github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
21,577 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

575 Commits (8c182c2713ea6e1b8ffff1da11e0d802cacd0bd8)

Author SHA1 Message Date
tummychow 78ce5da988 Move util.StringSet into its own package 
A lot of packages use StringSet, but they don't use anything else from
the util package. Moving StringSet into another package will shrink
their dependency trees significantly.
 2015-09-10 12:04:15 -07:00
k8s-merge-robot 950e5d9a53 Merge pull request #13563 from a-robinson/timeout 
Auto commit by PR queue bot
 2015-09-09 18:52:14 -07:00
Chao Xu 9fc79e9d99 refactor testapi and test scripts to prepare for multiple API groups. 2015-09-04 18:01:32 -07:00
Ruddarraju, Uday Kumar Raju f8d6f13f7c Union of authorizers 2015-09-04 11:04:50 -07:00
Alex Robinson 4b47cb93f3 Reduce the default apiserver timeout back down to 30 seconds. 
It was originally raised due to slow load balancer creation (#5180), but
that was fixed months ago.
 2015-09-03 17:50:23 +00:00
Brendan Burns b196d0f84b Add support for installing custom object APIs 2015-08-31 21:13:36 -07:00
Jordan Liggitt b5e8f7aa41 Recover panics in finishRequest, write correct API response 2015-08-31 14:55:18 -04:00
Nikhil Jindal a09425d828 Merge pull request #10933 from andronat/swagger_auto_type_docs 
Automatic Generation of Swagger Documentation in Types
 2015-08-24 10:35:58 -07:00
Anastasis Andronidis ff2fcd43f7 Added SwaggerDoc() in api-server 2015-08-22 02:26:04 +02:00
Yifan Gu 6376e41850 plugin/pkg/auth: add OpenID Connect token authenticator. 
Also add related new flags to apiserver:
"--oidc-issuer-url", "--oidc-client-id", "--oidc-ca-file", "--oidc-username-claim",
to enable OpenID Connect authentication.
 2015-08-21 15:27:08 -07:00
Ruddarraju, Uday Kumar Raju 937db3f70d Keystone authentication plugin 2015-08-13 09:46:30 -07:00
Muhammed Uluyol fab367230f Add experimental API support to kubectl 2015-08-11 16:49:55 -07:00
Kris Rousey 565189f5b8 Correcting all go vet errors 2015-08-11 13:55:37 -07:00
Tamer Tas 16b4428043 Fix usage of format specifier %s 2015-08-10 20:44:36 +03:00
David Walter 792fc2269b change underscores to dashes to match the command line argument 2015-08-06 22:13:44 -05:00
Eric Paris 7cbb52ce04 Use the pflag StringSlice instead of implementing it ourselves 
Saves code and makes our code easier to read because we just use normal
[]string instead of custom type.
 2015-08-06 19:16:13 -04:00
Mike Danese 8326697055 rewrite all links to prs to k8s links 2015-08-05 21:11:11 -07:00
Mike Danese fe6b15ba2f rewrite all links to issues to k8s links 2015-08-05 21:11:11 -07:00
Mike Danese 17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese 8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Alex Mohr 366b382901 Merge pull request #10200 from caesarxuchao/resthandler-validate-version 
verify and default APIVersion in createHandler, verify APIVersion in UpdateResource
 2015-08-04 13:09:31 -07:00
Chao Xu 664d20c572 Add DecodeIntoWithSpecifiedVersionKind() to Decoder interface. 
The function validate/default the body with the passed in apiVersion and Kind.
It's called in createHandler and UpdateResource
 2015-08-03 15:30:00 -07:00
gmarek d27ad5b714 Controller codebase refactoring 2015-08-03 17:06:25 +02:00
Muhammed Uluyol 58a875ac2c Add (stopgap) support for an experimental API prefix. 2015-07-30 18:14:29 -07:00
Wojciech Tyczynski 3cbbe72f9f Move etcd storage to pkg/storage/etcd 2015-07-30 15:42:06 +02:00
Wojciech Tyczynski 99d6b0e9f4 Rename storage interfaces 2015-07-30 10:34:57 +02:00
Wojciech Tyczynski d17985f1ad Move StorageInterface to pkg/storage. 2015-07-30 09:32:04 +02:00
Cesar Wong a84fa79a01 Use versioned objects for GET and CONNECT operations 2015-07-28 13:43:23 -04:00
Marek Grabowski 7cc1855c27 Merge pull request #11806 from wojtek-t/private_etcd_helper 
Make EtcdHelper private - expose only StorageInterface
 2015-07-27 11:21:28 +02:00
Marek Grabowski 00cd52dd68 Merge pull request #10656 from krousey/timeouts 
Adding proper timeouts.
