github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
72,487 Commits
31 Branches
881 Tags
633 MiB
Commit Graph

32253 Commits (2a934c4f9eafb2a1892d495622f2d0a57ba6e04e)

Author SHA1 Message Date
saad-ali a7c5582bba Permit use of deprecated dir in device plugin. 2018-11-21 18:37:31 -08:00
saad-ali aa8244beb5 Modify CSI to handle both 0.3 and 1.0 
Modify the CSI volume plugin to handle CSI version 0.x as well as 1.x
 2018-11-21 18:37:31 -08:00
saad-ali d1b44857ad Add missing feature gate to CSI driver uninstall 2018-11-21 18:37:31 -08:00
saad-ali 2b44ec5e9c Reduce csipb dependencies 
Remove csipb dependency from everywhere except the CSI client in
preperation for supporting multiple CSI clients.
 2018-11-21 18:37:31 -08:00
saad-ali 8f666d9e41 Modify kubelet watcher to support old versions 
Modify kubelet plugin watcher to support older CSI drivers that use an
the old plugins directory for socket registration.
Also modify CSI plugin registration to support multiple versions of CSI
registering with the same name.
 2018-11-21 18:37:31 -08:00
k8s-ci-robot 9801572181
Merge pull request #71212 from cofyc/fix71068 
Clear pod binding cache
 2018-11-21 05:58:10 -08:00
k8s-ci-robot 28182b6606
Merge pull request #71156 from apelisse/race-condition-diff 
Optimistic-locking on diff
 2018-11-21 03:35:04 -08:00
Yecheng Fu 8fc00ebda6 Clear pod binding cache. 2018-11-21 11:24:53 +08:00
Antoine Pelisse a889f37505 Optimistic-locking on diff 
There is currently a race-condition when diffing, where we get the
object and then run a server-side dry-run patch and compare the two
results. If something changes the object on the server between the get
and the patch, the diff is going to show unrelated changes. We can now
specify the exact revisionversion that we want to patch, and that will
return a conflict, and we can retry multiple times to get a
non-conflicting diff. Eventually (after 3 times), we diff without
checking the version and throw a warning that the diff might be
partially wrong.
 2018-11-20 14:34:37 -08:00
Antoine Pelisse 89daa462ff Allow kubectl patcher to patch specific version 
Give a new "ResourceVersion" option to the patch so that the patch can
be forced against a specific version. Also there is no way to customize
how many retries the patcher should do on conflicts, so also add a
"Retries" option that let's one customize it.
 2018-11-20 14:34:08 -08:00
k8s-ci-robot 514a5b8f16
Merge pull request #70878 from jingxu97/Nov/repd 
Remove useBetaAPI option from getReplicaZoneURI
 2018-11-20 11:40:51 -08:00
Hemant Kumar d2b6e30143 Fix bug with volume getting marked as not in-use with pending op 
Add test for verifying volume detach
 2018-11-20 11:58:47 -05:00
Clayton Coleman 3464222267
Revert "Make bootstrap client cert loading part of rotation" 
This reverts commit 0af19875ad.

Revert "Ensure the bootstrap rotation code is tested by forcing rotation"

This reverts commit de293b2d7d.
 2018-11-17 10:24:39 -05:00
k8s-ci-robot e3420cc46f
Merge pull request #70494 from RenaudWasTaken/pluginwatcher 
Ignore non socket files in the kubelet plugin watcher
 2018-11-16 22:46:42 -08:00
k8s-ci-robot 3be3510814
Merge pull request #69890 from smarterclayton/bootstrap_retry 
Make bootstrap client cert loading part of rotation
 2018-11-16 22:46:33 -08:00
k8s-ci-robot ec2e767e59
Merge pull request #71167 from msau42/block-beta 
Promote raw block volume support to beta
 2018-11-16 20:28:03 -08:00
k8s-ci-robot df8ad8eae1
Merge pull request #71166 from Random-Liu/fix-kubelet-panic 
Fix kubelet panic.
 2018-11-16 20:27:53 -08:00
k8s-ci-robot 7e621ccb08
Merge pull request #71063 from Huang-Wei/nodeinfo-clone-panic 
fix a scheduler panic due to internal cache inconsistency
 2018-11-16 20:27:44 -08:00
k8s-ci-robot 1f3057b7fb
Merge pull request #70898 from Huang-Wei/preemption-issue 
ensure scheduler preemptor behaves in an efficient/correct path
 2018-11-16 20:27:35 -08:00
k8s-ci-robot f38cc95505
Merge pull request #62692 from mikedanese/trev2 
authn: extend authenticator.Token to support audience validation
 2018-11-16 20:27:25 -08:00
Clayton Coleman de293b2d7d
Ensure the bootstrap rotation code is tested by forcing rotation 
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.

