771ffe6475
generated: Run hack/update-gofmt.sh
...
Signed-off-by: Stephen Augustus <foo@auggie.dev>
Kubernetes-commit: 481cf6fbe753b9eb2a47ced179211206b0a99540
2021-08-12 17:13:11 -04:00
02f98184b3
Add APF's priorityLevel to httplog.go
...
Kubernetes-commit: 6db63869b0fd0551382dec1b30b649fda4289444
2021-08-13 13:00:07 +02:00
cafef859a7
apiserver: add key/value pair to httplog
...
Kubernetes-commit: bdedd2a4c16487e075db45e778c9e47ddd57448f
2021-08-19 17:07:24 -04:00
38c6ad936b
run hack/update-netparse-cve.sh
...
Kubernetes-commit: 0cd75e8fec62a2531637e80bb950ac9983cac1b0
2021-08-20 01:16:14 +02:00
450b7e8f12
rename audit Checker interface
...
Kubernetes-commit: 27f150351475adaef416bd893403e7066b70d33a
2021-03-24 13:07:21 -04:00
f3ae70d0cf
send retry-after until ready
...
Kubernetes-commit: 6e3923d0a4f4720d2d9f628eb9c073d2d3ee291a
2021-08-10 12:03:21 -04:00
030819c510
apiserver: refactor WithRetryAfter server filter
...
Kubernetes-commit: 83889ae5940036d89b9822a1e38f0f939308e408
2021-08-09 18:25:29 -04:00
ffb869e08f
apiserver: add a new mode for graceful termination
...
add a new mode for graceful termination with the new server run option
'shutdown-send-retry-after'
- shutdown-send-retry-after=true: we initiate shutdown of the
HTTP Server when all in-flight request(s) have been drained. during
this window all incoming requests are rejected with status code
429 and the following response headers:
- 'Retry-After: N' - client should retry after N seconds
- 'Connection: close' - tear down the TCP connection
- shutdown-send-retry-after=false: we initiate shutdown of the
HTTP Server as soon as shutdown-delay-duration has elapsed. This
is in keeping with the current behavior.
Kubernetes-commit: 3182b69e970bd1fd036ff839fdf811f14e790244
2021-07-14 10:39:29 -04:00
5d12abfebe
apiserver: rename test variables
...
Kubernetes-commit: e8381733068f63f4a3e30bae52cea2c7abdde365
2021-07-14 10:29:53 -04:00
bd2ef9810a
apf: estimate list width
...
Kubernetes-commit: 296c18ec323328bf1c6a621a9ca3a094d78bb9d0
2021-06-22 19:38:00 -04:00
0737519ac6
Improve dynamic cert file change detection
...
DynamicFileCAContent and DynamicCertKeyPairContent used periodical job
to check whether the file content has changed, leading to 1 minute of
delay in worst case. This patch improves it by leveraging fsnotify
watcher. The content change will be reflected immediately.
Kubernetes-commit: 3cfe3d048ff37c1c6994d131ed8557f3c8bddc8a
2021-08-03 21:28:01 +08:00
1e6293c86f
Set idle and readheader timeouts
...
Kubernetes-commit: db48793269ef9eca63fa12abb1a25d017c0e09bb
2021-07-27 11:58:45 -04:00
feb4eefe1c
apiserver: add callback to get notified of object count
...
Kubernetes-commit: 2c60feffbee690af4632d068158e640abe10f678
2021-07-14 16:44:34 -04:00
80b28d7c2c
Update doc description for --audit-log-maxbackup
...
Per https://pkg.go.dev/gopkg.in/natefinch/lumberjack.v1 a value of 0 will retain all logs. Not understanding this led to an outage for my team.
Kubernetes-commit: 94977dce8d13ec1e8b4bd8b449f555af685c3ab6
2021-07-22 09:42:30 -04:00
b4c306e1e8
Rename width to workEstimate in P&F code
...
Kubernetes-commit: 73211256e8f15cf84ee69d6fe8258c3a912e0f94
2021-07-13 15:10:58 +02:00
bfbd0aaa7d
Do not try to create an audit log file named "-"
...
That PR fixes --audit-log-path=- support.
It now logs to stdout as in 1.21.
Kubernetes-commit: 7728428f017350d5fb9a91e6e5dc3ccf86348478
2021-07-23 14:26:28 +00:00
280558d490
Add additional APF test for handling other panic types
...