 2015-07-27 10:56:58 +02:00
Wojciech Tyczynski 9d943df397 Private EtcdHelper 2015-07-27 09:20:13 +02:00
nikhiljindal 2f946b7aee Stop allowing unnamespaced POST for namespaced objects 2015-07-24 12:03:19 -07:00
Tim Hockin 1c3233a1d4 Remove v1beta3 2015-07-23 17:21:27 -07:00
Eric Tune d7a0bb4020 Merge pull request #11258 from nikhiljindal/dupNickname 
Add namespace to swagger nicknames to prevent duplicate nicknames
 2015-07-15 16:42:59 -07:00
Brendan Burns 25d3834b74 Add monitoring and healthz based on tunnel health. 2015-07-14 14:37:38 -07:00
nikhiljindal dda71bdc7b Add namespace to nickname to prevent dup swagger nicknames 2015-07-14 13:41:13 -07:00
Kris Rousey 1d033b9912 Adding proper timeouts. 2015-07-10 14:42:59 -07:00
Yu-Ju Hong 7b55cbb0bd Merge pull request #10569 from yifan-gu/authn 
apiservier: avoid stacktracing when http.StatusUnauthorized.
 2015-07-06 15:05:12 -07:00
Yifan Gu b30e77c1b3 apiservier: avoid stacktracing for StatusUnauthorized and StatusForbidden. 2015-07-01 14:41:52 -07:00
Zach Loafman 9a5891dc89 Merge pull request #10391 from wojtek-t/longer_metrics 
Increase the length of sliding window for latency metrics
 2015-06-30 16:04:53 -07:00
Mike Danese 5a48eee611 bug: fix possible nil pointer derefrence in test 2015-06-29 20:34:26 -07:00
Wojciech Tyczynski 4c4d59a236 Increase the length of sliding window for latency metrics 2015-06-26 13:08:21 +02:00
Maxwell Forbes 5e748c1d47 Merge pull request #10070 from lavalamp/e2eProxyFix 
proxy e2e test improvements
 2015-06-25 13:15:03 -07:00
Maxwell Forbes fc349fdd47 Merge pull request #10060 from nikhiljindal/scopeParamPath 
Updating the path param name to "namespace" instead of "namespaces"
 2015-06-25 09:56:15 -07:00
Daniel Smith ddbe4c914f Fix proxy rewriting 2015-06-24 13:54:14 -07:00
nikhiljindal 6c6398edaa Update the path param name to namespace instead of namespaces 2015-06-24 13:45:49 -07:00
Brendan Burns f4e97be78e Switch to using the official etcd health check. 2015-06-24 10:18:39 -07:00
Jeff Lowdermilk 50e67d4034 Merge pull request #10216 from wojtek-t/reset_metrics 
Expose /resetMetrics handle in apiserver
 2015-06-23 16:07:41 -07:00
derekwaynecarr f6fb72ec51 Admission control attributes has access to resource name 2015-06-23 13:54:55 -04:00
Wojciech Tyczynski 23d405ad86 Expose /resetMetrics handle in apiserver 2015-06-23 11:12:45 +02:00
Jeff Lowdermilk 0c7fbacfb1 Merge pull request #10052 from derekwaynecarr/admission_subresources 
Admission control exposes subresource
 2015-06-22 13:11:58 -07:00
Clayton Coleman 83f84a9821 OPTIONS should be passed through the proxy 2015-06-19 14:30:27 -04:00
Satnam Singh 28197e07d6 Merge pull request #9841 from smarterclayton/fix_apiserver_abstractions 
Cleaning up apiserver method signatures
 2015-06-18 15:36:52 -07:00
Satnam Singh 1d7f70a531 Merge pull request #9991 from nikhiljindal/dupPost 
Do not register cross namespace actions with subresources in path
 2015-06-18 15:33:37 -07:00
Satnam Singh de457c3e49 Merge pull request #9962 from smarterclayton/type_patch 
Give PATCH operations a better output in Swagger
 2015-06-18 14:31:49 -07:00
Satnam Singh 59876df736 Merge pull request #9927 from liggitt/fix_ecdsa_key 
Re-enable ECDSA private server key use
 2015-06-18 14:30:27 -07:00
nikhiljindal d3d579f59d Do not register cross namespace actions with subresources in path 2015-06-18 13:50:38 -07:00
Clayton Coleman debd42a07d Cleaning up apiserver method signatures 
A lot of the changes in apiserver could have been represented more
cleanly - this returns the signatures to their older behavior (and
unbreaks OpenShift).
