5ac4802a22
remove confusing flexibility for metadata interpretation
...
Kubernetes-commit: 0710f72c65ad23e7a3726b345898ef4aaaac26fa
2018-04-23 10:23:01 -04:00
53e0783ab7
Implemented truncating audit backend
...
Signed-off-by: Mik Vyatskov <vmik@google.com>
Kubernetes-commit: 52fae991305e3252ccc5c9c86a9b7abc04c149af
2018-03-23 16:13:34 +01:00
25758bf0f8
Remove request context mapper
...
Kubernetes-commit: 8ea88a5092c767fc3141512db924fd0435f7670e
2018-04-18 11:12:15 -04:00
cc0f17a725
Fix to avoid REST API calls at log level 2.
...
Kubernetes-commit: 6a5c248bbb6a06a0c171f7171d3583cd006350db
2017-02-03 12:47:03 -05:00
490c9a96c3
fix typo
...
Kubernetes-commit: 549fb0cad39daa74c528f7f775d627f908785b61
2018-04-04 16:03:17 +08:00
adb35656a1
apiserver: cancel context on timeout in WithTimeoutForNonLongRunningRequests
...
Kubernetes-commit: f3ba7f95585cdcce19579d757dadbf3c8a9f8e0b
2018-03-12 17:11:11 +01:00
1075399c96
apiserver: enforce shared RequestContextMapper in delegation chain
...
Kubernetes-commit: 9f906618f04baceaf923e873530f9741e80ad2cb
2018-04-04 10:05:06 +02:00
28595d407b
apiserver: add warning about not trusting authz of aggregator
...
Kubernetes-commit: 50b98169ede9648769ce471150b1ab9ceb06bc0c
2018-03-19 13:37:52 +01:00
416f1ae672
update metrics to true like it is for kube-apiserver
...
Kubernetes-commit: 456fd386dc6db8ba5ced338a5935de8229c14047
2018-03-09 14:36:04 -05:00
b2b70701e1
Make advanced audit output version configurable.
...
Signed-off-by: Mik Vyatskov <vmik@google.com>
Kubernetes-commit: ad25d1f9ec398e5f9e91fd225cbbfdc5aa00973f
2018-02-19 21:15:49 +01:00
240b9cf032
remove unused rls-ca-file flag
...
Kubernetes-commit: 9c0803e14c0d76e2e8225db546c0d2ce0b522ab7
2018-03-20 15:26:31 +08:00
716af975eb
regenerated all files and remove all YEAR fields
...
Kubernetes-commit: b49ef6531c11f1c834e0d7591f5c965f6193c711
2018-01-22 20:37:53 +08:00
422369e23b
move EtcdServersOverrides to EtcdOptions flags validate
...
Kubernetes-commit: f380ac8cec8061bf6533ccecd02ec49d9a5b016f
2018-03-05 11:32:59 +08:00
03f5f59a07
apiserver clean code
...
Kubernetes-commit: 0feecc376cc04baa2f4979cecaabb658373d6c69
2018-03-02 17:15:02 +08:00
627fa76a8b
sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel
2018-03-15 09:38:17 +00:00
d89e8e9460
Fix default auditing options.
...
- Log backend defaults to blocking mode (backwards compatability)
- Fix webhook validation
- Add options test
Kubernetes-commit: e004257919d779d56f27ad84c7f33799cc7ab580
2018-03-02 15:16:37 -08:00
6466b038b4
fix option --audit-webhook-initial-backoff
...
Before this change, --audit-webhook-initial-backoff has no effect
Kubernetes-commit: 5bc5cd1b2ccb0b9fb5e652b579b4fb379428cb56
2018-03-10 17:44:20 +08:00
9169f6d300
Add buffering to the log audit backend
...
Signed-off-by: Mik Vyatskov <vmik@google.com>
Kubernetes-commit: 881e6d4f6f905079b2c27299e7b631b6903b6815
2018-02-22 19:52:33 +01:00
bbfe695b05
Remove unused variables (only assigned to) from test code.
...
This is revealed by the go/types package, which is stricter than
the Go compiler about unused variables. See also: golang/go#8560
Kubernetes-commit: e04b91facf180c17557a44e8e462858ea2936301
2018-02-02 13:34:57 -08:00
8080a6e06e
Add new openapi endpoint in aggregator server
...
Kubernetes-commit: 2eb3d046ce8b0a1b500d68d5a83fa7e575da7ca9
2018-02-20 09:22:25 -08:00
aa5d4f9f32
Fixes for HTTP/2 max streams per connection setting
...
This PR makes two changes. One is to introduce a parameter
for the HTTP/2 setting that an api-server sends to its clients
telling them how many streams they may have concurrently open in
an HTTP/2 connection. If left at its default value of zero,
this means to use the default in golang's HTTP/2 code (which
is currently 250).
The other change is to make the recommended options for an aggregated
api-server set this limit to 1000. The limit of 250 is annoyingly low
for the use case of many controllers watching objects of Kinds served
by an aggregated api-server reached through the main api-server (in
its mode as a proxy for the aggregated api-server, in which it uses a
single HTTP/2 connection for all calls proxied to that aggregated
api-server).
Fixes #60042
Kubernetes-commit: 201c11f147c85b029665915bee3a62eea19d6d57
2018-02-19 14:18:07 -05:00
e36f8069aa
Add a metric exposing number of objects per type
...
Kubernetes-commit: f6e9ebffa2df10f7792fbea0a0fbe5ab8e388a26
2018-02-12 15:58:57 +00:00
45ac728887
set default enabled admission plugins by official document
...
