kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,550 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6550 Commits

Author SHA1 Message Date
Kubernetes Publisher c2c9868096 Merge pull request #116033 from chengjoey/fix/apiserver-metrics 
fix apiserver metrics `RecordsWatchCacheCapacityChange` use watchCacheCapacity as increase total

Kubernetes-commit: 8cd421163050d6416357d9f6cf860495b067682d
 2023-03-01 17:14:35 +00:00
Kubernetes Publisher 11b18674b8 Merge pull request #116140 from dashpole/fix_nobody_tracing 
Update otelhttp dependency to v0.35.1

Kubernetes-commit: f22060cda6018fa8fbb146036282bb3dcf5c84cf
 2023-03-01 01:47:02 +00:00
Kubernetes Publisher be82586c9a Merge pull request #116128 from wojtek-t/event_metrics 
Add metrics for number of events received from etcd

Kubernetes-commit: a683997964b36c787abff6511a4877da87ff28f6
 2023-03-01 01:46:59 +00:00
David Ashpole 364555b5c9 update otelhttp to v0.35.1 
Kubernetes-commit: e0d44fd2165881aae8ca7f6ab44bc672509e3c4e
 2023-02-28 17:52:30 +00:00
Antonio Ojea 33153a1931 cacher allow context cancellation if not ready (#116024) 
* cacher allow context cancellation if not ready

Replace the sync.Cond variable with a channel so we can use the
context cancellation signal.

Co-authored-by: Wojciech Tyczy<C5><84>ski <wojtekt@google.com>
Change-Id: I2f75313a6337feee440ece4c1e873c32a12560dd

* wait again on pending state

Change-Id: I1ad79253a5a5d56a4d9611125825b1f7ad552be8

---------

Co-authored-by: Wojciech Tyczy<C5><84>ski <wojtekt@google.com>

Kubernetes-commit: 3b17aece1fa492e98aa82b948597b3641961195f
 2023-02-28 11:23:16 +00:00
Kubernetes Publisher a5d1ee28dd Merge pull request #115918 from yt2985/genericWatch 
Partition watchers by namespace/name scope

Kubernetes-commit: f2fdda8667228b357880ed353e494baabc902681
 2023-02-28 13:13:14 +00:00
Wojciech Tyczyński 2df16457e7 Add metrics for number of events received from etcd 
Kubernetes-commit: 85359d74ed0fe2cdb8e2d41cb5a3b501a2c20ed8
 2023-02-28 11:16:13 +01:00
Kubernetes Publisher 3a9f1f4bf0 Merge pull request #102884 from vinaykul/restart-free-pod-vertical-scaling 
In-place Pod Vertical Scaling feature

Kubernetes-commit: b9fd1802ba0aec68508b4e9eec00819008a79370
 2023-02-28 09:20:51 +00:00
Kubernetes Publisher cc8235f046 Merge pull request #114925 from tkashem/watch-termination 
apiserver: terminate watch with rate limiting during shutdown

Kubernetes-commit: a16fd5467ea2cff38fde10a3659bb67b2a1161bb
 2023-02-27 21:13:52 +00:00
Alex Zielenski 298fff883b Revert "Revert "Merge pull request #115324 from alexzielenski/apiserver/smd/use-openapiv3" 
Kubernetes-commit: 7b004c4568176c4ccb2fd0dcde6cc10fc3739fd1
 2023-02-27 12:22:29 -08:00
Kubernetes Publisher d7f6a50acf Merge pull request #116070 from aramase/aramase/f/kms-pkg/util 
[KMS] move util from envelope to kms package

Kubernetes-commit: 0e077bb7ac898555b7bb968fee8115aa738bde34
 2023-02-27 05:13:52 +00:00
Kubernetes Publisher 7365b6e41c Merge pull request #116055 from aramase/aramase/f/kubernetes#111923 
[KMSv2] log request metadata as part of read/write

Kubernetes-commit: 53b8170b97e0bb3c92bbb7bcf7d974e2575964e9
 2023-02-27 05:13:49 +00:00
Anish Ramasekar 21158bb0b9 [KMS] move util from envelope to kms package 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 1f98b49bf3baf14bd2ed2ef098b90e214e5ada27
 2023-02-27 00:37:48 +00:00
Kubernetes Publisher 6316d3000c Merge pull request #116062 from liggitt/revert-field-manager 
Revert "Merge pull request #115324 from alexzielenski/apiserver/smd/use-openapiv3

