kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,197 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

3197 Commits

Author SHA1 Message Date
Wenjia Zhang 41da2ced4c Replace github.com/coreos/etcd by go.etcd.io/etcd 
Kubernetes-commit: 3b274fad2a719dc1fd0eaef6c55a0d344db10242
 2019-10-15 22:38:43 -07:00
Joe Betz 25accf5baf Bump bbolt to v1.3.3 
Kubernetes-commit: 1db282bb3e2a92a704b5a2266b9515b5e73e9c6a
 2019-10-15 13:38:16 -07:00
Jordan Liggitt b486e08485 bump github.com/json-iterator/go v1.1.8 
Kubernetes-commit: e323279ab94e2434fa610a476ad6d7630228be0e
 2019-10-12 10:10:03 -04:00
Jordan Liggitt 54aa70b012 Add support for --runtime-config=api/beta=false, --feature-gates=AllBeta=false 
Allow disabling all beta features and APIs

Kubernetes-commit: a5760dee812d280e4de203fccf58214051d0d62a
 2019-10-12 09:59:14 -04:00
immutablet 3079381054 Use single kms-plugin mock in unit and integration tests. 
Kubernetes-commit: 4d24b41410f2253c7b2f9e2b6d56910894016c61
 2019-10-11 15:25:05 -07:00
Monis Khan c2289feb1e Hash keys used in cached token authenticator 
It is possible to configure the token cache to cache failures.  We
allow 1 MB of headers per request, meaning a malicious actor could
cause the cache to use a large amount of memory by filling it with
large invalid tokens.  This change hashes the token before using it
as a key.  Measures have been taken to prevent precomputation
attacks.  SHA 256 is used as the hash to prevent collisions.

Signed-off-by: Monis Khan <mkhan@redhat.com>

Kubernetes-commit: 9a547bca8e6e15273bfafd3496aa6524fd7d35bd
 2019-10-11 15:21:34 -04:00
Kubernetes Publisher 0d1aa698ce Merge pull request #83858 from mrbobbytables/update-apiserver-owners 
Prune inactive reviewers from staging/src/k8s.io/apiserver/* OWNERS files.

Kubernetes-commit: 34db57b0071aa62f546020ad4d7cb603196dd0d7
 2019-10-14 19:00:47 +00:00
Kubernetes Publisher 28bb4eaefb Merge pull request #83678 from RainbowMango/pr_remove_prometheus_reference_from_storage 
Remove prometheus reference from storage

Kubernetes-commit: f7992c7a214cc9ffbf43a4d340c1c3e913f667e3
 2019-10-14 15:00:45 +00:00
Bob Killen 01b17215e9 Prune inactive owners from staging/src/k8s.io/apiserver/* OWNERS files. 
Kubernetes-commit: 20285dd4608d4dbe7c86a4997c8975bfbf6d1b1c
 2019-10-12 19:35:18 -04:00
Bruce Ma 87c35dc179 address some comments 
Clean up useless functions, only keep the basic function Deal
and the function DealIntoHand which will be used by Priority
and Fairness.

Improve some comments for constants and functions.

Introduce Dealer to combine parameters and methods into a whole.

Use fixed-size slice to improve performance.

Use math.Ceil and math.Log2 to calculate required entropy bits.

Make the given hand adaptive to handSize in DealIntoHand.

Signed-off-by: Bruce Ma <brucema19901024@gmail.com>

Kubernetes-commit: 7a3ca070cdd9804a22bf5db8a99576b09fc52484
 2019-10-11 20:06:31 +08:00
Joe Betz 1ee386df74 Add HTTP 410 (Gone) status code checks to reflector and relist with RV='' 
Kubernetes-commit: e2fe126d485af243d45f06bafd2ca83931881429
 2019-10-09 16:45:32 -07:00
RainbowMango 92ea37b476 Deal with auto-generated files. 
- Update bazel by hack/update-bazel.sh
- Update vendor by hack/update-vendor.sh

Kubernetes-commit: 6764bf394856a0d0979131bf985ce73cec4da72a
 2019-10-09 22:01:46 +08:00
RainbowMango dfdab3a0c8 Remove direct reference to prometheus from apiserver/pkg/storage/value. 
Kubernetes-commit: 78d0f1827acfb8400d6e1622d55bdfed64b047ed
 2019-10-09 21:58:51 +08:00
Kubernetes Publisher 357923dfd1 Merge pull request #83801 from jpbetz/etcd-3_3_17_client 
Upgrade to etcd client 3.3.17

Kubernetes-commit: 5e2650883af75cfb09eb4a65b4fb0e7d867a104f
 2019-10-14 07:20:02 +00:00
Kubernetes Publisher ec095274d0 Merge pull request #83459 from deads2k/cert-reload-subject 
dynamic delegated authn header reload

Kubernetes-commit: 527f6e1b4e99efbc9774ffb33487ecd3b8cb666a
 2019-10-14 07:20:00 +00:00
Kubernetes Publisher 934c73955b Merge pull request #83785 from yastij/bump-utils-rangesize 
bump k8s.io/utils to pickup bug fix for rangesize func

