github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-07 11:13:48 +00:00
Code Issues Projects Releases Wiki Activity
119,628 Commits 42 Branches 7,905 Tags 1.3 GiB
edaa1d735b
Commit Graph

119628 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dan Winship
edaa1d735b Redo --nodeport-addresses handling with a set 2023-10-31 17:54:53 -04:00
Dan Winship
ef1347b06d Port NAT rules to nftables (and backend is now functional) 2023-10-31 17:54:51 -04:00
Dan Winship
0c5c620b4f Port filter rules to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
6cff415305 Port service/endpoint chain creation/cleanup to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
2735ad541e Port table setup/cleanup code to nftables 2023-10-31 17:40:30 -04:00
Dan Winship
bcced184c5 Replace "iptables-restore" sync in nftables/proxier.go with (trivial) "nft -f -" sync 2023-10-31 17:38:32 -04:00
Dan Winship
93860a5217 Distinguish iptables-based and nftables-based backends, do startup cleanup 
When switching from iptables or ipvs to nftables, clean up old
iptables/ipvs rules. When switching the other way, clean up old
nftables rules.
 2023-10-31 17:38:32 -04:00
Dan Winship
abb1a458a9 Create an nftables.Interface in nftables proxier 
And update most of the comments to refer to "nftables" rather than
"iptables" (even though it doesn't actually do any nftables updating
at this point).

For now the proxy also internally creates a
utiliptablestesting.FakeIPTables to keep the existing sync code
compiling.
 2023-10-31 17:38:29 -04:00
Dan Winship
1a530457f9 Drop unit tests of iptables-specific unit test helpers 
(We'll eventually have nftables versions.)
 2023-10-31 17:33:53 -04:00
Dan Winship
958e80ca3b Clarify nftables/proxier.go by distinguishing nat/filter table KUBE-SERVICES chains 
(It is confusing, but allowed, to have distinct "KUBE-SERVICES" chains
in "nat" and "filter" in iptables, but in nftables the "type nat" and
"type filter" chains end up in the same table, so we'll need different
names for the two.)
 2023-10-31 17:33:53 -04:00
Dan Winship
3abdda9800 Simplify nftables/proxier.go by using string rather than utiliptables.Chain 
Change the svcPortInfo and endpointInfo fields to string rather than
utiliptables.Chain, and various fixups from there.