Kubernetes-commit: faed88bb7200cc4693b7a3f9cecff1a99ea1fc95
2021-07-14 16:36:38 +02:00
242c8c8a1c
Optimize APF support for watch initialization to fix the pod startup time regression.
...
Kubernetes-commit: ef435b85b47618d0d463ac93e9758d75c2998681
2021-07-13 10:22:30 +02:00
7afffd8ef3
Revert "apiserver: add callback to get notified of object count"
...
Kubernetes-commit: d95b14e1abfb5ec87248e5dd826b89d0c738af42
2021-07-08 13:56:39 -05:00
fbc127e994
Add watch tracker to APF for request cost estimation
...
Kubernetes-commit: cea1dcfeed2fc4e8ab89cd43e5a0e402251c8df5
2021-06-15 10:49:42 +02:00
cf5c77fde9
apf: add additional latency into width
...
Kubernetes-commit: 24e19229101d242d924ce98a562be3864dde9eae
2021-06-27 12:45:24 -04:00
fe620be9c7
change tracing service from kube-apiserver to apiserver
...
Kubernetes-commit: 8972efc65fe7f4d2ed840ba1a2bd8ff31e829a7a
2021-07-02 07:04:26 -07:00
d929410e13
apiserver: add callback to get notified of object count
...
Kubernetes-commit: 1002b0d163dd948334f10b0e25d0e91d253791e8
2021-06-18 10:44:07 -04:00
aefd8ed86f
adds HasBeenReady signal that fires when the readyz endpoint succeeds
...
Kubernetes-commit: 58b91ffca9efe3afb20d80914cdc33c6b0acdef2
2021-07-02 15:18:19 +02:00
279d11fb1e
readyz signals when the handler succeeds for the first time.
...
Co-authored-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
Kubernetes-commit: ca108d109d55e927c292e3e558fc4f761a3a4e7c
2021-06-30 11:04:44 +02:00
d8c0235e05
remove logging from the Signal method
...
Kubernetes-commit: 6c88a62cb4c849e3844dcc3870073a1b5e05d301
2021-07-02 12:50:20 +02:00
3f407f0668
rename terminationSignals to lifecycleSignals
...
Kubernetes-commit: dae08bc3a735e50845af7cf639bdbb8971a2115a
2021-07-02 12:28:07 +02:00
71612b014d
move tracing instantiation further up, and check for nil
...
Kubernetes-commit: b0ffaa93f5c607325203f978c1ae685d6b64d053
2021-07-01 10:42:11 -07:00
5053bddd06
add tracing to the apiserver's client-go requests
...
Kubernetes-commit: 79d400c4416f903af604fb2cf07d2c34bb4b98f7
2021-06-26 09:16:32 -07:00
9ff2637133
adds metrics for authorization webhook
...
Kubernetes-commit: 4a2aef00d6dd2543b011aa7e5af28df598a0cd72
2021-03-17 16:30:40 +01:00
69433684ce
adds metrics for authentication webhook
...
Kubernetes-commit: 322c18c147da08dd2eea25ba3c2b9630a228cf5f
2021-02-23 08:39:25 +01:00
288c8d4acf
Updated to use konnectivity client v0.0.21, and implemented placeholder context
...
Kubernetes-commit: 21fd224ebdb17fbaafbb73a36a18aafcab6e4efa
2021-06-23 19:29:14 +00:00
4f3f9c7b9e
add unit test to verify graceful termination behavior
...
Kubernetes-commit: 913c449a42f13da758fca2740474bb33d3b65da8
2021-06-24 16:15:12 -04:00
c1c949723d
apiserver: NonBlockingRun should return a listener stopped channel
...
NonBlockingRun should also return a channel that gets closed when the
underlying http Server has stopped listening (during the graceful
shutdown period)
Kubernetes-commit: a84c1b71005930e8253c1348515020132c5c175b
2021-06-24 16:04:54 -04:00
5c1642946b
apiserver: refactor graceful termination logic
...
- refactor graceful termination logic so we can write unit tests
to assert on the expected behavior.
Kubernetes-commit: d85619030e3a5fec5960ad00136e8d9bd030b5f8
2021-06-24 15:51:38 -04:00
5927da0040
Add distributed tracing to the apiserver using OpenTelemetry
...
