github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 22:46:12 +00:00
Code Issues Projects Releases Wiki Activity
119,747 Commits 42 Branches 7,905 Tags 1.3 GiB
e83baddbb1
Commit Graph

119747 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Humble Chirammal
3890546265 Update APIs and adjust tests 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 09:28:36 +05:30
Humble Chirammal
77f4178c98 Promote CSINodeExpandSecret to GA 
This feature is in Beta since 1.27 and this has been promoted
to GA in this release.

KEP: https://github.com/kubernetes/enhancements/pull/4239

Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 11:32:05 +08:00
Kubernetes Prow Robot
a8b7e1953f
Merge pull request #121456 from kiashok/addRuntimeClassInCriFeatureGate 
KEP 4216: Add changes for alpha version under RuntimeClassInImageCriApi feature gate
 2023-11-01 03:52:38 +01:00
Kubernetes Prow Robot
6abff7457e
Merge pull request #116516 from aojea/servicecidr 
KEP-1880 Multiple ServiceCIDR ( and IPAddress allocation)
 2023-11-01 03:52:24 +01:00
Kubernetes Prow Robot
bfd67c4454
Merge pull request #121648 from neolit123/1.29-super-admin-conf 
kubeadm: do not poll in TestEnsureAdminClusterRoleBindingImpl
 2023-11-01 01:51:26 +01:00
Kubernetes Prow Robot
593a17d3b6
Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0
 2023-11-01 01:51:17 +01:00
Kubernetes Prow Robot
9b10019b91
Merge pull request #121477 from wzshiming/kep-2681 
Promote KEP-2681 to beta in 1.29
 2023-11-01 01:51:08 +01:00
Kubernetes Prow Robot
257b8c3666
Merge pull request #121046 from danwinship/nftables 
kube-proxy nftables backend
 2023-11-01 01:50:59 +01:00
Kubernetes Prow Robot
960431407c
Merge pull request #120715 from gjkim42/do-not-reuse-memory-of-restartable-init-containers 
Don't reuse memory of a restartable init container
 2023-11-01 01:50:45 +01:00
Kubernetes Prow Robot
e0d6b7eaaa
Merge pull request #121650 from soltysh/fix_ginkgo_setup 
Move invocation to not to cause ginkgo panic
 2023-11-01 00:33:32 +01:00
Kubernetes Prow Robot
fafccc0c9a
Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig
 2023-11-01 00:33:21 +01:00
kiashok
252e1d2dfe Imagepull per runtime class alpha release changes 
This commit does the following:
1. Add RuntimeClassInImageCriApi feature gate
2. Extend pkg/kubelet/container Image struct
3. Adds runtimeHandler string in the following CRI calls
   i.   ImageStatus
   ii.  PullImageRequest
   iii.  RemoveImage

Signed-off-by: kiashok <kiashok@microsoft.com>
 2023-10-31 15:52:46 -07:00
Kubernetes Prow Robot
715cd17c0d
Merge pull request #121645 from p0lyn0mial/upstream-fix-race-in-test-forget-watcher 
bring back: cacher: when forgeting a watcher, call stopWatcherLocked multiple times
 2023-10-31 22:57:08 +01:00
Kubernetes Prow Robot
3eba6fc9ad
Merge pull request #121628 from andrewsykim/cloud-pvl-admission 
cluster/gce: add webhook to replace PersistentVolumeLabel admission controller
 2023-10-31 22:56:59 +01:00
Kubernetes Prow Robot
84aca4ac74
Merge pull request #121579 from gjkim42/test-enable-sidecarcontainers 
Promote SidecarContainers feature to beta
 2023-10-31 22:56:50 +01:00
Dan Winship
0993bb78ef Redo service dispatch with maps 2023-10-31 17:54:53 -04:00
Dan Winship
9d71513ac1 Redo no-endpoint handling with maps 2023-10-31 17:54:53 -04:00
Dan Winship
4128631d0f Redo LoadBalancerSourceRanges firewall using sets 2023-10-31 17:54:53 -04:00
Dan Winship
edaa1d735b Redo --nodeport-addresses handling with a set 2023-10-31 17:54:53 -04:00
Dan Winship
ef1347b06d Port NAT rules to nftables (and backend is now functional) 2023-10-31 17:54:51 -04:00
Dan Winship
0c5c620b4f Port filter rules to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
6cff415305 Port service/endpoint chain creation/cleanup to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
2735ad541e Port table setup/cleanup code to nftables 2023-10-31 17:40:30 -04:00
Dan Winship
bcced184c5 Replace "iptables-restore" sync in nftables/proxier.go with (trivial) "nft -f -" sync 2023-10-31 17:38:32 -04:00
Dan Winship
93860a5217 Distinguish iptables-based and nftables-based backends, do startup cleanup 
When switching from iptables or ipvs to nftables, clean up old
iptables/ipvs rules. When switching the other way, clean up old
nftables rules.
 2023-10-31 17:38:32 -04:00
Dan Winship
abb1a458a9 Create an nftables.Interface in nftables proxier 
And update most of the comments to refer to "nftables" rather than
"iptables" (even though it doesn't actually do any nftables updating
at this point).