 2015-06-18 15:13:41 -04:00
derekwaynecarr fce7adf3e7 Admission control exposes subresource 2015-06-18 15:00:46 -04:00
nikhiljindal b527b00d7b Fix path parameter swagger validation errors 2015-06-18 10:43:13 -07:00
Clayton Coleman 93f921b677 Swagger output for PATCH can be more strongly typed 2015-06-18 13:04:20 -04:00
Saad Ali 9ca9e43625 Merge pull request #9600 from liggitt/remove_namespace_param 
Remove ?namespace= param handling/defaulting
 2015-06-17 18:07:13 -07:00
Saad Ali 2a228bf45e Merge pull request #9898 from nikhiljindal/trace 
Stop supporting TRACE proxy requests
 2015-06-17 15:55:03 -07:00
Jordan Liggitt 64d61185eb Re-enable ECDSA private server key use 2015-06-16 23:03:29 -04:00
Jordan Liggitt a341b8f44f Remove ?namespace= param handling/defaulting 2015-06-16 22:40:01 -04:00
Saad Ali 0aae358d2d Merge pull request #9835 from caesarxuchao/remove-testapi-nsQuery 
Update pkg/api/testapi because namespace is always in the path now
 2015-06-16 14:54:36 -07:00
Chao Xu a309d3e652 Update pkg/api/testapi because namespace is always in the path since we remove v1beta1/2 2015-06-16 14:12:03 -07:00
nikhiljindal 34a0bccd2e Stop supporting TRACE proxy requests 2015-06-16 14:07:40 -07:00
Brendan Burns 07b5930a70 Remove the redirect verb. 2015-06-15 15:39:06 -07:00
nikhiljindal 784e408ab4 Adding subresource to swagger route docs 2015-06-09 10:20:45 -07:00
Brendan Burns b68ddbaf75 Don't pretty-print by default. Saves an allocation (or more) and a copy. 2015-06-08 21:31:58 -07:00
Brendan Burns 7ea533d871 Add the SSHTunnel transport to the kubelet client. 2015-06-05 14:55:15 -07:00
Brendan Burns 30a89968a4 Initial proxy tunnelling. 2015-06-05 14:54:20 -07:00
Brendan Burns 631cf34d40 Add tunnelling to the proxy API handler. 2015-06-05 14:54:20 -07:00
nikhiljindal 7cc50448e3 Updating StatusDetails.ID to Name in internal API 2015-06-05 07:17:02 -07:00
Chao Xu 6b81c064ed change v1beta3 to v1 in test cases 2015-06-03 17:50:22 -07:00
Prashanth Balasubramanian 0162529ea5 Default minRequestTimeout to 1800s 2015-06-03 08:47:45 -07:00
Prashanth Balasubramanian 448867073d Pipe minRequestTimeout as an arg to the apiserver 2015-06-03 08:44:14 -07:00
Brian Grant 55529d9256 Merge pull request #7153 from xiang90/apiserver 
minor cleanup for apiserver/errors.go
 2015-06-02 10:37:36 -07:00
Kris f4e2c738f6 Delete deprecated API versions 
pkg/service:

There were a couple of references here just as a reminder to change the
behavior of findPort. As of v1beta3, TargetPort was always defaulted, so
we could remove findDefaultPort and related tests.

