70f923ed05
Avoid copying PriorityConfig struct while running priority functions
2018-12-04 11:28:25 -08:00
082b48240a
Implement scheduler.util.backoff as a queue
...
We are going to use PodBackoff for controlling backoff when adding
unschedulable pods back to the active scheduling queue. In order to do
this more easily, limit the interface for PodBackoff to only this struct
(rather than exposing BackoffEntry) and change the backing expiry
implementation to be queue based.
2018-12-04 18:01:43 +00:00
c821f2ed2f
Move scheduling Heap in to scheduler.core.utils
...
The Heap data structure is useful for our backoff system in addition to
scheduling queue. Move it to somewhere it can be consumed by both
systems and properly export needed names. Also adding unit tests
from client-go/tools/cache/heap.go.
2018-12-04 18:01:42 +00:00
33a37702a6
Merge pull request #64280 from dashpole/eviction_pod_metrics
...
Use memory metrics from the pod cgroup for eviction ranking
2018-12-04 08:26:03 -08:00
a605988d5d
Merge pull request #71597 from marc-sensenich/gh-71595/fix-cloud-controller-manager-azure-delete-nodes
...
Add check for cloudProvider.InstanceNotFound in Azure VMSS Instance gets
2018-12-04 05:25:59 -08:00
85b0f58378
Merge pull request #71691 from andyzhangx/make-func-public
...
make GetStorageAccesskey func public
2018-12-04 04:12:30 -08:00
d193fbe45c
Merge pull request #71484 from ritazh/nsg-srcrange-collapse
...
Collapse not shared NSG rules with multiple source ranges
2018-12-04 02:54:24 -08:00
b1aed1593e
Merge pull request #70682 from idealhack/fix-golint-pkg-kubectl-cmd
...
Fix some golint errors for packages in `pkg/kubectl/cmd`
2018-12-04 00:49:09 -08:00
14ad73eaa8
make GetStorageAccesskey public as a lib
2018-12-04 07:02:50 +00:00
6cea9266dc
Merge pull request #71116 from xichengliudui/fix18111602
...
Fix typo: trus->true
2018-12-03 21:27:08 -08:00
8ffc8ef4dd
Merge pull request #68663 from WanLinghao/probe_proxy
...
Disable proxy use in http probe
2018-12-03 21:26:57 -08:00
08a4ee006e
Update a comment in cadvisor boot function
2018-12-04 11:29:58 +08:00
3ef7ef8c6e
Use refactored backoffs in other places
2018-12-04 11:23:01 +08:00
994a2cc4cd
Refactor Azure backoff to support backoff modes
2018-12-04 11:23:01 +08:00
d5c3a959f4
Add new Azure cloud provider option CloudProviderBackoffMode
2018-12-04 11:22:58 +08:00
3c055aa4b4
Fix typos like limitting
2018-12-04 11:01:40 +08:00
b864a5a808
Remove scheduler "TestGroup" utility.
...
This util was used to fake certain aspects of apiserver behavior, such
as resource paths and JSON encoding. Our unit tests have been refactored
so they don't rely on the REST or JSON aspects of apiserver. This util
is no longer needed.
2018-12-03 16:28:21 -08:00
c7598e8844
Merge pull request #71617 from RobertKrawitz/branch-issue71614
...
Issue 71614: Protect log message maps
2018-12-03 14:03:38 -08:00
144280e7a7
Correctly Clear conntrack entrty on endpoint changes when using nodeport
...
When using NodePort to connect to an endpoint using UDP, if the endpoint is deleted on
restoration of the endpoint traffic does not flow. This happens because conntrack holds
the state of the connection and the proxy does not correctly clear the conntrack entry
for the stale endpoint.
Introduced a new function to conntrack ClearEntriesForPortNAT that uses the endpointIP
and NodePort to remove the stale conntrack entry and allow traffic to resume when
the endpoint is restored.
Signed-off-by: Jacob Tanenbaum <jtanenba@redhat.com>
2018-12-03 15:02:48 -05:00
5329f09663
consolidate node deletion logic between node lifecycle and cloud node controller
2018-12-03 13:33:53 -05:00
dc9261bc3b
Merge pull request #71174 from smarterclayton/debug_kubeadm
...
Restore bootstrap in the background with fix to preserve kubeadm behavior
2018-12-03 05:49:57 -08:00
61fbba74e5
Collapse source range in nsg
2018-12-03 08:39:46 +00:00
dde084fc55
Merge pull request #71553 from WanLinghao/token-projected-volume-fix
...
fix a bug in 'kubectl describe'
2018-12-02 22:44:15 -08:00
ccb66066a9
vendor github.com/prometheus/client_golang/prometheus/testutil package
2018-12-02 10:25:50 +08:00
2c322a2ff5
Merge pull request #70227 from bsalamat/reserve
...
Add plugin interfaces for reserve and prebind extension points of the scheduling framework
2018-12-01 05:25:12 -08:00
82abbdc11a
Merge pull request #71488 from bsalamat/queue-sort
...
Change sort function of the scheduling queue to avoid starvation
2018-12-01 03:59:51 -08:00
e056703ea7
Merge pull request #71547 from andrewsykim/check-provider-implements-interface
...
compile check to ensure cloud providers implement cloud interfaces
2018-11-30 23:40:18 -08:00
83b3baaf58
Merge pull request #71581 from saad-ali/fixCSILogEventSpam
...
