kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,643 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

391 Commits

Author SHA1 Message Date
Abu Kashem 98ffe5507d apiserver: update apf logic to use v1beta3 
Kubernetes-commit: 0a99e6ebb1e241bf421f6df44b15a5a16063a9f2
 2022-09-10 07:26:31 -04:00
SataQiu 2c587cfaab kube-apiserver: mark unused master-service-namespace flag as deprecated 
Kubernetes-commit: 3cd3ab5f943a5b0e1bc0dc53c90ed9cf0aa811ad
 2022-09-30 16:13:13 +08:00
Monis Khan c602291fa1 encryption config: no-op refactor to prepare for single loading 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: db850931a8699e780dd794e1763fd0e54b4239b5
 2022-08-29 17:25:48 -04:00
Davanum Srinivas ae4a45db07 update to v1.12.0 of semconv 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 01d8a4f0c56131de2ee8b4ba5ffd384de4b38578
 2022-09-18 19:33:02 -04:00
Davanum Srinivas 6c2030e10c update code to use newer otel api 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 3eaca7cf519808fcb98d4c43e666ea750270d825
 2022-09-17 14:27:06 -04:00
SataQiu d9a11fffae remove DeprecatedInsecureServingOptionsWithLoopback 
Kubernetes-commit: d545de2b96de094107c3b687d8d48663af8f9fae
 2022-09-11 21:22:18 +08:00
Monis Khan 70b4742ce2 kms: fix go routine leak in gRPC connection 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 4e68e9b5ad70ae074b3fb20f0fb2ba25d0792274
 2022-08-24 01:51:19 +00:00
xueqzhan 9d6934f8fa Add DisableAnonymous to DelegatingAuthenticationOptions 
Kubernetes-commit: 5619c71eb0b9fae13c831d92797da9427094518f
 2022-09-01 11:58:51 -04:00
Anish Ramasekar bdd7082eed chore(kms): remove unused plugin name and migrate from deprecated `io/ioutil` pkg 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 7db7a63959162d743f771183bf4e88e82afef868
 2022-08-23 22:55:22 +00:00
David Eads 6a7c6a0940 Revert "Add an option to conditionally disable compression based on client ip." 
This reverts commit 023583a15586328569ccab505db2f57f398e04b3.

Kubernetes-commit: 2f3ffbed2cffaaba63304318bc1d09b0144600ff
 2022-08-17 15:08:39 -04:00
Anish Ramasekar 225e26ac4a Implement KMS v2alpha1 
- add feature gate
- add encrypted object and run generated_files
- generate protobuf for encrypted object and add unit tests
- move parse endpoint to util and refactor
- refactor interface and remove unused interceptor
- add protobuf generate to update-generated-kms.sh
- add integration tests
- add defaulting for apiVersion in kmsConfiguration
- handle v1/v2 and default in encryption config parsing
- move metrics to own pkg and reuse for v2
- use Marshal and Unmarshal instead of serializer
- add context for all service methods
- check version and keyid for healthz

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: f19f3f409938ff9ac8a61966e47fbe9c6075ec90
 2022-06-29 20:51:35 +00:00
Sally O'Malley 4f9e133507 kubelet tracing 
Signed-off-by: Sally O'Malley <somalley@redhat.com>
Co-authored-by: David Ashpole <dashpole@google.com>

Kubernetes-commit: 47e7d8034ff3be8e198dde6a671d05a11c30e333
 2021-10-10 09:17:27 -04:00
Maciej Borsz 40280f9889 Add an option to conditionally disable compression based on client ip. 
Kubernetes-commit: 023583a15586328569ccab505db2f57f398e04b3
 2022-07-29 08:44:14 +00:00
Anish Ramasekar 8ab3aa3011 feat:(kms) encrypt data with DEK using AES-GCM instead of AES-CBC 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: d54631a41a869f7a28d82fcab2e174ee85879027
 2022-07-13 17:14:50 +00:00
Maciej Wyrzuc cb0bb2af35 Add additional etcd check to readyz with 2 seconds timeout. 
Kubernetes-commit: b42045a64fd07fb948660839b6c7c14440bee9df
 2022-07-25 13:08:50 +00:00
Davanum Srinivas 7e94033a61 Generate and format files 
- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: a9593d634c6a053848413e600dadbf974627515f
 2022-07-19 20:54:13 -04:00
Vladimir Nachev 5236515712 Ensure the dir of --audit-log-path exists 
Signed-off-by: Vladimir Nachev <vladimir.nachev@sap.com>