pkg/apiserver:

The tests were using versioned API codecs for some of their encoding
tests. Necessary API types had to be written and registered with the
fake versioned codecs.

pkg/kubectl:

Some tests were converted to current versions where it made sense.
 2015-05-29 17:17:35 -07:00
Tim Hockin 9e486be743 Merge pull request #8795 from a-robinson/latency 
Remove the clientID field from the apiserver request latency metric
 2015-05-28 16:55:11 -07:00
CJ Cullen 36d54b2094 Remove /Validate endpoint 2015-05-26 10:49:18 -07:00
Alex Robinson 0339f68273 Remove the clientID field from the apiserver request latency metric. 2015-05-25 20:31:25 -07:00
Prashanth Balasubramanian 8a5445d3db Randomize apiserver watch timeouts 2015-05-21 20:52:33 -07:00
Cesar Wong 328b1d0817 Add admission control to the Connect method in the API Server 
The resource passed to admission control is a ConnectRequest object
which includes additional information about the current request.
 2015-05-21 13:54:45 -04:00
Cesar Wong 68ad63b5e2 Add operation checking to admission control handlers 
Adds a new method to the handler interface that returns true only if the
admission control handler handles that operation.
 2015-05-21 13:51:43 -04:00
Clayton Coleman 3b10d82864 Merge pull request #8391 from liggitt/etcd_token_lookup 
Make serviceaccount/token lookup more flexible
 2015-05-18 11:08:30 -04:00
Jordan Liggitt d90e7409e4 Prevent auth recursion for service account tokens 2015-05-16 23:39:07 -04:00
Paul Weil aaeb1dad93 expose user info to admission controllers 2015-05-13 21:31:51 -04:00
Nikhil Jindal d75bd8bf2a Merge pull request #7101 from liggitt/service_account 
ServiceAccounts
 2015-05-12 10:23:41 -07:00
Jordan Liggitt db1f0dc906 JWT token generation/verification 2015-05-11 17:18:06 -04:00
Clayton Coleman ecbca9eb17 Allow v1beta3 to POST events to all namespaces 
A namespaced resource that supports ALL may allow creation
on the root (all namespaces) collection, thus adding POST
here.

We need to better formalize the definition of calls on namespaced
resources at the root scope, so Storage objects that do not support
that call pattern can do so at definition time and reject those
calls.
 2015-05-11 15:51:05 -04:00
Clayton Coleman 84d1f19016 Subresources should be in their parent rest scope 
A subresource like "Binding" does not necessarily have
to have a namespace.  The RESTScope of a subresource
should always be its parent resource.
 2015-05-11 15:51:05 -04:00
Clayton Coleman b2a2ce0bb3 Legacy scope naming should NEVER set namespace for root 
... resources.
 2015-05-11 15:51:04 -04:00
Satnam Singh 220e754f3e Make the API server deal with HEAD requests 2015-05-08 10:33:51 -07:00
Cesar Wong fd65427e28 API Server - pass path name in context of create request for subresource 
Allows a REST storage for a subresource to obtain name in path from
request.
 2015-05-06 13:40:18 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Fabio Yeon 45f85dbf06 Merge pull request #7404 from nikhiljindal/handleIndex 
Updating handleIndex to return 404 for invalid server URL
 2015-04-28 15:51:04 -07:00
Robert Bailey 6d85dcb4a0 Add support for HTTP basic auth to the kube-apiserver. 2015-04-28 10:33:51 -07:00
Filip Grzadkowski c1c24f645c Add summary metrics to apiserver for easier debugging and future use in performance tests 2015-04-28 14:27:18 +02:00
nikhiljindal f864195a5b Returning 404 on invalid server URL 2015-04-27 16:15:52 -07:00
Eric Tune 8a76cbf3d0 Merge pull request #7293 from ashcrow/apiserver_authz_tests 
Added basic apiserver authz tests.
