github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
72,673 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

1734 Commits (bee78c9ba061ea37c5123ca8ea6993a17c34c08c)

Author SHA1 Message Date
Bobby (Babak) Salamat a0932c3334 Add a default admission controller to taint new nodes on creation. 2019-01-24 18:07:48 -08:00
Bobby (Babak) Salamat fc52960d2e autogenerated files 2019-01-03 14:25:17 -08:00
Bobby (Babak) Salamat c75356fdfe Add a test that reproduces the race condition between setting nominated node name of a pod and scheduling cycle of other pods 2019-01-03 14:03:30 -08:00
Sergei Orlov 21c1bb8830
kubeapiserver: rename '--experimental-encryption-provider-config' to '--encryption-provider-config'. 
This change renames the '--experimental-encryption-provider-config'
flag to '--encryption-provider-config'. The old flag is accepted but
generates a warning.

In 1.14, we will drop support for '--experimental-encryption-provider-config'
entirely.

Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
 2018-11-19 16:34:09 +01:00
k8s-ci-robot 46ebebcc4f
Merge pull request #65763 from x13n/audit-logging 
Add option to k8s apiserver to reject incoming requests upon audit failure
 2018-11-17 04:39:56 -08:00
k8s-ci-robot f38cc95505
Merge pull request #62692 from mikedanese/trev2 
authn: extend authenticator.Token to support audience validation
 2018-11-16 20:27:25 -08:00
k8s-ci-robot 39c8219999
Merge pull request #71158 from liggitt/revert-openapi-publish 
Revert openapi publish
 2018-11-16 18:22:43 -08:00
k8s-ci-robot 1e22f080ec
Merge pull request #67383 from stlaz/enc_config_promotion 
Introduce apiserver.config.k8s.io/v1 and use standard method for parsing encryption config file
 2018-11-16 16:31:30 -08:00
Mike Danese effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
Jordan Liggitt 8799eb4e2e Revert "Merge pull request #67205 from roycaihw/crd-openapi-spec" 
This reverts commit 54ee58b2d6, reversing
changes made to 9e2820e4c9.
 2018-11-16 16:36:24 -05:00
David Eads 9b31985b08 fix client-side specification of timeout now that it is honored 2018-11-16 11:43:37 -05:00
k8s-ci-robot 54ee58b2d6
Merge pull request #67205 from roycaihw/crd-openapi-spec 
Serve OpenAPI spec for registered CRDs
 2018-11-16 05:12:41 -08:00
k8s-ci-robot 1a54fd4319
Merge pull request #71021 from liggitt/node-self-deletion 
Remove self-deletion permissions from kubelets
 2018-11-16 01:53:31 -08:00
Daniel Kłobuszewski 7a10f4eda7 Add option to k8s apiserver to reject incoming requests upon audit failure 2018-11-16 10:32:49 +01:00
Haowei Cai 4625bf7dad add basic e2e test and integration for CRD openapi 2018-11-15 16:39:49 -08:00
saad-ali 9d4810f25a Bump grpc from 1.7.5 to 1.13.0 2018-11-15 16:39:42 -08:00
k8s-ci-robot b1a52a38e9
Merge pull request #67257 from pbarker/audit 
dynamic audit configuration
 2018-11-15 02:42:59 -08:00
k8s-ci-robot 726c07eb26
Merge pull request #69929 from jsafrane/csi-ga 
Promote CSIPersistentVolume feature to GA
 2018-11-14 20:34:58 -08:00
Patrick Barker eb89d3dddd adds dynamic audit configuration 2018-11-14 17:54:06 -07:00
k8s-ci-robot 9c304cf0cb
Merge pull request #70157 from mikedanese/trev1 
retrofit svcacct token authenticator to support audience validation
 2018-11-14 13:16:44 -08:00
Jan Safranek e95b188656 Generated files 2018-11-14 14:01:16 +01:00
k8s-ci-robot 3e6d414b55
Merge pull request #70967 from mikedanese/fixtropts 
Fix broken defaulting and validation in TokenRequest enablement
 2018-11-13 22:03:42 -08:00
Jordan Liggitt 8d7cc39031 Remove self-deletion permissions from kubelets 2018-11-14 00:42:06 -05:00
Mike Danese 67bbf753cb retrofit svcacct token authenticator to support audience validation 2018-11-13 20:38:41 -08:00
Mike Danese 06935e1c90 split TokenRequest initialization out of run and into complete and validate 2018-11-13 17:27:13 -08:00
Bobby (Babak) Salamat 1b8e1d9ed8 Disable equivalence cache by default in the scheduler integration tests 2018-11-13 11:23:19 -08:00
Stanislav Laznicka 628d1fef37
autogen files 2018-11-13 18:06:12 +01:00
Slava Semushin c21cb548e6
Introduce kubeapiserver.config.k8s.io/v1 with EncryptionConfiguration and use a standard method for parsing config file. 
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
 2018-11-13 14:05:21 +01:00
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
k8s-ci-robot e133ab274d
Merge pull request #70515 from davidz627/feature/csiNodeInfo 
Add explicit "Installed" field to CSINodeInfo and change update semantics
 2018-11-09 06:42:09 -08:00
David Zhu 4621887037 Updated test files with new fields 2018-11-08 19:45:01 -08:00
k8s-ci-robot be800e623a
Merge pull request #69663 from sttts/sttts-scheduler-secure-serving 
scheduler: enable secure port and authn/z
 2018-11-08 17:36:14 -08:00
Dr. Stefan Schimanski 1588af4031 kube-scheduler: add secure serving and authn/z integration tests 2018-11-08 16:43:59 +01:00
Dr. Stefan Schimanski 98d8e87120 integration: rename test/integration/{controllermanager -> serving} 2018-11-08 16:43:59 +01:00
Dr. Stefan Schimanski d91feb6d18 kube-scheduler: move stopCh creation out of scheduler factory code 
Enforces clean ownership of the channel.
 2018-11-08 16:43:59 +01:00
Davanum Srinivas 43f523d405
Switch to sigs.k8s.io/yaml from ghodss/yaml 
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
 2018-11-07 13:17:32 -05:00
k8s-ci-robot 7fe59165b6
Merge pull request #70193 from saad-ali/csiCRDAddon 
Register CSI CRDs as addon
 2018-11-06 23:55:56 -08:00
saad-ali a679486a5e Register CSI CRDs as addon 2018-11-06 10:58:09 -08:00
k8s-ci-robot c8604653f0
Merge pull request #70449 from mikedanese/simplcache 
remove webhook cache implementation and replace with token cache
 2018-11-05 16:32:34 -08:00
Mike Danese 0ec4d6d396 remove webhook cache implementation and replace with the token cache 
The striped cache used by the token cache is slightly more sophisticated
however the simple cache provides about the same exact behavior. I used
the striped cache rather than the simple cache because:

* It has been used without issue as the primary token cache.
* It preforms better under load.
* It is already exposed in the public API of the token cache package.
 2018-11-05 13:08:45 -08:00
Monis Khan f39158a310
Add CRDs to etcd storage path test 
This change updates the etcd storage path test to exercise custom
resource storage by creating custom resource definitions before
running the test.

Duplicated custom resource definition test logic was consolidated.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2018-11-04 16:54:35 -05:00
k8s-ci-robot 03cbb2c321
Merge pull request #70571 from lichuqiang/provision-test-fix 
remove meaningless case in volume binding test
 2018-11-02 18:01:48 -07:00
k8s-ci-robot 9fb1153bd8
Merge pull request #70550 from liggitt/cleanup-scale-clients 
Drop generated clients for Scale types
 2018-11-02 05:29:15 -07:00
lichuqiang f7dbcce272 remove meaningless case 2018-11-02 15:17:20 +08:00
k8s-ci-robot 4351cea80c
Merge pull request #70046 from cheftako/lintCleanGce 
Fixed lint errors for pkg/cloudprovider/providers/gce.
 2018-11-01 13:44:06 -07:00
Jordan Liggitt ff9dc86b3c Drop generated clients for Scale types 2018-11-01 14:49:51 -04:00
zqm19941101 05013135b4
fix typo 2018-10-30 19:27:36 +08:00
walter 735ad9ed63 Fixed lint errors for pkg/cloudprovider/providers/gce. 
Fixed minor issues.
Cleaned up from merge errors.
 2018-10-29 11:52:24 -07:00
Samuel Davidson 294e02ed4b Revert "limit forbidden error to details of what was forbidden" 
This reverts commit ecbd013795.
 2018-10-26 15:58:09 -07:00
Kim Min 79599ac419 Prune internal clientset/informer from kubeapiserver admission initializer (#70167) 
* externalize pv resize admission controller

* externalize podtolerationrestriction admission controller

* externalize podnodeselector admission controller

* remove internal clientset/informer from kubeapiserver admission initializer

* minor change: fixes scheduler integration test compiliation
 2018-10-24 14:47:16 -07:00