54481aaf0e
fixes nil panic for nil delegated auth options
...
Kubernetes-commit: 9ade821baab1fa5573f4a36eb7d7098b033ec17c
2021-01-12 17:12:33 +08:00
5a2668eee5
Merge pull request #97843 from mborsz/watcher-log
...
Improve logging in cacheWatcher
Kubernetes-commit: 97d7e50a4baac7efdb14ea771bfdd1673775dd05
2021-01-11 17:10:00 +00:00
fafe41b7ff
Merge pull request #97480 from lingsamuel/etcd-lease-max-size
...
apiserver add lease object count metric
Kubernetes-commit: e054aa268e86808c381226b2eded83a3f84834f8
2021-01-11 17:09:58 +00:00
8313c177f0
Improve logging in cacheWatcher
...
Kubernetes-commit: b78f0b31063b7d47781a1ce9ee4ed6c118fb949f
2021-01-11 12:33:52 +01:00
202c033ed5
Merge pull request #96887 from sttts/sttts-unexpected-error-string
...
apiserver: print unknown responsewriter error strings, not only %#+v
Kubernetes-commit: 94b082550e57d06d251735e8d36f4333617e80d9
2021-01-10 05:06:33 +00:00
ba0503fa77
Merge pull request #96393 from thockin/rest-hooks
...
Add BeginCreate and BeginUpdate REST hooks
Kubernetes-commit: 67541a1bcc153861e9781f6a08d58da46dbdd5fc
2021-01-09 09:05:55 +00:00
f343cfc213
Merge pull request #97860 from MikeSpreitzer/rejigger-quantize-4
...
move all variables in sampleAndWaterMarkHistograms::innerSet
Kubernetes-commit: d9a26fb69bcb194c1b56a93eca0735a8fdf3bd63
2021-01-09 01:11:47 +00:00
996b873a3d
Merge pull request #96754 from tkashem/fix-etcd-metric
...
Reduce number of buckets for etcd_request_duration_seconds metric
Kubernetes-commit: 2b8cac754c88900ea3ad91d6c3f0997b602a3051
2021-01-08 21:06:09 +00:00
7e2afe673c
Merge pull request #97820 from tkashem/webhook-error
...
prevent panic on webhook authenticator and authorizer timeout before response
Kubernetes-commit: cfc96c7db7489fa76172187035468e4d918631e3
2021-01-08 21:06:07 +00:00
16288a4d61
move all variables in sampleAndWaterMarkHistograms::innerSet
...
to tiptoe around https://github.com/golang/go/issues/43570 for #97685
Kubernetes-commit: 611184aa59d0cd40466bc3bc4b40a3712a038171
2021-01-08 13:32:38 -05:00
8d68b7dd0d
Merge pull request #97845 from mborsz/cacher-metrics2
...
Add 'apiserver_terminated_watchers_total'
Kubernetes-commit: 9a386cdd5d703d310ef82e892501621665c5eb00
2021-01-08 17:25:10 +00:00
255da953aa
Add 'apiserver_terminated_watchers_total'
...
Kubernetes-commit: 342ad48feb2629ebc832c0b85c52b4eb04d81498
2021-01-08 10:55:44 +01:00
80777f1353
Merge pull request #97693 from enj/enj/i/oidc_fast_init
...
oidc authenticator: attempt to immediately initialize verifier
Kubernetes-commit: d1db90ba579e9c01194f92ba6daff852e3b4c6e7
2021-01-08 05:05:22 +00:00
afe6e553ea
Merge pull request #96657 from KobayashiD27/staticcheck_server-storage
...
fix staticcheck error in vendor/k8s.io/apiserver/pkg/server/storage
Kubernetes-commit: 0dfa4419a05318ffcfb7a34a7e599bed87ce4a37
2021-01-08 01:05:51 +00:00
3ba02b7f93
handle webhook authenticator and authorizer error
...
webhook.WithExponentialBackoff returns an error, and the priority is:
- A: if the last invocation of the webhook function returned an error
that error should be returned, otherwise
- B: the error associated with the context if it has been canceled or
it has expired, or the ErrWaitTimeout returned by the wait package
once all retries have been exhausted.
caller should check the error returned by webhook.WithExponentialBackoff
to handle both A and B. Currently, we only handle A.
Kubernetes-commit: ae2b353fbf519b29d168c534f88c373fd67a1c31
2021-01-07 16:14:18 -05:00
83c2f3afa5
Merge pull request #97370 from MikeSpreitzer/relax-apf-controller
...
Relax apf_controller's reaction to certain errors
Kubernetes-commit: e765ab2e7ea5b411eae7ba3be570f3170ded74c8
2021-01-07 17:05:47 +00:00
8bcb42fe50
Merge pull request #97451 from pacoxu/fix/cluster-ip-quota
...
bugfix: nodeport quota check failure result into failing to create a clusterip service
Kubernetes-commit: f9c7c59e25d2ae82bf7b3d72ec65e41c712f24bd
2021-01-07 17:05:45 +00:00
b74ce63ea5
fix static check for vendor/k8s.io/apiserver/pkg/storage/etcd3/
...