Reduce CSI log and event spam
2018-11-30 22:27:27 -08:00
5ada29ac16
Rename GetUniqueVolumeNameForNonAttachableVolume to GetUniqueVolumeNameFromSpecWithPod
2018-12-01 12:25:32 +08:00
f5642bbe88
Fix device mountable volume names in DSW
2018-12-01 12:25:14 +08:00
e60f510e38
Autogenerated files
2018-11-30 16:03:47 -08:00
f74b30868c
Add plugin invocation for 'reserve' and 'prebind' plugins to the scheduler.
2018-11-30 16:03:47 -08:00
f6f81fb1f3
Add Context as a mechanism to pass data between plugins.
2018-11-30 16:02:09 -08:00
7221589dde
Add "reserve" and "prebind" plugin interfaces for the scheduling framework.
2018-11-30 16:02:09 -08:00
bc091be66a
Issue 71614: Protect log message maps
2018-11-30 18:04:08 -05:00
f3dc0bc307
fix an param typo of AKS loadbalancer method
2018-11-30 12:18:45 -08:00
4b0f2ab442
compile check to ensure cloud providers implement cloud interfaces
2018-11-30 10:33:34 -05:00
96516bd961
Merge pull request #71263 from ZYecho/fix-spellings
...
fix typo: namspace -> namespace
2018-11-30 06:33:50 -08:00
884b21f352
Add additional err check for cloudProvider.InstanceNotFound error
2018-11-30 13:00:59 +00:00
25c9ac6544
Merge pull request #71515 from DataDog/lbernail/udp-graceful
...
Enable graceful termination for UDP flows when using kube-proxy in IPVS mode
2018-11-30 01:20:27 -08:00
d8b9d9b381
Merge pull request #71370 from WanLinghao/serialization_test_fix
...
fix unit test failure in ./pkg/api/testing/serialization_test.go
2018-11-30 00:04:36 -08:00
79e5cb2cb7
Merge pull request #71302 from liggitt/verify-unit-test-feature-gates
...
Split mutable and read-only access to feature gates, limit tests to readonly access
2018-11-29 21:45:12 -08:00
2fd1949b7f
Merge pull request #71294 from Chenditang/verify-golint
...
Fix golint verify errors.
2018-11-29 21:45:02 -08:00
af6bf1e436
Merge pull request #70645 from changyaowei/node_ephemeral-storage
...
Fix bug: when kubelet restart, the ephemeral-storage in node status upgrade to 0
2018-11-29 21:44:53 -08:00
5f11d089b7
remove unused todo in kubelet_pods.go
2018-11-30 12:51:46 +08:00
9829585260
Merge pull request #70847 from krmayankk/active-dead
...
fix error type when using activeDeadlineSeconds with RS/RC
2018-11-29 19:04:36 -08:00
550f6200c5
Merge pull request #67036 from Huang-Wei/update-ds-pod-tolerations
...
update logic of adding default DS pod tolerations
2018-11-29 19:04:17 -08:00
2251bf0c21
Ensure volume mount err checking done inside op
...
Ensure volume mount error checking is done inside the operation so that
failures get handled with exponential backoff, etc.
2018-11-29 16:52:24 -08:00
81eb9ce491
Merge pull request #71217 from jsafrane/status-update-unit-test
...
CSI v1 leftovers
2018-11-29 15:26:53 -08:00
4372d62ff5
Merge pull request #71211 from jsafrane/meta-status-reset
...
Refactor status PrepareForUpdate into standalone method
2018-11-29 15:26:42 -08:00
8c5b9b7479
Merge pull request #71207 from jsafrane/mount-anyuid-test
...
Fix unit test to run with random UID
2018-11-29 15:26:20 -08:00
409bfc4337
Merge pull request #71047 from pivotal-k8s/bump-k8s-utils
...
Bump k8s.io/uitls to 8e7ff06
2018-11-29 11:17:08 -08:00
6be4f1bbf3
Merge pull request #71471 from mshaverdo/panic_in_attach_detach_controller
...
Fix panic in attachDetachController
2018-11-29 09:30:21 -08:00
527d1c34cc
Merge pull request #70947 from Adirio/nodetree-thread-safety
...
Scheduler internal NodeTree thread-safe NumNodes
2018-11-29 07:36:48 -08:00
d80614d4a7
Merge pull request #70860 from humblec/getVolumeName
...
GlusterFS: Move GetVolumeName() to unimplemented func.
2018-11-29 07:36:28 -08:00
6d189fd316
Merge pull request #70838 from ping035627/k8s-181107
...
Fix the service_controller test cases and some syntax errors
2018-11-29 07:36:18 -08:00
cc153a9cd5
Merge pull request #70612 from jianglingxia/jlx201811031409
...
delete new defined para name in fc volume
2018-11-29 07:36:07 -08:00
b11233a2be
[kube-proxy/ipvs] Generalize handling of InactiveConn to TCP
2018-11-29 13:34:13 +01:00
a29981640f
Fix nil pointer dereference panic in attachDetachController
...
add check `attachableVolumePlugin == nil` to operationGenerator.GenerateDetachVolumeFunc()
2018-11-29 13:10:07 +03:00
d0e8e6b78f
Merge pull request #70613 from jianglingxia/jlx201811031619
...
fix golint problem of volume cephfs/iscsi/nfs
2018-11-29 02:01:13 -08:00
7ae97bcd0b
Merge pull request #66308 from RobertKrawitz/bug-1581483
...
