kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,150 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

199 Commits

Author SHA1 Message Date
Eric Lin 000601bdbe Add handler to run watch serving in separate goroutine 
This handler allows running execution prior to actual serving in a separate
goroutine when serving requests. Doing so benefits cases in serving long running
requests because it allows freeing memory used by the separate goroutine
and keeps the serving routines slim.

Signed-off-by: Eric Lin <exlin@google.com>

Kubernetes-commit: 7b2698a5e5c61b303481c2006847409fc8704746
 2023-10-10 08:53:26 +00:00
Jordan Liggitt c2310e1279 Implement authz config file reloading 
Kubernetes-commit: 5dc92ada068cb80a2866cfaa1f9aa760d2524680
 2023-11-08 08:49:58 -06:00
Abu Kashem eff38efc48 apiserver: warning should not panic when request times out 
Kubernetes-commit: 7cab0ad2d2b2688575c1d6c8b5ecee2bfa5a39ff
 2023-01-26 08:56:10 -05:00
Siyuan Zhang 06103a07ae k8s.io/apiserver: refactor GenericAPIServer healthz code. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>

Kubernetes-commit: 12c9bfc21d6c9799c2cd6bf0e9dcca6f1534812d
 2023-11-15 12:36:04 -08:00
Abu Kashem b3499eec62 apiserver: set APF featuregate to ga 
Kubernetes-commit: c7fcef187562e1b3ffdaa2e2109c65d800b8f5d5
 2023-10-31 08:35:52 -04:00
Ben Luddy 91d0f39545 Restrict supported media types for new apiservers. 
This is to prevent the enablement of new data formats (CBOR) in the early stages of phased
implementation.

Kubernetes-commit: ced56a6adabdd86f99455b100b1c0c7a2b4f3c55
 2023-10-17 14:06:46 -04:00
Jefftree 2e1024671d Fix v3 spec 
Kubernetes-commit: b30c6bdff817cec28b3d88b3bb3e12f1e86488d0
 2023-10-04 12:55:49 -04:00
Abu Kashem a2e63604f2 apf: use context for queue wait 
Kubernetes-commit: f39213a7e44f21a8cedcdf38d3c2531456a526d6
 2023-08-28 17:01:16 -04:00
Han Kang bd7db816d7 promote component SLIs to GA; remove feature gates for component slis 
Kubernetes-commit: e6435e98eda93fbf96e94110af6ca5a10ad1e926
 2023-09-11 08:52:50 -07:00
Richa Banker 8a38d429d8 Add impl for uvip 
Kubernetes-commit: cd5f3d9f9d5ae3153206178e6114d573dc24ad73
 2023-03-29 17:20:25 -07:00
Andrew Sy Kim f00505bddc priority & fairness: support dynamically configuring work estimator max seats 
Max seats from prioriy & fairness work estimator is now min(0.15 x
nominalCL, nominalCL/handSize)

'Max seats' calculated by work estimator is currently hard coded to 10.
When using lower values for --max-requests-inflight, a single
LIST request taking up 10 seats could end up using all if not most seats in
the priority level. This change updates the default work estimator
config such that 'max seats' is at most 10% of the
maximum concurrency limit for a priority level, with an upper limit of 10.
This ensures seats taken from LIST request is proportional to the total
available seats.

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: d3ef2d4fe95c3ef7b1c606ad01be1183659da391
 2023-04-26 11:13:14 +00:00
Dr. Stefan Schimanski 8f40ac3bd1 k8s.io/apiserver: remove skewed completion from EtcdOptions 
Kubernetes-commit: e9e4acb1dde69243a6e675e58833ae7936df9ce5
 2023-06-02 20:25:31 +02:00
Monis Khan 9c69aab43c Clear front proxy headers after authentication is complete 
This matches the logic we have for the Authorization header as well
as the impersonation headers.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: e9866d2794675aa8dc82ba2637ae45f9f3a27dff
 2023-03-20 13:11:38 -04:00
Jefftree 31f3fb382d Add metrics for aggregated discovery 
Kubernetes-commit: 387d97605ee81cb8beacad990255439ee464b5f3
 2023-02-08 21:11:15 +00:00
Abu Kashem 62a4b39be7 apiserver: make watch termination during shutdown configurable 
Kubernetes-commit: 791fcd6fb429002349b3f697b1bcc68ff7146dde
 2023-02-10 11:43:06 -05:00
Abu Kashem 61a789ab70 apiserver: terminate watch with a rate limiter during shutdown 
Kubernetes-commit: 6385b86a9b124eb03848af9a3029e8bc9058d72f
 2023-01-13 18:04:13 -05:00
Andrew Sy Kim 885060394e apiserver: use the identity value in the apiserver identity hash 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: a7de3e15a50bafdd65adf55f5fdc14567e3fa3e2
 2023-01-13 15:49:30 -05:00
Andrew Sy Kim 2d94c4699b apiserver: update lease identity prefix from kube-apiserver- to apiserver- 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: fb066a883de2b56e533eb622677056bd723748ce
 2022-12-19 13:33:24 -05:00
Abu Kashem 9e60654b8a apiserver: refactor WithWaitGroup handler 
Kubernetes-commit: 9093f126b87cb686784bb27b08be9eb12b4d5453
 2023-01-10 15:55:19 -05:00
Antoine Pelisse 76a233ebec Allow profiling information to be served on Unix-Domain Socket 
Serving profiling information can leak information or expose the
apiserver to possible DoS attacks. Serving on a UDS is more secure
though slightly less convenient. One can't use `go tool pprof` directly
against the socket since it's not supported, but can either run a proxy
to copy from the socket over to http, or use `curl --unix-socket` to
download the profile and then use `go tool pprof`.