Kubernetes-commit: aaa7084a4a548795c987b29dffb48749531b60a4
2021-01-07 11:21:50 +08:00
c2a4b1a59a
Merge pull request #96906 from Rajalakshmi-Girish/issue-96853
...
Fixes the unit tests to be more tolerant with error messages
Kubernetes-commit: 10c1c3acf65cfb00de7fa28f784865bd42ab4872
2021-01-06 05:16:29 +00:00
c3e839ce63
Merge pull request #97656 from ialidzhikov/staticchec/initializers
...
Fix staticcheck in staging/src/k8s.io/apiserver/pkg/admission/initializer
Kubernetes-commit: 7e677be77a0118df136f16f10244b125840cd968
2021-01-05 13:12:35 +00:00
4f25a579ae
oidc authenticator: attempt to immediately initialize verifier
...
This change updates the OIDC authenticator to not wait 10 seconds
before attempting to fetch the /.well-known/openid-configuration
metadata from the OIDC issuer. In most situations this results in
the API server being able to verify ID tokens sooner.
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: be99f37a6861f885c263a447656b9470ba4f720f
2021-01-04 14:59:56 -05:00
584906efd7
Fix staticcheck in staging/src/k8s.io/apiserver/pkg/admission/initializer
...
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
Kubernetes-commit: 8a0bce0021ca5565ba90d2119e479d3728a53865
2021-01-02 22:38:09 +02:00
39d5049e42
Merge pull request #97206 from tkashem/panic
...
clean up executing request on panic
Kubernetes-commit: d815833a308b7c37389218f712511f6713a47570
2020-12-22 21:04:45 +00:00
ee05a4663e
bugfix: check Spec.AllocateLoadBalancerNodePorts for nodeport and skip zero usage in delta evaluator
...
Signed-off-by: pacoxu <paco.xu@daocloud.io>
When Spec.AllocateLoadBalancerNodePorts is "false" NodePort shall
not be included when computing quota for type:LoadBalancer.
Co-authored-by: uablrek
Kubernetes-commit: 15867d9e8a1faf007f6df563c26a9b5e8744b2a1
2020-12-22 19:19:15 +08:00
bef379c42d
Merge pull request #97418 from wojtek-t/guaranteed_update_refactors
...
Unify variable naming between GuaranteedUpdate and Delete in storage
Kubernetes-commit: d63dc87ae8b6d568785bd4c532fb16d99a6b7338
2020-12-21 15:40:25 -08:00
41788f53e2
Relax apf_controller's reaction to certain errors
...
When the error is due to the object having been deleted, the
controller does not need to do anything before the coming
notification.
Kubernetes-commit: ef1e2039b5fc7f955ec4f9c636a64aa403cba2ab
2020-12-17 10:46:14 -05:00
3de94d4883
Unify variable naming between GuaranteedUpdate and Delete in storage
...
Kubernetes-commit: d0726e4b1354b1c8c3978b96ab7b01d13a2b6340
2020-12-16 09:28:44 +01:00
9d65c2711e
Merge pull request #97323 from tkashem/graceful-apf-controller
...
Fix the deadlock in priority and fairness config controller
Kubernetes-commit: 4164818517b5bd7046fa05b482fa768af48162d3
2020-12-18 21:04:47 +00:00
12c81a534a
Use typedefs for Begin* functions
...
David asked for this for readability, even if not all other hooks do it.
Kubernetes-commit: 37b34f5b53edec78ca33929443bb4ba9a9534ed1
2020-12-15 21:49:16 -08:00
e0a1a6eb3d
Change AfterCreate/Update to take Options
...
Also adds typedefs for these function signatures for code clarity.
Kubernetes-commit: 25da6a06609265dcd3f637629705686b308b26d0
2020-12-15 21:40:44 -08:00
f25a4e6d0f
Change AfterDelete to take DeleteOptions
...
All of the After* hooks are called, whether the operation is dry-run or
not. Create and Upate both have BeginCreate() hooks which know about
dry-run but delete doesn't, and can't (because of graceful deletion and
finalizers, the Delete() method may return and the object is actually
deleted later).
This adds an argument to AfterDelete(), and the others will follow.
This commit also adds tests for AfterDelete being called in the right
places.
Kubernetes-commit: 9402f48e050c25514a95da2e5e1feb6754ad0e0d
2020-12-15 21:24:57 -08:00
c1a9dd5c5f
Remove ObjectFunc
...
Kubernetes-commit: bb79475a860e908c6d3bbaf25da802c158c356b7
2020-12-15 13:05:13 -08:00
59a718ed18
fix the deadlock in priority and fairness config controller
...
Kubernetes-commit: 7114319b3e66e331250c116ac926f1a57352072f
2020-12-15 12:19:56 -05:00
9f65780e02
Merge pull request #89828 from wojtek-t/suggestions_for_delete
...
