15d93876c8
Wait for post-hooks to run before checking the healthz output
...
Kubernetes-commit: 8a2f709b35e750a40b12ccf287e279b1da0f07ec
2019-01-30 09:34:43 +01:00
cb1e16cec7
sync: squashed up to merge 1f7e9fd9a2b31ee21babef2cbdd18caeb8c14cdc in e72b32558c8e9ed16690ef5a8e909c12fcc47f87
2019-02-01 14:44:40 +00:00
123cf8011f
Remove alpha InitializerConfiguration types, Initializers admission plugin
...
Kubernetes-commit: dc1fa870bff65c20f48a83ea3af54adb3f526e28
2019-01-16 10:19:44 -05:00
35fe690052
remove deprecated openapi paths in favor of /openapi/v2
...
Kubernetes-commit: 52519ecb1cfd1b55995684520196dd71e1886754
2019-01-21 16:33:41 -05:00
db5a1882b5
apiserver: sync with https server shutdown to flush existing connections
...
Kubernetes-commit: 5b47f99164d76b6b043d7de2d3834abeda6685b0
2019-01-16 15:58:53 +01:00
e0406b8675
Change endpoints metrics to conform guideline
...
Kubernetes-commit: 88c4b644005c5f674e9d03abae7e1cccda4fd23e
2018-12-26 22:29:13 +08:00
3039935d60
adds dynamic audit integration test
...
Kubernetes-commit: d995047366153d86f0061b829ee4e7657f17996b
2018-10-16 16:17:33 -06:00
0550db794e
move logs into component-base
...
all the code changes to move move /apiserver/pkg/util/logs into /component-base/logs
Kubernetes-commit: ba81a5409affb6b861d5994c1e2f7c74a05826e5
2019-01-17 09:06:12 -05:00
1e20513561
fix typo and instead of amd
...
Kubernetes-commit: 3e83f0f08abab4c10dfab7053529709883c9b834
2018-10-30 01:27:50 +08:00
2109711572
Remove build/verify scripts for swagger 1.2 API docs, API server swagger ui / swagger 1.2 config
...
Kubernetes-commit: 9229399bd6049bc7766829b436d5cb5fe0dfe2f1
2019-01-15 10:44:36 -05:00
0202761ce2
Ensure we set a content-type for healthz
...
Change-Id: I453b1433c69bf26c28da873dbdd1ac25006b8d60
Co-Authored-By: Tim Allclair (St. Clair) <tallclair@google.com>
Kubernetes-commit: eedb70355ad59f9d7054dba198a8352554274e0a
2019-01-03 10:05:58 -05:00
9c474d9c53
require timeout to be greater than zero.
...
add unit test to cover timeout behaviour.
Kubernetes-commit: 39aca564749cd92ed1cfec7129eb3f6593549137
2019-01-04 17:06:07 -08:00
d9414ee2ab
Expose kms timeout value via encryption config.
...
Kubernetes-commit: a4dc53cfeb91ee07cedcc6959e88e30cb0c3cca8
2019-01-03 14:26:57 -08:00
efb664a483
kube-apiserver: add e2e graceful shutdown integration test
...
Kubernetes-commit: a2e19f1228b365f17401b1e958a6bb684e65fd65
2018-12-19 12:42:22 +01:00
12d1c63697
apiserver: check that request fail after shutdown
...
Kubernetes-commit: c0d8ad1578efe52df3ca6bc57a90a623d1d2e482
2018-12-19 12:41:58 +01:00
b87560e3bd
Log Health Check failure at Verbosity Level - 4
...
Our default recommendation as well as our CI default is 4, so we should
be able to see the health check errors at the same level 4 itself.
Change-Id: I388f945d3522d1f63f0a85f35e765c2d4f2c548a
Kubernetes-commit: 3d6b3857b29b9c738f258344781ce4a9b40b9a0b
2019-01-06 21:32:57 -05:00
e2884e1186
Revert "Generate Stack Traces for http response with status code zero"
...
Does not help with the bug investigation. the http server is designed to
panic when the http status code is `0`.
This reverts commit 72792d59f46f822cf360e797d886e582a6a2dc60.