Kubernetes-commit: 667599b0ddfad8ba760d3bbfe006aae0d8f7dec6
 2022-11-29 11:07:15 -08:00
Jefftree 987645aaa7 add aggregated /apis handler for genericapiserver 
so that aggregated-apiservers can also take advantage. discovered by e2e tests with feature enabled

Kubernetes-commit: c9b34884004079ed3f184b475f7408984f9226f4
 2022-11-09 18:29:27 +00:00
Alexander Zielenski b2bf3ca966 add new aggregated resourcemanager to genericapiserver 
Co-authored-by: Jeffrey Ying <jeffrey.ying86@live.com>

Kubernetes-commit: 6e83f6750598d394fb257f66c5d0721cf88f45db
 2022-11-08 12:37:50 -08:00
Andrew Sy Kim c4a89b8fc6 apiserver identity : use SHA256 hash in lease names 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: 5b3a9e2d758650ff2919b8343d2a34ba8ca84b2b
 2022-11-05 13:52:07 -04:00
David Ashpole 0cf3af5b9f add otel tracing to latency filters 
Kubernetes-commit: ed1610ad15f91b72017c5d69dc4f7d59a17c270f
 2022-10-20 16:17:02 +00:00
Andrew Sy Kim 0a5efb307f apiserver identity: use persistent identity format based on hostname 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: 21507902ba123c5c60eaa73436b95c4ae9b75908
 2022-10-24 11:24:26 -04:00
David Ashpole 0b88ce8f83 shut down tracerprovider when stopping the kube-apiserver 
Kubernetes-commit: 2342721c157e8a715747187b44af2bd9bacd432f
 2022-11-02 13:15:27 +00:00
Tim Allclair 4b329cff47 Rename WithAuditID to WithAuditInit 
Kubernetes-commit: ea28a21a6790d40c1fe540c64a296c8f0db17c65
 2022-07-12 14:46:27 -07:00
Tim Allclair bd7c7f52c2 Consolidate AuditContext 
Kubernetes-commit: f1d684b7b60b39b7dc1eb4156307c593f0ba74e1
 2022-07-12 11:53:57 -07:00
Mohammad Zuber Khan 6fe4f87105 add superuser fallback to authorizer (#111558) 
* add superuser fallback to authorizer

* change the order of authorizers

* change the order of authorizers

* remove the duplicate superuser authorizer

* add integration test for superuser permissions

Kubernetes-commit: f86acbad68baf1a99d6fa153f6f0cdc7b93932e4
 2022-10-19 04:02:04 +00:00
Jiahui Feng ac0ce38abe use DefaultMaxRequestSizeBytes for maxRequestSizeBytes. 
Kubernetes-commit: 755f41a185e828d9c64ae3ac37ce829e60592ad1
 2022-10-10 14:42:24 -07:00
Han Kang a26df69931 wire up feature-gate for component slis 
Change-Id: Iba6ffbcac9dba4f4be3023ada6ac31691c1ae17b

Kubernetes-commit: 01bfbdff2dee3be93d286a8ff53f9e52a1ee9724
 2022-10-05 15:56:06 -07:00
Manish Kumar a433b219b9 Move celopenapi/model to staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/schema/cel/ (#109959) 
Co-authored-by: Manish Kumar <manish.kumar1@india.nec.com>

Kubernetes-commit: 39ffd45175876fe7c846c6239d89613d31a28fa1
 2022-10-07 05:43:52 +05:30
Han Kang 7ede3563fe enable health check SLI metrics for apiserver 
Change-Id: I1b43e6dfea35b8c3bfdf5daaa8b42adff2fbc786

Kubernetes-commit: db13f51db97c114bb550b99efddd985548edc082
 2022-09-26 16:10:58 -07:00
David Eads 6a7c6a0940 Revert "Add an option to conditionally disable compression based on client ip." 
This reverts commit 023583a15586328569ccab505db2f57f398e04b3.

