b0b043eda2
list the default enabled admission plugins
...
Kubernetes-commit: ee96a5638d21f0da111b1106a82976cc59bbbf67
2018-08-06 17:25:24 +08:00
4e7be504bf
Support pulling requestheader CA from extension-apiserver-authentication ConfigMap without client CA
...
This commit prevents extension API server from erroring out during bootstrap when the core
API server doesn't support certificate based authentication for it's clients i.e. client-ca isn't
present in extension-apiserver-authentication ConfigMap in kube-system.
This can happen in cluster setups where core API server uses Webhook token authentication.
Fixes: https://github.com/kubernetes/kubernetes/issues/65724
Kubernetes-commit: db828a44406efe09e2db91e6dc88d1292c9a29e1
2018-07-18 15:07:09 -07:00
b40373204e
use Audit v1 api and add it to some unit tests
...
Kubernetes-commit: 716dc87a1095027f9ab08ee59abfffab1d15ec29
2018-07-27 14:06:29 +08:00
300db50c66
fix apiserver pprof redirect bug
...
Kubernetes-commit: 981f2397815248e12663b01d6cc6d6d963012c95
2018-08-06 19:35:01 +08:00
42da2694e6
Autoset OpenAPI version w/o SecurityDefinitions
...
There's code to automatically populate OpenAPI info based on existing
generic apiserver config, but it only fires if securitydefinitions are
present. This doesn't make much sense, since this info is both required
and independent of security definitions, and there's no easy, generic
way to generate security definitions for an aggregated API server.
Kubernetes-commit: ef73bb684bcc4402f66160f254193d2690b80f11
2018-07-19 17:32:40 -04:00
0ba502e8f9
Handle errors
...
Kubernetes-commit: 5cab7f9a57dbbd6e2a181018aae523235843f77d
2018-07-17 20:29:55 +10:00
4c6f8fdc17
apiserver: make loopback logic in SecureServingOptions reusable
...
Kubernetes-commit: dc0a736d1ea924dfa35ece64cb59d551c2a0b51f
2018-07-04 17:08:23 +02:00
55957fdc66
apiserver: add SecureServingOptions.ExternalAddress
...
Before this the advertised IP (which shows up in the server cert) in case of
listening to loopback was the first host interface IP. This makes self-signed
certs non-constant, such that we cannot use fixtures.
Kubernetes-commit: c1c564fd4d21dd68ea14d7ea678d8619f47fe445
2018-07-06 12:32:01 +02:00
fa6b67b429
apiserver: use fixtures for self-signed certs in test server
...
Kubernetes-commit: 7deccb5b7a7c5224d3d90e1391dd22b2d1f1b9b9
2018-07-06 12:04:38 +02:00
9cfed8df8c
Convert TestServerRunWithSNI to subtests to isolate flake
...
This test is flaking - make it easier to pin down where and why by
converting to subtests and making cleanup logic easier. Also turn an
ignored listen error into a "fatal".
Make the test run in parallel to speed up individual runs and hopefully
flush out issues.
Kubernetes-commit: 09463975c379114ef9cd42d3c7efb6254b2c3b33
2018-07-09 21:32:15 -04:00
9fb7dcda85
kube-apiserver: fix tests which don't use tls yet
...
Kubernetes-commit: 6bb3aba23dfbfd8b145a33e9d1a461658bd60fc0
2018-07-06 19:20:45 +02:00
ad29bd83ae
kube-apiserver: disallow --secure-port 0
...
Kubernetes-commit: e15ac9eb72c4e105e7a3d84711e5a6056c0f6a48
2018-07-06 12:58:59 +02:00
25a00cd3c1
apiserver: get rid of ReadWritePort in config
...
Kubernetes-commit: e32f380fa5df4361894570787814d0459baada93
2018-07-04 17:01:49 +02:00
a2bfc0e5f0
apiextensions-apiserver: add pkg/cmd/server/testing pkg for integration bootstrapping
...
In analogy to kube-apiserver.
Kubernetes-commit: 42f1e81488d8599c6874e467fe39b91a23654886
2018-06-13 15:53:41 +02:00
5746122767
apiserver: don't create self-signed certs with disabled secure serving
...