Verify that we choose the correct client.
 2018-11-16 21:50:52 -05:00
Clayton Coleman 0af19875ad
Make bootstrap client cert loading part of rotation 
Ensure that bootstrap+clientcert-rotation in the Kubelet can:

1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds

Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).

Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.

Preserve existing behavior where:

1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
   the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
 2018-11-16 21:50:26 -05:00
k8s-ci-robot 4821291398
Merge pull request #71095 from msau42/csi-devicepath 
Remove devicePath dependency for CSI volumes
 2018-11-16 18:22:24 -08:00
k8s-ci-robot f877b2257a
Merge pull request #71074 from jsafrane/volume-manager-races 
Fix race between MountVolume and UnmountDevice
 2018-11-16 18:22:14 -08:00
Renaud Gaubert 1a3fbf1f13 Update e2e tests to include CSI 2018-11-17 01:52:57 +01:00
Renaud Gaubert 229418f261 Update pluginwatcher to ignore CSI metadata dir and non socket files 2018-11-17 01:51:00 +01:00
k8s-ci-robot b6bbb01f04
Merge pull request #71058 from verult/nodeinfomanager-retry 
Augmenting API call retry in nodeinfomanager; Revert #70891
 2018-11-16 16:31:40 -08:00
Michelle Au 18453b01e6 Tolerate apiserver being older than controller-manager 2018-11-16 16:31:27 -08:00
Mike Danese effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
Mike Danese ed17876e52 plumb apiAudience to TokenReview registry 2018-11-16 19:30:42 -05:00
Lantao Liu 59e80cdac3 Fix kubelet panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-11-16 16:21:57 -08:00
Michelle Au 974d47ecf8 Remove devicePath dependency for CSI volumes 2018-11-16 15:40:35 -08:00
Mike Danese 162699ca30 autogenerated 2018-11-16 17:54:33 -05:00
Mike Danese 04837fdef1 authn: add Audiences to TokenReview 2018-11-16 17:54:33 -05:00
Wei Huang b4fd11512a
ensure scheduler preemptor behaves in an efficient/correct path 
- don't update nominatedMap cache when Pop() an element from activeQ
- instead, delete the nominated info from cache when it's "assumed"
- unit test behavior adjusted
- expose SchedulingQueue in factory.Config
 2018-11-16 14:22:15 -08:00
k8s-ci-robot 9878253c3c
Merge pull request #70998 from deads2k/client-07-listwatchtimeout 
update the client generator to set a client-side timeout
 2018-11-16 13:19:57 -08:00
Wei Huang a86ba8b3c4
fix a scheduler panic due to internal cache inconsistency 2018-11-16 13:02:13 -08:00
Cheng Xing ca18690ceb Augmenting API call retry in nodeinfomanager 2018-11-16 13:00:22 -08:00
k8s-ci-robot 4e9c2a7a9b
Merge pull request #71114 from Lion-Wei/ipvs-reuse 
fix IPVS low throughput issue
 2018-11-16 12:04:00 -08:00
k8s-ci-robot e26b730143
Merge pull request #71103 from Pingan2017/autoscale-sts-kubectl 
support statefulset in kubectl autoscale command
 2018-11-16 12:03:51 -08:00
k8s-ci-robot 1b059e577c
Merge pull request #71101 from seans3/qos-resource-fix 
kubectl: small internal to external type fix
 2018-11-16 12:03:41 -08:00
Matthew Wong 9bbf768ad6 Fix BlockVolume feature gate toggling in validation & defaults unit tests 2018-11-16 13:38:59 -05:00
Matthew Wong dd517c9ff2 Update all tests to account for BlockVolume enabled by default 2018-11-16 13:38:59 -05:00
Matthew Wong 2ff98f7832 Promote BlockVolume to beta 2018-11-16 13:38:59 -05:00
David Eads 8f7edec615 generated 2018-11-16 12:41:17 -05:00
Jordan Liggitt 733dd9dfd7 Add tests to ensure feature gate changes don't escape kubelet/scheduler packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt de8bf9b63d fix scheduler and kubelet unit tests leaking feature flag changes 2018-11-16 10:52:53 -05:00
Jordan Liggitt 248d661327 Add tests to ensure storage feature gate changes don't escape packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt 358c092abe fix storage unit tests leaking feature flag changes 2018-11-16 10:52:52 -05:00
Michelle Au fd64c08240 Fix storage feature gate test setting 2018-11-16 10:49:40 -05:00