Kubernetes-commit: 85ae15621af1d71caf5d0bac2299d17ec1020664
2019-01-04 15:26:07 -05:00
fe4a2dbfb0
preserve behavior of ignoring invalid --runtime-config keys and api/all=false
...
Kubernetes-commit: fc3fca2857a18464cfff8aff5f9e4b062f293ac5
2019-01-04 13:50:21 -05:00
1702e95788
fix typo in warning advice for permissions
...
Kubernetes-commit: 1105e4e0d1c0e78e2a203a136e9f8bcaff5c36ab
2019-01-04 09:58:06 -05:00
e16a86073e
add a content-type filter to apiserver filters to autoset nosniff
...
Kubernetes-commit: d0532bdb9ab40e06ee0702481f623d5054c8831a
2019-01-04 14:06:46 -08:00
2b1eeee742
Generate Stack Traces for http response with status code zero
...
When we spit out a http reponse with a `0` http status code we
should log a trace back so we can easily find where things went wrong.
Change-Id: Ic2aadec3a3de85fbdf64da66d6d12e3c631f409d
Kubernetes-commit: 72792d59f46f822cf360e797d886e582a6a2dc60
2019-01-03 16:52:36 -05:00
7d47897b55
apiserver: separate transport setting from storagebackend.Config
...
Kubernetes-commit: 7b242533a217bd809e2c846c3e3fadf7bf6edee8
2018-09-12 10:59:01 +02:00
837d33c6f5
Allow enabling/disabling specific extensions/v1beta1 resources
...
Kubernetes-commit: e016e132f519dbfb63ce09f6084d6dd64617f615
2018-12-20 13:08:14 -05:00
7b0f961e27
Remove uses of extensions/v1beta1 clients
...
Kubernetes-commit: fd9e9b01b1c79c47c7edb4980468f2675daebf27
2018-12-19 11:18:53 -05:00
a3f2a871b3
Surface help for insecure ports to explain how to disable
...
Kubernetes-commit: 819b502768034b8104904cd7031db8c4838f900a
2018-11-30 10:52:37 -05:00
232ebfaeaf
Allow kube-scheduler to tolerate cluster auth config lookup failure
...
Kubernetes-commit: 416e11421590838f0022242bff1db10da595b074
2018-12-05 13:51:06 -05:00
b4ca200ede
apiserver: add component label to request metrics
...
Kubernetes-commit: 7190b17e5a52a7c0673c2e8a30cbe95f2847a6df
2018-11-29 16:30:15 +01:00
cc459864cf
remove duplicate word
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
Kubernetes-commit: b32bd6e812138faa218a0ab906989fdca27843a2
2018-12-03 19:24:45 +08:00
d294e6b5b4
Update non-test code to use DefaultMutableFeatureGate
...
Kubernetes-commit: d440ecdd3b41a4fc4a207195e1bb976422d6d35e
2018-11-20 23:59:52 -05:00
ee7fb67d6e
Clarified syntax doc on --watch-cache-sizes
...
Noted that group must be omitted for resources of apiVersion v1 (the
legacy core API) and included for others.
Fixes #65393
Kubernetes-commit: fc20359fed5e3d0e89a60653b9b0d638d4d757d8
2018-11-12 14:45:45 -05:00
e485f8578d
kubeapiserver: rename '--experimental-encryption-provider-config' to '--encryption-provider-config'.
...
This change renames the '--experimental-encryption-provider-config'
flag to '--encryption-provider-config'. The old flag is accepted but
generates a warning.
In 1.14, we will drop support for '--experimental-encryption-provider-config'
entirely.
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
Kubernetes-commit: 21c1bb883081b13244002271bccc9cf119d4db4f
2018-03-23 14:16:04 +03:00
877329b0f3
Add option to k8s apiserver to reject incoming requests upon audit failure
...
Kubernetes-commit: 7a10f4eda725f55bec9893eb1c03f2402dbcd32f
2018-07-03 14:40:55 +02:00
a7180e74a2
Revert "Merge pull request #67205 from roycaihw/crd-openapi-spec"
...
