generic controlplane example
2024-07-23 12:21:02 -07:00
Kubernetes Prow Robot
04d2f33641
Merge pull request #124061 from Jefftree/conversion-webhook-invalidca
Validate CABundle when writing CRD
2024-07-23 12:20:53 -07:00
Kubernetes Prow Robot
05bb5f71f8
Merge pull request #120611 from pohly/dra-resource-quotas
DRA: resource quotas
2024-07-23 12:20:44 -07:00
Yuki Iwai
25c2731399 Job: Use type parameters instead of type casting for the ptr libraries
Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
2024-07-24 03:38:18 +09:00
Kubernetes Prow Robot
6834a1ef3d
Merge pull request #126293 from aroradaman/kube-proxy-refactor-internal-config
Kube proxy refactor internal config
2024-07-23 11:02:46 -07:00
Kubernetes Prow Robot
9c2302dd3e
Merge pull request #126201 from aroradaman/revert-debug-steps
Revert debug steps and logs for #123760
2024-07-23 11:02:38 -07:00
Kubernetes Prow Robot
67c7e77044
Merge pull request #126047 from cpanato/upgrade-go-123
[go] Bump images, dependencies and versions to go 1.23rc2
2024-07-23 11:02:29 -07:00
Kubernetes Prow Robot
425909647b
Merge pull request #126013 from npinaeva/nft-incremental
[kube-proxy: nftables] Implement partial sync.
2024-07-23 11:02:21 -07:00
Kubernetes Prow Robot
a00181d4d4
Merge pull request #121902 from carlory/kep-3751-pv-controller
[kep-3751] pvc bind pv with vac
2024-07-23 11:02:13 -07:00
Sohan Kunkerkar
c5b01a30d3 test/e2e/windows: drop securityContext test for ProcMount
Fixes https://github.com/kubernetes/kubernetes/issues/126180

As the ProcMountType feature is disabled by default in beta and relies
on the UserNamespacesSupport feature, which is also set to false in beta,
running this test is unnecessary.

Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
2024-07-23 13:45:29 -04:00
Vinayak Goyal
b580eb1864 Update AppArmor e2e tests to use Pod field instead of annotations.
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
2024-07-23 17:03:17 +00:00
Patrick Ohly
299ecde5cc DRA quota: add ResourceClaim v1.ResourceQuota limits
Dynamic resource allocation is similar to storage in the sense that users
create ResourceClaim objects to request resources, same as with persistent
volume claims. The actual resource usage is only known when allocating claims,
but some limits can already be enforced at admission time:

- "count/resourceclaims.resource.k8s.io" limits the number of ResourceClaim objects in
  a namespace; this is a generic feature that is already supported also without
  this commit.

- "resourceclaims" is *not* an alias - use "count/resourceclaims.resource.k8s.io"
  instead.

- <device-class-name>.deviceclass.resource.k8s.io/devices limits the number of
  ResourceClaim objects in a namespace such that the number of devices
  requested through those objects with that class does not exceed the limit.

A single request may cause the allocation of multiple devices. For exact
counts, the quota limit is based on the sum of those exact counts. For requests
asking for "all" matching devices, the maximum number of allocated devices per
claim is used as a worst-case upper bound.

Requests asking for "admin access" contribute to the quota.

DRA quota: remove admin mode exception
2024-07-23 18:52:34 +02:00