Kubernetes-commit: 79550ed40c67a70534c1cb697e1fb7e7dbf96335
2021-06-25 05:20:16 -07:00
feae5f3e79
Add config checking for inflight limits
...
When API Priority and Fairness is enabled, the inflight limits must
add up to something positive.
This rejects the configuration that prompted
https://github.com/kubernetes/kubernetes/issues/102885
Update help for max inflight flags
Kubernetes-commit: 0762f492c5b850471723a305cfa7390e44851145
2021-06-21 16:53:07 -04:00
5a7fb85083
deflake TestClientReceivedGOAWAY test
...
The test was flaking because the test was creating more connections
than expected.
Disabling connection pooling removes the flakes, and no more connections
are created that the necessary.
Kubernetes-commit: 4d11c3cd8cb18c1e246a7a6b8e9a791177c49d31
2021-06-18 00:38:02 +02:00
a08d7d5ddf
Make logged verbs match metric-reported verbs
...
Kubernetes-commit: 54fde5d119f8bb55aec18cb5aef01b6ea58dfea0
2021-06-16 17:08:54 -07:00
c2350dc583
Switch to github.com/coreos/go-systemd/v22 and drop older package
...
- We use the new v22 module released on May 10
- We drop the unmaintained `github.com/coreos/pkg`
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Kubernetes-commit: 7fcdbbef06d0bc8c4416db1d2cbba9f30d30e8c4
2021-06-16 11:14:02 -04:00
3c7f54740f
apf: add plumbing to estimate width" of a request
...
- add plumbing that allows us to estimated "width" of a request
- the default implementation returns 1 as the "width" of all
incoming requests, this is in keeping with the current behavior.
Kubernetes-commit: 9b72eb1929a64b9d5a5234090a631ba312fb4d41
2021-05-11 07:03:05 -04:00
f410577081
apiserver: close handler chain right after shutdown delay duration
...
Kubernetes-commit: de7e56bf37440ca6a4c634ede8abaf1315fe9de3
2021-06-07 18:13:24 -04:00
da18259e5b
hotfix(staging_apiserver_pkg_httplog): restore depth to log calls
...
/kind bug
This PR adds depth to logging which was removed when migrating to structured logging in the file
Ref #102353
```release-note
NONE
```
```docs
```
Kubernetes-commit: 5d4c1162b944ff34374313103d0555ac0b334a1d
2021-05-30 01:42:54 +02:00
9421ee44c4
apf: fix flake in test
...
Kubernetes-commit: 8847a25026711f51ae694fe8288e285a48e70675
2021-06-01 20:07:51 -04:00
84ac736f8e
Fix audit unit test file location
...
Kubernetes-commit: 91e5d98b572a74bf827a575559238cc0a4be6c57
2021-06-04 17:23:34 -04:00
9b71cff19c
Fix watch rejections in P&F filter
...
Kubernetes-commit: 8054b0f808d116658ac086e4b71fb34d1502cd57
2021-06-02 08:22:29 +02:00
d000916ae7
Address watch panics in P&F handler and extend testing.
...
Kubernetes-commit: d9d51541a87ec627160d7d6a1fcd4b357a0fa493
2021-05-27 14:49:54 +02:00
5290a24345
Implement support for watch initialization in P&F
...
Kubernetes-commit: 0cc217647ca8be0820973b970124a072c27b6575
2021-05-07 12:49:06 +02:00
489e43cad9
Add logging of filters to api calls logs
...
Kubernetes-commit: 7e01b7260ac5cc20c1fc236cae220857726dc330
2021-05-17 11:52:33 +00:00
1d2b77256f
adds a unit test for checking if graceful shutdown of HTTP2 server works
...
Kubernetes-commit: 373fc7d711a2fb39b7e94737b2b880feca596171
2020-12-11 13:12:46 +01:00
Stephen Augustus
Maciej Borsz
Abu Kashem
Antonio Ojea
Quan Tian
Jordan Liggitt
Alexi Kessler
wojtekt
Andrew Rynhard
Ryan Phillips
David Ashpole
Lukasz Szaszkiewicz
JD Nurme
Mike Spreitzer
Daniel Smith
Davanum Srinivas
AbdulBasitAlvi
Marcel Zięba