github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 12:15:52 +00:00
Code Issues Projects Releases Wiki Activity
124,347 Commits 42 Branches 7,905 Tags 1.3 GiB
f173f0c58c
Commit Graph

124347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kensei Nakada
82a54e8cc8 cleanup: remove duplicated addNominatedPodUnlocked 2024-07-21 16:04:25 +09:00
Kubernetes Prow Robot
10496b35a8
Merge pull request #126015 from micahhausler/kubelet-cert-validation 
Enhance node admission to validate kubelet CSR's CN
 2024-07-20 21:27:42 -07:00
Kubernetes Prow Robot
558c9536a1
Merge pull request #123678 from kinvolk/userns-use-kubelet-user-mappings 
kubelet: Add logs for userns custom mappings parsing
 2024-07-20 19:59:57 -07:00
Micah Hausler
b251efe0ad Enhance node admission to validate kubelet CSR's CN 
Signed-off-by: Micah Hausler <mhausler@amazon.com>
 2024-07-20 19:06:00 -05:00
Kubernetes Prow Robot
b14769f2af
Merge pull request #126224 from neolit123/1.31-fix-bug-in-join-patches-healthz 
kubeadm: fix join bug where kubeletconfig was not patched in memory
 2024-07-20 14:27:24 -07:00
Kubernetes Prow Robot
90a84704d6
Merge pull request #126231 from seans3/websocket-https-proxy-fix 
Falls back to SPDY for gorilla/websocket https proxy error
 2024-07-20 13:23:16 -07:00
Kubernetes Prow Robot
8527092e02
Merge pull request #119024 from wafuwafu13/deprecated-node-label 
chore(node/util): add more labels to `deprecatedNodeLabels`
 2024-07-20 11:31:40 -07:00
carlory
deb9fc97d3 vac add e2e test 2024-07-21 00:48:51 +08:00
Lubomir I. Ivanov
b90b280c5a kubeadm: fix join bug where kubeletconfig was not patched in memory 
During kubeadm join in 1.30 kubeadm started respecting
the kubeletconfiguration healthz address/port. Previously
it hardcoded the health check to localhost:defaultport.

A corner case was not handled where the user applies --patches
on join to modify the local kubeletconfiguration. This results
in kubeletconfiguration patch target patches not being applied to
the KubeletConfiguration in memory and the health check
running on the address:port which are present in the kubelet-config
configmap.