Kubernetes-commit: a380ef5c416194826b70ae75dc4e86776e1a3afe
 2022-06-27 17:21:02 +03:00
Wojciech Tyczyński 5ab2c69c4c Fix ResourceQuota admission shutdown 
Kubernetes-commit: f8211d7e447cc6c29139ebf3422f0752278d6da1
 2022-05-18 19:30:23 +02:00
Wojciech Tyczyński 2f9a2acafb Fix stop signal to drained signal in genericapiserver config 
Kubernetes-commit: b56491e6cfe216adc245abfa099757e779403982
 2022-05-18 18:55:45 +02:00
Wojciech Tyczyński 0a7c4bcca1 Cleanup etcd healthcheck on shutdown 
Kubernetes-commit: cb80082f666e0e5fe220df32e31a8face18e9393
 2022-05-10 11:12:08 +02:00
Mike Spreitzer 010d347f35 Update flag descriptions for watch cache 
Kubernetes-commit: 2ea3afe425836253202dd36239d8b54149ccb53c
 2022-03-31 10:55:51 -04:00
Mike Spreitzer 60facb736d Log whether watch cache is used for particular resources 
Kubernetes-commit: ce3bf7ae944d4d9255537617b340d5da4efc288f
 2022-03-30 23:16:02 -04:00
Anish Ramasekar e442eafb33 feat: prepare KMS data encryption for migration to AES-GCM 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
Co-authored-by: Monis Khan <mok@vmware.com>
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 90b42f91fd904b71fd52ca9ae55a5de73e6b779a
 2022-03-16 17:54:10 +00:00
Ravi Gudimetla 1ee261d219 API Server Changes 
This commit includes all the changes needed for APIServer. Instead of modifying the existing signatures for the methods which either generate or return stopChannel, we generate a context from the channel and use the generated context to be passed to the controllers which are started in APIServer. This ensures we don't have to touch APIServer dependencies.

Kubernetes-commit: 8b84a793b39fed2a62af0876b2eda461a68008c9
 2022-03-07 09:20:45 -05:00
ialidzhikov 38f395ca57 apiserver: Remove the deprecated `--deserialization-cache-size` flag 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>

Kubernetes-commit: ee2530ffd4db0cdc8384f7d4acb014e79bb224e9
 2022-03-02 15:33:21 +02:00
carlory 871a4b7200 remove audit.k8s.io/v1[alpha|beta]1 versions 
Kubernetes-commit: fcc282f9f2050aaa4007d6f0444b0f4972925fea
 2022-02-13 13:23:49 +08:00
ialidzhikov bce3488a65 apiserver: Remove the deprecated `--target-ram-mb` flag 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>

Kubernetes-commit: bdbc7501293eac721ea6f77b55918652f2cd6aab
 2022-03-02 18:52:46 +02:00
ialidzhikov aa165d392e apiserver: Remove the deprecated `--experimental-encryption-provider-config` flag 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>

Kubernetes-commit: 244bf1bd69c962041ba5cabc3c9e92f3f94a3ba4
 2022-03-01 19:21:18 +02:00
Steve Kuznetsov af1cb1cefe storage: transformers: pass a context.Context 
When an envelope transformer calls out to KMS (for instance), it will be
very helpful to pass a `context.Context` to allow for cancellation. This
patch does that, while passing the previously-expected additional data
via a context value.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

Kubernetes-commit: 27312feb9983c18d1daf00afba788727d024cdd0
 2022-02-17 07:29:44 -08:00
Pingan2017 41eb079182 Remove args enable-swagger-ui since no effect from 1.14 
Kubernetes-commit: 206f3aeec2748ef149a36a9c69329b5be2953ecb
 2021-09-15 10:32:35 +08:00
William Zhang c0fcf30dd4 cleanup(apiserver): delete the --max-resource-write-bytes & --json-patch-max-copy-bytes description. 
Change-Id: I0fe27dce27db6a1e186bd44a968c6e931de88dd8
Signed-off-by: William Zhang <warmchang@outlook.com>

Kubernetes-commit: 584165cfcc861bc0c8911e11347734cfc8feb8c8
 2021-12-08 17:12:37 +08:00
Davanum Srinivas b840d63feb Cleanup OWNERS files (No Activity in the last year) 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 497e9c1971c9e7d0193bc6d11503ec4ad527f1d5
 2021-12-10 15:18:50 -05:00
Davanum Srinivas 56a3a30ae1 Check in OWNERS modified by update-yamlfmt.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 9405e9b55ebcd461f161859a698b949ea3bde31d
 2021-12-09 21:31:26 -05:00
astraw99 2e5bed6053 fix typo `registry` 
Kubernetes-commit: 6d16238fe53bf1135d781c73d3df4283ecef7fed
 2021-08-08 18:37:16 +08:00
Anish Ramasekar 1e3c9bfcdb fix typo in kms encryption config logs 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 63295a126e316fb7b8630dbc57e98041e747cbed
 2021-09-16 18:18:59 +00:00
Abu Kashem db8aff032b apf: update apf logic to use v1beta2 
Kubernetes-commit: 28f2b42a4116a9223113e8b152e02a4f1e602ff4
 2021-08-16 17:53:57 -04:00
Mike Spreitzer b225af44fe Introduce storagebackend.ConfigForResource 
This is a Config specialized for a GroupResource.
It will support generating new resource-specific metrics.