Kubernetes-commit: 2f3ffbed2cffaaba63304318bc1d09b0144600ff
 2022-08-17 15:08:39 -04:00
Sally O'Malley 4f9e133507 kubelet tracing 
Signed-off-by: Sally O'Malley <somalley@redhat.com>
Co-authored-by: David Ashpole <dashpole@google.com>

Kubernetes-commit: 47e7d8034ff3be8e198dde6a671d05a11c30e333
 2021-10-10 09:17:27 -04:00
Maciej Borsz 40280f9889 Add an option to conditionally disable compression based on client ip. 
Kubernetes-commit: 023583a15586328569ccab505db2f57f398e04b3
 2022-07-29 08:44:14 +00:00
Maciej Wyrzuc cb0bb2af35 Add additional etcd check to readyz with 2 seconds timeout. 
Kubernetes-commit: b42045a64fd07fb948660839b6c7c14440bee9df
 2022-07-25 13:08:50 +00:00
Wojciech Tyczyński 8f7c120935 Eliminate MaintainObservations function in P&F 
Kubernetes-commit: badf436ac4451590e5e84e537f2234e3632ea3b4
 2021-11-25 12:44:50 +01:00
HaoJie Liu 4c5e4623d3 cleanup: use append other than for loop 
Signed-off-by: HaoJie Liu <liuhaojie@beyondcent.com>

Kubernetes-commit: 29b5cd04bd2c7e2676687d3b613c9b065b128e54
 2022-07-21 15:29:30 +08:00
jupblb 738a050cda Introduce config for API Priority and Fairness 
Linked all the default values with a single config structure.

Kubernetes-commit: 1c594e7e01a899807431c806cd11c1d27c885c9c
 2022-07-20 11:33:45 +02:00
Abirdcfly dde070e1ff cleanup: remove duplicate import 
Signed-off-by: Abirdcfly <fp544037857@gmail.com>

Kubernetes-commit: 00b9ead02c37921011ebe5293558cea5277cd295
 2022-04-24 20:58:04 +08:00
Abu Kashem 658eeac034 fix preshutdown hook behavor with graceful termination 
Kubernetes-commit: 9644edc321e3b7e5180eb7c15a27bf28e19485db
 2022-05-12 19:58:33 -04:00
Wojciech Tyczyński 2f9a2acafb Fix stop signal to drained signal in genericapiserver config 
Kubernetes-commit: b56491e6cfe216adc245abfa099757e779403982
 2022-05-18 18:55:45 +02:00
Wojciech Tyczyński f5d65d90e9 Avoid leaking StorageObjectCountTracker goroutine 
Kubernetes-commit: 564b376812836fb1e77452d478ab16eee5101447
 2022-05-15 09:57:26 +02:00
Wojciech Tyczyński 0a7c4bcca1 Cleanup etcd healthcheck on shutdown 
Kubernetes-commit: cb80082f666e0e5fe220df32e31a8face18e9393
 2022-05-10 11:12:08 +02:00
Jefftree e4486afb41 Separate OpenAPI V2 and V3 Config 
Kubernetes-commit: 67d3dbfaae87a5bf3325fadda7266ed223766a53
 2022-03-28 13:18:56 -07:00
Abu Kashem 1b651c5994 add latency tracker for storage and transform 
Kubernetes-commit: eca90856940e9251ecf3fde95c5e4d2d16f5ad68
 2022-02-01 18:13:03 -05:00
Kermit Alexander c679395394 Add maxLength/maxItems/maxProperties support to cel.Compile. 
Kubernetes-commit: 83e4d192b136ac3a28ea26a9d09dc9fee7c6b665
 2022-02-15 08:49:37 +00:00
Abu Kashem 72aa2c42fc refactor: rename webhook duration tracker 
Kubernetes-commit: 4a9b9028153c6984b9cf69067cc0a1aa12a00e73
 2022-02-01 15:44:59 -05:00
Paweł Banaszewski 78c055e084 Added requestSloLatencies metric 
Kubernetes-commit: 0afa569499d480df4977568454a50790891860f5
 2021-10-25 22:19:24 +00:00