This reverts commit 54ee58b2d613c636f972312ca80357563292b57d, reversing
changes made to 9e2820e4c9541a7718e9d5b7a0ee62429552023a.
Kubernetes-commit: 8799eb4e2e12e5d144871a35c6288b8433a74c9b
2018-11-16 16:36:24 -05:00
e2bc8e4617
Introduce kubeapiserver.config.k8s.io/v1 with EncryptionConfiguration and use a standard method for parsing config file.
...
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
Kubernetes-commit: c21cb548e6c7d4ab019fce8a35c9b99c035c2071
2018-05-02 18:21:38 +02:00
f78d7e624c
fix a description error in DynamicAuditing feature
...
Kubernetes-commit: 84aa00c03df00eade6615ca009fa9b2943a98b8c
2018-11-17 01:49:02 +08:00
3c9d1f5b21
Apiextensions-apiserver aggregates CRD schemas
...
efficiently without checking conflicts, and wire up CRD discovery
controller to serve OpenAPI spec.
Kubernetes-commit: 3222a7033cf9128b76c0677887f4e383821d0475
2018-11-15 11:02:11 -08:00
bb8c155568
apiserver: preserve stack trace in handler panic beyond timeout handler
...
Kubernetes-commit: 96fd0482f41ff34ef7d9b7de07ded38152a35141
2018-11-15 09:56:49 +01:00
0837aa9e3a
apiserver: in timeout_test separate out handler
...
Kubernetes-commit: e43e5e2e4547c7cfb50190d67556352ef0aee9e8
2018-11-15 09:26:02 +01:00
7cc3f112fb
Build OpenAPI Definitions per group instead of per resource
...
Kubernetes-commit: 758e8623e9b08065f053bedf4474626696b6346c
2018-11-14 12:50:02 -08:00
9fd62b6f47
adds dynamic audit configuration
...
Kubernetes-commit: eb89d3dddd3792b0a6cd724e64bbbc11d6c15380
2018-10-18 21:34:17 -05:00
f61020971c
add ability to exclude health checks from failing healthz by passing in a query param
...
Kubernetes-commit: f1f1bc83fd07450a191ecf94b945f1b772d1dc7c
2018-11-12 16:17:36 -08:00
2710b17b80
Move from glog to klog
...
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
* github.com/kubernetes/repo-infra
* k8s.io/gengo/
* k8s.io/kube-openapi/
* github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods
Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
2018-11-09 13:49:10 -05:00
85a1725c91
fix healthz checkerNames test so that it tests against the expected output
...
Kubernetes-commit: 0623f630ab37ad75961bf836195e190e6bcf560e
2018-11-07 09:26:11 -08:00
631dda550e
kube-scheduler: enable secure ports 10259
...
Kubernetes-commit: cb95edafe8bf4f294beb53d0a7bc04d62584577c
2018-09-05 16:42:16 +08:00
032ec9d79b
Switch to sigs.k8s.io/yaml from ghodss/yaml
...
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
Kubernetes-commit: 43f523d405b012fa8d90dd95b667f520e036f6bc
2018-11-02 16:41:57 -04:00
257a06e88a
add With method for allowed URL options on delegated authorization
...
Kubernetes-commit: 77b56ec9e36dd721c341ce838d608e8af10ce51f
2018-11-06 10:44:29 -05:00
136e478e9f
encryption-at-rest approvers/reviewers
...
Kubernetes-commit: 666c93a8343029a499ea64de8a6d09596097ccb3
2018-11-02 17:38:17 -04:00
83c8e657ed
allow delegated authorization to have privileged groups
...
Kubernetes-commit: 0b70b7a7c975589f7019e5017c334cf0ee6b819f
2018-11-05 16:23:20 -05:00
f8fa426bd3
Use `audit.k8s.io/v1` as default value of option --audit-webhook-version and --audit-log-version in release 1.13
...
Kubernetes-commit: 9671a035f7e7308ac804b4637af19bac2ecce0f4
2018-10-31 17:22:37 +08:00
1692373df9
move audience context functions to authenticator package
...
Kubernetes-commit: 817cf70191b73d1ee9f4e7af83089e5854e5131d
2018-10-31 14:50:11 -07:00
Michal Fojtik