github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
72,278 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

32187 Commits (8848740f6d0f84c2c4c5165736e12425551a6207)

Author SHA1 Message Date
Clayton Coleman 3464222267
Revert "Make bootstrap client cert loading part of rotation" 
This reverts commit 0af19875ad.

Revert "Ensure the bootstrap rotation code is tested by forcing rotation"

This reverts commit de293b2d7d.
 2018-11-17 10:24:39 -05:00
k8s-ci-robot e3420cc46f
Merge pull request #70494 from RenaudWasTaken/pluginwatcher 
Ignore non socket files in the kubelet plugin watcher
 2018-11-16 22:46:42 -08:00
k8s-ci-robot 3be3510814
Merge pull request #69890 from smarterclayton/bootstrap_retry 
Make bootstrap client cert loading part of rotation
 2018-11-16 22:46:33 -08:00
k8s-ci-robot ec2e767e59
Merge pull request #71167 from msau42/block-beta 
Promote raw block volume support to beta
 2018-11-16 20:28:03 -08:00
k8s-ci-robot df8ad8eae1
Merge pull request #71166 from Random-Liu/fix-kubelet-panic 
Fix kubelet panic.
 2018-11-16 20:27:53 -08:00
k8s-ci-robot 7e621ccb08
Merge pull request #71063 from Huang-Wei/nodeinfo-clone-panic 
fix a scheduler panic due to internal cache inconsistency
 2018-11-16 20:27:44 -08:00
k8s-ci-robot 1f3057b7fb
Merge pull request #70898 from Huang-Wei/preemption-issue 
ensure scheduler preemptor behaves in an efficient/correct path
 2018-11-16 20:27:35 -08:00
k8s-ci-robot f38cc95505
Merge pull request #62692 from mikedanese/trev2 
authn: extend authenticator.Token to support audience validation
 2018-11-16 20:27:25 -08:00
Clayton Coleman de293b2d7d
Ensure the bootstrap rotation code is tested by forcing rotation 
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.

Verify that we choose the correct client.
 2018-11-16 21:50:52 -05:00
Clayton Coleman 0af19875ad
Make bootstrap client cert loading part of rotation 
Ensure that bootstrap+clientcert-rotation in the Kubelet can:

1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds

Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).

Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.

Preserve existing behavior where:

1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
   the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
 2018-11-16 21:50:26 -05:00
k8s-ci-robot 4821291398
Merge pull request #71095 from msau42/csi-devicepath 
Remove devicePath dependency for CSI volumes
 2018-11-16 18:22:24 -08:00
k8s-ci-robot f877b2257a
Merge pull request #71074 from jsafrane/volume-manager-races 
Fix race between MountVolume and UnmountDevice
 2018-11-16 18:22:14 -08:00
Renaud Gaubert 1a3fbf1f13 Update e2e tests to include CSI 2018-11-17 01:52:57 +01:00
Renaud Gaubert 229418f261 Update pluginwatcher to ignore CSI metadata dir and non socket files 2018-11-17 01:51:00 +01:00
k8s-ci-robot b6bbb01f04
Merge pull request #71058 from verult/nodeinfomanager-retry 
Augmenting API call retry in nodeinfomanager; Revert #70891
 2018-11-16 16:31:40 -08:00
Michelle Au 18453b01e6 Tolerate apiserver being older than controller-manager 2018-11-16 16:31:27 -08:00
Mike Danese effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
Mike Danese ed17876e52 plumb apiAudience to TokenReview registry 2018-11-16 19:30:42 -05:00
Lantao Liu 59e80cdac3 Fix kubelet panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-11-16 16:21:57 -08:00
Michelle Au 974d47ecf8 Remove devicePath dependency for CSI volumes 2018-11-16 15:40:35 -08:00
Mike Danese 162699ca30 autogenerated 2018-11-16 17:54:33 -05:00
Mike Danese 04837fdef1 authn: add Audiences to TokenReview 2018-11-16 17:54:33 -05:00
Wei Huang b4fd11512a
ensure scheduler preemptor behaves in an efficient/correct path 
- don't update nominatedMap cache when Pop() an element from activeQ
- instead, delete the nominated info from cache when it's "assumed"
- unit test behavior adjusted
- expose SchedulingQueue in factory.Config
 2018-11-16 14:22:15 -08:00
k8s-ci-robot 9878253c3c
Merge pull request #70998 from deads2k/client-07-listwatchtimeout 
update the client generator to set a client-side timeout
 2018-11-16 13:19:57 -08:00
Wei Huang a86ba8b3c4
fix a scheduler panic due to internal cache inconsistency 2018-11-16 13:02:13 -08:00
Cheng Xing ca18690ceb Augmenting API call retry in nodeinfomanager 2018-11-16 13:00:22 -08:00
k8s-ci-robot 4e9c2a7a9b
Merge pull request #71114 from Lion-Wei/ipvs-reuse 
fix IPVS low throughput issue
 2018-11-16 12:04:00 -08:00
k8s-ci-robot e26b730143
Merge pull request #71103 from Pingan2017/autoscale-sts-kubectl 
support statefulset in kubectl autoscale command
 2018-11-16 12:03:51 -08:00
k8s-ci-robot 1b059e577c
Merge pull request #71101 from seans3/qos-resource-fix 
kubectl: small internal to external type fix
 2018-11-16 12:03:41 -08:00
Matthew Wong 9bbf768ad6 Fix BlockVolume feature gate toggling in validation & defaults unit tests 2018-11-16 13:38:59 -05:00
Matthew Wong dd517c9ff2 Update all tests to account for BlockVolume enabled by default 2018-11-16 13:38:59 -05:00
Matthew Wong 2ff98f7832 Promote BlockVolume to beta 2018-11-16 13:38:59 -05:00
David Eads 8f7edec615 generated 2018-11-16 12:41:17 -05:00
Jordan Liggitt 733dd9dfd7 Add tests to ensure feature gate changes don't escape kubelet/scheduler packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt de8bf9b63d fix scheduler and kubelet unit tests leaking feature flag changes 2018-11-16 10:52:53 -05:00
Jordan Liggitt 248d661327 Add tests to ensure storage feature gate changes don't escape packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt 358c092abe fix storage unit tests leaking feature flag changes 2018-11-16 10:52:52 -05:00
Michelle Au fd64c08240 Fix storage feature gate test setting 2018-11-16 10:49:40 -05:00
k8s-ci-robot 7c4d097faf
Merge pull request #71104 from yue9944882/chore/follow-up-cli-describer-externalization 
Follow-up of #70950: Duplicated versioned client in describer
 2018-11-16 07:34:39 -08:00
k8s-ci-robot 92fe9d9491
Merge pull request #71081 from vladimirvivien/kubelet-plugin-watcher-ga-fix 
Kubelet Plugin Registration GA migration fix
 2018-11-16 05:13:18 -08:00
Jan Safranek 5283537401 Fixed clearing of devicePath after UnmountDevice 
UnmountDevice must not clear devicepath, because such devicePath
may come from node.status (e.g. on AWS) and subsequent MountDevice
operation (that may be already enqueued) needs it.
 2018-11-16 13:24:42 +01:00
k8s-ci-robot 666739ac0c
Merge pull request #70580 from tsmetana/check-pvc-binding-again 
PV Controller: fix recycling
 2018-11-16 03:56:33 -08:00
k8s-ci-robot 6fc60428a7
Merge pull request #71020 from saad-ali/updateCSI10 
Bump CSI Spec to 1.0.0 and gRPC to 1.13.0
 2018-11-16 01:53:21 -08:00
k8s-ci-robot 1cdc918e11
Merge pull request #70728 from Pingan2017/remove-kubectl-run-container 
Remove deprecated kubectl command aliases 'run-container'
 2018-11-16 01:53:11 -08:00
k8s-ci-robot a856c7ab1d
Merge pull request #70973 from ping035627/k8s-181113 
Refactor New function
 2018-11-15 23:52:54 -08:00
liangwei f39060c604 set net/ipv4/vs/conn_reuse_mode to 0 2018-11-16 15:17:24 +08:00
k8s-ci-robot cde4c9ebe1
Merge pull request #68635 from mkimuram/issue/68424 
CSI block volume refactor to fix target path
 2018-11-15 21:35:42 -08:00
zuoxiu.jm 5ede82cdc7 fixes duplicated describer client 2018-11-16 11:30:05 +08:00
Pingan2017 c3bb1c4601 support statefulset in kubectl autoscale command 2018-11-16 10:42:39 +08:00
Sean Sullivan 6a57de315d kubectl: small internal to external type fix 2018-11-15 16:45:17 -08:00