Kubernetes-commit: 798535164ae11a7e3c036ed7793aa884942edc88
2018-07-04 19:09:26 +02:00
ea67b81061
use request.UserAgent()
...
Kubernetes-commit: 82003bd9acfd15011a205d938f622d9a9efcaf31
2018-07-03 16:56:15 +08:00
6c34ac4aa5
Add healthz check to ensure logging is not blocked
...
Kubernetes-commit: b7b4b84afe4405cde976ceeeccb62acecac1c4f0
2018-06-09 17:32:14 -04:00
900791d3ac
Add additional authorization check for create-on-update
...
Kubernetes-commit: cc5c17e554a4d8f802043b337ca0787ec0ce7475
2018-07-03 11:20:16 -07:00
47a9a6d77a
fix go import
...
Kubernetes-commit: 57393ec932398b6f53c6593421bfe0b12d445518
2018-06-01 14:05:44 +08:00
8fe5561ce7
[trivial] fix option help message.
...
s/andif/and if/
Kubernetes-commit: 42b93ab7244765dd744257a793b0b9c138146bb3
2018-06-13 09:07:34 +08:00
0f7bbcadfb
Add missing error handling in schema-related code
...
Kubernetes-commit: bfe313d5f351dfae086a85a97e7103183173e5b5
2018-06-03 14:59:58 +10:00
42319038f6
simplify httplog.LogOf
...
Kubernetes-commit: 1c5a0218ed6c1b283eb6d99d54a865d2ec99ec4b
2018-07-02 11:47:42 +08:00
a8cd668cfc
legacy api endpoints only support v1 ever
...
Kubernetes-commit: b063e9f85ee28233241ae4f9071a62ac6c9b499c
2018-06-22 08:58:32 -04:00
554c4f1986
Fix MaxAge default audit log option
...
Kubernetes-commit: 3dae49c6977526aba09dc070639ebc789b458411
2018-06-18 14:36:50 -07:00
65f0646df4
apiserver: add context to authn/authz kubeconfig errors
...
Kubernetes-commit: 99eda24de01c8b1b84b54cb763b540de35084ade
2018-06-14 15:30:25 +02:00
8d6d8aa36e
Use actual etcd client for /healthz/etcd checks
...
Kubernetes-commit: b39cd00982c1696d8ae8afc99931919894044ee2
2018-06-12 14:33:48 -04:00
b29c7b3192
Improve unit tests for InstallPathHandler
...
When adding InstallPathHandler it was suggested to follow-up with an improvement to the unit tests.
Kubernetes-commit: 1a0eb8c7b6fc0e07e8823d635db9b70f128dee4f
2018-05-21 11:09:13 -04:00
de5159703b
Modify LoopbackHostPort() so it returns an IPv6 Loopback address when given [::] address
...
Currently when LoopbackHostPort() is called with 0.0.0.0 and [::] it returns the first loopback
address returned from net.InterfaceAddrs() which is typically 127.0.0.1 (golang does not
specify an order that interfaces are returned). It would be more appropriate if when calling
LoopbackHostPort() with [::] that an IPv6 loopback address is returned, this prevents some cert.
generation failures.
Kubernetes-commit: 14a03dd646e992c06a3fdfb9bd60f58ef542066e
2018-05-22 11:03:47 -04:00
f0fd6a74c2
Support dynamicly set logging verbosity
...
Kubernetes-commit: 73a22b2e611647de04aa8d7fe910fd4657e6a9d8
2018-05-14 16:19:38 +08:00
fd93a41263
Remove some unnecessarily gendered pronouns in comments
...
Kubernetes-commit: ffeca161018fd6218532786876070a5fcfe96542
2018-05-25 17:48:17 -04:00
37be5e4c9f
Possible cipher suites values and tls versions in help for apiserver and kubelet
...
Kubernetes-commit: 3dfa22e3fd8c650789176b9f4a8e46ab43ef5ebf
2018-01-24 22:51:27 -05:00
f87486fed9
Expose openapi schema to handlers
...
Kubernetes-commit: dee088586a76b876c473418efba8190be7fa6b26
2018-05-24 09:55:19 -07:00
4645ab9a4c
Correctly identify types served in the kube-apiserver openapi doc
...