Kubernetes-commit: 85bcd243aa3c8769a5904a1aea44ce704f5e7174
 2021-08-29 01:06:12 -04:00
Abu Kashem 033ff70436 Revert "Merge pull request #104281 from tkashem/not-ready-429" 
This reverts commit fc5863b8b276e0789f717859e8cce58d7d060181, reversing
changes made to 027fe2554fd18343b8be39eddc8ff6570a6c390f.

Kubernetes-commit: f9f08725907b7db2104ee5fe9f82ab0752726533
 2021-08-31 10:10:46 -04:00
Abu Kashem a687b3b7a9 Revert "Merge pull request #104630 from tkashem/remove-option" 
This reverts commit edb0a72cff0e43bab72a02cada8486d562ee1cd5, reversing
changes made to 80feff6f407be9f0898c449ba3f9d4d013f05ec9.

Kubernetes-commit: 8844d3092a46a40915b4df6e3b9944d5081f8268
 2021-08-31 10:06:12 -04:00
Abu Kashem ee2c906b05 apiserver: remove server option startup-send-retry-after-until-ready 
Kubernetes-commit: 7adc79a4ea33cc44aa8d694c4949e01219e016de
 2021-08-27 10:29:37 -04:00
Stephen Augustus 771ffe6475 generated: Run hack/update-gofmt.sh 
Signed-off-by: Stephen Augustus <foo@auggie.dev>

Kubernetes-commit: 481cf6fbe753b9eb2a47ced179211206b0a99540
 2021-08-12 17:13:11 -04:00
Antonio Ojea 38c6ad936b run hack/update-netparse-cve.sh 
Kubernetes-commit: 0cd75e8fec62a2531637e80bb950ac9983cac1b0
 2021-08-20 01:16:14 +02:00
Abu Kashem 450b7e8f12 rename audit Checker interface 
Kubernetes-commit: 27f150351475adaef416bd893403e7066b70d33a
 2021-03-24 13:07:21 -04:00
Abu Kashem f3ae70d0cf send retry-after until ready 
Kubernetes-commit: 6e3923d0a4f4720d2d9f628eb9c073d2d3ee291a
 2021-08-10 12:03:21 -04:00
Abu Kashem ffb869e08f apiserver: add a new mode for graceful termination 
add a new mode for graceful termination with the new server run option
'shutdown-send-retry-after'
- shutdown-send-retry-after=true: we initiate shutdown of the
  HTTP Server when all in-flight request(s) have been drained. during
  this window all incoming requests are rejected with status code
  429 and the following response headers:
    - 'Retry-After: N' - client should retry after N seconds
    - 'Connection: close' - tear down the TCP connection
- shutdown-send-retry-after=false: we initiate shutdown of the
  HTTP Server as soon as shutdown-delay-duration has elapsed. This
  is in keeping with the current behavior.

Kubernetes-commit: 3182b69e970bd1fd036ff839fdf811f14e790244
 2021-07-14 10:39:29 -04:00
Abu Kashem feb4eefe1c apiserver: add callback to get notified of object count 
Kubernetes-commit: 2c60feffbee690af4632d068158e640abe10f678
 2021-07-14 16:44:34 -04:00
Alexi Kessler 80b28d7c2c Update doc description for --audit-log-maxbackup 
Per https://pkg.go.dev/gopkg.in/natefinch/lumberjack.v1 a value of 0 will retain all logs. Not understanding this led to an outage for my team.

Kubernetes-commit: 94977dce8d13ec1e8b4bd8b449f555af685c3ab6
 2021-07-22 09:42:30 -04:00
Andrew Rynhard bfbd0aaa7d Do not try to create an audit log file named "-" 
That PR fixes --audit-log-path=- support.
It now logs to stdout as in 1.21.

Kubernetes-commit: 7728428f017350d5fb9a91e6e5dc3ccf86348478
 2021-07-23 14:26:28 +00:00
Ryan Phillips 7afffd8ef3 Revert "apiserver: add callback to get notified of object count" 
Kubernetes-commit: d95b14e1abfb5ec87248e5dd826b89d0c738af42
 2021-07-08 13:56:39 -05:00
David Ashpole fe620be9c7 change tracing service from kube-apiserver to apiserver 
Kubernetes-commit: 8972efc65fe7f4d2ed840ba1a2bd8ff31e829a7a
 2021-07-02 07:04:26 -07:00