Reduce logspam for crash looping containers
2018-11-29 02:00:54 -08:00
6d87c074e2
Merge pull request #63664 from xchapter7x/pkg-scheduler-api-validation
...
use subtest for table units (pkg/scheduler/api/validation)
2018-11-29 02:00:43 -08:00
ad6e3617d3
update logic of adding default DS pod tolerations
...
- update DS pod default tolerations: add PIDPressure, remove OutOfDisk
- remove useless tolerations testcases
2018-11-29 01:18:32 -08:00
a8639e5b93
Before this patch, the projected volume in kubectl describe command looks like:
...
...
Volumes:
kube-api-access-jp24b:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 0xc00071bee0
...
After this patch, it looks like:
...
Volumes:
kube-api-access-jp24b:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3600
...
2018-11-29 17:06:47 +08:00
06a0ed7f3f
Merge pull request #70596 from neolit123/owners-controller
...
pkg/controller: add SIG label to OWNERS
2018-11-29 00:48:25 -08:00
e5326f22ea
Merge pull request #70471 from xichengliudui/fix181031
...
Fix some typos
2018-11-29 00:48:16 -08:00
d0ac922996
Merge pull request #70440 from nikhita/add-license-headers
...
Add license header to non-generated proto files
2018-11-29 00:48:05 -08:00
d2ca5194ae
Merge pull request #70432 from mvladev/fix-cloud-provider-aws
...
fix aws provider to handle only EBS volumes
2018-11-29 00:47:55 -08:00
29f7e537a9
When node got proxy settings like "http_proxy=xxx".
...
The http probe would use that settings. This could cause probe failure.
This patch fix it.
2018-11-29 16:35:56 +08:00
b548d92b7c
Merge pull request #70392 from harsh-px/cfg-port
...
Lookup PX api port from k8s service
2018-11-28 23:31:50 -08:00
3faeb7ba6f
Merge pull request #70360 from houjun41544/20181029-1
...
Fix an error in comment
2018-11-28 23:31:40 -08:00
b385742d8f
Merge pull request #70127 from dtaniwaki/print-sub-path
...
Fix SubPath printing
2018-11-28 23:31:31 -08:00
64b96d426a
Merge pull request #69885 from clickyotomy/master
...
Fix local copy path for `kubectl cp'.
2018-11-28 23:31:21 -08:00
2e80c3a0b2
Merge pull request #69874 from stewart-yu/patch-1
...
fix some wrong type in printers.go
2018-11-28 23:31:10 -08:00
69bab0de51
Merge pull request #68422 from kellycampbell/fix-nlb-secgroups
...
Fix AWS NLB security group updates
2018-11-28 21:44:48 -08:00
7a958cf9e9
Merge pull request #68402 from saravanan30erd/cloudprovider-ovirt
...
Fix golint failures - pkg/cloudprovider/providers/ovirt
2018-11-28 21:44:38 -08:00
0b78c0b45a
Merge pull request #67927 from k82cn/ds_approver
...
Volunteer to be DaemonSet controller maintainer.
2018-11-28 21:44:18 -08:00
18050e308c
Allow CSI Drivers suporting 0.x/1.x to use old dir
...
Allow drivers implmenting both CSI 0.x and 1.x to use the old volume
plugin directory in addition to the the new volume plugin directory.
2018-11-28 11:11:37 -08:00
1dca64fffd
Use shareable IPC for sandbox container
...
Currently, Docker make IPC of every container shareable by default,
which means other containers can join it's IPC namespace. This is
implemented by creating a tmpfs mount on the host, and then
bind-mounting it to a container's /dev/shm. Other containers
that want to share the same IPC (and the same /dev/shm) can also
bind-mount the very same host's mount.
Now, since https://github.com/moby/moby/commit/7120976d7
(https://github.com/moby/moby/pull/34087 ) there is a possiblity
to have per-daemon default of having "private" IPC mode,
meaning all the containers created will have non-shareable
/dev/shm.
For shared IPC to work in the above scenario, we need to
explicitly make the "pause" container's IPC mode as "shareable",
which is what this commit does.
To test: add "default-ipc-mode: private" to /etc/docker/daemon.json,
try using kube as usual, there should be no errors.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-11-28 11:11:10 -08:00
ed65f6edeb
[kube-proxy/ipvs] Handle UDP graceful termination
...
The current logic is to delete a RS if the number of active connections
is 0. This makes sense for TCP but for UDP the number of active
connections is always 0. This is an issue for DNS queries because the RS
will be deleted but the IPVS connection will remain until it expires
(5mn by default) and if there are a lot of DNS queries, the port will be
reused and queries blackholed. Of course for this to work properly the
service needs to continue to serve queries until the connections expire
(this works fine with the lameduck option of coredns).
2018-11-28 18:02:11 +01:00
b955634d99
[kube-proxy/ipvs] Fix logic of delete function
2018-11-28 18:02:11 +01:00
7acb5a67fb
[kube-proxy/ipvs] Display RS complete name in logs
...
Help distinguish UDP and TCP RS (useful for DNS which uses both)
2018-11-28 18:02:11 +01:00
3373fcf0fc
Reduce logspam for crash looping containers
2018-11-28 10:48:52 -05:00
cd2930258c
fix detch azure disk issue by clean vm cache
2018-11-28 06:25:09 +00:00
82f8f3e7d3
fix unit test failure in ./pkg/api/testing/serialization_test.go with error like:
...