Kubernetes-commit: b670d1ba7c4b714d2515aa050ad32c1a90ae74d2
 2023-02-25 15:38:17 -08:00
Jordan Liggitt 870a2c4b33 Revert "Merge pull request #115324 from alexzielenski/apiserver/smd/use-openapiv3" 
This reverts commit 7efa62dfdf96890f7f3cf95d957c7561e09055c4, reversing
changes made to c48a7971e35a56cc2c996e174e3f76e9d2e82eaa.

Kubernetes-commit: 6165a12c718936a8edcc5b7e1a2e6b0f5d6e279e
 2023-02-25 16:14:23 -05:00
Kubernetes Publisher bd79527eaa Merge pull request #115324 from alexzielenski/apiserver/smd/use-openapiv3 
update SSA to use OpenAPIV3 for builtin and CRD models

Kubernetes-commit: 7efa62dfdf96890f7f3cf95d957c7561e09055c4
 2023-02-25 05:13:36 +00:00
Kubernetes Publisher 2e474648dc Merge pull request #116053 from aramase/aramase/c/rm_dek_interarrival_kmsv2 
[KMSv2] remove setting `dek_cache_inter_arrival_time_seconds` for KMSv2 only

Kubernetes-commit: c48a7971e35a56cc2c996e174e3f76e9d2e82eaa
 2023-02-25 05:13:34 +00:00
Anish Ramasekar 425dee8b06 [KMSv2] remove setting `dek_cache_inter_arrival_time_seconds` for KMSv2 only 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 0e06d09676ff04a909db7182c3bb32418e3c5404
 2023-02-24 23:23:40 +00:00
Anish Ramasekar 199668aff6 [KMSv2] log request metadata as part of read/write 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: e40b3cf54eb2feee738da73bdf1de40bd5cba441
 2023-02-24 23:06:30 +00:00
Monis Khan 254de03ce9 kmsv2: re-use DEK while key ID is unchanged 
This change updates KMS v2 to not create a new DEK for every
encryption.  Instead, we re-use the DEK while the key ID is stable.

Specifically:

We no longer use a random 12 byte nonce per encryption.  Instead, we
use both a random 4 byte nonce and an 8 byte nonce set via an atomic
counter.  Since each DEK is randomly generated and never re-used,
the combination of DEK and counter are always unique.  Thus there
can never be a nonce collision.  AES GCM strongly encourages the use
of a 12 byte nonce, hence the additional 4 byte random nonce.  We
could leave those 4 bytes set to all zeros, but there is no harm in
setting them to random data (it may help in some edge cases such as
live VM migration).

If the plugin is not healthy, the last DEK will be used for
encryption for up to three minutes (there is no difference on the
behavior of reads which have always used the DEK cache).  This will
reduce the impact of a short plugin outage while making it easy to
perform storage migration after a key ID change (i.e. simply wait
ten minutes after the key ID change before starting the migration).

The DEK rotation cycle is performed in sync with the KMS v2 status
poll thus we always have the correct information to determine if a
read is stale in regards to storage migration.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 832d6f0e19f13b9dd22b1fe9d705817e9e64f4f1
 2023-02-24 16:51:08 -05:00
Kubernetes Publisher 64fd31116a Merge pull request #115666 from wojtek-t/refactor_delete_collection 
Minor refactor of DeleteCollection in preparation for pagination support there

Kubernetes-commit: 67f4f9ad5a3d8653b63652774442a09e7780b78b
 2023-02-24 21:13:39 +00:00
Monis Khan 3bc72d5b27 no-op: drop baseTransformerFunc indirection 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 346f39e18b0dd7aa45441de636cce5708e34a6db
 2023-02-24 12:39:14 -05:00
Kubernetes Publisher 1ccf3e9365 Merge pull request #114656 from wojtek-t/generalize_cacher_tests_4 
Reuse generic Watch test for watchcache