Also use a proper set for activeNATChains, and fix the capitalization
of endpointInfo.chainName.
 2023-10-31 17:33:53 -04:00
Dan Winship
96e53f64f4 Simplify nftables/proxier.go by removing the "args" reuse 
since that will be done differently in nftables
 2023-10-31 17:33:53 -04:00
Dan Winship
6535ac1e61 Simplify nftables/proxier.go by removing Monitor stuff 
since it shouldn't be necessary
 2023-10-31 17:33:53 -04:00
Dan Winship
ecb7752f0b Simplify nftables/proxier.go by removing HaveRandomFully checks 2023-10-31 17:33:53 -04:00
Dan Winship
5f09106063 Simplify nftables/proxier.go by dropping "-j ACCEPT" rules 2023-10-31 17:33:53 -04:00
Dan Winship
1a6b9b811e Simplify nftables/proxier.go by removing localhost nodeport support 
and related route_localnet setting / anti-martian-packet rule
 2023-10-31 17:33:53 -04:00
Dan Winship
e7c35d27f7 Simplify nftables/proxier.go by removing partial syncing 
Since optimization will be done differently in nftables.
 2023-10-31 17:33:53 -04:00
Dan Winship
39a5af1d0a Simplify nftables/proxier.go by removing large-cluster mode 
since things will be optimized differently in nftables
 2023-10-31 17:33:53 -04:00
Dan Winship
a70653143e Add a dummy nftables kube-proxy backend which is just a copy of iptables 2023-10-31 17:31:42 -04:00
Kubernetes Prow Robot
3631efd85c
Merge pull request #121651 from jiahuif-forks/fix/cel/type-resolver-safe-guard 
CEL type resolvers: avoid infinite recursion for type resolvers.
 2023-10-31 21:50:37 +01:00
Kubernetes Prow Robot
113f133b2a
Merge pull request #121637 from dims/update-to-new-cadvisor-v0.48.1 
Update to new cadvisor v0.48.1
 2023-10-31 21:50:23 +01:00
Kubernetes Prow Robot
00b56955fd
Merge pull request #121210 from msau42/owners 
Add sig OWNERS to registry packages
 2023-10-31 20:23:59 +01:00
Kubernetes Prow Robot
dba565193c
Merge pull request #121104 from carlory/kep-3751-api-changes 
[KEP-3571] introduce the VolumeAttributesClass API
 2023-10-31 20:23:50 +01:00
Kubernetes Prow Robot
0c93f40374
Merge pull request #120995 from aroradaman/move-get-kernel-version 
move GetKernelVersion out of pkg/proxy/ipvs
 2023-10-31 20:23:41 +01:00
Kubernetes Prow Robot
07d2da75bd
Merge pull request #120707 from Jefftree/csa-openapiv3 
Use OpenAPI V3 for client side SMP
 2023-10-31 20:23:27 +01:00
Davanum Srinivas
bd233a2aa5
typo/api change in cadvisor / updated unwanted-dependencies.json 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-10-31 14:30:57 -04:00
Davanum Srinivas
8b9fc325e2
Update to new cadvisor v0.48.1 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-10-31 14:30:54 -04:00
Kubernetes Prow Robot
0294521985
Merge pull request #121649 from enj/enj/c/ec_controller_ctx 
encryptionconfig/controller: run unit tests faster
 2023-10-31 19:16:56 +01:00
Kubernetes Prow Robot
3570075e4f
Merge pull request #121647 from aojea/fixrace 
Revert "cacher: when forgeting a watcher, call stopWatcherLocked mult…
 2023-10-31 19:16:47 +01:00
Kubernetes Prow Robot
be636a436b
Merge pull request #121646 from kubernetes/revert-121614-decode-respect-timeout-context 
Revert "Make the decode function respect the timeout context"
 2023-10-31 19:16:38 +01:00
Kubernetes Prow Robot
d1113c9a00
Merge pull request #121577 from cici37/celFixPick 
Bump cel-go to v0.17.7 and introduce set ext library with new options
 2023-10-31 19:16:29 +01:00
Kubernetes Prow Robot
d475c249da
Merge pull request #120954 from HirazawaUi/deprecate-kubeProxyVersione-field 
deprecate the kubeProxyVersion field of v1.Node
 2023-10-31 19:16:20 +01:00
Kubernetes Prow Robot
ac6f707155
Merge pull request #120620 from tzneal/sidecar-termination-ordering 
sidecars: terminate sidecars after main containers
 2023-10-31 19:16:11 +01:00
Kubernetes Prow Robot
418e9d08a4
Merge pull request #120592 from AxeZhan/validation_sets 
Use generic set in package "/pkg/apis/core/validation"
 2023-10-31 19:16:02 +01:00
Kubernetes Prow Robot
a5ff0324a9
Merge pull request #120461 from gjkim42/do-not-reuse-device-of-restartable-init-container 
Don't reuse the device of a restartable init container
 2023-10-31 19:15:53 +01:00
Kubernetes Prow Robot
5d03ce7ae4
Merge pull request #120354 from aroradaman/proxy-conntrack-api 
Add support for `nf_conntrack_tcp_be_liberal` sysctl to kube-proxy
 2023-10-31 19:15:44 +01:00
Kubernetes Prow Robot
2c300ef6b0
Merge pull request #120269 from gjkim42/fix-restart-containers-in-right-order-after-podsandbox-changed 
Restart containers in right order with SidecarContainers enabled
 2023-10-31 19:15:35 +01:00
Kubernetes Prow Robot
bfeb3c2621
Merge pull request #119447 from gjkim42/do-not-reuse-cpu-set-of-restartable-init-container 
Don't reuse CPU set of a restartable init container
 2023-10-31 19:15:26 +01:00
Kubernetes Prow Robot
dea3f1a119
Merge pull request #112599 from fabi200123/Adding-Windows-Support-for-InPlaceVerticalScaling 
Adding Windows support for InPlace Pod Vertical Scaling
 2023-10-31 19:15:12 +01:00
Jiahui Feng
e4776e0f85 avoid infinite recursion for type resolvers. 2023-10-31 10:23:50 -07:00
Kubernetes Prow Robot
8f163470ea
Merge pull request #121636 from sairameshv/121444-fix 
[Node E2E Tests] Minor fix to copy the required kubelet, service logs
 2023-10-31 18:10:19 +01:00
Kubernetes Prow Robot
ef658637fd
Merge pull request #121611 from atiratree/test-gated-controllers 
controller descriptors should not be feature gated
 2023-10-31 18:10:07 +01:00
Jefftree
eb32969ab8 Lazy load OpenAPIV2 2023-10-31 12:45:45 -04:00
Jefftree
f23ab829be Add feature toggle for OpenAPI V3 apply in kubectl 2023-10-31 12:45:45 -04:00
Jefftree
e7216c6623 use OpenAPIV3 for kubectl diff 2023-10-31 12:45:45 -04:00
Jefftree
4f3b0b1518 Use OpenAPI V3 for client side SMP 2023-10-31 12:45:45 -04:00
Monis Khan
6ac7da1da8
encryptionconfig/controller: run unit tests faster 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-10-31 11:59:37 -04:00
Antonio Ojea
c2cb320913 Revert "cacher: when forgeting a watcher, call stopWatcherLocked multiple times" 
This reverts commit bbca4a4b9a.
 2023-10-31 15:28:01 +00:00
Wojciech Tyczynski
98a2f22e74
Revert "Make the decode function respect the timeout context" 2023-10-31 16:27:17 +01:00
Kubernetes Prow Robot
74fefd877f
Merge pull request #121638 from tkashem/apf-ga 
apiserver: set APF featuregate to stable
 2023-10-31 15:57:57 +01:00