k8s-ci-robot 7c4d097faf
Merge pull request #71104 from yue9944882/chore/follow-up-cli-describer-externalization 
Follow-up of #70950: Duplicated versioned client in describer
 2018-11-16 07:34:39 -08:00
k8s-ci-robot 92fe9d9491
Merge pull request #71081 from vladimirvivien/kubelet-plugin-watcher-ga-fix 
Kubelet Plugin Registration GA migration fix
 2018-11-16 05:13:18 -08:00
Jan Safranek 5283537401 Fixed clearing of devicePath after UnmountDevice 
UnmountDevice must not clear devicepath, because such devicePath
may come from node.status (e.g. on AWS) and subsequent MountDevice
operation (that may be already enqueued) needs it.
 2018-11-16 13:24:42 +01:00
k8s-ci-robot 666739ac0c
Merge pull request #70580 from tsmetana/check-pvc-binding-again 
PV Controller: fix recycling
 2018-11-16 03:56:33 -08:00
k8s-ci-robot 6fc60428a7
Merge pull request #71020 from saad-ali/updateCSI10 
Bump CSI Spec to 1.0.0 and gRPC to 1.13.0
 2018-11-16 01:53:21 -08:00
k8s-ci-robot 1cdc918e11
Merge pull request #70728 from Pingan2017/remove-kubectl-run-container 
Remove deprecated kubectl command aliases 'run-container'
 2018-11-16 01:53:11 -08:00
k8s-ci-robot a856c7ab1d
Merge pull request #70973 from ping035627/k8s-181113 
Refactor New function
 2018-11-15 23:52:54 -08:00
liangwei f39060c604 set net/ipv4/vs/conn_reuse_mode to 0 2018-11-16 15:17:24 +08:00
k8s-ci-robot cde4c9ebe1
Merge pull request #68635 from mkimuram/issue/68424 
CSI block volume refactor to fix target path
 2018-11-15 21:35:42 -08:00
zuoxiu.jm 5ede82cdc7 fixes duplicated describer client 2018-11-16 11:30:05 +08:00
Pingan2017 c3bb1c4601 support statefulset in kubectl autoscale command 2018-11-16 10:42:39 +08:00
Sean Sullivan 6a57de315d kubectl: small internal to external type fix 2018-11-15 16:45:17 -08:00
saad-ali 09d3dce38a Update CSI client to pick up CSI v1.0.0 changes 2018-11-15 16:39:59 -08:00
Masaki Kimura 9c56b53390 Fix the comment for csi block pathes to make look the same to filesystem 2018-11-15 23:26:19 +00:00
k8s-ci-robot e615df9d23
Merge pull request #70950 from yue9944882/chore/prune-cli-describer-internal 
Use versioned types in kubectl describer
 2018-11-15 15:00:12 -08:00
k8s-ci-robot e4ee887121
Merge pull request #69303 from appian/host_aliases_on_same_line 
Write HostAliases aliases on same line per host IP
 2018-11-15 14:59:52 -08:00
k8s-ci-robot 7cf211d7de
Merge pull request #69196 from CaoShuFeng/job.yaml 
fix kubectl wait with no resource name provided
 2018-11-15 14:59:42 -08:00
Vladimir Vivien b195396154 Kubelet Plugin Registration v1 update fix 2018-11-15 17:40:35 -05:00
k8s-ci-robot 7b4d4bc8ac
Merge pull request #70508 from dashpole/pod_resources_socket 
Add socket-based kubelet pod resources API.
 2018-11-15 13:43:44 -08:00
k8s-ci-robot 504466c4e6
Merge pull request #68267 from liggitt/node-label-update 
Limit kubelets from updating their own labels when NodeRestriction is enabled
 2018-11-15 11:11:02 -08:00
David Ashpole 630cb53f82 add kubelet grpc server for pod-resources service 2018-11-15 09:43:20 -08:00
David Ashpole 288667f436 add KubeletPodResources feature-gate 2018-11-15 09:38:59 -08:00
David Ashpole aa9ba976ac generate go client for kubelet podresources API 2018-11-15 09:38:59 -08:00
David Ashpole 3ece501f6b add kubelet pod-resources API definition 2018-11-15 09:38:59 -08:00
zuoxiu.jm da9387131e prune internal clients from kubectl describer 2018-11-16 00:11:10 +08:00
Tomas Smetana f9c9ef6ec0 PV Controller: fix recycling 
In the situation when a PVC is deleted and a new one with the same name
bound to a different PV the "old" PV may fail to recycle since it's
associaded with a PVC that is detected as being in use. This may cause
the recycler processes to hang.
 2018-11-15 16:38:25 +01:00
k8s-ci-robot b1a52a38e9
Merge pull request #67257 from pbarker/audit 
dynamic audit configuration
 2018-11-15 02:42:59 -08:00
PingWang 9e760732c3 Refactor New function 
Signed-off-by: PingWang <wang.ping5@zte.com.cn>