For now the proxy also internally creates a
utiliptablestesting.FakeIPTables to keep the existing sync code
compiling.
 2023-10-31 17:38:29 -04:00
Dan Winship
1a530457f9 Drop unit tests of iptables-specific unit test helpers 
(We'll eventually have nftables versions.)
 2023-10-31 17:33:53 -04:00
Dan Winship
958e80ca3b Clarify nftables/proxier.go by distinguishing nat/filter table KUBE-SERVICES chains 
(It is confusing, but allowed, to have distinct "KUBE-SERVICES" chains
in "nat" and "filter" in iptables, but in nftables the "type nat" and
"type filter" chains end up in the same table, so we'll need different
names for the two.)
 2023-10-31 17:33:53 -04:00
Dan Winship
3abdda9800 Simplify nftables/proxier.go by using string rather than utiliptables.Chain 
Change the svcPortInfo and endpointInfo fields to string rather than
utiliptables.Chain, and various fixups from there.

Also use a proper set for activeNATChains, and fix the capitalization
of endpointInfo.chainName.
 2023-10-31 17:33:53 -04:00
Dan Winship
96e53f64f4 Simplify nftables/proxier.go by removing the "args" reuse 
since that will be done differently in nftables
 2023-10-31 17:33:53 -04:00
Dan Winship
6535ac1e61 Simplify nftables/proxier.go by removing Monitor stuff 
since it shouldn't be necessary
 2023-10-31 17:33:53 -04:00
Dan Winship
ecb7752f0b Simplify nftables/proxier.go by removing HaveRandomFully checks 2023-10-31 17:33:53 -04:00
Dan Winship
5f09106063 Simplify nftables/proxier.go by dropping "-j ACCEPT" rules 2023-10-31 17:33:53 -04:00
Dan Winship
1a6b9b811e Simplify nftables/proxier.go by removing localhost nodeport support 
and related route_localnet setting / anti-martian-packet rule
 2023-10-31 17:33:53 -04:00
Dan Winship
e7c35d27f7 Simplify nftables/proxier.go by removing partial syncing 
Since optimization will be done differently in nftables.
 2023-10-31 17:33:53 -04:00
Dan Winship
39a5af1d0a Simplify nftables/proxier.go by removing large-cluster mode 
since things will be optimized differently in nftables
 2023-10-31 17:33:53 -04:00
Abu Kashem
cac26737cd
apiserver: add conformance tests for flowcontrol API 2023-10-31 17:33:05 -04:00
Dan Winship
a70653143e Add a dummy nftables kube-proxy backend which is just a copy of iptables 2023-10-31 17:31:42 -04:00
Antonio Ojea
ce5a22d54c hack/update-codegen 
Change-Id: I929e8fe0313ec2e0aef2b26a5138cd88bdfe8914
 2023-10-31 21:07:44 +00:00
Antonio Ojea
3b69bd6a9b servicecidrs controller clarify condition false reevaluation 
Change-Id: I0eb8d39abe9b7b0ce6472ff426e9a62e7155aae1
 2023-10-31 21:05:58 +00:00
Antonio Ojea
fee07ad608 make update with the new API with arrays 2023-10-31 21:05:58 +00:00
Antonio Ojea
9917c727a1 test e2e: use new ServiceCIDR API 
Change-Id: I82075c4252d8734886f80dd68327fe73e2ed4ba5
 2023-10-31 21:05:57 +00:00
Antonio Ojea
5d90d07f2d test integration: use new ServiceCIDR API 
Change-Id: I7aaa978842fbe8d75383f8a3159ca4fce01ffdcb
 2023-10-31 21:05:57 +00:00
Antonio Ojea
271900a0f0 integration etcd data: use new ServiceCIDR API 
Change-Id: I68a91815b3220a41e97667d8f8f4a3bdf5a91e8a
 2023-10-31 21:05:57 +00:00
Antonio Ojea
3edcce52e3 service cidr controller manager: use new ServiceCIDR API 2023-10-31 21:05:50 +00:00
Antonio Ojea
016c3c9e36 repairip controller: use new ServiceCIDR API 2023-10-31 21:05:06 +00:00
Antonio Ojea
881cf4d54f ipallocator/cidrallocator: use new ServiceCIDR API 
Change-Id: I5b300373e21cc65f6ef171790ef81ee391f1c752

cidrallocator

Change-Id: I13050a9d60360e555b75a13beaa9a923268ec4e8
 2023-10-31 21:05:06 +00:00
Antonio Ojea
7e87806fab default_servicecidr_controller: use new ServiceCIDR API 
Change-Id: I2c53815136e0d985959420911339aacd62e01e78
 2023-10-31 21:05:06 +00:00
Antonio Ojea
513fdb5422 describer: use new ServiceCIDR API 
Change-Id: Iff11c70f20bab3e55e4e569fb110ef25dd6dd97e
 2023-10-31 21:05:06 +00:00
Antonio Ojea
5123a93b34 printers: use new ServiceCIDR API 
Change-Id: Iaedeb99fcdb6e27e9987bccb1ccc32fab7da71f6
 2023-10-31 21:05:06 +00:00