--- FAIL: TestSetControllerConversion (0.00s)
serialization_test.go:104: rs._internal.apps -> rs.v1.apps
serialization_test.go:107: unexpected encoding error: no kind "ReplicaSet" is registered for version "apps/v1beta1" in scheme "k8s.io/kubernetes/pkg/api/legacyscheme/scheme.go:29"
2018-11-28 09:22:45 +08:00
36f8859fa0
autogenerated files
2018-11-27 17:08:58 -08:00
554acf2b38
Change sort function of the scheduling queue to avoid starvation
2018-11-27 17:08:40 -08:00
e8d4debbfc
update the feature comment
2018-11-27 14:05:16 +08:00
e86bdc7989
Forces fsnotify CREATE and REMOVE to occur serially
2018-11-26 22:11:47 -05:00
1e50c57113
Merge pull request #70740 from mfpierre/fix-kubectl-get-sort-out-of-range
...
Fix index out of range error when sorting kubectl get
2018-11-24 12:19:06 -08:00
7b14a5a2a0
should return error when attach/detach failed
2018-11-23 12:42:13 +00:00
205eaee0e5
Merge pull request #71145 from gnufied/test-mounted-detach
...
Fix volume detach while mount in progress
2018-11-22 23:27:48 -08:00
12e5eb7dc9
Merge pull request #71011 from sigma/pr/fix-inotify
...
replace golang.org/x/exp/inotify with standalone library
2018-11-22 18:07:51 -08:00
141d33a2a5
Fix some golint errors for packages in `pkg/kubectl/cmd`
...
Co-authored-by: Arijit Basu <sayanarijit@gmail.com>
2018-11-22 22:09:08 +08:00
20e1ab6744
Merge pull request #71314 from saad-ali/csi03Compat
...
Reintroduce CSI 0.3.x support in CSI Volume Plugin
2018-11-21 19:58:33 -08:00
a7c5582bba
Permit use of deprecated dir in device plugin.
2018-11-21 18:37:31 -08:00
aa8244beb5
Modify CSI to handle both 0.3 and 1.0
...
Modify the CSI volume plugin to handle CSI version 0.x as well as 1.x
2018-11-21 18:37:31 -08:00
d1b44857ad
Add missing feature gate to CSI driver uninstall
2018-11-21 18:37:31 -08:00
2b44ec5e9c
Reduce csipb dependencies
...
Remove csipb dependency from everywhere except the CSI client in
preperation for supporting multiple CSI clients.
2018-11-21 18:37:31 -08:00
8f666d9e41
Modify kubelet watcher to support old versions
...
Modify kubelet plugin watcher to support older CSI drivers that use an
the old plugins directory for socket registration.
Also modify CSI plugin registration to support multiple versions of CSI
registering with the same name.
2018-11-21 18:37:31 -08:00
a49a4b9523
Fixing address locking in CP fake.
...
Follow on to https://github.com/kubernetes/kubernetes/pull/65226 .
2018-11-21 17:17:59 -08:00
2498ca7606
drop VerifyFeatureGatesUnchanged
2018-11-21 11:51:33 -05:00
70ad4dff48
Fix unit tests calling SetFeatureGateDuringTest incorrectly
2018-11-21 11:51:33 -05:00
4dca07ef7e
Fixup incorrect use of DefaultFeatureGate.Set in tests
2018-11-21 11:51:33 -05:00
d440ecdd3b
Update non-test code to use DefaultMutableFeatureGate
2018-11-21 11:51:33 -05:00
9801572181
Merge pull request #71212 from cofyc/fix71068
...
Clear pod binding cache
2018-11-21 05:58:10 -08:00
28182b6606
Merge pull request #71156 from apelisse/race-condition-diff
...
Optimistic-locking on diff
2018-11-21 03:35:04 -08:00
8fc00ebda6
Clear pod binding cache.
2018-11-21 11:24:53 +08:00
75d9a7bebd
correct the event msg of kill container
2018-11-21 10:59:21 +08:00
80de428f49
Fix golint verify errors.
...
**What type of PR is this?**
/kind cleanup
**What this PR does / why we need it**:
$ hack/verify-golint.sh
Errors from golint:
pkg/cloudprovider/providers/aws/aws_fakes.go:357:9: if block ends with a return statement, so drop this else and outdent its block
pkg/volume/util/util.go:204:9: if block ends with a return statement, so drop this else and outdent its block
**Which issue(s) this PR fixes** *(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
2018-11-21 09:11:20 +08:00
a889f37505
Optimistic-locking on diff
...
There is currently a race-condition when diffing, where we get the
object and then run a server-side dry-run patch and compare the two
results. If something changes the object on the server between the get
and the patch, the diff is going to show unrelated changes. We can now
specify the exact revisionversion that we want to patch, and that will
return a conflict, and we can retry multiple times to get a
non-conflicting diff. Eventually (after 3 times), we diff without
checking the version and throw a warning that the diff might be
partially wrong.
2018-11-20 14:34:37 -08:00
89daa462ff
Allow kubectl patcher to patch specific version
...
Give a new "ResourceVersion" option to the patch so that the patch can
be forced against a specific version. Also there is no way to customize
how many retries the patcher should do on conflicts, so also add a
"Retries" option that let's one customize it.
2018-11-20 14:34:08 -08:00
514a5b8f16
Merge pull request #70878 from jingxu97/Nov/repd
...
Remove useBetaAPI option from getReplicaZoneURI
2018-11-20 11:40:51 -08:00
d2b6e30143
Fix bug with volume getting marked as not in-use with pending op
...