Fix that by explicitly calling a new function to patch the
KubeletConfiguration in memory. This is scoped to only handle
the healthz checks *after* the kubelet config.yaml was already
patched and written to disk.
 2024-07-20 19:31:19 +03:00
xin.li
c1dca0ad7c kubeadm: remove unused constants in util/pkiutil 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2024-07-20 23:30:25 +08:00
Kubernetes Prow Robot
892acaa6a7
Merge pull request #126107 from enj/enj/i/svm_not_found_err 
svm: set UID and RV on SSA patch to cause conflict on logical create
 2024-07-20 08:18:01 -07:00
Sean Sullivan
bc52647251 moving for easier cherry-pick 2024-07-20 05:29:57 -07:00
Kubernetes Prow Robot
b293ca9057
Merge pull request #126229 from aojea/network_policies_0.5.0 
bump kube-network-policies to v0.5.0
 2024-07-20 05:13:54 -07:00
Kensei Nakada
fa8092f838 support UpdatePodScaleDown instead of UpdatePodRequest 2024-07-20 19:20:38 +09:00
Kubernetes Prow Robot
f2f7708375
Merge pull request #126244 from googs1025/informer 
chore(servicecidr): use WaitForCacheSync after sharedInformerFactory Start in integration test
 2024-07-20 03:11:39 -07:00
Kensei Nakada
0dee497876 fix: make updatePodOther private 2024-07-20 17:49:46 +09:00
Kensei Nakada
0b133c7fa9 modify test 2024-07-20 17:44:57 +09:00
Kensei Nakada
e46fe0b673 register UpdatePodOther to a general Update 2024-07-20 17:44:57 +09:00
Kensei Nakada
066826d476 fix wordings 2024-07-20 17:44:57 +09:00
Kensei Nakada
4283ab5df3 use PodUpdateOther internally 2024-07-20 17:44:55 +09:00
Kensei Nakada
0cd1ee4259 add(scheduler/framework): implement smaller Pod update events 2024-07-20 17:44:23 +09:00
googs1025
bc514ff68b chore: remove t.Fatal typo 2024-07-20 16:19:47 +08:00
googs1025
a6ee8599f1 chore: use WaitForCacheSync method after sharedInformerFactory Start 2024-07-20 16:17:57 +08:00
Sean Sullivan
9d560540c5 Falls back to SPDY for gorilla/websocket https proxy error 2024-07-20 00:10:32 -07:00
Kubernetes Prow Robot
8f265b6305
Merge pull request #126136 from cici37/removeFG 
Remove feature gate CustomResourceValidationExpressions
 2024-07-20 00:08:52 -07:00
Kubernetes Prow Robot
a8d354bf39
Merge pull request #126122 from HirazawaUi/remove-unused-options 
kubelet: Remove unused run container options
 2024-07-19 18:05:16 -07:00
bzsuni
3c448ff29d Build etcd image of v3.5.15 
Signed-off-by: bzsuni <bingzhe.sun@daocloud.io>
 2024-07-20 08:16:18 +08:00
Kubernetes Prow Robot
14b34fc255
Merge pull request #125834 from tallclair/log-cleanup 
[kubelet] Cleanup incorrect log about static pod status change
 2024-07-19 16:58:54 -07:00
Kubernetes Prow Robot
64ba17c605
Merge pull request #125571 from liggitt/filter-auth-02-sar 
add field and label selectors to authorization
 2024-07-19 15:30:01 -07:00
Kubernetes Prow Robot
ec8015daac
Merge pull request #124273 from panoswoo/fix/124255 
Remove missing extended resources from init containers
 2024-07-19 15:29:53 -07:00
cici37
1e5062c5d4 Auto update 2024-07-19 22:26:40 +00:00
cici37
95dbfa1c3d Promote metrics for VAP and CRD validation rules to beta. 2024-07-19 22:26:32 +00:00
Jefftree
0898842b3c use context for tests 2024-07-19 20:12:05 +00:00
Kubernetes Prow Robot
fa15f12fb5
Merge pull request #126174 from dobsonj/corruptedmnt-enodev 
mount-utils: treat syscall.ENODEV as corrupted mount
 2024-07-19 13:08:48 -07:00
Jefftree
a5791b344c Validate CABundle when writing CRD 2024-07-19 19:38:54 +00:00
Vadim Rutkovsky
77e84efe31
featuregate: clone queriedFeatures only when mutation is needed 
Avoid allocating memory when cloned set of queried features is not necessary
 2024-07-19 21:07:12 +02:00
Jordan Liggitt
5f22dd7c1a
Add integration test exercising webhook selector authz 2024-07-19 15:06:52 -04:00
Jordan Liggitt
9f8f36708a
Fixup lint warning 2024-07-19 15:06:52 -04:00
Jordan Liggitt
4d535db8be
Add selector authorization to the Node authorizer 2024-07-19 15:06:51 -04:00
Jordan Liggitt
a1398a8cca
Add structured labelSelector / fieldSelector to authorization webhook match conditions 2024-07-19 15:06:50 -04:00
Jordan Liggitt
83bd512861
Adjust CEL cost calculation and versioning for authorization library 2024-07-19 15:06:49 -04:00
David Eads
be2e32fa3e
Add CEL fieldSelector / labelSelector support to authorizer library 2024-07-19 15:06:49 -04:00
Jordan Liggitt
03d48b7683
Move CEL env initialization out of package init() 
This ensures compatibility version and feature gates can be initialized
before cached CEL environments are created.
 2024-07-19 15:06:48 -04:00
Jordan Liggitt
1d2ad282cf
Improve CEL cost tests to catch unhandled estimates or types 2024-07-19 15:06:47 -04:00
David Eads
92e3445e9d
add field and label selectors to authorization attributes 
Co-authored-by: Jordan Liggitt <liggitt@google.com>
 2024-07-19 15:06:47 -04:00
Kubernetes Prow Robot
b3e769b72e
Merge pull request #126228 from googs1025/fix_informer 
chore(Job):  make trivial improvements to job controller unit test
 2024-07-19 12:03:24 -07:00
Kubernetes Prow Robot
6f3f115378
Merge pull request #126222 from macsko/dont_lock_activeq_twice_in_activate_in_scheduling_queue 
Don't lock activeQ twice when activating pod in scheduling queue
 2024-07-19 12:03:10 -07:00
David Eads
f5e5bef2e0
generate 2024-07-19 14:35:37 -04:00
David Eads
90f0b88b6a
add subjectaccessreview field and label selectors 
Co-authored-by: Jordan Liggitt <liggitt@google.com>
 2024-07-19 14:34:49 -04:00
Kubernetes Prow Robot
acaec0c23a
Merge pull request #126124 from cici37/feature/validating-admission-policy/metrics-improvement 
Feature/validating admission policy/metrics improvement
 2024-07-19 10:34:58 -07:00