add comments for InitPolicyFromFile

Signed-off-by: PingWang <wang.ping5@zte.com.cn>

make the methods package private

Signed-off-by: PingWang <wang.ping5@zte.com.cn>
 2018-11-15 14:30:19 +08:00
k8s-ci-robot 843a67b215
Merge pull request #70559 from vladimirvivien/kubelet-plugin-watcher-ga 
Graduate Kubelet plugin registration/watcher to GA
 2018-11-14 20:35:08 -08:00
k8s-ci-robot 726c07eb26
Merge pull request #69929 from jsafrane/csi-ga 
Promote CSIPersistentVolume feature to GA
 2018-11-14 20:34:58 -08:00
k8s-ci-robot 012a438dbe
Merge pull request #68655 from goodluckbot/kubectl-cordon-drain-uncordon 
Support multiple arguments for cordon and drain
 2018-11-14 20:34:48 -08:00
Masaki Kimura 6d7b5f1d1b Delegate creation of publishPath to driver and allow creating device file directly 2018-11-15 01:14:12 +00:00
Patrick Barker 5cb70e369f adds dynamic audit configuration generated 2018-11-15 01:03:45 +00:00
Patrick Barker eb89d3dddd adds dynamic audit configuration 2018-11-14 17:54:06 -07:00
Jordan Liggitt eaff4fd4d2 Tolerate existing CSI fields in PVs when the feature is disabled 2018-11-14 17:57:54 -05:00
k8s-ci-robot 9c304cf0cb
Merge pull request #70157 from mikedanese/trev1 
retrofit svcacct token authenticator to support audience validation
 2018-11-14 13:16:44 -08:00
Masaki Kimura d8c6fe5202 Change stagingPath to be a directory 2018-11-14 20:53:28 +00:00
k8s-ci-robot 5a84dffc75
Merge pull request #71007 from mikedanese/allowdefault 
TokenRequestProjections should allow API server to default empty audience
 2018-11-14 11:38:16 -08:00
k8s-ci-robot 1a9fd268a9
Merge pull request #71005 from mikedanese/certpubfix 
rootcacertpublisher: trigger resync on namespace add and update
 2018-11-14 11:38:07 -08:00
k8s-ci-robot 68fb529ec1
Merge pull request #70969 from awly/node-csr-move 
Move csr.RequestNodeCertificate into kubelet bootstrap package
 2018-11-14 11:37:58 -08:00
Masaki Kimura f0354ad605 Fix for adding block volume support to CSI RBD driver 2018-11-14 19:20:56 +00:00
k8s-ci-robot 774f162884
Merge pull request #70999 from liggitt/oversized-spdystream-frames 
Ensure oversized data frames are not written to spdystreams
 2018-11-14 09:26:06 -08:00
Jan Safranek 8cfce0af99 Tighten up validation of VolumeAttachment fields 2018-11-14 16:46:59 +01:00
Michelle Au 498cd61f41 Add volumeattachment status subresource 2018-11-14 14:01:16 +01:00
Jan Safranek e95b188656 Generated files 2018-11-14 14:01:16 +01:00
Jan Safranek 633431c38a Promote CSIPersistentVolumeSource to GA 2018-11-14 14:01:16 +01:00
Jan Safranek 534ce94c22 Move CSIPersistentVolume feature to GA 2018-11-14 14:01:16 +01:00
Vladimir Vivien f16d3c56f6 Kubelet plugin watcher update to v1 2018-11-14 05:46:27 -05:00
Vladimir Vivien 668c532dda Pluginregistration package updat to v1 2018-11-14 05:46:19 -05:00
k8s-ci-robot a44c2b9eeb
Merge pull request #70035 from liggitt/retain-quota-metadata 
Avoid dropping resourcequota metadata in controller
 2018-11-14 01:29:53 -08:00