Kubernetes-commit: a8e7572a7b4efc434faf0986be7d2772493cfaf5
 2023-02-24 17:15:55 +00:00
Kubernetes Publisher 2a34a68a42 Merge pull request #116037 from wojtek-t/move_cache_watcher 
Split cacheWatcher into its own file

Kubernetes-commit: e8662a46dd27db774ec953dae15f93ae2d1a68c8
 2023-02-24 13:13:24 +00:00
Wojciech Tyczyński a80b028565 Split cacheWatcher into its own file 
Kubernetes-commit: a53704911047b87d0960cabab7889ce92f48b79e
 2023-02-24 11:59:01 +01:00
joey ea272f4038 fix apiserver metrics `RecordsWatchCacheCapacityChange` use watchCache as increase total 
if old less than new, Inc function should be called for `watchCacheCapacityIncreaseTotal` instead of `watchCacheCapacity`

Signed-off-by: joey <zchengjoey@gmail.com>

Kubernetes-commit: 96b9531f3e3f489e47493297987eee14d2a08855
 2023-02-24 16:02:35 +08:00
Kubernetes Publisher e05e3e20fa Merge pull request #115794 from MadhavJivrajani/remove-test-list-deprecated 
storage: Get rid of TestListDeprecated

Kubernetes-commit: 7ab7af711188471cca575e6cbb15328c4dc347b0
 2023-02-23 17:13:46 +00:00
Kubernetes Publisher a321fbfdd1 Merge pull request #115947 from aramase/aramase/f/kmsv2/grpc-metrics-bucket 
[KMSv2] update `kms_operations_latency_seconds` metric bucket range

Kubernetes-commit: 7e40d6d04ef8078772d2fa810b1ba925c9d8ace7
 2023-02-22 04:47:57 -08:00
Anish Ramasekar 313d6aca12 [KMSv2] update `kms_operations_latency_seconds` metric bucket range 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: ac1c8aaed1b11bd7cbdb10b2de9778336c3ddcba
 2023-02-22 07:08:22 +00:00
Kubernetes Publisher c4f8423d94 Merge pull request #115633 from TommyStarK/unit-tests/staging-apiserver-util-proxy 
apiserver/util/proxy: Improving test coverage

Kubernetes-commit: 96312d711ee18dda418fe8fe54086cfeef88a1d2
 2023-02-22 05:13:25 +00:00
Kubernetes Publisher 07630bb938 Merge pull request #115938 from aramase/aramase/f/organize-kms-pkg 
[KMSv2] restructure kms staging dir

Kubernetes-commit: 403a46037df29d08b4aaf1043345bf75feba77b1
 2023-02-22 05:13:23 +00:00
Kubernetes Publisher 83c4b5b2c6 Merge pull request #115686 from tkashem/apf-test-fix 
apiserver: fix APF tests, use T functions on the test goroutine

Kubernetes-commit: 59ec35eb2dbfa92cb1466d8c5a7c0796dfd1eed0
 2023-02-22 05:13:21 +00:00
Kubernetes Publisher 05a27f2d63 Merge pull request #115846 from ritazh/kmsv2-metrics-invalidkeyid 
kmsv2: add metrics for invalid_key_id_from_status_total

Kubernetes-commit: 33c1a542fbfeeeceb5d2e7a862d1b76f4bfe047d
 2023-02-22 01:21:27 +00:00
Kubernetes Publisher ed91d5c6ab Merge pull request #115628 from alombarte/patch-1 
getHost and getHostname have documentation swapped for IPv6

Kubernetes-commit: be3cf12d795794c4fbf4c54b91349c1e1d8258b1
 2023-02-22 01:21:25 +00:00
Anish Ramasekar e8322225ee [KMSv2] restructure kms staging dir 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: c9b8ad6a55aaf7d95ce6fbc06ec4afba905e86c0
 2023-02-21 19:49:09 +00:00
Monis Khan 6ab879299d token/cache: use go 1.20's approach for no-copy string/bytes conversions 
Note that this fixes a bug in the existing `toBytes` implementation
which does not correctly set the capacity on the returned slice.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: aa80f8fb856bb2b645c90457f9b1dd75e4e57c73
 2023-02-21 12:24:21 -05:00
Kubernetes Publisher b587e7ba77 Merge pull request #115096 from MadhavJivrajani/unset-rv-watch-semantics 
cacher: Fix watch behaviour for unset RV

Kubernetes-commit: 70f337c0d5303078a325c63216345ae84475aa69
 2023-02-21 13:13:21 +00:00
Max Goltzsche a26475dd35 bump go-jose to v2.6.0 
Update go-jose from v2.2.2 to v2.6.0.
This is to make the kubernetes code compatible with newer go-jose versions that have a small breaking change (`jwt.NewNumericDate()` returns a pointer).