 2015-04-24 13:05:45 -07:00
Steve Milner 1acbfba576 Added basic apiserver authz tests. 2015-04-24 14:38:34 -04:00
Brian Grant 60d7bad147 Merge pull request #7128 from nikhiljindal/fixbeta1tests 
Removing more references to v1beta1 from pkg/
 2015-04-24 11:07:53 -07:00
Masahiro Sano 7c371ee36e lower log level on recovering from panic 2015-04-24 22:09:14 +09:00
Wojciech Tyczynski 159a58ddfb Merge pull request #7169 from fgrzadkowski/requests_by_clients 
Break request metrics in apiserver by client.
 2015-04-24 13:37:50 +02:00
Filip Grzadkowski 8b755c805b Break request metrics in apiserver by client. 2015-04-24 13:16:14 +02:00
nikhiljindal dcc368c781 Removing more references to v1beta1 from pkg/ 2015-04-24 00:45:17 -07:00
David Oppenheimer ee11832d71 Merge pull request #7263 from lavalamp/fix4 
fix watch of single object
 2015-04-23 17:09:59 -07:00
Daniel Smith 2fa3ae9f15 fix watch of single object 2015-04-23 16:02:22 -07:00
nikhiljindal 120904df5f Fixing serviceErrorHandler to use apiVersion specific codec 2015-04-23 14:32:05 -07:00
Xiang Li fb3c8f9452 pkg/apiserver: minor cleanup for errToAPIStatus() 2015-04-22 10:44:03 -07:00
Xiang Li 405ebf4b1e pkg/apiserver: use httpError in handlers.go 2015-04-21 23:05:56 -07:00
Fabio Yeon c6ef2ddf8a Fix "validate-cluster.sh" to use "kubectl get componentstatus". 2015-04-17 11:59:53 -07:00
Fabio Yeon 951a125751 Add "componentstatus" to API for easier cluster health check. 2015-04-17 11:58:23 -07:00
Clayton Coleman b3f03b934d Merge pull request #6869 from csrwng/pod_connect 
Pod proxy, portforward and exec subresources
 2015-04-17 09:49:12 -04:00
Wojciech Tyczynski fafcf79d5d Allow more retries in density test 2015-04-17 12:35:56 +02:00
Daniel Smith 636d0682d7 Merge pull request #6830 from derekwaynecarr/improve_error_msg 
Improve error message when name is omitted but generateName is available
 2015-04-16 17:21:43 -07:00
Brian Grant a927c239fe Merge pull request #6881 from nikhiljindal/errHandle 
Registering a serviceErrorHandler with go-restful to always return JSON responses
 2015-04-16 16:44:17 -07:00
nikhiljindal f9132dc572 Registering serviceErrorHandler with go-restful 2015-04-16 14:59:44 -07:00
Cesar Wong e09b8c99dc Add URL parameters to proxy redirect Location header 
When a URL that doesn't end in "/" is sent to the API proxy,
the proxy responds with a redirect to the URL with a "/" at the
end. The problem is that this redirect path does not include
query parameters that were passed in the original request. This
is a fix to that issue.
 2015-04-16 17:57:45 -04:00
derekwaynecarr 81dcd8c836 Improve error message when name is omitted but generateName is available 2015-04-16 13:06:19 -04:00
Cesar Wong 49abf9133e Add Connecter storage interface to API server 
Connecter is a type of resource that connects a request
coming from the client to an internal request within the cluster.
It will be used for exposing a pod's proxy, exec, and portforward
endpoints.
 2015-04-16 10:20:17 -04:00
Cesar Wong a3f5dfd0e2 Move proxy html transport to utility package 
Moves the proxy html transport that translates html links
from the proxy in apiserver to its own package under util.
 2015-04-16 10:20:17 -04:00
David Oppenheimer 6b28a69a1b Clarify comments describing how GuaranteedUpdate() (previously AtomicUpdate() works. Closes #6626. 2015-04-14 15:38:15 -07:00
Nikhil Jindal 60f0c28fd4 Merge pull request #6725 from smarterclayton/support_subpath_on_getter_with_options 
Allow subpath on GET for GetterWithOptions
 2015-04-13 11:27:41 -07:00
Clayton Coleman 0c8a358de0 Merge pull request #6683 from deads2k/deads-handle-subresources 
add support for authorizing subresources
 2015-04-13 13:53:54 -04:00
Clayton Coleman 0225d76b6a Support subpath on GET for GetterWithOptions 
Allows REST consumers to build paths like:

    /api/v1beta3/namespaces/foo/webhookresource/<name>/<encodedsecretinurl>

Also fixes parameter exposure for subresources (was only fixed for
v1beta3).