Add test for verifying volume detach
2018-11-20 11:58:47 -05:00
596a20ca8a
fix typo: namspace -> namespace
...
Signed-off-by: zhangyue <zy675793960@yeah.net>
2018-11-20 21:47:27 +08:00
0c4b89fad6
Fix typo
2018-11-19 15:28:14 +01:00
665b4daf56
Make sure VolumeAttachment storage implements Patcher
2018-11-19 15:25:26 +01:00
a73f793e8e
Add unit test for metadata modification
2018-11-19 15:19:55 +01:00
787611a614
Refactor status PrepareForUpdate into standalone method
...
Someone else might find reseting metadata fields useful.
2018-11-19 14:46:06 +01:00
982d1778f8
Fix comment error of 'cpuManagerStateFileName'
2018-11-19 08:07:04 -05:00
cfbf6aa925
Fix unit test to run with random UID
...
User that runs the tests desn't need to be in /etc/passwd and thus
user.Current() can fail. Assume the user is not root in this case.
2018-11-19 13:08:54 +01:00
2e5a985e47
Updates after review
2018-11-19 11:44:17 +01:00
1be71b8a99
Add the extra parameter for non-linux code
2018-11-19 10:02:48 +01:00
fde87329cb
bootstrap: Use kubeconfig contents as seed for cert dir if necessary
...
kubeadm uses certificate rotation to replace the initial high-power
cert provided in --kubeconfig with a less powerful certificate on
the masters. This requires that we pass the contents of the client
config certData and keyData down into the cert store to populate
the initial client.
Add better comments to describe why the flow is required. Add a test
that verifies initial cert contents are written to disk. Change
the cert manager to not use MustRegister for prometheus so that
it can be tested.
2018-11-17 19:52:12 -05:00
486577df17
Restore "Make bootstrap client cert loading part of rotation""
...
This reverts the revert of commit 3464222267
2018-11-17 13:44:58 -05:00
3464222267
Revert "Make bootstrap client cert loading part of rotation"
...
This reverts commit 0af19875adde293b2d7d
2018-11-17 10:24:39 -05:00
e3420cc46f
Merge pull request #70494 from RenaudWasTaken/pluginwatcher
...
Ignore non socket files in the kubelet plugin watcher
2018-11-16 22:46:42 -08:00
3be3510814
Merge pull request #69890 from smarterclayton/bootstrap_retry
...
Make bootstrap client cert loading part of rotation
2018-11-16 22:46:33 -08:00
6159bab94a
Merge branch 'master' into jlx201811031619
2018-11-17 12:53:21 +08:00
0094e05975
fix golint problem of volume cephfs/iscsi/nfs
2018-11-17 12:50:47 +08:00
ec2e767e59
Merge pull request #71167 from msau42/block-beta
...
Promote raw block volume support to beta
2018-11-16 20:28:03 -08:00
df8ad8eae1
Merge pull request #71166 from Random-Liu/fix-kubelet-panic
...
Fix kubelet panic.
2018-11-16 20:27:53 -08:00
7e621ccb08
Merge pull request #71063 from Huang-Wei/nodeinfo-clone-panic
...
fix a scheduler panic due to internal cache inconsistency
2018-11-16 20:27:44 -08:00
1f3057b7fb
Merge pull request #70898 from Huang-Wei/preemption-issue
...
ensure scheduler preemptor behaves in an efficient/correct path
2018-11-16 20:27:35 -08:00
f38cc95505
Merge pull request #62692 from mikedanese/trev2
...
authn: extend authenticator.Token to support audience validation
2018-11-16 20:27:25 -08:00
de293b2d7d
Ensure the bootstrap rotation code is tested by forcing rotation
...
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.
Verify that we choose the correct client.
2018-11-16 21:50:52 -05:00
0af19875ad
Make bootstrap client cert loading part of rotation
...
Ensure that bootstrap+clientcert-rotation in the Kubelet can:
1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds
Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).
Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.
Preserve existing behavior where:
1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
2018-11-16 21:50:26 -05:00
4821291398
Merge pull request #71095 from msau42/csi-devicepath
...
Remove devicePath dependency for CSI volumes
2018-11-16 18:22:24 -08:00
f877b2257a
Merge pull request #71074 from jsafrane/volume-manager-races
...
Fix race between MountVolume and UnmountDevice
2018-11-16 18:22:14 -08:00
1a3fbf1f13
Update e2e tests to include CSI
2018-11-17 01:52:57 +01:00
229418f261
Update pluginwatcher to ignore CSI metadata dir and non socket files
2018-11-17 01:51:00 +01:00
b6bbb01f04
Merge pull request #71058 from verult/nodeinfomanager-retry
...
Augmenting API call retry in nodeinfomanager; Revert #70891
2018-11-16 16:31:40 -08:00
18453b01e6
Tolerate apiserver being older than controller-manager
2018-11-16 16:31:27 -08:00
effad15ecc
patch webhook authenticator to support token review with arbitrary audiences
2018-11-16 19:30:42 -05:00
ed17876e52
plumb apiAudience to TokenReview registry
2018-11-16 19:30:42 -05:00
59e80cdac3
Fix kubelet panic.
...
Signed-off-by: Lantao Liu <lantaol@google.com>
2018-11-16 16:21:57 -08:00
974d47ecf8
Remove devicePath dependency for CSI volumes
2018-11-16 15:40:35 -08:00
162699ca30
autogenerated
2018-11-16 17:54:33 -05:00
04837fdef1
authn: add Audiences to TokenReview
2018-11-16 17:54:33 -05:00
b4fd11512a
ensure scheduler preemptor behaves in an efficient/correct path
...