Signed-off-by: Max Goltzsche <max.goltzsche@gmail.com>

Kubernetes-commit: df8fa2eab523abc9c2b70c4916de1d57b159531d
 2023-02-20 00:19:33 +01:00
Kubernetes Publisher 70904f2f4c Merge pull request #113312 from jiahuif-forks/feature/cel/builtins 
OpenAPI-based CEL type library

Kubernetes-commit: 70b2e4aa3ee16f8443cebd802d847e15e68f91c9
 2023-02-18 09:12:32 +00:00
Kubernetes Publisher 6865d38156 Merge pull request #112393 from borgerli/apf-pl-dump 
APF: two improvements when dumping priority levels

Kubernetes-commit: e55f2a9b54e0f6bd9ed12e50752d7d2545ab0cab
 2023-02-17 05:12:46 +00:00
Kubernetes Publisher 5741140c0b Merge pull request #113263 from andrewsykim/fix-flaky-flowcontrol-queueset-test 
[Flaky test] fix floating point precision error in TestDifferentWidths

Kubernetes-commit: 7d681c96a3bce144ad9fe7dba466f79ef1bb6f62
 2023-02-16 21:20:46 +00:00
Kubernetes Publisher 062f1cebb4 Merge pull request #115604 from pacoxu/fix-design-proposals-links 
old design proposals are now moved to Design Proposals Archive repo

Kubernetes-commit: ffe410bbb4e43ba7b7ceaec379709575e817d866
 2023-02-16 21:20:44 +00:00
Rita Zhang 8ef5a288d6 kmsv2: add metrics for invalid_key_id_from_status_total 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: 5292542b72df0665fb73bb0060fe73553dbf9b05
 2023-02-16 11:56:31 -08:00
Kubernetes Publisher 2ddc1bb121 Merge pull request #114201 from Octopusjust/k8s-pr20 
change unnecessary `switch` to `if` in metrics.go

Kubernetes-commit: 9269aaada269ef1d793bd89bde633a79bae201f5
 2023-02-16 07:21:38 -08:00
Paco Xu f4e378eb7b API docs: point to current docs instead of archived designs 
Kubernetes-commit: 3d536bd14bba0586f20d1d96560073e5d9e82f97
 2023-02-16 15:29:56 +08:00
Igor Velichkovich 0b1f199d07 refactor admission cel validator and compiler to be reusable 
Kubernetes-commit: e96ef311872ee6429a54e4580528717238a6816b
 2023-02-15 16:08:59 -06:00
Madhav Jivrajani abbe297fc8 storage: Get rid of TestListDeprecated 
This commit extends the test cases of RunTestList
to include the things tested by TestListDeprecated
and subsequently deletes the test.

This additionally adds a test case for checking that
the list return the modified version of an object.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>

Kubernetes-commit: 7474d9b719619caa356dfb71a06482f33b3ed1ce
 2023-02-15 16:54:10 +05:30
Madhav Jivrajani 5544d5836e storage/testing: Use Int64 method for pointers 
Int64Ptr is now deprecated.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>

Kubernetes-commit: 1d639085eeef74ee7582a8944154a18f58d13a7b
 2023-02-15 15:21:42 +05:30
Li Bo 193a91e8ec refine code 
Kubernetes-commit: 2d98d2412a153154396c7089fbe355a56e8a2329
 2023-02-14 15:10:54 +08:00
Cici Huang c4a92f1b65 Apply resource constraints to ValidatingAdmissionPolicy. 
Kubernetes-commit: 244c63a2e6c8d859be8f4c6c23fbe1263dbfab0a
 2023-02-14 06:37:57 +00:00