 2015-04-11 11:20:13 -04:00
deads2k c17ffb7c4c comments 1: comments 2015-04-10 15:39:20 -04:00
deads2k 72817a0801 add support for authorizing subresources 2015-04-10 12:42:52 -04:00
Brendan Burns 8694f6f550 Add return types to PUT, POST and PATCH methods. 
Also add return types for proxy and redirect handlers.
 2015-04-09 20:17:05 -07:00
Clayton Coleman 7a6b2ec227 Improve the output of the swagger API for watch events 
Stopgap to improve this prior to converting watch resources to
versioned objects.
 2015-04-07 10:46:19 -04:00
Cesar Wong efc7f86baf Add GetterWithOptions and allow stream flushing 
In addition to Getter interface, API Installer now supports a
GetterWithOptions interface that takes an additional options object when
getting a resource. A flag is now returned from rest.ResourceStreamer
that indicates whether the streamed response should be
flushed when written back to the client. This is to support log
streaming.
 2015-04-07 07:46:30 -04:00
Brian Grant 9d9948e3a8 Change "time/Time" to "util.Time", which is what we use in our API for time. 2015-04-06 18:56:56 +00:00
Brian Grant 0d95883593 Merge pull request #6027 from ghodss/kube-patch 
Implement Strategic Merge Patch in apiserver
 2015-04-03 15:08:51 -07:00
Eric Tune e49424785e Merge pull request #6380 from roberthbailey/kubelet-ssl 
Configure the kubelet to use HTTPS (take 2)
 2015-04-03 13:43:00 -07:00
Sam Ghods 2c977db1b3 Implement Strategic Merge Patch in apiserver 2015-04-03 11:51:02 -07:00
Prashanth B 3fe4224b6c Merge pull request #6314 from bparees/tokenbucket 
add a blocking accept method to RateLimiter
 2015-04-02 16:01:17 -07:00
Quinton Hoole 4a2000c4aa Merge pull request #6207 from brendandburns/server 
Add a limit to the number of in-flight requests that a server processes.
 2015-04-02 15:46:54 -07:00
Ben Parees 70be667cf8 add a blocking accept method to RateLimiter 2015-04-02 14:33:18 -04:00
Robert Bailey f15e34a1bf Revert "Merge pull request #6309 from GoogleCloudPlatform/revert-6243-kubelet-ssl" 
This reverts commit 96a0a0d618, reversing
changes made to 2af9b54147.
 2015-04-02 10:44:37 -07:00
CJ Cullen eca22d4c82 Fix off-by-one crash in pkg/apiserver/authn.go 2015-04-01 15:53:22 -07:00
Brendan Burns f327e97661 Add a limit to the number of in-flight requests that a server processes. 2015-04-01 15:06:15 -07:00
Robert Bailey 22d9c67cb7 Merge pull request #6190 from liggitt/client_cert_auth 
Add client cert authentication
 2015-04-01 14:11:29 -07:00
Robert Bailey 32a1c052dc Revert "Configure the kubelet to use HTTPS" 2015-04-01 13:59:31 -07:00
Jordan Liggitt c797a91e36 Add client cert authentication 2015-04-01 13:42:26 -04:00
Robert Bailey 58bc792e68 Configure the master to connect to the kubelet using HTTPS. 2015-04-01 09:09:29 -07:00
Kris Rousey 6904c4d585 Fixing a lot of string formatting issues with regards to: 
* Improper format specifier (e.g. %s for bools or %s for ints)
  * More or less parameters than format specifiers
  * Not calling a formatting function when it should have (e.g. Error() instead of Errorf())
 2015-03-31 16:47:10 -07:00
Daniel Smith 83d5c207c9 Merge pull request #6175 from nikhiljindal/proxy 
Updating proxy to return 301 to add a "/" at the end for #4958 (attempt 2)
 2015-03-30 15:21:46 -07:00
derekwaynecarr 265a0e3ca4 Listing items in a namespace should always include the namespace in the URL 2015-03-30 16:05:40 -04:00