Kubernetes-commit: 677903edc6cfe1fb045a55b0734ee05ce8c3d03c
 2019-10-14 07:19:59 +00:00
Kubernetes Publisher 87e106d504 Merge pull request #83610 from SataQiu/metrics-apiserver-20191008 
Eliminate direct references to prometheus from apiserver admission

Kubernetes-commit: 30603a8b58e1d14a7a1c1a62ca10f984d15bc083
 2019-10-14 07:19:57 +00:00
Kubernetes Publisher 1613cc8dee Merge pull request #83763 from jpbetz/revert-3316 
Revert #83735: Update etcd client to 3.3.16

Kubernetes-commit: faad5d52bcefa903a0adf4b1dea9a9413944ca33
 2019-10-14 07:19:56 +00:00
Joe Betz 5ebe913d25 Upgrade to etcd 3.3.17 
Kubernetes-commit: 41e03d26d56e2d5070b532fd28e68d10b88e15bb
 2019-10-11 13:28:41 -07:00
Yassine TIJANI 43f5144852 bump k8s.io/utils to pickup bug fix for rangesize 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>

Kubernetes-commit: 5d49cbd3cae68d7aafdeac7f2ca08208118f09ad
 2019-10-11 16:45:21 +02:00
Joe Betz 3839aee69d Revert #83735: Update etcd client to 3.3.16 
Kubernetes-commit: 2a4217340ec2ee72ef2e8ea1ee87826609ca94f4
 2019-10-11 00:17:00 -07:00
Kubernetes Publisher 93d2a18bde Merge pull request #83237 from jfbai/feat-add-agent-and-remote 
feat(apiserver): add user-agent and remote info into trace log for endpoints handlers.

Kubernetes-commit: 103a5f92d6e40630c9c7bf043f3df1a0b7958dc0
 2019-10-14 07:19:54 +00:00
Kubernetes Publisher b779900277 Merge pull request #83735 from jpbetz/etcd3316-client 
Update etcd client to 3.3.16

Kubernetes-commit: 8f968c41d29c9fb2a322825b0e2c19ed7e589966
 2019-10-14 07:19:52 +00:00
Kubernetes Publisher b803d9d0d3 Merge pull request #83583 from wojtek-t/improve_negotiate_media_type 
Improve negotiate media type

Kubernetes-commit: 09b4787126240489081502e553c466e85a3bd51f
 2019-10-10 20:09:05 +00:00
Joe Betz 6354df54c0 Update etcd client to 3.3.16 
Kubernetes-commit: ad6aeecf30354ce9cd14de63afd444e1a845f418
 2019-10-10 07:49:36 -07:00
Jianfei Bai a5b9ca7482 feat(apiserver): add user-agent and remote info into trace log for endpoints handlers. 
Kubernetes-commit: 91bddd13485082892be8e8e471e358be317c4e9b
 2019-10-10 21:30:05 +08:00
Kubernetes Publisher a9bd356af6 Merge pull request #80883 from liggitt/admission-v1 
Switch admission webhook config manager to v1

Kubernetes-commit: 3edbc6afff17ea8dfe5c10b2677dcdc8767f67e2
 2019-10-10 12:01:41 +00:00
Wojciech Tyczynski 5f538bd5e3 Optimize NegotiateMediaTypeOptions 
Kubernetes-commit: 1baf4778ae130dc9c305736216b5f5024a962595
 2019-10-10 11:49:31 +02:00
Wojciech Tyczynski fba1140b91 Update munnerz/goautoneg dependency 
Kubernetes-commit: 053721d9d5bd7209a8c9d63eca9eea763ec7f391
 2019-10-10 10:50:41 +02:00
Kubernetes Publisher 07fc332df3 Merge pull request #83595 from immutableT/remove-deprecated 
Replace deprecated methods in the logic involved in the construction of gRPC connection to kms-plugin.

Kubernetes-commit: 088322687fa7b28188e89cb54350445c54de484e
 2019-10-10 04:02:02 +00:00
SataQiu 630eda2c9b eliminate direct references to prometheus 
Kubernetes-commit: f99b4339681329779e44cd9f0c8ffdbabfeb6fcf
 2019-10-10 11:18:52 +08:00
Kubernetes Publisher 2647efb971 Merge pull request #83643 from lavalamp/bigger-auth-cache 
increase auth cache size

Kubernetes-commit: 6992d1386c481437acbfc2a7edcf4ae3575cc85c
 2019-10-09 12:09:23 +00:00
Kubernetes Publisher d01b9c8b1a Merge pull request #82630 from RainbowMango/pr_migrate_prom_bucket_for_apiserver 
Migrate prometheus bucket functionality to metrics stability framework for apiserver

Kubernetes-commit: 3b17884ca2d90e637989f34d81c84ff04499d578
 2019-10-09 12:09:21 +00:00
Han Kang a5356f425d pluralize error metric name 
Change-Id: I12eb94f41ded20ed5a16332ada13a7b34f75de18