Try to avoid etcd.Get as part of Delete operation
Kubernetes-commit: 974cf4c9c2663a5b9da0b994f7ee7bc3166bc5f7
2020-12-18 01:12:08 +00:00
eb2fbd3393
Merge pull request #97353 from MikeSpreitzer/testable-config
...
Define TestableConfig in k/apiserver/pkg/util/flowcontrol
Kubernetes-commit: 8b8de0316881a2a8958c2f327d6c3949ec5fe355
2020-12-17 13:05:24 +00:00
c6d0a8d877
Merge pull request #97033 from patrickshan/pshan/bump/Azure/go-autorest/autorest
...
Bump github.com/Azure/go-autorest/autorest to v0.11.12
Kubernetes-commit: e11e9d4c6c3f522ed398748a11cc5dd1f8949c2b
2020-12-17 09:05:59 +00:00
a011399e98
Define TestableConfig in k/apiserver/pkg/util/flowcontrol
...
Collect the parameters of newTestableController into a named type.
Also tolerate the surprising situation in which a request's user
groups include neither `system:authenticated` nor
`system:unauthenticated` --- because this is observed to happen in
some tests.
Also a few other minor fixups.
Kubernetes-commit: 10df6d459b5bca7b42471f9409182417fbc3f253
2020-12-16 18:58:45 -05:00
a7ed7d2749
Merge pull request #96825 from roycaihw/storage-version/conditions
...
storage-version: update conditions
Kubernetes-commit: b97aa71519c5280b522658483b078b2fe8179d20
2020-12-15 01:16:39 +00:00
6d407d18a2
Merge pull request #97245 from aojea/anycastAddress
...
bind-address flag usage
Kubernetes-commit: 87984d84d18c7816835e5efedebb17ed13aa2509
2020-12-12 17:04:01 +00:00
580f710542
Merge pull request #97254 from MikeSpreitzer/apf-owners
...
Create OWNERS for most of the API Priority and Fairness impl
Kubernetes-commit: e5bd3d1bb42c0fdccf2a4bd8987bab17da849afd
2020-12-12 05:10:14 +00:00
0d8e48ec1a
Merge pull request #96985 from corehello/patch-1
...
Fix typo for ServiceAccount
Kubernetes-commit: ebde19ee1e959eeeae81500fd122b1454a2edb05
2020-12-12 01:04:24 +00:00
2ceb0fcbe8
Create OWNERS for most of the API Priority and Fairness impl
...
Kubernetes-commit: 23de8061fbb63928c62aa6020b443a62491a0a1d
2020-12-11 17:54:59 -05:00
bd10b9f5fb
bind-address flag usage
...
Kubernetes-commit: 2e4aed2d4a8dc32acbd12ee7464fa00e650e0204
2020-12-11 18:42:51 +01:00
49bd7a412a
Merge pull request #97215 from gavinfish/revert-97124-json-parser
...
Revert "Cleanup: remove sanity check for CVE-2019-11253"
Kubernetes-commit: 6e41006e1dc344be71a82586820f89f7752cde30
2020-12-11 05:04:29 +00:00
7dd2afd324
Revert "Cleanup: remove sanity check for CVE-2019-11253"
...
Kubernetes-commit: e3df70364594cdb7d0b321a405f1c0718c2c9b54
2020-12-11 09:38:21 +08:00
eea0d66fcd
clean up executing request on panic
...
Kubernetes-commit: 13cedca0eb5337b13e5176983ea5e784ec38df22
2020-12-10 12:57:21 -05:00
aed7ab0783
Merge pull request #96904 from yuanhuaiwang/watchcache-metric-improve
...
improve watchCache metric
Kubernetes-commit: f2fb77a6a00dc200d38fca4d72b5aeedced25374
2020-12-09 13:05:08 +00:00
8cd8cce8c9
Merge pull request #97124 from gavinfish/json-parser
...
Cleanup: remove sanity check for CVE-2019-11253
Kubernetes-commit: 98f64c9c10ac1d3f4854cfedab16ceb38b934814
2020-12-09 09:05:27 +00:00
b4d61d9c5c
Merge pull request #97009 from lingsamuel/etcd-config-reuse-duration
...
apiserver add --lease-reuse-duration-seconds to config lease reuse duration
Kubernetes-commit: 74b4f3d0151f5c007f168d62f93cde12fdb9de98
2020-12-09 09:05:24 +00:00
0f44ba5522
Merge pull request #96989 from tkashem/comment
...
add comment to describe why we set the UID in the response headers
Kubernetes-commit: f21b79c82346643271bf4fff593cfd8c2195195a
2020-12-09 09:05:22 +00:00
yue9944882
Kubernetes Publisher
Maciej Borsz
Mike Spreitzer
Abu Kashem
pacoxu
Monis Khan
ialidzhikov
wojtekt
Tim Hockin
Antonio Ojea
Jie Shen