- don't update nominatedMap cache when Pop() an element from activeQ
- instead, delete the nominated info from cache when it's "assumed"
- unit test behavior adjusted
- expose SchedulingQueue in factory.Config
2018-11-16 14:22:15 -08:00
9878253c3c
Merge pull request #70998 from deads2k/client-07-listwatchtimeout
...
update the client generator to set a client-side timeout
2018-11-16 13:19:57 -08:00
a86ba8b3c4
fix a scheduler panic due to internal cache inconsistency
2018-11-16 13:02:13 -08:00
ca18690ceb
Augmenting API call retry in nodeinfomanager
2018-11-16 13:00:22 -08:00
4e9c2a7a9b
Merge pull request #71114 from Lion-Wei/ipvs-reuse
...
fix IPVS low throughput issue
2018-11-16 12:04:00 -08:00
e26b730143
Merge pull request #71103 from Pingan2017/autoscale-sts-kubectl
...
support statefulset in kubectl autoscale command
2018-11-16 12:03:51 -08:00
1b059e577c
Merge pull request #71101 from seans3/qos-resource-fix
...
kubectl: small internal to external type fix
2018-11-16 12:03:41 -08:00
9bbf768ad6
Fix BlockVolume feature gate toggling in validation & defaults unit tests
2018-11-16 13:38:59 -05:00
dd517c9ff2
Update all tests to account for BlockVolume enabled by default
2018-11-16 13:38:59 -05:00
2ff98f7832
Promote BlockVolume to beta
2018-11-16 13:38:59 -05:00
8f7edec615
generated
2018-11-16 12:41:17 -05:00
49d762d929
Fix SubPath printing
2018-11-17 01:41:44 +09:00
733dd9dfd7
Add tests to ensure feature gate changes don't escape kubelet/scheduler packages
2018-11-16 10:52:53 -05:00
de8bf9b63d
fix scheduler and kubelet unit tests leaking feature flag changes
2018-11-16 10:52:53 -05:00
248d661327
Add tests to ensure storage feature gate changes don't escape packages
2018-11-16 10:52:53 -05:00
358c092abe
fix storage unit tests leaking feature flag changes
2018-11-16 10:52:52 -05:00
fd64c08240
Fix storage feature gate test setting
2018-11-16 10:49:40 -05:00
7c4d097faf
Merge pull request #71104 from yue9944882/chore/follow-up-cli-describer-externalization
...
Follow-up of #70950 : Duplicated versioned client in describer
2018-11-16 07:34:39 -08:00
92fe9d9491
Merge pull request #71081 from vladimirvivien/kubelet-plugin-watcher-ga-fix
...
Kubelet Plugin Registration GA migration fix
2018-11-16 05:13:18 -08:00
5283537401
Fixed clearing of devicePath after UnmountDevice
...
UnmountDevice must not clear devicepath, because such devicePath
may come from node.status (e.g. on AWS) and subsequent MountDevice
operation (that may be already enqueued) needs it.
2018-11-16 13:24:42 +01:00
666739ac0c
Merge pull request #70580 from tsmetana/check-pvc-binding-again
...
PV Controller: fix recycling
2018-11-16 03:56:33 -08:00
6fc60428a7
Merge pull request #71020 from saad-ali/updateCSI10
...
Bump CSI Spec to 1.0.0 and gRPC to 1.13.0
2018-11-16 01:53:21 -08:00
1cdc918e11
Merge pull request #70728 from Pingan2017/remove-kubectl-run-container
...
Remove deprecated kubectl command aliases 'run-container'
2018-11-16 01:53:11 -08:00
a856c7ab1d
Merge pull request #70973 from ping035627/k8s-181113
...
Refactor New function
2018-11-15 23:52:54 -08:00
f39060c604
set net/ipv4/vs/conn_reuse_mode to 0
2018-11-16 15:17:24 +08:00
cde4c9ebe1
Merge pull request #68635 from mkimuram/issue/68424
...
CSI block volume refactor to fix target path
2018-11-15 21:35:42 -08:00
5ede82cdc7
fixes duplicated describer client
2018-11-16 11:30:05 +08:00
c3bb1c4601
support statefulset in kubectl autoscale command
2018-11-16 10:42:39 +08:00
371088e83c
delete new defined para name in fc volume
2018-11-16 09:40:11 +08:00
6a57de315d
kubectl: small internal to external type fix
2018-11-15 16:45:17 -08:00
09d3dce38a
Update CSI client to pick up CSI v1.0.0 changes
2018-11-15 16:39:59 -08:00
9c56b53390
Fix the comment for csi block pathes to make look the same to filesystem
2018-11-15 23:26:19 +00:00
e615df9d23
Merge pull request #70950 from yue9944882/chore/prune-cli-describer-internal
...
Use versioned types in kubectl describer
2018-11-15 15:00:12 -08:00
e4ee887121
Merge pull request #69303 from appian/host_aliases_on_same_line
...
Write HostAliases aliases on same line per host IP
2018-11-15 14:59:52 -08:00
7cf211d7de
Merge pull request #69196 from CaoShuFeng/job.yaml
...
fix kubectl wait with no resource name provided
2018-11-15 14:59:42 -08:00
b195396154
Kubelet Plugin Registration v1 update fix
2018-11-15 17:40:35 -05:00
7b4d4bc8ac
Merge pull request #70508 from dashpole/pod_resources_socket
...