Kubernetes-commit: 27f3fd2d79d2d669ddecdd987c8b099f1f43ce38
2018-01-23 20:12:10 +08:00
2aca9afa1d
sync: squashed up to merge cc7cea74ae668cd401d99cc472569605cb640517 in b3099bcf532bc470ff7075e93025b8741da09be4
2018-02-27 01:30:07 +00:00
b81f74623f
Fix race in healthchecking etcds leading to crashes
...
Kubernetes-commit: 38387aec0db3eda3a7debb4558a223ac92a41389
2018-02-20 12:17:39 +01:00
1ab12b2dc8
Autogenerated: hack/update-bazel.sh
...
Kubernetes-commit: ef56a8d6bb3800ab7803713eafc4191e8202ad6e
2018-02-16 13:43:01 -08:00
3d1ec1c912
Improve the error message.
...
Kubernetes-commit: 1ecd4bb2744ebc371e952b4d7a6b30826f60041f
2017-12-29 09:05:14 +01:00
bf5feefec3
add an admission decorator chain
...
Kubernetes-commit: 1ae856484b8a827b7ce6018ddfa103493a2cb97d
2018-02-14 09:27:25 -05:00
a7b5c83c7b
apiserver: fix some typos from refactor
...
introduced in #59582
Kubernetes-commit: 83c1334e5110e6f492f0e375488978ebb16a62a5
2018-02-14 17:47:42 -08:00
89b7bf377a
Update generated files
...
Kubernetes-commit: 5483ab7679dd055422131fd1c22a18eee39a775e
2018-02-08 19:37:08 +01:00
0520d284e2
controller-manager: add authz/n to options, nil by default
...
Kubernetes-commit: cecd663c21d139a3a5a15b43a8dda8de26180246
2018-02-08 14:19:02 +01:00
338a852bbb
apiserver: make SecureServingOptions and authz/n options re-usable
...
Kubernetes-commit: 4e0114b0dd3701b68c02d038edcf4fbe84515a68
2018-01-31 16:17:48 +01:00
808a483472
pass listener in integration test to prevent port in use flake
...
Kubernetes-commit: a6c43c6a5ca7cc4449684d5e68d73773be91cd41
2018-01-29 11:58:23 +08:00
43cefec1d0
Update endpoint value in test code
...
Kubernetes-commit: 31f74303fc48df5d88105c9742a103eae742f478
2018-02-09 01:23:25 +00:00
be4ee1ba37
Remove configfile for kms in encryption config
...
Kubernetes-commit: 5ae61ed386e3fbc3b7e91d343afadadd52ac027d
2018-01-26 11:53:24 +00:00
a32d2bb427
Update for review comments
...
Kubernetes-commit: 2e7af38d6b4c8ed9e1fb23930b98ed8d2ad68aa0
2018-01-25 05:39:48 +00:00
580a800cad
Only support unix socket for kms gRPC, also add Version method
...
Kubernetes-commit: a6368bb04c1100d1dce1c6bf680056882835b395
2017-12-18 09:29:56 +00:00
e4061faec3
Fix verify error and address review comments
...
Signed-off-by: Wu Qiang <qiang.q.wu@oracle.com>
Kubernetes-commit: 16b04d68b1ae180d61ea4ca06d1c8139c25a652f
2017-11-15 11:20:12 +08:00
dbe35e5c4e
Update kms provider config for gRPC client service
...
Kubernetes-commit: 31fb539f1735debd38e705fcb96a05ea0313c5f5
2017-11-14 09:05:52 +00:00
41545372a2
fix using defer in loop in cors test
...
Kubernetes-commit: b835c46c862b0074349b24a3c2a8dbd6956395f2
2018-01-26 16:56:12 +08:00
6f8c3a80da
fix typo in package apiserver
...
Kubernetes-commit: 0da91a8577ddfdeaff985cbb6c0da69d5a2ffc81
2018-02-01 03:04:33 +08:00
ebf7a386f9
fix some typos in filters
...
Kubernetes-commit: b9308355a64c4138ac9558f790ed0f716f44c743
2018-01-26 16:43:22 +08:00
9e657b874d
deprecate insecure http flags and remove already deprecated public-address-override
...
Kubernetes-commit: 24c687fdad009fec01703ae0f93ab141b97c0028
2018-01-30 16:05:33 +08:00
531b9b5202
remove dead testing code
...
Kubernetes-commit: 3e6bfcb5dbc35a9e845504043a345fd42ed5ce27
2018-01-29 09:50:40 -05:00
0989af6244
remove --tls-ca-file which had no effect
...
Kubernetes-commit: 114711f77d1f12e10b1190db02ca17302992f5ad
2018-01-29 10:29:14 -05:00
db4dae8a12
refactor resource_config.go thoroughly and remove useless code in registry
...
Kubernetes-commit: d0d1e1dcc473d75c5dae6d4710ac67f4f8ba44c6
2018-01-27 15:18:25 +08:00
5640ff2e39
remove support enable-disable api resources
...
Kubernetes-commit: 64a12258e8470405e8d628baa1d191363712763b
2018-01-26 15:48:00 +08:00
f2c38580dc
Add a metric to track usage of inflight request limit.
...
Kubernetes-commit: 000d7bac29b9239a29531a526d382394d8d60353
2018-01-16 15:48:20 +00:00
b16b687dc5
generated
...
Kubernetes-commit: 4ce7bcced4cc68a833759a218f9c3be7f72fd1c0
2018-01-19 11:55:55 -05:00
6b198535d6
add options for min tls levels
...
Kubernetes-commit: ad1680347071cb5bb66ab49c7325eb21d83e143c
2018-01-19 11:50:47 -05:00
David Eads