Kubernetes-commit: 5e652fe12605027509870d5d7f821390f20b1cee
 2019-10-08 15:49:12 -07:00
Daniel Smith 344ca1b3a8 increase auth cache size 
Kubernetes-commit: 236112c6af9b22b02e35914fe8fbbdbfe856f975
 2019-10-08 14:27:28 -07:00
Daniel Smith 168addcfe5 Add an authn cache benchmark 
Kubernetes-commit: 420a44da0138cb64fa5d4e9fab79d8be3527ffd8
 2019-10-08 13:34:51 -07:00
Jack Kleeman 40fefa1b37 Plumb dynamic SNI certificates 
We create and use a dynamic certificate provider for the SNI serving
certificates. Currently we only use static serving certificate
providers, so the files are not reloaded, but we should be able to move
to a provider that is able to reload later on.

Kubernetes-commit: 84bc6b151d0726db0c737443874577f044e0e9c8
 2019-10-08 19:03:56 +01:00
Kubernetes Publisher c29386a605 Merge pull request #83527 from odinuge/runc-rc9 
Bump dependency opencontainers/runc@v1.0.0-rc9

Kubernetes-commit: 3f8f0a32fa980d977a8aa05c229097cddf5e6e38
 2019-10-08 12:02:33 +00:00
Kubernetes Publisher 1e8e896aec Merge pull request #83121 from sftim/20190925_fix_apiserver_help_readyz_typo 
Fix typo in API server help for shutdown-delay-duration

Kubernetes-commit: 0956acbed17fb71e76e3fbde89f2da9f8ec8b603
 2019-10-08 00:01:31 +00:00
immutablet 5035dae3d5 Replace deprecated methods in the logic involved in the construction of gRPC connection to kms-plugin. 
Kubernetes-commit: e50c264c35a32200febde3b10838b2ef2f986c39
 2019-10-07 15:57:47 -07:00
David Eads 84d21cfff4 wire up a means to dynamically reload ca bundles for kube-apiserver 
Kubernetes-commit: 6beb96261e29754f2b7d0e44829eb6d15422cebf
 2019-10-07 14:06:42 -04:00
Jack Kleeman 8da4640a3d Plumb dynamic serving certificates 
We create and use a dynamic certificate provider for the main apiserver
serving certificates: SNI will be handled separately later. Currently we
only use static serving certificate providers, so the files are not
reloaded, but we should be able to move to a provider that is able to
reload later on.

Kubernetes-commit: 6f89f1027488aeba4af0786988c2fd2ace9a6f1d
 2019-10-07 18:49:24 +01:00
David Eads f0a6fac13c add dynamic cabundle from file 
Kubernetes-commit: b0c272e1fb6782ca0b755294c6f9046995769553
 2019-10-07 12:58:15 -04:00
Odin Ugedal 1d2083ab95 Bump dependency github.com/coreos/go-systemd@v19 (95778df) 
Kubernetes-commit: c07408380de0e430fd94df1b1d03b672b1801b6e
 2019-10-05 14:28:46 +02:00
Kubernetes Publisher 279a76350f Merge pull request #81816 from jennybuckley/apply-cap-managers 
[server-side apply] Cap the number of managedFields entries for updates at 10

Kubernetes-commit: a8e8e54f7a6e3267c7c47bb2037a2dc0ffce8976
 2019-10-05 12:05:00 +00:00
Kubernetes Publisher 85b7c497d8 Merge pull request #82176 from pohly/ginkgo-stack-fix 
Ginkgo update + stack fix

Kubernetes-commit: b140b431073ae4d84ce9ef5e01a1f27058178ead
 2019-10-05 12:04:58 +00:00
Kubernetes Publisher c060079d41 Merge pull request #83500 from deads2k/tls-config 
refactor tlsConfig creation for secure serving

Kubernetes-commit: c4383c9aa17217f011fc508dd598f720c44f7765
 2019-10-05 08:01:29 +00:00
Kubernetes Publisher 9f20cfae34 Merge pull request #82662 from jpbetz/api-machinery-jpbetz-reviewer 
Add jpbetz as reviewer of api-machinery code

Kubernetes-commit: 108e8a6a4a035623456002a82ffa5f360a3b9854
 2019-10-05 04:01:29 +00:00
Kubernetes Publisher b1066a01e9 Merge pull request #83452 from wojtek-t/avoid_unnecessary_identifier_computations 
Avoid unnecessary identifier computations

Kubernetes-commit: 386a27fd447acbd18fc6169afb66bba4d4959f1c
 2019-10-05 00:01:47 +00:00
Kubernetes Publisher dd282eb3a3 Merge pull request #82371 from deads2k/cert-reload-delegated 
add ability to authenticators for dynamic update of certs for delegated authn

Kubernetes-commit: 7ac65858bb9fdf41bb0cf3b257a4943ea8457ed6
 2019-10-04 16:05:24 +00:00