Add socket-based kubelet pod resources API.
2018-11-15 13:43:44 -08:00
504466c4e6
Merge pull request #68267 from liggitt/node-label-update
...
Limit kubelets from updating their own labels when NodeRestriction is enabled
2018-11-15 11:11:02 -08:00
630cb53f82
add kubelet grpc server for pod-resources service
2018-11-15 09:43:20 -08:00
288667f436
add KubeletPodResources feature-gate
2018-11-15 09:38:59 -08:00
aa9ba976ac
generate go client for kubelet podresources API
2018-11-15 09:38:59 -08:00
3ece501f6b
add kubelet pod-resources API definition
2018-11-15 09:38:59 -08:00
da9387131e
prune internal clients from kubectl describer
2018-11-16 00:11:10 +08:00
f9c9ef6ec0
PV Controller: fix recycling
...
In the situation when a PVC is deleted and a new one with the same name
bound to a different PV the "old" PV may fail to recycle since it's
associaded with a PVC that is detected as being in use. This may cause
the recycler processes to hang.
2018-11-15 16:38:25 +01:00
0d4b5c98f8
Bump k8s.io/uitls to 8e7ff06
...
The reason for the bump is the new functionality of the
k8s.io/utils/exec package which allows
- to get a hold of the process' std{out,err} as `io.Reader`s
- to `Start` a process and `Wait` for it
This should help on addressing #70890 by allowing to wrap std{out,err}
of the process to be wrapped with a `io.limitedReader`.
It also updates
- k8s.io/kubernetes/pkg/probe/exec.FakeCmd
- k8s.io/kubernetes/pkg/kubelet/prober.execInContainer
- k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet.fakeCmd
to implement the changed interface.
The dependency on 'k8s.io/utils/pointer' to the new version has also
been bumped in some staging repos:
- apiserver
- kube-controller-manager
- kube-scheduler
2018-11-15 13:25:12 +00:00
b1a52a38e9
Merge pull request #67257 from pbarker/audit
...
dynamic audit configuration
2018-11-15 02:42:59 -08:00
68f9dacabf
Fix typo: trus->true
2018-11-15 01:36:15 -05:00
9e760732c3
Refactor New function
...
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
add comments for InitPolicyFromFile
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
make the methods package private
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
2018-11-15 14:30:19 +08:00
843a67b215
Merge pull request #70559 from vladimirvivien/kubelet-plugin-watcher-ga
...
Graduate Kubelet plugin registration/watcher to GA
2018-11-14 20:35:08 -08:00
726c07eb26
Merge pull request #69929 from jsafrane/csi-ga
...
Promote CSIPersistentVolume feature to GA
2018-11-14 20:34:58 -08:00
012a438dbe
Merge pull request #68655 from goodluckbot/kubectl-cordon-drain-uncordon
...
Support multiple arguments for cordon and drain
2018-11-14 20:34:48 -08:00
6d7b5f1d1b
Delegate creation of publishPath to driver and allow creating device file directly
2018-11-15 01:14:12 +00:00
5cb70e369f
adds dynamic audit configuration generated
2018-11-15 01:03:45 +00:00
eb89d3dddd
adds dynamic audit configuration
2018-11-14 17:54:06 -07:00
eaff4fd4d2
Tolerate existing CSI fields in PVs when the feature is disabled
2018-11-14 17:57:54 -05:00
9c304cf0cb
Merge pull request #70157 from mikedanese/trev1
...
retrofit svcacct token authenticator to support audience validation
2018-11-14 13:16:44 -08:00
d8c6fe5202
Change stagingPath to be a directory
2018-11-14 20:53:28 +00:00
5a84dffc75
Merge pull request #71007 from mikedanese/allowdefault
...
TokenRequestProjections should allow API server to default empty audience
2018-11-14 11:38:16 -08:00
1a9fd268a9
Merge pull request #71005 from mikedanese/certpubfix
...
rootcacertpublisher: trigger resync on namespace add and update
2018-11-14 11:38:07 -08:00
68fb529ec1
Merge pull request #70969 from awly/node-csr-move
...
Move csr.RequestNodeCertificate into kubelet bootstrap package
2018-11-14 11:37:58 -08:00
f0354ad605
Fix for adding block volume support to CSI RBD driver
2018-11-14 19:20:56 +00:00
774f162884
Merge pull request #70999 from liggitt/oversized-spdystream-frames
...
Ensure oversized data frames are not written to spdystreams
2018-11-14 09:26:06 -08:00
529d5a5c50
Fix comment error of the struct 'UserDefinedMetric'
2018-11-14 11:05:06 -05:00
8cfce0af99
Tighten up validation of VolumeAttachment fields
2018-11-14 16:46:59 +01:00
498cd61f41
Add volumeattachment status subresource
2018-11-14 14:01:16 +01:00
e95b188656
Generated files
2018-11-14 14:01:16 +01:00
633431c38a
Promote CSIPersistentVolumeSource to GA
2018-11-14 14:01:16 +01:00
534ce94c22
Move CSIPersistentVolume feature to GA
2018-11-14 14:01:16 +01:00
e2409a054b
Fixes NodePort in ipv6 with proxy-mode=ipvs. #68437
...
Use ipv6 addresses for NodePort with proxy-mode=ipvs in a
ipv6-only cluster.