Kubernetes-commit: 43551e82081a1fa364879bd49e67095a3fc0926b
2018-05-22 19:29:00 -04:00
ee6252d015
Fix cyclic dependency of apiserver test for OpenAPI test
...
Kubernetes-commit: e979b1698779b49002c3cffca70b05059773603d
2018-02-06 04:10:18 -08:00
6a0cc50341
Add InstallPathHandler which allows for more then one path to be associated with health checking.
...
Currently it is only possible to have one group of checks which must all pass for the handler to report success.
Allowing multiple paths for these checks allows use of the same machinery for other kinds of checks, i.e. readiness.
Kubernetes-commit: 2082a0f42851c47620ce31f257dcb5536abae014
2018-05-10 16:21:39 -04:00
f38497678f
add checks validation MinRequestTimeout of ServerRunOptions
...
Kubernetes-commit: ba20be9911091f16bb3987815172b3a348754fc2
2018-04-26 16:02:31 +08:00
ba35c04ba6
sync: squashed up to merge f8386d5b0f6d1bf69f67b01c0854b4171bca0318 in e59ae29fbc8158503538faa3f6c7f07711a412e8
2018-05-11 14:52:34 +00:00
f9c5e9f3a1
should return error when has no RequestInfo
...
Kubernetes-commit: 483ce1b1f3caf16cfda20f16bf65742fc43cff79
2018-05-08 21:44:17 +08:00
c41d1d0993
simplify api registration
...
Kubernetes-commit: c5445d3c56e06ab366b9cca34bd69c5cc386ec47
2018-05-07 08:32:20 -04:00
b534ae405b
Don't panic is admission options is nil
...
Kubernetes-commit: bc04c091c3ca0320a6fa83ef35f891d21423afbb
2018-05-05 11:59:28 -07:00
b7f90743d0
remove rootscopedkinds from groupmeta
...
Kubernetes-commit: 8ae62517da5eff6d6bad21badfd39ee88463ad42
2018-04-30 13:27:01 -04:00
00386b3bb0
remove incorrect static restmapper
...
Kubernetes-commit: ef0d1ab81927214db80c30d5af491f67546d790b
2018-04-26 11:55:50 -04:00
d250da9d7f
remove self linker from group info
...
Kubernetes-commit: 22410d4b4c0478033d5f33d68303a60866e98ce1
2018-04-26 11:31:04 -04:00
0d65d340ea
remove versioning interface
...
Kubernetes-commit: e2fc5cf259463f896213afdef15d58ef9a91eb35
2018-04-25 10:55:17 -04:00
14e43f49d6
rest mappings cannot logically be object converters
...
Kubernetes-commit: 6900f8856f8cd9a6c94a156b9e4a9fee0c16f807
2018-04-24 18:31:41 -04:00
3fa442d40a
stop duplicating preferred version order
...
Kubernetes-commit: a89291a5dec0b63809b875e912b1563d50f86dba
2018-04-26 09:38:43 -04:00
bf8532c54e
remove KUBE_API_VERSIONS
...
Kubernetes-commit: a68c57155e728b2782408cbab88ecee0444a4ba8
2018-04-25 16:07:15 -04:00
3c79460222
Register Prometheus etcdmetrics only for apiserver
...
Removed automatic registration with `init` funciton and use `Register` function
to register metrics for etcd storage only when requested.
Kubernetes-commit: 40cf7880135b56e2d88a04d5fce08303b249eb34
2018-04-20 17:19:13 +03:00
b26d126ba9
core v1 API requires autoscaling/v1 to serve the Scale endpoint
...
Kubernetes-commit: 1a753659cfc973e900620bf1443178b6cdda27e0
2018-04-24 10:16:59 -04:00
88d943c0e6
eliminate indirection from type registration
...
Kubernetes-commit: e7fbbe0e3c91f34836b999e695aa133503cfdae5
2018-04-24 08:21:23 -04:00
Chao Wang
Tripathi
Cao Shufeng
hongjian.sun
Solly Ross
Mikhail Mazurskiy
Dr. Stefan Schimanski
Clayton Coleman
xuzhonghu
Jordan Liggitt
jennybuckley
David Eads
Tim Allclair
Jacob Tanenbaum
liz
Victor Garcia
mbohlool
hangaoshuai
Jeff Chan
fisherxu
tamal
Martin Vladev