2018-11-14 12:34:06 +01:00
f16d3c56f6
Kubelet plugin watcher update to v1
2018-11-14 05:46:27 -05:00
668c532dda
Pluginregistration package updat to v1
2018-11-14 05:46:19 -05:00
a44c2b9eeb
Merge pull request #70035 from liggitt/retain-quota-metadata
...
Avoid dropping resourcequota metadata in controller
2018-11-14 01:29:53 -08:00
3e6d414b55
Merge pull request #70967 from mikedanese/fixtropts
...
Fix broken defaulting and validation in TokenRequest enablement
2018-11-13 22:03:42 -08:00
9fb2dcad5e
Limit kubelets from updating their own labels
2018-11-13 23:48:47 -05:00
67bbf753cb
retrofit svcacct token authenticator to support audience validation
2018-11-13 20:38:41 -08:00
3167b15908
TokenRequestProjections should allow API server to default empty audience
2018-11-13 20:25:16 -08:00
4c4a76557d
Merge pull request #70956 from apelisse/add-diff-test
...
Add test for CRD server-dry-run and fix bug
2018-11-13 19:45:53 -08:00
d3a21cf5a2
Merge pull request #70848 from cofyc/fix64590
...
Improve usability of CSI plugin metrics
2018-11-13 19:45:43 -08:00
54243e1921
Merge pull request #69344 from zegl/improve-kubectl-apply-prune-output
...
Fix dry-run output in kubectl apply --prune
2018-11-13 19:45:34 -08:00
cc4d38c768
Typo fix: healtcheck->healthcheck ( #65394 )
...
Typo fix: healtcheck->healthcheck
Typo fix: healtcheck->healthcheck
2018-11-13 19:45:24 -08:00
0202e269a3
Fix sending oversided data frames to spdy stream
2018-11-13 22:13:09 -05:00
50c384ff9e
Merge pull request #70833 from WanLinghao/typo_fix
...
fix a typo import by myself
2018-11-13 18:07:23 -08:00
c32530ddf2
Fix the service_controller test cases and some syntax errors
...
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
add test condition and remove TODO
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
update test
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
2018-11-14 08:29:58 +08:00
d00cb23c8d
Merge pull request #71006 from liggitt/kubectl-run-apps-v1
...
update kubectl run to generate apps/v1 deployments
2018-11-13 16:14:23 -08:00
a04e854428
Merge pull request #70742 from ddebroy/ddebroy-csinode1
...
Add validation of CSINodeInfo fields before Create/Update actions
2018-11-13 16:13:55 -08:00
709e6ac3e2
Merge pull request #70413 from Pingan2017/kubectl-config-view
...
validate args for kubectl config view
2018-11-13 16:13:45 -08:00
bc6aee19b0
Merge pull request #70884 from lavalamp/workqueue
...
add a metric that can be used to notice stuck worker threads
2018-11-13 14:59:27 -08:00
68b4be3e19
Merge pull request #70775 from freehan/pod-ready-cli
...
add readiness gates in kubectl extended output for pods
2018-11-13 14:59:18 -08:00
a88f2973e0
Merge pull request #70466 from Pingan2017/get-statefulset
...
Improve human-readable output of Deployments and StatefulSets
2018-11-13 14:59:08 -08:00
4d9c01d747
replace golang.org/x/exp/inotify with standalone library
...
The inotify code was removed from golang.org/x/exp several years ago. Therefore
importing it from that path prevents downstream consumers from using any module
that makes use of more recent features of golang.org/x/exp.
This change is a followup to google/cadvisor#2060 which was merged with #70889
This fixes #68478
2018-11-13 14:51:40 -08:00
fb3d1caf9b
fix a typo error imported by https://github.com/kubernetes/kubernetes/pull/68812
2018-11-13 13:23:10 -08:00
a160e259f3
Feature gate update to GA
2018-11-13 16:03:39 -05:00
03f26e4612
update kubectl run to generate apps/v1 deployments
2018-11-13 14:39:25 -05:00
bf02f55147
rootcacertpublisher: trigger resync on namespace add and update
...
Last cleanup was a bit overzealous.
2018-11-13 11:38:45 -08:00
766aab509a
dedup APIAudiences config in kube-apiserver, use GenericConfig field
2018-11-13 11:07:31 -08:00
5c073abfe1
Move csr.RequestNodeCertificate into kubelet bootstrap package
...
This func is only used by the kubelet and there's no need to pollute
client-go API with it.
2018-11-13 10:27:51 -08:00
bd2cb5a72d
Merge pull request #70831 from mikedanese/securesvcacct
...
add BoundServiceAccountTokenVolume feature
2018-11-13 08:54:25 -08:00
67b7d9777d
Merge pull request #70749 from brancz/log-metrics
...
pkg/kubelet/logs: Add container log size metric
2018-11-13 06:47:08 -08:00
05759a9091
Handle validation of drivers in Spec and Status
...
Signed-off-by: Deep Debroy <ddebroy@docker.com>
2018-11-13 02:35:30 -08:00
af73d7bdc1
Add validation of CSINodeInfo before Create/Update calls
...
Signed-off-by: Deep Debroy <ddebroy@docker.com>
2018-11-13 00:48:56 -08:00
c7cba7370f
Scheduler internal NodeTree thread-safe NumNodes
...
Signed-off-by: Adrián Orive <adrian.orive.oneca@gmail.com>
2018-11-13 08:40:48 +01:00
Bobby (Babak) Salamat